Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove IdentityServer from angular template #144

Merged
merged 6 commits into from
May 25, 2023
Merged

Remove IdentityServer from angular template #144

merged 6 commits into from
May 25, 2023

Conversation

halter73
Copy link
Member

@halter73 halter73 commented May 18, 2023
edited
Loading

  • Use default Identity UI with cookies instead

Contributes to dotnet/aspnetcore#47226

@halter73 halter73 requested a review from a team as a code owner May 18, 2023 00:59
@halter73
Remove IdentityServer from angular template
5628b25 
- Use default Identity UI Razor Pages with cookies instead
mkArtakMSFT
mkArtakMSFT reviewed May 18, 2023
View reviewed changes
Copy link
Member

@mkArtakMSFT mkArtakMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @halter73!
I'll let the experts review this.

src/content/Angular-CSharp/Pages/Shared/_LoginPartial.cshtml Outdated Show resolved Hide resolved
javiercn
javiercn reviewed May 19, 2023
View reviewed changes
Copy link
Member

@javiercn javiercn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall looks good. There are some open questions and changes/regressions in the user experience that are worth talking about:

  • Is there no way to know when you are authenticated or not? Isn't it confusing that you log in, come back to the app, and you see no visual change?
  • What happens with all the state the app has before we redirect? Do we throw it all out?
  • Why are we removing the authorize guard? That's meant to ensure you are authenticated when you access some areas of the page.
  • How do you log out in the template?
  • Where are we wiring up Antiforgery?

@halter73
Copy link
Member Author

Is there no way to know when you are authenticated or not? Isn't it confusing that you log in, come back to the app, and you see no visual change?

Nope. Currently the best we can do with just cookie auth and the default Identity UI is detect the redirect. Later, MapIdentityApi will provide a way to detect this which we will provide samples for. Eventually it would be nice to update these project templates to use it and not use the default Identity UI razor pages at all, but it's not ready yet.

What happens with all the state the app has before we redirect? Do we throw it all out?

Yes.

Why are we removing the authorize guard? That's meant to ensure you are authenticated when you access some areas of the page.

Because we have no way to know if we're authenticated or not.

How do you log out in the template?

You click the "Account" link in the nav bar. And then click "Logout" on the /Identity/Account/Manage page.

Where are we wiring up Antiforgery?

It's not explicit. This is just the default Identity UI razor pages. I can confirm that the __RequestVerificationToken is rendered though.

@halter73 halter73 merged commit c413c22 into main May 25, 2023
@halter73 halter73 deleted the halter73/47226 branch May 25, 2023 17:15
This was referenced May 25, 2023
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mkArtakMSFT mkArtakMSFT mkArtakMSFT left review comments

@javiercn javiercn javiercn approved these changes

@DamianEdwards DamianEdwards Awaiting requested review from DamianEdwards

@Tratcher Tratcher Awaiting requested review from Tratcher

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@halter73 @DamianEdwards @javiercn @mkArtakMSFT