[英]Authentication in client-side Blazor web app
I've been trying to learn some C#
and decided to try a Blazor
app.我一直在尝试学习一些
C#
并决定尝试Blazor
应用程序。 I've been building web apps for a long time but not in the MS world.我已经构建了 web 个应用程序很长时间了,但不是在 MS 世界中。 In reading the blazor docs it seems that a client side blazor app cannot be secured by role, since the user could simply change any js parameters and visit pages arbitrarily.
在阅读blazor 文档时,似乎无法通过角色保护客户端 blazor 应用程序,因为用户可以简单地更改任何 js 参数并任意访问页面。 However, am I wrong to think that you can still secure the basic app built with client side blazor as far as authenticating users via
OIDC
or some other auth flow?但是,就通过
OIDC
或其他一些身份验证流程对用户进行身份验证而言,我是否认为您仍然可以保护使用客户端 blazor 构建的基本应用程序是错误的?
To put it another way, it sounds like a truly secure web app would be well advised to use the client side blazor setup, but would the client side work for an intr.net scenario, where we only care about making sure users should be able to login, but aren't too concerned with what they do once they're in?换句话说,听起来真正安全的 web 应用程序最好使用客户端 blazor 设置,但客户端是否适用于 intr.net 场景,我们只关心确保用户应该能够登录,但不太关心他们进入后做什么?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.