I'm building a .NET 6 Blazor WASM (Hosted) app and I encountered an issue on Authorization.
When I get a Not-Authorized message, I don't want the navbar to be shown. So, I'm trying to use a different Layout in that case.
In App.razor, I'm using <RouteView> pointed to LayoutsMngr:
<CascadingAuthenticationState><Router AppAssembly="@typeof(App).Assembly"><Found Context="routeData"><RouteView RouteData="@routeData" DefaultLayout="@typeof(LayoutsMngr)" /><FocusOnNavigate RouteData="@routeData" Selector="h1" /></Found><NotFound><PageTitle>Not found</PageTitle><p class="lead m-4">Nothing at that address.</p></NotFound></Router></CascadingAuthenticationState>Inside LayoutsMngr component, I have the following code:
@inherits LayoutComponentBase<AuthorizeView><NotAuthorized> @if (context.User.Identity is null || !context.User.Identity.IsAuthenticated) {<RedirectToLoginPage /> } else {<p class="lead m-4">You do not have permission to access this page.</p> }</NotAuthorized><Authorizing><p class="lead m-4">Please wait...</p></Authorizing><Authorized><MainLayout Body=@Body /></Authorized></AuthorizeView>In /admin page of my app, I have included:
@attribute [Authorize(Roles = "admin")]However, every user can access that page by writing the on browser's url field https://localhost/admin
What am I missing here?Thank you for your help!