'Blazor server app still authorized even after altering cookies

I have tested a sample Blazor server application that uses standard ASP.NET Core Identity and I logged in successfully.

But even after I tried to alter the cookies manually from the dev tools while being signed in, I can still navigate freely through the application pages. Only when I hard reload press the refresh button on the browser and reload the page, I get redirected to the login page.

Doesn't ASP.NET Identity check authorization state on every request on Blazor or it just checks it only on the initial load? or do I miss something?



Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source