Recrovit.RecroGridFramework.Client.Blazor.SessionAuth 10.1.0

.NET 10.0 This package targets .NET 10.0. The package is compatible with this framework or higher. 
dotnet add package Recrovit.RecroGridFramework.Client.Blazor.SessionAuth --version 10.1.0
                    


                    

                
NuGet\Install-Package Recrovit.RecroGridFramework.Client.Blazor.SessionAuth -Version 10.1.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Recrovit.RecroGridFramework.Client.Blazor.SessionAuth" Version="10.1.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Recrovit.RecroGridFramework.Client.Blazor.SessionAuth" Version="10.1.0" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Recrovit.RecroGridFramework.Client.Blazor.SessionAuth" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Recrovit.RecroGridFramework.Client.Blazor.SessionAuth --version 10.1.0
                    


                    

                
#r "nuget: Recrovit.RecroGridFramework.Client.Blazor.SessionAuth, 10.1.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Recrovit.RecroGridFramework.Client.Blazor.SessionAuth@10.1.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Recrovit.RecroGridFramework.Client.Blazor.SessionAuth&version=10.1.0
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Recrovit.RecroGridFramework.Client.Blazor.SessionAuth&version=10.1.0
                    


                            Install as a Cake Tool

Recrovit.RecroGridFramework.Client.Blazor.SessionAuth

Recrovit.RecroGridFramework.Client.Blazor.SessionAuth adds session-based authentication support to RGF Blazor applications that talk to the API through host-backed authentication endpoints.

Use it together with Recrovit.RecroGridFramework.Client.Blazor.UI when:

  • the Blazor client does not call the API with bearer tokens directly
  • authentication is handled by the host application through cookie-backed endpoints
  • protected routes should automatically validate the current session and redirect to login when reauthentication is required

What The Package Adds

The package extends the base Blazor client integration with session-auth specific behavior:

  • route-aware authorization wrapping for Recrovit client routes
  • session probing against the configured authentication session endpoint
  • authenticated principal snapshot synchronization through the host authentication endpoints
  • AuthenticationStateProvider decoration so an expired host session is reflected in Blazor auth state
  • SSR cookie forwarding for RGF HTTP clients used from the host
  • runtime-agnostic host API and downstream proxy invocation for Blazor client and SSR code

Registration API

The package exposes two registration entry points:

  • AddRgfBlazorSessionAuthClientServices(...): for the interactive Blazor client
  • AddRgfBlazorSessionAuthSsrServices(...): low-level SSR registration used by host-side integrations

AddRgfBlazorSessionAuthClientServices(...) configures:

  • RGF client services in ServerProxy auth mode
  • route wrapping with RgfAuthorizeRouteContent
  • AuthorizationCore
  • cascading authentication state support
  • authentication state deserialization
  • session monitoring and principal snapshot synchronization
  • AuthenticationStateProvider decoration for session-aware auth state
  • a Blazor initialization hook that probes the current session on client startup

AddRgfBlazorSessionAuthSsrServices(...) configures:

  • RGF client services in ServerProxySsr auth mode
  • SSR cookie forwarding for the RGF HTTP clients
  • a no-op session monitor for the host-side rendering path

Short Usage Guide

1. Add the package to the Blazor client

Reference at least:

  • Recrovit.RecroGridFramework.Client.Blazor.UI
  • Recrovit.RecroGridFramework.Client.Blazor.SessionAuth

In the usual application setup, SessionAuth is added together with Recrovit.RecroGridFramework.Client.Blazor.UI, while the base Recrovit.RecroGridFramework.Client.Blazor package remains a transitive building block.

2. Register the client-side services

In the client Program.cs, register SessionAuth and the Recrovit component routing services:

using Microsoft.AspNetCore.Components.WebAssembly.Hosting;
using Recrovit.AspNetCore.Components.Routing.Configuration;
using Recrovit.RecroGridFramework.Client.Blazor;
using Recrovit.RecroGridFramework.Client.Blazor.SessionAuth;
using Recrovit.RecroGridFramework.Client.Blazor.UI;

var builder = WebAssemblyHostBuilder.CreateDefault(args);

builder.Services.AddRgfBlazorSessionAuthClientServices(
    builder.Configuration,
    apiBaseAddressOverride: builder.HostEnvironment.BaseAddress);

builder.Services.AddRecrovitComponentRouting(options =>
{
    options.AddRouteAssembly(typeof(Program).Assembly);
});

var host = builder.Build();

await host.Services.InitializeRgfBlazorAsync();
await host.Services.InitializeRgfUIAsync();

await host.RunAsync();

For a Blazor Web App client, apiBaseAddressOverride: builder.HostEnvironment.BaseAddress makes the browser call the local host/proxy instead of the external API directly.

3. Configure Routes.razor

The client routes should be rendered through RecrovitRoutes so the SessionAuth route authorization wrapper can take effect:

@using Recrovit.AspNetCore.Components.Routing
@using Recrovit.AspNetCore.Components.Routing.Models

<RecrovitRoutes Kind="RecrovitRoutesKind.Client"
                AppAssembly="typeof(_Imports).Assembly"
                DefaultLayout="typeof(MainLayout)"
                NotFoundPage="typeof(Pages.NotFound)" />

4. Configure the server-side host

For the typical server-side setup, use Recrovit.RecroGridFramework.Client.Blazor.Host.OpenIdConnect and configure the host according to that package's documentation.

That package is the recommended app-level entry point for the SessionAuth server-side scenario, including the OpenID Connect host setup, proxy configuration, and underlying SessionAuth SSR registration.

Calling Host APIs And Downstream Proxies

SessionAuth can be used not only for the built-in authentication endpoints, but also for application-specific host APIs and named downstream proxy routes without exposing whether the caller runs in the browser or during SSR.

Two usage patterns are worth separating:

  • IHostApiInvoker: calls the current host application, for example /api/userinfo
  • IDownstreamApiInvoker: calls a configured downstream proxy route such as /downstream/{apiName}/{**path}

Use the host API path when the application exposes its own DTO-producing endpoint and the host is responsible for composing the downstream call and mapping the response.

Use the downstream invoker when the caller intentionally wants the raw downstream response from a named DownstreamApis entry.

Example:

using Recrovit.RecroGridFramework.Client.Blazor.Services;

public sealed class UserInfoApiClient(IHostApiInvoker hostApiInvoker)
{
    public async Task<UserInfoDto?> GetAsync(CancellationToken cancellationToken = default)
    {
        return await hostApiInvoker.GetFromJsonAsync<UserInfoDto>("/api/userinfo", cancellationToken);
    }
}

For a raw downstream proxy call:

using Recrovit.RecroGridFramework.Client.Blazor.Services;

using var response = await downstreamApiInvoker.GetAsync("UserInfoApi");

In SSR, SessionAuth forwards the incoming authentication cookie for these local host-backed requests so the same calling code can be used during prerendering and in the interactive client.

Runtime Behavior

When the interactive client starts, the package probes the host session endpoint.

When the user navigates to a protected route:

  • the route auth wrapper checks whether authentication is required
  • the session monitor validates the current session
  • the principal snapshot is synchronized when the user is authenticated
  • if the host indicates that reauthentication is required, the client redirects to the configured login endpoint with a returnUrl

Public routes continue to render without login redirection even after session invalidation.

Product Compatible and additional computed target framework versions.
.NET net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on Recrovit.RecroGridFramework.Client.Blazor.SessionAuth:

Package Downloads
Recrovit.RecroGridFramework.Client.Blazor.Host.OpenIdConnect

RecroGrid Framework ASP.NET Core host helpers for SSR server-proxy and OpenID Connect.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
10.1.0 108 4/24/2026