Part 1: Font-end development (2,5 day)
A web page only looks nice when we start styling it. HTML is great to get all of our content on the page, but when we want to change the font, the colors, the location of everything we need some way to target these properties. CSS is the language we'll use to make sure the browser renders the page in the way we want to. We'll start with basic selectors and end with how Responsive Design works.
- Styling websites using CSS
- CSS Selectors
- Responsive Web Design and Media Queries
- Understanding Inheritance & Cascading behavior
- The Box Model
One of the hardest parts of CSS is making sure that every element is located at the correct position. We'll explain how to do this and which properties have what kind of effect on the elements in the page.
- Flow, display, float
- Positioning elements
- Flexible Box
- Page layout strategies
- Liquid layout versus fixed layout
Responsive web design with Bootstrap
Your web site needs to look fabulous on any device; whether it's a laptop, tablet or phone. Let bootstrap be your guide
in the messy world of media queries.
- Normalizing and Resetting
- The Grid System
- Utility classes
- Base Bootstrap CSS
- Customizing look and feel
- Components: navigation, popovers ...
With bootstrap you can also easily customize the 'bootstrap' look.
- Base Bootstrap css
- Customizing look and feel
- Components: navigation, popovers, ..
- 'this' explained
- Using Callbacks
- Working with Promises
- Using Libraries
- Content Delivery Networks
- Getting Libraries with npm
- Modules versus the Global Object
- Tools for Code Quality and Minification
The important parts of jQuery are its selectors, allowing ajax calls in an easy way and making event handling easier. Next to those three main parts,
there are more things that jQuery can do, like creating animations, adding elements, ...
- Why jQuery?
- The jQuery wrapped set
- Detecting Page Readiness
- Selecting elements with CSS selectors
jQuery Event Handling
- Classical event handling
- jQuery unified event handling
- Binding and unbinding events
Client-side service consumption with jQuery
- JSON serialization
- Getting data using jQuery AJAX
- Consuming REST services with jQuery: GET
- Uploading and updating entities through REST: POST, PUT, DELETE
Part 2: .NET Best Practices and Patterns (1,5 day)
Introduction to Git
Git is becoming (or already is) the most popular source control system out there. It should not come as a surprise that
Microsoft added support for source control to Visual Studio. In this chapter you will learn how to do day to day tasks
- Introduction to Git
- Git Workflow
- Creating a local repository
- Cloning a remote repository
- Staging files
- Committing files
- Adding branches to your workflow
- Merge vs. Rebase
- Synchronizing with a remote repository
- Pull Requests
- Using VS with other Gits
App Services: Web Apps
Adding your website to Azure can easily be done with Web apps. In this module you will learn how to create them, and the different deployment options.
- Using the Web Site Gallery
- Deploying from Visual Studio
- Configuring app settings, SSL, domain names and backup scheduling
- Monitoring your Web App
- Offload intensive work to Web Jobs
- Creating a WebJob Project
- Continuous/Scheduled versus Triggered Jobs
- Running/Testing Locally
Implementing patterns in .NET
Implementing patterns actually depends on a number of things, especially the programming language being used. Implementing
- How you implement a pattern depends on the programming language in use.
- An example: implementing the Singleton pattern.
- Lazy instantiation.
- The easy - let the .NET runtime handle it - implementation.
Some basic patterns
Some patterns are so command that you have been using them for ages without realizing it. Of course it is still important
to understand these patterns, so you will know better when (and when not) to apply them. Again we will also look at some
commonly used implementations in C#.
- Template Method: Better class inheritance and extensibility.
- Factory Method: Don't hard-code key classes in your code.
- Abstract Factory example: Writing database independent code.
- Strategy: Allow your software to be easily customized.
- How to implement the strategy pattern in .NET so developers can easily discover it.
- Chain-Of-responsibility: Try till you succeed.
Big applications use layers - which is an architecture pattern by the way. But big enterprise applications can also take
advantage of other patterns.
- Enterprise Applications are hard to build - soften it with patterns.
- Facade: Hide a complex hierarchy of classes and operations behind a unified interface.
- Proxy: Hide complex behavior behind a proxy: Lazy instantiation and networking for example.
- Inversion-Of-Control: make your enterprise application more maintainable and testable.
- Managed Extensibility Framework: Easily allow your application to be extended with plugins.
Part 3: Web Security Development Techniques (1 day)
Understanding Claims-Based Security
So what will you allow your user to do? This most-likely depends on the role the user has in your organisation. This role
is now represented with claims. In this chapter you will get a better understanding why claims are better than roles,
and how claims are transmitted in a secure way.
- Representing the user
- Introducing claims based security
- Understanding tokens and their representation on the net
- Using Claims in .NET
Modern web authentication and authorization
In the modern web we all want to share stuff. But how do you safely allow one web site to access resources from another web
site? OAuth2 is the current standard way in which you can implement this. Authentication is hard, so better left to the
experts. With OpenID Connect you can delegate authentication to an identity provider (such as Facebook, Azure AD, Identity
Server). OAuth and OpenID Connect are protocols that are not that easy to understand. Until the end of this chapter...
- The Internet and a way of sharing
- Introducing OAuth 2
- OpenID Connect: Adding sign-in to OAuth2
- OAuth fundamentals: Authorization Code Grant, Implicit Grant and Client Credential Grant
- Implementing OpenID Connect web sign-in
- Implementing Hybrid Flow
- Deeper understanding Hybrid Flow
Protecting a Web-API with OAuth2
Modern web sites and mobile appls consume REST services. You can use OAuth with OpenID Connect to authenticate users, after
which you can use claims to authorize resources stored in a web API.
- Protecting a Web API's resources
- Adding permissions to the server side
- Requesting permissions at the client side
- Using the Active Directory Authentication Library (ADAL)
- ADAL Session management
- User consent