0%

ASP.NET Core in Action, Second Edition is a comprehensive guide to creating web applications with ASP.NET Core 5.0. Go from basic HTTP concepts to advanced framework customization. Illustrations and annotated code make learning visual and easy. Master logins, dependency injection, security, and more. This updated edition covers the latest features, including Razor Pages and the new hosting paradigm.

Table of Contents

  1. inside front cover
  2. ASP.NET Core in Action
  3. Copyright
  4. brief contents
  5. contents
  6. front matter
    1. preface
    2. acknowledgments
    3. about this book
    4. Who should read this book
    5. How this book is organized: A roadmap
    6. About the code
    7. liveBook discussion forum
    8. about the author
    9. about the cover illustration
  7. Part 1. Getting started with ASP.NET Core
  8. 1 Getting started with ASP.NET Core
    1. 1.1 An introduction to ASP.NET Core
    2. 1.1.1 Using a web framework
    3. 1.1.2 What is ASP.NET Core?
    4. 1.2 When to choose ASP.NET Core
    5. 1.2.1 What type of applications can you build?
    6. 1.2.2 If you’re new to .NET development
    7. 1.2.3 If you’re a .NET Framework developer creating a new application
    8. 1.2.4 Converting an existing ASP.NET application to ASP.NET Core
    9. 1.3 How does ASP.NET Core work?
    10. 1.3.1 How does an HTTP web request work?
    11. 1.3.2 How does ASP.NET Core process a request?
    12. 1.4 What you will learn in this book
    13. Summary
  9. 2 Your first application
    1. 2.1 A brief overview of an ASP.NET Core application
    2. 2.2 Creating your first ASP.NET Core application
    3. 2.2.1 Using a template to get started
    4. 2.2.2 Building the application
    5. 2.3 Running the web application
    6. 2.4 Understanding the project layout
    7. 2.5 The .csproj project file: Defining your dependencies
    8. 2.6 The Program class: Building a web host
    9. 2.7 The Startup class: Configuring your application
    10. 2.7.1 Adding and configuring services
    11. 2.7.2 Defining how requests are handled with middleware
    12. 2.8 Generating responses with Razor Pages
    13. 2.8.1 Generating HTML with Razor Pages
    14. 2.8.2 Handling request logic with PageModels and handlers
    15. Summary
  10. 3 Handling requests with the middleware pipeline
    1. 3.1 What is middleware?
    2. 3.2 Combining middleware in a pipeline
    3. 3.2.1 Simple pipeline scenario 1: A holding page
    4. 3.2.2 Simple pipeline scenario 2: Handling static files
    5. 3.2.3 Simple pipeline scenario 3: A Razor Pages application
    6. 3.3 Handling errors using middleware
    7. 3.3.1 Viewing exceptions in development: DeveloperExceptionPage
    8. 3.3.2 Handling exceptions in production: ExceptionHandlerMiddleware
    9. 3.3.3 Handling other errors: StatusCodePagesMiddleware
    10. 3.3.4 Error handling middleware and Web APIs
    11. Summary
  11. 4 Creating a website with Razor Pages
    1. 4.1 An introduction to Razor Pages
    2. 4.1.1 Exploring a typical Razor Page
    3. 4.1.2 The MVC design pattern
    4. 4.1.3 Applying the MVC design pattern to Razor Pages
    5. 4.1.4 Adding Razor Pages to your application
    6. 4.2 Razor Pages vs. MVC in ASP.NET Core
    7. 4.2.1 MVC controllers in ASP.NET Core
    8. 4.2.2 The benefits of Razor Pages
    9. 4.2.3 When to choose MVC controllers over Razor Pages
    10. 4.3 Razor Pages and page handlers
    11. 4.3.1 Accepting parameters to page handlers
    12. 4.3.2 Returning responses with ActionResults
    13. Summary
  12. 5 Mapping URLs to Razor Pages using routing
    1. 5.1 What is routing?
    2. 5.2 Routing in ASP.NET Core
    3. 5.2.1 Using endpoint routing in ASP.NET Core
    4. 5.2.2 Convention-based routing vs. attribute routing
    5. 5.2.3 Routing to Razor Pages
    6. 5.3 Customizing Razor Page route templates
    7. 5.3.1 Adding a segment to a Razor Page route template
    8. 5.3.2 Replacing a Razor Page route template completely
    9. 5.4 Exploring the route template syntax
    10. 5.4.1 Using optional and default values
    11. 5.4.2 Adding additional constraints to route parameters
    12. 5.4.3 Matching arbitrary URLs with the catch-all parameter
    13. 5.5 Generating URLs from route parameters
    14. 5.5.1 Generating URLs for a Razor Page
    15. 5.5.2 Generating URLs for an MVC controller
    16. 5.5.3 Generating URLs with ActionResults
    17. 5.5.4 Generating URLs from other parts of your application
    18. 5.6 Selecting a page handler to invoke
    19. 5.7 Customizing conventions with Razor Pages
    20. Summary
  13. 6 The binding model: Retrieving and validating user input
    1. 6.1 Understanding the models in Razor Pages and MVC
    2. 6.2 From request to model: Making the request useful
    3. 6.2.1 Binding simple types
    4. 6.2.2 Binding complex types
    5. 6.2.3 Choosing a binding source
    6. 6.3 Handling user input with model validation
    7. 6.3.1 The need for validation
    8. 6.3.2 Using DataAnnotations attributes for validation
    9. 6.3.3 Validating on the server for safety
    10. 6.3.4 Validating on the client for user experience
    11. 6.4 Organizing your binding models in Razor Pages
    12. Summary
  14. 7 Rendering HTML using Razor views
    1. 7.1 Views: Rendering the user interface
    2. 7.2 Creating Razor views
    3. 7.2.1 Razor views and code-behind
    4. 7.2.2 Introducing Razor templates
    5. 7.2.3 Passing data to views
    6. 7.3 Creating dynamic web pages with Razor
    7. 7.3.1 Using C# in Razor templates
    8. 7.3.2 Adding loops and conditionals to Razor templates
    9. 7.3.3 Rendering HTML with Raw
    10. 7.4 Layouts, partial views, and _ViewStart
    11. 7.4.1 Using layouts for shared markup
    12. 7.4.2 Overriding parent layouts using sections
    13. 7.4.3 Using partial views to encapsulate markup
    14. 7.4.4 Running code on every view with _ViewStart and _ViewImports
    15. 7.5 Selecting a view from an MVC controller
    16. Summary
  15. 8 Building forms with Tag Helpers
    1. 8.1 Catering to editors with Tag Helpers
    2. 8.2 Creating forms using Tag Helpers
    3. 8.2.1 The Form Tag Helper
    4. 8.2.2 The Label Tag Helper
    5. 8.2.3 The Input and Textarea Tag Helpers
    6. 8.2.4 The Select Tag Helper
    7. 8.2.5 The Validation Message and Validation Summary Tag Helpers
    8. 8.3 Generating links with the Anchor Tag Helper
    9. 8.4 Cache-busting with the Append Version Tag Helper
    10. 8.5 Using conditional markup with the Environment Tag Helper
    11. Summary
  16. 9 Creating a Web API for mobile and client applications using MVC
    1. 9.1 What is a Web API and when should you use one?
    2. 9.2 Creating your first Web API project
    3. 9.3 Applying the MVC design pattern to a Web API
    4. 9.4 Attribute routing: Linking action methods to URLs
    5. 9.4.1 Combining route attributes to keep your route templates DRY
    6. 9.4.2 Using token replacement to reduce duplication in attribute routing
    7. 9.4.3 Handling HTTP verbs with attribute routing
    8. 9.5 Using common conventions with the [ApiController] attribute
    9. 9.6 Generating a response from a model
    10. 9.6.1 Customizing the default formatters: Adding XML support
    11. 9.6.2 Choosing a response format with content negotiation
    12. Summary
  17. Part 2. Building complete applications
  18. 10 Service configuration with dependency injection
    1. 10.1 Introduction to dependency injection
    2. 10.1.1 Understanding the benefits of dependency injection
    3. 10.1.2 Creating loosely coupled code
    4. 10.1.3 Dependency injection in ASP.NET Core
    5. 10.2 Using the dependency injection container
    6. 10.2.1 Adding ASP.NET Core framework services to the container
    7. 10.2.2 Registering your own services with the container
    8. 10.2.3 Registering services using objects and lambdas
    9. 10.2.4 Registering a service in the container multiple times
    10. 10.2.5 Injecting services into action methods, page handlers, and views
    11. 10.3 Understanding lifetimes: When are services created?
    12. 10.3.1 Transient: Everyone is unique
    13. 10.3.2 Scoped: Let’s stick together
    14. 10.3.3 Singleton: There can be only one
    15. 10.3.4 Keeping an eye out for captured dependencies
    16. Summary
  19. 11 Configuring an ASP.NET Core application
    1. 11.1 Introducing the ASP.NET Core configuration model
    2. 11.2 Configuring your application with CreateDefaultBuilder
    3. 11.3 Building a configuration object for your app
    4. 11.3.1 Adding a configuration provider in Program.cs
    5. 11.3.2 Using multiple providers to override configuration values
    6. 11.3.3 Storing configuration secrets safely
    7. 11.3.4 Reloading configuration values when they change
    8. 11.4 Using strongly typed settings with the options pattern
    9. 11.4.1 Introducing the IOptions interface
    10. 11.4.2 Reloading strongly typed options with IOptionsSnapshot
    11. 11.4.3 Designing your options classes for automatic binding
    12. 11.4.4 Binding strongly typed settings without the IOptions interface
    13. 11.5 Configuring an application for multiple environments
    14. 11.5.1 Identifying the hosting environment
    15. 11.5.2 Loading environment-specific configuration files
    16. 11.5.3 Setting the hosting environment
    17. Summary
  20. 12 Saving data with Entity Framework Core
    1. 12.1 Introducing Entity Framework Core
    2. 12.1.1 What is EF Core?
    3. 12.1.2 Why use an object-relational mapper?
    4. 12.1.3 When should you choose EF Core?
    5. 12.1.4 Mapping a database to your application code
    6. 12.2 Adding EF Core to an application
    7. 12.2.1 Choosing a database provider and installing EF Core
    8. 12.2.2 Building a data model
    9. 12.2.3 Registering a data context
    10. 12.3 Managing changes with migrations
    11. 12.3.1 Creating your first migration
    12. 12.3.2 Adding a second migration
    13. 12.4 Querying data from and saving data to the database
    14. 12.4.1 Creating a record
    15. 12.4.2 Loading a list of records
    16. 12.4.3 Loading a single record
    17. 12.4.4 Updating a model with changes
    18. 12.5 Using EF Core in production applications
    19. Summary
  21. 13 The MVC and Razor Pages filter pipeline
    1. 13.1 Understanding filters and when to use them
    2. 13.1.1 The MVC filter pipeline
    3. 13.1.2 The Razor Pages filter pipeline
    4. 13.1.3 Filters or middleware: Which should you choose?
    5. 13.1.4 Creating a simple filter
    6. 13.1.5 Adding filters to your actions, controllers, Razor Pages, and globally
    7. 13.1.6 Understanding the order of filter execution
    8. 13.2 Creating custom filters for your application
    9. 13.2.1 Authorization filters: Protecting your APIs
    10. 13.2.2 Resource filters: Short-circuiting your action methods
    11. 13.2.3 Action filters: Customizing model binding and action results
    12. 13.2.4 Exception filters: Custom exception handling for your action methods
    13. 13.2.5 Result filters: Customizing action results before they execute
    14. 13.2.6 Page filters: Customizing model binding for Razor Pages
    15. 13.3 Understanding pipeline short-circuiting
    16. 13.4 Using dependency injection with filter attributes
    17. Summary
  22. 14 Authentication: Adding users to your application with Identity
    1. 14.1 Introducing authentication and authorization
    2. 14.1.1 Understanding users and claims in ASP.NET Core
    3. 14.1.2 Authentication in ASP.NET Core: Services and middleware
    4. 14.1.3 Authentication for APIs and distributed applications
    5. 14.2 What is ASP.NET Core Identity?
    6. 14.3 Creating a project that uses ASP.NET Core Identity
    7. 14.3.1 Creating the project from a template
    8. 14.3.2 Exploring the template in Solution Explorer
    9. 14.3.3 The ASP.NET Core Identity data model
    10. 14.3.4 Interacting with ASP.NET Core Identity
    11. 14.4 Adding ASP.NET Core Identity to an existing project
    12. 14.4.1 Configuring the ASP.NET Core Identity services and middleware
    13. 14.4.2 Updating the EF Core data model to support Identity
    14. 14.4.3 Updating the Razor views to link to the Identity UI
    15. 14.5 Customizing a page in ASP.NET Core Identity’s default UI
    16. 14.6 Managing users: Adding custom data to users
    17. Summary
  23. 15 Authorization: Securing your application
    1. 15.1 Introduction to authorization
    2. 15.2 Authorization in ASP.NET Core
    3. 15.2.1 Preventing anonymous users from accessing your application
    4. 15.2.2 Handling unauthorized requests
    5. 15.3 Using policies for claims-based authorization
    6. 15.4 Creating custom policies for authorization
    7. 15.4.1 Requirements and handlers: The building blocks of a policy
    8. 15.4.2 Creating a policy with a custom requirement and handler
    9. 15.5 Controlling access with resource-based authorization
    10. 15.5.1 Manually authorizing requests with IAuthorizationService
    11. 15.5.2 Creating a resource-based AuthorizationHandler
    12. 15.6 Hiding elements in Razor templates from unauthorized users
    13. Summary
  24. 16 Publishing and deploying your application
    1. 16.1 Understanding the ASP.NET Core hosting model
    2. 16.1.1 Running vs. publishing an ASP.NET Core app
    3. 16.1.2 Choosing a deployment method for your application
    4. 16.2 Publishing your app to IIS
    5. 16.2.1 Configuring IIS for ASP.NET Core
    6. 16.2.2 Preparing and publishing your application to IIS
    7. 16.3 Hosting an application on Linux
    8. 16.3.1 Running an ASP.NET Core app behind a reverse proxy on Linux
    9. 16.3.2 Preparing your app for deployment to Linux
    10. 16.4 Configuring the URLs for your application
    11. 16.5 Optimizing your client-side assets using BundlerMinifier
    12. 16.5.1 Speeding up an app using bundling and minification
    13. 16.5.2 Adding BundlerMinifier to your application
    14. 16.5.3 Using minified files in production with the Environment Tag Helper
    15. 16.5.4 Serving common files from a CDN
    16. Summary
  25. Part 3. Extending your applications
  26. 17 Monitoring and troubleshooting errors with logging
    1. 17.1 Using logging effectively in a production app
    2. 17.1.1 Highlighting problems using custom log messages
    3. 17.1.2 The ASP.NET Core logging abstractions
    4. 17.2 Adding log messages to your application
    5. 17.2.1 Log level: How important is the log message?
    6. 17.2.2 Log category: Which component created the log
    7. 17.2.3 Formatting messages and capturing parameter values
    8. 17.3 Controlling where logs are written using logging providers
    9. 17.3.1 Adding a new logging provider to your application
    10. 17.3.2 Replacing the default ILoggerFactory with Serilog
    11. 17.4 Changing log verbosity with filtering
    12. 17.5 Structured logging: Creating searchable, useful logs
    13. 17.5.1 Adding a structured logging provider to your app
    14. 17.5.2 Using scopes to add additional properties to your logs
    15. Summary
  27. 18 Improving your application’s security
    1. 18.1 Adding HTTPS to an application
    2. 18.1.1 Using the ASP.NET Core HTTPS development certificates
    3. 18.1.2 Configuring Kestrel with a production HTTPS certificate
    4. 18.1.3 Enforcing HTTPS for your whole app
    5. 18.2 Defending against cross-site scripting (XSS) attacks
    6. 18.3 Protecting from cross-site request forgery (CSRF) attacks
    7. 18.4 Calling your web APIs from other domains using CORS
    8. 18.4.1 Understanding CORS and how it works
    9. 18.4.2 Adding a global CORS policy to your whole app
    10. 18.4.3 Adding CORS to specific Web API actions with EnableCorsAttribute
    11. 18.4.4 Configuring CORS policies
    12. 18.5 Exploring other attack vectors
    13. 18.5.1 Detecting and avoiding open redirect attacks
    14. 18.5.2 Avoiding SQL injection attacks with EF Core and parameterization
    15. 18.5.3 Preventing insecure direct object references
    16. 18.5.4 Protecting your users’ passwords and data
    17. Summary
  28. 19 Building custom components
    1. 19.1 Customizing your middleware pipeline
    2. 19.1.1 Creating simple endpoints with the Run extension
    3. 19.1.2 Branching middleware pipelines with the Map extension
    4. 19.1.3 Adding to the pipeline with the Use extension
    5. 19.1.4 Building a custom middleware component
    6. 19.2 Creating custom endpoints with endpoint routing
    7. 19.2.1 Creating a custom endpoint routing component
    8. 19.2.2 Creating simple endpoints with MapGet and WriteJsonAsync
    9. 19.2.3 Applying authorization to endpoints
    10. 19.3 Handling complex configuration requirements
    11. 19.3.1 Partially building configuration to configure additional providers
    12. 19.3.2 Using services to configure IOptions with IConfigureOptions
    13. 19.4 Using a third-party dependency injection container
    14. Summary
  29. 20 Building custom MVC and Razor Pages components
    1. 20.1 Creating a custom Razor Tag Helper
    2. 20.1.1 Printing environment information with a custom Tag Helper
    3. 20.1.2 Creating a custom Tag Helper to conditionally hide elements
    4. 20.1.3 Creating a Tag Helper to convert Markdown to HTML
    5. 20.2 View components: Adding logic to partial views
    6. 20.3 Building a custom validation attribute
    7. 20.4 Replacing the validation framework with FluentValidation
    8. 20.4.1 Comparing FluentValidation to DataAnnotations attributes
    9. 20.4.2 Adding FluentValidation to your application
    10. Summary
  30. 21 Calling remote APIs with IHttpClientFactory
    1. 21.1 Calling HTTP APIs: The problem with HttpClient
    2. 21.2 Creating HttpClients with IHttpClientFactory
    3. 21.2.1 Using IHttpClientFactory to manage HttpClientHandler lifetime
    4. 21.2.2 Configuring named clients at registration time
    5. 21.2.3 Using typed clients to encapsulate HTTP calls
    6. 21.3 Handling transient HTTP errors with Polly
    7. 21.4 Creating a custom HttpMessageHandler
    8. Summary
  31. 22 Building background tasks and services
    1. 22.1 Running background tasks with IHostedService
    2. 22.1.1 Running background tasks on a timer
    3. 22.1.2 Using scoped services in background tasks
    4. 22.2 Creating headless worker services using IHost
    5. 22.2.1 Creating a worker service from a template
    6. 22.2.2 Running worker services in production
    7. 22.3 Coordinating background tasks using Quartz.NET
    8. 22.3.1 Installing Quartz.NET in an ASP.NET Core application
    9. 22.3.2 Configuring a job to run on a schedule with Quartz.NET
    10. 22.3.3 Using clustering to add redundancy to your background tasks
    11. Summary
  32. 23 Testing your application
    1. 23.1 An introduction to testing in ASP.NET Core
    2. 23.2 Unit testing with xUnit
    3. 23.2.1 Creating your first test project
    4. 23.2.2 Running tests with dotnet test
    5. 23.2.3 Referencing your app from your test project
    6. 23.2.4 Adding Fact and Theory unit tests
    7. 23.2.5 Testing failure conditions
    8. 23.3 Unit testing custom middleware
    9. 23.4 Unit testing API controllers
    10. 23.5 Integration testing: Testing your whole app in-memory
    11. 23.5.1 Creating a TestServer using the Test Host package
    12. 23.5.2 Testing your application with WebApplicationFactory
    13. 23.5.3 Replacing dependencies in WebApplicationFactory
    14. 23.5.4 Reducing duplication by creating a custom WebApplicationFactory
    15. 23.6 Isolating the database with an in-memory EF Core provider
    16. Summary
  33. appendix A. Preparing your development environment
    1. A.1 Installing the .NET SDK
    2. A.2 Choosing an IDE or editor
    3. A.2.1 Visual Studio (Windows)
    4. A.2.2 JetBrains Rider (Windows, Linux, macOS)
    5. A.2.3 Visual Studio for Mac (macOS)
    6. A.2.4 Visual Studio Code (Windows, Linux, macOS)
  34. appendix B. Understanding the .NET ecosystem
    1. B.1 The evolution of .NET into .NET 5.0
    2. B.1.1 Exploring the .NET platforms that prompted .NET Core
    3. B.1.2 Introducing .NET Core
    4. B.1.3 .NET 5.0: The first step in the One .NET vision
    5. B.1.4 The future: .NET 6.0 and beyond
    6. B.2 Sharing code between projects
    7. B.2.1 Finding a common intersection with Portable Class Libraries
    8. B.2.2 .NET Standard: A common interface for .NET
    9. B.2.3 Fudging .NET Standard 2.0 support with the compatibility shim
    10. B.3 .NET 5.0 and the future of .NET Standard
    11. Summary
  35. appendix C. Useful references
    1. C.1 Relevant books
    2. C.2 Announcement blog posts
    3. C.3 Microsoft documentation
    4. C.4 Security-related links
    5. C.5 ASP.NET Core GitHub repositories
    6. C.6 Tooling and services
    7. C.7 ASP.NET Core blogs
    8. C.8 Video links
  36. index
34.229.151.93