New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Authentication for serverside blazor #1554

Closed
floreseken opened this Issue Oct 12, 2018 · 10 comments

Comments

Projects
None yet
6 participants
@floreseken

floreseken commented Oct 12, 2018

I've read this: #1449
and this: #698

And still have some questions.
The last option (of 1449) kind of defeats the purpose of SS blazor in my opinion. This way you are losing lots of the benefits. (creating a API surface and client), but that will work.

And the first option can only be used to control access to the whole application, right? Not to identify users in the components code.

For instance, I would like to be able to use:

Thread.CurrentPrincipal

in my components, but enabling authentication(in the server part) does not provide this (always null). I kind of understand why.. the SignalR stuff bypasses everything of the default stack, and provides no auth bearer or something, I guess?

In my opinion being able to use a principal in serverside blazor essential for enterprise applications.
Am I missing something? Or is this not possible yet? And is my scenario covered by 698?

Thanks

@floreseken floreseken changed the title from Authenication for serverside blazor to Authentication for serverside blazor Oct 12, 2018

@cores-system

This comment has been minimized.

Contributor

cores-system commented Oct 12, 2018

@floreseken, You can use IHttpContextAccessor to send the current HttpContext to blazor.Client.

@cores-system

This comment has been minimized.

Contributor

cores-system commented Oct 12, 2018

blazor.Sever to Startup.cs

public void ConfigureServices(IServiceCollection services)
{
    services.AddServerSideBlazor<Client.Startup>();
	
    // HttpContextAccessor
    services.AddHttpContextAccessor();
    services.AddScoped<HttpContextAccessor>();
}

blazor.Shared

public class HttpContextAccessor
{
    private readonly IHttpContextAccessor _httpContextAccessor;

    public HttpContextAccessor(IHttpContextAccessor httpContextAccessor)
    {
        _httpContextAccessor = httpContextAccessor;
    }

    public HttpContext Context => _httpContextAccessor.HttpContext;
}

blazor.Client to App.cshtml

@inject blazor.Shared.HttpContextAccessor HttpContext
<Router AppAssembly=typeof(Program).Assembly />

@functions 
{      
    protected override void OnInit()
    {
        HttpContext.Context.Request.Cookies.**
		
        // Or data passed through middleware in blazor.Server
        HttpContext.Context.Features.Get<T>()
    }
}
@cores-system

This comment has been minimized.

Contributor

cores-system commented Oct 12, 2018

1) In blazor.Shared you will need to add the package Microsoft.AspNetCore.Http via nuget
2) @inject HttpContextAccessor HttpContext can be used in any .cshtml or .cs file blazor.Client

@ADefWebserver

This comment has been minimized.

ADefWebserver commented Oct 12, 2018

Also see a GitHub example at: https://github.com/SQL-MisterMagoo/BlazorTest

@carlosalcantara2668

This comment has been minimized.

carlosalcantara2668 commented Oct 13, 2018

it worked for me !!!

@carlosalcantara2668

This comment has been minimized.

carlosalcantara2668 commented Oct 13, 2018

@cores-system , @floreseken ,
it worked for me !!!,
I have access to all the methods of the object.

@cores-system

This comment has been minimized.

Contributor

cores-system commented Oct 13, 2018

@carlosalcantara2668, I'm glad I helped )

@roboriaan

This comment has been minimized.

roboriaan commented Oct 15, 2018

I was wondering if it would be possible to use [Authorize] in Blazor 0.6.0 Server-side. Something like :

In FetchData.cshtml

@using RC.App.Services
**@[Authorize]**
@page "/fetchdata"
@inject WeatherForecastService ForecastService

Thanks for the great .net core stuff guys!

@danroth27

This comment has been minimized.

Member

danroth27 commented Oct 15, 2018

I think we have several issues open at this point tracking the need for guidance and support for authentication and authorization, so I'm going to close this one as a duplicate of #64.

@ADefWebserver

This comment has been minimized.

ADefWebserver commented Nov 4, 2018

I created a sample and a Blog post using the code provided above: A Demonstration of Simple Server-side Blazor Cookie Authentication

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment