How can I add auth0 to my ASP.NET Core project which combines the backend and frontend? All the guides I find for the project which are not separated; if I remember correctly, all the main settings should be in the backend and the frontend will only display data.
I don’t know how to implement the part in the frontend, how to transfer data via API? For the frontend, I use Blazor.
This is my backend program.cs
:
// ...
builder.Services.AddScoped<IAuthService, AuthService>();
builder.Services.AddAuth0WebAppAuthentication(options =>
{
options.Domain = builder.Configuration["Auth0:Domain"];
options.ClientId = builder.Configuration["Auth0:ClientId"];
});
// ...
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
Backend controller:
[ApiController]
[Route("api/[controller]")]
public class AccountController : Controller
{
[HttpPost("register")]
public async Task Signup(string returnUrl = "/")
{
var authenticationProperties = new LoginAuthenticationPropertiesBuilder()
.WithParameter("screen_hint", "signup")
.WithRedirectUri(returnUrl)
.Build();
await HttpContext.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
}
[HttpPost("login")]
public async Task Login(string returnUrl = "/")
{
var authenticationProperties = new LoginAuthenticationPropertiesBuilder()
// Indicate here where Auth0 should redirect the user after a login.
// Note that the resulting absolute Uri must be added to the
// **Allowed Callback URLs** settings for the app.
.WithRedirectUri(returnUrl)
.Build();
await HttpContext.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
}
[Authorize]
[HttpPost("/logout")]
public async Task Logout()
{
var authenticationProperties = new LogoutAuthenticationPropertiesBuilder()
.WithRedirectUri(Url.Action("Index", "Home", null, "https"))
.Build();
await HttpContext.SignOutAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
Response.Cookies.Delete(".AspNetCore.Cookies");
}
}
Backend appsettings.Development.json
:
{
// ...
"Auth0": {
"Domain": "xxxxxxxx",
"ClientId": "xxxxxxxx"
}
// ...
}
Frontend AuthService
:
public class AuthService : IAuthService
{
private readonly HttpClient _httpClient;
public AuthService(HttpClient httpClient)
{
_httpClient = httpClient;
}
public async Task Login()
{
var response = await _httpClient.PostAsJsonAsync("/api/Account/account/login");
if (!response.IsSuccessStatusCode)
{
var error = await response.Content.ReadAsStringAsync();
throw new Exception(error);
}
return await response.Content.ReadAsStringAsync();
}
public async Task<UserDTO> Register(UserDTO user)
{
var response = await _httpClient.PostAsJsonAsync("/api/Account/account/register");
response.EnsureSuccessStatusCode();
return await response.Content.ReadFromJsonAsync<UserDTO>();
}
}
Frontend IAuthService
:
public interface IAuthService
{
Task Login();
Task<UserDTO> Register(UserDTO user);
}