Open Closed

Blazor Server - Force Authentication For Root / Entire Site #5206


User avatar
0
adam-dot-cohen created
  • ABP Framework version: v7.2.1
  • UI type: Blazor Server
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): Tiered, separate OpenIddict server

How do you force authentication for the root of a blazor server project? Presently, the following display the header and navigation side menu before redirecting to Account/Login...

How do you force authentication for the root of a blazor server project? Presently, the following display the header and navigation side menu before redirecting to Account/Login...

Index.cshtml

OR

_Imports.razor

STEPS TO REPRODUCE

  1. Generate a fresh template
  2. Run the Blazor server project

RESULT

DESIRED RESULT

Please credit my account back for this question as it got locked... https://support.abp.io/QA/Questions/5123/Blazor-Server---Force-Authentication-For-Root--Entire-Site


3 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    It works for me:

    Steps:

    • abp new Qa -u blazor-server
    • Add @attribute [Authorize] to _Imports.razor

    Please credit my account back for this question as it got locked...

    Ok, we have a bot to close&lock if the question is inactive.

  • User Avatar
    0
    adam-dot-cohen created

    Thanks for your response. As I mentioned in my original question, I tried that adding the [Authorize] attribute to _Imports.razor and got the same behavior seed in the animate GIF you provided. Prior to the redirect to the authentication page, the menu and navigation load from the Layout page. The requirement I have is to secure / authorize all content on the site. If the page loads without secure content prior to redirecting, it's not secure.

    Please help! Thanks!

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    You can try :

    app.UseAuthentication(); // Add under `UseAuthentication`
    app.Use(async (httpContext, next) =>
    {
        if (!httpContext.Request.Path.ToString().Contains("account/login"))
        {
            if (httpContext.User.Identity is not { IsAuthenticated: true })
            {
                httpContext.Response.Redirect("/account/login");
                return;
            }
        }
        
    
        await next();
    });
    
Made with ❤️ on ABP v9.1.0-preview. Updated on December 12, 2024, 07:15