Authentication
The HopFrame is a powerful tool to manage your backend data. So you probably don't want anybody to access the pages. Luckily the HopFrame supports policy based authentication. By default, everybody is allowed to access the whole HopFrame, but you can restrict that by registering a scoped service implementing the IHopFrameAuthHandler. If no service is registered, the default handler gets registered, but it lets any traffic pass.
Example
Create a service that handles authentication:
public class AuthService(IAuthStore store) : IHopFrameAuthHandler {
public async Task<bool> IsAuthenticatedAsync(string? policy) {
var currentUser = await store.GetCurrentUser();
return await store.IsPermitted(currentUser, policy);
}
public async Task<string> GetCurrentUserDisplayNameAsync() {
var currentUser = await store.GetCurrentUser();
return currentUser.FullName;
}
}
Now register it in the DI container:
builder.Services.AddScoped<IHopFrameAuthHandler, AuthService>();
Hint: You can display the current users name in the ui by enabling the feature in the HopFrameConfig.
Last modified: 28 February 2025