Can we use this method inside Razor Component instead of using that cshtml Page ? as I see you have used existing structure of identity pages. it will be great if you purely use razor components for registration/login and authorization. Good Work
How to restrict user to access the Registrater.cshtml Page? Example only Administrators can only add users. Is it possible to write and implement authorization/authentication (login and register page) using Blazor components rather than using cshtml razor pages?
Good explanation here, have tried same way but custom authentication state is not persist after redirect to different page using interactive auto render mode.
Hi, i'd like to ask regarding the uses of .cshtml page instead of .razor component. I assume that you use cshtml page so you can access HttpContext property out-of-the-box, but what if we register an HttpContext accessor service (builder.Services.AddHttpContextAccessor()) and inject it instead to the razor component to access the HttpContext ? Would there be any difference, catch or it is a valid workaround ? Thank you
Thank you very much for your input. Actually using the HttpContextAccessor is not really needed, except when you want to use the HttpContext in other services and want to leverage the DI. In that case you would register the HttpContextAccessor. Otherwise you're just duplicating what you already have.
@@Codewrinkles Thank you very much for your response. Actually this question occurred on me (more like make me tripped actually) when i am trying to reproduce this video but fully inside Razor component instead of using razor page or .cshtml page, where we don't have access to HttpContext at all except through injected HttpContextAccessor. What i found is, unfortunately, calling SignInAsync() or SignOutAsync() from injected HttpContextAccesor's HttpContext inside Razor component would throw InvalidOperationException. So instead what i do is a combination of custom RevalidatingServerAuthenticationStateProvider with its SetAuthenticationState() through injection. And if i want to persist the session (continue the session even after manually type the URL) i just write the cookie manually through JSInterop.
@@tommyariap3464 Thank you very much for sharing your experience. From my point of view, it's not optimal to do any authentication stuff in razor components. In fact, in this video I showed that logout is also a Razor page actually. The main reason for this is that, indeed, you can't rely on the HttpContext to be accurate in Razor components. I covered this with examples and explained why in several Blazor server videos. Sure, JSInterop is a workaround, but from my point of view the resulted code is not easily understandable. If you use a Razor page or a regular controller, then everything is much cleaner and more straightforward to understand.
Hello! I just set up a Blazor server app with individual accounts. Considering the fact that I use razor component for login page and register page, I tried to make a repository with an interface that I registered in Program.cs. In this repository I have set async methods for login and registration, but every time, for example, when I want to login, I get this error "The response headers cannot be modified because the response has already started.". I mention that I have not implemented CustomAuthorisation. Any advice for this? Thank you
That doesn't seem like an authorization problem. Usually you get this exception when you try to set some headers after the response has been constructed. Blindly, I'll say that somethin is probably not awaited properly. Maybe no async for the "OnPost()" method in the pagemodel?
If you have two browser tabs logged in with cookies and you log out of one of them, the other tab is still active. Please tell me how to fix the error that keeps me logged in.
This would be so much easier to follow if you either started from a new project, so I don't have to go through another video only to have to remove half of it, or if you provided source code so I already have what I need.
![Digital Circus Episode 4 [TRAILER]](http://i.ytimg.com/vi/abZtsmMUbJo/mqdefault.jpg)
Can we use this method inside Razor Component instead of using that cshtml Page ? as I see you have used existing structure of identity pages.
it will be great if you purely use razor components for registration/login and authorization. Good Work
No because the HttpContext used in razor components is different.
This is the best video I found about custom authentication
Thanks! I’m looking forward to your video with a Provider such as Google or Facebook using this same authorization example.
Is the source code available for download somewhere ?
Thanks for your creativity, it is very useful to fill knowledge gaps!
Glad you think so!
How to restrict user to access the Registrater.cshtml Page? Example only Administrators can only add users. Is it possible to write and implement authorization/authentication (login and register page) using Blazor components rather than using cshtml razor pages?
Is it possible to omit the argument for AddAuthentication? Leaving it empty and handling it via Authorization policies?
Hi! Scenario: You are loged in, you copy auth cookie, you log out the user and paste "saved" cookie again. What will happen?
Hi, ClaimsIdentity data where is stored? after logout i checked cookie in browser but not there. can you please explain?
Good explanation here, have tried same way but custom authentication state is not persist after redirect to different page using interactive auto render mode.
Hi, i'd like to ask regarding the uses of .cshtml page instead of .razor component.
I assume that you use cshtml page so you can access HttpContext property out-of-the-box, but what if we register an HttpContext accessor service (builder.Services.AddHttpContextAccessor()) and inject it instead to the razor component to access the HttpContext ? Would there be any difference, catch or it is a valid workaround ?
Thank you
Thank you very much for your input. Actually using the HttpContextAccessor is not really needed, except when you want to use the HttpContext in other services and want to leverage the DI. In that case you would register the HttpContextAccessor. Otherwise you're just duplicating what you already have.
@@Codewrinkles Thank you very much for your response. Actually this question occurred on me (more like make me tripped actually) when i am trying to reproduce this video but fully inside Razor component instead of using razor page or .cshtml page, where we don't have access to HttpContext at all except through injected HttpContextAccessor.
What i found is, unfortunately, calling SignInAsync() or SignOutAsync() from injected HttpContextAccesor's HttpContext inside Razor component would throw InvalidOperationException. So instead what i do is a combination of custom RevalidatingServerAuthenticationStateProvider with its SetAuthenticationState() through injection. And if i want to persist the session (continue the session even after manually type the URL) i just write the cookie manually through JSInterop.
@@tommyariap3464 Thank you very much for sharing your experience. From my point of view, it's not optimal to do any authentication stuff in razor components. In fact, in this video I showed that logout is also a Razor page actually. The main reason for this is that, indeed, you can't rely on the HttpContext to be accurate in Razor components. I covered this with examples and explained why in several Blazor server videos. Sure, JSInterop is a workaround, but from my point of view the resulted code is not easily understandable. If you use a Razor page or a regular controller, then everything is much cleaner and more straightforward to understand.
How to do this in the razor component and without a role, only the user-id and password to be passed in?
Hello!
I just set up a Blazor server app with individual accounts.
Considering the fact that I use razor component for login page and register page, I tried to make a repository with an interface that I registered in Program.cs.
In this repository I have set async methods for login and registration, but every time, for example, when I want to login, I get this error "The response headers cannot be modified because the response has already started.".
I mention that I have not implemented CustomAuthorisation.
Any advice for this?
Thank you
That doesn't seem like an authorization problem. Usually you get this exception when you try to set some headers after the response has been constructed. Blindly, I'll say that somethin is probably not awaited properly. Maybe no async for the "OnPost()" method in the pagemodel?
If you have two browser tabs logged in with cookies and you log out of one of them, the other tab is still active.
Please tell me how to fix the error that keeps me logged in.
Try changing the startup project to the project that you required to run .
Right-click>Projectfile>configure Startup>apply
Thanks for this.
My pleasure!
You just got new subscriber sir! 👍
Thanks!
This would be so much easier to follow if you either started from a new project, so I don't have to go through another video only to have to remove half of it, or if you provided source code so I already have what I need.
Thank you
You're welcome
Thanks
Thank you for this. Can you share code.
I'm thinking of ways making code available in the future. Stay tuned.
@@Codewrinkles Thank you for this. Can you share code.