Finbuckle.MultiTenant icon indicating copy to clipboard operation
Finbuckle.MultiTenant copied to clipboard
verified publisher icon Finbuckle

Blazor - Shared login page with multi-tenant users

Open Conway6288 opened this issue 1 year ago • 2 comments

Looking to create an application which has a single login page for all users. Each user will be assigned to at least one tenant but they can be assigned to multiple and would need to switch between them after logging in. Each tenant needs to be isolated so FinBuckle seems like the perfect solution.

Currently exploring the use of the Claims Strategy, with a user's available tenants being listed in a claim. This works out of the box with the claims strategy assuming there is only one tenant. I have also looked at using the base path strategy, but would still need to do an initial redirect after login to whatever the default tenant is deemed to be. If they change their active tenant, we would then need to redirect them to the current base path or somehow toggle that from the claim.

This has raised several questions:

  • Once logged in, how do you determine and select a default tenant if they have access to multiple?
  • What is the best practice for switching between the available tenants after logging in based on user interaction?
  • Is one strategy recommended over another with this scenario?

I had a look through previous discussions and found several old threads related to this:

  • #79
  • #308
  • #133

That also led me to find the SharedLoginSample here.

Is there an updated example for the SharedLogin anywhere (Ideally for Blazor) or "hot swapping" between tenants after login?

Many thanks in advance, any help or advice appreciated.

Conway6288 avatar Jul 11 '24 12:07 Conway6288

hi @Conway6288

I don't have a more up-to-date sample and it looks like you have found the relevant discussions and details. The main thing for this design is to not use MultiTenantIdentityDbContext but rather a normal one that also has an added entity for tenant and a many-to-many relationship between user to tenant and perhaps role to tenant. You can also use this dbcontext for your tenant store if you want. For a default tenant I just have that be a property on the user and when they sign on make that the starting tenant.

For the strategy, claim is ok but can get really tricky. I like the session strategy but that assumes a normal web app -- I'm not sure how well that plays with Blazor and api backends. In those situations I will end up using the host strategy with subdomains but that gets complicated with dns and SSL and other infrastructure. It all comes down to giving them a way to select from their list of tenants and adjusting your flows (Urls, headers, whatever) accordingly.

I'm sorry I don't have a better detailed response for you -- these are almost always more complex and have distinct requirements. Please share what you find works and doesn't work for you!

AndrewTriesToCode avatar Jul 12 '24 15:07 AndrewTriesToCode

This issue has been labeled inactive because it has been open 180 days with no activity. Please consider closing this issue if no further action is needed.

github-actions[bot] avatar Mar 22 '25 02:03 github-actions[bot]