Applying Authorisation Rules to a Folder of Razor Components/Blazor Pages
now that's a close shave. (sorry.)
Read the article
There’s a lot of flexibility in how you can use authorisation rules in Razor components*, but a frustration of this approach is that it seems like you have to slap @attribute [Authorize(Policy = "PolicyName")] at the top or every page with no clear way of applying a given policy to a whole folder of .razor files. After much research and testing, I’ve found how to go about it!
Before I go any further though, I’d like to give a big shout-out to the answer on Stack Overflow that pointed me in the right direction. Although this answers the basic question of applying one rule to multiple Razor components, I decided to expand on it and write a full blog post mainly because the answer was initially quite hard to find and I had more questions about how multiple rules were resolved against each other!