How can I add auth0 to my ASP.NET Core project which combines the backend and frontend? All the guides I find for the project which are not separated; if I remember correctly, all the main settings should be in the backend and the frontend will only display data.

I don’t know how to implement the part in the frontend, how to transfer data via API? For the frontend, I use Blazor.

This is my backend program.cs:

// ...
builder.Services.AddScoped<IAuthService, AuthService>();
builder.Services.AddAuth0WebAppAuthentication(options =>
        {
            options.Domain = builder.Configuration["Auth0:Domain"];
            options.ClientId = builder.Configuration["Auth0:ClientId"];
        });

// ...

app.UseAuthentication();
app.UseAuthorization();
    
app.MapControllers();
    
app.Run();

Backend controller:

[ApiController]
[Route("api/[controller]")]
public class AccountController : Controller
{
    [HttpPost("register")]
    public async Task Signup(string returnUrl = "/")
    {
        var authenticationProperties = new LoginAuthenticationPropertiesBuilder()
            .WithParameter("screen_hint", "signup")
            .WithRedirectUri(returnUrl)
            .Build();

        await HttpContext.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
    }

    [HttpPost("login")]
    public async Task Login(string returnUrl = "/")
    {
        var authenticationProperties = new LoginAuthenticationPropertiesBuilder()
            // Indicate here where Auth0 should redirect the user after a login.
            // Note that the resulting absolute Uri must be added to the
            // **Allowed Callback URLs** settings for the app.
            .WithRedirectUri(returnUrl)
            .Build();

        await HttpContext.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
    }

    [Authorize]
    [HttpPost("/logout")]
    public async Task Logout()
    {
        var authenticationProperties = new LogoutAuthenticationPropertiesBuilder()
            .WithRedirectUri(Url.Action("Index", "Home", null, "https"))
            .Build();

        await HttpContext.SignOutAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);
        await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
        Response.Cookies.Delete(".AspNetCore.Cookies");
    }
}

Backend appsettings.Development.json:

{
    // ...
    "Auth0": {
        "Domain": "xxxxxxxx",
        "ClientId": "xxxxxxxx"
    }
    // ...
}

Frontend AuthService:

public class AuthService : IAuthService
{
    private readonly HttpClient _httpClient;

    public AuthService(HttpClient httpClient)
    {
        _httpClient = httpClient;
    }

    public async Task Login()
    {
        var response = await _httpClient.PostAsJsonAsync("/api/Account/account/login");

        if (!response.IsSuccessStatusCode)
        {
            var error = await response.Content.ReadAsStringAsync();
            throw new Exception(error);
        }

        return await response.Content.ReadAsStringAsync();
    }

    public async Task<UserDTO> Register(UserDTO user)
    {
        var response = await _httpClient.PostAsJsonAsync("/api/Account/account/register");
        response.EnsureSuccessStatusCode();
        return await response.Content.ReadFromJsonAsync<UserDTO>();
    }
}

Frontend IAuthService:

public interface IAuthService
{
    Task Login();
    Task<UserDTO> Register(UserDTO user);
}