From b4846800926939a4f6c8c6ade2702b29554eff82 Mon Sep 17 00:00:00 2001
From: Safia Abdalla <safia@microsoft.com>
Date: Mon, 15 Jun 2020 20:27:33 -0700
Subject: [PATCH] Update how default auth policy is set in templates (#22884)

* Update how default auth policy is set in templates
* Respond to feedback from peer review
---
 .../content/BlazorServerWeb-CSharp/Startup.cs          | 10 +++++-----
 .../content/StarterWeb-CSharp/Startup.cs               |  9 ++++-----
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorServerWeb-CSharp/Startup.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorServerWeb-CSharp/Startup.cs
index ac5aee92be..81a71567b4 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorServerWeb-CSharp/Startup.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/BlazorServerWeb-CSharp/Startup.cs
@@ -116,12 +116,12 @@ namespace BlazorServerWeb_CSharp
 
 #endif
 #if (OrganizationalAuth)
-            services.AddControllersWithViews(options =>
+            services.AddControllersWithViews();
+
+            services.AddAuthorization(options =>
             {
-                var policy = new AuthorizationPolicyBuilder()
-                    .RequireAuthenticatedUser()
-                    .Build();
-                options.Filters.Add(new AuthorizeFilter(policy));
+                // By default, all incoming requests will be authorized according to the default policy
+                options.FallbackPolicy = options.DefaultPolicy;
             });
 
 #endif
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/StarterWeb-CSharp/Startup.cs b/src/ProjectTemplates/Web.ProjectTemplates/content/StarterWeb-CSharp/Startup.cs
index 21737cbcb0..7add694433 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/content/StarterWeb-CSharp/Startup.cs
+++ b/src/ProjectTemplates/Web.ProjectTemplates/content/StarterWeb-CSharp/Startup.cs
@@ -108,13 +108,12 @@ namespace Company.WebApplication1
                 .AddAzureADB2C(options => Configuration.Bind("AzureAdB2C", options));
 #endif
 #if (OrganizationalAuth)
+            services.AddControllersWithViews();
 
-            services.AddControllersWithViews(options =>
+            services.AddAuthorization(options =>
             {
-                var policy = new AuthorizationPolicyBuilder()
-                    .RequireAuthenticatedUser()
-                    .Build();
-                options.Filters.Add(new AuthorizeFilter(policy));
+                // By default, all incoming requests will be authorized according to the default policy
+                options.FallbackPolicy = options.DefaultPolicy;
             });
 #else
             services.AddControllersWithViews();