Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

32 Comments

  1. Thank you, Dear Mukesh,

    This is something great that I wanted to recommend you to publish an article about it,
    I am very excited to read this article after this comment, then I will implement it, I hope you have included the custom users role management as well in this article,

    I had a requirement that wanted to build a complete dynamic user management

    I am going to write the following software requirement SRS, use cases for that,

    There is a need to be the default super admin with full access withing application, After login,

    The super admin adds the new roles into the system such as Module Admin, Editor, office manager, Normal user, and so on.

    The super admin give role access privilege Read, Create, Update, Delete, to the particular controller or particular method,

    The super admin create the new user account and assign to the specific role,

    The public users can register by a customs form or Goole API or Facebook API authentication,

    After user login, their need to be a user profile page with file upload option, to change their profile picture, and other information,

    Every user when login into the system will view, read, update delete, those data, and menu, which has the role access for it, otherwise will view an Ops page or not found page,

    Note: I have designed the SQL database for this, I am very excited to implement it with Blazor, I am going to read your article, if you don’t cover these features, please publish the next article to complete the dynamic user management, or add your comment here to explain how to achieve this goal,

    1. Hello again 😀

      I would suggest following these steps.
      1. Seed the Role “SuperAdmin” and other roles to whichver the appropriate table is.
      2. In my service layer, it’s possible to add custom logic, maybe you could load the roles to claims there. Or even create a seperate list of roles object.
      Your requirement seems very similar to the user/role management of Identity. Give it a look. I will try posting this as the next part to the seris.

      I was not able to include role management because this post itself was quite too long 😀 Hope you read it. How did you like it? Any suggestions?

      1. Greetings,

        Yes I have read, it was great article, you have done a lot of work here, I appreciate your efforts.

        I just want to add some suggestions for the next articles of user/role management module.

        I have used the Microsoft built-in Identity in my project, as you mentioned there are some limitations to implement with custom requirements like a dynamic user/role management,

        As I mentioned the requirements in my first comment. In this comment I will explain the Database Tables which is needed.

        I have designed a complete SQL database which includes the below tables or models class,

        if we code this and implement, it will be a great custom dynamic user/role management that can be use for any application, as a user/role management module.

        Database Tables or Models:

        1- Controllers And Actions Table:
        Id, Controller Name, Action Name, ActionType (GET or Post), Permission Name (Read,Create,Update,Delete).
        Developer will insert all the Controllers and Actions in this Table during development.

        2- Roles Table: Id, Role Name.
        Default Super Admin will create all the system roles through a web form.

        3- Role Access Table: Id, Role-Id, controllsAndActionId, bool=hasaccess.
        Super Admin will assigne the role access in this table, which one role can has access to one or many Controllers and methods,

        4- Users Table: Id, name, username, pass, profil picture, Role-Id and so on.
        Super admin will create user account and add a specific role to it,
        Or user can register from a public form as a guset role then super admin will give another’s role to the user if needed,

        Some logic:

        When the authorized user login into the system we will check what is his role and what is the access of his role to view, creat,update….

        If user is not authorized to any specific view Page and Controllers, and try to access it, the system will display a notify or an anathurzed message to the user,

        After successfully login:
        User Profile Page, the authorized user can update thier infromation and profile picture.

        This is what I think to build a complete dynamic user/role management module.
        You might add something more to Improve it, even if we use bootstrap popup form and notify message and replace blazor with jequry ajax, it will be extra great.
        There will be a lot of functionalities to cover such as dropdownlist, file upload, ajax form post and popup form, notify message and so on.

        Please if you have time publish an article for this requirements, either with Blazor or ASP.Net core MVC using jequry ajax call or any other JavaScript library you recomnd.

        I am sure all developers need this for thier application, I think we should buy 10 coffees, to you for this work ?

        Regards
        Hedayat Hoshamd

  2. Hi, very nice article! I immediatly tried your github code and it works (just changed to mysql database). I tried to decouple the server asp.net from the blazor WASM client. The first run on port 5000, the client on port 6000. I added CORS, changed httpclient and the api calls works. But the authentication stop working. Is it possible that the authentication works only if the solution is hosted by asp.net server only ?
    Thanks for great content!

    1. .client and .server are both web applications. how to make this work when they are hosted on server, e.g. azure app services.

      I think – await _signInManager.SignInAsync(user, request.RememberMe); is not going to work, resulting client application will always never be authenticated.

  3. Thank you so very much, after following the Microsoft way and there useless documentation, I came across your site, and it works.
    How do you Handel JWT tokens?

  4. Hi Mukesh. Thanks for this article. Very helpful. Sorry I can’t send you a coffee but you are great.

  5. I tried using your article to convert a Blazor WebAssembly project which had been created with the built in Authentication (RemoteAuthenticatorView) to your custom method but ran into many issues.

    I’m sure this is a scenario many people will find themselves in. Would it be possible to provide advice or a guide on how to do this?

  6. Dear Mukesh;
    I implement this walk thru with Blazor WebAssembly and it works fine.
    Then i tried to implement it with Balzor Server it works also good, but when i log in – with a correct user name and password) it authenticate the user but in the Mainlyaout :
    protected override async Task OnParametersSetAsync()
    {
    try
    {
    if (!(await AuthenticationState).User.Identity.IsAuthenticated)
    {
    navigationManager.NavigateTo(“/login”);
    }
    }
    catch (Exception ex)
    {

    errorString = $”There was an error: {ex.Message}”;
    }
    it always navigate to login page as User.Identity.IsAuthenticated always false.
    Did i miss some thing that i should use with Blazor server side.
    Thank you very much.

    1. on Server

      startup.cs
      ————–
      app.UseRouting();

      // must between app.UseRouting and app.UseEndpoints
      app.UseAuthentication();
      app.UseAuthorization();
      // End

      app.UseEndpoints(endpoints =>
      {
      endpoints.MapRazorPages();
      endpoints.MapControllers();
      endpoints.MapFallbackToFile(“index.html”);
      });

      1. Sorry i tried that with the Wasm Blazor it works but with the Blazor server it did not work, it always returns if (!(await AuthenticationState).User.Identity.IsAuthenticated) false is it is not authenticated while the service and the controller recognize the user.
        Any help please, Thank you very much.

  7. Hey, thanks for throughout tutorial! Can I use a database-first approach instead of code-first and migrations? How much of change will there in such occasion?

  8. Hi you project very good but if we have user with more than one roles like “Admin” and “superAdmin”
    it didn’t work i tried to solve it but unfortunately I couldn’t

  9. Would you be willing to extend this example and show how to add Email confirmation and Forgot Password/Reset Password?

  10. Hello Mukesh!
    Thanks for all your greate articles, they have helped me with greate learing.

    I wonder, i have created a Blazor Webassembly asp core hosted with individual identity (IdentitiyServer4). When trying to impliment the solution from this article, i can’t get it working. The application crashes on startup.

    Error :

    blazor.webassembly.js:1 crit: Microsoft.AspNetCore.Components.WebAssembly.Rendering.WebAssemblyRenderer[100]
    Unhandled exception rendering component: ValueFactory attempted to access the Value property of this instance.
    System.InvalidOperationException: ValueFactory attempted to access the Value property of this instance.
    at System.Lazy`1[[Microsoft.Extensions.Http.ActiveHandlerTrackingEntry, Microsoft.Extensions.Http, Version=5.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60]].ViaFactory(LazyThreadSafetyMode mode)
    at System.Lazy`1[[Microsoft.Extensions.Http.ActiveHandlerTrackingEntry, Microsoft.Extensions.Http, Version=5.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60]].ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
    at System.Lazy`1[[Microsoft.Extensions.Http.ActiveHandlerTrackingEntry, Microsoft.Extensions.Http, Version=5.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60]].CreateValue()
    at System.Lazy`1[[Microsoft.Extensions.Http.ActiveHandlerTrackingEntry, Microsoft.Extensions.Http, Version=5.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60]].get_Value()
    at Microsoft.Extensions.Http.DefaultHttpClientFactory.CreateHandler(String name)

  11. Thank you for this article, it really helped a lot! I have a question about the login page. I have the identity working, when I look at the web developer tools, a cookie is made and everything is fine, until it goes back to loading the home page. Instead of loading the home page with the hello message, it goes back to the login screen.
    Any suggestions?
    Thank you!

  12. Thank you,
    I need your help, if we have many roles for a one user, it fails according to the unique key of claim dictionary.
    When I changed it to List instead of dictionary, it fails too.
    any suggestions?

  13. Hi,
    First of all, thanks for this great tutorial ! it helped me a lot.
    I wanted to implement Role based authorization using this tutorial Model, but can’t fin any way to do it.. Someone has an idea ?

    Greetings
    Rémy

  14. Very nice article on implementing custom authentication in Blazor. Will this also work with Blazor server?

  15. Great article Mukesh! After seeing the default auth for WASM that Microsoft provides out of the box, I immediately thought that it should be done the way you describe it in this article. I’m surprised the default isn’t exactly this

  16. Loved this, and it was just what I was looking for, but when using just a Blazor Server app I get an error on the log in page.
    After clicking sign-in I get the error An invalid request URI was provided. Either the request URI must be an absolute URI or BaseAddress must be set.
    It is the same when attempting to register an account too.
    Any ideas, help?