I have a problem with the authentication to my new Blazor Studio application.
I have created a basic application. I added a connection to a MSSQL database to this application. The connection to the database is done with Windows authentication. It works well. I succeeded in integrating the database to my new Blazor Studio application.
Afterwards, I added the authentication to my Blazor Studio application using the database connection mentioned above. Everything went well. No error messages.
However, it doesn't work when I launch the application and try to log in with the Admin credentials (user: admin, password: admin) as it was done with the previous Radzen Studio applications. I get no message in the log. The authentication simply fails.
You can try logging in incognito mode. Sometimes there could be an authentication cookie left from a previous session. Also try debugging the Login method of the AccountController. It should contain code that explicitly checks for admin/admin.
The code to manage the admin user is present and the execution environment is set to 'Development'.
if (env.EnvironmentName == "Development" && userName == "admin" && password == "admin")
{
var claims = new List<Claim>()
{
new Claim(ClaimTypes.Name, "admin"),
new Claim(ClaimTypes.Email, "admin")
};
roleManager.Roles.ToList().ForEach(r => claims.Add(new Claim(ClaimTypes.Role, r.Name)));
await signInManager.SignInWithClaimsAsync(new ApplicationUser { UserName = userName, Email = userName }, isPersistent: false, claims);
return Redirect($"~/{redirectUrl}");
}
On the other hand, I noticed that the MSSQL table dbo.AspAppUsers does not contain any user. The admin user was not created when setting up authentication in the Blazor Studio application.
Is there a simple way to create the admin user afterwards?
An admin user is never created as it is a security risk. If you check the pasted code you would see that a DB query isn't made for the admin user. Please try debugging the application and step in the Login method to verify the code executes correctly.
Also try clearing your browser cache or logging in anonymous session (new private window).
Can you clarify what that means? Do you see incorrect use or password? Do you get redirected to the index page? There are no known issues with the default user so I can't tell what could have gone wrong.
With regards to debugging you can just attach the debugger to the running process after seeing the Login page. Run the application with dotnet run then in Visual Studio pick Attach to process from the Debug menu and put a breakpoint in the Login method.
I succeeded in debugging the Login method. In the method the username is well ' admin ' and the password is well ' admin '. But the redirectUrl parameter is 'null'.
When I press the 'Login' button on the login page, the login page reloads in loop. Is it possible that the 'redirectUrl' parameter at 'null' is the cause of this.
Okay. I checked and '/' does refer to the 'index' page in my code. In this case, do you have any idea why I am always redirected to the 'Login' page? I must admit that this is a bit beyond me.
It is beyond me too. The only time I've seen this happen was due to caching. Logging with a different browser or private window usually fixes it. You can try creating a new application with a different name to see if it makes a difference (the application name is used by ASP.NET session cookie).
When I started running my application in VS2022, it asked me to auto-authenticate the SSL certificate used by the application. The address of the application is httpS://localhost:5001
Curiously, while running the application with Radzen Studio, it never happened that I was asked to auto-authenticate the SSL certificate.
Perhaps it would be worthwhile to investigate this behavior of Radzen.
Thanks for taking the time to support me with this problem.
I investigated the same problem (blazor Server, deploy on IIS) and I think there is no solution yet.
The generated class AccountController uses the field User.
This field is declared in the base class Controller or ControllerBase as: public ClaimsPrincipal User => HttpContext?.User!;
It uses HttpContext and that doesn't work in Blazer Server, see: https://learn.microsoft.com/en-us/aspnet/core/fundamentals/http-context?view=aspnetcore-5.0#blazor-and-shared-state
While HttpContext doesn't work in Blazor it definitely works in controllers which is where Radzen application use it. The problem you are experiencing is not related to that as we have been using this approach for as long as Blazor has existed. Check if your application runs in HTTPS (it is a mandatory requirement) and that your certificate is valid and trusted.
Unfortunately, even after creating a new Radzen Blazor Studio project, I have the same problem.
In >Visual Studio >Run everything is OK. When deploying to IIS, after entering correct login data, the login page is displayed again, other pages are not accessible. The application is running in HTTPS.
Maybe you can help. The two log files are attached. Differences: Test8-stage-20230109.log line 34: Authorization failed.. Test8-develop-20230109.log line 34: Request starting HTTP/1.1 POST https://localhost:5001/Account/CurrentUser - 0 Logfiles.zip (3.1 KB)
