Part 1: .NET Core
.NET Core is the new kid on the block. So why would I want to use .NET Core?
- What and Why
- Understanding .NET Core: .NET 4.x versus .NET Core
- Supporting multiple runtimes
Visual Studio improvements for ASP.NET Core
With .NET Core Microsoft introduced a new project model, with a lot of emphasis on NuGet packages.
- Understanding the new project structure
- Compile directly to memory
- Installing dependencies with NuGet
- Targeting frameworks and handling differences
- Executing commands and tools
- Handling bundling and minification in .NET Core projects
.NET Core Cross-Platform Capabilities
So how can I build .NET core applications on a Mac or Linux machine?
- Developing ASP.NET Core on any platform
- Generating a .NET Core project using dotnet cli
- Getting started with Visual Studio Code
ASP.NET Core Pipeline
ASP.NET Core easily outperforms all other web hosting solutions. So how did they do that?
Here we will look at the ASP.NET pipeline, and how to make it do your bidding.
- Understanding the principle of the ASP.NET Core Pipeline
- Selecting your middleware in the Startup class
- Understanding the need for dependency injection and how to configure it
- Adding your first middleware for serving static files
- ASP.NET Core has its own routing middleware
- Showing proper diagnostics while developing, and not in production
The new ASP.NET Core Configuration
ASP.NET Core allows you to pick and choose where to store your configuration.
We will look at the idea behind this and of course how to choose your configuration.
- No more web.config
- Formats: JSON, INI or XML
- Why you should store confidential configuration in environment variables and user secrets
- Different ways of getting configuration to your code
- Using the Options pattern
- Adding your own configuration provider
Proper logging is essential to find problems in production.
.NET Core brings a unified logging approach which you can use anywhere in .NET
and also works with your preferred logging framework.
- Why do we need another logging framework
- Choosing from different logging providers
- Understanding logging scopes
- An example: Using NLog
- Logging guidelines and recommendations
OWIN and Middleware
The Open Web Interface for .NET brought a simple standard way for building web servers with .NET.
ASP.NET Core built upon this standard and with it you can easily build your own custom extensions for .NET Core.
- What is the OWIN specification
- Project Katana and how to build a webserver with it
- Building your own custom middleware
- Testing your middleware
ASP.NET Core and MVC
Every new version of MVC brings a couple of improvements making it easier for developers to
build state-of-the-art web applications.
Among other features we will look at taghelpers, which bring a similar concept like
Angular directives to the server side.
- Web UI and Web API Unification
- MVC routing changes
- Understanding _ViewStart.cshtml and _ViewImports.cshtml
- Better readable and more powerfull Razor with tag helpers
- Developing and installing your own tag helpers
- Building View Components
- Service Injection
Part 2: Clean Architecture
Architecting Modern Web Applications
So what is a modern web application? One that uses Angular and TypeScript?
With the speed that modern web application developement evolves, there is the chance
that your web site uses 'old' technology by the time it is done. But sound architecture
never goes stale.
As a wise man once said: 'If you think good architecture is expensive, try bad architecure'
- S.O.L.I.D. principles
- Separation of Concerns, Dependency Inversion, Explicit Dependencies, Persistence Ignorance
- "Clean" architecture: put the business and application model at the center
- Easily tested with Automated tests
Services in ASP.NET
Web sites and mobile apps store their data on a server. This means building part of your application as a REST server.
Here again there are many things to choose from. Build it with MVC, WebAPI, or ODATA? That is the question.
- Building REST services with ASP.NET Web API
- Exposing Entities with OData
Part 3: Azure
Azure App Services: Web Apps
So you want to host your web site. But what about scalability, fault-tolerance, HTTPS and other things?
The cloud can make this a lot easier for you.
- Using the Web Site Gallery
- Deploying from Visual Studio
- Free, shared, basic and standard plans
- Scaling options
- Configuring app settings, TLS, domain names and backup scheduling
- Monitoring your Web Api
Application insights will allow you to quickly investigate what is going on
in your web site, and what your users are doing with it.
- Monitoring your Web Application
- Diagnosing Failures
- Custom events and using Metrics Explorer
- Availability and Performance
- Using Alerts to detect live problems early
- Snapshot debugging
Part 4: Authentication and Authorization with OpenID Connect
Understanding Claims-Based Security
So what will you allow your user to do? This most-likely depends on the role the user has in your organisation. This role
is now represented with claims. In this chapter you will get a better understanding why claims are better than roles,
and how claims are transmitted in a secure way.
- Representing the user
- Introducing claims based security
- Understanding tokens and their representation on the net
- Using Claims in .NET
Modern web authentication and authorization
In the modern web we all want to share stuff. But how do you safely allow one web site to access resources from another web
site? OAuth2 is the current standard way in which you can implement this. Authentication is hard, so better left to the
experts. With OpenID Connect you can delegate authentication to an identity provider (such as Facebook, Azure AD, Identity
Server and others).
- The Internet and a way of sharing
- Introducing OAuth
- OpenID Connect: Adding sign-in to OAuth
- OAuth fundamentals: Authorization Code Grant, Implicit Grant and Client Credential Grant
- Implementing OpenID Connect web sign-in
Protecting a Web-API with OAuth
Modern web sites and mobile appls consume REST services.
You can use OAuth with OpenID Connect to authenticate users, after
which you can use claims to authorize resources stored in a web API.
- Protecting a Web API's resources
- Adding permissions to the server side
- Requesting permissions at the client side
- Using the Active Directory Authentication Library (ADAL)
- ADAL Session management
- User consent
Part 5: Tweaking your web site
Proper error handling is NOT easy. Especially these days with Search Engine Optimization and services
handling errors becomes more complex.
- Handling errors at different levels in ASP.NET
- Handling on the level of the hosting platform
- Properly returning a 404 and 500 page
- Http Status Codes best practices
The world is a big place, with many spoken languages.
If you want to reach the world, you should build multi-language support in from the beginning.
- Display Content in Different Cultures
- Using resource files
- Different Views
- Validation Messages
- Autodetect Cultures
- Override Cultures
- Client-side Localization
So how do you make if go faster? Paint a stripe on it?
- Working with Async methods
- Limiting network bandwidth with bundling and minification
- Using Content Delivery Networks
- Always run release in production
- Various performance tweaks