需要对整个 Blazor 服务器应用程序进行身份验证
[英]Require authentication for entire Blazor Server app
问题描述
I'm trying to add a custom authentication for my Blazor Server app and I can't get it to redirect an unauthorized user to the login page.
我正在尝试为我的 Blazor 服务器应用程序添加自定义身份验证,但无法将未经授权的用户重定向到登录页面。
I've already tried this:我已经尝试过这个:
This is my app.razor component这是我的app.razor组件
<CascadingAuthenticationState>
<Router AppAssembly="@typeof(App).Assembly">
<Found Context="routeData">
<AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
<NotAuthorized>
<RedirectToLogin />
</NotAuthorized>
</AuthorizeRouteView>
<FocusOnNavigate RouteData="@routeData" Selector="h1" />
</Found>
<NotFound>
<PageTitle>No encontrado</PageTitle>
<LayoutView Layout="@typeof(MainLayout)">
<p role="alert">Dirección inválida.</p>
</LayoutView>
</NotFound>
</Router>
</CascadingAuthenticationState>
This is my RedirectToLogin component这是我的 RedirectToLogin 组件
@inject NavigationManager NavManager
@code {
protected override async Task OnInitializedAsync()
{
NavManager.NavigateTo("/login", forceLoad: true);
}
}
But it seems the <NotAuthorized> section is never reached as I set a breakpoint on the OnInitializedAsync method and the debugging never stopped.但是似乎从未到达<NotAuthorized>部分,因为我在OnInitializedAsync方法上设置了一个断点并且调试从未停止过。
I'm using cookies for authentication and it works as I added an <AuthorizeView> tag in my MainLayout to test it showing a text for not authenticated users.我正在使用 cookies 进行身份验证,当我在我的 MainLayout 中添加一个<AuthorizeView>标签以测试它是否显示未经过身份验证的用户的文本时,它可以正常工作。
2 个解决方案
解决方案1
1 已采纳 2022-03-11 17:33:37
I could get it to work, I was missing an [Authorize] attribute.我可以让它工作,我缺少[Authorize]属性。
I put @attribute [Authorize] right after my @using directives at my _Imports.razor file and the <NotAuthorized> tag under the Router was finally reached, and I just simply removed the RedirectToLogin component to render the Login one directly.我在我的_Imports.razor文件中的@using指令之后放置了@attribute [Authorize]并且最终到达了路由器下的<NotAuthorized>标记,我只是简单地删除了 RedirectToLogin 组件以直接呈现登录。
Also, as I used [Authorize] at that level, I had to add @attribute [AllowAnonymous] on my login component此外,当我在该级别使用[Authorize]时,我必须在我的登录组件上添加@attribute [AllowAnonymous]
Therefore, leaving my Router like this:因此,像这样离开我的路由器:
<CascadingAuthenticationState>
<Router AppAssembly="@typeof(App).Assembly">
<Found Context="routeData">
<AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
<NotAuthorized>
<Login />
</NotAuthorized>
</AuthorizeRouteView>
<FocusOnNavigate RouteData="@routeData" Selector="h1" />
</Found>
<NotFound>
<PageTitle>No encontrado</PageTitle>
<LayoutView Layout="@typeof(MainLayout)">
<p role="alert">Dirección inválida.</p>
</LayoutView>
</NotFound>
</Router>
</CascadingAuthenticationState>
And my MainLayout like this:我的 MainLayout 是这样的:
<AuthorizeView>
<Authorized>
@*Normal layout when authorized*@
@Body
</Authorized>
<NotAuthorized>
@Body
</NotAuthorized>
</AuthorizeView>
The Login component is just a form with username and password fields登录组件只是一个带有用户名和密码字段的表单
解决方案2
0 2022-03-10 14:15:29
Combines the behaviors of AuthorizeView and RouteView, so that it displays the page matching the specified route but only if the user is authorized to see it .
This from Microsoft doc
You can try:你可以试试:
1- Keep you AuthorizeRouteView sample like this: 1- 让你像这样AuthorizeRouteView示例:
<AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)"/>
2- Wrap your RedirectToLogin component with: 2- 使用以下内容包装您的RedirectToLogin组件:
<AuthorizeView>
<NotAuthorized>
//something
</NotAuthorized>
<Authorized>
//something
</Authorized>
</AuthorizeView>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.