Files
deepdrft/DeepDrftManager/Components/Routes.razor
T
Daniel Harvey 95772c655e fix(manager): redirect unauth nav to login instead of 401
AddAuthBlocks installs JwtBearer as the default challenge scheme; the
authorization middleware 401s unauthenticated nav requests before the
Blazor router runs. Tokens live in localStorage and are only readable
via JS interop after the SignalR circuit is live.

- Program.cs: MapRazorComponents .AllowAnonymous() so nav reaches the
  Blazor router; API surfaces (MapAuthBlocks, MapControllers) still
  enforce JWT. Fix middleware order to UseAuthentication -> UseAntiforgery
  -> UseAuthorization per Blazor Web App template.
- App.razor: InteractiveServerRenderMode(prerender:false) on Routes and
  HeadOutlet so AuthorizeRouteView evaluates after JS interop is ready;
  extract to static field (was two inline allocations per render cycle).
- CmsLayout/Pages: drop conflicting per-component @rendermode directives
  (parent now owns the render mode).
- Routes.razor: break authenticated-but-wrong-role redirect loop; split
  NotAuthorized into unauthenticated -> RedirectToLogin and
  authenticated-wrong-role -> RedirectToAccessDenied (new component).
- Pages/Index.razor: deleted — NavigateTo('/cms') was unreachable for
  unauthenticated users and racey for authorized ones.
2026-05-24 18:29:07 -04:00

23 lines
793 B
Plaintext

<Router AppAssembly="typeof(App).Assembly"
AdditionalAssemblies="new[] { typeof(AuthBlocksWeb._Imports).Assembly }">
<Found Context="routeData">
<AuthorizeRouteView RouteData="routeData">
<NotAuthorized Context="authState">
@if (authState.User.Identity?.IsAuthenticated == true)
{
<RedirectToAccessDenied />
}
else
{
<RedirectToLogin />
}
</NotAuthorized>
</AuthorizeRouteView>
<FocusOnNavigate RouteData="routeData" Selector="h1" />
</Found>
<NotFound>
<PageTitle>Not found</PageTitle>
<p role="alert">Sorry, there's nothing at this address.</p>
</NotFound>
</Router>