-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[.NET 8] Using attribute [Authorize] is bugged when refreshing page (shows HTTP ERROR 401 despite being logged in) #52317
Comments
Thanks for contacting us, @DM-98 ! To address this, it's better if you perform the authentication within the ASP.NET Core auth system and your authentication state provider only takes care of reflecting that state. For an example on how to do this, check the authentication state provider in the Blazor Web template with individual user accounts. |
Hello, @surayya-MS |
Well, I found a workaround by:
and handler:
You may need to separate endpoint routing other than blazor routes since it basically renders serverside authorization (via .AddAuthentication(...).AddJwtBearer(...)) ineffective. hope this helps, enjoy .net 8. while the team fixes the problem. |
@rezamohammad The workaround works flawlessly, thanks. |
Hi @surayya-MS, i've logged #52586 as this issue applies to MS Entra ID auth as well, and in that scenario there's no authentication state provider for us to configure. |
For me the workaround by @rezamohammad does not work. |
Is there an existing issue for this?
Describe the bug
I'm using Blazor RenderMode InteractiveServer globally and Prerender turned off. I also use JWT authentication (not sure how it behaves with other authentication methods).
When navigating with a href clicks it works fine authenticating the user and showing authorized page. But when the same user refreshes the page with F5, it shows HTTP ERROR 401, like this:
A minimal reproducable project is made for you to see the issue.
Expected Behavior
I expect the authenticated & authorized user to keep seeing the Authorized content inside the blazor page component after a F5 page refresh.
Steps To Reproduce
or quickly Git Bash this:
git clone https://github.com/DM-98/BlazorApp2-AuthorizationIssueRepro
(which makes a new database called BlazorApp2-AuthorizationBugRepro)
Exceptions (if any)
No response
.NET Version
8.0.100
Anything else?
No response
The text was updated successfully, but these errors were encountered: