Acutally there is built in way to read token from string, no need for custom parser var tokenHandler = new JwtSecurityTokenHandler(); var parsedJwt = tokenHandler.ReadJwtToken(token); also with this you can other things from token not just claims, like exp date whick is important so you dont put expired token in your header
For everyone out there, there are plenty of videos showing you how to implement JWT server-side -- and Patrick covers that too in another video -- but this is the first time I see a video that shows you how to apply it in a Blazor client app. In this video Patrick shows you how to use CustomAuthenticationProvider and the component to apply role-based authentication in a Blazor client app. Great stuff. Well done.
Thank you so much! I was looking for such a tutorial everywhere. Very clean and understandable and covers most part of the auth process. Now I only need to understand how to handle JWTs on an enterprise level.
I have one question to the token: Where does this specific token originally come from ? And why does it work ? if i changr the letters in it, it does not work anymore, but why is that ? I hope you can answer my question :) .
First of all, great video! Can you show us how to use this custom AuthenticationStateProvider and Azure MSAL authentication in a single Blazor WebAssembly? Or do you have any reference where i can take a look? Thank you!
I put in a jwt token that was expired and it still says authorized, is there something special that needs to be done to have it not say authenticated for an expired jwt token
JWT usually should not be handled on client. Most people use it for authenticating with their 1:1 API. Then it should be HttpOnly Cookies. Thanks for sharing how to enforce on the client!
Hi Patrick! Thanks for great content! Sorry for stupid question but how does the app know that given jwt is valid? I know in this example it's just to show proof of concept, but in real life scenario, where would this validation occur? Is there a video related to that?
Thank You So much brother !! I was trying to do role management programmatically, but it was not working. You save my lots of time. Thank You Very Much !!!
Awesome tutorial. Will you create tutorial Blazor WebAssembly with ASP.NET Core hosted using authentication type Azure AD B2C (AddMsalAuthentication) and show how to use user flows whiting Blazor app? E.g. I know how to use sign_up_in, reset_password, but I’ve had a little problem with profile editing using the Blazor app. Have you done such a thing before? I think there are no course which shows how to use profile editing user flow (or your custom user flow) within Blazor WebAssembly app in .NET 6.
Hi, I followed along some of your Blazor vids but in my controller I found that the route attribute say of “id” wouldn’t work in a post, I had to specify the method and action name too.
Well done 👍🏻 I would like to see how the client will use the JWT web token on making requests to the Web API. Part of a part 2 ? 😉 I think the client will send the JWT web token with each request towards a Web API and the Web API doing all kinds of checks with the JWT web token it receives to make sure the token is not tampered with and the client authorized to make the request.
Great video! I already started just storing jwt token in local storage, using that to get the current user on the MainLayout, if null -> redirect to /Login, else -> /Index. Simple, custom implementation with a force reload hack since I don't have a way to subscribe to the auth state. The built-in solution is a bit too magical for me at this moment.
Hello! Thank you so much for your effort and for this video - it was very clear and informative! If it's not too much trouble, could you create a tutorial on this topic using .NET 8, focusing on JWT authentication? I appreciate it in advance and look forward to your new videos!
Hi Patrick, I have the user adding phone number during register to the database. i understand context user Identity name provides the user's username. but what if I as well want to get the user's phone number as well, how can I get that ?
@@ViralityG unfortunately nope. I read the documentation of the context user and it happens you can only get the username. I use dapper and stored procedures, so the plan is to create a stored procedure to get the phone number of the context user from the database.
Hi How to solve this problem. Microsoft.AspNetCore.Authorization.DefaultAuthorizationService Authorization failed. These requirements were not met: DenyAnonymousAuthorizationRequirement: Requires an authenticated user
You've done a number of videos on Web API Authentication and Blazor Web Assembly authentication, but nothing with blazor server. In fact I can't find any good video on this from anyone. Any chance you could make one?
Hello Patrick, I love your videos and followed you tutorials on Udemy for one of you projects. I wanted to ask a question on authentication using JWT in Blazor WASM. How would I check when a user is logged in in one device and attempts to login in another. I want to prevent multiple sessions by one user. At the point of 2nd Login attempt how can I give an option to log out form all logged in sessions. Like Google dose. If you can make a video on this topic i will greatly appreciate it.
I have a problem with the roles part, when debugging i can see that the state that is being returned contains a role with administrator, but for some reason when using it does not seem to work, i have tried to redo the whole tutorial in a new project.. Has anybody experienced the same? anyway i will clone his project and see if i can figure something out
Hi Patrick, Thank you for this tutorials it so nice, but the source code in the GitHub for this is not like in your video. Hope you can find time to update the sourcecode(GitHub). Thank you in advance...
Instead of using a hardcoded token, use following: var claims = new List { new Claim(ClaimTypes.Name, "Daniel")}; var identity = new ClaimsIdentity(claims, "jwt");
![Seungmin "그렇게, 천천히, 우리(As we are)" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/kAzmhLHePqU/mqdefault.jpg)
▶ Part 2/2: ruclips.net/video/kOnMMKxwm3I/видео.html
Acutally there is built in way to read token from string, no need for custom parser
var tokenHandler = new JwtSecurityTokenHandler();
var parsedJwt = tokenHandler.ReadJwtToken(token);
also with this you can other things from token not just claims, like exp date whick is important so you dont put expired token in your header
For everyone out there, there are plenty of videos showing you how to implement JWT server-side -- and Patrick covers that too in another video -- but this is the first time I see a video that shows you how to apply it in a Blazor client app. In this video Patrick shows you how to use CustomAuthenticationProvider and the component to apply role-based authentication in a Blazor client app. Great stuff. Well done.
Thank you so much for your feedback! 😊 Here's the JWT video: ruclips.net/video/v7q3pEK1EA0/видео.html
@@PatrickGod Do you have a Blazor Server video? I haven't seen this but since I'm not interested on WASM, it may not be useful for my purposes.
Thank you very much Patrick for sharing this with us.
It would be very kind of you if you make part 2 of this, and show the whole picture of it.
ج ى
Here is part 2: ruclips.net/video/kOnMMKxwm3I/видео.html 😊
hello there, i've same problem @ 13:22 'string token ="" ' how can have it?
eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTUxMiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiVG9ueSBTdGFyayIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6Iklyb24gTWFuIiwiZXhwIjozMTY4NTQwMDAwfQ.IbVQa1lNYYOzwso69xYfsMOHnQfO3VLvVqV2SOXS7sTtyyZ8DEf5jmmwz2FGLJJvZnQKZuieHnmHkg7CGkDbvA
Thank you Patrick! Hope you have a wonderful day!
Thank for the clear explanation! One of the few I found with .net 6 example. Keep up the good work!
Thank you so much, will do! 😊
Thank you so much! I was looking for such a tutorial everywhere. Very clean and understandable and covers most part of the auth process. Now I only need to understand how to handle JWTs on an enterprise level.
Thank you so much for your feedback! Happy to help! 😊
I too would like to see a part 2 and put the whole thing together.
Here it is: ruclips.net/video/kOnMMKxwm3I/видео.html 😊
I have one question to the token: Where does this specific token originally come from ? And why does it work ? if i changr the letters in it, it does not work anymore, but why is that ? I hope you can answer my question :) .
Excellent video, I had previous experience with Razor and I am trying to learn Blazor, your videos it is helping a lot, thank you very much!
What I'm missing is how the jwt token can be parsed if it does not have the secret key. Or does it and did i miss something?
Where can I find tokens on the app? thanks
Can I see this from the server side of things. Thanks for simplifying this feature.
keep it up , best content on blazor
Thank you so much! 😁
First of all, great video!
Can you show us how to use this custom AuthenticationStateProvider and Azure MSAL authentication in a single Blazor WebAssembly? Or do you have any reference where i can take a look? Thank you!
I put in a jwt token that was expired and it still says authorized, is there something special that needs to be done to have it not say authenticated for an expired jwt token
JWT usually should not be handled on client. Most people use it for authenticating with their 1:1 API. Then it should be HttpOnly Cookies.
Thanks for sharing how to enforce on the client!
Hi Patrick! Thanks for great content! Sorry for stupid question but how does the app know that given jwt is valid? I know in this example it's just to show proof of concept, but in real life scenario, where would this validation occur? Is there a video related to that?
Do you have any course on ASP.NET Core 6.00+ MVC?
Thank You So much brother !! I was trying to do role management programmatically, but it was not working. You save my lots of time. Thank You Very Much !!!
Awesome tutorial. Will you create tutorial Blazor WebAssembly with ASP.NET Core hosted using authentication type Azure AD B2C (AddMsalAuthentication) and show how to use user flows whiting Blazor app? E.g. I know how to use sign_up_in, reset_password, but I’ve had a little problem with profile editing using the Blazor app. Have you done such a thing before? I think there are no course which shows how to use profile editing user flow (or your custom user flow) within Blazor WebAssembly app in .NET 6.
Is this tutorial good for blazor server app too?
THANKS GOD REALLY !!!
Hi, I followed along some of your Blazor vids but in my controller I found that the route attribute say of “id” wouldn’t work in a post, I had to specify the method and action name too.
sir Patrick, I have a token signed by an api, whats the best way to parse the token
Well done 👍🏻 I would like to see how the client will use the JWT web token on making requests to the Web API. Part of a part 2 ? 😉
I think the client will send the JWT web token with each request towards a Web API and the Web API doing all kinds of checks with the JWT web token it receives to make sure the token is not tampered with and the client authorized to make the request.
You already know that, but for all the others, here's part 2: ruclips.net/video/kOnMMKxwm3I/видео.html 😊
When the account has only one role, things are fine
but User with multiple roles fails authorization ??
Great video keep it up
Great video! I already started just storing jwt token in local storage, using that to get the current user on the MainLayout, if null -> redirect to /Login, else -> /Index. Simple, custom implementation with a force reload hack since I don't have a way to subscribe to the auth state. The built-in solution is a bit too magical for me at this moment.
thank you clear explanation
Hello! Thank you so much for your effort and for this video - it was very clear and informative! If it's not too much trouble, could you create a tutorial on this topic using .NET 8, focusing on JWT authentication? I appreciate it in advance and look forward to your new videos!
You did not show a login page for authorization.
Excellent video, but what if there are multiple roles per user?
Do you have an example of this please?
Hi Patrick, I have the user adding phone number during register to the database. i understand context user Identity name provides the user's username. but what if I as well want to get the user's phone number as well, how can I get that ?
Did you figure this out?
@@ViralityG unfortunately nope. I read the documentation of the context user and it happens you can only get the username. I use dapper and stored procedures, so the plan is to create a stored procedure to get the phone number of the context user from the database.
Hi How to solve this problem. Microsoft.AspNetCore.Authorization.DefaultAuthorizationService
Authorization failed. These requirements were not met:
DenyAnonymousAuthorizationRequirement: Requires an authenticated user
You've done a number of videos on Web API Authentication and Blazor Web Assembly authentication, but nothing with blazor server. In fact I can't find any good video on this from anyone. Any chance you could make one?
It does working for blazor server bro ?
Hello Patrick, I love your videos and followed you tutorials on Udemy for one of you projects.
I wanted to ask a question on authentication using JWT in Blazor WASM.
How would I check when a user is logged in in one device and attempts to login in another. I want to prevent multiple sessions by one user. At the point of 2nd Login attempt how can I give an option to log out form all logged in sessions. Like Google dose. If you can make a video on this topic i will greatly appreciate it.
Hello can i use this steps in server app ?
Exactly what I wanted to ask myself
@@majormartintibor It is working by changing some code lines. Its very usefull you can use if you have a project
thank you a lot,Perfect explanation
I have a problem with the roles part, when debugging i can see that the state that is being returned contains a role with administrator, but for some reason when using it does not seem to work, i have tried to redo the whole tutorial in a new project.. Has anybody experienced the same? anyway i will clone his project and see if i can figure something out
Great video! Thanks.
Glad you liked it! Thank you for your feedback! 😊
Awesome video
Please make part 2 to get a complete real life app. thx
Here it is: ruclips.net/video/kOnMMKxwm3I/видео.html 😊
Sir, Does this work with Blazor server app?
Bro, are you gonna make a video about ASP.NET MVC too?
Thanks for sharing
Hi Patrick, Thank you for this tutorials it so nice, but the source code in the GitHub for this is not like in your video. Hope you can find time to update the sourcecode(GitHub). Thank you in advance...
Please, please fix the video zoom changing every few seconds.
Didn’t even got a minute into it… too many jumps!
@@grahamea Thanks for the feedback. I changed it in the next video. Hope that's better now. Cheers! 😅
good
Part 2 please!!!!!
Here it is: ruclips.net/video/kOnMMKxwm3I/видео.html 😊
Gracias.
Iron Man perhaps😄
Exactly! 😂
فاسي ولا هو كذا؟
🩲
Iron man????
Instead of using a hardcoded token, use following:
var claims = new List { new Claim(ClaimTypes.Name, "Daniel")};
var identity = new ClaimsIdentity(claims, "jwt");
Thanks
Thanks a lot, Your code was help me.