Hello! I have some question, I can see that Microsoft.AspNetCore.Identity package is deprecated. Can we still use it or should we replace it with something?
is a very good course , i have a few questions : 1- when you are debuging you are using just a direction "Identity/Account/Register" but in the project we have "Areas/Identity/Pages/Account/Register". 2- What is not existing in the Blazor Server tutorial , is Authentication and Autorization using SQL Server and see the connection, Tables , User Profils (Admin, Profil1, Profil2. 3- the other thing is we need RTL in Blazor Thanks a lot
1. As the title implies, in this video I have implemented authentication from scratch, so not relying on the scaffolded files. Therefore the structure is different. What you give as an example seems to be the default Microsoft.AspNetCore.Identity structure. 2. I'm not sure what you refer to. In this video we use SQL for authentication and authorization. 3. I'm not sure I can help with that :)
I love your videos. Very explainatory and detailed. I often find a lot of videos to be a little too much 'thats not important right now' and 'we are doing it as easy as possible' leaving me wondering how to actually implement the things I am trying to learn properly in an application that is supposed to be scalable. Your videos however, give me the right toolset to find an implementation that suits my needs.
When setting up ViewImports for your razor pages, you inadvertently typed BlazorAuthYT with a capital T instead of lower case t. I believe that’s why it asked for fully qualified name.
Hi! I get this error: "InvalidOperationException: The ConnectionString property has not been initialized." for this line:"var result = await _userManager.CreateAsync(identity, Input.Password);" I have the same code as you and I dont know why i got this error. What could be this?
How can I do this without Entity Framework? I have my own user table and prefer to use my own queries and custom user. I can't seem to get this working without EF.
That's possible, nut it requires some work and understanding. You need to implement your own providers: learn.microsoft.com/en-us/aspnet/core/security/authentication/identity-custom-storage-providers?view=aspnetcore-7.0
This video was very helpful thank you!!! I was wondering what steps I would take if I wanted to set this up with MongoDB instead to handle users. Thanks!
is the database created automatically? i followed this video and httpcontext one, and in the end, i got an error 208 object not found - "aspnetusers". I figure i have to create a database and tables manually?
I have created the database beforehand. If you inerit from IdentityDbContext and provide a connection string you need to first add migrations and then update the database. You don't need to write any code. The migrations for the identity users are part of Microsoft.AspNetCore.Identity.
If I use Blazor components in a MVC Core application that uses session to store some user information, how to access to those values from the Blazor Server component rendered inside MVC view?
The user table is created in this case by Microsoft.AspNetCore.Identity. The connection to SQL is done via a connection string. Regular ASP.NET Core stuff.
When you scaffold Identity, it adds a lot of stuff for you, it also hides a lot of stufss form U, lol! So true after digging all around for how to get this to work.
Brilliant video thanks! I was just wondering, using this method of authentication, can you set custom claims in the claims principal when signing the user in? thanks :)
Amazing breakdown and really very helpful and getting me closer to build what I need One example that I couldn't find anywhere on the internet or not really clear example is a mix between user Authentication with Azure AD and Roles from database for example some set of users are with the Role [Admin] and other users [Editor] while the rest of the users just can read I understand that I will need a table represents usernames and roles connected "except the read ones" but I have no clue how to mix between them
I have recently started programming in Blazor... The video is fantastic. Easy to follow and easy to implement... Now I have to test the roles and so on, although I've seen that there is another video and now I'll get to it. I don't know if there will be any for user validation to be done through APIS.
after clicking on login, I get a This page isn’t working If the problem continues, contact the site owner. HTTP ERROR 400. I assume it is a plumbing issue, please help.
Unfortunately, I really can't magically help here. Try debugging the application, set break points in the Login method. Go step by step through the code and check where the problem appears. Also, in the output window, there should be a lot more logs from Microsoft.AspNetCore.Identity that would help to understand what happens.
When i start application i get this error: "InvalidOperationException: The entity type 'IdentityUserLogin requires a primary key to be defined. I cannot see even home page...
i needed to add "base.OnModelreating(modelBuilder) line in my OnModelCreating method. Thx, it works great, will try to implement something like if you are logged as admin u can delete stuff otherwise just read...
Very good guide and detailed explanations sir! I desperately searched for something like this because I was a bit disappointed as to how many things are actually hidden behind the scenes if you just select Individual Accounts when create your Blazor Server application. But sir, you didn’t showed us migrations to database and the database operations overall. Is their is a separate video for this? It is cryptic as to where you write your user. Their is definitely some database for this.
I would say this: When youre trying to learn all of this stuff there is definitely a correct order. First: Setup an SQL server and implement data access. Simply since youre now in the pickle of needing that server and that data access to implement authorization and authentication. So yes, you should first get data access right, watch the video about HttpContext that he mentions in the beginning, and then try to learn and master this.
Thank you for this. This first video is pretty much what scaffolding Identity does as far as I can see without the external auth bits and using a different layout. My query is that even though this seems the common approach to Blazor Server auth that it doesn't actually use Blazor razor components and thus you still have to have a code behind page, can't use Blazor specific UI components i.e. from Infragistics etc. Is that a fair assessment or am I missing something? Thank you.
Yes, you are correct. You cannot use those components in Razor Pages and in Blazor Server (till .NET 7) you can't get around this. This is how things are supposed to work. However, starting with Blazor in .NET 8 things are a little bit different and you will be able to use regular Blazor components on authentication pages. A video on this will follow next week.
@@Codewrinkles Hey I have a question about auth in .net8 vs .net7. I started a project in .net7 and I was able to follow along fine until you started adding the views as razor pages since I am only using razor components in my project. Will the .net8 video you release also be applicable to .net7? Or will I need to convert my project to a .net8 one? The project is already running on .net8, but is still formatted as a .net7 blazor server project. Any response would be much appreciated. Thank you!
Thank you for this video, it was very useful for me. One question tho, on logout page, you changed OnPost to OnGet and said you will change it a little bit later, but seems you forgot? I wonder what was that abt?
@@Codewrinkles Thanks for your respond. Sry to bother you again abt this Logout pagem just trying to learn it the right way😊. When we look at how microsoft by default implements the logout button in MainLayout, they put it in a form with "post" method. Why do they go through all that trouble to call this page OnPost. And also, on your later video, when you add the UpdateSecurityStamp in Logout page, it's OnPost.
Any stuff related with external provider authentication such as Microsoft Account? It has also been contained in scaffold, but how to start from zero like this video. Add external provider authentication into Blazor.
You didn't showed how to set roles before Sign in and setup other claims such as Email, UserId, AccessLevel, etc. Can you please make a video for that.
I mentioned during the video that there are plenty of other videos to follow. This one got fairly long just covering the bare minimum. It's not possible to put just everything in one single video.
Great tutorial! Thanks for sharing all these valuable info! But do you allow me to ask for a more challenging authentication tutorial? How can we use authentication in a shared code for a MAUI Blazor App and a Web Blazor (Wasm or Server)? Is there a good way we can share the authentication code as well?
Thank you. I enjoyed your video. On the Login page, is there a simple way to add a checkbox to allow Users to choose to stay logged in ? And is there a simple link that can be added, so the User can reset their password, if they forgot it ? And can this Login be added to small window that pops out, so the User does not have to leave the current page that they are on ? I hope I did not ask to many questions.
I think I did it. In my Blazor project, I chose to add Identity Scaffolding and I selected all the pages (which got added to my project). However, I did not finish scaffolding it. I did NOT call it in the command line. I then used your code on Program.cs. I had to add .AddDefaultTokenProviders(); after builder.Services.AddIdentity(). I also had to add @attribute [IgnoreAntiforgeryToken] to the LogOut page, so I can access it from the LoginDisplay component that I added. I also added the EmailSender.cs class. Now the Lost Password link works. Please let me know if what I did, sounds like a bad idea. I realize adding a token would be better, but I do not know how to do that. I do hope the rest of what I did, is correct. I still do not know if I can add this login in a small popout window. I will work on that another day. Thank you for your assistance.
Hi, really good video, helped me a lot. I have a question, I have implemented simple login / logout/ register just as you did, and I have added a UserManager razor component where i add roles to the users etc, using injected UserManager and RoleManager. Is that a bad thing ? Should I rather use razor pages for this too ?
I think I was explicit enough in the video. To perform authentication you need a reliable HttpContext. You can't have a reliable HttpContext in Blazor Server as the context is instantiated once per circuit.You need the regular request-response pipeline to be able to perform auth reliably. That's why you either use Razor Pages or regular controllers with views.
@@Codewrinkles in your HttpContext video, you set it up as a DI service. Couldn’t that service be used anywhere within the app? Trying to find away of doing this without having to leave the current page. In this video, you set persistence to false. Meaning closing the tab would require a new login, might that be set to true and have it last between circuit connections? Thanks
I still wish there was less black box magic happening with EF. I need to make a custom authentication system work where a primary login is available such as what you've shown, but if a user has an existing cookie with id allow them quick access with something like a 4 digit pin. That kind of customization is winding up to be a thorn for me lol
In that case you would have to create custom implementation for the Microsoft.AspNetCore.Identity interfaces that you want to use. E.g: IUserStore, IUserManager, IRolesManager and so on. That's a fairly complex topic but I think I'll get into it.
Hi! First off, thanks for this nice tutorial. Is there any way to get not the username as unique identifier? I'm checking against an LDAP server first. When the user is authenticated there, I want to login him based on his GUID fro Active Directory. I the ldap checks works fine and I already have everything I'll need to insert the record but the issue for me is that the username must be unique. Sure I can simply write my guid as username and add another field for the login name but this owuld be a bit confusing when I look on it in the future. Do you have any advice on this?
My advice would be to not mess things up. In Active Directory usernames are unique. When we are using identity provider (AD is an identity provider) we should simply use that identity as it is. If we need to store things in our DB for our app specific needs, then that's OK. But for auth pruposes use the Claims Principal that was generated based on your Identity provider.
@@Codewrinkles Thanks for the advice. The main reason I thought of using Identity was the built in implementation of two factor authentication. Could you probabaly add tfa with claims to your video series as well? :)
Thank you very much for the series. Is that mean we can not use the razor page (.razor) for the register, login and logout and also we cant use the AuthenticationServiceProvider with the Blazor Server Applications, please clarify that and again thank you very much.
Thanks for your comment. I'm not sure I get your question right. In this video I have showed that for login, register and so on we CAN use Razor pages. If you want you can use even regular controllers with views. It is important that we do registration, login, logout through a setup that goes through the regular ASp.Net Core request pipeline. Also as I explained in the subsequent video, Blazor Server relies actually on the AuthenticationStateProvider for everything that's related to out. However, on the AuthStateProvider I will do a dedicated video since there are some very important things to be aware of.
@@Codewrinkles First of all thank you very much for your response. That what I was asking about the AuthStateProvider, Because I will have an API application which both Blazor Server And Blazor Web assembly, so I want to consume all the api endpoints in both of them including the Authentications and Authorizations. Best Regards.
@@talkathiriify Sure you can do that. But I'm not sure about the entire design. I'm sure though that you probably have some very valid reasons for this kind of setup. For me, however, it looks a little bit weird based on the level of information I have now. If you have an API already, then what's the purpose of the Blazor Server app? That would be a scenario where Blazor WASM would do the job. The maine reason why I use Blazor Server mostly is that I don't really need to build and extra API layer/ I can use everything like I would normally do in a regular Asp.Net Core app with the benefit that for users it will behave like a SPA.
@@talkathiriify Also the authenticationStateProvider works slightly different in Blazor WASM and in Blazor Server. In Blazor Server it uses the HttpContext.User to get the authentication state. In Blazor WASM this is not possible so it is usually a custom implementation that does the authentication based on a response from an authentication/authorization endpoint.
@@Codewrinkles Thank you very much for the explanation. I actually came form desktop environment for almost 20 yr, and new to the web world, so you recommend if I have Blazor Server App. I do not need the API's, Let me please explain my scenario to you I am trying to convert all my desktop applications to web based application using Blazor and one of my application is a multi tenancy then I will create Razor class library and consume it in Both Server and WASM apps. your recommendation will be highly appreciated Dan. Sorry if I asking to much and wasting your time, but I really trust your thoughts and suggestions. Thank you very much, and Best Regards.
As an Ambassador you should be able to see this post on the membership tab: ruclips.net/user/postUgkxfLSh0qXSXUBE9Say7Uh7VMEAr31u-qAL In the post there's a link to download the source code. Also when did you join? Maybe RUclips takes a little bit of time? Please let me know if you can access the post through the link I shared.
@@Codewrinkles Thank you so much! I am not sure why but the membership tab would not scroll past 8 months ago. That link worked perfectly! Thank you for the rapid reply!
Codewrinkles members on Ambassador level get access to the source code of videos I publish. If you join as an ambassador you will get access as well. After you join, check the "Membership" tab and scroll to the post where you'll find instructions.
Because that how you do authentication in Blazor Server. And it also includes information about the authentication mechanisms Blazor Server is using and how the AuthenticationStateProvider is working. The fact that we're using Razor Pages for the form is probably the least important one in this video.
Really great content thank you. Would be good to have access to the code snippets you paste in. Could you please publish this in a GitHub repo? Thanks again.
Thank you very much for your feedback and kind words. Source code access is a perk of the membershjop program. Anybody can join it via the "Join" button below each video or via the channel's home page.
@@hismailsa As a member you should have access to this post that I have published right now and you can download the source code: ruclips.net/user/postUgkxfLSh0qXSXUBE9Say7Uh7VMEAr31u-qAL Please note that for videos uploaded before the membershjip program started, I provide the source code by request and if available. For most videos starting 2021 I should have it.
is there really no other way of making alogin system than using these razor pages? I'd rather just use razor components, so i can use MudBlazor for some UI...
You can use controllers. The core thing is that for authentication you need an HttpContext that you can rely on. I think it's not that complicated to write a login page without MudBlazor. There are plenty of HTML templates that you can use.
@@Codewrinkles Hi there! So sorry to interject here but I too am trying to get some kind of login with authentication and authorization using Cosmos DB. I don't quite understand what "custom resolvers" are that you explained above. Is it at all possible that you could link a resource that explains this? Also where are the user login credentials saved in the DB? In a table you made? Oh and I see you were using Razor Pages, would this still be able to work using Razor Components instead? Sorry for all the questions. I've been struggling to do this for weeks now. I would be grateful for your guidance.
I tried to implement the same steps on the Razor Component and it doesn't work. When comes to _userManager.CreateAsync application stop and returns me on-page and doesn't show any error. Thanks for helping and your content is so good and helpful, be persistent you will succeed.
I still think we are mostly looking at this the wrong way. I find it strange how developers, even at a junior level, hear some things somewhere and then use it like a dogma. And when "performance issues" come into question I tend to go crazy. Because we are all looking at performance issues of using GUIDs over ints as identifiers, but when I look at applications out there 90% allocate memory like crazy, pass materialized lists across entire app layers instead of using IEnumerable or IQueyable, db queries are a nightmare. Trust me, using GUIDs over ints as identifiers is the last performance issues we should be concerned about.
Think this is brilliant, however it does not work for me as I am trying to apply the methodology to a Core 3.1 version app, and there is no builder.Configuration. in the code, it just converts builder. to ApplicationBuilder. ! Oh woe is me.... B(
Hello. First of all, thank you for joining as a member. If you got to the channel homepage you will find a tab called "Membership". On it you'll find a lot of communications with instructions on source code access. You can navigate to the memberships also using this link: www.youtube.com/@Codewrinkles/membership
Now I looked closer. It turns out you subscribed to the Supporter tier. Source code access is available for the Ambassador tier. That's specified in each tier details and in the membership video that you can watch when you click on the JOIN button.
Fantastic walkthrough. Was able to code alongside with only a few pauses. Really showed the guts of how Identity interacts with Blazor Server!
U helped me so much every guide out there used the scaffolding and u dont learn anything from that. U explain it and you show it 10/10 !!!!
Glad to hear it!
it would be nice to have access to the HTML code to save time and focus on the backend code but it was a great video, clear explanation, thanks
Hey, why wont you do login and registartion in razor component instead of razor pages?
I will say this video plus the following ones on claims and roles are amazing. Very well done and should be required viewing.
Thank you very much for your feedback
Hello! I have some question, I can see that Microsoft.AspNetCore.Identity package is deprecated. Can we still use it or should we replace it with something?
I am not aware that the packages has been deprecated. Hmm.
@@Codewrinkles It is deprecated. It is v2.2.
Appreciate the clear explanations given, I've just started picking up Blazor and I'm able to understand why things should be done the way shown.
is a very good course , i have a few questions :
1- when you are debuging you are using just a direction "Identity/Account/Register" but in the project we have "Areas/Identity/Pages/Account/Register".
2- What is not existing in the Blazor Server tutorial , is Authentication and Autorization using SQL Server and see the connection, Tables , User Profils (Admin, Profil1, Profil2.
3- the other thing is we need RTL in Blazor
Thanks a lot
1. As the title implies, in this video I have implemented authentication from scratch, so not relying on the scaffolded files. Therefore the structure is different. What you give as an example seems to be the default Microsoft.AspNetCore.Identity structure.
2. I'm not sure what you refer to. In this video we use SQL for authentication and authorization.
3. I'm not sure I can help with that :)
I love your videos. Very explainatory and detailed. I often find a lot of videos to be a little too much 'thats not important right now' and 'we are doing it as easy as possible' leaving me wondering how to actually implement the things I am trying to learn properly in an application that is supposed to be scalable. Your videos however, give me the right toolset to find an implementation that suits my needs.
Thank you so much, may I ask why using razor pages in blazor project ?
Can you answer this question please?
can you please put the source code link, github !
Can you please paste the Register and Login cshtml code? You didn't show the entire code in the video.
Hi. can a loader be implemented on the login button using this approach?
When setting up ViewImports for your razor pages, you inadvertently typed BlazorAuthYT with a capital T instead of lower case t. I believe that’s why it asked for fully qualified name.
Nice catch. Thank you!
@@Codewrinkles you’re welcome.
@@Codewrinkles you’re welcome. Anytime I can help.
Hi! I get this error: "InvalidOperationException: The ConnectionString property has not been initialized." for this line:"var result = await _userManager.CreateAsync(identity, Input.Password);" I have the same code as you and I dont know why i got this error. What could be this?
How can I do this without Entity Framework? I have my own user table and prefer to use my own queries and custom user. I can't seem to get this working without EF.
That's possible, nut it requires some work and understanding. You need to implement your own providers: learn.microsoft.com/en-us/aspnet/core/security/authentication/identity-custom-storage-providers?view=aspnetcore-7.0
This video was very helpful thank you!!! I was wondering what steps I would take if I wanted to set this up with MongoDB instead to handle users. Thanks!
This video was uploaded at the right time for me :-) I am going to implement it the next days
Glad to hear that. Let us know about how it goes. Other authentication videos will follow these days :)
@@Codewrinkles worked well for me, thank you!
Thank you for creating this video. Well done.
Thanks!
is the database created automatically? i followed this video and httpcontext one, and in the end, i got an error 208 object not found - "aspnetusers". I figure i have to create a database and tables manually?
I have created the database beforehand. If you inerit from IdentityDbContext and provide a connection string you need to first add migrations and then update the database. You don't need to write any code. The migrations for the identity users are part of Microsoft.AspNetCore.Identity.
@@Codewrinkles can you share the databse .sql ? i'm pretty new to the blazor and identity and i want to create the db by hand, not with migrations
If I use Blazor components in a MVC Core application that uses session to store some user information, how to access to those values from the Blazor Server component rendered inside MVC view?
I don't think you can do that.
Fantastic video, easy to follow. Thank you
Hey there!
Did you create the User Table?
How do you make your connection to the SQL?
Thank you
The user table is created in this case by Microsoft.AspNetCore.Identity. The connection to SQL is done via a connection string. Regular ASP.NET Core stuff.
When you scaffold Identity, it adds a lot of stuff for you, it also hides a lot of stufss form U, lol! So true after digging all around for how to get this to work.
Brilliant video thanks! I was just wondering, using this method of authentication, can you set custom claims in the claims principal when signing the user in? thanks :)
Yes, sure you can. You can add as many custom claims as you want to the claimsprincipal before signing the user in.
Amazing breakdown and really very helpful and getting me closer to build what I need
One example that I couldn't find anywhere on the internet or not really clear example is a mix between user Authentication with Azure AD and Roles from database for example some set of users are with the Role [Admin] and other users [Editor] while the rest of the users just can read I understand that I will need a table represents usernames and roles connected "except the read ones"
but I have no clue how to mix between them
Hi Do you have any exanple for calling OAuth2.0 REST API from Blazor server application ? If you have please send me link. Thank You
I have recently started programming in Blazor... The video is fantastic. Easy to follow and easy to implement... Now I have to test the roles and so on, although I've seen that there is another video and now I'll get to it. I don't know if there will be any for user validation to be done through APIS.
Los Mejores videos para trabajar con Blazor Server en autorizacion y autenticacion. The best best tutorial for Blazor Server, Thank you so much.
Thank you.
Are you using cookie based authentication or token based? thanks
where is part for database connectivity and tables creating?
I think that is a simple migration after this.
Thx a lot! Works perfect from the first build & run!! You did a great job :-)
Glad I could help
after clicking on login, I get a This page isn’t working If the problem continues, contact the site owner.
HTTP ERROR 400. I assume it is a plumbing issue, please help.
Unfortunately, I really can't magically help here. Try debugging the application, set break points in the Login method. Go step by step through the code and check where the problem appears. Also, in the output window, there should be a lot more logs from Microsoft.AspNetCore.Identity that would help to understand what happens.
@@Codewrinkles is there a github source available?
Hi Mike, have you found a solution for it? I run in the same trouble with the register page. it is not catching the OnPostAsync() method at all.
Got it. Check your _ViewImports if everything is spelled right...... in my case the TagHelper was wrong
I get the same issue@@guntergottbrecht5915 After submit on Register nothing happens and the error page
At what moment should I use Migration ?
Otherwise the app doesn't work I can't register. What is the command missing in this exercise?
as soon as you dbcontext is done, you can run migrations
it will pick up the identity tables needed and run it on your db
Thank you so much for these videos!
When i start application i get this error: "InvalidOperationException: The entity type 'IdentityUserLogin requires a primary key to be defined. I cannot see even home page...
i needed to add "base.OnModelreating(modelBuilder) line in my OnModelCreating method. Thx, it works great, will try to implement something like if you are logged as admin u can delete stuff otherwise just read...
Very good guide and detailed explanations sir! I desperately searched for something like this because I was a bit disappointed as to how many things are actually hidden behind the scenes if you just select Individual Accounts when create your Blazor Server application.
But sir, you didn’t showed us migrations to database and the database operations overall. Is their is a separate video for this? It is cryptic as to where you write your user. Their is definitely some database for this.
I would say this: When youre trying to learn all of this stuff there is definitely a correct order. First: Setup an SQL server and implement data access. Simply since youre now in the pickle of needing that server and that data access to implement authorization and authentication. So yes, you should first get data access right, watch the video about HttpContext that he mentions in the beginning, and then try to learn and master this.
Thank you for this. This first video is pretty much what scaffolding Identity does as far as I can see without the external auth bits and using a different layout. My query is that even though this seems the common approach to Blazor Server auth that it doesn't actually use Blazor razor components and thus you still have to have a code behind page, can't use Blazor specific UI components i.e. from Infragistics etc. Is that a fair assessment or am I missing something? Thank you.
Yes, you are correct. You cannot use those components in Razor Pages and in Blazor Server (till .NET 7) you can't get around this. This is how things are supposed to work. However, starting with Blazor in .NET 8 things are a little bit different and you will be able to use regular Blazor components on authentication pages. A video on this will follow next week.
@@Codewrinkles super! Thanks for the reply.
@@Codewrinkles Hey I have a question about auth in .net8 vs .net7. I started a project in .net7 and I was able to follow along fine until you started adding the views as razor pages since I am only using razor components in my project. Will the .net8 video you release also be applicable to .net7? Or will I need to convert my project to a .net8 one? The project is already running on .net8, but is still formatted as a .net7 blazor server project. Any response would be much appreciated. Thank you!
Thank you for this video, it was very useful for me.
One question tho, on logout page, you changed OnPost to OnGet and said you will change it a little bit later, but seems you forgot? I wonder what was that abt?
Tbh, I don't remember. But I would probably let it with OnGet as I want to be logged out when I'll be redirected to that logout page.
@@Codewrinkles Thanks for your respond. Sry to bother you again abt this Logout pagem just trying to learn it the right way😊. When we look at how microsoft by default implements the logout button in MainLayout, they put it in a form with "post" method. Why do they go through all that trouble to call this page OnPost.
And also, on your later video, when you add the UpdateSecurityStamp in Logout page, it's OnPost.
Any stuff related with external provider authentication such as Microsoft Account? It has also been contained in scaffold, but how to start from zero like this video. Add external provider authentication into Blazor.
Superb walkthrough! Subscribed. Thanks for the effort, very helpful.
Welcome aboard!
What does your appsettings.json look like?
You didn't showed how to set roles before Sign in and setup other claims such as Email, UserId, AccessLevel, etc. Can you please make a video for that.
I mentioned during the video that there are plenty of other videos to follow. This one got fairly long just covering the bare minimum. It's not possible to put just everything in one single video.
Great tutorial! Thanks for sharing all these valuable info! But do you allow me to ask for a more challenging authentication tutorial? How can we use authentication in a shared code for a MAUI Blazor App and a Web Blazor (Wasm or Server)? Is there a good way we can share the authentication code as well?
Thank you. I enjoyed your video. On the Login page, is there a simple way to add a checkbox to allow Users to choose to stay logged in ? And is there a simple link that can be added, so the User can reset their password, if they forgot it ? And can this Login be added to small window that pops out, so the User does not have to leave the current page that they are on ? I hope I did not ask to many questions.
I think I did it. In my Blazor project, I chose to add Identity Scaffolding and I selected all the pages (which got added to my project). However, I did not finish scaffolding it. I did NOT call it in the command line. I then used your code on Program.cs. I had to add .AddDefaultTokenProviders(); after builder.Services.AddIdentity(). I also had to add @attribute [IgnoreAntiforgeryToken] to the LogOut page, so I can access it from the LoginDisplay component that I added. I also added the EmailSender.cs class. Now the Lost Password link works. Please let me know if what I did, sounds like a bad idea. I realize adding a token would be better, but I do not know how to do that. I do hope the rest of what I did, is correct. I still do not know if I can add this login in a small popout window. I will work on that another day. Thank you for your assistance.
Hi, really good video, helped me a lot. I have a question, I have implemented simple login / logout/ register just as you did, and I have added a UserManager razor component where i add roles to the users etc, using injected UserManager and RoleManager. Is that a bad thing ? Should I rather use razor pages for this too ?
It's actually how it is supposed to be implemented. So, I don't see any problem with that.
Excellent video... thanks for sharing!!!
I'm glad you liked it.
Awesome lesson. I'm excited for the next lesson. Thank you very much for this free lesson. 👍🙏
does anyone have the full code for this tutorial in Github?
Do you have to use cshtml? or can this be done say in .razor modal?
I think I was explicit enough in the video. To perform authentication you need a reliable HttpContext. You can't have a reliable HttpContext in Blazor Server as the context is instantiated once per circuit.You need the regular request-response pipeline to be able to perform auth reliably. That's why you either use Razor Pages or regular controllers with views.
@@Codewrinkles in your HttpContext video, you set it up as a DI service. Couldn’t that service be used anywhere within the app? Trying to find away of doing this without having to leave the current page. In this video, you set persistence to false. Meaning closing the tab would require a new login, might that be set to true and have it last between circuit connections?
Thanks
LOve You Sir Thank you for LEcuring on login topic
I Love your tutorials thank you for you great hard work. You are really a great coder and a great attribute to the coding community
is the source code availiable for this anywhere?
Is it possible to make the Identity pieces as Razor components instead of MVC pages?
Theoretically yes, but it's not recommended as with Razor Components you can't set cookies.
Hello, I want to ask => does I need to check "Individual Account" when I create the Blazor Server app or not? Thanks!
No you should not. Otherwise the structure will be created for you and it will be different.
You are a legend, Thanks!
I still wish there was less black box magic happening with EF. I need to make a custom authentication system work where a primary login is available such as what you've shown, but if a user has an existing cookie with id allow them quick access with something like a 4 digit pin. That kind of customization is winding up to be a thorn for me lol
Hi can you pl show a demo on openid authentication simaas??
If you added an API Controller to that project how would you authenticate requests to the API?
Calls to an API should always have a JWT token that is used for authentication/authorization.
@@Codewrinkles Great I did just that!
What if we use MongoDB? with repository pattern, if you can go over that as well would be really beneficial. appreciate your work. Thanks a lot.
In that case you would have to create custom implementation for the Microsoft.AspNetCore.Identity interfaces that you want to use. E.g: IUserStore, IUserManager, IRolesManager and so on. That's a fairly complex topic but I think I'll get into it.
Really fine. Is it possible to have the source code ?? Tnx
Hi! First off, thanks for this nice tutorial. Is there any way to get not the username as unique identifier? I'm checking against an LDAP server first. When the user is authenticated there, I want to login him based on his GUID fro Active Directory. I the ldap checks works fine and I already have everything I'll need to insert the record but the issue for me is that the username must be unique. Sure I can simply write my guid as username and add another field for the login name but this owuld be a bit confusing when I look on it in the future. Do you have any advice on this?
My advice would be to not mess things up. In Active Directory usernames are unique. When we are using identity provider (AD is an identity provider) we should simply use that identity as it is. If we need to store things in our DB for our app specific needs, then that's OK. But for auth pruposes use the Claims Principal that was generated based on your Identity provider.
@@Codewrinkles Thanks for the advice. The main reason I thought of using Identity was the built in implementation of two factor authentication. Could you probabaly add tfa with claims to your video series as well? :)
Thank you very much for the series.
Is that mean we can not use the razor page (.razor) for the register, login and logout and also we cant use the AuthenticationServiceProvider with the Blazor Server Applications, please clarify that and again thank you very much.
Thanks for your comment. I'm not sure I get your question right. In this video I have showed that for login, register and so on we CAN use Razor pages. If you want you can use even regular controllers with views. It is important that we do registration, login, logout through a setup that goes through the regular ASp.Net Core request pipeline.
Also as I explained in the subsequent video, Blazor Server relies actually on the AuthenticationStateProvider for everything that's related to out. However, on the AuthStateProvider I will do a dedicated video since there are some very important things to be aware of.
@@Codewrinkles First of all thank you very much for your response.
That what I was asking about the AuthStateProvider, Because I will have an API application which both Blazor Server And Blazor Web assembly, so I want to consume all the api endpoints in both of them including the Authentications and Authorizations.
Best Regards.
@@talkathiriify Sure you can do that. But I'm not sure about the entire design. I'm sure though that you probably have some very valid reasons for this kind of setup. For me, however, it looks a little bit weird based on the level of information I have now. If you have an API already, then what's the purpose of the Blazor Server app? That would be a scenario where Blazor WASM would do the job. The maine reason why I use Blazor Server mostly is that I don't really need to build and extra API layer/ I can use everything like I would normally do in a regular Asp.Net Core app with the benefit that for users it will behave like a SPA.
@@talkathiriify Also the authenticationStateProvider works slightly different in Blazor WASM and in Blazor Server. In Blazor Server it uses the HttpContext.User to get the authentication state. In Blazor WASM this is not possible so it is usually a custom implementation that does the authentication based on a response from an authentication/authorization endpoint.
@@Codewrinkles Thank you very much for the explanation.
I actually came form desktop environment for almost 20 yr, and new to the web world,
so you recommend if I have Blazor Server App. I do not need the API's, Let me please explain my scenario to you I am trying to convert all my desktop applications to web based application using Blazor and one of my application is a multi tenancy then I will create Razor class library and consume it in Both Server and WASM apps.
your recommendation will be highly appreciated Dan.
Sorry if I asking to much and wasting your time, but I really trust your thoughts and suggestions.
Thank you very much, and Best Regards.
Love this channel! I just subscribed at Ambassador tier but I cannot find the source code link on the membership tab. Can you help?
As an Ambassador you should be able to see this post on the membership tab: ruclips.net/user/postUgkxfLSh0qXSXUBE9Say7Uh7VMEAr31u-qAL
In the post there's a link to download the source code. Also when did you join? Maybe RUclips takes a little bit of time? Please let me know if you can access the post through the link I shared.
@@Codewrinkles Thank you so much! I am not sure why but the membership tab would not scroll past 8 months ago. That link worked perfectly! Thank you for the rapid reply!
That's because it's then when I started memberships. This post is from Janaury I guess, so you probably just missed it. No problem. Glad I could help.
@@Codewrinkles Good luck with your Internet!
is there a link to a source code repo
Great tutorial. It would be nice to have access to the code repository for all your videos. Thanks.
Codewrinkles members on Ambassador level get access to the source code of videos I publish. If you join as an ambassador you will get access as well. After you join, check the "Membership" tab and scroll to the post where you'll find instructions.
Why are you talking about Blazor Server when authentication was done with Razor?
Because that how you do authentication in Blazor Server. And it also includes information about the authentication mechanisms Blazor Server is using and how the AuthenticationStateProvider is working. The fact that we're using Razor Pages for the form is probably the least important one in this video.
There's no need to run BS or BWASM Monster if user is not logged in
Really great content thank you. Would be good to have access to the code snippets you paste in. Could you please publish this in a GitHub repo? Thanks again.
Thank you very much for your feedback and kind words. Source code access is a perk of the membershjop program. Anybody can join it via the "Join" button below each video or via the channel's home page.
@@Codewrinkles I have joined but I cannot find the source code.
@@hismailsa As a member you should have access to this post that I have published right now and you can download the source code: ruclips.net/user/postUgkxfLSh0qXSXUBE9Say7Uh7VMEAr31u-qAL
Please note that for videos uploaded before the membershjip program started, I provide the source code by request and if available. For most videos starting 2021 I should have it.
@@Codewrinkles Love this video, now should even be better with the code
@@Codewrinkles Just paid for the membership, the link seems to be broken
is there really no other way of making alogin system than using these razor pages? I'd rather just use razor components, so i can use MudBlazor for some UI...
You can use controllers. The core thing is that for authentication you need an HttpContext that you can rely on. I think it's not that complicated to write a login page without MudBlazor. There are plenty of HTML templates that you can use.
About to save me a couple thousand bucks if I can follow this and also add in some authentication with google and Facebook. Thanks so much.
Glad it helped!
can this work with Cosmos DB?
Yes but you would have to create custom resolvers for Microsfot.Aspnetcore.Identity to work with.
@@Codewrinkles Hi there! So sorry to interject here but I too am trying to get some kind of login with authentication and authorization using Cosmos DB. I don't quite understand what "custom resolvers" are that you explained above. Is it at all possible that you could link a resource that explains this? Also where are the user login credentials saved in the DB? In a table you made? Oh and I see you were using Razor Pages, would this still be able to work using Razor Components instead? Sorry for all the questions. I've been struggling to do this for weeks now. I would be grateful for your guidance.
I tried to implement the same steps on the Razor Component and it doesn't work. When comes to _userManager.CreateAsync application stop and returns me on-page and doesn't show any error.
Thanks for helping and your content is so good and helpful, be persistent you will succeed.
I still think we are mostly looking at this the wrong way. I find it strange how developers, even at a junior level, hear some things somewhere and then use it like a dogma. And when "performance issues" come into question I tend to go crazy. Because we are all looking at performance issues of using GUIDs over ints as identifiers, but when I look at applications out there 90% allocate memory like crazy, pass materialized lists across entire app layers instead of using IEnumerable or IQueyable, db queries are a nightmare. Trust me, using GUIDs over ints as identifiers is the last performance issues we should be concerned about.
@@Codewrinkles Thank you
Think this is brilliant, however it does not work for me as I am trying to apply the methodology to a Core 3.1 version app, and there is no builder.Configuration. in the code, it just converts builder. to ApplicationBuilder. ! Oh woe is me.... B(
Aha! Found out you can do it anyway, just don't bother putting in the builder. prefix...
Next time I'll avoid using scaffolding. Thank you.
I don't think you should avoid it all the way, but we need to know what happens behind the scenes and what's actually scaffolded.
Very helpful, will be better though if I could have access to the repo, so I could copy and paste some code.
Thanks for Tutorials
Great video, but where is the source code
thanks very much.
My pleasure
Just joined your awesome channel. Paid and Subscribed.
Unable to find the source code.
Can you please assist?
Hello. First of all, thank you for joining as a member. If you got to the channel homepage you will find a tab called "Membership". On it you'll find a lot of communications with instructions on source code access. You can navigate to the memberships also using this link: www.youtube.com/@Codewrinkles/membership
Now I looked closer. It turns out you subscribed to the Supporter tier. Source code access is available for the Ambassador tier. That's specified in each tier details and in the membership video that you can watch when you click on the JOIN button.
Good tutorial but tons of basic explanation make this video to long