Part 1. Getting started with ASP.NET Core
1 Getting started with ASP.NET Core
1.1 An introduction to ASP.NET Core
1.2 When to choose ASP.NET Core
What type of applications can you build?
If you’re new to .NET development
If you’re a .NET Framework developer creating a new application
Converting an existing ASP.NET application to ASP.NET Core
1.3 How does ASP.NET Core work?
How does an HTTP web request work?
How does ASP.NET Core process a request?
1.4 What you will learn in this book
2.1 A brief overview of an ASP.NET Core application
2.2 Creating your first ASP.NET Core application
Using a template to get started
2.3 Running the web application
2.4 Understanding the project layout
2.5 The .csproj project file: Defining your dependencies
2.6 The Program class: Building a web host
2.7 The Startup class: Configuring your application
Adding and configuring services
Defining how requests are handled with middleware
2.8 Generating responses with Razor Pages
Generating HTML with Razor Pages
Handling request logic with PageModels and handlers
3 Handling requests with the middleware pipeline
3.2 Combining middleware in a pipeline
Simple pipeline scenario 1: A holding page
Simple pipeline scenario 2: Handling static files
Simple pipeline scenario 3: A Razor Pages application
3.3 Handling errors using middleware
Viewing exceptions in development: DeveloperExceptionPage
Handling exceptions in production: ExceptionHandlerMiddleware
Handling other errors: StatusCodePagesMiddleware
Error handling middleware and Web APIs
4 Creating a website with Razor Pages
4.1 An introduction to Razor Pages
Exploring a typical Razor Page
Applying the MVC design pattern to Razor Pages
Adding Razor Pages to your application
4.2 Razor Pages vs. MVC in ASP.NET Core
MVC controllers in ASP.NET Core
When to choose MVC controllers over Razor Pages
4.3 Razor Pages and page handlers
Accepting parameters to page handlers
Returning responses with ActionResults
5 Mapping URLs to Razor Pages using routing
5.1 What is routing?
Using endpoint routing in ASP.NET Core
Convention-based routing vs. attribute routing
5.3 Customizing Razor Page route templates
Adding a segment to a Razor Page route template
Replacing a Razor Page route template completely
5.4 Exploring the route template syntax
Using optional and default values
Adding additional constraints to route parameters
Matching arbitrary URLs with the catch-all parameter
5.5 Generating URLs from route parameters
Generating URLs for a Razor Page
Generating URLs for an MVC controller
Generating URLs with ActionResults
Generating URLs from other parts of your application
5.6 Selecting a page handler to invoke
5.7 Customizing conventions with Razor Pages
6 The binding model: Retrieving and validating user input
6.1 Understanding the models in Razor Pages and MVC
6.2 From request to model: Making the request useful
6.3 Handling user input with model validation
Using DataAnnotations attributes for validation
Validating on the server for safety
Validating on the client for user experience
6.4 Organizing your binding models in Razor Pages
7 Rendering HTML using Razor views
7.1 Views: Rendering the user interface
7.3 Creating dynamic web pages with Razor
Adding loops and conditionals to Razor templates
7.4 Layouts, partial views, and _ViewStart
Using layouts for shared markup
Overriding parent layouts using sections
Using partial views to encapsulate markup
Running code on every view with _ViewStart and _ViewImports
7.5 Selecting a view from an MVC controller
8 Building forms with Tag Helpers
8.1 Catering to editors with Tag Helpers
8.2 Creating forms using Tag Helpers
The Input and Textarea Tag Helpers
The Validation Message and Validation Summary Tag Helpers
8.3 Generating links with the Anchor Tag Helper
8.4 Cache-busting with the Append Version Tag Helper
8.5 Using conditional markup with the Environment Tag Helper
9 Creating a Web API for mobile and client applications using MVC
9.1 What is a Web API and when should you use one?
9.2 Creating your first Web API project
9.3 Applying the MVC design pattern to a Web API
9.4 Attribute routing: Linking action methods to URLs
Combining route attributes to keep your route templates DRY
Using token replacement to reduce duplication in attribute routing
Handling HTTP verbs with attribute routing
9.5 Using common conventions with the [ApiController] attribute
9.6 Generating a response from a model
Customizing the default formatters: Adding XML support
Choosing a response format with content negotiation
Part 2. Building complete applications
10 Service configuration with dependency injection
10.1 Introduction to dependency injection
Understanding the benefits of dependency injection
Dependency injection in ASP.NET Core
10.2 Using the dependency injection container
Adding ASP.NET Core framework services to the container
Registering your own services with the container
Registering services using objects and lambdas
Registering a service in the container multiple times
Injecting services into action methods, page handlers, and views
10.3 Understanding lifetimes: When are services created?
Singleton: There can be only one
Keeping an eye out for captured dependencies
11 Configuring an ASP.NET Core application
11.1 Introducing the ASP.NET Core configuration model
11.2 Configuring your application with CreateDefaultBuilder
11.3 Building a configuration object for your app
Adding a configuration provider in Program.cs
Using multiple providers to override configuration values
Storing configuration secrets safely
Reloading configuration values when they change
11.4 Using strongly typed settings with the options pattern
Introducing the IOptions interface
Reloading strongly typed options with IOptionsSnapshot
Designing your options classes for automatic binding
Binding strongly typed settings without the IOptions interface
11.5 Configuring an application for multiple environments
Identifying the hosting environment
Loading environment-specific configuration files
Setting the hosting environment
12 Saving data with Entity Framework Core
12.1 Introducing Entity Framework Core
Why use an object-relational mapper?
When should you choose EF Core?
Mapping a database to your application code
12.2 Adding EF Core to an application
Choosing a database provider and installing EF Core
12.3 Managing changes with migrations
12.4 Querying data from and saving data to the database
12.5 Using EF Core in production applications
13 The MVC and Razor Pages filter pipeline
13.1 Understanding filters and when to use them
The Razor Pages filter pipeline
Filters or middleware: Which should you choose?
Adding filters to your actions, controllers, Razor Pages, and globally
Understanding the order of filter execution
13.2 Creating custom filters for your application
Authorization filters: Protecting your APIs
Resource filters: Short-circuiting your action methods
Action filters: Customizing model binding and action results
Exception filters: Custom exception handling for your action methods
Result filters: Customizing action results before they execute
Page filters: Customizing model binding for Razor Pages
13.3 Understanding pipeline short-circuiting
13.4 Using dependency injection with filter attributes
14 Authentication: Adding users to your application with Identity
14.1 Introducing authentication and authorization
Understanding users and claims in ASP.NET Core
Authentication in ASP.NET Core: Services and middleware
Authentication for APIs and distributed applications
14.2 What is ASP.NET Core Identity?
14.3 Creating a project that uses ASP.NET Core Identity
Creating the project from a template
Exploring the template in Solution Explorer
The ASP.NET Core Identity data model
Interacting with ASP.NET Core Identity
14.4 Adding ASP.NET Core Identity to an existing project
Configuring the ASP.NET Core Identity services and middleware
Updating the EF Core data model to support Identity
Updating the Razor views to link to the Identity UI
14.5 Customizing a page in ASP.NET Core Identity’s default UI
14.6 Managing users: Adding custom data to users
15 Authorization: Securing your application
15.1 Introduction to authorization
15.2 Authorization in ASP.NET Core
Preventing anonymous users from accessing your application
Handling unauthorized requests
15.3 Using policies for claims-based authorization
15.4 Creating custom policies for authorization
Requirements and handlers: The building blocks of a policy
Creating a policy with a custom requirement and handler
15.5 Controlling access with resource-based authorization
Manually authorizing requests with IAuthorizationService
Creating a resource-based AuthorizationHandler
15.6 Hiding elements in Razor templates from unauthorized users
16 Publishing and deploying your application
16.1 Understanding the ASP.NET Core hosting model
Running vs. publishing an ASP.NET Core app
Choosing a deployment method for your application
16.2 Publishing your app to IIS
Configuring IIS for ASP.NET Core
Preparing and publishing your application to IIS
16.3 Hosting an application on Linux
Running an ASP.NET Core app behind a reverse proxy on Linux
Preparing your app for deployment to Linux
16.4 Configuring the URLs for your application
16.5 Optimizing your client-side assets using BundlerMinifier
Speeding up an app using bundling and minification
Adding BundlerMinifier to your application
Using minified files in production with the Environment Tag Helper
Serving common files from a CDN
Part 3. Extending your applications
17 Monitoring and troubleshooting errors with logging
17.1 Using logging effectively in a production app
Highlighting problems using custom log messages
The ASP.NET Core logging abstractions
17.2 Adding log messages to your application
Log level: How important is the log message?
Log category: Which component created the log
Formatting messages and capturing parameter values
17.3 Controlling where logs are written using logging providers
Adding a new logging provider to your application
Replacing the default ILoggerFactory with Serilog
17.4 Changing log verbosity with filtering
17.5 Structured logging: Creating searchable, useful logs
Adding a structured logging provider to your app
Using scopes to add additional properties to your logs
18 Improving your application’s security
18.1 Adding HTTPS to an application
Using the ASP.NET Core HTTPS development certificates
Configuring Kestrel with a production HTTPS certificate
Enforcing HTTPS for your whole app
18.2 Defending against cross-site scripting (XSS) attacks
18.3 Protecting from cross-site request forgery (CSRF) attacks
18.4 Calling your web APIs from other domains using CORS
Understanding CORS and how it works
Adding a global CORS policy to your whole app
Adding CORS to specific Web API actions with EnableCorsAttribute
18.5 Exploring other attack vectors
Detecting and avoiding open redirect attacks
Avoiding SQL injection attacks with EF Core and parameterization
Preventing insecure direct object references
Protecting your users’ passwords and data
19.1 Customizing your middleware pipeline
Creating simple endpoints with the Run extension
Branching middleware pipelines with the Map extension
Adding to the pipeline with the Use extension
Building a custom middleware component
19.2 Creating custom endpoints with endpoint routing
Creating a custom endpoint routing component
Creating simple endpoints with MapGet and WriteJsonAsync
Applying authorization to endpoints
19.3 Handling complex configuration requirements
Partially building configuration to configure additional providers
Using services to configure IOptions with IConfigureOptions
19.4 Using a third-party dependency injection container
20 Building custom MVC and Razor Pages components
20.1 Creating a custom Razor Tag Helper
Printing environment information with a custom Tag Helper
Creating a custom Tag Helper to conditionally hide elements
Creating a Tag Helper to convert Markdown to HTML
20.2 View components: Adding logic to partial views
20.3 Building a custom validation attribute
20.4 Replacing the validation framework with FluentValidation
Comparing FluentValidation to DataAnnotations attributes
Adding FluentValidation to your application
21 Calling remote APIs with IHttpClientFactory
21.1 Calling HTTP APIs: The problem with HttpClient
21.2 Creating HttpClients with IHttpClientFactory
Using IHttpClientFactory to manage HttpClientHandler lifetime
Configuring named clients at registration time
Using typed clients to encapsulate HTTP calls
21.3 Handling transient HTTP errors with Polly
21.4 Creating a custom HttpMessageHandler
22 Building background tasks and services
22.1 Running background tasks with IHostedService
Running background tasks on a timer
Using scoped services in background tasks
22.2 Creating headless worker services using IHost
Creating a worker service from a template
Running worker services in production
22.3 Coordinating background tasks using Quartz.NET
Installing Quartz.NET in an ASP.NET Core application
Configuring a job to run on a schedule with Quartz.NET
Using clustering to add redundancy to your background tasks
23.1 An introduction to testing in ASP.NET Core
Creating your first test project
Running tests with dotnet test
Referencing your app from your test project
Adding Fact and Theory unit tests
23.3 Unit testing custom middleware
23.4 Unit testing API controllers
23.5 Integration testing: Testing your whole app in-memory
Creating a TestServer using the Test Host package
Testing your application with WebApplicationFactory
Replacing dependencies in WebApplicationFactory
Reducing duplication by creating a custom WebApplicationFactory
23.6 Isolating the database with an in-memory EF Core provider
appendix A. Preparing your development environment
appendix B. Understanding the .NET ecosystem
appendix C. Useful references