❔ signalR add user
How does it work? I don’t understand how do we add client to Clients inside a Hub. Could someone explain me?
M in terms of SignalR means all the existing connections to hub. They are created once someone connects to the underlying websocket (usually)
GAnd with what data will the client be created?
MBy default clients only have their random connectionIds but you can do more if you override OnConnectionCreated and OnConnectionDeleted in hub class
MNames may be incorrent but basically this is it
MAnd from there you can access Context property
GAhhaa
GAnd context is httpContext?
MNo, HubContext but it has some similarities
MFor instance, if you set up an authentication flow you can use User property
MWhich is of default ClaimsPrincipal type, very same as in httpcontext
GIs it ideal to make authentication on OnConnection to a Hub?
GOr when to make it?
MYou set up auth for your entire application
MAnd if you decorate your hub with [Authorize] it will not allow unauthenticated users to connect
MPretty same as with controllers
GAh okay
GThe auth part of the whole .net framework is kinda obscure
GI mean the built-in stuff
GI guess it would be ideal to use that
GBut much easier to setup my own with middlewares
MSetting up basic auth is really simple, there is a ton of guides for that
MYou need Claims based auth for that
MAlso, you might want to take a look at signalr hub groups, they ease sending events to several clients at once
GYeah
GI’m more interested in jwt stuffs
MThat is also doable, but if you want a decent auth you might want to take a look at identity framwork
MOr Duende Identity Server
GYeah, identity framework is my main concern.. lots of hidden stuffs and kinda obscure the whole thing
MIf you feel not comfortable with it just now there is nothing wrong with imlementing jwt yourself for learning purposes
MThe sole concept of jwt is quite simple
GYeah, that’s a lot easier to do so 
GDo you know any good ress to learn identity fw ?
MNot really, I learnt it hard way - by installing it via template and then trying to to things
AWas this issue resolved? If so, run
/close- otherwise I will mark this as stale and this post will be archived until there is new activity.
GIdentity framework is only for server side rendered apps? So it’s not for api’s only? 
MNot, it can work with external frontentd as well, I use it with blazor wasm
GHmm okay
GSo basically the main idea is that you have a user class and you set up jwt auth through request header and then it’ll try to validate the token in the header based on your setup and then it’ll attach the created user from those details in the jwt(if they can match the provided user class) to the context?
MBasically, when user authenticates, they recieve a special value - jwt token that they will send to server alongside their request data
MUsually jwt tokens have an expiry period so that user needs to reauthenticate every now and then
MAnd also jwt can provide a special value - refresh token that user can use to get a new jwt in a simplified way once original one expires
MAlso, with signalr you cannot expect to get jwt from http headers since websockets are not http, so when using websockets jwt is included in query parameters
AWas this issue resolved? If so, run
/close- otherwise I will mark this as stale and this post will be archived until there is new activity.