Blazor 服务器端 AllowAnonymousToFolder

Question

I have added Azure AD authentication so that all requests to the application has to login. But I would like to seperate this since I have a "Public" and "Private" folder for my pages.

I found this https://docs.microsoft.com/en-us/aspnet/core/security/authorization/razor-pages-authorization?view=aspnetcore-5.0 which is what I need, but once I go to a page in the public folder, I still get prompted to login.

Expected result: All the pages in the /Pages/Public folder will not prompt login.

Result: When navigationg to a page in the /Pages/Public folder Im prompted with a login request.

Im relatively new at Server side Blazor and Net Core so its very possible that Im missunderstanding something or that this functionality isnt available for Blazor. If so then might I get a hint to what to look at instead?

services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(options =>
{
      Configuration.Bind("AzureAD", options);
      options.Events ??= new OpenIdConnectEvents();
      options.Events.OnTokenValidated += OnTokenValidatedFunc;
});
services.AddRazorPages(options =>
{
     //No error here but no effect either
     options.Conventions.AllowAnonymousToFolder("/Pages/Public");
}).AddMvcOptions(options =>
{
     var policy = new AuthorizationPolicyBuilder()
                      .RequireAuthenticatedUser()
                      .Build();
     options.Filters.Add(new AuthorizeFilter(policy));
                
}).AddMicrosoftIdentityUI();

Answer 1

Use @attribute [Authorize(Policy = "Whatever")] in a new _Imports.razor in the folder with all the pages which require Auth. This will add the Authorize attribute to all pages in that folder and below. You will have to remove your global Auth. requirement though.

Answer 2

So what I ended up with was splitting the project into two projects, with one part secured and the other public since I didnt find a way to have the whole project secure and only anonymize certain pages.