Two infrastructure classes implement the auth-related port interfaces:Documentation Index
Fetch the complete documentation index at: https://mintlify.com/Andrespeerez/porfolio-blog/llms.txt
Use this file to discover all available pages before exploring further.
CookieSessionManager handles session lifecycle (sign-in and sign-out) via ASP.NET Core cookie authentication, and IdentityPasswordHasher wraps Microsoft.AspNetCore.Identity.IPasswordHasher<User> to provide secure PBKDF2-backed password hashing. Both classes live in the Infrastructure.Auth namespace and have no direct dependencies on the Domain or Application layers beyond the interfaces they satisfy.
CookieSessionManager
Implements:ISessionManagerDependency:
IHttpContextAccessor (injected via constructor)
CookieSessionManager translates domain-level auth operations into ASP.NET Core cookie-auth calls. It relies on IHttpContextAccessor to reach the current HttpContext at runtime, which is required because Blazor Server components do not expose HttpContext directly after the initial request handshake.
SignInAsync(User user)
Constructs aClaimsPrincipal containing two claims:
| Claim type | Value |
|---|---|
ClaimTypes.NameIdentifier | user.Id.ToString() |
ClaimTypes.Email | user.Email |
ClaimsIdentity using CookieAuthenticationDefaults.AuthenticationScheme as the authentication type, then passed to HttpContext.SignInAsync. ASP.NET Core serialises the principal into an encrypted cookie and sends it to the browser.
SignOutAsync()
CallsHttpContext.SignOutAsync with CookieAuthenticationDefaults.AuthenticationScheme. This instructs ASP.NET Core to issue a response that clears the authentication cookie from the browser, effectively ending the session.
Full source
Infrastructure/Auth/CookieSessionManager.cs
IHttpContextAccessor must be registered in DI for CookieSessionManager to function. This is done in Program.cs with builder.Services.AddHttpContextAccessor(). Without this registration, the injected accessor will throw a NullReferenceException when _accessor.HttpContext is accessed inside a Blazor Server circuit.IdentityPasswordHasher
Implements:IPasswordHasherDependency:
IPasswordHasher<User> from Microsoft.Extensions.Identity.Core (injected via constructor)
IdentityPasswordHasher is a thin adapter that satisfies the domain’s IPasswordHasher port by delegating to ASP.NET Core Identity’s built-in PasswordHasher<T>. This keeps the Domain and Application layers free of any Identity framework reference while still benefiting from Identity’s hardened hashing implementation.
Hash(string rawPassword)
Delegates to_inner.HashPassword(new User(), rawPassword). Returns the Base64-encoded hash string produced by Identity’s PBKDF2 implementation. This string is stored directly in User.PasswordHash via User.Create.
Verify(string hashedPassword, string password)
Calls_inner.VerifyHashedPassword(new User(), hashedPassword, password) and returns true only when the result is PasswordVerificationResult.Success. The PasswordVerificationResult.SuccessRehashNeeded result (returned when the hash was produced with an older algorithm version) is treated as a failure — the caller is responsible for re-hashing on successful login if rehash support is needed.
Full source
Infrastructure/Auth/IdentityPasswordHasher.cs
Program.cs
Scoped. PasswordHasher<User> is the concrete Identity implementation, and IdentityPasswordHasher wraps it to satisfy the domain-facing IPasswordHasher interface.
ASP.NET Core Identity uses PBKDF2 with HMAC-SHA512 by default (format version 3), with 100,000 iterations and a 128-bit salt. The hash format version is embedded as the first byte of the stored hash, allowing future algorithm upgrades without invalidating existing hashes — Identity will return
PasswordVerificationResult.SuccessRehashNeeded for hashes produced under an older version, signalling that the application should re-hash the password on the next successful login.