Blazor cookie authentication

Question

Please help me I don't know what can be wrong, I've been trying to find something for hours...

I want to have a user login component on cookie in blazor. I need possibility to get information from the cookie in all places in my app.

In my Startup.cs I have added in ConfigureServices:

services.Configure<CookiePolicyOptions>(options =>
{
    options.CheckConsentNeeded = context => true;
    options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
services.AddHttpContextAccessor();
services.AddScoped<HttpContextAccessor>();
services.AddHttpClient();
services.AddScoped<HttpClient>();

in Configure before endpoint

app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();

Then in the app, I have made code to make a signin

public async Task Login()
{
    var claims = new List<Claim> {
        new Claim(ClaimTypes.Name, "1", ClaimValueTypes.String),
        new Claim(ClaimTypes.Surname, "2", ClaimValueTypes.String),
        new Claim(ClaimTypes.Country, "3", ClaimValueTypes.String),
        new Claim("4", "4.1", ClaimValueTypes.String)
    };

    var userIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
    var authProperties = new AuthenticationProperties
        {
            ExpiresUtc = DateTime.UtcNow.AddMinutes(20),
            IsPersistent = false,
            AllowRefresh = false
        };
    var userPrincipal = new ClaimsPrincipal(userIdentity);

    await _httpContextAccessor.HttpContext.SignInAsync(
      CookieAuthenticationDefaults.AuthenticationScheme, 
      userPrincipal);
}

but I get no cookie in my browser, no error in code / console.

When I take a look in the status from

var z= _httpContextAccessor.HttpContext.SignInAsync(
    CookieAuthenticationDefaults.AuthenticationScheme, 
    userPrincipal).Status

then I get an error

System.Threading.Tasks.TaskStatus.Faulted info.

Can anybody help me? I need an authentication and authorization system that can give me in demand info about user.

I will be grateful for help

Thank You

I get no error. The info about faulted is the status from signinasync. — Krzysztof, Oct 31 '19 at 18:54

score -1 · Answer 1 · answered Oct 31 '19 at 19:00

-1

Is this a Blazor Server or Blazor WebAssembly ?

In any case, you can't use HttpContextAccessor in your App.

This _httpContextAccessor.HttpContext.SignInAsync cannot work because the HttpContext is not available in Blazor Server. Needless to say that HttpContext cannot be created on the browser...

Either use this : services.AddHttpClient();

to use IHttpClientFactory (recommanded)

or this: services.AddScoped<HttpClient>();

It seems to me that you are not familiar with either Blazor or the Authentication and Authorization system of Blazor. I'd suggest you to consult the docs and learn how to use them. They are excellent, and may save you a great deal of hard coding time.

Hope this helps...

answered Oct 31 '19 at 19:00

Yes I'm new in blazor. I try to build a server side app. Are You thinking about usage this AuthenticationStateProvider service? – Krzysztof Oct 31 '19 at 19:41
1

The Blazor authentication and authorization system define a bunch of components you can use in your apps, such as AutherizeView and others. I'm posting here a link where you can start learning this, and if you have got questions, you're welcome to ask them here: https://learn.microsoft.com/en-us/aspnet/core/security/blazor/?view=aspnetcore-3.0&tabs=visual-studio – Oct 31 '19 at 20:17
1

sample code for blazor with policy based auth: https://github.com/chrissainty/PolicyBasedAuthWithBlazor – jazb Nov 01 '19 at 01:22
Ok, I see that I can use own AuthenticationStateProvider with claims information that I need. Question how can I get the information from the claims in the place what I need? With DI or cascading params yes? What about lifetime of the logged user can it be set somewhere? Example not using the page for 1h = logout? – Krzysztof Nov 01 '19 at 07:10
at this moment i am using the AuthenticationStateProvider with customauthenticationstateprovider and i have the informations about the user that i log in. how can i make now the session or something that the user can stay logged in for exampla around 1 h. then the session is off and need log in second time. where are now the informations stored, i don't understand it to the end :/ please help – Krzysztof Nov 02 '19 at 15:21

Blazor cookie authentication

1 Answers1

Linked