book

Building Web APIs with ASP.NET Core

Name: Building Web APIs with ASP.NET Core
Author: Valerio De Sanctis
ISBN: 9781633439481

by Valerio De Sanctis

June 2023

Intermediate to advanced

472 pages

13h 34m

English

Manning Publications

Read now

Unlock full access

inside front cover
Building Web APIs with ASP.NET Core
Copyright
contents
front matter
prefaceacknowledgmentsabout this bookWho should read this bookHow this book is organized: A road mapAbout the codeliveBook discussion forumabout the authorabout the cover illustration
Part 1 Getting started
1 Web APIs at a glance
1.1 Web APIs1.1.1 Overview1.1.2 Real-world example1.1.3 Types of web APIs1.1.4 Architectures and message protocols1.2 ASP.NET Core1.2.1 Architecture1.2.2 Program.cs1.2.3 Controllers1.2.4 Minimal APIs1.2.5 Task-based asynchronous patternSummary
2 Our first web API project
2.1 System requirements2.1.1 .NET SDK2.1.2 Integrated development environment2.2 Installing Visual Studio2.3 Creating the web API project2.4 MyBGList project overview2.4.1 Reviewing launchSettings.json2.4.2 Configuring the appsettings.json2.4.3 Playing with the Program.cs file2.4.4 Inspecting the WeatherForecastController2.4.5 Adding the BoardGameController2.5 Exercises2.5.1 launchSettings.json2.5.2 appsettings.json2.5.3 Program.cs2.5.4 BoardGame.cs2.5.5 BoardGameControllers.csSummary
3 RESTful principles and guidelines
3.1 REST guiding constraints3.1.1 Client-server approach3.1.2 Statelessness3.1.3 Cacheability3.1.4 Layered system3.1.5 Code on demand3.1.6 Uniform interface3.2 API documentation3.2.1 Introducing OpenAPI3.2.2 ASP.NET Core components3.3 API versioning3.3.1 Understanding versioning3.3.2 Should we really use versions?3.3.3 Implementing versioning3.4 Exercises3.4.1 CORS3.4.2 Client-side caching3.4.3 COD3.4.4 API documentation and versioningSummary
Part 2 Basic concepts

4 Working with data
4.1 Choosing a database4.1.1 Comparing SQL and NoSQL4.1.2 Making a choice4.2 Creating the database4.2.1 Obtaining the CSV file4.2.2 Installing SQL Server4.2.3 Installing SSMS or ADS4.2.4 Adding a new database4.3 EF Core4.3.1 Reasons to use an ORM4.3.2 Setting up EF Core4.3.3 Creating the DbContext4.3.4 Setting up the DbContext4.3.5 Creating the database structure4.4 Exercises4.4.1 Additional fields4.4.2 One-to-many relationship4.4.3 Many-to-many relationship4.4.4 Creating a new migration4.4.5 Applying the new migration4.4.6 Reverting to a previous migrationSummary
5 CRUD operations
5.1 Introducing LINQ5.1.1 Query syntax vs. method syntax5.1.2 Lambda expressions5.1.3 The IQueryable<T> interface5.2 Injecting the DbContext5.2.1 The sync and async methods5.2.2 Testing the ApplicationDbContext5.3 Seeding the database5.3.1 Setting up the CSV file5.3.2 Installing the CsvHelper package5.3.3 Creating the BggRecord class5.3.4 Adding the SeedController5.3.5 Reading the CSV file5.3.6 Executing the SeedController5.4 Reading data5.4.1 Paging5.4.2 Sorting5.4.3 Filtering5.5 Updating and deleting data5.5.1 Updating a BoardGame5.5.2 Deleting a BoardGame5.6 Exercises5.6.1 Create5.6.2 Read5.6.3 Update5.6.4 DeleteSummary
6 Data validation and error handling
6.1 Data validation6.1.1 Model binding6.1.2 Data validation attributes6.1.3 A nontrivial validation example6.1.4 Data validation and OpenAPI6.1.5 Binding complex types6.2 Error handling6.2.1 The ModelState object6.2.2 Custom error messages6.2.3 Manual model validation6.2.4 Exception handling6.3 Exercises6.3.1 Built-in validators6.3.2 Custom validators6.3.3 IValidatableObject6.3.4 ModelState validation6.3.5 Exception handlingSummary
Part 3 Advanced concepts
7 Application logging
7.1 Application logging overview7.1.1 From boats to computers7.1.2 Why do we need logs?7.2 ASP.NET logging7.2.1 A quick logging test7.2.2 Log levels7.2.3 Logging configuration7.2.4 Logging providers7.2.5 Event IDs and templates7.2.6 Exception logging7.3 Unstructured vs. structured logging7.3.1 Unstructured logging pros and cons7.3.2 Structured logging advantages7.3.3 Application Insights logging provider7.4 Third-party logging providers7.4.1 Serilog overview7.4.2 Installing Serilog7.4.3 Configuring Serilog7.4.4 Testing Serilog7.4.5 Improving the logging behavior7.5 Exercises7.5.1 JSON console logging7.5.2 Logging provider configuration7.5.3 Exception logging’s new property7.5.4 New Serilog enricher7.5.5 New Serilog sinkSummary
8 Caching techniques
8.1 Caching overview8.2 HTTP response caching8.2.1 Setting the cache-control header manually8.2.2 Adding a default caching directive8.2.3 Defining cache profiles8.2.4 Server-side response caching8.2.5 Response caching vs. client reload8.3 In-memory caching8.3.1 Setting up the in-memory cache8.3.2 Injecting the IMemoryCache interface8.3.3 Using the in-memory cache8.4 Distributed caching8.4.1 Distributed cache providers overview8.4.2 SQL Server8.4.3 Redis8.5 Exercises8.5.1 HTTP response caching8.5.2 Cache profiles8.5.3 Server-side response caching8.5.4 In-memory caching8.5.5 Distributed cachingSummary
9 Authentication and authorization
9.1 Basic concepts9.1.1 Authentication9.1.2 Authorization9.2 ASP.NET Core Identity9.2.1 Installing the NuGet packages9.2.2 Creating the user entity9.2.3 Updating the ApplicationDbContext9.2.4 Adding and applying a new migration9.2.5 Setting up the services and middleware9.2.6 Implementing the AccountController9.3 Authorization settings9.3.1 Adding the authorization HTTP header9.3.2 Setting up the [authorize] attribute9.3.3 Testing the authorization flow9.4 Role-based access control9.4.1 Registering new users9.4.2 Creating the new roles9.4.3 Assigning users to roles9.4.4 Adding role-based claims to JWT9.4.5 Setting up role-based auth rules9.4.6 Testing the RBAC flow9.4.7 Using alternative authorization methods9.5 Exercises9.5.1 Adding a new role9.5.2 Creating a new user9.5.3 Assigning a user to roles9.5.4 Implementing a test endpoint9.5.5 Testing the RBAC flowSummary
10 Beyond REST
10.1 REST drawbacks10.1.1 Overfetching10.1.2 Underfetching10.2 GraphQL10.2.1 GraphQL advantages10.2.2 GraphQL drawbacks10.2.3 Implementing GraphQL10.2.4 Working with GraphQL10.3 Google Remote Procedure Call10.3.1 gRPC pros10.3.2 gRPC cons10.3.3 Installing the NuGet packages10.3.4 Implementing the gRPC Server10.3.5 Implementing the gRPC client10.3.6 Adding Authorization support10.4 Other REST alternatives10.4.1 Newline Delimited JSON (NDJSON)10.4.2 Falcor10.4.3 Thrift10.5 Exercises10.5.1 Write a new GraphQL query10.5.2 Fetch GraphQL data for a mutation10.5.3 Implement new gRPC server features10.5.4 Add new gRPC client wrappers10.5.5 Test the new gRPC featuresSummary
Part 4 Toward production
11 API documentation
11.1 Web API potential audience11.1.1 Prospectors11.1.2 Contractors11.1.3 Builders11.2 API documentation best practices11.2.1 Adopt an automated description tool11.2.2 Describe endpoints and input parameters11.2.3 Add XML documentation support11.2.4 Work with Swashbuckle annotations11.2.5 Describe responses11.2.6 Add request and response samples11.2.7 Group endpoints into sections11.2.8 Exclude reserved endpoints11.3 Filter-based Swagger customization11.3.1 Emphasizing the authorization requirements11.3.2 Changing the application title11.3.3 Adding a warning text for passwords11.3.4 Adding custom key/value pairs11.4 Exercises11.4.1 Use XML documentation11.4.2 Use Swashbuckle annotations11.4.3 Exclude some endpoints11.4.4 Add a custom filter11.4.5 Add custom key/value pairsSummary
12 Release and deployment
12.1 Prepublishing tasks12.1.1 Considering security12.1.2 Choosing a domain name12.1.3 Setting up a CDN12.1.4 Fine-tuning our APP12.1.5 Understanding the .NET publishing modes12.2 Creating a Windows VM server12.2.1 Accessing Azure12.2.2 Creating and setting up the Windows VM12.2.3 Working with the VM public IP address12.2.4 Creating an SSL/TLS origin certificate12.2.5 Setting Cloudflare Encryption Mode to Full12.3 Configuring the Windows VM server12.3.1 Installing IIS12.3.2 Installing the ASP.NET Core hosting bundle12.3.3 Installing the Web Deploy component12.3.4 Opening the 8172 TCP port12.3.5 Configuring IIS12.3.6 Creating the production database12.3.7 Creating the appsettings.Production.json file12.4 Publishing and deploying12.4.1 Introducing Visual Studio publish profiles12.4.2 Creating an Azure VM publish profile12.4.3 Configuring the publish profile12.4.4 Publishing, deployment, and testing12.4.5 Final thoughtsSummary
appendix A.
A.1 Installing SQL ServerA.2 Installing Internet Information ServicesA.3 Installing the IIS Management ServiceA.4 Installing the ASP.NET Core Windows hosting bundleA.5 Installing Web DeployA.6 Adding an inbound port rule in Azure
index
inside back cover

Content preview from Building Web APIs with ASP.NET Core

6 Data validation and error handling

This chapter covers

Overview of model binding and data validation
Built-in and custom validation attributes
ModelState validation approaches
Error and exception handling techniques

For simplicity, up to this point we’ve assumed that the data coming from clients is always correct and adequate for our web API’s endpoints. Unfortunately, this is not always the case: whether we like it or not, we often have to deal with erroneous HTTP requests, which can be caused by several factors (including malicious attacks) but always occur because our application is facing unexpected or unhandled behavior.

In this chapter, we’ll discuss a series of techniques for handling unexpected scenarios during the client-server interaction. ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781633439481Publisher Support Publisher Website

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Building Web APIs with ASP.NET Core

by Valerio De Sanctis

6 Data validation and error handling

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.