CODEWITHSUNDEEP
.net-coreasp.net-core-mvcblazor-server-sideokta
Jaish Mathews
Jaish Mathews

Reputation: 864

Blazor Server - Make Specific Pages Anonymous by Keeping Root Folder Authorized

I am using .NET5 Blazor server application. I have below code in my Startup.cs, which is making sure that always show OKTA login page if user not authenticated.

services.AddRazorPages(options =>
            {
                options.Conventions.AuthorizeFolder("/");
                options.Conventions.AllowAnonymousToPage("/anonymous");

                //No error here but no effect either
            }
            );

If you notice that I want to access a page "/anonymous", wthout authentication. But always it's routing to OKTA. How can I skip this routing and directly access "/anonymous"? I must need to keep the line options.Conventions.AuthorizeFolder("/");

My App.razor has bene enabled with CascadingAuthenticationState view, which also need to keep.

<CascadingAuthenticationState>
    <Router AppAssembly="@typeof(Program).Assembly">
        <Found Context="routeData">
            <AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
                <NotAuthorized>
                    <h4>Sorry, you're not authorized to reach this page.</h4>
                </NotAuthorized>
                <Authorizing>
                    <h4>Authentication in progress...</h4>
                </Authorizing>
            </AuthorizeRouteView>
        </Found>
        <NotFound>
            <LayoutView Layout="@typeof(MainLayout)">
                <p>Sorry, there's nothing at this address.</p>
            </LayoutView>
        </NotFound>
    </Router>
</CascadingAuthenticationState>

i tried appied @attribute [AllowAnonymous] as well. Any lead would be appreciated.

Upvotes: 2

Views: 1094

Answers (1)

Jaish Mathews
Jaish Mathews

Reputation: 864

I received a workaround by using .CSHTML file in place of .razor files, whenever you need an anonymous page. Statements like "options.Conventions.AllowAnonymousToPage" isn't considering .razor pages, but works well with .CSHTML files. I am keeping this thread for getting any solution to apply for .razor files. Then will decide to use .CSHTML files for anonymous access.

Upvotes: 1

Related Questions