Blazor WASM Authentication
What's the proper way of doing authentication / autorization in Blazor WASM? Apparently sending a JWT from the Web API to the client is bad because you would have to store it in local/session storage because Blazor WASM can't accept a httpCookie(?) or at least send it back? There's been talk about it sending back automatically if the server has this set
.AllowCredentials(); on the WithOrigins but I doubt it.2 Replies
JWT is still a valid solution depending on the project. Many single page websites (using React or Angular) are still based on that. It's just not the recommended way anymore.
The recommended way is now to setup a BFF. Backup For Frontend and I'll let you search about it a little bit. It involves cookies but the cookies aren't used by the Blazor app itself so you should not have any issue.
I'll look into it! Tyty