❔ signalR add user
How does it work? I don’t understand how do we add client to Clients inside a Hub. Could someone explain me?
21 Replies
Clients in terms of SignalR means all the existing connections to hub. They are created once someone connects to the underlying websocket (usually)And with what data will the client be created?
By default clients only have their random connectionIds but you can do more if you override OnConnectionCreated and OnConnectionDeleted in hub class
Names may be incorrent but basically this is it
And from there you can access Context property
Ahhaa
And context is httpContext?
No, HubContext but it has some similarities
For instance, if you set up an authentication flow you can use User property
Which is of default ClaimsPrincipal type, very same as in httpcontext
Is it ideal to make authentication on OnConnection to a Hub?
Or when to make it?
You set up auth for your entire application
And if you decorate your hub with [Authorize] it will not allow unauthenticated users to connect
Pretty same as with controllers
Ah okay
The auth part of the whole .net framework is kinda obscure
I mean the built-in stuff
I guess it would be ideal to use that
But much easier to setup my own with middlewares
Setting up basic auth is really simple, there is a ton of guides for that
You need Claims based auth for that
Also, you might want to take a look at signalr hub groups, they ease sending events to several clients at once
Yeah
I’m more interested in jwt stuffs
That is also doable, but if you want a decent auth you might want to take a look at identity framwork
Or Duende Identity Server
Yeah, identity framework is my main concern.. lots of hidden stuffs and kinda obscure the whole thing
If you feel not comfortable with it just now there is nothing wrong with imlementing jwt yourself for learning purposes
The sole concept of jwt is quite simple
Yeah, that’s a lot easier to do so 🙂
Do you know any good ress to learn identity fw ?
Not really, I learnt it hard way - by installing it via template and then trying to to things
Was this issue resolved? If so, run
/close - otherwise I will mark this as stale and this post will be archived until there is new activity.Identity framework is only for server side rendered apps? So it’s not for api’s only? 🤔
Not, it can work with external frontentd as well, I use it with blazor wasm
Hmm okay
So basically the main idea is that you have a user class and you set up jwt auth through request header and then it’ll try to validate the token in the header based on your setup and then it’ll attach the created user from those details in the jwt(if they can match the provided user class) to the context?
Basically, when user authenticates, they recieve a special value - jwt token that they will send to server alongside their request data
Usually jwt tokens have an expiry period so that user needs to reauthenticate every now and then
And also jwt can provide a special value - refresh token that user can use to get a new jwt in a simplified way once original one expires
Also, with signalr you cannot expect to get jwt from http headers since websockets are not http, so when using websockets jwt is included in query parameters
Was this issue resolved? If so, run
/close - otherwise I will mark this as stale and this post will be archived until there is new activity.