blazor-starter-kit Example of Hangfire authorization using token from navlink

Aug 11 '21 07:08 nbiada

Should it validate token before granting access? @nbiada

Sep 22 '21 09:09 gozilla-paradise

I have done it like this This method added to dashboard controller

 [Authorize(Policy = Permissions.Hangfire.View)]
        [HttpGet("jobdashboardurl")]
        [Produces(typeof(string))]
        public IActionResult GetJobDashBoardUrl()
        {
            HttpContext.Session.SetString(ApplicationConstants.Hangfire.SessionUserIdKey, Get<ICurrentUserService>().UserId);
            return Ok(ApplicationConstants.Hangfire.DashboardRoute);
        }

Content of the authfilter

public class HangfireAuthorizationFilter : IDashboardAuthorizationFilter
    {

        public bool Authorize(DashboardContext context)
        {
            var httpContext = context.GetHttpContext();
            var service = httpContext.RequestServices.GetService<IAccountService>();
            
            var userId = httpContext.Session.GetString(ApplicationConstants.Hangfire.SessionUserIdKey);
            
            return !string.IsNullOrEmpty(userId) && service != null && service.AuthorizeAsync(userId, Permissions.Hangfire.View).Result;
        }
    }

and on client side onclick instead of href


private async void OpenJobDashboard()
    {
        var uri =await _api.Dashboard_GetJobDashBoardUrlAsync();
        _navigationManager.NavigateTo(uri, true);
    }

Oct 13 '21 13:10 fgilde