From 10e7a6f67d5302107778bb8d580c355cfa4431ca Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Thu, 14 Sep 2023 17:38:29 -0700
Subject: [PATCH 01/18] Add Identity Components to Blazor template

---
 src/ProjectTemplates/ProjectTemplates.slnf    |   4 +-
 .../BlazorWeb-CSharp.Client.csproj.in         |   1 +
 .../BlazorWeb-CSharp.csproj.in                |  12 +-
 .../RazorPagesWeb-CSharp.csproj.in            |   2 +-
 .../.template.config/dotnetcli.host.json      |   8 +-
 .../.template.config/ide.host.json            |   6 +
 .../localize/templatestrings.cs.json          |   5 +
 .../localize/templatestrings.de.json          |   5 +
 .../localize/templatestrings.en.json          |  11 +-
 .../localize/templatestrings.es.json          |   5 +
 .../localize/templatestrings.fr.json          |   5 +
 .../localize/templatestrings.it.json          |   5 +
 .../localize/templatestrings.ja.json          |   5 +
 .../localize/templatestrings.ko.json          |   5 +
 .../localize/templatestrings.pl.json          |   5 +
 .../localize/templatestrings.pt-BR.json       |   5 +
 .../localize/templatestrings.ru.json          |   5 +
 .../localize/templatestrings.tr.json          |   5 +
 .../localize/templatestrings.zh-Hans.json     |   5 +
 .../localize/templatestrings.zh-Hant.json     |   5 +
 .../.template.config/template.json            |  79 ++++-
 .../BlazorWeb-CSharp.Client/Pages/Auth.razor  |  14 +
 .../PersistedAuthenticationStateProvider.cs   |  30 ++
 .../BlazorWeb-CSharp.Client/Program.cs        |  10 +
 .../BlazorWeb-CSharp.Client/UserInfo.cs       |   7 +
 .../BlazorWeb-CSharp.Client/_Imports.razor    |   3 +
 .../Components/Layout/ManageLayout.razor      |  17 ++
 .../Components/Layout/ManageNavMenu.razor     |  37 +++
 .../Components/Layout/NavMenu.razor           |  32 ++
 .../Components/Layout/NavMenu.razor.css       |  18 ++
 .../Pages/Account/ConfirmEmail.razor          |  48 +++
 .../Pages/Account/ForgotPassword.razor        |  72 +++++
 .../Account/ForgotPasswordConfirmation.razor  |   8 +
 .../Pages/Account/InvalidPasswordReset.razor  |   8 +
 .../Components/Pages/Account/Login.razor      | 147 +++++++++
 .../Pages/Account/Manage/ChangePassword.razor | 107 +++++++
 .../Pages/Account/Manage/Email.razor          | 138 +++++++++
 .../Pages/Account/Manage/ExternalLogins.razor |   7 +
 .../Pages/Account/Manage/Index.razor          |  92 ++++++
 .../Pages/Account/Manage/PersonalData.razor   |   7 +
 .../Manage/TwoFactorAuthentication.razor      |   7 +
 .../Pages/Account/Manage/_Imports.razor       |   2 +
 .../Components/Pages/Account/Register.razor   | 203 +++++++++++++
 .../Pages/Account/RegisterConfirmation.razor  |  65 ++++
 .../Pages/Account/ResetPassword.razor         | 107 +++++++
 .../Account/ResetPasswordConfirmation.razor   |   7 +
 .../Pages/Account/StatusMessage.razor         |  12 +
 .../BlazorWeb-CSharp/Components/Routes.razor  |   4 +
 .../Components/_Imports.razor                 |   3 +
 .../Data/ApplicationDbContext.cs              |  12 +
 .../BlazorWeb-CSharp/Data/ApplicationUser.cs  |   9 +
 ...000000000_CreateIdentitySchema.Designer.cs | 268 +++++++++++++++++
 .../00000000000000_CreateIdentitySchema.cs    | 222 ++++++++++++++
 .../ApplicationDbContextModelSnapshot.cs      | 265 +++++++++++++++++
 ...000000000_CreateIdentitySchema.Designer.cs | 279 ++++++++++++++++++
 .../00000000000000_CreateIdentitySchema.cs    | 224 ++++++++++++++
 .../ApplicationDbContextModelSnapshot.cs      | 276 +++++++++++++++++
 .../Data/UserManagerExtensions.cs             |  24 ++
 .../PersistingAuthenticationStateProvider.cs  |  51 ++++
 .../BlazorWeb-CSharp/Program.Main.cs          |  34 +++
 .../BlazorWeb-CSharp/Program.cs               |  38 ++-
 .../BlazorWeb-CSharp/BlazorWeb-CSharp/app.db  | Bin 0 -> 102400 bytes
 .../BlazorWeb-CSharp/appsettings.json         |   9 +
 .../.template.config/template.json            |   1 -
 .../.template.config/template.json            |   3 +-
 .../.template.config/template.json            |   1 -
 .../.template.config/template.json            |   1 -
 67 files changed, 3095 insertions(+), 22 deletions(-)
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistedAuthenticationStateProvider.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/UserInfo.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageLayout.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageNavMenu.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPasswordConfirmation.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/InvalidPasswordReset.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/PersonalData.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/_Imports.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPasswordConfirmation.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/StatusMessage.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationDbContext.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationUser.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/00000000000000_CreateIdentitySchema.Designer.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/00000000000000_CreateIdentitySchema.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/ApplicationDbContextModelSnapshot.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/00000000000000_CreateIdentitySchema.Designer.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/00000000000000_CreateIdentitySchema.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/ApplicationDbContextModelSnapshot.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserManagerExtensions.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/app.db

diff --git a/src/ProjectTemplates/ProjectTemplates.slnf b/src/ProjectTemplates/ProjectTemplates.slnf
index 56945fef18d9..a3e1d4b51627 100644
--- a/src/ProjectTemplates/ProjectTemplates.slnf
+++ b/src/ProjectTemplates/ProjectTemplates.slnf
@@ -65,8 +65,8 @@
       "src\\ProjectTemplates\\Web.ItemTemplates\\Microsoft.DotNet.Web.ItemTemplates.csproj",
       "src\\ProjectTemplates\\Web.ProjectTemplates\\Microsoft.DotNet.Web.ProjectTemplates.csproj",
       "src\\ProjectTemplates\\test\\Templates.Blazor.Tests\\Templates.Blazor.Tests.csproj",
-      "src\\ProjectTemplates\\test\\Templates.Blazor.WebAssembly.Tests\\Templates.Blazor.WebAssembly.Tests.csproj",
       "src\\ProjectTemplates\\test\\Templates.Blazor.WebAssembly.Auth.Tests\\Templates.Blazor.WebAssembly.Auth.Tests.csproj",
+      "src\\ProjectTemplates\\test\\Templates.Blazor.WebAssembly.Tests\\Templates.Blazor.WebAssembly.Tests.csproj",
       "src\\ProjectTemplates\\test\\Templates.Mvc.Tests\\Templates.Mvc.Tests.csproj",
       "src\\ProjectTemplates\\test\\Templates.Tests\\Templates.Tests.csproj",
       "src\\Razor\\Razor.Runtime\\src\\Microsoft.AspNetCore.Razor.Runtime.csproj",
@@ -95,4 +95,4 @@
       "src\\SignalR\\server\\SignalR\\src\\Microsoft.AspNetCore.SignalR.csproj"
     ]
   }
-}
+}
\ No newline at end of file
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.Client.csproj.in b/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.Client.csproj.in
index 027eeefed22b..829c12db913c 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.Client.csproj.in
+++ b/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.Client.csproj.in
@@ -12,6 +12,7 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="${MicrosoftAspNetCoreComponentsWebAssemblyVersion}" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="${MicrosoftAspNetCoreComponentsWebAssemblyAuthenticationVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
   </ItemGroup>
 
 </Project>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in b/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in
index 31be9a845da9..177eabb7b5d2 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in
+++ b/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in
@@ -4,15 +4,21 @@
     <TargetFramework>${DefaultNetCoreTargetFramework}</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
+    <UserSecretsId Condition="'$(IndividualLocalAuth)' == 'True'">aspnet-BlazorWeb-CSharp-53bc9b9d-9d6a-45d4-8429-2a2761773502</UserSecretsId>
     <NoDefaultLaunchSettingsFile Condition="'$(ExcludeLaunchSettings)' == 'True'">True</NoDefaultLaunchSettingsFile>
     <RootNamespace Condition="'$(name)' != '$(name{-VALUE-FORMS-}safe_namespace)'">BlazorWeb-CSharp</RootNamespace>
     <AssemblyName Condition="'$(name)' != '$(name{-VALUE-FORMS-}safe_namespace)'">`$(AssemblyName.Replace(' ', '_'))</AssemblyName>
   </PropertyGroup>
-  <!--#if UseWebAssembly -->
+  <!--#if (UseWebAssembly || IndividualLocalAuth) -->
 
   <ItemGroup>
-    <ProjectReference Include="..\BlazorWeb-CSharp.Client\BlazorWeb-CSharp.Client.csproj" />
-    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="${MicrosoftAspNetCoreComponentsWebAssemblyServerVersion}" />
+    <ProjectReference Include="..\BlazorWeb-CSharp.Client\BlazorWeb-CSharp.Client.csproj" Condition="'$(UseWebAssembly)' == 'True'" />
+    <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="${MicrosoftAspNetCoreComponentsWebAssemblyServerVersion}" Condition="'$(UseWebAssembly)' == 'True'" />
+    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="${MicrosoftAspNetCoreDiagnosticsEntityFrameworkCoreVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="${MicrosoftAspNetCoreIdentityEntityFrameworkCoreVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="${MicrosoftEntityFrameworkCoreSqliteVersion}" Condition="'$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' != 'True'" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="${MicrosoftEntityFrameworkCoreSqlServerVersion}" Condition="'$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' == 'True'" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="${MicrosoftEntityFrameworkCoreToolsVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
   </ItemGroup>
   <!--#endif -->
 
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/RazorPagesWeb-CSharp.csproj.in b/src/ProjectTemplates/Web.ProjectTemplates/RazorPagesWeb-CSharp.csproj.in
index ee04cb442ea1..2ed95f454912 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/RazorPagesWeb-CSharp.csproj.in
+++ b/src/ProjectTemplates/Web.ProjectTemplates/RazorPagesWeb-CSharp.csproj.in
@@ -4,7 +4,7 @@
     <TargetFramework>${DefaultNetCoreTargetFramework}</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
-    <UserSecretsId Condition="'$(IndividualAuth)' == 'True' OR '$(OrganizationalAuth)' == 'True'">aspnet-Company.WebApplication1-0ce56475-d1db-490f-8af1-a881ea4fcd2d</UserSecretsId>
+    <UserSecretsId Condition="'$(IndividualAuth)' == 'True' OR '$(OrganizationalAuth)' == 'True'">aspnet-Company.WebApplication1-53bc9b9d-9d6a-45d4-8429-2a2761773502</UserSecretsId>
     <NoDefaultLaunchSettingsFile Condition="'$(ExcludeLaunchSettings)' == 'True'">True</NoDefaultLaunchSettingsFile>
     <RootNamespace Condition="'$(name)' != '$(name{-VALUE-FORMS-}safe_namespace)'">Company.WebApplication1</RootNamespace>
   </PropertyGroup>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/dotnetcli.host.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/dotnetcli.host.json
index a8c678b039b3..0f065fcebccc 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/dotnetcli.host.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/dotnetcli.host.json
@@ -21,6 +21,9 @@
     "IncludeSampleContent": {
       "isHidden": true
     },
+    "UseLocalDB": {
+      "longName": "use-local-db"
+    },
     "Framework": {
       "longName": "framework"
     },
@@ -51,5 +54,8 @@
       "longName": "use-program-main",
       "shortName": ""
     }
-  }
+  },
+  "usageExamples": [
+    "--use-wasm --auth Individual --use-local-db"
+  ]
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json
index 5c5a1d00b7f4..97fc244b1c22 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json
@@ -20,6 +20,12 @@
       "persistenceScope": "shared",
       "persistenceScopeName": "Microsoft"
     },
+    {
+      "id": "auth",
+      "isVisible": true,
+      "defaultValue": "None",
+      "persistenceScope": "templateGroup"
+    },
     {
       "id": "UseProgramMain",
       "isVisible": true,
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.cs.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.cs.json
index 069f5694009b..65699b857548 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.cs.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.cs.json
@@ -4,6 +4,7 @@
   "description": "Šablona projektu pro vytvoření webové aplikace Blazor, která podporuje vykreslování na straně serveru i interaktivitu klienta. Tato šablona se dá použít pro webové aplikace s bohatými dynamickými uživatelskými rozhraními (UI).",
   "symbols/Framework/description": "Cílová architektura pro projekt",
   "symbols/Framework/choices/net8.0/description": "Cílový net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "Pokud se tato možnost zadá, přeskočí automatické obnovení projektu při vytvoření.",
   "symbols/ExcludeLaunchSettings/description": "Určuje, jestli se má z vygenerované šablony vyloučit soubor launchSettings.json.",
   "symbols/kestrelHttpPort/description": "Číslo portu, který se má použít pro koncový bod HTTP v souboru launchSettings.json.",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "_Zahrnout ukázkové stránky",
   "symbols/IncludeSampleContent/description": "Nastavuje, jestli se mají přidávat ukázkové stránky a styly pro demonstraci základních vzorů použití.",
   "symbols/Empty/description": "Nastavuje, jestli se mají vynechat ukázkové stránky a styly, které demonstrují základní vzory použití.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "Určuje, jestli se má protokol HTTPS vypnout. Tato možnost platí jenom v případě, že se pro --auth nepoužívají Individual, IndividualB2C, SingleOrg ani MultiOrg.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.de.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.de.json
index 96805c77240a..e443e2846c5a 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.de.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.de.json
@@ -4,6 +4,7 @@
   "description": "Eine Projektvorlage zum Erstellen einer Blazor-Web-App, die sowohl serverseitiges Rendering als auch Clientinteraktivität unterstützt. Diese Vorlage kann für Web-Apps mit umfangreichen dynamischen Benutzeroberflächen (UIs) verwendet werden.",
   "symbols/Framework/description": "Das Zielframework für das Projekt.",
   "symbols/Framework/choices/net8.0/description": "Ziel net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "Wenn angegeben, wird die automatische Wiederherstellung des Projekts beim Erstellen übersprungen.",
   "symbols/ExcludeLaunchSettings/description": "Ob launchSettings.json aus der generierten Vorlage ausgeschlossen werden soll.",
   "symbols/kestrelHttpPort/description": "Portnummer, die für den HTTP Endpunkt in launchSettings.json verwendet werden soll.",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "_Include Beispielseiten",
   "symbols/IncludeSampleContent/description": "Konfiguriert, ob Beispielseiten und Stile hinzugefügt werden, um grundlegende Verwendungsmuster zu veranschaulichen.",
   "symbols/Empty/description": "Konfiguriert, ob Beispielseiten und Formatierungen weggelassen werden sollen, die grundlegende Verwendungsmuster veranschaulichen.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "Ob HTTPS deaktiviert werden soll. Diese Option gilt nur, wenn Individual, IndividualB2C, SingleOrg oder MultiOrg nicht für --auth verwendet werden.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.en.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.en.json
index 60d16e15ffd9..6db424a9f348 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.en.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.en.json
@@ -4,12 +4,13 @@
   "description": "A project template for creating a Blazor web app that supports both server-side rendering and client interactivity. This template can be used for web apps with rich dynamic user interfaces (UIs).",
   "symbols/Framework/description": "The target framework for the project.",
   "symbols/Framework/choices/net8.0/description": "Target net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "If specified, skips the automatic restore of the project on create.",
   "symbols/ExcludeLaunchSettings/description": "Whether to exclude launchSettings.json from the generated template.",
   "symbols/kestrelHttpPort/description": "Port number to use for the HTTP endpoint in launchSettings.json.",
-  "symbols/kestrelHttpsPort/description": "Port number to use for the HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if either IndividualAuth or OrganizationalAuth is used).",
+  "symbols/kestrelHttpsPort/description": "Port number to use for the HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if Individual auth is used).",
   "symbols/iisHttpPort/description": "Port number to use for the IIS Express HTTP endpoint in launchSettings.json.",
-  "symbols/iisHttpsPort/description": "Port number to use for the IIS Express HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if either IndividualAuth or OrganizationalAuth is used).",
+  "symbols/iisHttpsPort/description": "Port number to use for the IIS Express HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if Individual auth is used).",
   "symbols/InteractivityPlatform/displayName": "_Interactivity type",
   "symbols/InteractivityPlatform/description": "Chooses which hosting platform to use for interactive components",
   "symbols/InteractivityPlatform/choices/None/displayName": "None",
@@ -29,9 +30,13 @@
   "symbols/IncludeSampleContent/displayName": "_Include sample pages",
   "symbols/IncludeSampleContent/description": "Configures whether to add sample pages and styling to demonstrate basic usage patterns.",
   "symbols/Empty/description": "Configures whether to omit sample pages and styling that demonstrate basic usage patterns.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
-  "symbols/NoHttps/description": "Whether to turn off HTTPS. This option only applies if Individual, IndividualB2C, SingleOrg, or MultiOrg aren't used for --auth.",
+  "symbols/NoHttps/description": "Whether to turn off HTTPS. This option only applies if Individual isn't used for --auth.",
   "symbols/UseProgramMain/displayName": "Do not use _top-level statements",
   "symbols/UseProgramMain/description": "Whether to generate an explicit Program class and Main method instead of top-level statements.",
   "postActions/restore/description": "Restore NuGet packages required by this project.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.es.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.es.json
index 91d5403e0fbf..ddb3601195d3 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.es.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.es.json
@@ -4,6 +4,7 @@
   "description": "Plantilla de proyecto para crear una aplicación web de Blazor que admita tanto la representación del lado del servidor como la interactividad del cliente. Esta plantilla se puede usar para las aplicaciones web con interfaces de usuario dinámicas enriquecidas.",
   "symbols/Framework/description": "Marco de destino del proyecto.",
   "symbols/Framework/choices/net8.0/description": "net8.0 de destino",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "Si se especifica, se omite la restauración automática del proyecto durante la creación.",
   "symbols/ExcludeLaunchSettings/description": "Indica si se va a excluir launchSettings.json de la plantilla generada.",
   "symbols/kestrelHttpPort/description": "Número de puerto que se va a usar para el punto de conexión HTTP en launchSettings.json.",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "_Incluir páginas de ejemplo",
   "symbols/IncludeSampleContent/description": "Configura si se van a agregar páginas de ejemplo y estilos para mostrar patrones de uso básicos.",
   "symbols/Empty/description": "Configura si se omiten las páginas de ejemplo y los estilos que muestran patrones de uso básicos.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "Si se va a desactivar HTTPS. Esta opción solo se aplica si Individual, IndividualB2C, SingleOrg o MultiOrg no se usan para --auth.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.fr.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.fr.json
index 044f40bacc91..b902e5a58b87 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.fr.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.fr.json
@@ -4,6 +4,7 @@
   "description": "Modèle de projet pour la création d’une application web Blazor qui prend en charge le rendu côté serveur et l’interactivité du client. Ce modèle peut être utilisé pour les applications web avec des interfaces utilisateur dynamiques enrichies.",
   "symbols/Framework/description": "Framework cible du projet.",
   "symbols/Framework/choices/net8.0/description": "Cible net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "S’il est spécifié, ignore la restauration automatique du projet lors de la création.",
   "symbols/ExcludeLaunchSettings/description": "Indique s’il faut exclure launchSettings.json du modèle généré.",
   "symbols/kestrelHttpPort/description": "Numéro de port à utiliser pour le point de terminaison HTTP dans launchSettings.json.",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "_Inclure des exemples de pages",
   "symbols/IncludeSampleContent/description": "Configure s'il faut ajouter des exemples de pages et de style pour illustrer les modèles d'utilisation de base.",
   "symbols/Empty/description": "Configure s'il faut omettre les exemples de pages et le style qui illustrent les modèles d'utilisation de base.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "Indique s’il faut désactiver HTTPS. Cette option s’applique uniquement si Individual, IndividualB2C, SingleOrg ou MultiOrg ne sont pas utilisés pour --auth.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.it.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.it.json
index 09c3ebfff2c2..14edbef4335b 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.it.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.it.json
@@ -4,6 +4,7 @@
   "description": "Modello di progetto per la creazione di un'app Web Blazor che supporta sia il rendering lato server sia l'interattività client. Questo modello può essere usato per app Web con interfacce utente dinamiche avanzate.",
   "symbols/Framework/description": "Il framework di destinazione per il progetto.",
   "symbols/Framework/choices/net8.0/description": "Destinazione net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "Se specificato, ignora il ripristino automatico del progetto durante la creazione.",
   "symbols/ExcludeLaunchSettings/description": "Indica se escludere launchSettings.json dal modello generato.",
   "symbols/kestrelHttpPort/description": "Numero di porta da usare per l'endpoint HTTP in launchSettings.json.",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "_Include pagine di esempio",
   "symbols/IncludeSampleContent/description": "Consente di configurare se aggiungere pagine di esempio e stile per mostrare modelli di utilizzo di base.",
   "symbols/Empty/description": "Consente di configurare se omettere pagine di esempio e stile che mostrano modelli di utilizzo di base.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "Indica se disattivare HTTPS. Questa opzione si applica solo se Individual, IndividualB2C, SingleOrg o MultiOrg non vengono usati per --auth.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ja.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ja.json
index f48aecfb9534..2b7fabb722e0 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ja.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ja.json
@@ -4,6 +4,7 @@
   "description": "サーバー側のレンダリングとクライアントの対話機能の両方をサポートする Blazor Web アプリを作成するためのプロジェクト テンプレートです。このテンプレートは、リッチな動的ユーザー インターフェイス (UI) を持つ Web アプリに使用できます。",
   "symbols/Framework/description": "プロジェクトのターゲット フレームワークです。",
   "symbols/Framework/choices/net8.0/description": "ターゲット net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "指定した場合、作成時にプロジェクトの自動復元がスキップされます。",
   "symbols/ExcludeLaunchSettings/description": "生成されたテンプレートから launchSettings.json を除外するかどうか。",
   "symbols/kestrelHttpPort/description": "launchSettings.json の HTTP エンドポイントに使用するポート番号。",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "サンプル ページを含める(_I)",
   "symbols/IncludeSampleContent/description": "基本的な使用パターンを示すサンプル ページとスタイルを追加するかどうかを構成します。",
   "symbols/Empty/description": "基本的な使用パターンを示すサンプル ページとスタイルを省略するかどうかを構成します。",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "HTTPS をオフにするかどうか。このオプションは、Individual、IndividualB2C、SingleOrg、または MultiOrg が --auth に使用されていない場合にのみ適用されます。",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ko.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ko.json
index 020ab522da02..f0319af43653 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ko.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ko.json
@@ -4,6 +4,7 @@
   "description": "서버 측 렌더링 및 클라이언트 대화형 작업을 모두 지원하는 Blazor 웹앱을 만들기 위한 프로젝트 템플릿입니다. 이 템플릿은 풍부한 동적 UI(사용자 인터페이스)가 있는 웹앱에 사용할 수 있습니다.",
   "symbols/Framework/description": "프로젝트에 대한 대상 프레임워크입니다.",
   "symbols/Framework/choices/net8.0/description": "대상 net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "지정된 경우, 프로젝트 생성 시 자동 복원을 건너뜁니다.",
   "symbols/ExcludeLaunchSettings/description": "생성된 템플릿에서 launchSettings.json을 제외할지 여부입니다.",
   "symbols/kestrelHttpPort/description": "launchSettings.json의 HTTP 엔드포인트에 사용할 포트 번호입니다.",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "샘플 페이지 포함(_I)",
   "symbols/IncludeSampleContent/description": "기본 사용 패턴을 보여주기 위해 샘플 페이지 및 스타일을 추가할지 여부를 구성합니다.",
   "symbols/Empty/description": "기본 사용 패턴을 보여주는 샘플 페이지 및 스타일을 생략할지 여부를 구성합니다.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "HTTPS를 끌지 여부입니다. 이 옵션은 Individual, IndividualB2C, SingleOrg 또는 MultiOrg가 --auth에 사용되지 않는 경우에만 적용됩니다.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.pl.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.pl.json
index 43e2693e0f62..aaa04bb545d6 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.pl.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.pl.json
@@ -4,6 +4,7 @@
   "description": "Szablon projektu służący do tworzenia aplikacji internetowej platformy Blazor, która obsługuje renderowanie po stronie serwera i interakcyjność klienta. Ten szablon może być używany dla aplikacji internetowych z zaawansowanymi dynamicznymi interfejsami użytkownika.",
   "symbols/Framework/description": "Platforma docelowa dla tego projektu.",
   "symbols/Framework/choices/net8.0/description": "Docelowa platforma net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "Jeśli ta opcja jest określona, pomija automatyczne przywracanie projektu podczas tworzenia.",
   "symbols/ExcludeLaunchSettings/description": "Określa, czy wykluczyć plik launchSettings.json z wygenerowanego szablonu.",
   "symbols/kestrelHttpPort/description": "Numer portu do użycia dla punktu końcowego HTTP w pliku launchSettings.json.",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "_Dołącz przykładowe strony",
   "symbols/IncludeSampleContent/description": "Konfiguruje, czy dodać przykładowe strony i style w celu zademonstrowania podstawowych wzorców użycia.",
   "symbols/Empty/description": "Konfiguruje, czy pomijać przykładowe strony i style demonstrujące podstawowe wzorce użycia.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "Określa, czy wyłączyć protokół HTTPS. Ta opcja ma zastosowanie tylko wtedy, gdy dla uwierzytelniania --auth nie są używane elementy Individual, IndividualB2C, SingleOrg lub MultiOrg.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.pt-BR.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.pt-BR.json
index dc3922339c3b..b0969274dcc2 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.pt-BR.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.pt-BR.json
@@ -4,6 +4,7 @@
   "description": "Um modelo de projeto para criar um aplicativo Web Blazor que dá suporte à renderização do lado do servidor e à interatividade do cliente. Este modelo pode ser usado para aplicativos da Web com interfaces de usuário (UIs) dinâmicas avançadas.",
   "symbols/Framework/description": "A estrutura de destino do projeto.",
   "symbols/Framework/choices/net8.0/description": "net8.0 de destino",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "Se especificado, ignora a restauração automática do projeto sendo criado.",
   "symbols/ExcludeLaunchSettings/description": "Se deve excluir launchSettings.json do modelo gerado.",
   "symbols/kestrelHttpPort/description": "Número da porta a ser usada para o ponto de extremidade HTTP em launchSettings.json.",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "_Incluir páginas de amostra",
   "symbols/IncludeSampleContent/description": "Configura se deseja adicionar páginas de amostra e estilo para demonstrar padrões de uso básicos.",
   "symbols/Empty/description": "Configura a omissão de páginas de amostra e estilo que demonstram padrões básicos de uso.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "Se o HTTPS deve ser desativado. Essa opção se aplica somente se Individual, IndividualB2C, SingleOrg ou MultiOrg não forem usados para --auth.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ru.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ru.json
index f9d64e65d85a..eea4080639dc 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ru.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.ru.json
@@ -4,6 +4,7 @@
   "description": "Шаблон проекта для создания приложения Blazor, поддерживающего как отрисовку на стороне сервера, так и интерактивные возможности клиента. Этот шаблон можно использовать для веб-приложений с многофункциональными динамическими пользовательскими интерфейсами (UI).",
   "symbols/Framework/description": "Целевая платформа для проекта.",
   "symbols/Framework/choices/net8.0/description": "Целевая net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "Если установлено, автоматическое восстановление проекта при создании пропускается.",
   "symbols/ExcludeLaunchSettings/description": "Следует ли исключить launchSettings.json из созданного шаблона.",
   "symbols/kestrelHttpPort/description": "Номер порта, используемый для конечной точки HTTP в launchSettings.json.",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "_Включить примеры страниц",
   "symbols/IncludeSampleContent/description": "Настраивает, следует ли добавлять примеры страниц и стили для демонстрации базовых шаблонов использования.",
   "symbols/Empty/description": "Настраивает, следует ли пропускать примеры страниц и стили, демонстрирующие базовые шаблоны использования.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "Следует ли отключить HTTPS. Этот параметр применяется, только если для --auth не используются Individual, IndividualB2C, SingleOrg или MultiOrg.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.tr.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.tr.json
index 5299f026392a..ae3be7fb7b06 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.tr.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.tr.json
@@ -4,6 +4,7 @@
   "description": "Hem sunucu tarafı işlemeyi hem de istemci etkileşimini destekleyen bir Blazor web uygulaması oluşturmaya yönelik proje şablonu. Bu şablon, zengin dinamik kullanıcı arabirimlerine (UI) sahip web uygulamaları için kullanılabilir.",
   "symbols/Framework/description": "Projenin hedef çerçevesi.",
   "symbols/Framework/choices/net8.0/description": "Hedef net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "Belirtilirse, oluşturma sırasında projenin otomatik geri yüklenmesini atlar.",
   "symbols/ExcludeLaunchSettings/description": "launchSettings.json öğesinin oluşturulan şablondan dışlanıp dışlanmayacağı.",
   "symbols/kestrelHttpPort/description": "launchSettings.json içinde HTTP uç noktası için kullanılacak bağlantı noktası numarası.",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "Örnek _sayfalar ekle",
   "symbols/IncludeSampleContent/description": "Temel kullanım düzenlerini göstermek için örnek sayfaların ve stil oluşturma özelliklerinin eklenip eklenmeyeceğini yapılandırır.",
   "symbols/Empty/description": "Temel kullanım düzenlerini gösteren örnek sayfaların ve stil oluşturma özelliklerinin atlanıp atlanmayacağını yapılandırır.",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "HTTPS'nin kapatılıp kapatılmayacağı. Bu seçenek yalnızca Bireysel, IndividualB2C, SingleOrg veya MultiOrg -- auth için kullanılmazsa geçerlidir.",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.zh-Hans.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.zh-Hans.json
index 27bbe0d23ea5..b17c3da9b57a 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.zh-Hans.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.zh-Hans.json
@@ -4,6 +4,7 @@
   "description": "用于创建支持服务器端呈现和客户端交互的 Blazor Web 应用的项目模板。此模板可用于具有丰富动态用户界面 (UI) 的 Web 应用。",
   "symbols/Framework/description": "项目的目标框架。",
   "symbols/Framework/choices/net8.0/description": "目标 net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "如果指定，则在创建时跳过项目的自动还原。",
   "symbols/ExcludeLaunchSettings/description": "是否从生成的模板中排除 launchSettings.json。",
   "symbols/kestrelHttpPort/description": "要用于 launchSettings.json 中 HTTP 终结点的端口号。",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "包含示例页(_I)",
   "symbols/IncludeSampleContent/description": "配置是否添加示例页和样式以演示基本使用模式。",
   "symbols/Empty/description": "配置是否忽略演示基本使用模式的示例页和样式。",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "是否禁用 HTTPS。仅当 Individual、IndividualB2C、SingleOrg 或 MultiOrg 不用于 --auth 时，此选项才适用。",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.zh-Hant.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.zh-Hant.json
index f1c7a0d88ba7..5155a158b99b 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.zh-Hant.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/localize/templatestrings.zh-Hant.json
@@ -4,6 +4,7 @@
   "description": "用於建立同時支援伺服器端轉譯和用戶端互動的 Blazor Web 應用程式的專案範本。此範本可用於具有豐富動態使用者介面 (UI) 的 Web 應用程式。",
   "symbols/Framework/description": "專案的目標 Framework。",
   "symbols/Framework/choices/net8.0/description": "目標 net8.0",
+  "symbols/UserSecretsId/description": "The ID to use for secrets (use with Individual auth).",
   "symbols/skipRestore/description": "若指定，會在建立時跳過專案的自動還原。",
   "symbols/ExcludeLaunchSettings/description": "是否要從產生的範本排除 launchSettings.json。",
   "symbols/kestrelHttpPort/description": "launchSettings.json 中 HTTP 端點要使用的連接埠號碼。",
@@ -29,6 +30,10 @@
   "symbols/IncludeSampleContent/displayName": "包含範例頁面(_I)",
   "symbols/IncludeSampleContent/description": "設定是否要新增範例頁面和樣式，以示範基本使用模式。",
   "symbols/Empty/description": "設定是否要省略範例頁面和樣式，其示範基本使用模式。",
+  "symbols/auth/choices/None/description": "No authentication",
+  "symbols/auth/choices/Individual/description": "Individual authentication",
+  "symbols/auth/description": "The type of authentication to use",
+  "symbols/UseLocalDB/description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified.",
   "symbols/AllInteractive/displayName": "_Enable interactive rendering globally throughout the site",
   "symbols/AllInteractive/description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis.",
   "symbols/NoHttps/description": "是否要關閉 HTTPS。只有當 Individual、IndividualB2C、SingleOrg 或 MultiOrg 未用於 --auth 時，才適用此選項。",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
index 971eb62028ba..6c5c05e1161b 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
@@ -14,7 +14,8 @@
   "guids": [
     "4C26868E-5E7C-458D-82E3-040509D0C71F",
     "5990939C-7E7B-4CFA-86FF-44CA5756498A",
-    "650B3CE7-2E93-4CC4-9F46-466686815EAA"
+    "650B3CE7-2E93-4CC4-9F46-466686815EAA",
+    "53bc9b9d-9d6a-45d4-8429-2a2761773502" // Client ID
   ],
   "identity": "Microsoft.Web.Blazor.CSharp.8.0",
   "thirdPartyNotices": "https://aka.ms/aspnetcore/8.0-third-party-notices",
@@ -108,6 +109,41 @@
             "BlazorWeb-CSharp.Client/Pages/**",
             "BlazorWeb-CSharp.Client/wwwroot/**"
           ]
+        },
+        {
+          "condition": "(!IndividualLocalAuth)",
+          "exclude": [
+            "BlazorWeb-CSharp/Components/Pages/Account/**",
+            "BlazorWeb-CSharp/Data/**",
+            "BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs",
+            "BlazorWeb-CSharp.Client/PersistedAuthenticationStateProvider.cs",
+            "BlazorWeb-CSharp.Client/UserInfo.cs",
+            "BlazorWeb-CSharp.Client/Pages/Auth.razor"
+          ]
+        },
+        {
+          "condition": "(!IndividualLocalAuth || UseLocalDB)",
+          "exclude": [
+            "BlazorWeb-CSharp/app.db"
+          ]
+        },
+        {
+          "condition": "(IndividualLocalAuth && UseLocalDB)",
+          "rename": {
+            "BlazorWeb-CSharp/Data/SqlServer/": "BlazorWeb-CSharp/Data/Migrations/"
+          },
+          "exclude": [
+            "BlazorWeb-CSharp/Data/SqlLite/**"
+          ]
+        },
+        {
+          "condition": "(IndividualLocalAuth && !UseLocalDB)",
+          "rename": {
+            "BlazorWeb-CSharp/Data/SqlLite/": "BlazorWeb-CSharp/Data/Migrations/"
+          },
+          "exclude": [
+            "BlazorWeb-CSharp/Data/SqlServer/**"
+          ]
         }
       ]
     }
@@ -130,6 +166,13 @@
       "type": "bind",
       "binding": "HostIdentifier"
     },
+    "UserSecretsId": {
+      "type": "parameter",
+      "datatype": "string",
+      "replaces": "aspnet-BlazorWeb-CSharp-53bc9b9d-9d6a-45d4-8429-2a2761773502",
+      "defaultValue": "aspnet-BlazorWeb-CSharp-53bc9b9d-9d6a-45d4-8429-2a2761773502",
+      "description": "The ID to use for secrets (use with Individual auth)."
+    },
     "skipRestore": {
       "type": "parameter",
       "datatype": "bool",
@@ -167,7 +210,7 @@
     "kestrelHttpsPort": {
       "type": "parameter",
       "datatype": "integer",
-      "description": "Port number to use for the HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if either IndividualAuth or OrganizationalAuth is used)."
+      "description": "Port number to use for the HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if Individual auth is used)."
     },
     "kestrelHttpsPortGenerated": {
       "type": "generated",
@@ -207,7 +250,7 @@
     "iisHttpsPort": {
       "type": "parameter",
       "datatype": "integer",
-      "description": "Port number to use for the IIS Express HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if either IndividualAuth or OrganizationalAuth is used)."
+      "description": "Port number to use for the IIS Express HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if Individual auth is used)."
     },
     "iisHttpsPortGenerated": {
       "type": "generated",
@@ -296,6 +339,28 @@
       "defaultValue": "false",
       "description": "Configures whether to omit sample pages and styling that demonstrate basic usage patterns."
     },
+    "auth": {
+      "type": "parameter",
+      "datatype": "choice",
+      "choices": [
+        {
+          "choice": "None",
+          "description": "No authentication"
+        },
+        {
+          "choice": "Individual",
+          "description": "Individual authentication"
+        }
+      ],
+      "defaultValue": "None",
+      "description": "The type of authentication to use"
+    },
+    "UseLocalDB": {
+      "type": "parameter",
+      "datatype": "bool",
+      "defaultValue": "false",
+      "description": "Whether to use LocalDB instead of SQLite. This option only applies if --auth Individual is specified."
+    },
     "SampleContent": {
       "type": "computed",
       "value": "(((IncludeSampleContent && (HostIdentifier != \"dotnetcli\" && HostIdentifier != \"dotnetcli-preview\"))) || ((!Empty && (HostIdentifier == \"dotnetcli\" || HostIdentifier == \"dotnetcli-preview\"))))"
@@ -312,9 +377,13 @@
       "type": "computed",
       "value": "(InteractivityLocation == \"InteractiveGlobal\" || AllInteractive)"
     },
+    "IndividualLocalAuth": {
+      "type": "computed",
+      "value": "(auth == \"Individual\")"
+    },
     "RequiresHttps": {
       "type": "computed",
-      "value": "(OrganizationalAuth || IndividualAuth)"
+      "value": "(OrganizationalAuth || IndividualLocalAuth)"
     },
     "HasHttpProfile": {
       "type": "computed",
@@ -328,7 +397,7 @@
       "type": "parameter",
       "datatype": "bool",
       "defaultValue": "false",
-      "description": "Whether to turn off HTTPS. This option only applies if Individual, IndividualB2C, SingleOrg, or MultiOrg aren't used for --auth."
+      "description": "Whether to turn off HTTPS. This option only applies if Individual isn't used for --auth."
     },
     "copyrightYear": {
       "type": "generated",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor
new file mode 100644
index 000000000000..e15f54ff654d
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor
@@ -0,0 +1,14 @@
+@page "/auth"
+
+@using Microsoft.AspNetCore.Authorization;
+
+@attribute [Authorize]
+@attribute [RenderModeAuto]
+
+<PageTitle>Auth</PageTitle>
+
+<h1>You are authenticated</h1>
+
+<AuthorizeView>
+    <p>Hello @context.User.Identity?.Name!</p>
+</AuthorizeView>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistedAuthenticationStateProvider.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistedAuthenticationStateProvider.cs
new file mode 100644
index 000000000000..f4e554f09a8b
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistedAuthenticationStateProvider.cs
@@ -0,0 +1,30 @@
+using System.Security.Claims;
+using Microsoft.AspNetCore.Components;
+using Microsoft.AspNetCore.Components.Authorization;
+
+namespace BlazorWeb_CSharp.Client;
+
+public class PersistedAuthenticationStateProvider(PersistentComponentState persistentState) : AuthenticationStateProvider
+{
+    private static readonly Task<AuthenticationState> _unauthenticatedTask =
+        Task.FromResult(new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity())));
+
+    public override Task<AuthenticationState> GetAuthenticationStateAsync()
+    {
+        // REVIEW: Is TryTakeFromJson correctly annotated? "|| userInfo is null" should not be necessary.
+        if (!persistentState.TryTakeFromJson<UserInfo>(nameof(UserInfo), out var userInfo) || userInfo is null)
+        {
+            return _unauthenticatedTask;
+        }
+
+        Claim[] claims = [
+            new Claim(ClaimTypes.NameIdentifier, userInfo.UserId),
+            new Claim(ClaimTypes.Name, userInfo.Email),
+            new Claim(ClaimTypes.Email, userInfo.Email) ];
+
+        return Task.FromResult(
+            new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity(claims,
+                authenticationType: nameof(PersistedAuthenticationStateProvider)))));
+    }
+}
+
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Program.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Program.cs
index 519269f21bb8..560bc77dbced 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Program.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Program.cs
@@ -1,5 +1,15 @@
+#if (IndividualLocalAuth)
+using BlazorWeb_CSharp.Client;
+using Microsoft.AspNetCore.Components.Authorization;
+#endif
 using Microsoft.AspNetCore.Components.WebAssembly.Hosting;
 
 var builder = WebAssemblyHostBuilder.CreateDefault(args);
 
+#if (IndividualLocalAuth)
+builder.Services.AddAuthorizationCore();
+builder.Services.AddCascadingAuthenticationState();
+builder.Services.AddSingleton<AuthenticationStateProvider, PersistedAuthenticationStateProvider>();
+
+#endif
 await builder.Build().RunAsync();
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/UserInfo.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/UserInfo.cs
new file mode 100644
index 000000000000..236bbaa720da
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/UserInfo.cs
@@ -0,0 +1,7 @@
+namespace BlazorWeb_CSharp.Client;
+
+public class UserInfo
+{
+    public required string UserId { get; set; }
+    public required string Email { get; set; }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/_Imports.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/_Imports.razor
index 5268e26fd6aa..cd618a113368 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/_Imports.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/_Imports.razor
@@ -1,5 +1,8 @@
 @using System.Net.Http
 @using System.Net.Http.Json
+@*#if (IndividualLocalAuth)
+@using Microsoft.AspNetCore.Components.Authorization
+##endif*@
 @using Microsoft.AspNetCore.Components.Forms
 @using Microsoft.AspNetCore.Components.Routing
 @using Microsoft.AspNetCore.Components.Web
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageLayout.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageLayout.razor
new file mode 100644
index 000000000000..e4a7871bbc75
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageLayout.razor
@@ -0,0 +1,17 @@
+@inherits LayoutComponentBase
+@layout MainLayout
+
+<h1>Manage your account</h1>
+
+<div>
+    <h2>Change your account settings</h2>
+    <hr />
+    <div class="row">
+        <div class="col-md-3">
+            <ManageNavMenu />
+        </div>
+        <div class="col-md-9">
+            @Body
+        </div>
+    </div>
+</div>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageNavMenu.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageNavMenu.razor
new file mode 100644
index 000000000000..37ab9a430ca2
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageNavMenu.razor
@@ -0,0 +1,37 @@
+@using Microsoft.AspNetCore.Identity;
+@using BlazorWeb_CSharp.Data;
+
+@inject SignInManager<ApplicationUser> SignInManager;
+
+<ul class="nav nav-pills flex-column">
+    <li class="nav-item">
+        <NavLink id="profile" class="nav-link" href="/Account/Manage" Match="NavLinkMatch.All">Profile</NavLink>
+    </li>
+    <li class="nav-item">
+        <NavLink id="email" class="nav-link" href="/Account/Manage/Email">Email</NavLink>
+    </li>
+    <li class="nav-item">
+        <NavLink id="change-password" class="nav-link" href="/Account/Manage/ChangePassword">Password</NavLink>
+    </li>
+    @if (_hasExternalLogins)
+    {
+        <li id="external-logins" class="nav-item">
+            <NavLink id="external-login" class="nav-link" href="/Account/Manage/ExternalLogins">External logins</NavLink>
+        </li>
+    }
+    <li class="nav-item">
+        <NavLink id="two-factor" class="nav-link" href="/Account/Manage/TwoFactorAuthentication">Two-factor authentication</NavLink>
+    </li>
+    <li class="nav-item">
+        <NavLink id="personal-data" class="nav-link" href="/Account/Manage/PersonalData">Personal data</NavLink>
+    </li>
+</ul>
+
+@code {
+    private bool _hasExternalLogins;
+
+    protected override async Task OnInitializedAsync()
+    {
+        _hasExternalLogins = (await SignInManager.GetExternalAuthenticationSchemesAsync()).Any();
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor
index 5b141a54826b..f9535bd7cb57 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor
@@ -27,5 +27,37 @@
                 <span class="bi bi-list-nested" aria-hidden="true"></span> Weather
             </NavLink>
         </div>
+        @*#if (IndividualLocalAuth && UseWebAssembly)
+
+        <div class="nav-item px-3">
+            <NavLink class="nav-link" href="auth">
+                <span class="bi bi-lock" aria-hidden="true"></span> Auth Required
+            </NavLink>
+        </div>
+        ##endif*@
+        @*#if (IndividualLocalAuth)
+
+        <AuthorizeView>
+            <Authorized>
+                <div class="nav-item px-3">
+                    <NavLink class="nav-link" href="/Account/Manage">
+                        <span class="bi bi-person-fill" aria-hidden="true"></span> @context.User.Identity?.Name
+                    </NavLink>
+                </div>
+            </Authorized>
+            <NotAuthorized>
+                <div class="nav-item px-3">
+                    <NavLink class="nav-link" href="/Account/Register">
+                        <span class="bi bi-person" aria-hidden="true"></span> Register
+                    </NavLink>
+                </div>
+                <div class="nav-item px-3">
+                    <NavLink class="nav-link" href="/Account/Login">
+                        <span class="bi bi-person-badge" aria-hidden="true"></span> Login
+                    </NavLink>
+                </div>
+            </NotAuthorized>
+        </AuthorizeView>
+        ##endif*@
     </nav>
 </div>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor.css b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor.css
index 95fcc36e0baa..0f1f79a45b85 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor.css
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor.css
@@ -46,6 +46,24 @@
     background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' fill='white' class='bi bi-list-nested' viewBox='0 0 16 16'%3E%3Cpath fill-rule='evenodd' d='M4.5 11.5A.5.5 0 0 1 5 11h10a.5.5 0 0 1 0 1H5a.5.5 0 0 1-.5-.5zm-2-4A.5.5 0 0 1 3 7h10a.5.5 0 0 1 0 1H3a.5.5 0 0 1-.5-.5zm-2-4A.5.5 0 0 1 1 3h10a.5.5 0 0 1 0 1H1a.5.5 0 0 1-.5-.5z'/%3E%3C/svg%3E");
 }
 
+/*#if (IndividualLocalAuth)*/
+.bi-lock {
+    background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' fill='white' class='bi bi-list-nested' viewBox='0 0 16 16'%3E%3Cpath d='M8 1a2 2 0 0 1 2 2v4H6V3a2 2 0 0 1 2-2zm3 6V3a3 3 0 0 0-6 0v4a2 2 0 0 0-2 2v5a2 2 0 0 0 2 2h6a2 2 0 0 0 2-2V9a2 2 0 0 0-2-2zM5 8h6a1 1 0 0 1 1 1v5a1 1 0 0 1-1 1H5a1 1 0 0 1-1-1V9a1 1 0 0 1 1-1z'/%3E%3C/svg%3E");
+}
+
+.bi-person {
+    background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' fill='white' class='bi bi-person' viewBox='0 0 16 16'%3E%3Cpath d='M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6Zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0Zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4Zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10Z'/%3E%3C/svg%3E");
+}
+
+.bi-person-badge {
+    background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' fill='white' class='bi bi-person-badge' viewBox='0 0 16 16'%3E%3Cpath d='M6.5 2a.5.5 0 0 0 0 1h3a.5.5 0 0 0 0-1h-3zM11 8a3 3 0 1 1-6 0 3 3 0 0 1 6 0z'/%3E%3Cpath d='M4.5 0A2.5 2.5 0 0 0 2 2.5V14a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2V2.5A2.5 2.5 0 0 0 11.5 0h-7zM3 2.5A1.5 1.5 0 0 1 4.5 1h7A1.5 1.5 0 0 1 13 2.5v10.795a4.2 4.2 0 0 0-.776-.492C11.392 12.387 10.063 12 8 12s-3.392.387-4.224.803a4.2 4.2 0 0 0-.776.492V2.5z'/%3E%3C/svg%3E");
+}
+
+.bi-person-fill {
+    background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' fill='white' class='bi bi-person-fill' viewBox='0 0 16 16'%3E%3Cpath d='M3 14s-1 0-1-1 1-4 6-4 6 3 6 4-1 1-1 1H3Zm5-6a3 3 0 1 0 0-6 3 3 0 0 0 0 6Z'/%3E%3C/svg%3E");
+}
+
+/*#endif*/
 .nav-item {
     font-size: 0.9rem;
     padding-bottom: 0.5rem;
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor
new file mode 100644
index 000000000000..378b2ec21fde
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor
@@ -0,0 +1,48 @@
+@page "/Account/ConfirmEmail"
+
+@using System.Text
+@using BlazorWeb_CSharp.Data
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.WebUtilities
+
+@inject UserManager<ApplicationUser> UserManager
+@inject NavigationManager NavigationManager
+
+<PageTitle>Confirm email</PageTitle>
+
+<h1>Confirm email</h1>
+<StatusMessage Message="@statusMessage" />
+
+@code {
+    string? statusMessage;
+
+    [SupplyParameterFromQuery]
+    public string? UserId { get; set; }
+
+    [SupplyParameterFromQuery]
+    public string? Code { get; set; }
+
+    protected override async Task OnInitializedAsync()
+    {
+        if (UserId == null || Code == null)
+        {
+            NavigationManager.NavigateTo("/");
+        }
+        else
+        {
+            var user = await UserManager.FindByIdAsync(UserId);
+            if (user == null)
+            {
+                // Need a way to trigger a 404 from Blazor: https://github.com/dotnet/aspnetcore/issues/45654
+                statusMessage = $"Error loading user with ID {UserId}";
+            }
+            else
+            {
+
+                var code = Encoding.UTF8.GetString(WebEncoders.Base64UrlDecode(Code));
+                var result = await UserManager.ConfirmEmailAsync(user, code);
+                statusMessage = result.Succeeded ? "Thank you for confirming your email." : "Error confirming your email.";
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
new file mode 100644
index 000000000000..19c98d628d5d
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
@@ -0,0 +1,72 @@
+@page "/Account/ForgotPassword"
+
+@using System.ComponentModel.DataAnnotations;
+@using System.Text;
+@using System.Text.Encodings.Web;
+@using Microsoft.AspNetCore.Identity;
+@using Microsoft.AspNetCore.Identity.UI.Services;
+@using Microsoft.AspNetCore.WebUtilities;
+@using BlazorWeb_CSharp.Data;
+
+@inject NavigationManager NavigationManager
+@inject UserManager<ApplicationUser> UserManager
+@inject IEmailSender EmailSender
+
+<PageTitle>Forgot your password?</PageTitle>
+
+<h1>Forgot your password?</h1>
+<h2>Enter your email.</h2>
+<hr />
+<div class="row">
+    <div class="col-md-4">
+        <EditForm Model="Input" FormName="forgot-password" OnValidSubmit="OnValidSubmitAsync" method="post">
+            <DataAnnotationsValidator />
+            <ValidationSummary class="text-danger" role="alert" />
+
+            <div class="form-floating mb-3">
+                <InputText id="email" @bind-Value="Input.Email" class="form-control" autocomplete="username" aria-required="true" placeholder="name@example.com" />
+                <label for="email" class="form-label">Email</label>
+                <ValidationMessage For="() => Input.Email" class="text-danger" />
+            </div>
+            <button type="submit" class="w-100 btn btn-lg btn-primary">Reset password</button>
+        </EditForm>
+     </div>
+</div>
+
+@code {
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = new();
+
+    private async Task OnValidSubmitAsync()
+    {
+        var user = await UserManager.FindByEmailAsync(Input.Email);
+        if (user is null || !(await UserManager.IsEmailConfirmedAsync(user)))
+        {
+            // Don't reveal that the user does not exist or is not confirmed
+            NavigationManager.NavigateTo("/Account/ForgotPasswordConfirmation");
+            return;
+        }
+
+        // For more information on how to enable account confirmation and password reset please
+        // visit https://go.microsoft.com/fwlink/?LinkID=532713
+        var code = await UserManager.GeneratePasswordResetTokenAsync(user);
+        code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
+        var callbackUrl = NavigationManager.GetUriWithQueryParameters(
+            $"{NavigationManager.BaseUri}Identity/Account/ResetPassword",
+            new Dictionary<string, object?> { { "code", code } });
+
+        await EmailSender.SendEmailAsync(
+            Input.Email,
+            "Reset Password",
+            $"Please reset your password by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
+
+        NavigationManager.NavigateTo("/Account/ForgotPasswordConfirmation");
+    }
+
+    private sealed class InputModel
+    {
+        [Required]
+        [EmailAddress]
+        public string Email { get; set; } = default!;
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPasswordConfirmation.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPasswordConfirmation.razor
new file mode 100644
index 000000000000..38de01d1ec0c
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPasswordConfirmation.razor
@@ -0,0 +1,8 @@
+@page "/Account/ForgotPasswordConfirmation"
+
+<PageTitle>Forgot password confirmation</PageTitle>
+
+<h1>Forgot password confirmation</h1>
+<p>
+    Please check your email to reset your password.
+</p>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/InvalidPasswordReset.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/InvalidPasswordReset.razor
new file mode 100644
index 000000000000..509578bbf82c
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/InvalidPasswordReset.razor
@@ -0,0 +1,8 @@
+@page "/Account/InvalidPasswordReset"
+
+<PageTitle>Invalid password reset</PageTitle>
+
+<h1>Invalid password reset</h1>
+<p>
+    The password reset link is invalid.
+</p>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
new file mode 100644
index 000000000000..6d9fac8043b1
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
@@ -0,0 +1,147 @@
+@page "/Account/Login"
+
+@using System.ComponentModel.DataAnnotations
+@using System.Text
+@using BlazorWeb_CSharp.Data
+@using Microsoft.AspNetCore.Authentication
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.WebUtilities
+
+@inject SignInManager<ApplicationUser> SignInManager
+@inject ILogger<Login> Logger
+@inject NavigationManager NavigationManager
+@inject IHttpContextAccessor HttpContextAccessor
+
+<PageTitle>Log in</PageTitle>
+
+<h1>Log in</h1>
+<div class="row">
+    <div class="col-md-4">
+        <section>
+            <StatusMessage Message="@errorMessage" />
+            <EditForm id="account" Model="Input" method="post" OnValidSubmit="LoginUser" FormName="login">
+                <h2>Use a local account to log in.</h2>
+                <hr />
+                <ValidationSummary class="text-danger" role="alert" />
+                <div class="form-floating mb-3">
+                    <InputText id="email" @bind-Value="Input.Email" class="form-control" autocomplete="username" aria-required="true" placeholder="name@example.com" />
+                    <label for="email" class="form-label">Email</label>
+                    <ValidationMessage For="() => Input.Email" class="text-danger" />
+                </div>
+                <div class="form-floating mb-3">
+                    <InputText id="password" type="password" @bind-Value="Input.Password" class="form-control" autocomplete="current-password" aria-required="true" placeholder="password" />
+                    <label for="password" class="form-label">Password</label>
+                    <ValidationMessage For="() => Input.Password" class="text-danger" />
+                </div>
+                <div class="checkbox mb-3">
+                    <label class="form-label">
+                        <InputCheckbox @bind-Value="Input.RememberMe" class="form-check-input" />
+                        Remember me
+                    </label>
+                </div>
+                <div>
+                    <button id="login-submit" type="submit" class="w-100 btn btn-lg btn-primary">Log in</button>
+                </div>
+                <div>
+                    <p>
+                        <a id="forgot-password" href="/Account/ForgotPassword">Forgot your password?</a>
+                    </p>
+                    <p>
+                        <a href="@(NavigationManager.GetUriWithQueryParameters("/Account/Register", new Dictionary<string, object?> { ["ReturnUrl"] = ReturnUrl }))">Register as a new user</a>
+                    </p>
+                    <p>
+                        <a id="resend-confirmation" href="/Account/ResendEmailConfirmation">Resend email confirmation</a>
+                    </p>
+                </div>
+            </EditForm>
+        </section>
+    </div>
+    <div class="col-md-6 col-md-offset-2">
+        <section>
+            <h3>Use another service to log in.</h3>
+            <hr />
+            @if ((externalLogins?.Count ?? 0) == 0)
+            {
+                <div>
+                    <p>
+                        There are no external authentication services configured. See this <a href="https://go.microsoft.com/fwlink/?LinkID=532715">article
+                        about setting up this ASP.NET application to support logging in via external services</a>.
+                    </p>
+                </div>
+            }
+            else
+            {
+                <form id="external-account" action="@(NavigationManager.GetUriWithQueryParameters("/Account/ExternalLogin", new Dictionary<string, object?> { ["ReturnUrl"] = ReturnUrl })))" method="post" class="form-horizontal">
+                    <div>
+                        <p>
+                            @foreach (var provider in externalLogins!)
+                            {
+                                <button type="submit" class="btn btn-primary" name="provider" value="@provider.Name" title="Log in using your @provider.DisplayName account">@provider.DisplayName</button>
+                            }
+                        </p>
+                    </div>
+                </form>
+            }
+        </section>
+    </div>
+</div>
+
+@code {
+    string? errorMessage;
+    IList<AuthenticationScheme>? externalLogins;
+
+    [SupplyParameterFromForm]
+    public InputModel Input { get; set; } = new();
+
+    [SupplyParameterFromQuery]
+    public string ReturnUrl { get; set; } = "";
+
+    public class InputModel
+    {
+        [Required]
+        [EmailAddress]
+        public string Email { get; set; } = null!;
+
+        [Required]
+        [DataType(DataType.Password)]
+        public string Password { get; set; } = null!;
+
+        [Display(Name = "Remember me?")]
+        public bool RememberMe { get; set; } = false;
+    }
+
+    protected override async Task OnInitializedAsync()
+    {
+        // Clear the existing external cookie to ensure a clean login process
+        // No access to HttpContext: https://github.com/dotnet/aspnetcore/issues/48769
+        await HttpContextAccessor.HttpContext!.SignOutAsync(IdentityConstants.ExternalScheme);
+
+        externalLogins = (await SignInManager.GetExternalAuthenticationSchemesAsync()).ToList();
+    }
+
+    public async Task LoginUser()
+    {
+        // This doesn't count login failures towards account lockout
+        // To enable password failures to trigger account lockout, set lockoutOnFailure: true
+        var result = await SignInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: false);
+        if (result.Succeeded)
+        {
+            Logger.LogInformation("User logged in.");
+            NavigationManager.NavigateTo(ReturnUrl);
+        }
+        if (result.RequiresTwoFactor)
+        {
+            NavigationManager.NavigateTo(NavigationManager.GetUriWithQueryParameters("/Account/LoginWith2fa",
+                new Dictionary<string, object?> { ["ReturnUrl"] = ReturnUrl, ["RememberMe"] = Input.RememberMe }));
+        }
+        if (result.IsLockedOut)
+        {
+            Logger.LogWarning("User account locked out.");
+            NavigationManager.NavigateTo("/Account/Lockout");
+        }
+        else
+        {
+            errorMessage = "Error: Invalid login attempt.";
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
new file mode 100644
index 000000000000..374ed75ae741
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
@@ -0,0 +1,107 @@
+@page "/Account/Manage/ChangePassword"
+
+@using System.ComponentModel.DataAnnotations
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+
+@inject UserManager<ApplicationUser> UserManager
+@inject SignInManager<ApplicationUser> SignInManager
+@inject NavigationManager NavigationManager
+@inject ILogger<ChangePassword> Logger
+
+<PageTitle>Change password</PageTitle>
+
+<h3>Change password</h3>
+<StatusMessage Message="@_message" />
+<div class="row">
+    <div class="col-md-6">
+        <EditForm id="change-password-form" Model="Input" FormName="change-password" OnValidSubmit="OnValidSubmitAsync" method="post">
+            <DataAnnotationsValidator />
+            <ValidationSummary class="text-danger" role="alert" />
+            <div class="form-floating mb-3">
+                <InputText id="old-password" type="password" @bind-Value="Input.OldPassword" class="form-control" autocomplete="current-password" aria-required="true" placeholder="Please enter your old password." />
+                <label for="old-password" class="form-label">Old password</label>
+                <ValidationMessage For="() => Input.OldPassword" class="text-danger" />
+            </div>
+            <div class="form-floating mb-3">
+                <InputText id="new-password" type="password" @bind-Value="Input.NewPassword" class="form-control" autocomplete="new-password" aria-required="true" placeholder="Please enter your new password." />
+                <label for="new-password" class="form-label">New password</label>
+                <ValidationMessage For="() => Input.NewPassword" class="text-danger" />
+            </div>
+            <div class="form-floating mb-3">
+                <InputText id="confirm-password" type="password" @bind-Value="Input.ConfirmPassword" class="form-control" autocomplete="confirm-password" aria-required="true" placeholder="Please confirm your new password." />
+                <label for="confirm-password" class="form-label">Confirm password</label>
+                <ValidationMessage For="() => Input.ConfirmPassword" class="text-danger" />
+            </div>
+            <button type="submit" class="w-100 btn btn-lg btn-primary">Update password</button>
+        </EditForm>
+    </div>
+</div>
+
+@code {
+    private string? _message;
+    private ApplicationUser? _user;
+    private bool _hasPassword;
+
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = default!;
+
+    [CascadingParameter]
+    private Task<AuthenticationState>? AuthenticationStateTask { get; set; }
+
+    protected override async Task OnInitializedAsync()
+    {
+        Input ??= new();
+
+        (_user, _message) = await UserManager.GetUserAsync(AuthenticationStateTask);
+        if (_user is null)
+        {
+            return;
+        }
+
+        _hasPassword = await UserManager.HasPasswordAsync(_user);
+        if (!_hasPassword)
+        {
+            NavigationManager.NavigateTo("/Account/Manage/SetPassword");
+            return;
+        }
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        if (_user is null)
+        {
+            return;
+        }
+
+        var changePasswordResult = await UserManager.ChangePasswordAsync(_user, Input.OldPassword!, Input.NewPassword!);
+        if (!changePasswordResult.Succeeded)
+        {
+            _message = $"Error: {string.Join(",", changePasswordResult.Errors.Select(error => error.Description))}";
+            return;
+        }
+
+        await SignInManager.RefreshSignInAsync(_user);
+        Logger.LogInformation("User changed their password successfully.");
+        _message = "Your password has been changed.";
+    }
+
+    private sealed class InputModel
+    {
+        [Required]
+        [DataType(DataType.Password)]
+        [Display(Name = "Current password")]
+        public string? OldPassword { get; set; }
+
+        [Required]
+        [StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]
+        [DataType(DataType.Password)]
+        [Display(Name = "New password")]
+        public string? NewPassword { get; set; }
+
+        [DataType(DataType.Password)]
+        [Display(Name = "Confirm new password")]
+        [Compare("NewPassword", ErrorMessage = "The new password and confirmation password do not match.")]
+        public string? ConfirmPassword { get; set; }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
new file mode 100644
index 000000000000..ab2a4b4cc536
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
@@ -0,0 +1,138 @@
+@page "/Account/Manage/Email"
+
+@using System.ComponentModel.DataAnnotations
+@using System.Text
+@using System.Text.Encodings.Web
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.Identity.UI.Services
+@using Microsoft.AspNetCore.WebUtilities
+@using BlazorWeb_CSharp.Data
+
+@inject UserManager<ApplicationUser> UserManager
+@inject IEmailSender EmailSender
+@inject NavigationManager NavigationManager
+
+<PageTitle>Manage email</PageTitle>
+
+<h3>Manage email</h3>
+
+<StatusMessage Message="@_message" />
+<div class="row">
+    <div class="col-md-6">
+        <form id="send-verification-form" @onsubmit="OnSendEmailVerificationAsync" @formname="send-verification" method="post">
+            <AntiforgeryToken />
+        </form>
+        <EditForm id="change-email-form" Model="Input" FormName="change-email" OnValidSubmit="OnValidSubmitAsync" method="post">
+            <DataAnnotationsValidator />
+            <ValidationSummary class="text-danger" role="alert" />
+            @if (_isEmailConfirmed)
+            {
+                <div class="form-floating mb-3 input-group">
+                    <input id="email" type="text" value="@_email" class="form-control" placeholder="Please enter your email." disabled />
+                    <div class="input-group-append">
+                        <span class="h-100 input-group-text text-success font-weight-bold">✓</span>
+                    </div>
+                    <label for="email" class="form-label">Email</label>
+                </div>
+            }
+            else
+            {
+                <div class="form-floating mb-3">
+                    <input id="email" type="text" value="@_email" class="form-control" placeholder="Please enter your email." disabled />
+                    <label for="email" class="form-label">Email</label>
+                    <button id="email-verification" type="submit" class="btn btn-link" form="send-verification-form">Send verification email</button>
+                </div>
+            }
+            <div class="form-floating mb-3">
+                <InputText id="new-email" @bind-Value="Input.NewEmail" class="form-control" autocomplete="email" aria-required="true" placeholder="Please enter new email." />
+                <label for="new-email" class="form-label">New email</label>
+                <ValidationMessage For="() => Input.NewEmail" class="text-danger" />
+            </div>
+            <button id="change-email-button" type="submit" class="w-100 btn btn-lg btn-primary">Change email</button>
+        </EditForm>
+    </div>
+</div>
+
+@code {
+    private string? _message;
+    private ApplicationUser? _user;
+    private string? _email;
+    private bool _isEmailConfirmed;
+
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = default!;
+
+    [CascadingParameter]
+    private Task<AuthenticationState>? AuthenticationStateTask { get; set; }
+
+    protected override async Task OnInitializedAsync()
+    {
+        Input ??= new();
+
+        (_user, _message) = await UserManager.GetUserAsync(AuthenticationStateTask);
+        if (_user is null)
+        {
+            return;
+        }
+
+        _email = await UserManager.GetEmailAsync(_user);
+        _isEmailConfirmed = await UserManager.IsEmailConfirmedAsync(_user);
+
+        Input.NewEmail ??= _email;
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        if (_user is null)
+        {
+            return;
+        }
+
+        if (Input.NewEmail != _email)
+        {
+            var userId = await UserManager.GetUserIdAsync(_user);
+            var code = await UserManager.GenerateChangeEmailTokenAsync(_user, Input.NewEmail!);
+            code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
+            var callbackUrl = NavigationManager.GetUriWithQueryParameters(
+                $"{NavigationManager.BaseUri}Identity/Account/ConfirmEmailChange",
+                new Dictionary<string, object?> { { "userId", userId }, { "email", Input.NewEmail }, { "code", code } });
+            await EmailSender.SendEmailAsync(
+                Input.NewEmail!,
+                "Confirm your email",
+                $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
+            _message = "Confirmation link to change email sent. Please check your email.";
+            return;
+        }
+
+        _message = "Your email is unchanged.";
+    }
+
+    private async Task OnSendEmailVerificationAsync()
+    {
+        if (_user is null)
+        {
+            return;
+        }
+
+        var userId = await UserManager.GetUserIdAsync(_user);
+        var code = await UserManager.GenerateEmailConfirmationTokenAsync(_user);
+        code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
+        var callbackUrl = NavigationManager.GetUriWithQueryParameters(
+            $"{NavigationManager.BaseUri}Identity/Account/ConfirmEmail",
+            new Dictionary<string, object?> { { "userId", userId }, { "code", code } });
+        await EmailSender.SendEmailAsync(
+            _email!,
+            "Confirm your email",
+            $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
+
+        _message = "Verification email sent. Please check your email.";
+    }
+
+    private sealed class InputModel
+    {
+        [Required]
+        [EmailAddress]
+        [Display(Name = "New email")]
+        public string? NewEmail { get; set; }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor
new file mode 100644
index 000000000000..75c7538ad9d4
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor
@@ -0,0 +1,7 @@
+@page "/Account/Manage/ExternalLogins"
+
+<PageTitle>Manage your external logins</PageTitle>
+
+<h3>Manage your external logins</h3>
+
+@* TODO: Implement this *@
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
new file mode 100644
index 000000000000..d0a42c7d2883
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
@@ -0,0 +1,92 @@
+@page "/Account/Manage"
+
+@using System.ComponentModel.DataAnnotations;
+@using System.Security.Claims
+@using Microsoft.AspNetCore.Identity;
+@using BlazorWeb_CSharp.Data;
+
+@inject AuthenticationStateProvider AuthenticationStateProvider
+@inject UserManager<ApplicationUser> UserManager
+@inject SignInManager<ApplicationUser> SignInManager
+@inject NavigationManager NavigationManager
+
+<PageTitle>Profile</PageTitle>
+
+<h3>Profile</h3>
+<StatusMessage Message="@_message" />
+
+<div class="row">
+    <div class="col-md-6">
+        <EditForm id="profile-form" Model="Input" FormName="profile" OnValidSubmit="OnValidSubmitAsync" method="post">
+            <DataAnnotationsValidator />
+            <ValidationSummary class="text-danger" role="alert" />
+            <div class="form-floating mb-3">
+                <input id="username" type="text" value="@_username" class="form-control" placeholder="Please choose your username." disabled />
+                <label for="username" class="form-label">Username</label>
+            </div>
+            <div class="form-floating mb-3">
+                <InputText id="phone-number" @bind-Value="Input.PhoneNumber" class="form-control" placeholder="Please enter your phone number." />
+                <label for="phone-number" class="form-label">Phone number</label>
+                <ValidationMessage For="() => Input.PhoneNumber" class="text-danger" />
+            </div>
+            <button id="update-profile-button" type="submit" class="w-100 btn btn-lg btn-primary">Save</button>
+        </EditForm>
+    </div>
+</div>
+
+@code {
+    private string? _message;
+    private ApplicationUser? _user;
+    private string? _username;
+    private string? _phoneNumber;
+
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = default!;
+
+    [CascadingParameter]
+    private Task<AuthenticationState>? AuthenticationStateTask { get; set; }
+
+    protected override async Task OnInitializedAsync()
+    {
+        Input ??= new();
+
+        (_user, _message) = await UserManager.GetUserAsync(AuthenticationStateTask);
+        if (_user is null)
+        {
+            return;
+        }
+
+        _username = await UserManager.GetUserNameAsync(_user);
+        _phoneNumber = await UserManager.GetPhoneNumberAsync(_user);
+
+        Input.PhoneNumber ??= _phoneNumber;
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        if (_user is null)
+        {
+            return;
+        }
+
+        if (Input.PhoneNumber != _phoneNumber)
+        {
+            var setPhoneResult = await UserManager.SetPhoneNumberAsync(_user, Input.PhoneNumber);
+            if (!setPhoneResult.Succeeded)
+            {
+                _message = "Unexpected error when trying to set phone number.";
+                return;
+            }
+        }
+
+        await SignInManager.RefreshSignInAsync(_user);
+        _message = "Your profile has been updated";
+    }
+
+    private sealed class InputModel
+    {
+        [Phone]
+        [Display(Name = "Phone number")]
+        public string? PhoneNumber { get; set; }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/PersonalData.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/PersonalData.razor
new file mode 100644
index 000000000000..01421ec9fda5
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/PersonalData.razor
@@ -0,0 +1,7 @@
+@page "/Account/Manage/PersonalData"
+
+<PageTitle>Personal Data</PageTitle>
+
+<h3>Personal Data</h3>
+
+@* TODO: Implement this *@
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor
new file mode 100644
index 000000000000..dc49aa4edecd
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor
@@ -0,0 +1,7 @@
+@page "/Account/Manage/TwoFactorAuthentication"
+
+<PageTitle>Two-factor authentication (2FA)</PageTitle>
+
+<h3>Two-factor authentication (2FA)</h3>
+
+@* TODO: Implement this *@
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/_Imports.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/_Imports.razor
new file mode 100644
index 000000000000..d605aec1f504
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/_Imports.razor
@@ -0,0 +1,2 @@
+@layout BlazorWeb_CSharp.Components.Layout.ManageLayout
+@attribute [Microsoft.AspNetCore.Authorization.Authorize]
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
new file mode 100644
index 000000000000..99b5304fc019
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
@@ -0,0 +1,203 @@
+@page "/Account/Register"
+
+@using System.ComponentModel.DataAnnotations
+@using System.Text
+@using System.Text.Encodings.Web
+@using BlazorWeb_CSharp.Data
+@using Microsoft.AspNetCore.Authentication
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.Identity.UI.Services
+@using Microsoft.AspNetCore.WebUtilities
+
+@inject UserManager<ApplicationUser> UserManager
+@inject IUserStore<ApplicationUser> UserStore
+@inject SignInManager<ApplicationUser> SignInManager
+@inject ILogger<Register> Logger
+@inject IEmailSender EmailSender
+@inject NavigationManager NavigationManager
+
+<PageTitle>Register</PageTitle>
+
+<h1>Register</h1>
+
+<div class="row">
+    <div class="col-md-4">
+        <StatusMessage Message="@Message" />
+        <EditForm id="registerForm" Model="Input" asp-route-returnUrl="@ReturnUrl" method="post" OnValidSubmit="RegisterUser" FormName="register">
+            <DataAnnotationsValidator />
+            <h2>Create a new account.</h2>
+            <hr />
+            <ValidationSummary class="text-danger" role="alert" />
+            <div class="form-floating mb-3">
+                <InputText id="email" @bind-Value="Input.Email" class="form-control" autocomplete="username" aria-required="true" placeholder="name@example.com" />
+                <label for="email">Email</label>
+                <ValidationMessage For="() => Input.Email" class="text-danger" />
+            </div>
+            <div class="form-floating mb-3">
+                <InputText id="password" type="password" @bind-Value="Input.Password" class="form-control" autocomplete="new-password" aria-required="true" placeholder="password" />
+                <label for="password">Password</label>
+                <ValidationMessage For="() => Input.Password" class="text-danger" />
+            </div>
+            <div class="form-floating mb-3">
+                <InputText id="confirm-password" type="password" @bind-Value="Input.ConfirmPassword" class="form-control" autocomplete="new-password" aria-required="true" placeholder="password" />
+                <label for="confirm-password">Confirm Password</label>
+                <ValidationMessage For="() => Input.ConfirmPassword" class="text-danger" />
+            </div>
+            <button id="registerSubmit" type="submit" class="w-100 btn btn-lg btn-primary">Register</button>
+        </EditForm>
+    </div>
+    <div class="col-md-6 col-md-offset-2">
+        <section>
+            <h3>Use another service to register.</h3>
+            <hr />
+            @{
+                if ((ExternalLogins?.Count ?? 0) == 0)
+                {
+                    <div>
+                        <p>
+                            There are no external authentication services configured. See this <a href="https://go.microsoft.com/fwlink/?LinkID=532715">article
+                            about setting up this ASP.NET application to support logging in via external services</a>.
+                        </p>
+                    </div>
+                }
+                else
+                {
+                    <form id="external-account" asp-page="./ExternalLogin" asp-route-returnUrl="@ReturnUrl" method="post" class="form-horizontal">
+                        <div>
+                            <p>
+                                @foreach (var provider in ExternalLogins!)
+                                {
+                                    <button type="submit" class="btn btn-primary" name="provider" value="@provider.Name" title="Log in using your @provider.DisplayName account">@provider.DisplayName</button>
+                                }
+                            </p>
+                        </div>
+                    </form>
+                }
+            }
+        </section>
+    </div>
+</div>
+
+@code {
+    [SupplyParameterFromForm]
+    public InputModel Input { get; set; } = new();
+
+    /// <summary>
+    ///     This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
+    ///     directly from your code. This API may change or be removed in future releases.
+    /// </summary>
+    [SupplyParameterFromQuery]
+    public string ReturnUrl { get; set; } = "";
+
+    /// <summary>
+    ///     This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
+    ///     directly from your code. This API may change or be removed in future releases.
+    /// </summary>
+    public IList<AuthenticationScheme>? ExternalLogins { get; set; }
+
+    /// <summary>
+    ///     This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
+    ///     directly from your code. This API may change or be removed in future releases.
+    /// </summary>
+    public class InputModel
+    {
+        /// <summary>
+        ///     This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
+        ///     directly from your code. This API may change or be removed in future releases.
+        /// </summary>
+        [Required]
+        [EmailAddress]
+        [Display(Name = "Email")]
+        public string Email { get; set; } = null!;
+
+        /// <summary>
+        ///     This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
+        ///     directly from your code. This API may change or be removed in future releases.
+        /// </summary>
+        [Required]
+        [StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]
+        [DataType(DataType.Password)]
+        [Display(Name = "Password")]
+        public string Password { get; set; } = null!;
+
+        /// <summary>
+        ///     This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
+        ///     directly from your code. This API may change or be removed in future releases.
+        /// </summary>
+        [DataType(DataType.Password)]
+        [Display(Name = "Confirm password")]
+        [Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
+        public string ConfirmPassword { get; set; } = null!;
+    }
+
+    IEnumerable<IdentityError>? identityErrors;
+    string? Message => identityErrors is null ? null : "Error: " + string.Join(", ", identityErrors.Select(error => error.Description));
+
+    protected override async Task OnInitializedAsync()
+    {
+        ExternalLogins = (await SignInManager.GetExternalAuthenticationSchemesAsync()).ToList();
+    }
+
+    public async Task RegisterUser(EditContext editContext)
+    {
+        var user = CreateUser();
+
+        await UserStore.SetUserNameAsync(user, Input.Email, CancellationToken.None);
+        var emailStore = GetEmailStore();
+        await emailStore.SetEmailAsync(user, Input.Email, CancellationToken.None);
+        var result = await UserManager.CreateAsync(user, Input.Password);
+
+        if (result.Succeeded)
+        {
+            Logger.LogInformation("User created a new account with password.");
+
+            var userId = await UserManager.GetUserIdAsync(user);
+            var code = await UserManager.GenerateEmailConfirmationTokenAsync(user);
+            code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
+            var callbackUrl = NavigationManager.GetUriWithQueryParameters(
+                NavigationManager.ToAbsoluteUri("/Account/ConfirmEmail").AbsoluteUri, 
+                new Dictionary<string, object?> { { "userId", userId }, { "code", code }, { "returnUrl", ReturnUrl } });
+
+            await EmailSender.SendEmailAsync(Input.Email, "Confirm your email",
+                $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
+
+            if (UserManager.Options.SignIn.RequireConfirmedAccount)
+            {
+                NavigationManager.NavigateTo(NavigationManager.GetUriWithQueryParameters(
+                    NavigationManager.ToAbsoluteUri("/Account/RegisterConfirmation").AbsoluteUri,
+                    new Dictionary<string, object?> { { "email", Input.Email }, { "returnUrl", ReturnUrl } }));
+            }
+            else
+            {
+                await SignInManager.SignInAsync(user, isPersistent: false);
+                NavigationManager.NavigateTo(NavigationManager.ToAbsoluteUri(NavigationManager.ToBaseRelativePath(ReturnUrl)).AbsoluteUri);
+            }
+        }
+        else
+        {
+            identityErrors = result.Errors;
+        }
+    }
+
+    private ApplicationUser CreateUser()
+    {
+        try
+        {
+            return Activator.CreateInstance<ApplicationUser>();
+        }
+        catch
+        {
+            throw new InvalidOperationException($"Can't create an instance of '{nameof(ApplicationUser)}'. " +
+                $"Ensure that '{nameof(ApplicationUser)}' is not an abstract class and has a parameterless constructor.");
+        }
+    }
+
+    private IUserEmailStore<ApplicationUser> GetEmailStore()
+    {
+        if (!UserManager.SupportsUserEmail)
+        {
+            throw new NotSupportedException("The default UI requires a user store with email support.");
+        }
+        return (IUserEmailStore<ApplicationUser>) UserStore;
+    }
+}
\ No newline at end of file
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor
new file mode 100644
index 000000000000..e03daa4aaa18
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor
@@ -0,0 +1,65 @@
+@page "/Account/RegisterConfirmation"
+
+@using System.Text
+@using BlazorWeb_CSharp.Data
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.Identity.UI.Services
+@using Microsoft.AspNetCore.WebUtilities
+
+@inject UserManager<ApplicationUser> UserManager
+@inject IEmailSender EmailSender
+@inject NavigationManager NavigationManager
+
+<PageTitle>Register confirmation</PageTitle>
+
+<h1>Register confirmation</h1>
+
+<StatusMessage Message="@statusMessage" />
+
+@if (emailConfirmationLink is not null)
+{
+    <p>
+        This app does not currently have a real email sender registered, see <a href="https://aka.ms/aspaccountconf">these docs</a> for how to configure a real email sender.
+        Normally this would be emailed: <a id="confirm-link" href="@emailConfirmationLink">Click here to confirm your account</a>
+    </p>
+}
+else
+{
+    <p>Please check your email to confirm your account.</p>
+}
+
+@code {
+    string? emailConfirmationLink;
+    string? statusMessage;
+
+    [SupplyParameterFromQuery] public string? Email { get; set; }
+    [SupplyParameterFromQuery] public string ReturnUrl { get; set; } = "/";
+
+    protected override async Task OnInitializedAsync()
+    {
+        if (Email == null)
+        {
+            NavigationManager.NavigateTo("/");
+        }
+        else
+        {
+
+            var user = await UserManager.FindByEmailAsync(Email);
+            if (user == null)
+            {
+                // Need a way to trigger a 404 from Blazor: https://github.com/dotnet/aspnetcore/issues/45654
+                statusMessage = $"Error finding user for unspecified email";
+            }
+            else if (EmailSender is NoOpEmailSender)
+            {
+                // Once you add a real email sender, you should remove this code that lets you confirm the account
+                var userId = await UserManager.GetUserIdAsync(user);
+                var code = await UserManager.GenerateEmailConfirmationTokenAsync(user);
+                code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
+                emailConfirmationLink = NavigationManager.GetUriWithQueryParameters(
+                    NavigationManager.ToAbsoluteUri("/Account/ConfirmEmail").AbsoluteUri,
+                    new Dictionary<string, object?> { { "userId", userId }, { "code", code }, { "returnUrl", ReturnUrl } });
+            }
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
new file mode 100644
index 000000000000..21a057e1bf4e
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
@@ -0,0 +1,107 @@
+@page "/Account/ResetPassword"
+
+@using System.ComponentModel.DataAnnotations;
+@using System.Text;
+@using Microsoft.AspNetCore.Http;
+@using Microsoft.AspNetCore.Identity;
+@using Microsoft.AspNetCore.WebUtilities;
+@using BlazorWeb_CSharp.Data;
+
+@inject NavigationManager NavigationManager
+@inject UserManager<ApplicationUser> UserManager
+
+<PageTitle>Reset password</PageTitle>
+
+<h1>Reset password</h1>
+<h2>Reset your password.</h2>
+<hr />
+<div class="row">
+    <div class="col-md-4">
+        <StatusMessage Message="@Message" />
+        <EditForm id="reset-password-form" Model="Input" FormName="reset-password" OnValidSubmit="OnValidSubmitAsync" method="post">
+            <DataAnnotationsValidator />
+            <ValidationSummary class="text-danger" role="alert" />
+
+            <input type="hidden" name="Input.Code" value="@Input.Code" />
+            <div class="form-floating mb-3">
+                <InputText id="email" @bind-Value="Input.Email" class="form-control" autocomplete="username" aria-required="true" placeholder="name@example.com" />
+                <label for="email" class="form-label">Email</label>
+                <ValidationMessage For="() => Input.Email" class="text-danger" />
+            </div>
+            <div class="form-floating mb-3">
+                <InputText id="password" type="password" @bind-Value="Input.Password" class="form-control" autocomplete="new-password" aria-required="true" placeholder="Please enter your password." />
+                <label for="password" class="form-label">Password</label>
+                <ValidationMessage For="() => Input.Password" class="text-danger" />
+            </div>
+            <div class="form-floating mb-3">
+                <InputText id="confirm-password" type="password" @bind-Value="Input.ConfirmPassword" class="form-control" autocomplete="new-password" aria-required="true" placeholder="Please confirm your password." />
+                <label for="confirm-password" class="form-label">Confirm password</label>
+                <ValidationMessage For="() => Input.ConfirmPassword" class="text-danger" />
+            </div>
+            <button type="submit" class="w-100 btn btn-lg btn-primary">Reset</button>
+        </EditForm>
+    </div>
+</div>
+
+@code {
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = new();
+
+    [SupplyParameterFromQuery]
+    private string? Code { get; set; }
+
+    IEnumerable<IdentityError>? identityErrors;
+    private string? Message => identityErrors is null ? null : "Error: " + string.Join(", ", identityErrors.Select(error => error.Description));
+
+    protected override void OnInitialized()
+    {
+        if (Code is null)
+        {
+            NavigationManager.NavigateTo("/Account/InvalidPasswordReset");
+        }
+        else
+        {
+            Input.Code = Encoding.UTF8.GetString(WebEncoders.Base64UrlDecode(Code));
+        }
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        var user = await UserManager.FindByEmailAsync(Input.Email);
+        if (user is null)
+        {
+            // Don't reveal that the user does not exist
+            NavigationManager.NavigateTo("/Account/ResetPasswordConfirmation");
+            return;
+        }
+
+        var result = await UserManager.ResetPasswordAsync(user, Input.Code, Input.Password);
+        if (result.Succeeded)
+        {
+            NavigationManager.NavigateTo("/Account/ResetPasswordConfirmation");
+            return;
+        }
+
+        identityErrors = result.Errors;
+    }
+
+    private sealed class InputModel
+    {
+        [Required]
+        [EmailAddress]
+        public string Email { get; set; } = default!;
+
+        [Required]
+        [StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]
+        [DataType(DataType.Password)]
+        public string Password { get; set; } = default!;
+
+        [DataType(DataType.Password)]
+        [Display(Name = "Confirm password")]
+        [Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
+        public string ConfirmPassword { get; set; } = default!;
+
+        [Required]
+        public string Code { get; set; } = default!;
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPasswordConfirmation.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPasswordConfirmation.razor
new file mode 100644
index 000000000000..273c8247bd14
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPasswordConfirmation.razor
@@ -0,0 +1,7 @@
+@page "/Account/ResetPasswordConfirmation"
+<PageTitle>Reset password confirmation</PageTitle>
+
+<h1>Reset password confirmation</h1>
+<p>
+    Your password has been reset. Please <a href="/Account/Login">click here to log in</a>.
+</p>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/StatusMessage.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/StatusMessage.razor
new file mode 100644
index 000000000000..9dfc84b03c52
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/StatusMessage.razor
@@ -0,0 +1,12 @@
+@if (!String.IsNullOrEmpty(Message))
+{
+    var statusMessageClass = Message.StartsWith("Error") ? "danger" : "success";
+    <div class="alert alert-@statusMessageClass alert-dismissible" role="alert">
+        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+        @Message
+    </div>
+}
+
+@code {
+    [Parameter] public string? Message { get; set; }
+}
\ No newline at end of file
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Routes.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Routes.razor
index 25a5e5887bfe..1426521804d1 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Routes.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Routes.razor
@@ -4,7 +4,11 @@
 <Router AppAssembly="@typeof(Program).Assembly">
 ##endif*@
     <Found Context="routeData">
+        @*#if (IndividualLocalAuth)
+        <AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(Layout.MainLayout)" />
+        ##else
         <RouteView RouteData="@routeData" DefaultLayout="@typeof(Layout.MainLayout)" />
+        ##endif*@
         <FocusOnNavigate RouteData="@routeData" Selector="h1" />
     </Found>
 </Router>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/_Imports.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/_Imports.razor
index 68ab14b7c1e6..bb52859cae6d 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/_Imports.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/_Imports.razor
@@ -1,5 +1,8 @@
 @using System.Net.Http
 @using System.Net.Http.Json
+@*#if (IndividualLocalAuth)
+@using Microsoft.AspNetCore.Components.Authorization
+##endif*@
 @using Microsoft.AspNetCore.Components.Forms
 @using Microsoft.AspNetCore.Components.Routing
 @using Microsoft.AspNetCore.Components.Web
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationDbContext.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationDbContext.cs
new file mode 100644
index 000000000000..08e9d0808401
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationDbContext.cs
@@ -0,0 +1,12 @@
+using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore;
+
+namespace BlazorWeb_CSharp.Data;
+
+public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
+{
+    public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options)
+        : base(options)
+    {
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationUser.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationUser.cs
new file mode 100644
index 000000000000..831bb92a4a57
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationUser.cs
@@ -0,0 +1,9 @@
+using Microsoft.AspNetCore.Identity;
+
+namespace BlazorWeb_CSharp.Data;
+
+// Add profile data for application users by adding properties to the ApplicationUser class
+public class ApplicationUser : IdentityUser
+{
+}
+
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/00000000000000_CreateIdentitySchema.Designer.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/00000000000000_CreateIdentitySchema.Designer.cs
new file mode 100644
index 000000000000..ba5b97c07dff
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/00000000000000_CreateIdentitySchema.Designer.cs
@@ -0,0 +1,268 @@
+// <auto-generated />
+using System;
+using BlazorWeb_CSharp.Data;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+
+#nullable disable
+
+namespace BlazorWeb_CSharp.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("00000000000000_CreateIdentitySchema")]
+    partial class CreateIdentitySchema
+    {
+        /// <inheritdoc />
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder.HasAnnotation("ProductVersion", "8.0.0");
+
+            modelBuilder.Entity("BlazorWeb_CSharp.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .HasColumnType("TEXT");
+
+                    b.Property<int>("AccessFailedCount")
+                        .HasColumnType("INTEGER");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken()
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.Property<bool>("EmailConfirmed")
+                        .HasColumnType("INTEGER");
+
+                    b.Property<bool>("LockoutEnabled")
+                        .HasColumnType("INTEGER");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("PasswordHash")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("PhoneNumber")
+                        .HasColumnType("TEXT");
+
+                    b.Property<bool>("PhoneNumberConfirmed")
+                        .HasColumnType("INTEGER");
+
+                    b.Property<string>("SecurityStamp")
+                        .HasColumnType("TEXT");
+
+                    b.Property<bool>("TwoFactorEnabled")
+                        .HasColumnType("INTEGER");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasDatabaseName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasDatabaseName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken()
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasDatabaseName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("INTEGER");
+
+                    b.Property<string>("ClaimType")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("ClaimValue")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired()
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("INTEGER");
+
+                    b.Property<string>("ClaimType")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("ClaimValue")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("UserId")
+                        .IsRequired()
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("ProviderKey")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("ProviderDisplayName")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("UserId")
+                        .IsRequired()
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("RoleId")
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("LoginProvider")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("Name")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("Value")
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole", null)
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole", null)
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/00000000000000_CreateIdentitySchema.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/00000000000000_CreateIdentitySchema.cs
new file mode 100644
index 000000000000..bf83fc9a9f27
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/00000000000000_CreateIdentitySchema.cs
@@ -0,0 +1,222 @@
+using System;
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace BlazorWeb_CSharp.Migrations
+{
+    /// <inheritdoc />
+    public partial class CreateIdentitySchema : Migration
+    {
+        /// <inheritdoc />
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.CreateTable(
+                name: "AspNetRoles",
+                columns: table => new
+                {
+                    Id = table.Column<string>(type: "TEXT", nullable: false),
+                    Name = table.Column<string>(type: "TEXT", maxLength: 256, nullable: true),
+                    NormalizedName = table.Column<string>(type: "TEXT", maxLength: 256, nullable: true),
+                    ConcurrencyStamp = table.Column<string>(type: "TEXT", nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetRoles", x => x.Id);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUsers",
+                columns: table => new
+                {
+                    Id = table.Column<string>(type: "TEXT", nullable: false),
+                    UserName = table.Column<string>(type: "TEXT", maxLength: 256, nullable: true),
+                    NormalizedUserName = table.Column<string>(type: "TEXT", maxLength: 256, nullable: true),
+                    Email = table.Column<string>(type: "TEXT", maxLength: 256, nullable: true),
+                    NormalizedEmail = table.Column<string>(type: "TEXT", maxLength: 256, nullable: true),
+                    EmailConfirmed = table.Column<bool>(type: "INTEGER", nullable: false),
+                    PasswordHash = table.Column<string>(type: "TEXT", nullable: true),
+                    SecurityStamp = table.Column<string>(type: "TEXT", nullable: true),
+                    ConcurrencyStamp = table.Column<string>(type: "TEXT", nullable: true),
+                    PhoneNumber = table.Column<string>(type: "TEXT", nullable: true),
+                    PhoneNumberConfirmed = table.Column<bool>(type: "INTEGER", nullable: false),
+                    TwoFactorEnabled = table.Column<bool>(type: "INTEGER", nullable: false),
+                    LockoutEnd = table.Column<DateTimeOffset>(type: "TEXT", nullable: true),
+                    LockoutEnabled = table.Column<bool>(type: "INTEGER", nullable: false),
+                    AccessFailedCount = table.Column<int>(type: "INTEGER", nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUsers", x => x.Id);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetRoleClaims",
+                columns: table => new
+                {
+                    Id = table.Column<int>(type: "INTEGER", nullable: false)
+                        .Annotation("Sqlite:Autoincrement", true),
+                    RoleId = table.Column<string>(type: "TEXT", nullable: false),
+                    ClaimType = table.Column<string>(type: "TEXT", nullable: true),
+                    ClaimValue = table.Column<string>(type: "TEXT", nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetRoleClaims", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_AspNetRoleClaims_AspNetRoles_RoleId",
+                        column: x => x.RoleId,
+                        principalTable: "AspNetRoles",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserClaims",
+                columns: table => new
+                {
+                    Id = table.Column<int>(type: "INTEGER", nullable: false)
+                        .Annotation("Sqlite:Autoincrement", true),
+                    UserId = table.Column<string>(type: "TEXT", nullable: false),
+                    ClaimType = table.Column<string>(type: "TEXT", nullable: true),
+                    ClaimValue = table.Column<string>(type: "TEXT", nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserClaims", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_AspNetUserClaims_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserLogins",
+                columns: table => new
+                {
+                    LoginProvider = table.Column<string>(type: "TEXT", nullable: false),
+                    ProviderKey = table.Column<string>(type: "TEXT", nullable: false),
+                    ProviderDisplayName = table.Column<string>(type: "TEXT", nullable: true),
+                    UserId = table.Column<string>(type: "TEXT", nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserLogins", x => new { x.LoginProvider, x.ProviderKey });
+                    table.ForeignKey(
+                        name: "FK_AspNetUserLogins_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserRoles",
+                columns: table => new
+                {
+                    UserId = table.Column<string>(type: "TEXT", nullable: false),
+                    RoleId = table.Column<string>(type: "TEXT", nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserRoles", x => new { x.UserId, x.RoleId });
+                    table.ForeignKey(
+                        name: "FK_AspNetUserRoles_AspNetRoles_RoleId",
+                        column: x => x.RoleId,
+                        principalTable: "AspNetRoles",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                    table.ForeignKey(
+                        name: "FK_AspNetUserRoles_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserTokens",
+                columns: table => new
+                {
+                    UserId = table.Column<string>(type: "TEXT", nullable: false),
+                    LoginProvider = table.Column<string>(type: "TEXT", nullable: false),
+                    Name = table.Column<string>(type: "TEXT", nullable: false),
+                    Value = table.Column<string>(type: "TEXT", nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserTokens", x => new { x.UserId, x.LoginProvider, x.Name });
+                    table.ForeignKey(
+                        name: "FK_AspNetUserTokens_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetRoleClaims_RoleId",
+                table: "AspNetRoleClaims",
+                column: "RoleId");
+
+            migrationBuilder.CreateIndex(
+                name: "RoleNameIndex",
+                table: "AspNetRoles",
+                column: "NormalizedName",
+                unique: true);
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetUserClaims_UserId",
+                table: "AspNetUserClaims",
+                column: "UserId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetUserLogins_UserId",
+                table: "AspNetUserLogins",
+                column: "UserId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetUserRoles_RoleId",
+                table: "AspNetUserRoles",
+                column: "RoleId");
+
+            migrationBuilder.CreateIndex(
+                name: "EmailIndex",
+                table: "AspNetUsers",
+                column: "NormalizedEmail");
+
+            migrationBuilder.CreateIndex(
+                name: "UserNameIndex",
+                table: "AspNetUsers",
+                column: "NormalizedUserName",
+                unique: true);
+        }
+
+        /// <inheritdoc />
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropTable(
+                name: "AspNetRoleClaims");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserClaims");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserLogins");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserRoles");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserTokens");
+
+            migrationBuilder.DropTable(
+                name: "AspNetRoles");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUsers");
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/ApplicationDbContextModelSnapshot.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/ApplicationDbContextModelSnapshot.cs
new file mode 100644
index 000000000000..930cebc1857d
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlLite/ApplicationDbContextModelSnapshot.cs
@@ -0,0 +1,265 @@
+// <auto-generated />
+using System;
+using BlazorWeb_CSharp.Data;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+
+#nullable disable
+
+namespace BlazorWeb_CSharp.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    partial class ApplicationDbContextModelSnapshot : ModelSnapshot
+    {
+        protected override void BuildModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder.HasAnnotation("ProductVersion", "8.0.0");
+
+            modelBuilder.Entity("BlazorWeb_CSharp.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .HasColumnType("TEXT");
+
+                    b.Property<int>("AccessFailedCount")
+                        .HasColumnType("INTEGER");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken()
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.Property<bool>("EmailConfirmed")
+                        .HasColumnType("INTEGER");
+
+                    b.Property<bool>("LockoutEnabled")
+                        .HasColumnType("INTEGER");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("PasswordHash")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("PhoneNumber")
+                        .HasColumnType("TEXT");
+
+                    b.Property<bool>("PhoneNumberConfirmed")
+                        .HasColumnType("INTEGER");
+
+                    b.Property<string>("SecurityStamp")
+                        .HasColumnType("TEXT");
+
+                    b.Property<bool>("TwoFactorEnabled")
+                        .HasColumnType("INTEGER");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasDatabaseName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasDatabaseName("UserNameIndex");
+
+                    b.ToTable("AspNetUsers", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken()
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256)
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasDatabaseName("RoleNameIndex");
+
+                    b.ToTable("AspNetRoles", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("INTEGER");
+
+                    b.Property<string>("ClaimType")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("ClaimValue")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired()
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("INTEGER");
+
+                    b.Property<string>("ClaimType")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("ClaimValue")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("UserId")
+                        .IsRequired()
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("ProviderKey")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("ProviderDisplayName")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("UserId")
+                        .IsRequired()
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("RoleId")
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("LoginProvider")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("Name")
+                        .HasColumnType("TEXT");
+
+                    b.Property<string>("Value")
+                        .HasColumnType("TEXT");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole", null)
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole", null)
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/00000000000000_CreateIdentitySchema.Designer.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/00000000000000_CreateIdentitySchema.Designer.cs
new file mode 100644
index 000000000000..34d2b6df1a30
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/00000000000000_CreateIdentitySchema.Designer.cs
@@ -0,0 +1,279 @@
+// <auto-generated />
+using System;
+using BlazorWeb_CSharp.Data;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Metadata;
+using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+
+#nullable disable
+
+namespace BlazorWeb_CSharp.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    [Migration("00000000000000_CreateIdentitySchema")]
+    partial class CreateIdentitySchema
+    {
+        /// <inheritdoc />
+        protected override void BuildTargetModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("ProductVersion", "8.0.0")
+                .HasAnnotation("Relational:MaxIdentifierLength", 128);
+
+            SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder);
+
+            modelBuilder.Entity("BlazorWeb_CSharp.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<int>("AccessFailedCount")
+                        .HasColumnType("int");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken()
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.Property<bool>("EmailConfirmed")
+                        .HasColumnType("bit");
+
+                    b.Property<bool>("LockoutEnabled")
+                        .HasColumnType("bit");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd")
+                        .HasColumnType("datetimeoffset");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.Property<string>("PasswordHash")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("PhoneNumber")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<bool>("PhoneNumberConfirmed")
+                        .HasColumnType("bit");
+
+                    b.Property<string>("SecurityStamp")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<bool>("TwoFactorEnabled")
+                        .HasColumnType("bit");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasDatabaseName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasDatabaseName("UserNameIndex")
+                        .HasFilter("[NormalizedUserName] IS NOT NULL");
+
+                    b.ToTable("AspNetUsers", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken()
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasDatabaseName("RoleNameIndex")
+                        .HasFilter("[NormalizedName] IS NOT NULL");
+
+                    b.ToTable("AspNetRoles", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("int");
+
+                    SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property<int>("Id"));
+
+                    b.Property<string>("ClaimType")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("ClaimValue")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired()
+                        .HasColumnType("nvarchar(450)");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("int");
+
+                    SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property<int>("Id"));
+
+                    b.Property<string>("ClaimType")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("ClaimValue")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("UserId")
+                        .IsRequired()
+                        .HasColumnType("nvarchar(450)");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("ProviderKey")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("ProviderDisplayName")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("UserId")
+                        .IsRequired()
+                        .HasColumnType("nvarchar(450)");
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("RoleId")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("LoginProvider")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("Name")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("Value")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole", null)
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole", null)
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/00000000000000_CreateIdentitySchema.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/00000000000000_CreateIdentitySchema.cs
new file mode 100644
index 000000000000..ec47e9f16b95
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/00000000000000_CreateIdentitySchema.cs
@@ -0,0 +1,224 @@
+using System;
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace BlazorWeb_CSharp.Migrations
+{
+    /// <inheritdoc />
+    public partial class CreateIdentitySchema : Migration
+    {
+        /// <inheritdoc />
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.CreateTable(
+                name: "AspNetRoles",
+                columns: table => new
+                {
+                    Id = table.Column<string>(type: "nvarchar(450)", nullable: false),
+                    Name = table.Column<string>(type: "nvarchar(256)", maxLength: 256, nullable: true),
+                    NormalizedName = table.Column<string>(type: "nvarchar(256)", maxLength: 256, nullable: true),
+                    ConcurrencyStamp = table.Column<string>(type: "nvarchar(max)", nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetRoles", x => x.Id);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUsers",
+                columns: table => new
+                {
+                    Id = table.Column<string>(type: "nvarchar(450)", nullable: false),
+                    UserName = table.Column<string>(type: "nvarchar(256)", maxLength: 256, nullable: true),
+                    NormalizedUserName = table.Column<string>(type: "nvarchar(256)", maxLength: 256, nullable: true),
+                    Email = table.Column<string>(type: "nvarchar(256)", maxLength: 256, nullable: true),
+                    NormalizedEmail = table.Column<string>(type: "nvarchar(256)", maxLength: 256, nullable: true),
+                    EmailConfirmed = table.Column<bool>(type: "bit", nullable: false),
+                    PasswordHash = table.Column<string>(type: "nvarchar(max)", nullable: true),
+                    SecurityStamp = table.Column<string>(type: "nvarchar(max)", nullable: true),
+                    ConcurrencyStamp = table.Column<string>(type: "nvarchar(max)", nullable: true),
+                    PhoneNumber = table.Column<string>(type: "nvarchar(max)", nullable: true),
+                    PhoneNumberConfirmed = table.Column<bool>(type: "bit", nullable: false),
+                    TwoFactorEnabled = table.Column<bool>(type: "bit", nullable: false),
+                    LockoutEnd = table.Column<DateTimeOffset>(type: "datetimeoffset", nullable: true),
+                    LockoutEnabled = table.Column<bool>(type: "bit", nullable: false),
+                    AccessFailedCount = table.Column<int>(type: "int", nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUsers", x => x.Id);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetRoleClaims",
+                columns: table => new
+                {
+                    Id = table.Column<int>(type: "int", nullable: false)
+                        .Annotation("SqlServer:Identity", "1, 1"),
+                    RoleId = table.Column<string>(type: "nvarchar(450)", nullable: false),
+                    ClaimType = table.Column<string>(type: "nvarchar(max)", nullable: true),
+                    ClaimValue = table.Column<string>(type: "nvarchar(max)", nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetRoleClaims", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_AspNetRoleClaims_AspNetRoles_RoleId",
+                        column: x => x.RoleId,
+                        principalTable: "AspNetRoles",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserClaims",
+                columns: table => new
+                {
+                    Id = table.Column<int>(type: "int", nullable: false)
+                        .Annotation("SqlServer:Identity", "1, 1"),
+                    UserId = table.Column<string>(type: "nvarchar(450)", nullable: false),
+                    ClaimType = table.Column<string>(type: "nvarchar(max)", nullable: true),
+                    ClaimValue = table.Column<string>(type: "nvarchar(max)", nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserClaims", x => x.Id);
+                    table.ForeignKey(
+                        name: "FK_AspNetUserClaims_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserLogins",
+                columns: table => new
+                {
+                    LoginProvider = table.Column<string>(type: "nvarchar(450)", nullable: false),
+                    ProviderKey = table.Column<string>(type: "nvarchar(450)", nullable: false),
+                    ProviderDisplayName = table.Column<string>(type: "nvarchar(max)", nullable: true),
+                    UserId = table.Column<string>(type: "nvarchar(450)", nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserLogins", x => new { x.LoginProvider, x.ProviderKey });
+                    table.ForeignKey(
+                        name: "FK_AspNetUserLogins_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserRoles",
+                columns: table => new
+                {
+                    UserId = table.Column<string>(type: "nvarchar(450)", nullable: false),
+                    RoleId = table.Column<string>(type: "nvarchar(450)", nullable: false)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserRoles", x => new { x.UserId, x.RoleId });
+                    table.ForeignKey(
+                        name: "FK_AspNetUserRoles_AspNetRoles_RoleId",
+                        column: x => x.RoleId,
+                        principalTable: "AspNetRoles",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                    table.ForeignKey(
+                        name: "FK_AspNetUserRoles_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateTable(
+                name: "AspNetUserTokens",
+                columns: table => new
+                {
+                    UserId = table.Column<string>(type: "nvarchar(450)", nullable: false),
+                    LoginProvider = table.Column<string>(type: "nvarchar(450)", nullable: false),
+                    Name = table.Column<string>(type: "nvarchar(450)", nullable: false),
+                    Value = table.Column<string>(type: "nvarchar(max)", nullable: true)
+                },
+                constraints: table =>
+                {
+                    table.PrimaryKey("PK_AspNetUserTokens", x => new { x.UserId, x.LoginProvider, x.Name });
+                    table.ForeignKey(
+                        name: "FK_AspNetUserTokens_AspNetUsers_UserId",
+                        column: x => x.UserId,
+                        principalTable: "AspNetUsers",
+                        principalColumn: "Id",
+                        onDelete: ReferentialAction.Cascade);
+                });
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetRoleClaims_RoleId",
+                table: "AspNetRoleClaims",
+                column: "RoleId");
+
+            migrationBuilder.CreateIndex(
+                name: "RoleNameIndex",
+                table: "AspNetRoles",
+                column: "NormalizedName",
+                unique: true,
+                filter: "[NormalizedName] IS NOT NULL");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetUserClaims_UserId",
+                table: "AspNetUserClaims",
+                column: "UserId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetUserLogins_UserId",
+                table: "AspNetUserLogins",
+                column: "UserId");
+
+            migrationBuilder.CreateIndex(
+                name: "IX_AspNetUserRoles_RoleId",
+                table: "AspNetUserRoles",
+                column: "RoleId");
+
+            migrationBuilder.CreateIndex(
+                name: "EmailIndex",
+                table: "AspNetUsers",
+                column: "NormalizedEmail");
+
+            migrationBuilder.CreateIndex(
+                name: "UserNameIndex",
+                table: "AspNetUsers",
+                column: "NormalizedUserName",
+                unique: true,
+                filter: "[NormalizedUserName] IS NOT NULL");
+        }
+
+        /// <inheritdoc />
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.DropTable(
+                name: "AspNetRoleClaims");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserClaims");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserLogins");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserRoles");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUserTokens");
+
+            migrationBuilder.DropTable(
+                name: "AspNetRoles");
+
+            migrationBuilder.DropTable(
+                name: "AspNetUsers");
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/ApplicationDbContextModelSnapshot.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/ApplicationDbContextModelSnapshot.cs
new file mode 100644
index 000000000000..a6b6896c65dd
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/SqlServer/ApplicationDbContextModelSnapshot.cs
@@ -0,0 +1,276 @@
+// <auto-generated />
+using System;
+using BlazorWeb_CSharp.Data;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.Infrastructure;
+using Microsoft.EntityFrameworkCore.Metadata;
+using Microsoft.EntityFrameworkCore.Storage.ValueConversion;
+
+#nullable disable
+
+namespace BlazorWeb_CSharp.Migrations
+{
+    [DbContext(typeof(ApplicationDbContext))]
+    partial class ApplicationDbContextModelSnapshot : ModelSnapshot
+    {
+        protected override void BuildModel(ModelBuilder modelBuilder)
+        {
+#pragma warning disable 612, 618
+            modelBuilder
+                .HasAnnotation("ProductVersion", "8.0.0")
+                .HasAnnotation("Relational:MaxIdentifierLength", 128);
+
+            SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder);
+
+            modelBuilder.Entity("BlazorWeb_CSharp.Data.ApplicationUser", b =>
+                {
+                    b.Property<string>("Id")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<int>("AccessFailedCount")
+                        .HasColumnType("int");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken()
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("Email")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.Property<bool>("EmailConfirmed")
+                        .HasColumnType("bit");
+
+                    b.Property<bool>("LockoutEnabled")
+                        .HasColumnType("bit");
+
+                    b.Property<DateTimeOffset?>("LockoutEnd")
+                        .HasColumnType("datetimeoffset");
+
+                    b.Property<string>("NormalizedEmail")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.Property<string>("NormalizedUserName")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.Property<string>("PasswordHash")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("PhoneNumber")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<bool>("PhoneNumberConfirmed")
+                        .HasColumnType("bit");
+
+                    b.Property<string>("SecurityStamp")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<bool>("TwoFactorEnabled")
+                        .HasColumnType("bit");
+
+                    b.Property<string>("UserName")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedEmail")
+                        .HasDatabaseName("EmailIndex");
+
+                    b.HasIndex("NormalizedUserName")
+                        .IsUnique()
+                        .HasDatabaseName("UserNameIndex")
+                        .HasFilter("[NormalizedUserName] IS NOT NULL");
+
+                    b.ToTable("AspNetUsers", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b =>
+                {
+                    b.Property<string>("Id")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("ConcurrencyStamp")
+                        .IsConcurrencyToken()
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("Name")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.Property<string>("NormalizedName")
+                        .HasMaxLength(256)
+                        .HasColumnType("nvarchar(256)");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("NormalizedName")
+                        .IsUnique()
+                        .HasDatabaseName("RoleNameIndex")
+                        .HasFilter("[NormalizedName] IS NOT NULL");
+
+                    b.ToTable("AspNetRoles", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("int");
+
+                    SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property<int>("Id"));
+
+                    b.Property<string>("ClaimType")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("ClaimValue")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("RoleId")
+                        .IsRequired()
+                        .HasColumnType("nvarchar(450)");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetRoleClaims", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.Property<int>("Id")
+                        .ValueGeneratedOnAdd()
+                        .HasColumnType("int");
+
+                    SqlServerPropertyBuilderExtensions.UseIdentityColumn(b.Property<int>("Id"));
+
+                    b.Property<string>("ClaimType")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("ClaimValue")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("UserId")
+                        .IsRequired()
+                        .HasColumnType("nvarchar(450)");
+
+                    b.HasKey("Id");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserClaims", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.Property<string>("LoginProvider")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("ProviderKey")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("ProviderDisplayName")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.Property<string>("UserId")
+                        .IsRequired()
+                        .HasColumnType("nvarchar(450)");
+
+                    b.HasKey("LoginProvider", "ProviderKey");
+
+                    b.HasIndex("UserId");
+
+                    b.ToTable("AspNetUserLogins", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.Property<string>("UserId")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("RoleId")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.HasKey("UserId", "RoleId");
+
+                    b.HasIndex("RoleId");
+
+                    b.ToTable("AspNetUserRoles", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.Property<string>("UserId")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("LoginProvider")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("Name")
+                        .HasColumnType("nvarchar(450)");
+
+                    b.Property<string>("Value")
+                        .HasColumnType("nvarchar(max)");
+
+                    b.HasKey("UserId", "LoginProvider", "Name");
+
+                    b.ToTable("AspNetUserTokens", (string)null);
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole", null)
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserClaim<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserLogin<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserRole<string>", b =>
+                {
+                    b.HasOne("Microsoft.AspNetCore.Identity.IdentityRole", null)
+                        .WithMany()
+                        .HasForeignKey("RoleId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+
+            modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b =>
+                {
+                    b.HasOne("BlazorWeb_CSharp.Data.ApplicationUser", null)
+                        .WithMany()
+                        .HasForeignKey("UserId")
+                        .OnDelete(DeleteBehavior.Cascade)
+                        .IsRequired();
+                });
+#pragma warning restore 612, 618
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserManagerExtensions.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserManagerExtensions.cs
new file mode 100644
index 000000000000..6d3808584a60
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserManagerExtensions.cs
@@ -0,0 +1,24 @@
+using Microsoft.AspNetCore.Components.Authorization;
+
+namespace Microsoft.AspNetCore.Identity;
+
+internal static class UserManagerExtensions
+{
+    public static async Task<(TUser? User, string? Error)> GetUserAsync<TUser>(this UserManager<TUser> userManager, Task<AuthenticationState>? authenticationStateTask)
+        where TUser : class
+    {
+        if (authenticationStateTask is null)
+        {
+            return (User: null, Error: "Unable to authenticate user.");
+        }
+
+        var authenticationState = await authenticationStateTask;
+        var user = await userManager.GetUserAsync(authenticationState.User);
+        if (user is null)
+        {
+            return (User: null, Error: $"Unable to load user with ID '{userManager.GetUserId(authenticationState.User)}'.");
+        }
+
+        return (User: user, Error: null);
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs
new file mode 100644
index 000000000000..362b62609fc9
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs
@@ -0,0 +1,51 @@
+using BlazorWeb_CSharp.Client;
+using Microsoft.AspNetCore.Components;
+using Microsoft.AspNetCore.Components.Authorization;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
+
+namespace BlazorWeb_CSharp;
+
+public class PersistingAuthenticationStateProvider : AuthenticationStateProvider, IDisposable
+{
+    private readonly IHttpContextAccessor _contextAccessor;
+    private readonly PersistingComponentStateSubscription _subscription;
+
+    public PersistingAuthenticationStateProvider(IHttpContextAccessor contextAccessor, PersistentComponentState state, IOptions<IdentityOptions> identityOptions)
+    {
+        _contextAccessor = contextAccessor;
+
+        _subscription = state.RegisterOnPersisting(() =>
+        {
+            var user = RequiredHttpContext.User;
+
+            if (user.Identity?.IsAuthenticated == true)
+            {
+                var userId = user.FindFirst(identityOptions.Value.ClaimsIdentity.UserIdClaimType)?.Value;
+                var email = user.FindFirst(identityOptions.Value.ClaimsIdentity.EmailClaimType)?.Value;
+
+                if (userId != null && email != null)
+                {
+                    state.PersistAsJson(nameof(UserInfo), new UserInfo
+                    {
+                        UserId = userId,
+                        Email = email,
+                    });
+                }
+            }
+
+            return Task.CompletedTask;
+        });
+    }
+
+    private HttpContext RequiredHttpContext => 
+        _contextAccessor.HttpContext ?? throw new InvalidOperationException("IHttpContextAccessor HttpContext AsyncLocal missing!"); 
+
+    public override Task<AuthenticationState> GetAuthenticationStateAsync() =>
+        Task.FromResult(new AuthenticationState(RequiredHttpContext.User));
+
+    public void Dispose()
+    {
+        _subscription.Dispose();
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
index c241a8dd7610..7d805af202b7 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
@@ -1,7 +1,17 @@
+#if (IndividualLocalAuth)
+using BlazorWeb_CSharp;
+#endif
 #if (UseWebAssembly)
 using BlazorWeb_CSharp.Client.Pages;
 #endif
 using BlazorWeb_CSharp.Components;
+#if (IndividualLocalAuth)
+using BlazorWeb_CSharp.Data;
+using Microsoft.AspNetCore.Components.Authorization;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity.UI.Services;
+using Microsoft.EntityFrameworkCore;
+#endif
 
 namespace BlazorWeb_CSharp;
 
@@ -26,6 +36,30 @@ public static void Main(string[] args)
           #endif
         #endif
 
+        #if (IndividualLocalAuth)
+        builder.Services.AddCascadingAuthenticationState();
+        builder.Services.AddScoped<AuthenticationStateProvider, PersistingAuthenticationStateProvider>();
+
+        builder.Services.AddAuthentication(IdentityConstants.ApplicationScheme)
+            .AddIdentityCookies();
+
+        var connectionString = builder.Configuration.GetConnectionString("DefaultConnection") ?? throw new InvalidOperationException("Connection string 'DefaultConnection' not found.");
+        builder.Services.AddDbContext<ApplicationDbContext>(options =>
+        #if (UseLocalDB)
+            options.UseSqlServer(connectionString));
+        #else
+            options.UseSqlite(connectionString));
+        #endif
+        builder.Services.AddDatabaseDeveloperPageExceptionFilter();
+
+        builder.Services.AddIdentityCore<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
+            .AddEntityFrameworkStores<ApplicationDbContext>()
+            .AddSignInManager()
+            .AddDefaultTokenProviders();
+
+        builder.Services.AddSingleton<IEmailSender, NoOpEmailSender>();
+
+        #endif
         var app = builder.Build();
 
         // Configure the HTTP request pipeline.
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
index 5470d2ce484d..857bf510ad44 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
@@ -1,7 +1,17 @@
+#if (IndividualLocalAuth)
+using BlazorWeb_CSharp;
+#endif
 #if (UseWebAssembly)
 using BlazorWeb_CSharp.Client.Pages;
 #endif
 using BlazorWeb_CSharp.Components;
+#if (IndividualLocalAuth)
+using BlazorWeb_CSharp.Data;
+using Microsoft.AspNetCore.Components.Authorization;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity.UI.Services;
+using Microsoft.EntityFrameworkCore;
+#endif
 
 var builder = WebApplication.CreateBuilder(args);
 
@@ -13,13 +23,37 @@
     #if (UseServer && UseWebAssembly)
     .AddInteractiveServerComponents()
     .AddInteractiveWebAssemblyComponents();
-    #elif(UseServer)
+    #elif (UseServer)
     .AddInteractiveServerComponents();
-    #elif(UseWebAssembly)
+    #elif (UseWebAssembly)
     .AddInteractiveWebAssemblyComponents();
     #endif
 #endif
 
+#if (IndividualLocalAuth)
+builder.Services.AddCascadingAuthenticationState();
+builder.Services.AddScoped<AuthenticationStateProvider, PersistingAuthenticationStateProvider>();
+
+builder.Services.AddAuthentication(IdentityConstants.ApplicationScheme)
+    .AddIdentityCookies();
+
+var connectionString = builder.Configuration.GetConnectionString("DefaultConnection") ?? throw new InvalidOperationException("Connection string 'DefaultConnection' not found.");
+builder.Services.AddDbContext<ApplicationDbContext>(options =>
+#if (UseLocalDB)
+    options.UseSqlServer(connectionString));
+#else
+    options.UseSqlite(connectionString));
+#endif
+builder.Services.AddDatabaseDeveloperPageExceptionFilter();
+
+builder.Services.AddIdentityCore<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
+    .AddEntityFrameworkStores<ApplicationDbContext>()
+    .AddSignInManager()
+    .AddDefaultTokenProviders();
+
+builder.Services.AddSingleton<IEmailSender, NoOpEmailSender>();
+
+#endif
 var app = builder.Build();
 
 // Configure the HTTP request pipeline.
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/app.db b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/app.db
new file mode 100644
index 0000000000000000000000000000000000000000..769de58a9edcf5a1759ed6f6ce8bd0b2608e727e
GIT binary patch
literal 102400
zcmeI5%WvC89>+yLM89O^(L`Hxw`J(XHi92;l6Jj|MUkp9l?aw8MUt~Nia=!~CLtn;
zjz~3i(LK0M1GL9piv{){*kezN9QTmx_O!=dd)|YAUUp_knnRkjY$OI8;Vak)Igj7`
z=JR{ZP#h$+J0-)`r3YrOquJ7p#JR-CNaABjN+c2^<o9jz>wVJXV$8cCe+%4o+~r7O
z>A^4Kv~l`Z+U9cl*V!MYFQuMMen0uK_+tE}_|@o-<KGECjoLyv@pGJ*S150v7c=kA
z3A^tY-Io4E)okmk*3pafCTDG{x=o9$3;C*&t1HrmTD-HNNJVv3*_7l!YgsC*lFapy
zrK_?^xwVZi^%j*XXLp5jVkWmJ>|SBR6*n7xhkRQzI#z=UEw;kN=UoNdk>fjt)o`Rz
zT^zx3cJJL;F|)WRd}G?${kHCmv|;JJy7^e|TH*V&J90huNlEc0=r<>lQ&ST8$h553
zlBK$`S(nr@`Q0d$7Tn5``OxTAdgkXwOYg<BVThu;-__cE-RtIy&6m|$y_zekbxE$Q
zxh#3zD%Ik8uDT_yDO-eqtKotq2h|}3j(J>dd9j7VV!3gwhBxa%xvCUzslk!5QdKD^
zRYlD!H6EQs?Lk;&sn4t`C55<FK3B`<R+ZFL_GUVnsVxc#<|5XUHVMFn*0)V|&kgR_
zt8p!Cv2%OX88I_IFFgM=WMSsZesgx4inA}PJ*IhG--<LIPcvX7cYrt>xiYhZjKail
zapZ-NECp@i$&0Xwt4W+qPND(zhg0#2k5b9Zo%z9D;o#t$f)&i}El;tie||CK6D$<C
zsCVwC<GjMD_T3^FNs$g9dvU*}?|3mBN)KL(Rm0kDYdd@<@T1*}-^f8?z06ZM=w?B+
zNdoXRpgIn8IY%ZJil<`no72b31Fkll$(@p!y~L!G>2HK=?koy^B5>}f;%t7fhPcU`
zW_glxm0L>nAkj;)2Jm|G2FPvH%SDxpx2~vlZ;kL$Y2*UJq||q|BUS;K)g5Dr2;_1{
zt<$z)Wg<y4@fI_Ho69ZzNnh_a_0a8P0Dq|RYM1OE7D&(RUP3%<R2t*XgdC&#_Y(oB
z-2TLA?g#Smjp_@RrGZAJjbnEOOo!KHR9~%AT@1(q{j5DMX6ELEZ{G{W6_-Y>WE6O|
zIs};qygfdO$d-X)&4)}(vh=r}bkLYaN=Gx=UQXsRt=~DW1uM^+-3LamqetWePs564
zSx?Pg>$YY+iWsP-H~T%q-l^GIXFH;vj6fRnNVvo{sXQ{fy4vsD_cxZ@Ot{)(Xj^}3
z7PO{q_LMH&8y_*RlG%K0_HCtmu;b+hJ*XTYB-bQaz$y?M=&iij@7jm+Dsi_DlgUhR
zZt%))@moPl+`Tu-ymU|Cyp#rs>!s{+EXqq+&56C#?G@prG0x{ZSxkc?j8CzQ4aUNB
z^02U*@!d^9%&e>kUzZt{MnfsA8xMP$ZJ1r_wqX(D??e`k1W`q{@u3~aJe2&xF&-l*
zf+N|ZwE9i^F4<ucWxZ%|w^D>iaU_|!w-V<lk>fP3MHY`bPt<QsrpSem{&#}>-~$36
z00JNY0w4eaAOHd&00JNY0w8df3H(_Yt=(7-d>Z+luG!?9S-or1uiu)F^p5tYrRAmN
z#a?si`qK3qAN=w9(zOq!$h?H~e-q>f9}oZm5C8!X009sH0T2KI5C8!X0D(7+z#m3y
zlYwspmLtCspzr_5p?`cp00ck)1V8`;KmY_l00ck)1V8`;hL`|-|BvVYAvQ3k1_B@e
z0w4eaAOHd&00JNY0w4eagaF?E!wo<H1V8`;KmY_l00ck)1V8`;Kw$U@;Qjyb+ZZzh
z0T2KI5C8!X009sH0T2KI5C8$Z|A!BN00@8p2!H?xfB*=900@8p2!O!w6TtKT@Y@(O
z1OX5L0T2KI5C8!X009sH0T2KIJpaQ7KmY_l00ck)1V8`;KmY_l00cl__zB?ofB0>T
z8G--^fB*=900@8p2!H?xfB*=90RH_y_y7oi00@8p2!H?xfB*=900@8p2n;^~y#F75
z8)Jqb00JNY0w4eaAOHd&00JNY0w93*|L_42009sH0T2KI5C8!X009sH0T38|0(k#F
z{5Hl6K>!3m00ck)1V8`;KmY_l00ck)@BiTgAOHd&00JNY0w4eaAOHd&00JN|`~>j)
zKm0bv3_$<{KmY_l00ck)1V8`;KmY_l0MGyM0T2KI5C8!X009sH0T2KI5C8!X7=8kH
z{vUoDV}>9A0w4eaAOHd&00JNY0w4eaAdpJ$Cnm)giP`_8|C##N><`nIQqLy8pZr*S
zG5%8gYV^nP?}VR5ZK0g_IdSjAw9@<HXPMlhuzSVmw)8KGn~j{ct?KrMrT6k}&FEMS
zdRc6Ri!bJ@O0KR*MRir#l;rr1vQ$<jIow^AuF8&JIom!jX5OC@cHdztRL!=oY8|~u
z^>Mn<BI|-X;D%bfvvDwPpfx`f>qAFT&0a@q8(-=zDpk(z3g^VA8Pg8#jOnE}W54)(
z%#8gO4X0yR4M!@~#jVe#_s4(9EG`P)n6`Gmt^085=3~8Uh40hu$o1SOC530{G$)c%
zQxf@jM5Vg2S(nr@`Q0d$7Tn5``OxTAdgkXwOYh0iZ5X2Hs=HdduY28mvH7xEt5<VH
zwJyn(HO_lH-73}Mdak-9ttnf+%@-s&s17M`%;Rdyi!B@$%Z=kXs4NxARi$`K4UUwR
zs!BnrDr#P-@#rjSk77&CQuka{N(%Aie6E(yttzRh?9FsCQ(F`g%p<KQZNt_ZTHiL=
zJvX>B$;P#?#m=So$0joK^TP8_Ll&kkz!{j`rsC|&YL97N*S8{#$I}cL$sHihMy|~4
zAfqrbE*9t7?HRI(CojS#tXsTIPND(LE2rWWAElC+JM)9R!a=|}1uK|M?+gE<QUCm6
z$R}7Ra8BXePse$MQ|-G&Fp?r2K=$H(P2cfiIFuf|7ORG}-PU&aOyEcRkr^h|%RGgH
zZWdIVBmhqXs^dVHb7XR%cq$gZIeol5;A+E}+$ovaBTF~S^fy8_cNPUdZ#ef;aW+3#
zL)>IeG8b8T>&h*qdXVU)SOa*yc?0A&>gA$J##>j^y0=ESOLDXiF)8((?TA%CW_8C{
zA_BSGQR}pASeZ!DOuWSm;O25mf6~{xO+9ow8NeT^yxJxEhXv9zyO$6T8<obmGa<*Q
z{{2Kis=F2PtNlPezESz!1C2@>Q_+#Tg4b$PU#(MJ49EigtUWGf=H`TN-wVYRmqx8*
z6nM5e1epiG#77a?GH|T<kcml_{??NY8q-MWXhz#J4wq^D&T%bRdEV?kFnS$5A|H4f
zRy50cYW7;UHS1BtKsCMD?-}+^&DJ{G5%pvQ(x6AeCALZBk=fPNe&@cwvE*jL)gD9J
z`ct!@HEpw}bm`vsh<TOF=3}#OE8PR%<_0~e93UjuBw4^J5F6;NyxH&Chx00Nw-1xa
zOmS}T%5U*oK}+1dH_E(pPvE?i28rvX>~bv1OIgi{z0~a$;iWOo=Q~+UgCmSjv5XDI
z!gTVmu$%GSO+n18tO#G18J0#vDXbe0dzx*SUF)`C5##Sf7LEi_MYi#w9mqVC{K7FF
zBPfC+*`u`jP5Um{VG?D%XmPhvgh+8DnYp(T=O~fmG_FM!kCJEk3Hm&b_x~sURs$VC
z00ck)1V8`;KmY_l00ck)1VG@8BS8QEzf|&NVs?FYW@cr2f9kJOm&yD8-%tEw;<w`8
z#lMg$d_VvMKmY_l;Or9EzU-Xynq#MEyjNn}IWP8V?rrxw{@^*UKx_Vh73)L3^XJZa
zd2QwFXP3mx6>_p{l8wmTmxYJ>jXRusj?Hf~U=Zh}T=s8oiJ6=8!tU?b2!T^@&WjKF
zr+1c&D#l7P!9ioYg>_(^>0}+L^f24S$ir-OB=<}Lz2p^eiZ30ZL7-z;1*ekg;0UHV
zT!_`deZwEt!70WOLhrOCHK&WpwJdjN(y!z#|H>!S_THU!4l&>iqI)FrjGaMz#nWbc
z)fo{d5W}ZJy~O#3o<Mx{^JvRcEb4IvksU{7tC@H1P(GVy5b^&1>~3kH83=#?2!H?x
zfB*=900@8p2!H?xye<NG{(oI0AqNCN00ck)1V8`;KmY_l00ck)1kNr2JpZ3v+dwlA
a009sH0T2KI5C8!X009sH0T6gy1pW{Fd2Fu$

literal 0
HcmV?d00001

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/appsettings.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/appsettings.json
index 10f68b8c8b4f..a3f1a98503ab 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/appsettings.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/appsettings.json
@@ -1,4 +1,13 @@
 {
+////#if (IndividualLocalAuth)
+//  "ConnectionStrings": {
+//#if (UseLocalDB)
+//    "DefaultConnection": "Server=(localdb)\\mssqllocaldb;Database=aspnet-BlazorWeb_CSharp-53bc9b9d-9d6a-45d4-8429-2a2761773502;Trusted_Connection=True;MultipleActiveResultSets=true"
+//#else
+//    "DefaultConnection": "DataSource=app.db;Cache=Shared"
+//#endif
+//  },
+////#endif
   "Logging": {
     "LogLevel": {
       "Default": "Information",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/ComponentsWebAssembly-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/ComponentsWebAssembly-CSharp/.template.config/template.json
index c3caf90c3680..b27e1bc54a15 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/ComponentsWebAssembly-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/ComponentsWebAssembly-CSharp/.template.config/template.json
@@ -17,7 +17,6 @@
     "5990939C-7E7B-4CFA-86FF-44CA5756498A",
     "650B3CE7-2E93-4CC4-9F46-466686815EAA",
     "0AFFA7FD-4E37-4636-AB91-3753E746DB98",
-    "09732173-2cef-46b7-83db-1334bcb079d3", // Tenant ID
     "53bc9b9d-9d6a-45d4-8429-2a2761773502" // Client ID
   ],
   "identity": "Microsoft.Web.Blazor.Wasm.CSharp.8.0",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/RazorPagesWeb-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/RazorPagesWeb-CSharp/.template.config/template.json
index 55b87ecde260..870a9113049e 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/RazorPagesWeb-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/RazorPagesWeb-CSharp/.template.config/template.json
@@ -24,8 +24,7 @@
   "sourceName": "Company.WebApplication1",
   "preferNameDirectory": true,
   "guids": [
-    "09732173-2cef-46b7-83db-1334bcb079d3", // Tenant ID
-    "0ce56475-d1db-490f-8af1-a881ea4fcd2d" // Client ID
+    "53bc9b9d-9d6a-45d4-8429-2a2761773502" // Client ID
   ],
   "sources": [
     {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/StarterWeb-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/StarterWeb-CSharp/.template.config/template.json
index 93051d2b5188..47f122336557 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/StarterWeb-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/StarterWeb-CSharp/.template.config/template.json
@@ -20,7 +20,6 @@
   "sourceName": "Company.WebApplication1",
   "preferNameDirectory": true,
   "guids": [
-    "09732173-2cef-46b7-83db-1334bcb079d3", // Tenant ID
     "53bc9b9d-9d6a-45d4-8429-2a2761773502" // Client ID
   ],
   "sources": [
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/WebApi-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/WebApi-CSharp/.template.config/template.json
index 82af2f113586..4febaa962f0a 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/WebApi-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/WebApi-CSharp/.template.config/template.json
@@ -21,7 +21,6 @@
   "sourceName": "Company.WebApplication1",
   "preferNameDirectory": true,
   "guids": [
-    "09732173-2cef-46b7-83db-1334bcb079d3", // Tenant ID
     "53bc9b9d-9d6a-45d4-8429-2a2761773502" // Client ID
   ],
   "sources": [

From d85f2a65b4ff5fb246fd83c036bf72adebdc8c87 Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Mon, 18 Sep 2023 12:19:50 -0700
Subject: [PATCH 02/18] Include updates from
 https://github.com/halter73/BlazorWebIdentity/pull/2

---
 .../.template.config/template.json            |   2 +
 .../Identity/ExternalLoginPicker.razor        |  46 ++++
 .../Components/Identity/StatusMessage.razor   |  20 ++
 .../Pages/Account/ConfirmEmail.razor          |   2 +-
 .../Pages/Account/ConfirmEmailChange.razor    |  64 ++++++
 .../Pages/Account/ExternalLogin.razor         | 215 ++++++++++++++++++
 .../Pages/Account/ForgotPassword.razor        |   6 +-
 .../Pages/Account/InvalidUser.razor           |   7 +
 .../Components/Pages/Account/Lockout.razor    |   8 +
 .../Components/Pages/Account/Login.razor      |  50 ++--
 .../Pages/Account/LoginWith2fa.razor          | 108 +++++++++
 .../Pages/Account/LoginWithRecoveryCode.razor |  93 ++++++++
 .../Pages/Account/Manage/ChangePassword.razor |  23 +-
 .../Account/Manage/DeletePersonalData.razor   |  84 +++++++
 .../Pages/Account/Manage/Disable2fa.razor     |  67 ++++++
 .../Pages/Account/Manage/Email.razor          |  37 +--
 .../Account/Manage/EnableAuthenticator.razor  | 168 ++++++++++++++
 .../Pages/Account/Manage/ExternalLogins.razor | 148 +++++++++++-
 .../Manage/GenerateRecoveryCodes.razor        |  60 +++++
 .../Pages/Account/Manage/Index.razor          |  25 +-
 .../Pages/Account/Manage/PersonalData.razor   |  30 ++-
 .../Account/Manage/ResetAuthenticator.razor   |  54 +++++
 .../Pages/Account/Manage/SetPassword.razor    |  87 +++++++
 .../Account/Manage/ShowRecoveryCodes.razor    |  43 ++++
 .../Manage/TwoFactorAuthentication.razor      |  97 +++++++-
 .../Components/Pages/Account/Register.razor   |  45 +---
 .../Pages/Account/RegisterConfirmation.razor  |   2 +-
 .../Account/ResendEmailConfirmation.razor     |  76 +++++++
 .../Pages/Account/ResetPassword.razor         |   6 +-
 .../Pages/Account/StatusMessage.razor         |  12 -
 .../BlazorWeb-CSharp/Data/UserAccessor.cs     |  28 +++
 .../Data/UserManagerExtensions.cs             |  24 --
 ...omponentsEndpointRouteBuilderExtensions.cs | 118 ++++++++++
 .../RedirectNavigationManagerExtensions.cs    |  38 ++++
 .../BlazorWeb-CSharp/Program.Main.cs          |   6 +
 .../BlazorWeb-CSharp/Program.cs               |   6 +
 36 files changed, 1724 insertions(+), 181 deletions(-)
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ExternalLoginPicker.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/StatusMessage.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmailChange.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/InvalidUser.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Lockout.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Disable2fa.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ResetAuthenticator.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ShowRecoveryCodes.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor
 delete mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/StatusMessage.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserAccessor.cs
 delete mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserManagerExtensions.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/RedirectNavigationManagerExtensions.cs

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
index 6c5c05e1161b..a49e8d59f673 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
@@ -114,7 +114,9 @@
           "condition": "(!IndividualLocalAuth)",
           "exclude": [
             "BlazorWeb-CSharp/Components/Pages/Account/**",
+            "BlazorWeb-CSharp/Components/Identity/**",
             "BlazorWeb-CSharp/Data/**",
+            "BlazorWeb-CSharp/Identity/**",
             "BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs",
             "BlazorWeb-CSharp.Client/PersistedAuthenticationStateProvider.cs",
             "BlazorWeb-CSharp.Client/UserInfo.cs",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ExternalLoginPicker.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ExternalLoginPicker.razor
new file mode 100644
index 000000000000..d67edc9db99a
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ExternalLoginPicker.razor
@@ -0,0 +1,46 @@
+@using Microsoft.AspNetCore.Authentication
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Components.Pages.Account
+@using BlazorWeb_CSharp.Data
+
+@inject SignInManager<ApplicationUser> SignInManager
+@inject NavigationManager NavigationManager
+
+@if ((_externalLogins?.Count ?? 0) == 0)
+{
+    <div>
+        <p>
+            There are no external authentication services configured. See this <a href="https://go.microsoft.com/fwlink/?LinkID=532715">article
+            about setting up this ASP.NET application to support logging in via external services</a>.
+        </p>
+    </div>
+}
+else
+{
+    <form id="external-account" class="form-horizontal" action="/Account/PerformExternalLogin" method="post">
+        <div>
+            <AntiforgeryToken />
+            <input type="hidden" name="ReturnUrl" value="@ReturnUrl" />
+            <p>
+                @foreach (var provider in _externalLogins!)
+                {
+                    <button type="submit" class="btn btn-primary" name="provider" value="@provider.Name" title="Log in using your @provider.DisplayName account">@provider.DisplayName</button>
+                }
+            </p>
+        </div>
+    </form>
+}
+
+@code {
+    private IList<AuthenticationScheme>? _externalLogins;
+
+    [SupplyParameterFromQuery]
+    private string ReturnUrl { get; set; } = default!;
+
+    protected override async Task OnInitializedAsync()
+    {
+        ReturnUrl ??= "/";
+
+        _externalLogins = (await SignInManager.GetExternalAuthenticationSchemesAsync()).ToList();
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/StatusMessage.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/StatusMessage.razor
new file mode 100644
index 000000000000..33953c94bc52
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/StatusMessage.razor
@@ -0,0 +1,20 @@
+@{
+    var message = Message ?? MessageFromQuery;
+}
+
+@if (!string.IsNullOrEmpty(message))
+{
+    var statusMessageClass = message.StartsWith("Error") ? "danger" : "success";
+    <div class="alert alert-@statusMessageClass alert-dismissible" role="alert">
+        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+        @message
+    </div>
+}
+
+@code {
+    [Parameter]
+    public string? Message { get; set; }
+
+    [SupplyParameterFromQuery(Name = "Message")]
+    public string? MessageFromQuery { get; set; }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor
index 378b2ec21fde..66a4f5b34ca7 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor
@@ -26,7 +26,7 @@
     {
         if (UserId == null || Code == null)
         {
-            NavigationManager.NavigateTo("/");
+            NavigationManager.RedirectTo("/");
         }
         else
         {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmailChange.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmailChange.razor
new file mode 100644
index 000000000000..08987693b08f
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmailChange.razor
@@ -0,0 +1,64 @@
+@page "/Account/ConfirmEmailChange"
+
+@using System.Text
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.WebUtilities
+@using BlazorWeb_CSharp.Data
+
+@inject UserManager<ApplicationUser> UserManager
+@inject SignInManager<ApplicationUser> SignInManager
+@inject UserAccessor UserAccessor
+@inject NavigationManager NavigationManager
+
+<PageTitle>Confirm email change</PageTitle>
+
+<h1>Confirm email change</h1>
+
+<StatusMessage Message="@_message" />
+
+@code {
+    private string? _message;
+    private ApplicationUser _user = default!;
+
+    [SupplyParameterFromQuery]
+    private string? UserId { get; set; }
+
+    [SupplyParameterFromQuery]
+    private string? Email { get; set; }
+
+    [SupplyParameterFromQuery]
+    private string? Code { get; set; }
+
+    protected override async Task OnInitializedAsync()
+    {
+        if (UserId is null || Email is null || Code is null)
+        {
+            NavigationManager.RedirectTo(
+                "/Account/Login",
+                new() { ["Message"] = "Error: Invalid email change confirmation link." });
+            return;
+        }
+
+        _user = await UserAccessor.GetRequiredUserAsync();
+
+        var code = Encoding.UTF8.GetString(WebEncoders.Base64UrlDecode(Code));
+        var result = await UserManager.ChangeEmailAsync(_user, Email, code);
+        if (!result.Succeeded)
+        {
+            _message = "Error changing email.";
+            return;
+        }
+
+        // In our UI email and user name are one and the same, so when we update the email
+        // we need to update the user name.
+        var setUserNameResult = await UserManager.SetUserNameAsync(_user, Email);
+        if (!setUserNameResult.Succeeded)
+        {
+            _message = "Error changing user name.";
+            return;
+        }
+
+        await SignInManager.RefreshSignInAsync(_user);
+        _message = "Thank you for confirming your email change.";
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor
new file mode 100644
index 000000000000..4d9229a9b6ce
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor
@@ -0,0 +1,215 @@
+@page "/Account/ExternalLogin"
+
+@using System.ComponentModel.DataAnnotations
+@using System.Security.Claims
+@using System.Text
+@using System.Text.Encodings.Web
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.Identity.UI.Services
+@using Microsoft.AspNetCore.WebUtilities
+@using BlazorWeb_CSharp.Data
+
+@inject SignInManager<ApplicationUser> SignInManager
+@inject UserManager<ApplicationUser> UserManager
+@inject IUserStore<ApplicationUser> UserStore
+@inject IEmailSender EmailSender
+@inject NavigationManager NavigationManager
+@inject ILogger<ExternalLogin> Logger
+
+@{
+    var providerDisplayName = _externalLoginInfo.ProviderDisplayName;
+}
+
+<PageTitle>Register</PageTitle>
+
+<StatusMessage Message="@_message" />
+<h1>Register</h1>
+<h2 id="external-login-title">Associate your @providerDisplayName account.</h2>
+<hr />
+
+<p id="external-login-description" class="text-info">
+    You've successfully authenticated with <strong>@providerDisplayName</strong>.
+    Please enter an email address for this site below and click the Register button to finish
+    logging in.
+</p>
+
+<div class="row">
+    <div class="col-md-4">
+        <EditForm id="confirmation-form" Model="Input" OnValidSubmit="OnValidSubmitAsync" FormName="confirmation" method="post">
+            <DataAnnotationsValidator />
+            <ValidationSummary />
+            <div class="form-floating mb-3">
+                <InputText id="email" @bind-Value="Input.Email" class="form-control" autocomplete="email" placeholder="Please enter your email." />
+                <label for="email" class="form-label">Email</label>
+                <ValidationMessage For="() => Input.Email" />
+            </div>
+            <button type="submit" class="w-100 btn btn-lg btn-primary">Register</button>
+        </EditForm>
+    </div>
+</div>
+
+@code {
+    public const string LoginCallbackAction = "LoginCallback";
+
+    private string? _message;
+    private ExternalLoginInfo _externalLoginInfo = default!;
+    private IUserEmailStore<ApplicationUser> _emailStore = default!;
+
+    [SupplyParameterFromQuery]
+    private string? RemoteError { get; set; }
+
+    [CascadingParameter]
+    public HttpContext HttpContext { get; set; } = default!;
+
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = default!;
+
+    [SupplyParameterFromQuery]
+    private string ReturnUrl { get; set; } = default!;
+
+    [SupplyParameterFromQuery]
+    private string? Action { get; set; } = default!;
+
+    protected override async Task OnInitializedAsync()
+    {
+        Input ??= new();
+        ReturnUrl ??= "/";
+
+        if (RemoteError is not null)
+        {
+            NavigationManager.RedirectTo(
+                "/Account/Login",
+                new() { ["Message"] = "Error from external provider: " + RemoteError });
+            return;
+        }
+
+        var externalLoginInfo = await SignInManager.GetExternalLoginInfoAsync();
+        if (externalLoginInfo is null)
+        {
+            NavigationManager.RedirectTo(
+                "/Account/Login",
+                new() { ["Message"] = "Error loading external login information." });
+            return;
+        }
+
+        _externalLoginInfo = externalLoginInfo;
+        _emailStore = GetEmailStore();
+
+        if (HttpMethods.IsGet(HttpContext.Request.Method))
+        {
+            if (Action == LoginCallbackAction)
+            {
+                await OnLoginCallbackAsync();
+                return;
+            }
+
+            // We should only reach this page via the login callback, so redirect back to
+            // the login page if we get here some other way.
+            NavigationManager.RedirectTo("/Account/Login");
+            return;
+        }
+    }
+
+    private async Task OnLoginCallbackAsync()
+    {
+        // Sign in the user with this external login provider if the user already has a login.
+        var result = await SignInManager.ExternalLoginSignInAsync(
+            _externalLoginInfo.LoginProvider,
+            _externalLoginInfo.ProviderKey,
+            isPersistent: false,
+            bypassTwoFactor: true);
+        if (result.Succeeded)
+        {
+            Logger.LogInformation(
+                "{Name} logged in with {LoginProvider} provider.",
+                _externalLoginInfo.Principal.Identity?.Name,
+                _externalLoginInfo.LoginProvider);
+            NavigationManager.RedirectTo(ReturnUrl);
+            return;
+        }
+
+        if (result.IsLockedOut)
+        {
+            NavigationManager.RedirectTo("/Account/Lockout");
+            return;
+        }
+
+        // If the user does not have an account, then ask the user to create an account.
+        if (_externalLoginInfo.Principal.HasClaim(c => c.Type == ClaimTypes.Email))
+        {
+            Input.Email = _externalLoginInfo.Principal.FindFirstValue(ClaimTypes.Email);
+        }
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        var user = CreateUser();
+
+        await UserStore.SetUserNameAsync(user, Input.Email, CancellationToken.None);
+        await _emailStore.SetEmailAsync(user, Input.Email, CancellationToken.None);
+
+        var result = await UserManager.CreateAsync(user);
+        if (result.Succeeded)
+        {
+            result = await UserManager.AddLoginAsync(user, _externalLoginInfo);
+            if (result.Succeeded)
+            {
+                Logger.LogInformation("User created an account using {Name} provider.", _externalLoginInfo.LoginProvider);
+
+                var userId = await UserManager.GetUserIdAsync(user);
+                var code = await UserManager.GenerateEmailConfirmationTokenAsync(user);
+                code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
+
+                var callbackUrl = NavigationManager.GetUriWithQueryParameters(
+                    $"{NavigationManager.BaseUri}Account/ConfirmEmail",
+                    new Dictionary<string, object?> { { "userId", userId }, { "code", code } });
+                await EmailSender.SendEmailAsync(Input.Email!, "Confirm your email",
+                    $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
+
+                // If account confirmation is required, we need to show the link if we don't have a real email sender
+                if (UserManager.Options.SignIn.RequireConfirmedAccount)
+                {
+                    NavigationManager.RedirectTo("/Account/RegisterConfirmation", new() { ["Email"] = Input.Email });
+                    return;
+                }
+
+                await SignInManager.SignInAsync(user, isPersistent: false, _externalLoginInfo.LoginProvider);
+                NavigationManager.RedirectTo(ReturnUrl);
+                return;
+            }
+        }
+        else
+        {
+            _message = $"Error: {string.Join(",", result.Errors.Select(error => error.Description))}";
+        }
+    }
+
+    private ApplicationUser CreateUser()
+    {
+        try
+        {
+            return Activator.CreateInstance<ApplicationUser>();
+        }
+        catch
+        {
+            throw new InvalidOperationException($"Can't create an instance of '{nameof(ApplicationUser)}'. " +
+                $"Ensure that '{nameof(ApplicationUser)}' is not an abstract class and has a parameterless constructor");
+        }
+    }
+
+    private IUserEmailStore<ApplicationUser> GetEmailStore()
+    {
+        if (!UserManager.SupportsUserEmail)
+        {
+            throw new NotSupportedException("The default UI requires a user store with email support.");
+        }
+        return (IUserEmailStore<ApplicationUser>)UserStore;
+    }
+
+    private sealed class InputModel
+    {
+        [Required]
+        [EmailAddress]
+        public string? Email { get; set; }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
index 19c98d628d5d..a7dcdf9f60df 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
@@ -43,7 +43,7 @@
         if (user is null || !(await UserManager.IsEmailConfirmedAsync(user)))
         {
             // Don't reveal that the user does not exist or is not confirmed
-            NavigationManager.NavigateTo("/Account/ForgotPasswordConfirmation");
+            NavigationManager.RedirectTo("/Account/ForgotPasswordConfirmation");
             return;
         }
 
@@ -52,7 +52,7 @@
         var code = await UserManager.GeneratePasswordResetTokenAsync(user);
         code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
         var callbackUrl = NavigationManager.GetUriWithQueryParameters(
-            $"{NavigationManager.BaseUri}Identity/Account/ResetPassword",
+            $"{NavigationManager.BaseUri}Account/ResetPassword",
             new Dictionary<string, object?> { { "code", code } });
 
         await EmailSender.SendEmailAsync(
@@ -60,7 +60,7 @@
             "Reset Password",
             $"Please reset your password by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
 
-        NavigationManager.NavigateTo("/Account/ForgotPasswordConfirmation");
+        NavigationManager.RedirectTo("/Account/ForgotPasswordConfirmation");
     }
 
     private sealed class InputModel
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/InvalidUser.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/InvalidUser.razor
new file mode 100644
index 000000000000..e61fe5def569
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/InvalidUser.razor
@@ -0,0 +1,7 @@
+@page "/Account/InvalidUser"
+
+<PageTitle>Invalid user</PageTitle>
+
+<h3>Invalid user</h3>
+
+<StatusMessage />
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Lockout.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Lockout.razor
new file mode 100644
index 000000000000..a8d1e0afc7ca
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Lockout.razor
@@ -0,0 +1,8 @@
+@page "/Account/Lockout"
+
+<PageTitle>Locked out</PageTitle>
+
+<header>
+    <h1 class="text-danger">Locked out</h1>
+    <p class="text-danger">This account has been locked out, please try again later.</p>
+</header>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
index 6d9fac8043b1..506e9243a157 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
@@ -10,7 +10,6 @@
 @inject SignInManager<ApplicationUser> SignInManager
 @inject ILogger<Login> Logger
 @inject NavigationManager NavigationManager
-@inject IHttpContextAccessor HttpContextAccessor
 
 <PageTitle>Log in</PageTitle>
 
@@ -60,38 +59,19 @@
         <section>
             <h3>Use another service to log in.</h3>
             <hr />
-            @if ((externalLogins?.Count ?? 0) == 0)
-            {
-                <div>
-                    <p>
-                        There are no external authentication services configured. See this <a href="https://go.microsoft.com/fwlink/?LinkID=532715">article
-                        about setting up this ASP.NET application to support logging in via external services</a>.
-                    </p>
-                </div>
-            }
-            else
-            {
-                <form id="external-account" action="@(NavigationManager.GetUriWithQueryParameters("/Account/ExternalLogin", new Dictionary<string, object?> { ["ReturnUrl"] = ReturnUrl })))" method="post" class="form-horizontal">
-                    <div>
-                        <p>
-                            @foreach (var provider in externalLogins!)
-                            {
-                                <button type="submit" class="btn btn-primary" name="provider" value="@provider.Name" title="Log in using your @provider.DisplayName account">@provider.DisplayName</button>
-                            }
-                        </p>
-                    </div>
-                </form>
-            }
+            <ExternalLoginPicker />
         </section>
     </div>
 </div>
 
 @code {
     string? errorMessage;
-    IList<AuthenticationScheme>? externalLogins;
+
+    [CascadingParameter]
+    public HttpContext HttpContext { get; set; } = default!;
 
     [SupplyParameterFromForm]
-    public InputModel Input { get; set; } = new();
+    public InputModel Input { get; set; } = default!;
 
     [SupplyParameterFromQuery]
     public string ReturnUrl { get; set; } = "";
@@ -112,11 +92,14 @@
 
     protected override async Task OnInitializedAsync()
     {
-        // Clear the existing external cookie to ensure a clean login process
-        // No access to HttpContext: https://github.com/dotnet/aspnetcore/issues/48769
-        await HttpContextAccessor.HttpContext!.SignOutAsync(IdentityConstants.ExternalScheme);
+        Input ??= new();
+        ReturnUrl ??= "/";
 
-        externalLogins = (await SignInManager.GetExternalAuthenticationSchemesAsync()).ToList();
+        if (HttpMethods.IsGet(HttpContext.Request.Method))
+        {
+            // Clear the existing external cookie to ensure a clean login process
+            await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);
+        }
     }
 
     public async Task LoginUser()
@@ -127,17 +110,18 @@
         if (result.Succeeded)
         {
             Logger.LogInformation("User logged in.");
-            NavigationManager.NavigateTo(ReturnUrl);
+            NavigationManager.RedirectTo(ReturnUrl);
         }
         if (result.RequiresTwoFactor)
         {
-            NavigationManager.NavigateTo(NavigationManager.GetUriWithQueryParameters("/Account/LoginWith2fa",
-                new Dictionary<string, object?> { ["ReturnUrl"] = ReturnUrl, ["RememberMe"] = Input.RememberMe }));
+            NavigationManager.RedirectTo(
+                "/Account/LoginWith2fa",
+                new() { ["ReturnUrl"] = ReturnUrl, ["RememberMe"] = Input.RememberMe });
         }
         if (result.IsLockedOut)
         {
             Logger.LogWarning("User account locked out.");
-            NavigationManager.NavigateTo("/Account/Lockout");
+            NavigationManager.RedirectTo("/Account/Lockout");
         }
         else
         {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
new file mode 100644
index 000000000000..e57bd5e84e1c
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
@@ -0,0 +1,108 @@
+@page "/Account/LoginWith2fa"
+
+@using System.ComponentModel.DataAnnotations
+@using System.Text.Encodings.Web
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+
+@inject SignInManager<ApplicationUser> SignInManager
+@inject UserManager<ApplicationUser> UserManager
+@inject NavigationManager NavigationManager
+@inject ILogger<LoginWith2fa> Logger
+
+<PageTitle>Two-factor authentication</PageTitle>
+
+<h1>Two-factor authentication</h1>
+<hr />
+<StatusMessage Message="@_message" />
+<p>Your login is protected with an authenticator app. Enter your authenticator code below.</p>
+<div class="row">
+    <div class="col-md-4">
+        <EditForm Model="Input" FormName="login-with-2fa" OnValidSubmit="OnValidSubmitAsync" method="post">
+            <input type="hidden" name="ReturnUrl" value="@ReturnUrl" />
+            <input type="hidden" name="RememberMe" value="@RememberMe" />
+            <DataAnnotationsValidator />
+            <ValidationSummary class="text-danger" role="alert" />
+            <div class="form-floating mb-3">
+                <InputText id="two-factor-code" @bind-Value="Input.TwoFactorCode" class="form-control" autocomplete="off" />
+                <label for="two-factor-code" class="form-label">Authenticator code</label>
+                <ValidationMessage For="() => Input.TwoFactorCode" class="text-danger" />
+            </div>
+            <div class="checkbox mb-3">
+                <label for="remember-machine" class="form-label">
+                    <InputCheckbox id="remember-machine" @bind-Value="Input.RememberMachine" />
+                    Remember this machine
+                </label>
+            </div>
+            <div>
+                <button type="submit" class="w-100 btn btn-lg btn-primary">Log in</button>
+            </div>
+        </EditForm>
+    </div>
+</div>
+<p>
+    Don't have access to your authenticator device? You can
+    <a id="recovery-code-login" href="/Account/LoginWithRecoveryCode?ReturnUrl=@HtmlEncoder.Default.Encode(ReturnUrl)">log in with a recovery code</a>.
+</p>
+
+@code {
+    private string? _message;
+    private ApplicationUser _user = default!;
+
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = default!;
+
+    [SupplyParameterFromQuery]
+    private string? ReturnUrl { get; set; }
+
+    [SupplyParameterFromQuery]
+    private bool RememberMe { get; set; }
+
+    protected override async Task OnInitializedAsync()
+    {
+        Input ??= new();
+
+        var user = await SignInManager.GetTwoFactorAuthenticationUserAsync();
+        if (user is null)
+        {
+            throw new InvalidOperationException($"Unable to load two-factor authentication user.");
+        }
+
+        _user = user;
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        var authenticatorCode = Input.TwoFactorCode!.Replace(" ", string.Empty).Replace("-", string.Empty);
+        var result = await SignInManager.TwoFactorAuthenticatorSignInAsync(authenticatorCode, RememberMe, Input.RememberMachine);
+        var userId = await UserManager.GetUserIdAsync(_user);
+
+        if (result.Succeeded)
+        {
+            Logger.LogInformation("User with ID '{UserId}' logged in with 2fa.", _user.Id);
+            NavigationManager.RedirectTo(ReturnUrl ?? "/");
+        }
+        else if (result.IsLockedOut)
+        {
+            Logger.LogWarning("User with ID '{UserId}' account locked out.", _user.Id);
+            NavigationManager.RedirectTo("/Account/Lockout");
+        }
+        else
+        {
+            Logger.LogWarning("Invalid authenticator code entered for user with ID '{UserId}'.", _user.Id);
+            _message = "Error: Invalid authenticator code.";
+        }
+    }
+
+    private sealed class InputModel
+    {
+        [Required]
+        [StringLength(7, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]
+        [DataType(DataType.Text)]
+        [Display(Name = "Authenticator code")]
+        public string? TwoFactorCode { get; set; }
+
+        [Display(Name = "Remember this machine")]
+        public bool RememberMachine { get; set; }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor
new file mode 100644
index 000000000000..d6426e907be6
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor
@@ -0,0 +1,93 @@
+@page "/Account/LoginWithRecoveryCode"
+
+@using System.ComponentModel.DataAnnotations
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.Mvc
+@using BlazorWeb_CSharp.Data
+
+@inject SignInManager<ApplicationUser> SignInManager
+@inject UserManager<ApplicationUser> UserManager
+@inject NavigationManager NavigationManager
+@inject ILogger<LoginWithRecoveryCode> Logger
+
+<PageTitle>Recovery code verification</PageTitle>
+
+<h1>Recovery code verification</h1>
+<hr />
+<StatusMessage Message="@_message" />
+<p>
+    You have requested to log in with a recovery code. This login will not be remembered until you provide
+    an authenticator app code at log in or disable 2FA and log in again.
+</p>
+<div class="row">
+    <div class="col-md-4">
+        <EditForm Model="Input" FormName="login-with-recovery-code" OnValidSubmit="OnValidSubmitAsync" method="post">
+            <DataAnnotationsValidator />
+            <ValidationSummary class="text-danger" role="alert" />
+            <div class="form-floating mb-3">
+                <InputText id="recovery-code" @bind-Value="Input.RecoveryCode" class="form-control" autocomplete="off" placeholder="RecoveryCode" />
+                <label for="recovery-code" class="form-label">Recovery Code</label>
+                <ValidationMessage For="() => Input.RecoveryCode" class="text-danger" />
+            </div>
+            <button type="submit" class="w-100 btn btn-lg btn-primary">Log in</button>
+        </EditForm>
+    </div>
+</div>
+
+@code {
+    private string? _message;
+    private ApplicationUser _user = default!;
+
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = default!;
+
+    [SupplyParameterFromQuery]
+    private string? ReturnUrl { get; set; }
+
+    protected override async Task OnInitializedAsync()
+    {
+        Input ??= new();
+
+        // Ensure the user has gone through the username & password screen first
+        var user = await SignInManager.GetTwoFactorAuthenticationUserAsync();
+        if (user is null)
+        {
+            throw new InvalidOperationException($"Unable to load two-factor authentication user.");
+        }
+
+        _user = user;
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        var recoveryCode = Input.RecoveryCode!.Replace(" ", string.Empty);
+
+        var result = await SignInManager.TwoFactorRecoveryCodeSignInAsync(recoveryCode);
+
+        var userId = await UserManager.GetUserIdAsync(_user);
+
+        if (result.Succeeded)
+        {
+            Logger.LogInformation("User with ID '{UserId}' logged in with a recovery code.", _user.Id);
+            NavigationManager.RedirectTo(ReturnUrl ?? "/");
+        }
+        if (result.IsLockedOut)
+        {
+            Logger.LogWarning("User account locked out.");
+            NavigationManager.RedirectTo("/Account/Lockout");
+        }
+        else
+        {
+            Logger.LogWarning("Invalid recovery code entered for user with ID '{UserId}' ", _user.Id);
+            _message = "Error: Invalid recovery code entered.";
+        }
+    }
+
+    private sealed class InputModel
+    {
+        [Required]
+        [DataType(DataType.Text)]
+        [Display(Name = "Recovery Code")]
+        public string? RecoveryCode { get; set; }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
index 374ed75ae741..44af1e218c0f 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
@@ -6,6 +6,7 @@
 
 @inject UserManager<ApplicationUser> UserManager
 @inject SignInManager<ApplicationUser> SignInManager
+@inject UserAccessor UserAccessor
 @inject NavigationManager NavigationManager
 @inject ILogger<ChangePassword> Logger
 
@@ -40,40 +41,27 @@
 
 @code {
     private string? _message;
-    private ApplicationUser? _user;
+    private ApplicationUser _user = default!;
     private bool _hasPassword;
 
     [SupplyParameterFromForm]
     private InputModel Input { get; set; } = default!;
 
-    [CascadingParameter]
-    private Task<AuthenticationState>? AuthenticationStateTask { get; set; }
-
     protected override async Task OnInitializedAsync()
     {
         Input ??= new();
 
-        (_user, _message) = await UserManager.GetUserAsync(AuthenticationStateTask);
-        if (_user is null)
-        {
-            return;
-        }
-
+        _user = await UserAccessor.GetRequiredUserAsync();
         _hasPassword = await UserManager.HasPasswordAsync(_user);
         if (!_hasPassword)
         {
-            NavigationManager.NavigateTo("/Account/Manage/SetPassword");
+            NavigationManager.RedirectTo("/Account/Manage/SetPassword");
             return;
         }
     }
 
     private async Task OnValidSubmitAsync()
     {
-        if (_user is null)
-        {
-            return;
-        }
-
         var changePasswordResult = await UserManager.ChangePasswordAsync(_user, Input.OldPassword!, Input.NewPassword!);
         if (!changePasswordResult.Succeeded)
         {
@@ -83,7 +71,8 @@
 
         await SignInManager.RefreshSignInAsync(_user);
         Logger.LogInformation("User changed their password successfully.");
-        _message = "Your password has been changed.";
+
+        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Your password has been changed" });
     }
 
     private sealed class InputModel
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor
new file mode 100644
index 000000000000..b27a00c31520
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor
@@ -0,0 +1,84 @@
+@page "/Account/Manage/DeletePersonalData"
+
+@using System.ComponentModel.DataAnnotations
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+
+@inject UserManager<ApplicationUser> UserManager
+@inject SignInManager<ApplicationUser> SignInManager
+@inject UserAccessor UserAccessor
+@inject NavigationManager NavigationManager
+@inject ILogger<DeletePersonalData> Logger
+
+<PageTitle>Delete Personal Data</PageTitle>
+
+<StatusMessage Message="@_message" />
+
+<h3>Delete Personal Data</h3>
+
+<div class="alert alert-warning" role="alert">
+    <p>
+        <strong>Deleting this data will permanently remove your account, and this cannot be recovered.</strong>
+    </p>
+</div>
+
+<div>
+    <EditForm id="delete-user" Model="Input" FormName="delete-user" OnValidSubmit="OnValidSubmitAsync" method="post">
+        <DataAnnotationsValidator />
+        <ValidationSummary class="text-danger" role="alert"/>
+        @if (_requirePassword)
+        {
+            <div class="form-floating mb-3">
+                <InputText id="password" type="password" @bind-Value="Input.Password" class="form-control" autocomplete="current-password" aria-required="true" placeholder="Please enter your password." />
+                <label for="password" class="form-label">Password</label>
+                <ValidationMessage For="() => Input.Password" class="text-danger" />
+            </div>
+        }
+        <button class="w-100 btn btn-lg btn-danger" type="submit">Delete data and close my account</button>
+    </EditForm>
+</div>
+
+@code {
+    private string? _message;
+    private ApplicationUser _user = default!;
+    private bool _requirePassword;
+
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = default!;
+
+    protected override async Task OnInitializedAsync()
+    {
+        Input ??= new();
+
+        _user = await UserAccessor.GetRequiredUserAsync();
+        _requirePassword = await UserManager.HasPasswordAsync(_user);
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        if (_requirePassword && !await UserManager.CheckPasswordAsync(_user, Input.Password!))
+        {
+            _message = "Error: Incorrect password.";
+            return;
+        }
+
+        var result = await UserManager.DeleteAsync(_user);
+        var userId = await UserManager.GetUserIdAsync(_user);
+        if (!result.Succeeded)
+        {
+            throw new InvalidOperationException($"Unexpected error occurred deleting user.");
+        }
+
+        await SignInManager.SignOutAsync();
+
+        Logger.LogInformation("User with ID '{UserId}' deleted themselves.", userId);
+
+        NavigationManager.RedirectToCurrentPage();
+    }
+
+    private sealed class InputModel
+    {
+        [DataType(DataType.Password)]
+        public string? Password { get; set; }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Disable2fa.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Disable2fa.razor
new file mode 100644
index 000000000000..74a7b64fe7c0
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Disable2fa.razor
@@ -0,0 +1,67 @@
+@page "/Account/Manage/Disable2fa"
+
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+
+@inject UserManager<ApplicationUser> UserManager
+@inject UserAccessor UserAccessor
+@inject NavigationManager NavigationManager
+@inject ILogger<Disable2fa> Logger
+
+<PageTitle>Disable two-factor authentication (2FA)</PageTitle>
+
+<StatusMessage />
+<h3>Disable two-factor authentication (2FA)</h3>
+
+<div class="alert alert-warning" role="alert">
+    <p>
+        <strong>This action only disables 2FA.</strong>
+    </p>
+    <p>
+        Disabling 2FA does not change the keys used in authenticator apps. If you wish to change the key
+        used in an authenticator app you should <a href="/Account/Manage/ResetAuthenticator">reset your authenticator keys.</a>
+    </p>
+</div>
+
+<div>
+    <form @formname="disable-2fa" @onsubmit="OnSubmitAsync" method="post">
+        <AntiforgeryToken />
+        <button class="btn btn-danger" type="submit">Disable 2FA</button>
+    </form>
+</div>
+
+@code {
+    private ApplicationUser _user = default!;
+
+    [CascadingParameter]
+    private HttpContext HttpContext { get; set; } = default!;
+
+    protected override async Task OnInitializedAsync()
+    {
+        _user = await UserAccessor.GetRequiredUserAsync();
+
+        if (HttpMethods.IsGet(HttpContext.Request.Method))
+        {
+            if (!await UserManager.GetTwoFactorEnabledAsync(_user))
+            {
+                throw new InvalidOperationException($"Cannot disable 2FA for user as it's not currently enabled.");
+            }
+            return;
+        }
+    }
+
+    private async Task OnSubmitAsync()
+    {
+        var disable2faResult = await UserManager.SetTwoFactorEnabledAsync(_user, false);
+        if (!disable2faResult.Succeeded)
+        {
+            throw new InvalidOperationException($"Unexpected error occurred disabling 2FA.");
+        }
+
+        var userId = await UserManager.GetUserIdAsync(_user);
+        Logger.LogInformation("User with ID '{UserId}' has disabled 2fa.", userId);
+        NavigationManager.RedirectTo(
+            "/Account/Manage/TwoFactorAuthentication",
+            new() { ["Message"] = "2fa has been disabled. You can reenable 2fa when you setup an authenticator app" });
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
index ab2a4b4cc536..a9f0ffb6d1a5 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
@@ -9,6 +9,7 @@
 @using BlazorWeb_CSharp.Data
 
 @inject UserManager<ApplicationUser> UserManager
+@inject UserAccessor UserAccessor
 @inject IEmailSender EmailSender
 @inject NavigationManager NavigationManager
 
@@ -16,7 +17,7 @@
 
 <h3>Manage email</h3>
 
-<StatusMessage Message="@_message" />
+<StatusMessage />
 <div class="row">
     <div class="col-md-6">
         <form id="send-verification-form" @onsubmit="OnSendEmailVerificationAsync" @formname="send-verification" method="post">
@@ -54,27 +55,18 @@
 </div>
 
 @code {
-    private string? _message;
-    private ApplicationUser? _user;
+    private ApplicationUser _user = default!;
     private string? _email;
     private bool _isEmailConfirmed;
 
     [SupplyParameterFromForm]
     private InputModel Input { get; set; } = default!;
 
-    [CascadingParameter]
-    private Task<AuthenticationState>? AuthenticationStateTask { get; set; }
-
     protected override async Task OnInitializedAsync()
     {
         Input ??= new();
 
-        (_user, _message) = await UserManager.GetUserAsync(AuthenticationStateTask);
-        if (_user is null)
-        {
-            return;
-        }
-
+        _user = await UserAccessor.GetRequiredUserAsync();
         _email = await UserManager.GetEmailAsync(_user);
         _isEmailConfirmed = await UserManager.IsEmailConfirmedAsync(_user);
 
@@ -83,49 +75,40 @@
 
     private async Task OnValidSubmitAsync()
     {
-        if (_user is null)
-        {
-            return;
-        }
-
         if (Input.NewEmail != _email)
         {
             var userId = await UserManager.GetUserIdAsync(_user);
             var code = await UserManager.GenerateChangeEmailTokenAsync(_user, Input.NewEmail!);
             code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
             var callbackUrl = NavigationManager.GetUriWithQueryParameters(
-                $"{NavigationManager.BaseUri}Identity/Account/ConfirmEmailChange",
+                $"{NavigationManager.BaseUri}Account/ConfirmEmailChange",
                 new Dictionary<string, object?> { { "userId", userId }, { "email", Input.NewEmail }, { "code", code } });
             await EmailSender.SendEmailAsync(
                 Input.NewEmail!,
                 "Confirm your email",
                 $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
-            _message = "Confirmation link to change email sent. Please check your email.";
+
+            NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Confirmation link to change email sent. Please check your email." });
             return;
         }
 
-        _message = "Your email is unchanged.";
+        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Your email is unchanged." });
     }
 
     private async Task OnSendEmailVerificationAsync()
     {
-        if (_user is null)
-        {
-            return;
-        }
-
         var userId = await UserManager.GetUserIdAsync(_user);
         var code = await UserManager.GenerateEmailConfirmationTokenAsync(_user);
         code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
         var callbackUrl = NavigationManager.GetUriWithQueryParameters(
-            $"{NavigationManager.BaseUri}Identity/Account/ConfirmEmail",
+            $"{NavigationManager.BaseUri}Account/ConfirmEmail",
             new Dictionary<string, object?> { { "userId", userId }, { "code", code } });
         await EmailSender.SendEmailAsync(
             _email!,
             "Confirm your email",
             $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
 
-        _message = "Verification email sent. Please check your email.";
+        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Verification email sent. Please check your email." });
     }
 
     private sealed class InputModel
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
new file mode 100644
index 000000000000..8efc21e1c061
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
@@ -0,0 +1,168 @@
+@page "/Account/Manage/EnableAuthenticator"
+
+@using System.ComponentModel.DataAnnotations
+@using System.Globalization
+@using System.Text
+@using System.Text.Encodings.Web
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+
+@inject UserManager<ApplicationUser> UserManager
+@inject UserAccessor UserAccessor
+@inject UrlEncoder UrlEncoder
+@inject NavigationManager NavigationManager
+@inject ILogger<EnableAuthenticator> Logger
+
+<PageTitle>Configure authenticator app</PageTitle>
+
+<StatusMessage />
+<h3>Configure authenticator app</h3>
+<div>
+    <p>To use an authenticator app go through the following steps:</p>
+    <ol class="list">
+        <li>
+            <p>
+                Download a two-factor authenticator app like Microsoft Authenticator for
+                <a href="https://go.microsoft.com/fwlink/?Linkid=825072">Android</a> and
+                <a href="https://go.microsoft.com/fwlink/?Linkid=825073">iOS</a> or
+                Google Authenticator for
+                <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&amp;hl=en">Android</a> and
+                <a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8">iOS</a>.
+            </p>
+        </li>
+        <li>
+            <p>Scan the QR Code or enter this key <kbd>@_sharedKey</kbd> into your two factor authenticator app. Spaces and casing do not matter.</p>
+            <div class="alert alert-info">Learn how to <a href="https://go.microsoft.com/fwlink/?Linkid=852423">enable QR code generation</a>.</div>
+            <div id="qrCode"></div>
+            <div id="qrCodeData" data-url="@_authenticatorUri"></div>
+        </li>
+        <li>
+            <p>
+                Once you have scanned the QR code or input the key above, your two factor authentication app will provide you
+                with a unique code. Enter the code in the confirmation box below.
+            </p>
+            <div class="row">
+                <div class="col-md-6">
+                    <EditForm id="send-code" Model="Input" FormName="send-code" OnValidSubmit="OnValidSubmitAsync" method="post">
+                        <DataAnnotationsValidator />
+                        <div class="form-floating mb-3">
+                            <InputText id="code" @bind-Value="Input.Code" class="form-control" autocomplete="off" placeholder="Please enter the code." />
+                            <label for="code" class="control-label form-label">Verification Code</label>
+                            <ValidationMessage For="() => Input.Code" class="text-danger" />
+                        </div>
+                        <button type="submit" class="w-100 btn btn-lg btn-primary">Verify</button>
+                        <ValidationSummary class="text-danger" role="alert" />
+                    </EditForm>
+                </div>
+            </div>
+        </li>
+    </ol>
+</div>
+
+@code {
+    private const string AuthenticatorUriFormat = "otpauth://totp/{0}:{1}?secret={2}&issuer={0}&digits=6";
+
+    private ApplicationUser _user = default!;
+    private string? _sharedKey;
+    private string? _authenticatorUri;
+
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = default!;
+
+    protected override async Task OnInitializedAsync()
+    {
+        Input ??= new();
+
+        _user = await UserAccessor.GetRequiredUserAsync();
+
+        await LoadSharedKeyAndQrCodeUriAsync(_user);
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        // Strip spaces and hyphens
+        var verificationCode = Input.Code!.Replace(" ", string.Empty).Replace("-", string.Empty);
+
+        var is2faTokenValid = await UserManager.VerifyTwoFactorTokenAsync(
+            _user, UserManager.Options.Tokens.AuthenticatorTokenProvider, verificationCode);
+
+        if (!is2faTokenValid)
+        {
+            await LoadSharedKeyAndQrCodeUriAsync(_user);
+            NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Error: Verification code is invalid." });
+            return;
+        }
+
+        await UserManager.SetTwoFactorEnabledAsync(_user, true);
+        var userId = await UserManager.GetUserIdAsync(_user);
+        Logger.LogInformation("User with ID '{UserId}' has enabled 2FA with an authenticator app.", userId);
+
+        var message = "Your authenticator app has been verified.";
+
+        if (await UserManager.CountRecoveryCodesAsync(_user) == 0)
+        {
+            var recoveryCodes = await UserManager.GenerateNewTwoFactorRecoveryCodesAsync(_user, 10);
+            NavigationManager.RedirectTo(
+                "/Account/Manage/ShowRecoveryCodes",
+                new() { ["Message"] = message, ["RecoveryCodes"] = recoveryCodes?.ToArray() });
+        }
+        else
+        {
+            NavigationManager.RedirectTo(
+                "/Account/Manage/TwoFactorAuthentication",
+                new() { ["Message"] = message });
+        }
+    }
+
+    private async ValueTask LoadSharedKeyAndQrCodeUriAsync(ApplicationUser user)
+    {
+        // Load the authenticator key & QR code URI to display on the form
+        var unformattedKey = await UserManager.GetAuthenticatorKeyAsync(user);
+        if (string.IsNullOrEmpty(unformattedKey))
+        {
+            await UserManager.ResetAuthenticatorKeyAsync(user);
+            unformattedKey = await UserManager.GetAuthenticatorKeyAsync(user);
+        }
+
+        _sharedKey = FormatKey(unformattedKey!);
+
+        var email = await UserManager.GetEmailAsync(user);
+        _authenticatorUri = GenerateQrCodeUri(email!, unformattedKey!);
+    }
+
+    private string FormatKey(string unformattedKey)
+    {
+        var result = new StringBuilder();
+        int currentPosition = 0;
+        while (currentPosition + 4 < unformattedKey.Length)
+        {
+            result.Append(unformattedKey.AsSpan(currentPosition, 4)).Append(' ');
+            currentPosition += 4;
+        }
+        if (currentPosition < unformattedKey.Length)
+        {
+            result.Append(unformattedKey.AsSpan(currentPosition));
+        }
+
+        return result.ToString().ToLowerInvariant();
+    }
+
+    private string GenerateQrCodeUri(string email, string unformattedKey)
+    {
+        return string.Format(
+            CultureInfo.InvariantCulture,
+            AuthenticatorUriFormat,
+            UrlEncoder.Encode("Microsoft.AspNetCore.Identity.UI"),
+            UrlEncoder.Encode(email),
+            unformattedKey);
+    }
+
+    private sealed class InputModel
+    {
+        [Required]
+        [StringLength(7, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]
+        [DataType(DataType.Text)]
+        [Display(Name = "Verification Code")]
+        public string? Code { get; set; }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor
index 75c7538ad9d4..19e67d66c804 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor
@@ -1,7 +1,151 @@
 @page "/Account/Manage/ExternalLogins"
 
+@using Microsoft.AspNetCore.Authentication
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+@using Microsoft.AspNetCore.Mvc.ViewFeatures
+
+@inject UserManager<ApplicationUser> UserManager
+@inject SignInManager<ApplicationUser> SignInManager
+@inject UserAccessor UserAccessor
+@inject IUserStore<ApplicationUser> UserStore
+@inject NavigationManager NavigationManager
+
 <PageTitle>Manage your external logins</PageTitle>
 
-<h3>Manage your external logins</h3>
+<StatusMessage />
+@if (_currentLogins?.Count > 0)
+{
+    <h3>Registered Logins</h3>
+    <table class="table">
+        <tbody>
+            @foreach (var login in _currentLogins)
+            {
+                <tr>
+                    <td id="login-provider-@login.LoginProvider">@login.ProviderDisplayName</td>
+                    <td>
+                        @if (_showRemoveButton)
+                        {
+                            <form id="remove-login-@login.LoginProvider" @formname="@($"remove-login-{login.LoginProvider}")" @onsubmit="OnSubmitAsync" method="post">
+                                <AntiforgeryToken />
+                                <div>
+                                    <input type="hidden" name="@nameof(LoginProvider)" value="@login.LoginProvider" />
+                                    <input type="hidden" name="@nameof(ProviderKey)" value="@login.ProviderKey" />
+                                    <button type="submit" class="btn btn-primary" title="Remove this @login.ProviderDisplayName login from your account">Remove</button>
+                                </div>
+                            </form>
+                        }
+                        else
+                        {
+                            @: &nbsp;
+                        }
+                    </td>
+                </tr>
+            }
+        </tbody>
+    </table>
+}
+@if (_otherLogins?.Count > 0)
+{
+    <h4>Add another service to log in.</h4>
+    <hr />
+    <form id="link-login-form" class="form-horizontal" action="/Account/Manage/LinkExternalLogin" method="post">
+        <AntiforgeryToken />
+        <div id="socialLoginList">
+            <p>
+                @foreach (var provider in _otherLogins)
+                {
+                    <button
+                        id="link-login-button-@provider.Name"
+                        type="submit"
+                        class="btn btn-primary"
+                        name="Provider"
+                        value="@provider.Name"
+                        title="Log in using your @provider.DisplayName account">
+                        @provider.DisplayName
+                    </button>
+                }
+            </p>
+        </div>
+    </form>
+}
+
+@code {
+    public const string LinkLoginCallbackAction = "LinkLoginCallback";
+
+    private ApplicationUser _user = default!;
+    private IList<UserLoginInfo>? _currentLogins;
+    private IList<AuthenticationScheme>? _otherLogins;
+    private bool _showRemoveButton;
+
+    [SupplyParameterFromForm]
+    private string? LoginProvider { get; set; }
+
+    [SupplyParameterFromForm]
+    private string? ProviderKey { get; set; }
+
+    [SupplyParameterFromQuery]
+    private string? Action { get; set; }
+
+    [CascadingParameter]
+    private HttpContext HttpContext { get; set; } = default!;
+
+    protected override async Task OnInitializedAsync()
+    {
+        _user = await UserAccessor.GetRequiredUserAsync();
+        _currentLogins = await UserManager.GetLoginsAsync(_user);
+        _otherLogins = (await SignInManager.GetExternalAuthenticationSchemesAsync())
+            .Where(auth => _currentLogins.All(ul => auth.Name != ul.LoginProvider))
+            .ToList();
+
+        string? passwordHash = null;
+        if (UserStore is IUserPasswordStore<ApplicationUser> userPasswordStore)
+        {
+            passwordHash = await userPasswordStore.GetPasswordHashAsync(_user, HttpContext.RequestAborted);
+        }
+
+        _showRemoveButton = passwordHash is not null || _currentLogins.Count > 1;
+
+        if (HttpMethods.IsGet(HttpContext.Request.Method) && Action == LinkLoginCallbackAction)
+        {
+            await OnGetLinkLoginCallbackAsync();
+            return;
+        }
+    }
+
+    private async Task OnSubmitAsync()
+    {
+        var result = await UserManager.RemoveLoginAsync(_user, LoginProvider!, ProviderKey!);
+        if (!result.Succeeded)
+        {
+            NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "The external login was not removed." });
+            return;
+        }
+
+        await SignInManager.RefreshSignInAsync(_user);
+        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "The external login was removed." });
+    }
+
+    private async Task OnGetLinkLoginCallbackAsync()
+    {
+        var userId = await UserManager.GetUserIdAsync(_user);
+        var info = await SignInManager.GetExternalLoginInfoAsync(userId);
+        if (info == null)
+        {
+            NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Unexpected error occurred loading external login info." });
+            return;
+        }
+
+        var result = await UserManager.AddLoginAsync(_user, info);
+        if (!result.Succeeded)
+        {
+            NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "The external login was not added. External logins can only be associated with one account." });
+            return;
+        }
+
+        // Clear the existing external cookie to ensure a clean login process
+        await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);
 
-@* TODO: Implement this *@
+        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "The external login was added." });
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor
new file mode 100644
index 000000000000..a067291cf7d3
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor
@@ -0,0 +1,60 @@
+@page "/Account/Manage/GenerateRecoveryCodes"
+
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+
+@inject UserManager<ApplicationUser> UserManager
+@inject UserAccessor UserAccessor
+@inject NavigationManager NavigationManager
+@inject ILogger<GenerateRecoveryCodes> Logger
+
+<PageTitle>Generate two-factor authentication (2FA) recovery codes</PageTitle>
+
+<StatusMessage />
+<h3>Generate two-factor authentication (2FA) recovery codes</h3>
+<div class="alert alert-warning" role="alert">
+    <p>
+        <span class="glyphicon glyphicon-warning-sign"></span>
+        <strong>Put these codes in a safe place.</strong>
+    </p>
+    <p>
+        If you lose your device and don't have the recovery codes you will lose access to your account.
+    </p>
+    <p>
+        Generating new recovery codes does not change the keys used in authenticator apps. If you wish to change the key
+        used in an authenticator app you should <a href="/Account/Manage/ResetAuthenticator">reset your authenticator keys.</a>
+    </p>
+</div>
+<div>
+    <form @formname="generate-recovery-codes" @onsubmit="OnSubmitAsync" method="post">
+        <AntiforgeryToken />
+        <button class="btn btn-danger" type="submit">Generate Recovery Codes</button>
+    </form>
+</div>
+
+@code {
+    private ApplicationUser _user = default!;
+
+    protected override async Task OnInitializedAsync()
+    {
+        _user = await UserAccessor.GetRequiredUserAsync();
+
+        var isTwoFactorEnabled = await UserManager.GetTwoFactorEnabledAsync(_user);
+        if (!isTwoFactorEnabled)
+        {
+            throw new InvalidOperationException($"Cannot generate recovery codes for user because they do not have 2FA enabled.");
+        }
+    }
+
+    private async Task OnSubmitAsync()
+    {
+        var userId = await UserManager.GetUserIdAsync(_user);
+        var recoveryCodes = await UserManager.GenerateNewTwoFactorRecoveryCodesAsync(_user, 10);
+        var message = "You have generated new recovery codes.";
+
+        Logger.LogInformation("User with ID '{UserId}' has generated new 2FA recovery codes.", userId);
+        NavigationManager.RedirectTo(
+            "/Account/Manage/ShowRecoveryCodes",
+            new() { ["Message"] = message, ["RecoveryCodes"] = recoveryCodes?.ToArray() });
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
index d0a42c7d2883..6a02d5341ed4 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
@@ -8,12 +8,13 @@
 @inject AuthenticationStateProvider AuthenticationStateProvider
 @inject UserManager<ApplicationUser> UserManager
 @inject SignInManager<ApplicationUser> SignInManager
+@inject UserAccessor UserAccessor;
 @inject NavigationManager NavigationManager
 
 <PageTitle>Profile</PageTitle>
 
 <h3>Profile</h3>
-<StatusMessage Message="@_message" />
+<StatusMessage />
 
 <div class="row">
     <div class="col-md-6">
@@ -35,27 +36,18 @@
 </div>
 
 @code {
-    private string? _message;
-    private ApplicationUser? _user;
+    private ApplicationUser _user = default!;
     private string? _username;
     private string? _phoneNumber;
 
     [SupplyParameterFromForm]
     private InputModel Input { get; set; } = default!;
 
-    [CascadingParameter]
-    private Task<AuthenticationState>? AuthenticationStateTask { get; set; }
-
     protected override async Task OnInitializedAsync()
     {
         Input ??= new();
 
-        (_user, _message) = await UserManager.GetUserAsync(AuthenticationStateTask);
-        if (_user is null)
-        {
-            return;
-        }
-
+        _user = await UserAccessor.GetRequiredUserAsync();
         _username = await UserManager.GetUserNameAsync(_user);
         _phoneNumber = await UserManager.GetPhoneNumberAsync(_user);
 
@@ -64,23 +56,18 @@
 
     private async Task OnValidSubmitAsync()
     {
-        if (_user is null)
-        {
-            return;
-        }
-
         if (Input.PhoneNumber != _phoneNumber)
         {
             var setPhoneResult = await UserManager.SetPhoneNumberAsync(_user, Input.PhoneNumber);
             if (!setPhoneResult.Succeeded)
             {
-                _message = "Unexpected error when trying to set phone number.";
+                NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Unexpected error when trying to set phone number." });
                 return;
             }
         }
 
         await SignInManager.RefreshSignInAsync(_user);
-        _message = "Your profile has been updated";
+        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Your profile has been updated" });
     }
 
     private sealed class InputModel
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/PersonalData.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/PersonalData.razor
index 01421ec9fda5..b9b21c6990f0 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/PersonalData.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/PersonalData.razor
@@ -1,7 +1,35 @@
 @page "/Account/Manage/PersonalData"
 
+@using System.Text.Json
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+
+@inject UserAccessor UserAccessor
+
 <PageTitle>Personal Data</PageTitle>
 
+<StatusMessage />
 <h3>Personal Data</h3>
 
-@* TODO: Implement this *@
+<div class="row">
+    <div class="col-md-6">
+        <p>Your account contains personal data that you have given us. This page allows you to download or delete that data.</p>
+        <p>
+            <strong>Deleting this data will permanently remove your account, and this cannot be recovered.</strong>
+        </p>
+        <form id="download-data" action="/Account/Manage/DownloadPersonalData" method="post">
+            <AntiforgeryToken />
+            <button class="btn btn-primary" type="submit">Download</button>
+        </form>
+        <p>
+            <a id="delete" href="/Account/Manage/DeletePersonalData" class="btn btn-danger">Delete</a>
+        </p>
+    </div>
+</div>
+
+@code {
+    protected override async Task OnInitializedAsync()
+    {
+        _ = await UserAccessor.GetRequiredUserAsync();
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ResetAuthenticator.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ResetAuthenticator.razor
new file mode 100644
index 000000000000..f34634c42067
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ResetAuthenticator.razor
@@ -0,0 +1,54 @@
+@page "/Account/Manage/ResetAuthenticator"
+
+@using BlazorWeb_CSharp.Data
+@using Microsoft.AspNetCore.Identity
+
+@inject UserManager<ApplicationUser> UserManager
+@inject SignInManager<ApplicationUser> SignInManager
+@inject UserAccessor UserAccessor
+@inject NavigationManager NavigationManager
+@inject ILogger<ResetAuthenticator> Logger
+
+<PageTitle>Reset authenticator key</PageTitle>
+
+<StatusMessage />
+<h3>Reset authenticator key</h3>
+<div class="alert alert-warning" role="alert">
+    <p>
+        <span class="glyphicon glyphicon-warning-sign"></span>
+        <strong>If you reset your authenticator key your authenticator app will not work until you reconfigure it.</strong>
+    </p>
+    <p>
+        This process disables 2FA until you verify your authenticator app.
+        If you do not complete your authenticator app configuration you may lose access to your account.
+    </p>
+</div>
+<div>
+    <form id="reset-authenticator-form" @formname="reset-authenticator" @onsubmit="OnSubmitAsync" method="post">
+        <AntiforgeryToken />
+        <button id="reset-authenticator-button" class="btn btn-danger" type="submit">Reset authenticator key</button>
+    </form>
+</div>
+
+@code {
+    private ApplicationUser _user = default!;
+
+    protected override async Task OnInitializedAsync()
+    {
+        _user = await UserAccessor.GetRequiredUserAsync();
+    }
+
+    private async Task OnSubmitAsync()
+    {
+        await UserManager.SetTwoFactorEnabledAsync(_user, false);
+        await UserManager.ResetAuthenticatorKeyAsync(_user);
+        var userId = await UserManager.GetUserIdAsync(_user);
+        Logger.LogInformation("User with ID '{UserId}' has reset their authentication app key.", _user.Id);
+
+        await SignInManager.RefreshSignInAsync(_user);
+
+        NavigationManager.RedirectTo(
+            "/Account/Manage/EnableAuthenticator",
+            new() { ["Message"] = "Your authenticator app key has been reset, you will need to configure your authenticator app using the new key." });
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor
new file mode 100644
index 000000000000..b48ab185ecfe
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor
@@ -0,0 +1,87 @@
+@page "/Account/Manage/SetPassword"
+
+@using System.ComponentModel.DataAnnotations
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+
+@inject UserManager<ApplicationUser> UserManager
+@inject SignInManager<ApplicationUser> SignInManager
+@inject UserAccessor UserAccessor
+@inject NavigationManager NavigationManager
+
+<PageTitle>Set password</PageTitle>
+
+<h3>Set your password</h3>
+<StatusMessage Message="@_message" />
+<p class="text-info">
+    You do not have a local username/password for this site. Add a local
+    account so you can log in without an external login.
+</p>
+<div class="row">
+    <div class="col-md-6">
+        <EditForm id="set-password-form" Model="Input" FormName="set-password" OnValidSubmit="OnValidSubmitAsync" method="post">
+            <DataAnnotationsValidator />
+            <ValidationSummary class="text-danger" role="alert" />
+            <div class="form-floating mb-3">
+                <InputText id="new-password" type="password" @bind-Value="Input.NewPassword" class="form-control" autocomplete="new-password" placeholder="Please enter your new password." />
+                <label for="new-password" class="form-label">New password</label>
+                <ValidationMessage For="() => Input.NewPassword" class="text-danger" />
+            </div>
+            <div class="form-floating mb-3">
+                <InputText id="confirm-password" type="password" @bind-Value="Input.ConfirmPassword" class="form-control" autocomplete="new-password" placeholder="Please confirm your new password." />
+                <label for="confirm-password" class="form-label">Confirm password</label>
+                <ValidationMessage For="() => Input.ConfirmPassword" class="text-danger" />
+            </div>
+            <button type="submit" class="w-100 btn btn-lg btn-primary">Set password</button>
+        </EditForm>
+     </div>
+</div>
+
+@code {
+    private string? _message;
+    private ApplicationUser _user = default!;
+
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = default!;
+
+    protected override async Task OnInitializedAsync()
+    {
+        Input ??= new();
+
+        _user = await UserAccessor.GetRequiredUserAsync();
+
+        var hasPassword = await UserManager.HasPasswordAsync(_user);
+        if (hasPassword)
+        {
+            NavigationManager.RedirectTo("/Account/Manage/ChangePassword");
+            return;
+        }
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        var addPasswordResult = await UserManager.AddPasswordAsync(_user, Input.NewPassword!);
+        if (!addPasswordResult.Succeeded)
+        {
+            _message = $"Error: {string.Join(",", addPasswordResult.Errors.Select(error => error.Description))}";
+            return;
+        }
+
+        await SignInManager.RefreshSignInAsync(_user);
+        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Your password has been set." });
+    }
+
+    private sealed class InputModel
+    {
+        [Required]
+        [StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]
+        [DataType(DataType.Password)]
+        [Display(Name = "New password")]
+        public string? NewPassword { get; set; }
+
+        [DataType(DataType.Password)]
+        [Display(Name = "Confirm new password")]
+        [Compare("NewPassword", ErrorMessage = "The new password and confirmation password do not match.")]
+        public string? ConfirmPassword { get; set; }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ShowRecoveryCodes.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ShowRecoveryCodes.razor
new file mode 100644
index 000000000000..da3a2a37992b
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ShowRecoveryCodes.razor
@@ -0,0 +1,43 @@
+@page "/Account/Manage/ShowRecoveryCodes"
+
+@inject NavigationManager NavigationManager
+
+<PageTitle>Recovery codes</PageTitle>
+
+<StatusMessage />
+<h3>Recovery codes</h3>
+<div class="alert alert-warning" role="alert">
+    <p>
+        <strong>Put these codes in a safe place.</strong>
+    </p>
+    <p>
+        If you lose your device and don't have the recovery codes you will lose access to your account.
+    </p>
+</div>
+<div class="row">
+    <div class="col-md-12">
+        @for (var row = 0; row < RecoveryCodes.Length; row += 2)
+        {
+            <code class="recovery-code">@RecoveryCodes[row]</code>
+
+            <text>&nbsp;</text>
+
+            <code class="recovery-code">@RecoveryCodes[row + 1]</code>
+
+            <br />
+        }
+    </div>
+</div>
+
+@code {
+    [SupplyParameterFromQuery]
+    public string[] RecoveryCodes { get; set; } = default!;
+
+    protected override void OnInitialized()
+    {
+        if (RecoveryCodes is not { Length: > 0 })
+        {
+            NavigationManager.RedirectTo("/Account/Manage/TwoFactorAuthentication");
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor
index dc49aa4edecd..99c5f3ef9168 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor
@@ -1,7 +1,102 @@
 @page "/Account/Manage/TwoFactorAuthentication"
 
+@using BlazorWeb_CSharp.Data
+@using Microsoft.AspNetCore.Http.Features
+@using Microsoft.AspNetCore.Identity
+
+@inject UserManager<ApplicationUser> UserManager
+@inject SignInManager<ApplicationUser> SignInManager
+@inject UserAccessor UserAccessor
+@inject NavigationManager NavigationManager
+
 <PageTitle>Two-factor authentication (2FA)</PageTitle>
 
+<StatusMessage />
 <h3>Two-factor authentication (2FA)</h3>
+@if (_consentFeature?.CanTrack ?? true)
+{
+    if (_is2faEnabled)
+    {
+        if (_recoveryCodesLeft == 0)
+        {
+            <div class="alert alert-danger">
+                <strong>You have no recovery codes left.</strong>
+                <p>You must <a href="/Account/Manage/GenerateRecoveryCodes">generate a new set of recovery codes</a> before you can log in with a recovery code.</p>
+            </div>
+        }
+        else if (_recoveryCodesLeft == 1)
+        {
+            <div class="alert alert-danger">
+                <strong>You have 1 recovery code left.</strong>
+                <p>You can <a href="/Account/Manage/GenerateRecoveryCodes">generate a new set of recovery codes</a>.</p>
+            </div>
+        }
+        else if (_recoveryCodesLeft <= 3)
+        {
+            <div class="alert alert-warning">
+                <strong>You have @_recoveryCodesLeft recovery codes left.</strong>
+                <p>You should <a href="/Account/Manage/GenerateRecoveryCodes">generate a new set of recovery codes</a>.</p>
+            </div>
+        }
+
+        if (_isMachineRemembered)
+        {
+            <form style="display: inline-block" @formname="forget-browser" @onsubmit="OnSubmitForgetBrowserAsync" method="post">
+                <button type="submit" class="btn btn-primary">Forget this browser</button>
+            </form>
+        }
+
+        <a href="/Account/Manage/Disable2fa" class="btn btn-primary">Disable 2FA</a>
+        <a href="/Account/Manage/GenerateRecoveryCodes" class="btn btn-primary">Reset recovery codes</a>
+    }
+
+    <h4>Authenticator app</h4>
+    @if (!_hasAuthenticator)
+    {
+        <a id="enable-authenticator" href="/Account/Manage/EnableAuthenticator" class="btn btn-primary">Add authenticator app</a>
+    }
+    else
+    {
+        <a id="enable-authenticator" href="/Account/Manage/EnableAuthenticator" class="btn btn-primary">Set up authenticator app</a>
+        <a id="reset-authenticator" href="/Account/Manage/ResetAuthenticator" class="btn btn-primary">Reset authenticator app</a>
+    }
+}
+else
+{
+    <div class="alert alert-danger">
+        <strong>Privacy and cookie policy have not been accepted.</strong>
+        <p>You must accept the policy before you can enable two factor authentication.</p>
+    </div>
+}
+
+@code {
+    private ApplicationUser? _user;
+    private ITrackingConsentFeature? _consentFeature;
+    private bool _hasAuthenticator;
+    private int _recoveryCodesLeft;
+    private bool _is2faEnabled;
+    private bool _isMachineRemembered;
+
+    [CascadingParameter]
+    private HttpContext HttpContext { get; set; } = default!;
+
+    protected override async Task OnInitializedAsync()
+    {
+        _user = await UserAccessor.GetRequiredUserAsync();
+        _consentFeature = HttpContext.Features.Get<ITrackingConsentFeature>();
+        _hasAuthenticator = await UserManager.GetAuthenticatorKeyAsync(_user) is not null;
+        _is2faEnabled = await UserManager.GetTwoFactorEnabledAsync(_user);
+        _isMachineRemembered = await SignInManager.IsTwoFactorClientRememberedAsync(_user);
+        _recoveryCodesLeft = await UserManager.CountRecoveryCodesAsync(_user);
+    }
+
+    private async Task OnSubmitForgetBrowserAsync()
+    {
+        await SignInManager.ForgetTwoFactorClientAsync();
 
-@* TODO: Implement this *@
+        NavigationManager.RedirectToCurrentPage(new()
+            {
+                ["Message"] = "The current browser has been forgotten. When you login again from this browser you will be prompted for your 2fa code.",
+            });
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
index 99b5304fc019..af64d95eb8f3 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
@@ -50,37 +50,14 @@
         <section>
             <h3>Use another service to register.</h3>
             <hr />
-            @{
-                if ((ExternalLogins?.Count ?? 0) == 0)
-                {
-                    <div>
-                        <p>
-                            There are no external authentication services configured. See this <a href="https://go.microsoft.com/fwlink/?LinkID=532715">article
-                            about setting up this ASP.NET application to support logging in via external services</a>.
-                        </p>
-                    </div>
-                }
-                else
-                {
-                    <form id="external-account" asp-page="./ExternalLogin" asp-route-returnUrl="@ReturnUrl" method="post" class="form-horizontal">
-                        <div>
-                            <p>
-                                @foreach (var provider in ExternalLogins!)
-                                {
-                                    <button type="submit" class="btn btn-primary" name="provider" value="@provider.Name" title="Log in using your @provider.DisplayName account">@provider.DisplayName</button>
-                                }
-                            </p>
-                        </div>
-                    </form>
-                }
-            }
+            <ExternalLoginPicker />
         </section>
     </div>
 </div>
 
 @code {
     [SupplyParameterFromForm]
-    public InputModel Input { get; set; } = new();
+    public InputModel Input { get; set; } = default!;
 
     /// <summary>
     ///     This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
@@ -89,12 +66,6 @@
     [SupplyParameterFromQuery]
     public string ReturnUrl { get; set; } = "";
 
-    /// <summary>
-    ///     This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
-    ///     directly from your code. This API may change or be removed in future releases.
-    /// </summary>
-    public IList<AuthenticationScheme>? ExternalLogins { get; set; }
-
     /// <summary>
     ///     This API supports the ASP.NET Core Identity default UI infrastructure and is not intended to be used
     ///     directly from your code. This API may change or be removed in future releases.
@@ -133,9 +104,9 @@
     IEnumerable<IdentityError>? identityErrors;
     string? Message => identityErrors is null ? null : "Error: " + string.Join(", ", identityErrors.Select(error => error.Description));
 
-    protected override async Task OnInitializedAsync()
+    protected override void OnInitialized()
     {
-        ExternalLogins = (await SignInManager.GetExternalAuthenticationSchemesAsync()).ToList();
+        Input ??= new();
     }
 
     public async Task RegisterUser(EditContext editContext)
@@ -163,14 +134,14 @@
 
             if (UserManager.Options.SignIn.RequireConfirmedAccount)
             {
-                NavigationManager.NavigateTo(NavigationManager.GetUriWithQueryParameters(
-                    NavigationManager.ToAbsoluteUri("/Account/RegisterConfirmation").AbsoluteUri,
-                    new Dictionary<string, object?> { { "email", Input.Email }, { "returnUrl", ReturnUrl } }));
+                NavigationManager.RedirectTo(
+                    "/Account/RegisterConfirmation",
+                    new() { ["Email"] = Input.Email, ["ReturnUrl"] = ReturnUrl });
             }
             else
             {
                 await SignInManager.SignInAsync(user, isPersistent: false);
-                NavigationManager.NavigateTo(NavigationManager.ToAbsoluteUri(NavigationManager.ToBaseRelativePath(ReturnUrl)).AbsoluteUri);
+                NavigationManager.RedirectTo(ReturnUrl);
             }
         }
         else
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor
index e03daa4aaa18..4745cf7eda91 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor
@@ -39,7 +39,7 @@ else
     {
         if (Email == null)
         {
-            NavigationManager.NavigateTo("/");
+            NavigationManager.RedirectTo("/");
         }
         else
         {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor
new file mode 100644
index 000000000000..cfe0530a97d6
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor
@@ -0,0 +1,76 @@
+@page "/Account/ResendEmailConfirmation"
+
+@using System.ComponentModel.DataAnnotations
+@using System.Text
+@using System.Text.Encodings.Web
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.Identity.UI.Services
+@using Microsoft.AspNetCore.WebUtilities
+@using BlazorWeb_CSharp.Data
+
+@inject UserManager<ApplicationUser> UserManager
+@inject IEmailSender EmailSender
+@inject NavigationManager NavigationManager
+
+<PageTitle>Resend email confirmation</PageTitle>
+
+<h1>Resend email confirmation</h1>
+<h2>Enter your email.</h2>
+<hr />
+<StatusMessage Message="@_message" />
+<div class="row">
+    <div class="col-md-4">
+        <EditForm Model="Input" FormName="resend-email-confirmation" OnValidSubmit="OnValidSubmitAsync" method="post">
+            <DataAnnotationsValidator />
+            <ValidationSummary class="text-danger" role="alert" />
+            <div class="form-floating mb-3">
+                <InputText id="email" @bind-Value="Input.Email" class="form-control" aria-required="true" placeholder="name@example.com" />
+                <label for="email" class="form-label">Email</label>
+                <ValidationMessage For="() => Input.Email" class="text-danger" />
+            </div>
+            <button type="submit" class="w-100 btn btn-lg btn-primary">Resend</button>
+        </EditForm>
+    </div>
+</div>
+
+@code {
+    private string? _message;
+
+    [SupplyParameterFromForm]
+    private InputModel Input { get; set; } = default!;
+
+    protected override void OnInitialized()
+    {
+        Input ??= new();
+    }
+
+    private async Task OnValidSubmitAsync()
+    {
+        var user = await UserManager.FindByEmailAsync(Input.Email!);
+        if (user is null)
+        {
+            _message = "Verification email sent. Please check your email.";
+            return;
+        }
+
+        var userId = await UserManager.GetUserIdAsync(user);
+        var code = await UserManager.GenerateEmailConfirmationTokenAsync(user);
+        code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
+        var callbackUrl = NavigationManager.GetUriWithQueryParameters(
+            $"{NavigationManager.BaseUri}Account/ConfirmEmail",
+            new Dictionary<string, object?> { ["userId"] = userId, ["code"] = code });
+        await EmailSender.SendEmailAsync(
+            Input.Email!,
+            "Confirm your email",
+            $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
+
+        _message = "Verification email sent. Please check your email.";
+    }
+
+    private sealed class InputModel
+    {
+        [Required]
+        [EmailAddress]
+        public string? Email { get; set; }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
index 21a057e1bf4e..63492a9a43d9 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
@@ -57,7 +57,7 @@
     {
         if (Code is null)
         {
-            NavigationManager.NavigateTo("/Account/InvalidPasswordReset");
+            NavigationManager.RedirectTo("/Account/InvalidPasswordReset");
         }
         else
         {
@@ -71,14 +71,14 @@
         if (user is null)
         {
             // Don't reveal that the user does not exist
-            NavigationManager.NavigateTo("/Account/ResetPasswordConfirmation");
+            NavigationManager.RedirectTo("/Account/ResetPasswordConfirmation");
             return;
         }
 
         var result = await UserManager.ResetPasswordAsync(user, Input.Code, Input.Password);
         if (result.Succeeded)
         {
-            NavigationManager.NavigateTo("/Account/ResetPasswordConfirmation");
+            NavigationManager.RedirectTo("/Account/ResetPasswordConfirmation");
             return;
         }
 
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/StatusMessage.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/StatusMessage.razor
deleted file mode 100644
index 9dfc84b03c52..000000000000
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/StatusMessage.razor
+++ /dev/null
@@ -1,12 +0,0 @@
-@if (!String.IsNullOrEmpty(Message))
-{
-    var statusMessageClass = Message.StartsWith("Error") ? "danger" : "success";
-    <div class="alert alert-@statusMessageClass alert-dismissible" role="alert">
-        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-        @Message
-    </div>
-}
-
-@code {
-    [Parameter] public string? Message { get; set; }
-}
\ No newline at end of file
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserAccessor.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserAccessor.cs
new file mode 100644
index 000000000000..7399778dad7f
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserAccessor.cs
@@ -0,0 +1,28 @@
+using BlazorWeb_CSharp.Data;
+using Microsoft.AspNetCore.Components;
+using Microsoft.AspNetCore.Identity;
+
+namespace BlazorWeb_CSharp.Data;
+
+internal sealed class UserAccessor(
+    IHttpContextAccessor httpContextAccessor,
+    UserManager<ApplicationUser> userManager,
+    NavigationManager navigationManager)
+{
+    public async Task<ApplicationUser> GetRequiredUserAsync()
+    {
+        var principal = httpContextAccessor.HttpContext?.User ??
+            throw new InvalidOperationException($"{nameof(GetRequiredUserAsync)} requires access to an {nameof(HttpContext)}.");
+        var user = await userManager.GetUserAsync(principal);
+        if (user is null)
+        {
+            // Throws NavigationException, which is handled by the framework as a redirect.
+            navigationManager.RedirectTo("/Account/InvalidUser", new()
+            {
+                ["Message"] = $"Error: Unable to load user with ID '{userManager.GetUserId(principal)}'.",
+            });
+        }
+
+        return user;
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserManagerExtensions.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserManagerExtensions.cs
deleted file mode 100644
index 6d3808584a60..000000000000
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserManagerExtensions.cs
+++ /dev/null
@@ -1,24 +0,0 @@
-using Microsoft.AspNetCore.Components.Authorization;
-
-namespace Microsoft.AspNetCore.Identity;
-
-internal static class UserManagerExtensions
-{
-    public static async Task<(TUser? User, string? Error)> GetUserAsync<TUser>(this UserManager<TUser> userManager, Task<AuthenticationState>? authenticationStateTask)
-        where TUser : class
-    {
-        if (authenticationStateTask is null)
-        {
-            return (User: null, Error: "Unable to authenticate user.");
-        }
-
-        var authenticationState = await authenticationStateTask;
-        var user = await userManager.GetUserAsync(authenticationState.User);
-        if (user is null)
-        {
-            return (User: null, Error: $"Unable to load user with ID '{userManager.GetUserId(authenticationState.User)}'.");
-        }
-
-        return (User: user, Error: null);
-    }
-}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
new file mode 100644
index 000000000000..7a24bbcc379a
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
@@ -0,0 +1,118 @@
+using System.Text.Json;
+using Microsoft.AspNetCore.Components.Authorization;
+using Microsoft.AspNetCore.Http.Extensions;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using BlazorWeb_CSharp.Components.Pages.Account;
+using BlazorWeb_CSharp.Components.Pages.Account.Manage;
+using BlazorWeb_CSharp.Data;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.Primitives;
+
+namespace Microsoft.AspNetCore.Routing;
+
+internal static class IdentityComponentsEndpointRouteBuilderExtensions
+{
+    // These endpoints are required by the Identity Razor components defined in the /Components/Pages/Account directory of this project.
+    public static IEndpointConventionBuilder MapAdditionalIdentityEndpoints(this IEndpointRouteBuilder endpoints)
+    {
+        ArgumentNullException.ThrowIfNull(endpoints);
+
+        var logger = endpoints.ServiceProvider.GetRequiredService<ILogger<IdentityComponentsEndpointRouteBuilderExtensions>>();
+        var accountGroup = endpoints.MapGroup("/Account");
+
+        accountGroup.MapPost("/PerformExternalLogin", (
+            HttpContext context,
+            [FromServices] SignInManager<ApplicationUser> signInManager,
+            [FromForm] string provider,
+            [FromForm] string returnUrl) =>
+        {
+            IEnumerable<KeyValuePair<string, StringValues>> query = [
+                new("ReturnUrl", returnUrl),
+                new("Action", ExternalLogin.LoginCallbackAction)];
+
+            var redirectUrl = UriHelper.BuildRelative(
+                context.Request.PathBase,
+                $"/Account/ExternalLogin",
+                QueryString.Create(query));
+                
+            var properties = signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
+            return Results.Challenge(properties, [provider]);
+        });
+
+        accountGroup.MapPost("/Logout", async (
+            [FromServices] SignInManager<ApplicationUser> signInManager,
+            [FromForm] string returnUrl) =>
+        {
+            await signInManager.SignOutAsync();
+            logger.LogInformation("User logged out.");
+            if (returnUrl is not null)
+            {
+                return Results.LocalRedirect(returnUrl);
+            }
+            else
+            {
+                // This needs to be a redirect so that the browser performs a new
+                // request and the identity for the user gets updated.
+                return Results.LocalRedirect("/");
+            }
+        });
+
+        var manageGroup = accountGroup.MapGroup("/Manage").RequireAuthorization();
+
+        manageGroup.MapPost("/LinkExternalLogin", async (
+            HttpContext context,
+            [FromServices] SignInManager<ApplicationUser> signInManager,
+            [FromForm] string provider) =>
+        {
+            // Clear the existing external cookie to ensure a clean login process
+            await context.SignOutAsync(IdentityConstants.ExternalScheme);
+
+            var redirectUrl = UriHelper.BuildRelative(
+                context.Request.PathBase,
+                $"/Account/Manage/ExternalLogins",
+                QueryString.Create("Action", ExternalLogins.LinkLoginCallbackAction));
+                
+            var properties = signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl, signInManager.UserManager.GetUserId(context.User));
+            return Results.Challenge(properties, [provider]);
+        });
+
+        manageGroup.MapPost("/DownloadPersonalData", async (
+            HttpContext context,
+            [FromServices] UserManager<ApplicationUser> userManager,
+            [FromServices] AuthenticationStateProvider authenticationStateProvider) =>
+        {
+            var user = await userManager.GetUserAsync(context.User);
+            if (user is null)
+            {
+                return Results.NotFound($"Unable to load user with ID '{userManager.GetUserId(context.User)}'.");
+            }
+
+            var userId = await userManager.GetUserIdAsync(user);
+            logger.LogInformation("User with ID '{UserId}' asked for their personal data.", userId);
+
+            // Only include personal data for download
+            var personalData = new Dictionary<string, string>();
+            var personalDataProps = typeof(ApplicationUser).GetProperties().Where(
+                prop => Attribute.IsDefined(prop, typeof(PersonalDataAttribute)));
+            foreach (var p in personalDataProps)
+            {
+                personalData.Add(p.Name, p.GetValue(user)?.ToString() ?? "null");
+            }
+
+            var logins = await userManager.GetLoginsAsync(user);
+            foreach (var l in logins)
+            {
+                personalData.Add($"{l.LoginProvider} external login provider key", l.ProviderKey);
+            }
+
+            personalData.Add($"Authenticator Key", (await userManager.GetAuthenticatorKeyAsync(user))!);
+            var fileBytes = JsonSerializer.SerializeToUtf8Bytes(personalData);
+
+            context.Response.Headers.TryAdd("Content-Disposition", "attachment; filename=PersonalData.json");
+            return Results.File(fileBytes, contentType: "application/json", fileDownloadName: "PersonalData.json");
+        });
+
+        return accountGroup;
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/RedirectNavigationManagerExtensions.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/RedirectNavigationManagerExtensions.cs
new file mode 100644
index 000000000000..1cf481a1cd7c
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/RedirectNavigationManagerExtensions.cs
@@ -0,0 +1,38 @@
+using System.Diagnostics.CodeAnalysis;
+
+namespace Microsoft.AspNetCore.Components;
+
+internal static class RedirectNavigationManagerExtensions
+{
+    // These extension methods help make more concise the common case of redirecting to the same or different page
+    // with a fresh set of query parameters. An exception is thrown if the current page is not being rendered from
+    // an endpoint, because it's not possible to redirect in that case.
+
+    [DoesNotReturn]
+    public static void RedirectTo(this NavigationManager navigationManager, string uri)
+    {
+        // This works because either:
+        // [1] NavigateTo() throws NavigationException, which is handled by the framework as a redirect.
+        // [2] NavigateTo() throws some other exception, which gets treated as a normal unhandled exception.
+        // [3] NavigateTo() does not throw an exception, meaning we're not rendering from an endpoint, so we throw
+        //     an InvalidOperationException to indicate that we can't redirect.
+        navigationManager.NavigateTo(uri);
+        throw new InvalidOperationException($"Can only redirect when rendering from an endpoint.");
+    }
+
+    [DoesNotReturn]
+    public static void RedirectTo(this NavigationManager navigationManager, string uri, Dictionary<string, object?> queryParameters)
+    {
+        var uriWithoutQuery = navigationManager.ToAbsoluteUri(uri).GetLeftPart(UriPartial.Path);
+        var newUri = navigationManager.GetUriWithQueryParameters(uriWithoutQuery, queryParameters);
+        navigationManager.RedirectTo(newUri);
+    }
+
+    [DoesNotReturn]
+    public static void RedirectToCurrentPage(this NavigationManager navigationManager)
+        => navigationManager.RedirectTo(navigationManager.Uri);
+
+    [DoesNotReturn]
+    public static void RedirectToCurrentPage(this NavigationManager navigationManager, Dictionary<string, object?> queryParameters)
+        => navigationManager.RedirectTo(navigationManager.Uri, queryParameters);
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
index 7d805af202b7..52bf62ce50ae 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
@@ -39,6 +39,7 @@ public static void Main(string[] args)
         #if (IndividualLocalAuth)
         builder.Services.AddCascadingAuthenticationState();
         builder.Services.AddScoped<AuthenticationStateProvider, PersistingAuthenticationStateProvider>();
+        builder.Services.AddScoped<UserAccessor>();
 
         builder.Services.AddAuthentication(IdentityConstants.ApplicationScheme)
             .AddIdentityCookies();
@@ -102,6 +103,11 @@ public static void Main(string[] args)
         app.MapRazorComponents<App>();
         #endif
 
+        #if (IndividualLocalAuth)
+        // Add additional endpoints required by the Identity /Account Razor components.
+        app.MapAdditionalIdentityEndpoints();
+
+        #endif
         app.Run();
     }
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
index 857bf510ad44..c126786b65c3 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
@@ -33,6 +33,7 @@
 #if (IndividualLocalAuth)
 builder.Services.AddCascadingAuthenticationState();
 builder.Services.AddScoped<AuthenticationStateProvider, PersistingAuthenticationStateProvider>();
+builder.Services.AddScoped<UserAccessor>();
 
 builder.Services.AddAuthentication(IdentityConstants.ApplicationScheme)
     .AddIdentityCookies();
@@ -96,4 +97,9 @@
 app.MapRazorComponents<App>();
 #endif
 
+#if (IndividualLocalAuth)
+// Add additional endpoints required by the Identity /Account Razor components.
+app.MapAdditionalIdentityEndpoints();
+
+#endif
 app.Run();

From 51240afb981556fd452ba12e4189556ee1ae451b Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Mon, 18 Sep 2023 12:21:34 -0700
Subject: [PATCH 03/18] 
 PersistedAuthenticationStateProvider->PersistentAuthenticationStateProvider

---
 .../content/BlazorWeb-CSharp/.template.config/template.json   | 2 +-
 ...teProvider.cs => PersistentAuthenticationStateProvider.cs} | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)
 rename src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/{PersistedAuthenticationStateProvider.cs => PersistentAuthenticationStateProvider.cs} (83%)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
index a49e8d59f673..8e9ceacc5aba 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
@@ -118,7 +118,7 @@
             "BlazorWeb-CSharp/Data/**",
             "BlazorWeb-CSharp/Identity/**",
             "BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs",
-            "BlazorWeb-CSharp.Client/PersistedAuthenticationStateProvider.cs",
+            "BlazorWeb-CSharp.Client/PersistentAuthenticationStateProvider.cs",
             "BlazorWeb-CSharp.Client/UserInfo.cs",
             "BlazorWeb-CSharp.Client/Pages/Auth.razor"
           ]
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistedAuthenticationStateProvider.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistentAuthenticationStateProvider.cs
similarity index 83%
rename from src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistedAuthenticationStateProvider.cs
rename to src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistentAuthenticationStateProvider.cs
index f4e554f09a8b..8d1374e33cf9 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistedAuthenticationStateProvider.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistentAuthenticationStateProvider.cs
@@ -4,7 +4,7 @@
 
 namespace BlazorWeb_CSharp.Client;
 
-public class PersistedAuthenticationStateProvider(PersistentComponentState persistentState) : AuthenticationStateProvider
+public class PersistentAuthenticationStateProvider(PersistentComponentState persistentState) : AuthenticationStateProvider
 {
     private static readonly Task<AuthenticationState> _unauthenticatedTask =
         Task.FromResult(new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity())));
@@ -24,7 +24,7 @@ public override Task<AuthenticationState> GetAuthenticationStateAsync()
 
         return Task.FromResult(
             new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity(claims,
-                authenticationType: nameof(PersistedAuthenticationStateProvider)))));
+                authenticationType: nameof(PersistentAuthenticationStateProvider)))));
     }
 }
 

From 64c9fbb6c5e6ac19c63752e2e69bb20ae97a4081 Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Mon, 18 Sep 2023 13:08:12 -0700
Subject: [PATCH 04/18] Handle !UseWebAssembly better

---
 .../.template.config/template.json            | 22 +++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
index 8e9ceacc5aba..4656ab29a758 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
@@ -130,7 +130,7 @@
           ]
         },
         {
-          "condition": "(IndividualLocalAuth && UseLocalDB)",
+          "condition": "(IndividualLocalAuth && UseLocalDB && UseWebAssembly)",
           "rename": {
             "BlazorWeb-CSharp/Data/SqlServer/": "BlazorWeb-CSharp/Data/Migrations/"
           },
@@ -139,13 +139,31 @@
           ]
         },
         {
-          "condition": "(IndividualLocalAuth && !UseLocalDB)",
+          "condition": "(IndividualLocalAuth && UseLocalDB && !UseWebAssembly)",
+          "rename": {
+            "BlazorWeb-CSharp/Data/SqlServer/": "Data/Migrations/"
+          },
+          "exclude": [
+            "BlazorWeb-CSharp/Data/SqlLite/**"
+          ]
+        },
+        {
+          "condition": "(IndividualLocalAuth && !UseLocalDB && UseWebAssembly)",
           "rename": {
             "BlazorWeb-CSharp/Data/SqlLite/": "BlazorWeb-CSharp/Data/Migrations/"
           },
           "exclude": [
             "BlazorWeb-CSharp/Data/SqlServer/**"
           ]
+        },
+        {
+          "condition": "(IndividualLocalAuth && !UseLocalDB && !UseWebAssembly)",
+          "rename": {
+            "BlazorWeb-CSharp/Data/SqlLite/": "Data/Migrations/"
+          },
+          "exclude": [
+            "BlazorWeb-CSharp/Data/SqlServer/**"
+          ]
         }
       ]
     }

From 2af81a05a3e4efbf3e2f6928531d9cdd8fb672dc Mon Sep 17 00:00:00 2001
From: Mackinnon Buck <mackinnon.buck@gmail.com>
Date: Mon, 18 Sep 2023 15:08:39 -0700
Subject: [PATCH 05/18] Small fixes

---
 .../BlazorWeb-CSharp.Client/Pages/Auth.razor               | 6 +++++-
 .../BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Program.cs    | 2 +-
 .../Components/Pages/Account/LoginWith2fa.razor            | 2 +-
 .../Components/Pages/Account/_Imports.razor                | 1 +
 .../IdentityComponentsEndpointRouteBuilderExtensions.cs    | 7 ++++---
 5 files changed, 12 insertions(+), 6 deletions(-)
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/_Imports.razor

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor
index e15f54ff654d..90021b5f507e 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor
@@ -3,7 +3,11 @@
 @using Microsoft.AspNetCore.Authorization;
 
 @attribute [Authorize]
-@attribute [RenderModeAuto]
+@*#if (UseServer && !InteractiveAtRoot)
+@attribute [RenderModeInteractiveAuto]
+##elseif (!InteractiveAtRoot)
+@attribute [RenderModeInteractiveWebAssembly]
+##endif*@
 
 <PageTitle>Auth</PageTitle>
 
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Program.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Program.cs
index 560bc77dbced..600e37d36537 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Program.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Program.cs
@@ -9,7 +9,7 @@
 #if (IndividualLocalAuth)
 builder.Services.AddAuthorizationCore();
 builder.Services.AddCascadingAuthenticationState();
-builder.Services.AddSingleton<AuthenticationStateProvider, PersistedAuthenticationStateProvider>();
+builder.Services.AddSingleton<AuthenticationStateProvider, PersistentAuthenticationStateProvider>();
 
 #endif
 await builder.Build().RunAsync();
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
index e57bd5e84e1c..3f818e07305d 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
@@ -42,7 +42,7 @@
 </div>
 <p>
     Don't have access to your authenticator device? You can
-    <a id="recovery-code-login" href="/Account/LoginWithRecoveryCode?ReturnUrl=@HtmlEncoder.Default.Encode(ReturnUrl)">log in with a recovery code</a>.
+    <a id="recovery-code-login" href="/Account/LoginWithRecoveryCode?ReturnUrl=@HtmlEncoder.Default.Encode(ReturnUrl ?? "/")">log in with a recovery code</a>.
 </p>
 
 @code {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/_Imports.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/_Imports.razor
new file mode 100644
index 000000000000..3856badae708
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/_Imports.razor
@@ -0,0 +1 @@
+@using BlazorWeb_CSharp.Components.Identity
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
index 7a24bbcc379a..b8bc769bec97 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
@@ -18,7 +18,8 @@ public static IEndpointConventionBuilder MapAdditionalIdentityEndpoints(this IEn
     {
         ArgumentNullException.ThrowIfNull(endpoints);
 
-        var logger = endpoints.ServiceProvider.GetRequiredService<ILogger<IdentityComponentsEndpointRouteBuilderExtensions>>();
+        var loggerFactory = endpoints.ServiceProvider.GetRequiredService<ILoggerFactory>();
+        var logger = loggerFactory.CreateLogger("IdentityUI");
         var accountGroup = endpoints.MapGroup("/Account");
 
         accountGroup.MapPost("/PerformExternalLogin", (
@@ -35,7 +36,7 @@ public static IEndpointConventionBuilder MapAdditionalIdentityEndpoints(this IEn
                 context.Request.PathBase,
                 $"/Account/ExternalLogin",
                 QueryString.Create(query));
-                
+
             var properties = signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
             return Results.Challenge(properties, [provider]);
         });
@@ -72,7 +73,7 @@ public static IEndpointConventionBuilder MapAdditionalIdentityEndpoints(this IEn
                 context.Request.PathBase,
                 $"/Account/Manage/ExternalLogins",
                 QueryString.Create("Action", ExternalLogins.LinkLoginCallbackAction));
-                
+
             var properties = signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl, signInManager.UserManager.GetUserId(context.User));
             return Results.Challenge(properties, [provider]);
         });

From e404b7d8965a558b1480b4547af621ca9b84c596 Mon Sep 17 00:00:00 2001
From: Mackinnon Buck <mackinnon.buck@gmail.com>
Date: Mon, 18 Sep 2023 15:37:14 -0700
Subject: [PATCH 06/18] Fix state persistence callback render mode

---
 .../PersistingAuthenticationStateProvider.cs        | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs
index 362b62609fc9..f0b7b5405f0d 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs
@@ -1,6 +1,7 @@
 using BlazorWeb_CSharp.Client;
 using Microsoft.AspNetCore.Components;
 using Microsoft.AspNetCore.Components.Authorization;
+using Microsoft.AspNetCore.Components.Web;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Options;
 
@@ -35,11 +36,17 @@ public PersistingAuthenticationStateProvider(IHttpContextAccessor contextAccesso
             }
 
             return Task.CompletedTask;
-        });
+        #if (UseServer && UseWebAssembly)
+        }, RenderMode.InteractiveAuto);
+        #elif (UseServer)
+        }, RenderMode.InteractiveServer);
+        #elif (UseWebAssembly)
+        }, RenderMode.InteractiveWebAssembly);
+        #endif
     }
 
-    private HttpContext RequiredHttpContext => 
-        _contextAccessor.HttpContext ?? throw new InvalidOperationException("IHttpContextAccessor HttpContext AsyncLocal missing!"); 
+    private HttpContext RequiredHttpContext =>
+        _contextAccessor.HttpContext ?? throw new InvalidOperationException("IHttpContextAccessor HttpContext AsyncLocal missing!");
 
     public override Task<AuthenticationState> GetAuthenticationStateAsync() =>
         Task.FromResult(new AuthenticationState(RequiredHttpContext.User));

From 3b103a7990a6025776920b4163375ddadf6f6398 Mon Sep 17 00:00:00 2001
From: Mackinnon Buck <mackinnon.buck@gmail.com>
Date: Mon, 18 Sep 2023 17:26:13 -0700
Subject: [PATCH 07/18] Logout functionality

---
 .../Components/Identity/LogoutForm.razor      | 32 +++++++++++++++++++
 .../Components/Layout/NavMenu.razor           | 12 ++++++-
 .../Components/Layout/NavMenu.razor.css       |  4 +++
 ...omponentsEndpointRouteBuilderExtensions.cs | 18 -----------
 4 files changed, 47 insertions(+), 19 deletions(-)
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor
new file mode 100644
index 000000000000..71b82c8c35e5
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor
@@ -0,0 +1,32 @@
+@using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+
+@inject SignInManager<ApplicationUser> SignInManager
+@inject NavigationManager NavigationManager
+
+<form @onsubmit="OnSubmitAsync" @formname="logout" method="post" @attributes="AdditionalAttributes">
+    <AntiforgeryToken />
+    <input type="hidden" name="ReturnUrl" value="@NavigationManager.Uri" />
+</form>
+
+@code {
+    [Parameter(CaptureUnmatchedValues = true)]
+    public IDictionary<string, object?>? AdditionalAttributes { get; set; }
+
+    [SupplyParameterFromForm]
+    private string? ReturnUrl { get; set; }
+
+    [CascadingParameter]
+    private HttpContext HttpContext { get; set; } = default!;
+
+    private async Task OnSubmitAsync()
+    {
+        var user = HttpContext.User;
+
+        if (SignInManager.IsSignedIn(user))
+        {
+            await SignInManager.SignOutAsync();
+            NavigationManager.RedirectTo(ReturnUrl ?? "/");
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor
index f9535bd7cb57..fafa8932ef55 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor
@@ -1,4 +1,8 @@
-<div class="top-row ps-3 navbar navbar-dark">
+@*#if (IndividualLocalAuth)
+@using BlazorWeb_CSharp.Components.Identity
+
+##endif*@
+<div class="top-row ps-3 navbar navbar-dark">
     <div class="container-fluid">
         <a class="navbar-brand" href="">BlazorWeb-CSharp</a>
     </div>
@@ -44,6 +48,12 @@
                         <span class="bi bi-person-fill" aria-hidden="true"></span> @context.User.Identity?.Name
                     </NavLink>
                 </div>
+                <div class="nav-item px-3">
+                    <LogoutForm id="logout-form" />
+                    <NavLink class="nav-link" href="#" onclick="document.getElementById('logout-form').submit(); return false;">
+                        <span class="bi bi-arrow-bar-left" aria-hidden="true"></span> Logout
+                    </NavLink>
+                </div>
             </Authorized>
             <NotAuthorized>
                 <div class="nav-item px-3">
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor.css b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor.css
index 0f1f79a45b85..14bddcebe4cf 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor.css
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor.css
@@ -63,6 +63,10 @@
     background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' fill='white' class='bi bi-person-fill' viewBox='0 0 16 16'%3E%3Cpath d='M3 14s-1 0-1-1 1-4 6-4 6 3 6 4-1 1-1 1H3Zm5-6a3 3 0 1 0 0-6 3 3 0 0 0 0 6Z'/%3E%3C/svg%3E");
 }
 
+.bi-arrow-bar-left {
+    background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='16' height='16' fill='white' class='bi bi-arrow-bar-left' viewBox='0 0 16 16'%3E%3Cpath d='M12.5 15a.5.5 0 0 1-.5-.5v-13a.5.5 0 0 1 1 0v13a.5.5 0 0 1-.5.5ZM10 8a.5.5 0 0 1-.5.5H3.707l2.147 2.146a.5.5 0 0 1-.708.708l-3-3a.5.5 0 0 1 0-.708l3-3a.5.5 0 1 1 .708.708L3.707 7.5H9.5a.5.5 0 0 1 .5.5Z'/%3E%3C/svg%3E");
+}
+
 /*#endif*/
 .nav-item {
     font-size: 0.9rem;
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
index b8bc769bec97..b1c32439be31 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
@@ -41,24 +41,6 @@ public static IEndpointConventionBuilder MapAdditionalIdentityEndpoints(this IEn
             return Results.Challenge(properties, [provider]);
         });
 
-        accountGroup.MapPost("/Logout", async (
-            [FromServices] SignInManager<ApplicationUser> signInManager,
-            [FromForm] string returnUrl) =>
-        {
-            await signInManager.SignOutAsync();
-            logger.LogInformation("User logged out.");
-            if (returnUrl is not null)
-            {
-                return Results.LocalRedirect(returnUrl);
-            }
-            else
-            {
-                // This needs to be a redirect so that the browser performs a new
-                // request and the identity for the user gets updated.
-                return Results.LocalRedirect("/");
-            }
-        });
-
         var manageGroup = accountGroup.MapGroup("/Manage").RequireAuthorization();
 
         manageGroup.MapPost("/LinkExternalLogin", async (

From 8451997daf72abc561478c724fce693acf8cc955 Mon Sep 17 00:00:00 2001
From: Mackinnon Buck <mackinnon.buck@gmail.com>
Date: Tue, 19 Sep 2023 13:55:22 -0700
Subject: [PATCH 08/18] Accessibility fixes

---
 .../BlazorWeb-CSharp/Components/Layout/ManageNavMenu.razor  | 2 +-
 .../Components/Pages/Account/ExternalLogin.razor            | 6 +++---
 .../Components/Pages/Account/ForgotPassword.razor           | 2 +-
 .../BlazorWeb-CSharp/Components/Pages/Account/Login.razor   | 2 +-
 .../Components/Pages/Account/LoginWith2fa.razor             | 2 +-
 .../Components/Pages/Account/LoginWithRecoveryCode.razor    | 2 +-
 .../Components/Pages/Account/Manage/ChangePassword.razor    | 4 ++--
 .../Pages/Account/Manage/DeletePersonalData.razor           | 2 +-
 .../Components/Pages/Account/Manage/Email.razor             | 2 +-
 .../Pages/Account/Manage/EnableAuthenticator.razor          | 2 +-
 .../Components/Pages/Account/Manage/Index.razor             | 2 +-
 .../Components/Pages/Account/Manage/SetPassword.razor       | 2 +-
 .../Components/Pages/Account/Register.razor                 | 6 +++---
 .../Components/Pages/Account/ResendEmailConfirmation.razor  | 2 +-
 .../Components/Pages/Account/ResetPassword.razor            | 2 +-
 .../BlazorWeb-CSharp/BlazorWeb-CSharp/wwwroot/app.css       | 6 +++---
 16 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageNavMenu.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageNavMenu.razor
index 37ab9a430ca2..8ffd7cd0a41e 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageNavMenu.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/ManageNavMenu.razor
@@ -8,7 +8,7 @@
         <NavLink id="profile" class="nav-link" href="/Account/Manage" Match="NavLinkMatch.All">Profile</NavLink>
     </li>
     <li class="nav-item">
-        <NavLink id="email" class="nav-link" href="/Account/Manage/Email">Email</NavLink>
+        <NavLink id="manage-email" class="nav-link" href="/Account/Manage/Email">Email</NavLink>
     </li>
     <li class="nav-item">
         <NavLink id="change-password" class="nav-link" href="/Account/Manage/ChangePassword">Password</NavLink>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor
index 4d9229a9b6ce..642d23c74eeb 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor
@@ -27,17 +27,17 @@
 <h2 id="external-login-title">Associate your @providerDisplayName account.</h2>
 <hr />
 
-<p id="external-login-description" class="text-info">
+<div id="external-login-description"  class="alert alert-info">
     You've successfully authenticated with <strong>@providerDisplayName</strong>.
     Please enter an email address for this site below and click the Register button to finish
     logging in.
-</p>
+</div>
 
 <div class="row">
     <div class="col-md-4">
         <EditForm id="confirmation-form" Model="Input" OnValidSubmit="OnValidSubmitAsync" FormName="confirmation" method="post">
             <DataAnnotationsValidator />
-            <ValidationSummary />
+            <ValidationSummary class="text-danger" />
             <div class="form-floating mb-3">
                 <InputText id="email" @bind-Value="Input.Email" class="form-control" autocomplete="email" placeholder="Please enter your email." />
                 <label for="email" class="form-label">Email</label>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
index a7dcdf9f60df..6509ff4b1f95 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
@@ -21,7 +21,7 @@
     <div class="col-md-4">
         <EditForm Model="Input" FormName="forgot-password" OnValidSubmit="OnValidSubmitAsync" method="post">
             <DataAnnotationsValidator />
-            <ValidationSummary class="text-danger" role="alert" />
+            <ValidationSummary class="text-danger" />
 
             <div class="form-floating mb-3">
                 <InputText id="email" @bind-Value="Input.Email" class="form-control" autocomplete="username" aria-required="true" placeholder="name@example.com" />
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
index 506e9243a157..969418c50030 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
@@ -21,7 +21,7 @@
             <EditForm id="account" Model="Input" method="post" OnValidSubmit="LoginUser" FormName="login">
                 <h2>Use a local account to log in.</h2>
                 <hr />
-                <ValidationSummary class="text-danger" role="alert" />
+                <ValidationSummary class="text-danger" />
                 <div class="form-floating mb-3">
                     <InputText id="email" @bind-Value="Input.Email" class="form-control" autocomplete="username" aria-required="true" placeholder="name@example.com" />
                     <label for="email" class="form-label">Email</label>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
index 3f818e07305d..855c5a04023d 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
@@ -22,7 +22,7 @@
             <input type="hidden" name="ReturnUrl" value="@ReturnUrl" />
             <input type="hidden" name="RememberMe" value="@RememberMe" />
             <DataAnnotationsValidator />
-            <ValidationSummary class="text-danger" role="alert" />
+            <ValidationSummary class="text-danger" />
             <div class="form-floating mb-3">
                 <InputText id="two-factor-code" @bind-Value="Input.TwoFactorCode" class="form-control" autocomplete="off" />
                 <label for="two-factor-code" class="form-label">Authenticator code</label>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor
index d6426e907be6..67696e101c45 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor
@@ -23,7 +23,7 @@
     <div class="col-md-4">
         <EditForm Model="Input" FormName="login-with-recovery-code" OnValidSubmit="OnValidSubmitAsync" method="post">
             <DataAnnotationsValidator />
-            <ValidationSummary class="text-danger" role="alert" />
+            <ValidationSummary class="text-danger" />
             <div class="form-floating mb-3">
                 <InputText id="recovery-code" @bind-Value="Input.RecoveryCode" class="form-control" autocomplete="off" placeholder="RecoveryCode" />
                 <label for="recovery-code" class="form-label">Recovery Code</label>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
index 44af1e218c0f..68b4b2f13b81 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
@@ -18,7 +18,7 @@
     <div class="col-md-6">
         <EditForm id="change-password-form" Model="Input" FormName="change-password" OnValidSubmit="OnValidSubmitAsync" method="post">
             <DataAnnotationsValidator />
-            <ValidationSummary class="text-danger" role="alert" />
+            <ValidationSummary class="text-danger" />
             <div class="form-floating mb-3">
                 <InputText id="old-password" type="password" @bind-Value="Input.OldPassword" class="form-control" autocomplete="current-password" aria-required="true" placeholder="Please enter your old password." />
                 <label for="old-password" class="form-label">Old password</label>
@@ -30,7 +30,7 @@
                 <ValidationMessage For="() => Input.NewPassword" class="text-danger" />
             </div>
             <div class="form-floating mb-3">
-                <InputText id="confirm-password" type="password" @bind-Value="Input.ConfirmPassword" class="form-control" autocomplete="confirm-password" aria-required="true" placeholder="Please confirm your new password." />
+                <InputText id="confirm-password" type="password" @bind-Value="Input.ConfirmPassword" class="form-control" autocomplete="new-password" aria-required="true" placeholder="Please confirm your new password." />
                 <label for="confirm-password" class="form-label">Confirm password</label>
                 <ValidationMessage For="() => Input.ConfirmPassword" class="text-danger" />
             </div>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor
index b27a00c31520..0c5f1a4334c9 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor
@@ -25,7 +25,7 @@
 <div>
     <EditForm id="delete-user" Model="Input" FormName="delete-user" OnValidSubmit="OnValidSubmitAsync" method="post">
         <DataAnnotationsValidator />
-        <ValidationSummary class="text-danger" role="alert"/>
+        <ValidationSummary class="text-danger" />
         @if (_requirePassword)
         {
             <div class="form-floating mb-3">
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
index a9f0ffb6d1a5..305210b7dcd0 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
@@ -25,7 +25,7 @@
         </form>
         <EditForm id="change-email-form" Model="Input" FormName="change-email" OnValidSubmit="OnValidSubmitAsync" method="post">
             <DataAnnotationsValidator />
-            <ValidationSummary class="text-danger" role="alert" />
+            <ValidationSummary class="text-danger" />
             @if (_isEmailConfirmed)
             {
                 <div class="form-floating mb-3 input-group">
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
index 8efc21e1c061..627f76429d3d 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
@@ -51,7 +51,7 @@
                             <ValidationMessage For="() => Input.Code" class="text-danger" />
                         </div>
                         <button type="submit" class="w-100 btn btn-lg btn-primary">Verify</button>
-                        <ValidationSummary class="text-danger" role="alert" />
+                        <ValidationSummary class="text-danger" />
                     </EditForm>
                 </div>
             </div>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
index 6a02d5341ed4..6c7c87e5f8b5 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
@@ -20,7 +20,7 @@
     <div class="col-md-6">
         <EditForm id="profile-form" Model="Input" FormName="profile" OnValidSubmit="OnValidSubmitAsync" method="post">
             <DataAnnotationsValidator />
-            <ValidationSummary class="text-danger" role="alert" />
+            <ValidationSummary class="text-danger" />
             <div class="form-floating mb-3">
                 <input id="username" type="text" value="@_username" class="form-control" placeholder="Please choose your username." disabled />
                 <label for="username" class="form-label">Username</label>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor
index b48ab185ecfe..f247ab21440f 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor
@@ -21,7 +21,7 @@
     <div class="col-md-6">
         <EditForm id="set-password-form" Model="Input" FormName="set-password" OnValidSubmit="OnValidSubmitAsync" method="post">
             <DataAnnotationsValidator />
-            <ValidationSummary class="text-danger" role="alert" />
+            <ValidationSummary class="text-danger" />
             <div class="form-floating mb-3">
                 <InputText id="new-password" type="password" @bind-Value="Input.NewPassword" class="form-control" autocomplete="new-password" placeholder="Please enter your new password." />
                 <label for="new-password" class="form-label">New password</label>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
index af64d95eb8f3..ba7a3f13d505 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
@@ -27,7 +27,7 @@
             <DataAnnotationsValidator />
             <h2>Create a new account.</h2>
             <hr />
-            <ValidationSummary class="text-danger" role="alert" />
+            <ValidationSummary class="text-danger" />
             <div class="form-floating mb-3">
                 <InputText id="email" @bind-Value="Input.Email" class="form-control" autocomplete="username" aria-required="true" placeholder="name@example.com" />
                 <label for="email">Email</label>
@@ -126,7 +126,7 @@
             var code = await UserManager.GenerateEmailConfirmationTokenAsync(user);
             code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
             var callbackUrl = NavigationManager.GetUriWithQueryParameters(
-                NavigationManager.ToAbsoluteUri("/Account/ConfirmEmail").AbsoluteUri, 
+                NavigationManager.ToAbsoluteUri("/Account/ConfirmEmail").AbsoluteUri,
                 new Dictionary<string, object?> { { "userId", userId }, { "code", code }, { "returnUrl", ReturnUrl } });
 
             await EmailSender.SendEmailAsync(Input.Email, "Confirm your email",
@@ -171,4 +171,4 @@
         }
         return (IUserEmailStore<ApplicationUser>) UserStore;
     }
-}
\ No newline at end of file
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor
index cfe0530a97d6..f1de72583703 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor
@@ -22,7 +22,7 @@
     <div class="col-md-4">
         <EditForm Model="Input" FormName="resend-email-confirmation" OnValidSubmit="OnValidSubmitAsync" method="post">
             <DataAnnotationsValidator />
-            <ValidationSummary class="text-danger" role="alert" />
+            <ValidationSummary class="text-danger" />
             <div class="form-floating mb-3">
                 <InputText id="email" @bind-Value="Input.Email" class="form-control" aria-required="true" placeholder="name@example.com" />
                 <label for="email" class="form-label">Email</label>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
index 63492a9a43d9..5e04d17eba0c 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
@@ -20,7 +20,7 @@
         <StatusMessage Message="@Message" />
         <EditForm id="reset-password-form" Model="Input" FormName="reset-password" OnValidSubmit="OnValidSubmitAsync" method="post">
             <DataAnnotationsValidator />
-            <ValidationSummary class="text-danger" role="alert" />
+            <ValidationSummary class="text-danger" />
 
             <input type="hidden" name="Input.Code" value="@Input.Code" />
             <div class="form-floating mb-3">
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/wwwroot/app.css b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/wwwroot/app.css
index 6aa275650f20..8450852ee2b2 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/wwwroot/app.css
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/wwwroot/app.css
@@ -4,7 +4,7 @@ html, body {
 }
 
 a, .btn-link {
-    color: #0071c1;
+    color: #006bb7;
 }
 
 .btn-primary {
@@ -31,11 +31,11 @@ h1:focus {
 }
 
 .invalid {
-    outline: 1px solid red;
+    outline: 1px solid #e50000;
 }
 
 .validation-message {
-    color: red;
+    color: #e50000;
 }
 
 .blazor-error-boundary {

From 7906488cac87089b3dd964338b1c6b642d2d1e90 Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Wed, 20 Sep 2023 09:07:35 -0700
Subject: [PATCH 09/18] Support all InteractivityPlatform choices

---
 .../.template.config/dotnetcli.host.json      |   2 +-
 .../.template.config/ide.host.json            |   1 -
 .../.template.config/template.json            |  27 ++++-
 .../BlazorWeb-CSharp.Client/Pages/Auth.razor  |   4 +-
 .../PersistentAuthenticationStateProvider.cs  |   1 -
 .../Components/Layout/NavMenu.razor           |   4 +-
 .../Components/Pages/Auth.razor               |  13 ++
 .../Data/ApplicationDbContext.cs              |   6 +-
 ...omponentsEndpointRouteBuilderExtensions.cs |   7 +-
 ...yRevalidatingAuthenticationStateProvide.cs |  54 +++++++++
 ...RevalidatingAuthenticationStateProvider.cs | 111 ++++++++++++++++++
 ...istingServerAuthenticationStateProvider.cs |  66 +++++++++++
 .../PersistingAuthenticationStateProvider.cs  |  58 ---------
 .../BlazorWeb-CSharp/Program.Main.cs          |  25 +++-
 .../BlazorWeb-CSharp/Program.cs               |  26 +++-
 15 files changed, 317 insertions(+), 88 deletions(-)
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Auth.razor
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRevalidatingAuthenticationStateProvide.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingRevalidatingAuthenticationStateProvider.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingServerAuthenticationStateProvider.cs
 delete mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/dotnetcli.host.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/dotnetcli.host.json
index 0f065fcebccc..897cc41741ca 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/dotnetcli.host.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/dotnetcli.host.json
@@ -56,6 +56,6 @@
     }
   },
   "usageExamples": [
-    "--use-wasm --auth Individual --use-local-db"
+    "-int auto --auth individual --use-local-db"
   ]
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json
index 97fc244b1c22..e503b5ab084e 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json
@@ -23,7 +23,6 @@
     {
       "id": "auth",
       "isVisible": true,
-      "defaultValue": "None",
       "persistenceScope": "templateGroup"
     },
     {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
index 4656ab29a758..d5f2e0b62a24 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
@@ -117,18 +117,41 @@
             "BlazorWeb-CSharp/Components/Identity/**",
             "BlazorWeb-CSharp/Data/**",
             "BlazorWeb-CSharp/Identity/**",
-            "BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs",
             "BlazorWeb-CSharp.Client/PersistentAuthenticationStateProvider.cs",
             "BlazorWeb-CSharp.Client/UserInfo.cs",
             "BlazorWeb-CSharp.Client/Pages/Auth.razor"
           ]
         },
         {
-          "condition": "(!IndividualLocalAuth || UseLocalDB)",
+          "condition": "(!(IndividualLocalAuth && !UseLocalDB))",
           "exclude": [
             "BlazorWeb-CSharp/app.db"
           ]
         },
+        {
+          "condition": "(!(IndividualLocalAuth && !UseWebAssembly))",
+          "exclude": [
+            "BlazorWeb-CSharp/Components/Pages/Auth.razor"
+          ]
+        },
+        {
+          "condition": "(!(IndividualLocalAuth && UseServer && UseWebAssembly))",
+          "exclude": [
+            "BlazorWeb-CSharp/Identity/PersistingRevalidatingAuthenticationStateProvider.cs"
+          ]
+        },
+        {
+          "condition": "(!(IndividualLocalAuth && UseServer && !UseWebAssembly))",
+          "exclude": [
+            "BlazorWeb-CSharp/Identity/IdentityRevalidatingAuthenticationStateProvider.cs"
+          ]
+        },
+        {
+          "condition": "(!(IndividualLocalAuth && !UseServer && UseWebAssembly))",
+          "exclude": [
+            "BlazorWeb-CSharp/Identity/PersistingServerAuthenticationStateProvider.cs"
+          ]
+        },
         {
           "condition": "(IndividualLocalAuth && UseLocalDB && UseWebAssembly)",
           "rename": {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor
index 90021b5f507e..ebeeeccea168 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/Pages/Auth.razor
@@ -1,6 +1,6 @@
 @page "/auth"
 
-@using Microsoft.AspNetCore.Authorization;
+@using Microsoft.AspNetCore.Authorization
 
 @attribute [Authorize]
 @*#if (UseServer && !InteractiveAtRoot)
@@ -14,5 +14,5 @@
 <h1>You are authenticated</h1>
 
 <AuthorizeView>
-    <p>Hello @context.User.Identity?.Name!</p>
+    Hello @context.User.Identity?.Name!
 </AuthorizeView>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistentAuthenticationStateProvider.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistentAuthenticationStateProvider.cs
index 8d1374e33cf9..4f8e698ea75d 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistentAuthenticationStateProvider.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/PersistentAuthenticationStateProvider.cs
@@ -11,7 +11,6 @@ public class PersistentAuthenticationStateProvider(PersistentComponentState pers
 
     public override Task<AuthenticationState> GetAuthenticationStateAsync()
     {
-        // REVIEW: Is TryTakeFromJson correctly annotated? "|| userInfo is null" should not be necessary.
         if (!persistentState.TryTakeFromJson<UserInfo>(nameof(UserInfo), out var userInfo) || userInfo is null)
         {
             return _unauthenticatedTask;
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor
index fafa8932ef55..5b38b21d63a7 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Layout/NavMenu.razor
@@ -31,15 +31,13 @@
                 <span class="bi bi-list-nested" aria-hidden="true"></span> Weather
             </NavLink>
         </div>
-        @*#if (IndividualLocalAuth && UseWebAssembly)
+        @*#if (IndividualLocalAuth)
 
         <div class="nav-item px-3">
             <NavLink class="nav-link" href="auth">
                 <span class="bi bi-lock" aria-hidden="true"></span> Auth Required
             </NavLink>
         </div>
-        ##endif*@
-        @*#if (IndividualLocalAuth)
 
         <AuthorizeView>
             <Authorized>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Auth.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Auth.razor
new file mode 100644
index 000000000000..b7bbe6eb3d98
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Auth.razor
@@ -0,0 +1,13 @@
+@page "/auth"
+
+@using Microsoft.AspNetCore.Authorization
+
+@attribute [Authorize]
+
+<PageTitle>Auth</PageTitle>
+
+<h1>You are authenticated</h1>
+
+<AuthorizeView>
+    Hello @context.User.Identity?.Name!
+</AuthorizeView>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationDbContext.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationDbContext.cs
index 08e9d0808401..2ce33e233a9e 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationDbContext.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/ApplicationDbContext.cs
@@ -3,10 +3,6 @@
 
 namespace BlazorWeb_CSharp.Data;
 
-public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
+public class ApplicationDbContext(DbContextOptions<ApplicationDbContext> options) : IdentityDbContext<ApplicationUser>(options)
 {
-    public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options)
-        : base(options)
-    {
-    }
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
index b1c32439be31..ea968cb71f5e 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
@@ -18,8 +18,6 @@ public static IEndpointConventionBuilder MapAdditionalIdentityEndpoints(this IEn
     {
         ArgumentNullException.ThrowIfNull(endpoints);
 
-        var loggerFactory = endpoints.ServiceProvider.GetRequiredService<ILoggerFactory>();
-        var logger = loggerFactory.CreateLogger("IdentityUI");
         var accountGroup = endpoints.MapGroup("/Account");
 
         accountGroup.MapPost("/PerformExternalLogin", (
@@ -60,6 +58,9 @@ public static IEndpointConventionBuilder MapAdditionalIdentityEndpoints(this IEn
             return Results.Challenge(properties, [provider]);
         });
 
+        var loggerFactory = endpoints.ServiceProvider.GetRequiredService<ILoggerFactory>();
+        var downloadLogger = loggerFactory.CreateLogger("DownloadPersonalData");
+
         manageGroup.MapPost("/DownloadPersonalData", async (
             HttpContext context,
             [FromServices] UserManager<ApplicationUser> userManager,
@@ -72,7 +73,7 @@ public static IEndpointConventionBuilder MapAdditionalIdentityEndpoints(this IEn
             }
 
             var userId = await userManager.GetUserIdAsync(user);
-            logger.LogInformation("User with ID '{UserId}' asked for their personal data.", userId);
+            downloadLogger.LogInformation("User with ID '{UserId}' asked for their personal data.", userId);
 
             // Only include personal data for download
             var personalData = new Dictionary<string, string>();
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRevalidatingAuthenticationStateProvide.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRevalidatingAuthenticationStateProvide.cs
new file mode 100644
index 000000000000..237200d2cae0
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRevalidatingAuthenticationStateProvide.cs
@@ -0,0 +1,54 @@
+using System.Security.Claims;
+using Microsoft.AspNetCore.Components.Authorization;
+using Microsoft.AspNetCore.Components.Server;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
+using BlazorWeb_CSharp.Data;
+
+namespace BlazorWeb_CSharp.Identity;
+
+public class IdentityRevalidatingAuthenticationStateProvider : RevalidatingServerAuthenticationStateProvider
+{
+    private readonly IServiceScopeFactory _scopeFactory;
+    private readonly IdentityOptions _options;
+
+    public IdentityRevalidatingAuthenticationStateProvider(
+        ILoggerFactory loggerFactory,
+        IServiceScopeFactory scopeFactory,
+        IOptions<IdentityOptions> optionsAccessor)
+        : base(loggerFactory)
+    {
+        _scopeFactory = scopeFactory;
+        _options = optionsAccessor.Value;
+    }
+
+    protected override TimeSpan RevalidationInterval => TimeSpan.FromMinutes(30);
+
+    protected override async Task<bool> ValidateAuthenticationStateAsync(
+        AuthenticationState authenticationState, CancellationToken cancellationToken)
+    {
+        // Get the user manager from a new scope to ensure it fetches fresh data
+        await using var scope = _scopeFactory.CreateAsyncScope();
+        var userManager = scope.ServiceProvider.GetRequiredService<UserManager<ApplicationUser>>();
+        return await ValidateSecurityStampAsync(userManager, authenticationState.User);
+    }
+
+    private async Task<bool> ValidateSecurityStampAsync(UserManager<ApplicationUser> userManager, ClaimsPrincipal principal)
+    {
+        var user = await userManager.GetUserAsync(principal);
+        if (user == null)
+        {
+            return false;
+        }
+        else if (!userManager.SupportsUserSecurityStamp)
+        {
+            return true;
+        }
+        else
+        {
+            var principalStamp = principal.FindFirstValue(_options.ClaimsIdentity.SecurityStampClaimType);
+            var userStamp = await userManager.GetSecurityStampAsync(user);
+            return principalStamp == userStamp;
+        }
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingRevalidatingAuthenticationStateProvider.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingRevalidatingAuthenticationStateProvider.cs
new file mode 100644
index 000000000000..3bda4afba7e1
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingRevalidatingAuthenticationStateProvider.cs
@@ -0,0 +1,111 @@
+using System.Diagnostics;
+using System.Security.Claims;
+using Microsoft.AspNetCore.Components;
+using Microsoft.AspNetCore.Components.Authorization;
+using Microsoft.AspNetCore.Components.Server;
+using Microsoft.AspNetCore.Components.Web;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
+using BlazorWeb_CSharp.Client;
+using BlazorWeb_CSharp.Data;
+
+namespace BlazorWeb_CSharp.Identity;
+
+public class PersistingRevalidatingAuthenticationStateProvider : RevalidatingServerAuthenticationStateProvider
+{
+    private readonly IServiceScopeFactory _scopeFactory;
+    private readonly PersistentComponentState _state;
+    private readonly IdentityOptions _options;
+
+    private readonly PersistingComponentStateSubscription _subscription;
+
+    private Task<AuthenticationState>? _authenticationStateTask;
+
+    public PersistingRevalidatingAuthenticationStateProvider(
+        ILoggerFactory loggerFactory,
+        IServiceScopeFactory scopeFactory,
+        PersistentComponentState state,
+        IOptions<IdentityOptions> options)
+        : base(loggerFactory)
+    {
+        _scopeFactory = scopeFactory;
+        _state = state;
+        _options = options.Value;
+
+        AuthenticationStateChanged += OnAuthenticationStateChanged;
+        #if (UseServer && UseWebAssembly)
+        _subscription = state.RegisterOnPersisting(OnPersistingAsync, RenderMode.InteractiveAuto);
+        }, RenderMode.InteractiveAuto);
+        #else
+        _subscription = state.RegisterOnPersisting(OnPersistingAsync, RenderMode.InteractiveServer);
+        #endif
+    }
+
+    protected override TimeSpan RevalidationInterval => TimeSpan.FromMinutes(30);
+
+    protected override async Task<bool> ValidateAuthenticationStateAsync(
+        AuthenticationState authenticationState, CancellationToken cancellationToken)
+    {
+        // Get the user manager from a new scope to ensure it fetches fresh data
+        await using var scope = _scopeFactory.CreateAsyncScope();
+        var userManager = scope.ServiceProvider.GetRequiredService<UserManager<ApplicationUser>>();
+        return await ValidateSecurityStampAsync(userManager, authenticationState.User);
+    }
+
+    private async Task<bool> ValidateSecurityStampAsync(UserManager<ApplicationUser> userManager, ClaimsPrincipal principal)
+    {
+        var user = await userManager.GetUserAsync(principal);
+        if (user == null)
+        {
+            return false;
+        }
+        else if (!userManager.SupportsUserSecurityStamp)
+        {
+            return true;
+        }
+        else
+        {
+            var principalStamp = principal.FindFirstValue(_options.ClaimsIdentity.SecurityStampClaimType);
+            var userStamp = await userManager.GetSecurityStampAsync(user);
+            return principalStamp == userStamp;
+        }
+    }
+
+    private void OnAuthenticationStateChanged(Task<AuthenticationState> authenticationStateTask)
+    {
+        _authenticationStateTask = authenticationStateTask;
+    }
+
+    private async Task OnPersistingAsync()
+    {
+        if (_authenticationStateTask is null)
+        {
+            throw new UnreachableException($"Authentication state not set in {nameof(RevalidatingServerAuthenticationStateProvider)}.{nameof(OnPersistingAsync)}().");
+        }
+
+        var authenticationState = await _authenticationStateTask;
+        var principal = authenticationState.User;
+
+        if (principal.Identity?.IsAuthenticated == true)
+        {
+            var userId = principal.FindFirst(_options.ClaimsIdentity.UserIdClaimType)?.Value;
+            var email = principal.FindFirst(_options.ClaimsIdentity.EmailClaimType)?.Value;
+
+            if (userId != null && email != null)
+            {
+                _state.PersistAsJson(nameof(UserInfo), new UserInfo
+                {
+                    UserId = userId,
+                    Email = email,
+                });
+            }
+        }
+    }
+
+    protected override void Dispose(bool disposing)
+    {
+        _subscription.Dispose();
+        AuthenticationStateChanged -= OnAuthenticationStateChanged;
+        base.Dispose(disposing);
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingServerAuthenticationStateProvider.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingServerAuthenticationStateProvider.cs
new file mode 100644
index 000000000000..6149f109e221
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingServerAuthenticationStateProvider.cs
@@ -0,0 +1,66 @@
+using System.Diagnostics;
+using Microsoft.AspNetCore.Components;
+using Microsoft.AspNetCore.Components.Authorization;
+using Microsoft.AspNetCore.Components.Server;
+using Microsoft.AspNetCore.Components.Web;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
+using BlazorWeb_CSharp.Client;
+
+namespace BlazorWeb_CSharp.Identity;
+
+public class PersistingServerAuthenticationStateProvider : ServerAuthenticationStateProvider, IDisposable
+{
+    private readonly PersistentComponentState _state;
+    private readonly IdentityOptions _options;
+
+    private readonly PersistingComponentStateSubscription _subscription;
+
+    private Task<AuthenticationState>? _authenticationStateTask;
+
+    public PersistingServerAuthenticationStateProvider(PersistentComponentState state, IOptions<IdentityOptions> options)
+    {
+        _state = state;
+        _options = options.Value;
+
+        AuthenticationStateChanged += OnAuthenticationStateChanged;
+        _subscription = state.RegisterOnPersisting(OnPersistingAsync, RenderMode.InteractiveWebAssembly);
+    }
+
+    private void OnAuthenticationStateChanged(Task<AuthenticationState> authenticationStateTask)
+    {
+        _authenticationStateTask = authenticationStateTask;
+    }
+
+    private async Task OnPersistingAsync()
+    {
+        if (_authenticationStateTask is null)
+        {
+            throw new UnreachableException($"Authentication state not set in {nameof(RevalidatingServerAuthenticationStateProvider)}.{nameof(OnPersistingAsync)}().");
+        }
+
+        var authenticationState = await _authenticationStateTask;
+        var principal = authenticationState.User;
+
+        if (principal.Identity?.IsAuthenticated == true)
+        {
+            var userId = principal.FindFirst(_options.ClaimsIdentity.UserIdClaimType)?.Value;
+            var email = principal.FindFirst(_options.ClaimsIdentity.EmailClaimType)?.Value;
+
+            if (userId != null && email != null)
+            {
+                _state.PersistAsJson(nameof(UserInfo), new UserInfo
+                {
+                    UserId = userId,
+                    Email = email,
+                });
+            }
+        }
+    }
+
+    public void Dispose()
+    {
+        _subscription.Dispose();
+        AuthenticationStateChanged -= OnAuthenticationStateChanged;
+    }
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs
deleted file mode 100644
index f0b7b5405f0d..000000000000
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/PersistingAuthenticationStateProvider.cs
+++ /dev/null
@@ -1,58 +0,0 @@
-using BlazorWeb_CSharp.Client;
-using Microsoft.AspNetCore.Components;
-using Microsoft.AspNetCore.Components.Authorization;
-using Microsoft.AspNetCore.Components.Web;
-using Microsoft.AspNetCore.Identity;
-using Microsoft.Extensions.Options;
-
-namespace BlazorWeb_CSharp;
-
-public class PersistingAuthenticationStateProvider : AuthenticationStateProvider, IDisposable
-{
-    private readonly IHttpContextAccessor _contextAccessor;
-    private readonly PersistingComponentStateSubscription _subscription;
-
-    public PersistingAuthenticationStateProvider(IHttpContextAccessor contextAccessor, PersistentComponentState state, IOptions<IdentityOptions> identityOptions)
-    {
-        _contextAccessor = contextAccessor;
-
-        _subscription = state.RegisterOnPersisting(() =>
-        {
-            var user = RequiredHttpContext.User;
-
-            if (user.Identity?.IsAuthenticated == true)
-            {
-                var userId = user.FindFirst(identityOptions.Value.ClaimsIdentity.UserIdClaimType)?.Value;
-                var email = user.FindFirst(identityOptions.Value.ClaimsIdentity.EmailClaimType)?.Value;
-
-                if (userId != null && email != null)
-                {
-                    state.PersistAsJson(nameof(UserInfo), new UserInfo
-                    {
-                        UserId = userId,
-                        Email = email,
-                    });
-                }
-            }
-
-            return Task.CompletedTask;
-        #if (UseServer && UseWebAssembly)
-        }, RenderMode.InteractiveAuto);
-        #elif (UseServer)
-        }, RenderMode.InteractiveServer);
-        #elif (UseWebAssembly)
-        }, RenderMode.InteractiveWebAssembly);
-        #endif
-    }
-
-    private HttpContext RequiredHttpContext =>
-        _contextAccessor.HttpContext ?? throw new InvalidOperationException("IHttpContextAccessor HttpContext AsyncLocal missing!");
-
-    public override Task<AuthenticationState> GetAuthenticationStateAsync() =>
-        Task.FromResult(new AuthenticationState(RequiredHttpContext.User));
-
-    public void Dispose()
-    {
-        _subscription.Dispose();
-    }
-}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
index 52bf62ce50ae..5d04d836e17a 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
@@ -1,5 +1,11 @@
 #if (IndividualLocalAuth)
-using BlazorWeb_CSharp;
+using Microsoft.AspNetCore.Components.Authorization;
+#if (!UseServer && !UseWebAssembly)
+using Microsoft.AspNetCore.Components.Server;
+#endif
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity.UI.Services;
+using Microsoft.EntityFrameworkCore;
 #endif
 #if (UseWebAssembly)
 using BlazorWeb_CSharp.Client.Pages;
@@ -7,10 +13,7 @@
 using BlazorWeb_CSharp.Components;
 #if (IndividualLocalAuth)
 using BlazorWeb_CSharp.Data;
-using Microsoft.AspNetCore.Components.Authorization;
-using Microsoft.AspNetCore.Identity;
-using Microsoft.AspNetCore.Identity.UI.Services;
-using Microsoft.EntityFrameworkCore;
+using BlazorWeb_CSharp.Identity;
 #endif
 
 namespace BlazorWeb_CSharp;
@@ -38,8 +41,18 @@ public static void Main(string[] args)
 
         #if (IndividualLocalAuth)
         builder.Services.AddCascadingAuthenticationState();
-        builder.Services.AddScoped<AuthenticationStateProvider, PersistingAuthenticationStateProvider>();
         builder.Services.AddScoped<UserAccessor>();
+        #if (UseServer && UseWebAssembly)
+        builder.Services.AddScoped<AuthenticationStateProvider, PersistingRevalidatingAuthenticationStateProvider>();
+        #elif (UseServer)
+        builder.Services.AddScoped<AuthenticationStateProvider, IdentityRevalidatingAuthenticationStateProvider>();
+        #elif (UseWebAssembly)
+        builder.Services.AddScoped<AuthenticationStateProvider, PersistingServerAuthenticationStateProvider>();
+        #else
+        builder.Services.AddScoped<AuthenticationStateProvider, ServerAuthenticationStateProvider>();
+
+        builder.Services.AddAuthorization();
+        #endif
 
         builder.Services.AddAuthentication(IdentityConstants.ApplicationScheme)
             .AddIdentityCookies();
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
index c126786b65c3..6f1c514e8813 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
@@ -1,5 +1,11 @@
 #if (IndividualLocalAuth)
-using BlazorWeb_CSharp;
+using Microsoft.AspNetCore.Components.Authorization;
+#if (!UseServer && !UseWebAssembly)
+using Microsoft.AspNetCore.Components.Server;
+#endif
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity.UI.Services;
+using Microsoft.EntityFrameworkCore;
 #endif
 #if (UseWebAssembly)
 using BlazorWeb_CSharp.Client.Pages;
@@ -7,10 +13,7 @@
 using BlazorWeb_CSharp.Components;
 #if (IndividualLocalAuth)
 using BlazorWeb_CSharp.Data;
-using Microsoft.AspNetCore.Components.Authorization;
-using Microsoft.AspNetCore.Identity;
-using Microsoft.AspNetCore.Identity.UI.Services;
-using Microsoft.EntityFrameworkCore;
+using BlazorWeb_CSharp.Identity;
 #endif
 
 var builder = WebApplication.CreateBuilder(args);
@@ -32,9 +35,20 @@
 
 #if (IndividualLocalAuth)
 builder.Services.AddCascadingAuthenticationState();
-builder.Services.AddScoped<AuthenticationStateProvider, PersistingAuthenticationStateProvider>();
 builder.Services.AddScoped<UserAccessor>();
+#if (UseServer && UseWebAssembly)
+builder.Services.AddScoped<AuthenticationStateProvider, PersistingRevalidatingAuthenticationStateProvider>();
+#elif (UseServer)
+builder.Services.AddScoped<AuthenticationStateProvider, IdentityRevalidatingAuthenticationStateProvider>();
+#elif (UseWebAssembly)
+builder.Services.AddScoped<AuthenticationStateProvider, PersistingServerAuthenticationStateProvider>();
+#else
+builder.Services.AddScoped<AuthenticationStateProvider, ServerAuthenticationStateProvider>();
+#endif
 
+#if (!UseServer)
+builder.Services.AddAuthorization();
+#endif
 builder.Services.AddAuthentication(IdentityConstants.ApplicationScheme)
     .AddIdentityCookies();
 

From ee81a3b063f80687413e746572e918e7252e0b7f Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Wed, 20 Sep 2023 11:13:25 -0700
Subject: [PATCH 10/18] Fix compile error in
 PersistingRevalidatingAuthenticationStateProvider

---
 .../BlazorWeb-CSharp/.template.config/template.json        | 4 +++-
 ... => IdentityRevalidatingAuthenticationStateProvider.cs} | 0
 .../PersistingRevalidatingAuthenticationStateProvider.cs   | 7 +------
 .../BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs      | 2 ++
 .../content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs   | 2 ++
 5 files changed, 8 insertions(+), 7 deletions(-)
 rename src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/{IdentityRevalidatingAuthenticationStateProvide.cs => IdentityRevalidatingAuthenticationStateProvider.cs} (100%)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
index d5f2e0b62a24..b48e596f2efe 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
@@ -113,8 +113,10 @@
         {
           "condition": "(!IndividualLocalAuth)",
           "exclude": [
-            "BlazorWeb-CSharp/Components/Pages/Account/**",
             "BlazorWeb-CSharp/Components/Identity/**",
+            "BlazorWeb-CSharp/Components/Layout/ManageLayout.razor",
+            "BlazorWeb-CSharp/Components/Layout/ManageNavMenu.razor",
+            "BlazorWeb-CSharp/Components/Pages/Account/**",
             "BlazorWeb-CSharp/Data/**",
             "BlazorWeb-CSharp/Identity/**",
             "BlazorWeb-CSharp.Client/PersistentAuthenticationStateProvider.cs",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRevalidatingAuthenticationStateProvide.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRevalidatingAuthenticationStateProvider.cs
similarity index 100%
rename from src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRevalidatingAuthenticationStateProvide.cs
rename to src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRevalidatingAuthenticationStateProvider.cs
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingRevalidatingAuthenticationStateProvider.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingRevalidatingAuthenticationStateProvider.cs
index 3bda4afba7e1..4bcaeb392093 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingRevalidatingAuthenticationStateProvider.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/PersistingRevalidatingAuthenticationStateProvider.cs
@@ -33,12 +33,7 @@ public PersistingRevalidatingAuthenticationStateProvider(
         _options = options.Value;
 
         AuthenticationStateChanged += OnAuthenticationStateChanged;
-        #if (UseServer && UseWebAssembly)
-        _subscription = state.RegisterOnPersisting(OnPersistingAsync, RenderMode.InteractiveAuto);
-        }, RenderMode.InteractiveAuto);
-        #else
-        _subscription = state.RegisterOnPersisting(OnPersistingAsync, RenderMode.InteractiveServer);
-        #endif
+        _subscription = state.RegisterOnPersisting(OnPersistingAsync, RenderMode.InteractiveWebAssembly);
     }
 
     protected override TimeSpan RevalidationInterval => TimeSpan.FromMinutes(30);
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
index 5d04d836e17a..960bc5731923 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
@@ -13,8 +13,10 @@
 using BlazorWeb_CSharp.Components;
 #if (IndividualLocalAuth)
 using BlazorWeb_CSharp.Data;
+#if (UseServer || UseWebAssembly)
 using BlazorWeb_CSharp.Identity;
 #endif
+#endif
 
 namespace BlazorWeb_CSharp;
 
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
index 6f1c514e8813..4c562b56900a 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
@@ -13,8 +13,10 @@
 using BlazorWeb_CSharp.Components;
 #if (IndividualLocalAuth)
 using BlazorWeb_CSharp.Data;
+#if (UseServer || UseWebAssembly)
 using BlazorWeb_CSharp.Identity;
 #endif
+#endif
 
 var builder = WebApplication.CreateBuilder(args);
 

From fd8534180f06ef45579f0aea5a888cf030f01dbd Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Wed, 20 Sep 2023 14:05:14 -0700
Subject: [PATCH 11/18] Disable global interactivity with individual auth

---
 .../content/BlazorWeb-CSharp/.template.config/template.json   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
index b48e596f2efe..ea860e3a0c07 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
@@ -349,7 +349,7 @@
       "defaultValue": "InteractivePerPage",
       "displayName": "_Interactivity location",
       "description": "Chooses which components will have interactive rendering enabled",
-      "isEnabled": "(InteractivityPlatform != \"None\")",
+      "isEnabled": "(InteractivityPlatform != \"None\" && auth == \"None\")",
       "choices": [
         {
           "choice": "InteractivePerPage",
@@ -413,7 +413,7 @@
     "AllInteractive": {
       "type": "parameter",
       "datatype": "bool",
-      "isEnabled": "(InteractivityPlatform != \"None\")",
+      "isEnabled": "(InteractivityPlatform != \"None\" && auth == \"None\")",
       "defaultValue": "false",
       "displayName": "_Enable interactive rendering globally throughout the site",
       "description": "Configures whether to make every page interactive by applying an interactive render mode at the top level. If false, pages will use static server rendering by default, and can be marked interactive on a per-page or per-component basis."

From 5462e42a630c26086a7a1276cc230e668f379ee5 Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Wed, 20 Sep 2023 14:30:18 -0700
Subject: [PATCH 12/18] Fix UseWebAssembly && !SampleContent

---
 .../BlazorWeb-CSharp/Program.Main.cs            | 17 ++++++++++-------
 .../BlazorWeb-CSharp/Program.cs                 |  9 ++++++---
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
index 960bc5731923..76f0fe687aef 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
@@ -7,7 +7,7 @@
 using Microsoft.AspNetCore.Identity.UI.Services;
 using Microsoft.EntityFrameworkCore;
 #endif
-#if (UseWebAssembly)
+#if (UseWebAssembly && SampleContent)
 using BlazorWeb_CSharp.Client.Pages;
 #endif
 using BlazorWeb_CSharp.Components;
@@ -104,19 +104,22 @@ public static void Main(string[] args)
 
         #if (UseServer && UseWebAssembly)
         app.MapRazorComponents<App>()
-          .AddInteractiveServerRenderMode()
-          .AddInteractiveWebAssemblyRenderMode()
-          .AddAdditionalAssemblies(typeof(Counter).Assembly);
+            .AddInteractiveServerRenderMode()
+            .AddInteractiveWebAssemblyRenderMode()
         #elif (UseServer)
         app.MapRazorComponents<App>()
-          .AddInteractiveServerRenderMode();
+            .AddInteractiveServerRenderMode();
         #elif (UseWebAssembly)
         app.MapRazorComponents<App>()
-          .AddInteractiveWebAssemblyRenderMode()
-          .AddAdditionalAssemblies(typeof(Counter).Assembly);
+            .AddInteractiveWebAssemblyRenderMode()
         #else
         app.MapRazorComponents<App>();
         #endif
+        #if (UseWebAssembly && SampleContent)
+            .AddAdditionalAssemblies(typeof(Counter).Assembly);
+        #elif (UseWebAssembly)
+            .AddAdditionalAssemblies(typeof(Client._Imports).Assembly);
+        #endif
 
         #if (IndividualLocalAuth)
         // Add additional endpoints required by the Identity /Account Razor components.
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
index 4c562b56900a..3fcede5135f5 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
@@ -7,7 +7,7 @@
 using Microsoft.AspNetCore.Identity.UI.Services;
 using Microsoft.EntityFrameworkCore;
 #endif
-#if (UseWebAssembly)
+#if (UseWebAssembly && SampleContent)
 using BlazorWeb_CSharp.Client.Pages;
 #endif
 using BlazorWeb_CSharp.Components;
@@ -101,17 +101,20 @@
 app.MapRazorComponents<App>()
     .AddInteractiveServerRenderMode()
     .AddInteractiveWebAssemblyRenderMode()
-    .AddAdditionalAssemblies(typeof(Counter).Assembly);
 #elif (UseServer)
 app.MapRazorComponents<App>()
     .AddInteractiveServerRenderMode();
 #elif (UseWebAssembly)
 app.MapRazorComponents<App>()
     .AddInteractiveWebAssemblyRenderMode()
-    .AddAdditionalAssemblies(typeof(Counter).Assembly);
 #else
 app.MapRazorComponents<App>();
 #endif
+#if (UseWebAssembly && SampleContent)
+    .AddAdditionalAssemblies(typeof(Counter).Assembly);
+#elif (UseWebAssembly)
+    .AddAdditionalAssemblies(typeof(BlazorWeb_CSharp.Client._Imports).Assembly);
+#endif
 
 #if (IndividualLocalAuth)
 // Add additional endpoints required by the Identity /Account Razor components.

From bc9bb85bcd17a4ff1b201bc044d677afb439122d Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Thu, 21 Sep 2023 09:46:48 -0700
Subject: [PATCH 13/18] Render ShowRecoveryCodes.razor inline rather than via a
 redirect

---
 .../.template.config/template.json            |   2 +-
 .../ShowRecoveryCodes.razor                   |  19 +---
 .../Account/Manage/EnableAuthenticator.razor  | 103 ++++++++++--------
 .../Manage/GenerateRecoveryCodes.razor        |  58 +++++-----
 4 files changed, 92 insertions(+), 90 deletions(-)
 rename src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/{Pages/Account/Manage => Identity}/ShowRecoveryCodes.razor (63%)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
index ea860e3a0c07..9356b1e5a7a1 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/template.json
@@ -15,7 +15,7 @@
     "4C26868E-5E7C-458D-82E3-040509D0C71F",
     "5990939C-7E7B-4CFA-86FF-44CA5756498A",
     "650B3CE7-2E93-4CC4-9F46-466686815EAA",
-    "53bc9b9d-9d6a-45d4-8429-2a2761773502" // Client ID
+    "53bc9b9d-9d6a-45d4-8429-2a2761773502"
   ],
   "identity": "Microsoft.Web.Blazor.CSharp.8.0",
   "thirdPartyNotices": "https://aka.ms/aspnetcore/8.0-third-party-notices",
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ShowRecoveryCodes.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ShowRecoveryCodes.razor
similarity index 63%
rename from src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ShowRecoveryCodes.razor
rename to src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ShowRecoveryCodes.razor
index da3a2a37992b..cebec61aef19 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ShowRecoveryCodes.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ShowRecoveryCodes.razor
@@ -1,10 +1,4 @@
-@page "/Account/Manage/ShowRecoveryCodes"
-
-@inject NavigationManager NavigationManager
-
-<PageTitle>Recovery codes</PageTitle>
-
-<StatusMessage />
+<StatusMessage Message="@StatusMessage" />
 <h3>Recovery codes</h3>
 <div class="alert alert-warning" role="alert">
     <p>
@@ -30,14 +24,9 @@
 </div>
 
 @code {
-    [SupplyParameterFromQuery]
+    [Parameter]
     public string[] RecoveryCodes { get; set; } = default!;
 
-    protected override void OnInitialized()
-    {
-        if (RecoveryCodes is not { Length: > 0 })
-        {
-            NavigationManager.RedirectTo("/Account/Manage/TwoFactorAuthentication");
-        }
-    }
+    [Parameter]
+    public string StatusMessage { get; set; } = default!;
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
index 627f76429d3d..0427e3ffd860 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
@@ -15,49 +15,56 @@
 
 <PageTitle>Configure authenticator app</PageTitle>
 
-<StatusMessage />
-<h3>Configure authenticator app</h3>
-<div>
-    <p>To use an authenticator app go through the following steps:</p>
-    <ol class="list">
-        <li>
-            <p>
-                Download a two-factor authenticator app like Microsoft Authenticator for
-                <a href="https://go.microsoft.com/fwlink/?Linkid=825072">Android</a> and
-                <a href="https://go.microsoft.com/fwlink/?Linkid=825073">iOS</a> or
-                Google Authenticator for
-                <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&amp;hl=en">Android</a> and
-                <a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8">iOS</a>.
-            </p>
-        </li>
-        <li>
-            <p>Scan the QR Code or enter this key <kbd>@_sharedKey</kbd> into your two factor authenticator app. Spaces and casing do not matter.</p>
-            <div class="alert alert-info">Learn how to <a href="https://go.microsoft.com/fwlink/?Linkid=852423">enable QR code generation</a>.</div>
-            <div id="qrCode"></div>
-            <div id="qrCodeData" data-url="@_authenticatorUri"></div>
-        </li>
-        <li>
-            <p>
-                Once you have scanned the QR code or input the key above, your two factor authentication app will provide you
-                with a unique code. Enter the code in the confirmation box below.
-            </p>
-            <div class="row">
-                <div class="col-md-6">
-                    <EditForm id="send-code" Model="Input" FormName="send-code" OnValidSubmit="OnValidSubmitAsync" method="post">
-                        <DataAnnotationsValidator />
-                        <div class="form-floating mb-3">
-                            <InputText id="code" @bind-Value="Input.Code" class="form-control" autocomplete="off" placeholder="Please enter the code." />
-                            <label for="code" class="control-label form-label">Verification Code</label>
-                            <ValidationMessage For="() => Input.Code" class="text-danger" />
-                        </div>
-                        <button type="submit" class="w-100 btn btn-lg btn-primary">Verify</button>
-                        <ValidationSummary class="text-danger" />
-                    </EditForm>
+@if (_recoveryCodes is not null)
+{
+    <ShowRecoveryCodes RecoveryCodes="_recoveryCodes.ToArray()" StatusMessage="@_statusMessage" />
+}
+else
+{
+    <StatusMessage />
+    <h3>Configure authenticator app</h3>
+    <div>
+        <p>To use an authenticator app go through the following steps:</p>
+        <ol class="list">
+            <li>
+                <p>
+                    Download a two-factor authenticator app like Microsoft Authenticator for
+                    <a href="https://go.microsoft.com/fwlink/?Linkid=825072">Android</a> and
+                    <a href="https://go.microsoft.com/fwlink/?Linkid=825073">iOS</a> or
+                    Google Authenticator for
+                    <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&amp;hl=en">Android</a> and
+                    <a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8">iOS</a>.
+                </p>
+            </li>
+            <li>
+                <p>Scan the QR Code or enter this key <kbd>@_sharedKey</kbd> into your two factor authenticator app. Spaces and casing do not matter.</p>
+                <div class="alert alert-info">Learn how to <a href="https://go.microsoft.com/fwlink/?Linkid=852423">enable QR code generation</a>.</div>
+                <div id="qrCode"></div>
+                <div id="qrCodeData" data-url="@_authenticatorUri"></div>
+            </li>
+            <li>
+                <p>
+                    Once you have scanned the QR code or input the key above, your two factor authentication app will provide you
+                    with a unique code. Enter the code in the confirmation box below.
+                </p>
+                <div class="row">
+                    <div class="col-md-6">
+                        <EditForm id="send-code" Model="Input" FormName="send-code" OnValidSubmit="OnValidSubmitAsync" method="post">
+                            <DataAnnotationsValidator />
+                            <div class="form-floating mb-3">
+                                <InputText id="code" @bind-Value="Input.Code" class="form-control" autocomplete="off" placeholder="Please enter the code." />
+                                <label for="code" class="control-label form-label">Verification Code</label>
+                                <ValidationMessage For="() => Input.Code" class="text-danger" />
+                            </div>
+                            <button type="submit" class="w-100 btn btn-lg btn-primary">Verify</button>
+                            <ValidationSummary class="text-danger" />
+                        </EditForm>
+                    </div>
                 </div>
-            </div>
-        </li>
-    </ol>
-</div>
+            </li>
+        </ol>
+    </div>
+}
 
 @code {
     private const string AuthenticatorUriFormat = "otpauth://totp/{0}:{1}?secret={2}&issuer={0}&digits=6";
@@ -66,6 +73,9 @@
     private string? _sharedKey;
     private string? _authenticatorUri;
 
+    private IEnumerable<string>? _recoveryCodes;
+    private string? _statusMessage;
+
     [SupplyParameterFromForm]
     private InputModel Input { get; set; } = default!;
 
@@ -97,20 +107,17 @@
         var userId = await UserManager.GetUserIdAsync(_user);
         Logger.LogInformation("User with ID '{UserId}' has enabled 2FA with an authenticator app.", userId);
 
-        var message = "Your authenticator app has been verified.";
+        _statusMessage = "Your authenticator app has been verified.";
 
         if (await UserManager.CountRecoveryCodesAsync(_user) == 0)
         {
-            var recoveryCodes = await UserManager.GenerateNewTwoFactorRecoveryCodesAsync(_user, 10);
-            NavigationManager.RedirectTo(
-                "/Account/Manage/ShowRecoveryCodes",
-                new() { ["Message"] = message, ["RecoveryCodes"] = recoveryCodes?.ToArray() });
+           _recoveryCodes = await UserManager.GenerateNewTwoFactorRecoveryCodesAsync(_user, 10);
         }
         else
         {
             NavigationManager.RedirectTo(
                 "/Account/Manage/TwoFactorAuthentication",
-                new() { ["Message"] = message });
+                new() { ["Message"] = _statusMessage });
         }
     }
 
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor
index a067291cf7d3..8adcae6739b1 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor
@@ -10,31 +10,40 @@
 
 <PageTitle>Generate two-factor authentication (2FA) recovery codes</PageTitle>
 
-<StatusMessage />
-<h3>Generate two-factor authentication (2FA) recovery codes</h3>
-<div class="alert alert-warning" role="alert">
-    <p>
-        <span class="glyphicon glyphicon-warning-sign"></span>
-        <strong>Put these codes in a safe place.</strong>
-    </p>
-    <p>
-        If you lose your device and don't have the recovery codes you will lose access to your account.
-    </p>
-    <p>
-        Generating new recovery codes does not change the keys used in authenticator apps. If you wish to change the key
-        used in an authenticator app you should <a href="/Account/Manage/ResetAuthenticator">reset your authenticator keys.</a>
-    </p>
-</div>
-<div>
-    <form @formname="generate-recovery-codes" @onsubmit="OnSubmitAsync" method="post">
-        <AntiforgeryToken />
-        <button class="btn btn-danger" type="submit">Generate Recovery Codes</button>
-    </form>
-</div>
+@if (_recoveryCodes is not null)
+{
+    <ShowRecoveryCodes RecoveryCodes="_recoveryCodes.ToArray()" StatusMessage="@_statusMessage" />
+}
+else
+{
+    <h3>Generate two-factor authentication (2FA) recovery codes</h3>
+    <div class="alert alert-warning" role="alert">
+        <p>
+            <span class="glyphicon glyphicon-warning-sign"></span>
+            <strong>Put these codes in a safe place.</strong>
+        </p>
+        <p>
+            If you lose your device and don't have the recovery codes you will lose access to your account.
+        </p>
+        <p>
+            Generating new recovery codes does not change the keys used in authenticator apps. If you wish to change the key
+            used in an authenticator app you should <a href="/Account/Manage/ResetAuthenticator">reset your authenticator keys.</a>
+        </p>
+    </div>
+    <div>
+        <form @formname="generate-recovery-codes" @onsubmit="OnSubmitAsync" method="post">
+            <AntiforgeryToken />
+            <button class="btn btn-danger" type="submit">Generate Recovery Codes</button>
+        </form>
+    </div>
+}
 
 @code {
     private ApplicationUser _user = default!;
 
+    private IEnumerable<string>? _recoveryCodes;
+    private string? _statusMessage;
+
     protected override async Task OnInitializedAsync()
     {
         _user = await UserAccessor.GetRequiredUserAsync();
@@ -49,12 +58,9 @@
     private async Task OnSubmitAsync()
     {
         var userId = await UserManager.GetUserIdAsync(_user);
-        var recoveryCodes = await UserManager.GenerateNewTwoFactorRecoveryCodesAsync(_user, 10);
-        var message = "You have generated new recovery codes.";
+        _recoveryCodes = await UserManager.GenerateNewTwoFactorRecoveryCodesAsync(_user, 10);
+        _statusMessage = "You have generated new recovery codes.";
 
         Logger.LogInformation("User with ID '{UserId}' has generated new 2FA recovery codes.", userId);
-        NavigationManager.RedirectTo(
-            "/Account/Manage/ShowRecoveryCodes",
-            new() { ["Message"] = message, ["RecoveryCodes"] = recoveryCodes?.ToArray() });
     }
 }

From c55ba808839c362951b9909966286a0b7b120605 Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Thu, 21 Sep 2023 10:16:26 -0700
Subject: [PATCH 14/18] Fix .razor BOMs

---
 .../content/BlazorWeb-CSharp/.template.config/ide.host.json  | 5 -----
 .../BlazorWeb-CSharp/Components/Identity/LogoutForm.razor    | 2 +-
 .../BlazorWeb-CSharp/Components/Pages/Account/_Imports.razor | 2 +-
 .../BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs        | 3 ++-
 4 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json
index e503b5ab084e..5c5a1d00b7f4 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/.template.config/ide.host.json
@@ -20,11 +20,6 @@
       "persistenceScope": "shared",
       "persistenceScopeName": "Microsoft"
     },
-    {
-      "id": "auth",
-      "isVisible": true,
-      "persistenceScope": "templateGroup"
-    },
     {
       "id": "UseProgramMain",
       "isVisible": true,
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor
index 71b82c8c35e5..cb5aa70c84a3 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor
@@ -1,4 +1,4 @@
-@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.Identity
 @using BlazorWeb_CSharp.Data
 
 @inject SignInManager<ApplicationUser> SignInManager
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/_Imports.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/_Imports.razor
index 3856badae708..dfb627bc86ad 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/_Imports.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/_Imports.razor
@@ -1 +1 @@
-@using BlazorWeb_CSharp.Components.Identity
+@using BlazorWeb_CSharp.Components.Identity
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
index 76f0fe687aef..87e21015aac9 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
@@ -52,10 +52,11 @@ public static void Main(string[] args)
         builder.Services.AddScoped<AuthenticationStateProvider, PersistingServerAuthenticationStateProvider>();
         #else
         builder.Services.AddScoped<AuthenticationStateProvider, ServerAuthenticationStateProvider>();
+        #endif
 
+        #if (!UseServer)
         builder.Services.AddAuthorization();
         #endif
-
         builder.Services.AddAuthentication(IdentityConstants.ApplicationScheme)
             .AddIdentityCookies();
 

From e08525c1c9131b6e87bcb48039577ebefa482487 Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Thu, 21 Sep 2023 11:42:40 -0700
Subject: [PATCH 15/18] Add template baselines

---
 .../test/Templates.Tests/BaselineTest.cs      |   2 +-
 .../Templates.Tests/template-baselines.json   | 447 ++++++++++++++++++
 2 files changed, 448 insertions(+), 1 deletion(-)

diff --git a/src/ProjectTemplates/test/Templates.Tests/BaselineTest.cs b/src/ProjectTemplates/test/Templates.Tests/BaselineTest.cs
index 519c716ec689..6976794a0532 100644
--- a/src/ProjectTemplates/test/Templates.Tests/BaselineTest.cs
+++ b/src/ProjectTemplates/test/Templates.Tests/BaselineTest.cs
@@ -100,7 +100,7 @@ public async Task Template_Produces_The_Right_Set_Of_FilesAsync(string arguments
             }
             Assert.Contains(relativePath, expectedFiles);
 
-            if (relativePath.EndsWith(".cs", StringComparison.Ordinal))
+            if (relativePath.EndsWith(".cs", StringComparison.Ordinal) && !relativePath.EndsWith("Extensions.cs", StringComparison.Ordinal))
             {
                 var namespaceDeclarationPrefix = "namespace ";
                 var namespaceDeclaration = File.ReadLines(file)
diff --git a/src/ProjectTemplates/test/Templates.Tests/template-baselines.json b/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
index 6b982d80f7b2..f97216f57fd7 100644
--- a/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
+++ b/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
@@ -529,6 +529,77 @@
       ],
       "AuthOption": "None"
     },
+    "NoInteractivityWithIndividualAuth": {
+      "Template": "blazor",
+      "Arguments": "new blazor --interactivity none --auth Individual",
+      "Files": [
+        "app.db",
+        "appsettings.Development.json",
+        "appsettings.json",
+        "{ProjectName}.csproj",
+        "Program.cs",
+        "Components/App.razor",
+        "Components/Routes.razor",
+        "Components/_Imports.razor",
+        "Components/Identity/ExternalLoginPicker.razor",
+        "Components/Identity/LogoutForm.razor",
+        "Components/Identity/ShowRecoveryCodes.razor",
+        "Components/Identity/StatusMessage.razor",
+        "Components/Layout/MainLayout.razor",
+        "Components/Layout/MainLayout.razor.css",
+        "Components/Layout/ManageLayout.razor",
+        "Components/Layout/ManageNavMenu.razor",
+        "Components/Layout/NavMenu.razor",
+        "Components/Layout/NavMenu.razor.css",
+        "Components/Pages/Auth.razor",
+        "Components/Pages/Home.razor",
+        "Components/Pages/Weather.razor",
+        "Components/Pages/Account/_Imports.razor",
+        "Components/Pages/Account/ConfirmEmail.razor",
+        "Components/Pages/Account/ConfirmEmailChange.razor",
+        "Components/Pages/Account/ExternalLogin.razor",
+        "Components/Pages/Account/ForgotPassword.razor",
+        "Components/Pages/Account/ForgotPasswordConfirmation.razor",
+        "Components/Pages/Account/InvalidPasswordReset.razor",
+        "Components/Pages/Account/InvalidUser.razor",
+        "Components/Pages/Account/Lockout.razor",
+        "Components/Pages/Account/Login.razor",
+        "Components/Pages/Account/LoginWith2fa.razor",
+        "Components/Pages/Account/LoginWithRecoveryCode.razor",
+        "Components/Pages/Account/Register.razor",
+        "Components/Pages/Account/RegisterConfirmation.razor",
+        "Components/Pages/Account/ResendEmailConfirmation.razor",
+        "Components/Pages/Account/ResetPassword.razor",
+        "Components/Pages/Account/ResetPasswordConfirmation.razor",
+        "Components/Pages/Account/Manage/_Imports.razor",
+        "Components/Pages/Account/Manage/ChangePassword.razor",
+        "Components/Pages/Account/Manage/DeletePersonalData.razor",
+        "Components/Pages/Account/Manage/Disable2fa.razor",
+        "Components/Pages/Account/Manage/Email.razor",
+        "Components/Pages/Account/Manage/EnableAuthenticator.razor",
+        "Components/Pages/Account/Manage/ExternalLogins.razor",
+        "Components/Pages/Account/Manage/GenerateRecoveryCodes.razor",
+        "Components/Pages/Account/Manage/Index.razor",
+        "Components/Pages/Account/Manage/PersonalData.razor",
+        "Components/Pages/Account/Manage/ResetAuthenticator.razor",
+        "Components/Pages/Account/Manage/SetPassword.razor",
+        "Components/Pages/Account/Manage/TwoFactorAuthentication.razor",
+        "Data/ApplicationDbContext.cs",
+        "Data/ApplicationUser.cs",
+        "Data/UserAccessor.cs",
+        "Data/Migrations/00000000000000_CreateIdentitySchema.cs",
+        "Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
+        "Data/Migrations/ApplicationDbContextModelSnapshot.cs",
+        "Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
+        "Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "Properties/launchSettings.json",
+        "wwwroot/app.css",
+        "wwwroot/favicon.png",
+        "wwwroot/bootstrap/bootstrap.min.css",
+        "wwwroot/bootstrap/bootstrap.min.css.map"
+      ],
+      "AuthOption": "Individual"
+    },
     "UseServer": {
       "Template": "blazor",
       "Arguments": "new blazor",
@@ -555,6 +626,151 @@
       ],
       "AuthOption": "None"
     },
+    "UseServerWithIndividualAuth": {
+      "Template": "blazor",
+      "Arguments": "new blazor --auth Individual",
+      "Files": [
+        "app.db",
+        "appsettings.Development.json",
+        "appsettings.json",
+        "{ProjectName}.csproj",
+        "Program.cs",
+        "Components/App.razor",
+        "Components/Routes.razor",
+        "Components/_Imports.razor",
+        "Components/Identity/ExternalLoginPicker.razor",
+        "Components/Identity/LogoutForm.razor",
+        "Components/Identity/ShowRecoveryCodes.razor",
+        "Components/Identity/StatusMessage.razor",
+        "Components/Layout/MainLayout.razor",
+        "Components/Layout/MainLayout.razor.css",
+        "Components/Layout/ManageLayout.razor",
+        "Components/Layout/ManageNavMenu.razor",
+        "Components/Layout/NavMenu.razor",
+        "Components/Layout/NavMenu.razor.css",
+        "Components/Pages/Auth.razor",
+        "Components/Pages/Counter.razor",
+        "Components/Pages/Home.razor",
+        "Components/Pages/Weather.razor",
+        "Components/Pages/Account/_Imports.razor",
+        "Components/Pages/Account/ConfirmEmail.razor",
+        "Components/Pages/Account/ConfirmEmailChange.razor",
+        "Components/Pages/Account/ExternalLogin.razor",
+        "Components/Pages/Account/ForgotPassword.razor",
+        "Components/Pages/Account/ForgotPasswordConfirmation.razor",
+        "Components/Pages/Account/InvalidPasswordReset.razor",
+        "Components/Pages/Account/InvalidUser.razor",
+        "Components/Pages/Account/Lockout.razor",
+        "Components/Pages/Account/Login.razor",
+        "Components/Pages/Account/LoginWith2fa.razor",
+        "Components/Pages/Account/LoginWithRecoveryCode.razor",
+        "Components/Pages/Account/Register.razor",
+        "Components/Pages/Account/RegisterConfirmation.razor",
+        "Components/Pages/Account/ResendEmailConfirmation.razor",
+        "Components/Pages/Account/ResetPassword.razor",
+        "Components/Pages/Account/ResetPasswordConfirmation.razor",
+        "Components/Pages/Account/Manage/_Imports.razor",
+        "Components/Pages/Account/Manage/ChangePassword.razor",
+        "Components/Pages/Account/Manage/DeletePersonalData.razor",
+        "Components/Pages/Account/Manage/Disable2fa.razor",
+        "Components/Pages/Account/Manage/Email.razor",
+        "Components/Pages/Account/Manage/EnableAuthenticator.razor",
+        "Components/Pages/Account/Manage/ExternalLogins.razor",
+        "Components/Pages/Account/Manage/GenerateRecoveryCodes.razor",
+        "Components/Pages/Account/Manage/Index.razor",
+        "Components/Pages/Account/Manage/PersonalData.razor",
+        "Components/Pages/Account/Manage/ResetAuthenticator.razor",
+        "Components/Pages/Account/Manage/SetPassword.razor",
+        "Components/Pages/Account/Manage/TwoFactorAuthentication.razor",
+        "Data/ApplicationDbContext.cs",
+        "Data/ApplicationUser.cs",
+        "Data/UserAccessor.cs",
+        "Data/Migrations/00000000000000_CreateIdentitySchema.cs",
+        "Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
+        "Data/Migrations/ApplicationDbContextModelSnapshot.cs",
+        "Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
+        "Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "Identity/IdentityRevalidatingAuthenticationStateProvider.cs",
+        "Properties/launchSettings.json",
+        "wwwroot/app.css",
+        "wwwroot/favicon.png",
+        "wwwroot/bootstrap/bootstrap.min.css",
+        "wwwroot/bootstrap/bootstrap.min.css.map"
+      ],
+      "AuthOption": "Individual"
+    },
+    "UseServerWithIndividualAuthAndSqlServer": {
+      "Template": "blazor",
+      "Arguments": "new blazor --auth Individual --use-local-db",
+      "Files": [
+        "appsettings.Development.json",
+        "appsettings.json",
+        "{ProjectName}.csproj",
+        "Program.cs",
+        "Components/App.razor",
+        "Components/Routes.razor",
+        "Components/_Imports.razor",
+        "Components/Identity/ExternalLoginPicker.razor",
+        "Components/Identity/LogoutForm.razor",
+        "Components/Identity/ShowRecoveryCodes.razor",
+        "Components/Identity/StatusMessage.razor",
+        "Components/Layout/MainLayout.razor",
+        "Components/Layout/MainLayout.razor.css",
+        "Components/Layout/ManageLayout.razor",
+        "Components/Layout/ManageNavMenu.razor",
+        "Components/Layout/NavMenu.razor",
+        "Components/Layout/NavMenu.razor.css",
+        "Components/Pages/Auth.razor",
+        "Components/Pages/Counter.razor",
+        "Components/Pages/Home.razor",
+        "Components/Pages/Weather.razor",
+        "Components/Pages/Account/_Imports.razor",
+        "Components/Pages/Account/ConfirmEmail.razor",
+        "Components/Pages/Account/ConfirmEmailChange.razor",
+        "Components/Pages/Account/ExternalLogin.razor",
+        "Components/Pages/Account/ForgotPassword.razor",
+        "Components/Pages/Account/ForgotPasswordConfirmation.razor",
+        "Components/Pages/Account/InvalidPasswordReset.razor",
+        "Components/Pages/Account/InvalidUser.razor",
+        "Components/Pages/Account/Lockout.razor",
+        "Components/Pages/Account/Login.razor",
+        "Components/Pages/Account/LoginWith2fa.razor",
+        "Components/Pages/Account/LoginWithRecoveryCode.razor",
+        "Components/Pages/Account/Register.razor",
+        "Components/Pages/Account/RegisterConfirmation.razor",
+        "Components/Pages/Account/ResendEmailConfirmation.razor",
+        "Components/Pages/Account/ResetPassword.razor",
+        "Components/Pages/Account/ResetPasswordConfirmation.razor",
+        "Components/Pages/Account/Manage/_Imports.razor",
+        "Components/Pages/Account/Manage/ChangePassword.razor",
+        "Components/Pages/Account/Manage/DeletePersonalData.razor",
+        "Components/Pages/Account/Manage/Disable2fa.razor",
+        "Components/Pages/Account/Manage/Email.razor",
+        "Components/Pages/Account/Manage/EnableAuthenticator.razor",
+        "Components/Pages/Account/Manage/ExternalLogins.razor",
+        "Components/Pages/Account/Manage/GenerateRecoveryCodes.razor",
+        "Components/Pages/Account/Manage/Index.razor",
+        "Components/Pages/Account/Manage/PersonalData.razor",
+        "Components/Pages/Account/Manage/ResetAuthenticator.razor",
+        "Components/Pages/Account/Manage/SetPassword.razor",
+        "Components/Pages/Account/Manage/TwoFactorAuthentication.razor",
+        "Data/ApplicationDbContext.cs",
+        "Data/ApplicationUser.cs",
+        "Data/UserAccessor.cs",
+        "Data/Migrations/00000000000000_CreateIdentitySchema.cs",
+        "Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
+        "Data/Migrations/ApplicationDbContextModelSnapshot.cs",
+        "Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
+        "Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "Identity/IdentityRevalidatingAuthenticationStateProvider.cs",
+        "Properties/launchSettings.json",
+        "wwwroot/app.css",
+        "wwwroot/favicon.png",
+        "wwwroot/bootstrap/bootstrap.min.css",
+        "wwwroot/bootstrap/bootstrap.min.css.map"
+      ],
+      "AuthOption": "None"
+    },
     "UseWebAssembly": {
       "Template": "blazor",
       "Arguments": "new blazor --interactivity webassembly",
@@ -587,6 +803,87 @@
       ],
       "AuthOption": "None"
     },
+    "UseWebAssemblyWithIndividualAuth": {
+      "Template": "blazor",
+      "Arguments": "new blazor --interactivity webassembly --auth Individual",
+      "Files": [
+        "{ProjectName}.sln",
+        "{ProjectName}/app.db",
+        "{ProjectName}/appsettings.Development.json",
+        "{ProjectName}/appsettings.json",
+        "{ProjectName}/{ProjectName}.csproj",
+        "{ProjectName}/Program.cs",
+        "{ProjectName}/Components/App.razor",
+        "{ProjectName}/Components/Routes.razor",
+        "{ProjectName}/Components/_Imports.razor",
+        "{ProjectName}/Components/Identity/ExternalLoginPicker.razor",
+        "{ProjectName}/Components/Identity/LogoutForm.razor",
+        "{ProjectName}/Components/Identity/ShowRecoveryCodes.razor",
+        "{ProjectName}/Components/Identity/StatusMessage.razor",
+        "{ProjectName}/Components/Layout/MainLayout.razor",
+        "{ProjectName}/Components/Layout/MainLayout.razor.css",
+        "{ProjectName}/Components/Layout/ManageLayout.razor",
+        "{ProjectName}/Components/Layout/ManageNavMenu.razor",
+        "{ProjectName}/Components/Layout/NavMenu.razor",
+        "{ProjectName}/Components/Layout/NavMenu.razor.css",
+        "{ProjectName}/Components/Pages/Home.razor",
+        "{ProjectName}/Components/Pages/Weather.razor",
+        "{ProjectName}/Components/Pages/Account/_Imports.razor",
+        "{ProjectName}/Components/Pages/Account/ConfirmEmail.razor",
+        "{ProjectName}/Components/Pages/Account/ConfirmEmailChange.razor",
+        "{ProjectName}/Components/Pages/Account/ExternalLogin.razor",
+        "{ProjectName}/Components/Pages/Account/ForgotPassword.razor",
+        "{ProjectName}/Components/Pages/Account/ForgotPasswordConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/InvalidPasswordReset.razor",
+        "{ProjectName}/Components/Pages/Account/InvalidUser.razor",
+        "{ProjectName}/Components/Pages/Account/Lockout.razor",
+        "{ProjectName}/Components/Pages/Account/Login.razor",
+        "{ProjectName}/Components/Pages/Account/LoginWith2fa.razor",
+        "{ProjectName}/Components/Pages/Account/LoginWithRecoveryCode.razor",
+        "{ProjectName}/Components/Pages/Account/Register.razor",
+        "{ProjectName}/Components/Pages/Account/RegisterConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/ResendEmailConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/ResetPassword.razor",
+        "{ProjectName}/Components/Pages/Account/ResetPasswordConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/_Imports.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/ChangePassword.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/DeletePersonalData.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/Disable2fa.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/Email.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/EnableAuthenticator.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/ExternalLogins.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/Index.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/PersonalData.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/ResetAuthenticator.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/SetPassword.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/TwoFactorAuthentication.razor",
+        "{ProjectName}/Data/ApplicationDbContext.cs",
+        "{ProjectName}/Data/ApplicationUser.cs",
+        "{ProjectName}/Data/UserAccessor.cs",
+        "{ProjectName}/Data/Migrations/00000000000000_CreateIdentitySchema.cs",
+        "{ProjectName}/Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
+        "{ProjectName}/Data/Migrations/ApplicationDbContextModelSnapshot.cs",
+        "{ProjectName}/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
+        "{ProjectName}/Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "{ProjectName}/Identity/PersistingServerAuthenticationStateProvider.cs",
+        "{ProjectName}/Properties/launchSettings.json",
+        "{ProjectName}/wwwroot/app.css",
+        "{ProjectName}/wwwroot/favicon.png",
+        "{ProjectName}/wwwroot/bootstrap/bootstrap.min.css",
+        "{ProjectName}/wwwroot/bootstrap/bootstrap.min.css.map",
+        "{ProjectName}.Client/{ProjectName}.Client.csproj",
+        "{ProjectName}.Client/PersistentAuthenticationStateProvider.cs",
+        "{ProjectName}.Client/Program.cs",
+        "{ProjectName}.Client/UserInfo.cs",
+        "{ProjectName}.Client/_Imports.razor",
+        "{ProjectName}.Client/Pages/Counter.razor",
+        "{ProjectName}.Client/Pages/Auth.razor",
+        "{ProjectName}.Client/wwwroot/appsettings.Development.json",
+        "{ProjectName}.Client/wwwroot/appsettings.json"
+      ],
+      "AuthOption": "Individual"
+    },
     "UseServerAndWebAssembly": {
       "Template": "blazor",
       "Arguments": "new blazor --interactivity auto",
@@ -619,6 +916,87 @@
       ],
       "AuthOption": "None"
     },
+    "UseServerAndWebAssemblyWithIndividualAuth": {
+      "Template": "blazor",
+      "Arguments": "new blazor --interactivity auto --auth Individual",
+      "Files": [
+        "{ProjectName}.sln",
+        "{ProjectName}/app.db",
+        "{ProjectName}/appsettings.Development.json",
+        "{ProjectName}/appsettings.json",
+        "{ProjectName}/{ProjectName}.csproj",
+        "{ProjectName}/Program.cs",
+        "{ProjectName}/Components/App.razor",
+        "{ProjectName}/Components/Routes.razor",
+        "{ProjectName}/Components/_Imports.razor",
+        "{ProjectName}/Components/Identity/ExternalLoginPicker.razor",
+        "{ProjectName}/Components/Identity/LogoutForm.razor",
+        "{ProjectName}/Components/Identity/ShowRecoveryCodes.razor",
+        "{ProjectName}/Components/Identity/StatusMessage.razor",
+        "{ProjectName}/Components/Layout/MainLayout.razor",
+        "{ProjectName}/Components/Layout/MainLayout.razor.css",
+        "{ProjectName}/Components/Layout/ManageLayout.razor",
+        "{ProjectName}/Components/Layout/ManageNavMenu.razor",
+        "{ProjectName}/Components/Layout/NavMenu.razor",
+        "{ProjectName}/Components/Layout/NavMenu.razor.css",
+        "{ProjectName}/Components/Pages/Home.razor",
+        "{ProjectName}/Components/Pages/Weather.razor",
+        "{ProjectName}/Components/Pages/Account/_Imports.razor",
+        "{ProjectName}/Components/Pages/Account/ConfirmEmail.razor",
+        "{ProjectName}/Components/Pages/Account/ConfirmEmailChange.razor",
+        "{ProjectName}/Components/Pages/Account/ExternalLogin.razor",
+        "{ProjectName}/Components/Pages/Account/ForgotPassword.razor",
+        "{ProjectName}/Components/Pages/Account/ForgotPasswordConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/InvalidPasswordReset.razor",
+        "{ProjectName}/Components/Pages/Account/InvalidUser.razor",
+        "{ProjectName}/Components/Pages/Account/Lockout.razor",
+        "{ProjectName}/Components/Pages/Account/Login.razor",
+        "{ProjectName}/Components/Pages/Account/LoginWith2fa.razor",
+        "{ProjectName}/Components/Pages/Account/LoginWithRecoveryCode.razor",
+        "{ProjectName}/Components/Pages/Account/Register.razor",
+        "{ProjectName}/Components/Pages/Account/RegisterConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/ResendEmailConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/ResetPassword.razor",
+        "{ProjectName}/Components/Pages/Account/ResetPasswordConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/_Imports.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/ChangePassword.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/DeletePersonalData.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/Disable2fa.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/Email.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/EnableAuthenticator.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/ExternalLogins.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/Index.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/PersonalData.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/ResetAuthenticator.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/SetPassword.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/TwoFactorAuthentication.razor",
+        "{ProjectName}/Data/ApplicationDbContext.cs",
+        "{ProjectName}/Data/ApplicationUser.cs",
+        "{ProjectName}/Data/UserAccessor.cs",
+        "{ProjectName}/Data/Migrations/00000000000000_CreateIdentitySchema.cs",
+        "{ProjectName}/Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
+        "{ProjectName}/Data/Migrations/ApplicationDbContextModelSnapshot.cs",
+        "{ProjectName}/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
+        "{ProjectName}/Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "{ProjectName}/Identity/PersistingRevalidatingAuthenticationStateProvider.cs",
+        "{ProjectName}/Properties/launchSettings.json",
+        "{ProjectName}/wwwroot/app.css",
+        "{ProjectName}/wwwroot/favicon.png",
+        "{ProjectName}/wwwroot/bootstrap/bootstrap.min.css",
+        "{ProjectName}/wwwroot/bootstrap/bootstrap.min.css.map",
+        "{ProjectName}.Client/{ProjectName}.Client.csproj",
+        "{ProjectName}.Client/PersistentAuthenticationStateProvider.cs",
+        "{ProjectName}.Client/Program.cs",
+        "{ProjectName}.Client/UserInfo.cs",
+        "{ProjectName}.Client/_Imports.razor",
+        "{ProjectName}.Client/Pages/Counter.razor",
+        "{ProjectName}.Client/Pages/Auth.razor",
+        "{ProjectName}.Client/wwwroot/appsettings.Development.json",
+        "{ProjectName}.Client/wwwroot/appsettings.json"
+      ],
+      "AuthOption": "Individual"
+    },
     "UseServerInteractiveAtRoot": {
       "Template": "blazor",
       "Arguments": "new blazor --all-interactive",
@@ -792,6 +1170,75 @@
         "{ProjectName}.Client/_Imports.razor"
       ],
       "AuthOption": "None"
+    },
+    "EmptyUseServerAndWebAssemblyWithIndividualAuth": {
+      "Template": "blazor",
+      "Arguments": "new blazor --interactivity auto --empty --auth Individual",
+      "Files": [
+        "{ProjectName}.sln",
+        "{ProjectName}/app.db",
+        "{ProjectName}/appsettings.Development.json",
+        "{ProjectName}/appsettings.json",
+        "{ProjectName}/{ProjectName}.csproj",
+        "{ProjectName}/Program.cs",
+        "{ProjectName}/Components/App.razor",
+        "{ProjectName}/Components/Routes.razor",
+        "{ProjectName}/Components/_Imports.razor",
+        "{ProjectName}/Components/Identity/ExternalLoginPicker.razor",
+        "{ProjectName}/Components/Identity/LogoutForm.razor",
+        "{ProjectName}/Components/Identity/ShowRecoveryCodes.razor",
+        "{ProjectName}/Components/Identity/StatusMessage.razor",
+        "{ProjectName}/Components/Layout/ManageLayout.razor",
+        "{ProjectName}/Components/Layout/ManageNavMenu.razor",
+        "{ProjectName}/Components/Pages/Home.razor",
+        "{ProjectName}/Components/Pages/Account/_Imports.razor",
+        "{ProjectName}/Components/Pages/Account/ConfirmEmail.razor",
+        "{ProjectName}/Components/Pages/Account/ConfirmEmailChange.razor",
+        "{ProjectName}/Components/Pages/Account/ExternalLogin.razor",
+        "{ProjectName}/Components/Pages/Account/ForgotPassword.razor",
+        "{ProjectName}/Components/Pages/Account/ForgotPasswordConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/InvalidPasswordReset.razor",
+        "{ProjectName}/Components/Pages/Account/InvalidUser.razor",
+        "{ProjectName}/Components/Pages/Account/Lockout.razor",
+        "{ProjectName}/Components/Pages/Account/Login.razor",
+        "{ProjectName}/Components/Pages/Account/LoginWith2fa.razor",
+        "{ProjectName}/Components/Pages/Account/LoginWithRecoveryCode.razor",
+        "{ProjectName}/Components/Pages/Account/Register.razor",
+        "{ProjectName}/Components/Pages/Account/RegisterConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/ResendEmailConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/ResetPassword.razor",
+        "{ProjectName}/Components/Pages/Account/ResetPasswordConfirmation.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/_Imports.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/ChangePassword.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/DeletePersonalData.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/Disable2fa.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/Email.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/EnableAuthenticator.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/ExternalLogins.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/Index.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/PersonalData.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/ResetAuthenticator.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/SetPassword.razor",
+        "{ProjectName}/Components/Pages/Account/Manage/TwoFactorAuthentication.razor",
+        "{ProjectName}/Data/ApplicationDbContext.cs",
+        "{ProjectName}/Data/ApplicationUser.cs",
+        "{ProjectName}/Data/UserAccessor.cs",
+        "{ProjectName}/Data/Migrations/00000000000000_CreateIdentitySchema.cs",
+        "{ProjectName}/Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
+        "{ProjectName}/Data/Migrations/ApplicationDbContextModelSnapshot.cs",
+        "{ProjectName}/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
+        "{ProjectName}/Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "{ProjectName}/Identity/PersistingRevalidatingAuthenticationStateProvider.cs",
+        "{ProjectName}/Properties/launchSettings.json",
+        "{ProjectName}/wwwroot/app.css",
+        "{ProjectName}.Client/{ProjectName}.Client.csproj",
+        "{ProjectName}.Client/PersistentAuthenticationStateProvider.cs",
+        "{ProjectName}.Client/Program.cs",
+        "{ProjectName}.Client/UserInfo.cs",
+        "{ProjectName}.Client/_Imports.razor"
+      ],
+      "AuthOption": "Individual"
     }
   },
   "web": {

From 4baa37a58e39fbcfafc9db226b115936c10306c2 Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Thu, 21 Sep 2023 12:26:49 -0700
Subject: [PATCH 16/18] Fix EmptyUseServerAndWebAssemblyWithIndividualAuth
 baseline

---
 .../Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in    | 10 ++++++++--
 .../test/Templates.Tests/template-baselines.json       |  2 ++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in b/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in
index 177eabb7b5d2..d676d90df723 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in
+++ b/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in
@@ -9,8 +9,14 @@
     <RootNamespace Condition="'$(name)' != '$(name{-VALUE-FORMS-}safe_namespace)'">BlazorWeb-CSharp</RootNamespace>
     <AssemblyName Condition="'$(name)' != '$(name{-VALUE-FORMS-}safe_namespace)'">`$(AssemblyName.Replace(' ', '_'))</AssemblyName>
   </PropertyGroup>
-  <!--#if (UseWebAssembly || IndividualLocalAuth) -->
 
+  <!--#if (IndividualLocalAuth && !UseLocalDB) -->
+  <ItemGroup>
+    <None Update="app.db" CopyToOutputDirectory="PreserveNewest" ExcludeFromSingleFile="true" />
+  </ItemGroup>
+
+  <!--#endif -->
+  <!--#if (UseWebAssembly || IndividualLocalAuth) -->
   <ItemGroup>
     <ProjectReference Include="..\BlazorWeb-CSharp.Client\BlazorWeb-CSharp.Client.csproj" Condition="'$(UseWebAssembly)' == 'True'" />
     <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="${MicrosoftAspNetCoreComponentsWebAssemblyServerVersion}" Condition="'$(UseWebAssembly)' == 'True'" />
@@ -20,6 +26,6 @@
     <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="${MicrosoftEntityFrameworkCoreSqlServerVersion}" Condition="'$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' == 'True'" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="${MicrosoftEntityFrameworkCoreToolsVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
   </ItemGroup>
-  <!--#endif -->
 
+  <!--#endif -->
 </Project>
diff --git a/src/ProjectTemplates/test/Templates.Tests/template-baselines.json b/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
index f97216f57fd7..b25b2cc5124e 100644
--- a/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
+++ b/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
@@ -1188,6 +1188,8 @@
         "{ProjectName}/Components/Identity/LogoutForm.razor",
         "{ProjectName}/Components/Identity/ShowRecoveryCodes.razor",
         "{ProjectName}/Components/Identity/StatusMessage.razor",
+        "{ProjectName}/Components/Layout/MainLayout.razor",
+        "{ProjectName}/Components/Layout/MainLayout.razor.css",
         "{ProjectName}/Components/Layout/ManageLayout.razor",
         "{ProjectName}/Components/Layout/ManageNavMenu.razor",
         "{ProjectName}/Components/Pages/Home.razor",

From 75133d9f75c6d86dedc11d2b3b42a855a6013c8a Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Thu, 21 Sep 2023 16:23:59 -0700
Subject: [PATCH 17/18] Add IdentityRedirectManager

---
 .../Identity/ExternalLoginPicker.razor        |  3 +-
 .../Components/Identity/LogoutForm.razor      |  4 +-
 .../Components/Identity/StatusMessage.razor   | 17 +++--
 .../Pages/Account/ConfirmEmail.razor          |  7 ++-
 .../Pages/Account/ConfirmEmailChange.razor    |  8 +--
 .../Pages/Account/ExternalLogin.razor         | 20 +++---
 .../Pages/Account/ForgotPassword.razor        | 20 +++---
 .../Components/Pages/Account/Login.razor      | 10 +--
 .../Pages/Account/LoginWith2fa.razor          | 11 ++--
 .../Pages/Account/LoginWithRecoveryCode.razor |  7 ++-
 .../Pages/Account/Manage/ChangePassword.razor |  7 ++-
 .../Account/Manage/DeletePersonalData.razor   |  5 +-
 .../Pages/Account/Manage/Disable2fa.razor     |  7 ++-
 .../Pages/Account/Manage/Email.razor          |  8 ++-
 .../Account/Manage/EnableAuthenticator.razor  | 15 +++--
 .../Pages/Account/Manage/ExternalLogins.razor | 15 ++---
 .../Manage/GenerateRecoveryCodes.razor        |  9 +--
 .../Pages/Account/Manage/Index.razor          |  7 ++-
 .../Account/Manage/ResetAuthenticator.razor   |  9 +--
 .../Pages/Account/Manage/SetPassword.razor    |  7 ++-
 .../Manage/TwoFactorAuthentication.razor      | 11 ++--
 .../Components/Pages/Account/Register.razor   |  8 ++-
 .../Pages/Account/RegisterConfirmation.razor  |  6 +-
 .../Account/ResendEmailConfirmation.razor     |  2 +
 .../Pages/Account/ResetPassword.razor         | 23 +++----
 .../BlazorWeb-CSharp/Data/UserAccessor.cs     | 12 ++--
 .../RedirectNavigationManagerExtensions.cs    | 38 -----------
 .../Identity/IdentityRedirectManager.cs       | 63 +++++++++++++++++++
 .../BlazorWeb-CSharp/Program.Main.cs          |  1 +
 .../BlazorWeb-CSharp/Program.cs               |  1 +
 .../Templates.Tests/template-baselines.json   | 12 ++--
 31 files changed, 215 insertions(+), 158 deletions(-)
 delete mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/RedirectNavigationManagerExtensions.cs
 create mode 100644 src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRedirectManager.cs

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ExternalLoginPicker.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ExternalLoginPicker.razor
index d67edc9db99a..5c33681f7021 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ExternalLoginPicker.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/ExternalLoginPicker.razor
@@ -2,9 +2,10 @@
 @using Microsoft.AspNetCore.Identity
 @using BlazorWeb_CSharp.Components.Pages.Account
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject SignInManager<ApplicationUser> SignInManager
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 @if ((_externalLogins?.Count ?? 0) == 0)
 {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor
index cb5aa70c84a3..a08c78fc4cdc 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/LogoutForm.razor
@@ -1,8 +1,10 @@
 @using Microsoft.AspNetCore.Identity
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject SignInManager<ApplicationUser> SignInManager
 @inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <form @onsubmit="OnSubmitAsync" @formname="logout" method="post" @attributes="AdditionalAttributes">
     <AntiforgeryToken />
@@ -26,7 +28,7 @@
         if (SignInManager.IsSignedIn(user))
         {
             await SignInManager.SignOutAsync();
-            NavigationManager.RedirectTo(ReturnUrl ?? "/");
+            RedirectManager.RedirectTo(ReturnUrl ?? "/");
         }
     }
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/StatusMessage.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/StatusMessage.razor
index 33953c94bc52..43bcdc0478b6 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/StatusMessage.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Identity/StatusMessage.razor
@@ -1,5 +1,12 @@
-@{
-    var message = Message ?? MessageFromQuery;
+@using BlazorWeb_CSharp.Identity
+
+@{
+    var message = Message ?? MessageFromCookie;
+
+    if (MessageFromCookie is not null)
+    {
+        HttpContext.Response.Cookies.Delete(IdentityRedirectManager.StatusCookieName);
+    }
 }
 
 @if (!string.IsNullOrEmpty(message))
@@ -15,6 +22,8 @@
     [Parameter]
     public string? Message { get; set; }
 
-    [SupplyParameterFromQuery(Name = "Message")]
-    public string? MessageFromQuery { get; set; }
+    [CascadingParameter]
+    private HttpContext HttpContext { get; set; } = default!;
+
+    private string? MessageFromCookie => HttpContext.Request.Cookies[IdentityRedirectManager.StatusCookieName];
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor
index 66a4f5b34ca7..992c6c59694f 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmail.razor
@@ -1,12 +1,13 @@
 @page "/Account/ConfirmEmail"
 
 @using System.Text
-@using BlazorWeb_CSharp.Data
 @using Microsoft.AspNetCore.Identity
 @using Microsoft.AspNetCore.WebUtilities
+@using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Confirm email</PageTitle>
 
@@ -26,7 +27,7 @@
     {
         if (UserId == null || Code == null)
         {
-            NavigationManager.RedirectTo("/");
+            RedirectManager.RedirectTo("/");
         }
         else
         {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmailChange.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmailChange.razor
index 08987693b08f..510fb2d0e93f 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmailChange.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ConfirmEmailChange.razor
@@ -4,11 +4,12 @@
 @using Microsoft.AspNetCore.Identity
 @using Microsoft.AspNetCore.WebUtilities
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserAccessor UserAccessor
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Confirm email change</PageTitle>
 
@@ -33,9 +34,8 @@
     {
         if (UserId is null || Email is null || Code is null)
         {
-            NavigationManager.RedirectTo(
-                "/Account/Login",
-                new() { ["Message"] = "Error: Invalid email change confirmation link." });
+            RedirectManager.RedirectToWithStatus(
+                "/Account/Login", "Error: Invalid email change confirmation link.");
             return;
         }
 
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor
index 642d23c74eeb..51bfa81fc116 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ExternalLogin.razor
@@ -8,12 +8,14 @@
 @using Microsoft.AspNetCore.Identity.UI.Services
 @using Microsoft.AspNetCore.WebUtilities
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserManager<ApplicationUser> UserManager
 @inject IUserStore<ApplicationUser> UserStore
 @inject IEmailSender EmailSender
 @inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 @inject ILogger<ExternalLogin> Logger
 
 @{
@@ -77,18 +79,14 @@
 
         if (RemoteError is not null)
         {
-            NavigationManager.RedirectTo(
-                "/Account/Login",
-                new() { ["Message"] = "Error from external provider: " + RemoteError });
+            RedirectManager.RedirectToWithStatus("/Account/Login", "Error from external provider: " + RemoteError);
             return;
         }
 
         var externalLoginInfo = await SignInManager.GetExternalLoginInfoAsync();
         if (externalLoginInfo is null)
         {
-            NavigationManager.RedirectTo(
-                "/Account/Login",
-                new() { ["Message"] = "Error loading external login information." });
+            RedirectManager.RedirectToWithStatus("/Account/Login", "Error loading external login information.");
             return;
         }
 
@@ -105,7 +103,7 @@
 
             // We should only reach this page via the login callback, so redirect back to
             // the login page if we get here some other way.
-            NavigationManager.RedirectTo("/Account/Login");
+            RedirectManager.RedirectTo("/Account/Login");
             return;
         }
     }
@@ -124,13 +122,13 @@
                 "{Name} logged in with {LoginProvider} provider.",
                 _externalLoginInfo.Principal.Identity?.Name,
                 _externalLoginInfo.LoginProvider);
-            NavigationManager.RedirectTo(ReturnUrl);
+            RedirectManager.RedirectTo(ReturnUrl);
             return;
         }
 
         if (result.IsLockedOut)
         {
-            NavigationManager.RedirectTo("/Account/Lockout");
+            RedirectManager.RedirectTo("/Account/Lockout");
             return;
         }
 
@@ -169,12 +167,12 @@
                 // If account confirmation is required, we need to show the link if we don't have a real email sender
                 if (UserManager.Options.SignIn.RequireConfirmedAccount)
                 {
-                    NavigationManager.RedirectTo("/Account/RegisterConfirmation", new() { ["Email"] = Input.Email });
+                    RedirectManager.RedirectTo("/Account/RegisterConfirmation", new() { ["Email"] = Input.Email });
                     return;
                 }
 
                 await SignInManager.SignInAsync(user, isPersistent: false, _externalLoginInfo.LoginProvider);
-                NavigationManager.RedirectTo(ReturnUrl);
+                RedirectManager.RedirectTo(ReturnUrl);
                 return;
             }
         }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
index 6509ff4b1f95..605a676daad5 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ForgotPassword.razor
@@ -1,14 +1,16 @@
 @page "/Account/ForgotPassword"
 
-@using System.ComponentModel.DataAnnotations;
-@using System.Text;
-@using System.Text.Encodings.Web;
-@using Microsoft.AspNetCore.Identity;
-@using Microsoft.AspNetCore.Identity.UI.Services;
-@using Microsoft.AspNetCore.WebUtilities;
-@using BlazorWeb_CSharp.Data;
+@using System.ComponentModel.DataAnnotations
+@using System.Text
+@using System.Text.Encodings.Web
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.Identity.UI.Services
+@using Microsoft.AspNetCore.WebUtilities
+@using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 @inject UserManager<ApplicationUser> UserManager
 @inject IEmailSender EmailSender
 
@@ -43,7 +45,7 @@
         if (user is null || !(await UserManager.IsEmailConfirmedAsync(user)))
         {
             // Don't reveal that the user does not exist or is not confirmed
-            NavigationManager.RedirectTo("/Account/ForgotPasswordConfirmation");
+            RedirectManager.RedirectTo("/Account/ForgotPasswordConfirmation");
             return;
         }
 
@@ -60,7 +62,7 @@
             "Reset Password",
             $"Please reset your password by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
 
-        NavigationManager.RedirectTo("/Account/ForgotPasswordConfirmation");
+        RedirectManager.RedirectTo("/Account/ForgotPasswordConfirmation");
     }
 
     private sealed class InputModel
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
index 969418c50030..f49edad1beb7 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Login.razor
@@ -2,14 +2,16 @@
 
 @using System.ComponentModel.DataAnnotations
 @using System.Text
-@using BlazorWeb_CSharp.Data
 @using Microsoft.AspNetCore.Authentication
 @using Microsoft.AspNetCore.Identity
 @using Microsoft.AspNetCore.WebUtilities
+@using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject SignInManager<ApplicationUser> SignInManager
 @inject ILogger<Login> Logger
 @inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Log in</PageTitle>
 
@@ -110,18 +112,18 @@
         if (result.Succeeded)
         {
             Logger.LogInformation("User logged in.");
-            NavigationManager.RedirectTo(ReturnUrl);
+            RedirectManager.RedirectTo(ReturnUrl);
         }
         if (result.RequiresTwoFactor)
         {
-            NavigationManager.RedirectTo(
+            RedirectManager.RedirectTo(
                 "/Account/LoginWith2fa",
                 new() { ["ReturnUrl"] = ReturnUrl, ["RememberMe"] = Input.RememberMe });
         }
         if (result.IsLockedOut)
         {
             Logger.LogWarning("User account locked out.");
-            NavigationManager.RedirectTo("/Account/Lockout");
+            RedirectManager.RedirectTo("/Account/Lockout");
         }
         else
         {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
index 855c5a04023d..b1a650544608 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWith2fa.razor
@@ -1,13 +1,13 @@
 @page "/Account/LoginWith2fa"
 
 @using System.ComponentModel.DataAnnotations
-@using System.Text.Encodings.Web
 @using Microsoft.AspNetCore.Identity
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserManager<ApplicationUser> UserManager
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 @inject ILogger<LoginWith2fa> Logger
 
 <PageTitle>Two-factor authentication</PageTitle>
@@ -42,7 +42,7 @@
 </div>
 <p>
     Don't have access to your authenticator device? You can
-    <a id="recovery-code-login" href="/Account/LoginWithRecoveryCode?ReturnUrl=@HtmlEncoder.Default.Encode(ReturnUrl ?? "/")">log in with a recovery code</a>.
+    <a id="recovery-code-login" href="/Account/LoginWithRecoveryCode?ReturnUrl=@ReturnUrl">log in with a recovery code</a>.
 </p>
 
 @code {
@@ -61,6 +61,7 @@
     protected override async Task OnInitializedAsync()
     {
         Input ??= new();
+        ReturnUrl ??= "/";
 
         var user = await SignInManager.GetTwoFactorAuthenticationUserAsync();
         if (user is null)
@@ -80,12 +81,12 @@
         if (result.Succeeded)
         {
             Logger.LogInformation("User with ID '{UserId}' logged in with 2fa.", _user.Id);
-            NavigationManager.RedirectTo(ReturnUrl ?? "/");
+            RedirectManager.RedirectTo(ReturnUrl ?? "/");
         }
         else if (result.IsLockedOut)
         {
             Logger.LogWarning("User with ID '{UserId}' account locked out.", _user.Id);
-            NavigationManager.RedirectTo("/Account/Lockout");
+            RedirectManager.RedirectTo("/Account/Lockout");
         }
         else
         {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor
index 67696e101c45..41d5d3660810 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/LoginWithRecoveryCode.razor
@@ -4,10 +4,11 @@
 @using Microsoft.AspNetCore.Identity
 @using Microsoft.AspNetCore.Mvc
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserManager<ApplicationUser> UserManager
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 @inject ILogger<LoginWithRecoveryCode> Logger
 
 <PageTitle>Recovery code verification</PageTitle>
@@ -69,12 +70,12 @@
         if (result.Succeeded)
         {
             Logger.LogInformation("User with ID '{UserId}' logged in with a recovery code.", _user.Id);
-            NavigationManager.RedirectTo(ReturnUrl ?? "/");
+            RedirectManager.RedirectTo(ReturnUrl ?? "/");
         }
         if (result.IsLockedOut)
         {
             Logger.LogWarning("User account locked out.");
-            NavigationManager.RedirectTo("/Account/Lockout");
+            RedirectManager.RedirectTo("/Account/Lockout");
         }
         else
         {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
index 68b4b2f13b81..aabf71983a62 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ChangePassword.razor
@@ -3,11 +3,12 @@
 @using System.ComponentModel.DataAnnotations
 @using Microsoft.AspNetCore.Identity
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserAccessor UserAccessor
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 @inject ILogger<ChangePassword> Logger
 
 <PageTitle>Change password</PageTitle>
@@ -55,7 +56,7 @@
         _hasPassword = await UserManager.HasPasswordAsync(_user);
         if (!_hasPassword)
         {
-            NavigationManager.RedirectTo("/Account/Manage/SetPassword");
+            RedirectManager.RedirectTo("/Account/Manage/SetPassword");
             return;
         }
     }
@@ -72,7 +73,7 @@
         await SignInManager.RefreshSignInAsync(_user);
         Logger.LogInformation("User changed their password successfully.");
 
-        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Your password has been changed" });
+        RedirectManager.RedirectToCurrentPageWithStatus("Your password has been changed");
     }
 
     private sealed class InputModel
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor
index 0c5f1a4334c9..c3ed9c38635a 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/DeletePersonalData.razor
@@ -3,11 +3,12 @@
 @using System.ComponentModel.DataAnnotations
 @using Microsoft.AspNetCore.Identity
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserAccessor UserAccessor
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 @inject ILogger<DeletePersonalData> Logger
 
 <PageTitle>Delete Personal Data</PageTitle>
@@ -73,7 +74,7 @@
 
         Logger.LogInformation("User with ID '{UserId}' deleted themselves.", userId);
 
-        NavigationManager.RedirectToCurrentPage();
+        RedirectManager.RedirectToCurrentPage();
     }
 
     private sealed class InputModel
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Disable2fa.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Disable2fa.razor
index 74a7b64fe7c0..562b5ca26577 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Disable2fa.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Disable2fa.razor
@@ -2,10 +2,11 @@
 
 @using Microsoft.AspNetCore.Identity
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject UserAccessor UserAccessor
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 @inject ILogger<Disable2fa> Logger
 
 <PageTitle>Disable two-factor authentication (2FA)</PageTitle>
@@ -60,8 +61,8 @@
 
         var userId = await UserManager.GetUserIdAsync(_user);
         Logger.LogInformation("User with ID '{UserId}' has disabled 2fa.", userId);
-        NavigationManager.RedirectTo(
+        RedirectManager.RedirectToWithStatus(
             "/Account/Manage/TwoFactorAuthentication",
-            new() { ["Message"] = "2fa has been disabled. You can reenable 2fa when you setup an authenticator app" });
+            "2fa has been disabled. You can reenable 2fa when you setup an authenticator app");
     }
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
index 305210b7dcd0..c629d0a8ee8e 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Email.razor
@@ -7,11 +7,13 @@
 @using Microsoft.AspNetCore.Identity.UI.Services
 @using Microsoft.AspNetCore.WebUtilities
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject UserAccessor UserAccessor
 @inject IEmailSender EmailSender
 @inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Manage email</PageTitle>
 
@@ -88,11 +90,11 @@
                 "Confirm your email",
                 $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
 
-            NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Confirmation link to change email sent. Please check your email." });
+            RedirectManager.RedirectToCurrentPageWithStatus("Confirmation link to change email sent. Please check your email.");
             return;
         }
 
-        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Your email is unchanged." });
+        RedirectManager.RedirectToCurrentPageWithStatus("Your email is unchanged.");
     }
 
     private async Task OnSendEmailVerificationAsync()
@@ -108,7 +110,7 @@
             "Confirm your email",
             $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
 
-        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Verification email sent. Please check your email." });
+        RedirectManager.RedirectToCurrentPageWithStatus("Verification email sent. Please check your email.");
     }
 
     private sealed class InputModel
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
index 0427e3ffd860..52b3f0d68c5a 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/EnableAuthenticator.razor
@@ -6,18 +6,19 @@
 @using System.Text.Encodings.Web
 @using Microsoft.AspNetCore.Identity
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject UserAccessor UserAccessor
 @inject UrlEncoder UrlEncoder
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 @inject ILogger<EnableAuthenticator> Logger
 
 <PageTitle>Configure authenticator app</PageTitle>
 
 @if (_recoveryCodes is not null)
 {
-    <ShowRecoveryCodes RecoveryCodes="_recoveryCodes.ToArray()" StatusMessage="@_statusMessage" />
+    <ShowRecoveryCodes RecoveryCodes="_recoveryCodes.ToArray()" StatusMessage="@_message" />
 }
 else
 {
@@ -74,7 +75,7 @@ else
     private string? _authenticatorUri;
 
     private IEnumerable<string>? _recoveryCodes;
-    private string? _statusMessage;
+    private string? _message;
 
     [SupplyParameterFromForm]
     private InputModel Input { get; set; } = default!;
@@ -99,7 +100,7 @@ else
         if (!is2faTokenValid)
         {
             await LoadSharedKeyAndQrCodeUriAsync(_user);
-            NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Error: Verification code is invalid." });
+            RedirectManager.RedirectToCurrentPageWithStatus("Error: Verification code is invalid.");
             return;
         }
 
@@ -107,7 +108,7 @@ else
         var userId = await UserManager.GetUserIdAsync(_user);
         Logger.LogInformation("User with ID '{UserId}' has enabled 2FA with an authenticator app.", userId);
 
-        _statusMessage = "Your authenticator app has been verified.";
+        _message = "Your authenticator app has been verified.";
 
         if (await UserManager.CountRecoveryCodesAsync(_user) == 0)
         {
@@ -115,9 +116,7 @@ else
         }
         else
         {
-            NavigationManager.RedirectTo(
-                "/Account/Manage/TwoFactorAuthentication",
-                new() { ["Message"] = _statusMessage });
+            RedirectManager.RedirectToWithStatus("/Account/Manage/TwoFactorAuthentication", _message);
         }
     }
 
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor
index 19e67d66c804..4ff1ec38044a 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ExternalLogins.razor
@@ -2,14 +2,15 @@
 
 @using Microsoft.AspNetCore.Authentication
 @using Microsoft.AspNetCore.Identity
-@using BlazorWeb_CSharp.Data
 @using Microsoft.AspNetCore.Mvc.ViewFeatures
+@using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserAccessor UserAccessor
 @inject IUserStore<ApplicationUser> UserStore
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Manage your external logins</PageTitle>
 
@@ -118,12 +119,12 @@
         var result = await UserManager.RemoveLoginAsync(_user, LoginProvider!, ProviderKey!);
         if (!result.Succeeded)
         {
-            NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "The external login was not removed." });
+            RedirectManager.RedirectToCurrentPageWithStatus("The external login was not removed.");
             return;
         }
 
         await SignInManager.RefreshSignInAsync(_user);
-        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "The external login was removed." });
+        RedirectManager.RedirectToCurrentPageWithStatus("The external login was removed.");
     }
 
     private async Task OnGetLinkLoginCallbackAsync()
@@ -132,20 +133,20 @@
         var info = await SignInManager.GetExternalLoginInfoAsync(userId);
         if (info == null)
         {
-            NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Unexpected error occurred loading external login info." });
+            RedirectManager.RedirectToCurrentPageWithStatus("Unexpected error occurred loading external login info.");
             return;
         }
 
         var result = await UserManager.AddLoginAsync(_user, info);
         if (!result.Succeeded)
         {
-            NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "The external login was not added. External logins can only be associated with one account." });
+            RedirectManager.RedirectToCurrentPageWithStatus("The external login was not added. External logins can only be associated with one account.");
             return;
         }
 
         // Clear the existing external cookie to ensure a clean login process
         await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);
 
-        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "The external login was added." });
+        RedirectManager.RedirectToCurrentPageWithStatus("The external login was added.");
     }
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor
index 8adcae6739b1..3de6f69e9c40 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/GenerateRecoveryCodes.razor
@@ -2,17 +2,18 @@
 
 @using Microsoft.AspNetCore.Identity
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject UserAccessor UserAccessor
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 @inject ILogger<GenerateRecoveryCodes> Logger
 
 <PageTitle>Generate two-factor authentication (2FA) recovery codes</PageTitle>
 
 @if (_recoveryCodes is not null)
 {
-    <ShowRecoveryCodes RecoveryCodes="_recoveryCodes.ToArray()" StatusMessage="@_statusMessage" />
+    <ShowRecoveryCodes RecoveryCodes="_recoveryCodes.ToArray()" StatusMessage="@_message" />
 }
 else
 {
@@ -42,7 +43,7 @@ else
     private ApplicationUser _user = default!;
 
     private IEnumerable<string>? _recoveryCodes;
-    private string? _statusMessage;
+    private string? _message;
 
     protected override async Task OnInitializedAsync()
     {
@@ -59,7 +60,7 @@ else
     {
         var userId = await UserManager.GetUserIdAsync(_user);
         _recoveryCodes = await UserManager.GenerateNewTwoFactorRecoveryCodesAsync(_user, 10);
-        _statusMessage = "You have generated new recovery codes.";
+        _message = "You have generated new recovery codes.";
 
         Logger.LogInformation("User with ID '{UserId}' has generated new 2FA recovery codes.", userId);
     }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
index 6c7c87e5f8b5..7e59b2732987 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/Index.razor
@@ -4,12 +4,13 @@
 @using System.Security.Claims
 @using Microsoft.AspNetCore.Identity;
 @using BlazorWeb_CSharp.Data;
+@using BlazorWeb_CSharp.Identity
 
 @inject AuthenticationStateProvider AuthenticationStateProvider
 @inject UserManager<ApplicationUser> UserManager
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserAccessor UserAccessor;
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Profile</PageTitle>
 
@@ -61,13 +62,13 @@
             var setPhoneResult = await UserManager.SetPhoneNumberAsync(_user, Input.PhoneNumber);
             if (!setPhoneResult.Succeeded)
             {
-                NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Unexpected error when trying to set phone number." });
+                RedirectManager.RedirectToCurrentPageWithStatus("Unexpected error when trying to set phone number.");
                 return;
             }
         }
 
         await SignInManager.RefreshSignInAsync(_user);
-        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Your profile has been updated" });
+        RedirectManager.RedirectToCurrentPageWithStatus("Your profile has been updated");
     }
 
     private sealed class InputModel
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ResetAuthenticator.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ResetAuthenticator.razor
index f34634c42067..dd951c7d2410 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ResetAuthenticator.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/ResetAuthenticator.razor
@@ -1,12 +1,13 @@
 @page "/Account/Manage/ResetAuthenticator"
 
-@using BlazorWeb_CSharp.Data
 @using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserAccessor UserAccessor
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 @inject ILogger<ResetAuthenticator> Logger
 
 <PageTitle>Reset authenticator key</PageTitle>
@@ -47,8 +48,8 @@
 
         await SignInManager.RefreshSignInAsync(_user);
 
-        NavigationManager.RedirectTo(
+        RedirectManager.RedirectToWithStatus(
             "/Account/Manage/EnableAuthenticator",
-            new() { ["Message"] = "Your authenticator app key has been reset, you will need to configure your authenticator app using the new key." });
+            "Your authenticator app key has been reset, you will need to configure your authenticator app using the new key.");
     }
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor
index f247ab21440f..5f1aff4403ad 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/SetPassword.razor
@@ -3,11 +3,12 @@
 @using System.ComponentModel.DataAnnotations
 @using Microsoft.AspNetCore.Identity
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserAccessor UserAccessor
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Set password</PageTitle>
 
@@ -53,7 +54,7 @@
         var hasPassword = await UserManager.HasPasswordAsync(_user);
         if (hasPassword)
         {
-            NavigationManager.RedirectTo("/Account/Manage/ChangePassword");
+            RedirectManager.RedirectTo("/Account/Manage/ChangePassword");
             return;
         }
     }
@@ -68,7 +69,7 @@
         }
 
         await SignInManager.RefreshSignInAsync(_user);
-        NavigationManager.RedirectToCurrentPage(new() { ["Message"] = "Your password has been set." });
+        RedirectManager.RedirectToCurrentPageWithStatus("Your password has been set.");
     }
 
     private sealed class InputModel
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor
index 99c5f3ef9168..fbb2f32eddbd 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Manage/TwoFactorAuthentication.razor
@@ -1,13 +1,14 @@
 @page "/Account/Manage/TwoFactorAuthentication"
 
-@using BlazorWeb_CSharp.Data
 @using Microsoft.AspNetCore.Http.Features
 @using Microsoft.AspNetCore.Identity
+@using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject SignInManager<ApplicationUser> SignInManager
 @inject UserAccessor UserAccessor
-@inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Two-factor authentication (2FA)</PageTitle>
 
@@ -94,9 +95,7 @@ else
     {
         await SignInManager.ForgetTwoFactorClientAsync();
 
-        NavigationManager.RedirectToCurrentPage(new()
-            {
-                ["Message"] = "The current browser has been forgotten. When you login again from this browser you will be prompted for your 2fa code.",
-            });
+        RedirectManager.RedirectToCurrentPageWithStatus(
+            "The current browser has been forgotten. When you login again from this browser you will be prompted for your 2fa code.");
     }
 }
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
index ba7a3f13d505..822a95b69460 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/Register.razor
@@ -3,11 +3,12 @@
 @using System.ComponentModel.DataAnnotations
 @using System.Text
 @using System.Text.Encodings.Web
-@using BlazorWeb_CSharp.Data
 @using Microsoft.AspNetCore.Authentication
 @using Microsoft.AspNetCore.Identity
 @using Microsoft.AspNetCore.Identity.UI.Services
 @using Microsoft.AspNetCore.WebUtilities
+@using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject IUserStore<ApplicationUser> UserStore
@@ -15,6 +16,7 @@
 @inject ILogger<Register> Logger
 @inject IEmailSender EmailSender
 @inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Register</PageTitle>
 
@@ -134,14 +136,14 @@
 
             if (UserManager.Options.SignIn.RequireConfirmedAccount)
             {
-                NavigationManager.RedirectTo(
+                RedirectManager.RedirectTo(
                     "/Account/RegisterConfirmation",
                     new() { ["Email"] = Input.Email, ["ReturnUrl"] = ReturnUrl });
             }
             else
             {
                 await SignInManager.SignInAsync(user, isPersistent: false);
-                NavigationManager.RedirectTo(ReturnUrl);
+                RedirectManager.RedirectTo(ReturnUrl);
             }
         }
         else
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor
index 4745cf7eda91..5f54beb59e9a 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/RegisterConfirmation.razor
@@ -1,14 +1,16 @@
 @page "/Account/RegisterConfirmation"
 
 @using System.Text
-@using BlazorWeb_CSharp.Data
 @using Microsoft.AspNetCore.Identity
 @using Microsoft.AspNetCore.Identity.UI.Services
 @using Microsoft.AspNetCore.WebUtilities
+@using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject IEmailSender EmailSender
 @inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Register confirmation</PageTitle>
 
@@ -39,7 +41,7 @@ else
     {
         if (Email == null)
         {
-            NavigationManager.RedirectTo("/");
+            RedirectManager.RedirectTo("/");
         }
         else
         {
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor
index f1de72583703..fa5f9d1dbafe 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResendEmailConfirmation.razor
@@ -7,10 +7,12 @@
 @using Microsoft.AspNetCore.Identity.UI.Services
 @using Microsoft.AspNetCore.WebUtilities
 @using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
 
 @inject UserManager<ApplicationUser> UserManager
 @inject IEmailSender EmailSender
 @inject NavigationManager NavigationManager
+@inject IdentityRedirectManager RedirectManager
 
 <PageTitle>Resend email confirmation</PageTitle>
 
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
index 5e04d17eba0c..214c42643eb4 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Pages/Account/ResetPassword.razor
@@ -1,13 +1,14 @@
 @page "/Account/ResetPassword"
 
-@using System.ComponentModel.DataAnnotations;
-@using System.Text;
-@using Microsoft.AspNetCore.Http;
-@using Microsoft.AspNetCore.Identity;
-@using Microsoft.AspNetCore.WebUtilities;
-@using BlazorWeb_CSharp.Data;
-
-@inject NavigationManager NavigationManager
+@using System.ComponentModel.DataAnnotations
+@using System.Text
+@using Microsoft.AspNetCore.Http
+@using Microsoft.AspNetCore.Identity
+@using Microsoft.AspNetCore.WebUtilities
+@using BlazorWeb_CSharp.Data
+@using BlazorWeb_CSharp.Identity
+
+@inject IdentityRedirectManager RedirectManager
 @inject UserManager<ApplicationUser> UserManager
 
 <PageTitle>Reset password</PageTitle>
@@ -57,7 +58,7 @@
     {
         if (Code is null)
         {
-            NavigationManager.RedirectTo("/Account/InvalidPasswordReset");
+            RedirectManager.RedirectTo("/Account/InvalidPasswordReset");
         }
         else
         {
@@ -71,14 +72,14 @@
         if (user is null)
         {
             // Don't reveal that the user does not exist
-            NavigationManager.RedirectTo("/Account/ResetPasswordConfirmation");
+            RedirectManager.RedirectTo("/Account/ResetPasswordConfirmation");
             return;
         }
 
         var result = await UserManager.ResetPasswordAsync(user, Input.Code, Input.Password);
         if (result.Succeeded)
         {
-            NavigationManager.RedirectTo("/Account/ResetPasswordConfirmation");
+            RedirectManager.RedirectTo("/Account/ResetPasswordConfirmation");
             return;
         }
 
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserAccessor.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserAccessor.cs
index 7399778dad7f..f6fefe902c63 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserAccessor.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Data/UserAccessor.cs
@@ -1,26 +1,24 @@
-using BlazorWeb_CSharp.Data;
-using Microsoft.AspNetCore.Components;
 using Microsoft.AspNetCore.Identity;
+using BlazorWeb_CSharp.Identity;
 
 namespace BlazorWeb_CSharp.Data;
 
 internal sealed class UserAccessor(
     IHttpContextAccessor httpContextAccessor,
     UserManager<ApplicationUser> userManager,
-    NavigationManager navigationManager)
+    IdentityRedirectManager redirectManager)
 {
     public async Task<ApplicationUser> GetRequiredUserAsync()
     {
         var principal = httpContextAccessor.HttpContext?.User ??
             throw new InvalidOperationException($"{nameof(GetRequiredUserAsync)} requires access to an {nameof(HttpContext)}.");
+
         var user = await userManager.GetUserAsync(principal);
+
         if (user is null)
         {
             // Throws NavigationException, which is handled by the framework as a redirect.
-            navigationManager.RedirectTo("/Account/InvalidUser", new()
-            {
-                ["Message"] = $"Error: Unable to load user with ID '{userManager.GetUserId(principal)}'.",
-            });
+            redirectManager.RedirectToWithStatus("/Account/InvalidUser", "Error: Unable to load user with ID '{userManager.GetUserId(principal)}'.");
         }
 
         return user;
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/RedirectNavigationManagerExtensions.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/RedirectNavigationManagerExtensions.cs
deleted file mode 100644
index 1cf481a1cd7c..000000000000
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/Extensions/RedirectNavigationManagerExtensions.cs
+++ /dev/null
@@ -1,38 +0,0 @@
-using System.Diagnostics.CodeAnalysis;
-
-namespace Microsoft.AspNetCore.Components;
-
-internal static class RedirectNavigationManagerExtensions
-{
-    // These extension methods help make more concise the common case of redirecting to the same or different page
-    // with a fresh set of query parameters. An exception is thrown if the current page is not being rendered from
-    // an endpoint, because it's not possible to redirect in that case.
-
-    [DoesNotReturn]
-    public static void RedirectTo(this NavigationManager navigationManager, string uri)
-    {
-        // This works because either:
-        // [1] NavigateTo() throws NavigationException, which is handled by the framework as a redirect.
-        // [2] NavigateTo() throws some other exception, which gets treated as a normal unhandled exception.
-        // [3] NavigateTo() does not throw an exception, meaning we're not rendering from an endpoint, so we throw
-        //     an InvalidOperationException to indicate that we can't redirect.
-        navigationManager.NavigateTo(uri);
-        throw new InvalidOperationException($"Can only redirect when rendering from an endpoint.");
-    }
-
-    [DoesNotReturn]
-    public static void RedirectTo(this NavigationManager navigationManager, string uri, Dictionary<string, object?> queryParameters)
-    {
-        var uriWithoutQuery = navigationManager.ToAbsoluteUri(uri).GetLeftPart(UriPartial.Path);
-        var newUri = navigationManager.GetUriWithQueryParameters(uriWithoutQuery, queryParameters);
-        navigationManager.RedirectTo(newUri);
-    }
-
-    [DoesNotReturn]
-    public static void RedirectToCurrentPage(this NavigationManager navigationManager)
-        => navigationManager.RedirectTo(navigationManager.Uri);
-
-    [DoesNotReturn]
-    public static void RedirectToCurrentPage(this NavigationManager navigationManager, Dictionary<string, object?> queryParameters)
-        => navigationManager.RedirectTo(navigationManager.Uri, queryParameters);
-}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRedirectManager.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRedirectManager.cs
new file mode 100644
index 000000000000..2a1cccde8fc4
--- /dev/null
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Identity/IdentityRedirectManager.cs
@@ -0,0 +1,63 @@
+using System.Diagnostics.CodeAnalysis;
+using Microsoft.AspNetCore.Components;
+
+namespace BlazorWeb_CSharp.Identity;
+
+internal sealed class IdentityRedirectManager(
+    NavigationManager navigationManager,
+    IHttpContextAccessor httpContextAccessor)
+{
+    public const string StatusCookieName = "Identity.StatusMessage";
+
+    private static readonly CookieBuilder _statusCookieBuilder = new CookieBuilder
+    {
+        SameSite = SameSiteMode.Strict,
+        HttpOnly = true,
+        IsEssential = true,
+        MaxAge = TimeSpan.FromSeconds(5),
+    };
+
+    [DoesNotReturn]
+    public void RedirectTo(string uri)
+    {
+        if (!Uri.IsWellFormedUriString(uri, UriKind.Relative))
+        {
+            uri = navigationManager.ToBaseRelativePath(uri);
+        }
+
+        // This works because either:
+        // [1] NavigateTo() throws NavigationException, which is handled by the framework as a redirect.
+        // [2] NavigateTo() throws some other exception, which gets treated as a normal unhandled exception.
+        // [3] NavigateTo() does not throw an exception, meaning we're not rendering from an endpoint, so we throw
+        //     an InvalidOperationException to indicate that we can't redirect.
+        navigationManager.NavigateTo(uri);
+        throw new InvalidOperationException($"Can only redirect when rendering from an endpoint.");
+    }
+
+    [DoesNotReturn]
+    public void RedirectTo(string uri, Dictionary<string, object?> queryParameters)
+    {
+        var uriWithoutQuery = navigationManager.ToAbsoluteUri(uri).GetLeftPart(UriPartial.Path);
+        var newUri = navigationManager.GetUriWithQueryParameters(uriWithoutQuery, queryParameters);
+
+        RedirectTo(newUri);
+    }
+
+    [DoesNotReturn]
+    public void RedirectToWithStatus(string uri, string message)
+    {
+        var httpContext = httpContextAccessor.HttpContext ??
+            throw new InvalidOperationException($"{nameof(RedirectToWithStatus)} requires access to an {nameof(HttpContext)}.");
+        httpContext.Response.Cookies.Append(StatusCookieName, message, _statusCookieBuilder.Build(httpContext));
+
+        RedirectTo(uri);
+    }
+
+    [DoesNotReturn]
+    public void RedirectToCurrentPage()
+        => RedirectTo(navigationManager.Uri);
+
+    [DoesNotReturn]
+    public void RedirectToCurrentPageWithStatus(string message)
+        => RedirectToWithStatus(navigationManager.Uri, message);
+}
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
index 87e21015aac9..01d1f6af2312 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.Main.cs
@@ -44,6 +44,7 @@ public static void Main(string[] args)
         #if (IndividualLocalAuth)
         builder.Services.AddCascadingAuthenticationState();
         builder.Services.AddScoped<UserAccessor>();
+        builder.Services.AddScoped<IdentityRedirectManager>();
         #if (UseServer && UseWebAssembly)
         builder.Services.AddScoped<AuthenticationStateProvider, PersistingRevalidatingAuthenticationStateProvider>();
         #elif (UseServer)
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
index 3fcede5135f5..27af48798696 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Program.cs
@@ -38,6 +38,7 @@
 #if (IndividualLocalAuth)
 builder.Services.AddCascadingAuthenticationState();
 builder.Services.AddScoped<UserAccessor>();
+builder.Services.AddScoped<IdentityRedirectManager>();
 #if (UseServer && UseWebAssembly)
 builder.Services.AddScoped<AuthenticationStateProvider, PersistingRevalidatingAuthenticationStateProvider>();
 #elif (UseServer)
diff --git a/src/ProjectTemplates/test/Templates.Tests/template-baselines.json b/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
index b25b2cc5124e..bcbe392b2faf 100644
--- a/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
+++ b/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
@@ -591,7 +591,7 @@
         "Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
         "Data/Migrations/ApplicationDbContextModelSnapshot.cs",
         "Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
-        "Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "Identity/IdentityRedirectManager.cs",
         "Properties/launchSettings.json",
         "wwwroot/app.css",
         "wwwroot/favicon.png",
@@ -689,7 +689,7 @@
         "Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
         "Data/Migrations/ApplicationDbContextModelSnapshot.cs",
         "Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
-        "Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "Identity/IdentityRedirectManager.cs",
         "Identity/IdentityRevalidatingAuthenticationStateProvider.cs",
         "Properties/launchSettings.json",
         "wwwroot/app.css",
@@ -761,7 +761,7 @@
         "Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
         "Data/Migrations/ApplicationDbContextModelSnapshot.cs",
         "Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
-        "Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "Identity/IdentityRedirectManager.cs",
         "Identity/IdentityRevalidatingAuthenticationStateProvider.cs",
         "Properties/launchSettings.json",
         "wwwroot/app.css",
@@ -865,7 +865,7 @@
         "{ProjectName}/Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
         "{ProjectName}/Data/Migrations/ApplicationDbContextModelSnapshot.cs",
         "{ProjectName}/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
-        "{ProjectName}/Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "{ProjectName}/Identity/IdentityRedirectManager.cs",
         "{ProjectName}/Identity/PersistingServerAuthenticationStateProvider.cs",
         "{ProjectName}/Properties/launchSettings.json",
         "{ProjectName}/wwwroot/app.css",
@@ -978,7 +978,7 @@
         "{ProjectName}/Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
         "{ProjectName}/Data/Migrations/ApplicationDbContextModelSnapshot.cs",
         "{ProjectName}/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
-        "{ProjectName}/Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "{ProjectName}/Identity/IdentityRedirectManager.cs",
         "{ProjectName}/Identity/PersistingRevalidatingAuthenticationStateProvider.cs",
         "{ProjectName}/Properties/launchSettings.json",
         "{ProjectName}/wwwroot/app.css",
@@ -1230,7 +1230,7 @@
         "{ProjectName}/Data/Migrations/00000000000000_CreateIdentitySchema.Designer.cs",
         "{ProjectName}/Data/Migrations/ApplicationDbContextModelSnapshot.cs",
         "{ProjectName}/Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs",
-        "{ProjectName}/Identity/Extensions/RedirectNavigationManagerExtensions.cs",
+        "{ProjectName}/Identity/IdentityRedirectManager.cs",
         "{ProjectName}/Identity/PersistingRevalidatingAuthenticationStateProvider.cs",
         "{ProjectName}/Properties/launchSettings.json",
         "{ProjectName}/wwwroot/app.css",

From 0a3c7ec56d10eedaca7610e5d32ed7109f903568 Mon Sep 17 00:00:00 2001
From: Stephen Halter <halter73@gmail.com>
Date: Thu, 21 Sep 2023 17:11:45 -0700
Subject: [PATCH 18/18] React to Error page added by #50550

---
 .../test/Templates.Tests/template-baselines.json       | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/ProjectTemplates/test/Templates.Tests/template-baselines.json b/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
index bcbe392b2faf..ae58eed078b9 100644
--- a/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
+++ b/src/ProjectTemplates/test/Templates.Tests/template-baselines.json
@@ -552,6 +552,7 @@
         "Components/Layout/NavMenu.razor",
         "Components/Layout/NavMenu.razor.css",
         "Components/Pages/Auth.razor",
+        "Components/Pages/Error.razor",
         "Components/Pages/Home.razor",
         "Components/Pages/Weather.razor",
         "Components/Pages/Account/_Imports.razor",
@@ -649,6 +650,7 @@
         "Components/Layout/NavMenu.razor",
         "Components/Layout/NavMenu.razor.css",
         "Components/Pages/Auth.razor",
+        "Components/Pages/Error.razor",
         "Components/Pages/Counter.razor",
         "Components/Pages/Home.razor",
         "Components/Pages/Weather.razor",
@@ -721,6 +723,7 @@
         "Components/Layout/NavMenu.razor",
         "Components/Layout/NavMenu.razor.css",
         "Components/Pages/Auth.razor",
+        "Components/Pages/Error.razor",
         "Components/Pages/Counter.razor",
         "Components/Pages/Home.razor",
         "Components/Pages/Weather.razor",
@@ -826,6 +829,7 @@
         "{ProjectName}/Components/Layout/ManageNavMenu.razor",
         "{ProjectName}/Components/Layout/NavMenu.razor",
         "{ProjectName}/Components/Layout/NavMenu.razor.css",
+        "{ProjectName}/Components/Pages/Error.razor",
         "{ProjectName}/Components/Pages/Home.razor",
         "{ProjectName}/Components/Pages/Weather.razor",
         "{ProjectName}/Components/Pages/Account/_Imports.razor",
@@ -877,8 +881,8 @@
         "{ProjectName}.Client/Program.cs",
         "{ProjectName}.Client/UserInfo.cs",
         "{ProjectName}.Client/_Imports.razor",
-        "{ProjectName}.Client/Pages/Counter.razor",
         "{ProjectName}.Client/Pages/Auth.razor",
+        "{ProjectName}.Client/Pages/Counter.razor",
         "{ProjectName}.Client/wwwroot/appsettings.Development.json",
         "{ProjectName}.Client/wwwroot/appsettings.json"
       ],
@@ -939,6 +943,7 @@
         "{ProjectName}/Components/Layout/ManageNavMenu.razor",
         "{ProjectName}/Components/Layout/NavMenu.razor",
         "{ProjectName}/Components/Layout/NavMenu.razor.css",
+        "{ProjectName}/Components/Pages/Error.razor",
         "{ProjectName}/Components/Pages/Home.razor",
         "{ProjectName}/Components/Pages/Weather.razor",
         "{ProjectName}/Components/Pages/Account/_Imports.razor",
@@ -990,8 +995,8 @@
         "{ProjectName}.Client/Program.cs",
         "{ProjectName}.Client/UserInfo.cs",
         "{ProjectName}.Client/_Imports.razor",
-        "{ProjectName}.Client/Pages/Counter.razor",
         "{ProjectName}.Client/Pages/Auth.razor",
+        "{ProjectName}.Client/Pages/Counter.razor",
         "{ProjectName}.Client/wwwroot/appsettings.Development.json",
         "{ProjectName}.Client/wwwroot/appsettings.json"
       ],
@@ -1192,6 +1197,7 @@
         "{ProjectName}/Components/Layout/MainLayout.razor.css",
         "{ProjectName}/Components/Layout/ManageLayout.razor",
         "{ProjectName}/Components/Layout/ManageNavMenu.razor",
+        "{ProjectName}/Components/Pages/Error.razor",
         "{ProjectName}/Components/Pages/Home.razor",
         "{ProjectName}/Components/Pages/Account/_Imports.razor",
         "{ProjectName}/Components/Pages/Account/ConfirmEmail.razor",