Reputation: 41
Blazor WebAssembly - GetAuthenticationStateAsync() not called on page refresh
I have custom AuthenticationStateProvider in my Blazor WebAssembly app and it's not calling GetAuthenticationStateAsync method on page refresh so if user is logged in and then they manually refresh page ClaimsPrincipal is AuthenticationState is not populated so user can't be Authorized. I'm using JWT which is saved in cookie for auth, and that cookie remains after page refresh, app just doesn't call GetAuthenticationStateAsync (which it should on page refresh if I learned blazor correctly).
Here's my custom AuthenticationStateProvider:
public class CustomAuthenticationStateProvider : AuthenticationStateProvider
{
private readonly HttpClient _httpClient;
public CustomAuthenticationStateProvider(
IHttpClientFactory httpClientFactory)
{
_httpClient = httpClientFactory.CreateClient("APIClient");
}
public override async Task<AuthenticationState> GetAuthenticationStateAsync()
{
//TODO get token from cookie
var savedToken = "";
if (string.IsNullOrWhiteSpace(savedToken))
{
return new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity()));
}
return new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity(ParseClaimsFromJwt(savedToken), "jwt")));
}
public void MarkUserAsAuthenticated(string email)
{
var authenticatedUser = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, email) }, "apiauth"));
var authState = Task.FromResult(new AuthenticationState(authenticatedUser));
NotifyAuthenticationStateChanged(authState);
}
public void MarkUserAsLoggedOut()
{
var anonymousUser = new ClaimsPrincipal(new ClaimsIdentity());
var authState = Task.FromResult(new AuthenticationState(anonymousUser));
NotifyAuthenticationStateChanged(authState);
}
}
EDIT: It was calling GetAuthenticationStateAsync method the entire time, it was just confusing because I was in debugger and it never hit my breakpoint inside of that method, which is problem I saw other people (still not sure why is that).
Upvotes: 3
Views: 3511
Answers (1)
Reputation: 2800
It depends on where you call GetAuthenticationStateAsync.
i.e. in BlazorHero project this call is present in the MainLayout.razor:
</NotAuthorized>
<Authorized>
@(LoadDataAsync())
<MudLayout RightToLeft="@_rightToLeft">
in MainLayout.razor.cs:
private async Task LoadDataAsync()
{
var state = await _stateProvider.GetAuthenticationStateAsync();
var user = state.User;
if (user == null) return;
so I think you need to check where it is called.
The MainLayout is rendered every time you load a page.
A better solution (cleaner) is to add this code in the AfterRender like:
protected override async Task OnAfterRenderAsync(bool firstRender)
{
if (firstRender)
{
await LoadDataAsync();
}
}
Upvotes: 3
Related Questions
- Blazor WebAsssembly client app does not refresh and does not use the latest code
- Blazor: Authentication remains false
- Blazor WebAssembly 401 Unauthorized even when I am authorized
- Blazor app Reload after B2C authentication
- Blazor Custom AuthenticationStateAsync call after startup fails because of JavaScript
- Blazor Client (Web Assembly) AuthenticationState updates only after page reloading
- Blazor WASM can't debug GetAuthenticationStateAsync
- Blazor WASM AAD auth always returns to homepage
- Blazor Web Assembly App with Azure B2C is always trying to authenticate as soon as page is loaded
- BlazorNotifyAuthenticationStateChanged doesn't update authorized-based elements