BFF

Part of a series on Blazor WASM initial load performance Server Prerendering Improving Data Loading Authentication In Prerendering Part 3: Authentication In Prerendering The changes already shown in the previous posts have made for a fast initial page load with data showing when available but so far everything being done has been anonymous pages. What if that initial page load also needs to be authenticated? According to the docs for Prerendering and docs for WASM security it is isn’t supported for authentication endpoints (/authentication/ path segment)....

Part of a series on Blazor WASM initial load performance Server Prerendering Improving Data Loading Authentication In Prerendering Part 2: Improving Data Loading As seen in the previous post, Prerendering can mitigate the initial page load time problem, but there are some new problems introduced by this solution. Using this technique requires loading the same data on both the server side (for initial component rendering) and client side (from the full application) during the different phases of app startup, which can cause identical data loading requests to be made multiple times from the same app instance....

Part of a series on Blazor WASM initial load performance Server Prerendering Improving Data Loading Authentication In Prerendering Part 1: Server Prerendering Blazor WASM performance in .NET 7 can be improved using a variety of techniques but there are tradeoffs to each. AOT (Ahead Of Time) compilation can improve runtime performance in the browser, but does so at the cost of long compile times and increased app download size. <PropertyGroup> <RunAOTCompilation>true</RunAOTCompilation> </PropertyGroup> Unfortunately, AOT is not helpful during initial page load because the primary impact at startup is the increase to the app download size....

The YARP reverse proxy library provides an easy way to forward API calls through an intermediary service. It can be particularly useful for BFF services for front end clients. By default, API requests are forwarded with their existing headers, which can be a problem if the end API requires an auth token that isn’t available to the originating client. In the case of a BFF the API call will generally originate at the client side application running in untrusted browser space which will be using cookie authentication to the service and so won’t have a token to send....