Author(s): Andrew Lock
Series: 1
Edition: 1
Publisher: Manning
Year: 2018
Language: English
Pages: 714
Tags: asp .net core
brief contents......Page 7
contents......Page 9
preface......Page 19
acknowledgments......Page 21
Who should read this book......Page 23
How this book is organized......Page 24
Book forum......Page 26
about the author......Page 27
about the cover illustration......Page 28
Part 1 Getting started with MVC......Page 29
1 Getting started with ASP.NET Core......Page 31
1.1.1 Using a web framework......Page 32
1.1.2 The benefits and limitations of ASP.NET......Page 33
1.1.3 What is ASP.NET Core?......Page 34
1.2.1 What type of applications can you build?......Page 36
1.2.2 If you’re new to .NET development......Page 38
1.2.3 If you’re a .NET Framework developer creating a new application......Page 40
1.2.4 Converting an existing ASP.NET application to ASP.NET Core......Page 44
1.3.1 How does an HTTP web request work?......Page 45
1.3.2 How does ASP.NET Core process a request?......Page 47
1.4.1 Advantages of using .NET Framework......Page 49
1.4.2 Advantages of using .NET Core......Page 50
1.5 Preparing your development environment......Page 51
1.5.1 If you’re a Windows user......Page 52
1.5.2 If you’re a Linux or macOS user......Page 53
Summary......Page 55
2 Your first application......Page 56
2.1 A brief overview of an ASP.NET Core application......Page 57
2.2.1 Using a template to get started......Page 60
2.2.2 Building the application......Page 63
2.3 Running the web application......Page 64
2.4 Understanding the project layout......Page 66
2.5 The csproj project file: defining your dependencies......Page 68
2.6 The Program class: building a web host......Page 69
2.7 The Startup class: configuring your application......Page 72
2.7.1 Adding and configuring services......Page 73
2.7.2 Defining how requests are handled with middleware......Page 75
2.8 MVC middleware and the home controller......Page 80
2.9 Generating HTML with Razor template views......Page 82
Summary......Page 88
3 Handling requests with the middleware pipeline......Page 89
3.1 What is middleware?......Page 91
3.2 Combining middleware in a pipeline......Page 94
3.2.1 Simple pipeline scenario 1: a holding page......Page 95
3.2.2 Simple pipeline scenario 2: Handling static files......Page 98
3.2.3 Simple pipeline scenario 3: An MVC web application......Page 101
3.3 Handling errors using middleware......Page 106
3.3.1 Viewing exceptions in development: DeveloperExceptionPage......Page 108
3.3.2 Handling exceptions in production: ExceptionHandlerMiddleware......Page 110
3.3.3 Handling other errors: StatusCodePagesMiddleware......Page 114
3.3.4 Disabling error handling middleware for Web APIs......Page 118
Summary......Page 119
4 Creating web pages with MVC controllers......Page 121
4.1.1 The MVC design pattern......Page 123
4.1.2 MVC in ASP.NET Core......Page 126
4.1.3 Adding the MvcMiddleware to your application......Page 132
4.1.4 What makes a controller a controller?......Page 139
4.2 MVC controllers and action methods......Page 141
4.2.1 Accepting parameters to action methods......Page 142
4.2.2 Using ActionResult......Page 144
Summary......Page 147
5 Mapping URLs to methods using conventional routing......Page 148
5.1 What is routing?......Page 150
5.2 Routing to MVC controllers and actions......Page 153
5.3 Routing using conventions......Page 157
5.3.1 Understanding route templates......Page 159
5.3.2 Using optional and default values......Page 161
5.3.3 Adding additional constraints to route parameters......Page 163
5.3.4 Defining default values and constraints using anonymous objects......Page 166
5.3.5 Matching arbitrary URLs with the catch-all parameter......Page 167
5.4 Handling multiple matching actions for a route......Page 168
5.5 Generating URLs from route parameters......Page 170
5.5.1 Generating URLs based on an action name......Page 171
5.5.2 Generating URLs based on a route name......Page 172
5.5.3 Generating URLs with ActionResults......Page 173
Summary......Page 174
6 The binding model: retrieving and validating user input......Page 176
6.1 Understanding the M in MVC......Page 177
6.2 From request to model: making the request useful......Page 180
6.2.1 Binding simple types......Page 183
6.2.2 Binding complex types......Page 186
6.2.3 Choosing a binding source......Page 190
6.3.1 The need for validation......Page 192
6.3.2 Using DataAnnotations attributes for validation......Page 193
6.3.3 Validating on the server for safety......Page 196
6.3.4 Validating on the client for user experience......Page 199
Summary......Page 201
7 Rendering HTML using Razor views......Page 202
7.1 Views: rendering the user interface in MVC......Page 203
7.2 Creating Razor views......Page 207
7.2.1 Selecting a view from a controller......Page 209
7.2.2 Introducing Razor templates......Page 210
7.2.3 Passing data to views......Page 213
7.3 Creating dynamic web pages with Razor......Page 215
7.3.1 Using C# in Razor templates......Page 216
7.3.2 Adding loops and conditionals to Razor templates......Page 217
7.3.3 Rendering HTML with Raw......Page 219
7.4 Layouts, partial views, and _ViewStart......Page 221
7.4.1 Using layouts for shared markup......Page 222
7.4.2 Overriding parent layouts using sections......Page 224
7.4.3 Using partial views to encapsulate markup......Page 226
7.4.4 Running code on every view with _ViewStart and _ViewImports......Page 228
Summary......Page 230
8 Building forms with Tag Helpers......Page 232
8.1 Catering to editors with Tag Helpers......Page 234
8.2 Creating forms using Tag Helpers......Page 237
8.2.1 The Form Tag Helper......Page 242
8.2.2 The Label Tag Helper......Page 243
8.2.3 The Input and Textarea Tag Helpers......Page 245
8.2.4 The Select Tag Helper......Page 248
8.2.5 The Validation Message and Validation Summary Tag Helpers......Page 253
8.3 Generating links with the Anchor Tag Helper......Page 256
8.4 Cache-busting with the Append Version Tag Helper......Page 257
8.5 Using conditional markup with the Environment Tag Helper......Page 258
Summary......Page 260
9 Creating a Web API for mobile and client applications using MVC......Page 262
9.1 What is a Web API and when should you use one?......Page 263
9.2 Creating your first Web API Controller......Page 266
9.3 Applying the MVC design pattern to a Web API......Page 270
9.4 Attribute routing: taking fine-grained control of your URLs......Page 274
9.4.1 Ordering of conventional and attribute routes......Page 277
9.4.2 Combining route attributes to keep your route templates DRY......Page 279
9.4.3 Using token replacement to reduce duplication in attribute routing......Page 281
9.4.4 Handling multiple matching actions with attribute routing......Page 282
9.5 Enabling additional input formatters: binding to XML data......Page 283
9.6 Generating a response from a model......Page 286
9.6.1 Customizing the default formatters: adding XML support......Page 288
9.6.2 Choosing a response format with content negotiation......Page 290
Summary......Page 291
Part 2 Building complete applications......Page 293
10 Service configuration with dependency injection......Page 295
10.1 Introduction to dependency injection......Page 296
10.1.1 Understanding the benefits of dependency injection......Page 297
10.1.2 Creating loosely coupled code......Page 302
10.1.3 Dependency injection in ASP.NET Core......Page 304
10.2.1 Adding ASP.NET Core framework services to the container......Page 306
10.2.2 Registering your own services with the container......Page 307
10.2.3 Registering services using objects and lambdas......Page 310
10.2.4 Registering a service in the container multiple times......Page 314
10.2.5 Injecting services into action methods and view templates......Page 317
10.3 Understanding lifetimes: when are services created?......Page 320
10.3.1 Transient: everyone is unique......Page 323
10.3.2 Scoped: let’s stick together, guys......Page 324
10.3.3 Singleton: there can be only one......Page 325
10.3.4 Keeping an eye out for captured dependencies......Page 326
Summary......Page 329
11 Configuring an ASP.NET Core application......Page 331
11.1 Introducing the ASP.NET Core configuration model......Page 332
11.2 Configuring your application with CreateDefaultBuilder......Page 334
11.3 Building a configuration object for your app......Page 336
11.3.1 Adding a configuration provider in Program.cs......Page 338
11.3.2 Using multiple providers to override configuration values......Page 341
11.3.3 Storing configuration secrets safely......Page 343
11.3.4 Reloading configuration values when they change......Page 346
11.4 Using strongly typed settings with the options pattern......Page 348
11.4.1 Introducing the IOptions interface......Page 349
11.4.2 Reloading strongly typed options with IOptionsSnapshot......Page 351
11.4.3 Designing your options classes for automatic binding......Page 352
11.5.1 Identifying the hosting environment......Page 354
11.5.2 Loading environment-specific configuration files......Page 355
11.5.3 Setting the hosting environment......Page 357
Summary......Page 360
12 Saving data with Entity Framework Core......Page 362
12.1.1 What is EF Core?......Page 364
12.1.2 Why use an object-relational mapper?......Page 365
12.1.3 When should you choose EF Core?......Page 367
12.1.4 Mapping a database to your application code......Page 368
12.2 Adding EF Core to an application......Page 370
12.2.1 Choosing a database provider and installing EF Core......Page 372
12.2.2 Building a data model......Page 373
12.2.3 Registering a data context......Page 376
12.3 Managing changes with migrations......Page 377
12.3.1 Creating your first migration......Page 378
12.3.2 Adding a second migration......Page 381
12.4 Querying data from and saving data to the database......Page 383
12.4.1 Creating a record......Page 384
12.4.2 Loading a list of records......Page 386
12.4.3 Loading a single record......Page 388
12.4.4 Updating a model with changes......Page 389
12.5 Using EF Core in production applications......Page 394
Summary......Page 395
13 The MVC filter pipeline......Page 397
13.1 Understanding filters and when to use them......Page 398
13.1.1 The MVC filter pipeline......Page 400
13.1.2 Filters or middleware: which should you choose?......Page 401
13.1.3 Creating a simple filter......Page 403
13.1.4 Adding filters to your actions, your controllers, and globally......Page 405
13.1.5 Understanding the order of filter execution......Page 407
13.2 Creating custom filters for your application......Page 409
13.2.1 Authorization filters: protecting your APIs......Page 411
13.2.2 Resource filters: short-circuiting your action methods......Page 412
13.2.3 Action filters: customizing model binding and action results......Page 414
13.2.4 Exception filters: custom exception handling for your action methods......Page 419
13.2.5 Result filters: customizing action results before they execute......Page 420
13.3 Understanding pipeline short-circuiting......Page 422
13.4 Using dependency injection with filter attributes......Page 424
Summary......Page 426
14 Authentication: adding users to your application with Identity......Page 428
14.1.1 Understanding users and claims in ASP.NET Core......Page 430
14.1.2 Authentication in ASP.NET Core: services and middleware......Page 431
14.1.3 Authentication for APIs and distributed applications......Page 434
14.2 What is ASP.NET Core Identity?......Page 438
14.3.1 Creating the project from a template......Page 440
14.3.2 Exploring the template in Solution Explorer......Page 442
14.3.3 The ASP.NET Core Identity data model......Page 444
14.3.4 Interacting with ASP.NET Core Identity: the MVC controllers......Page 446
14.4 Adding ASP.NET Core Identity to an existing project......Page 451
14.4.1 Configuring the ASP.NET Core Identity services and middleware......Page 452
14.4.2 Updating the EF Core data model to support Identity......Page 454
14.4.3 Adding the controllers, view models, and views......Page 455
14.5 Managing users: adding new claims to users......Page 456
Summary......Page 458
15 Authorization: securing your application......Page 460
15.1 Introduction to authorization......Page 461
15.2.1 Preventing anonymous users from accessing your application......Page 464
15.2.2 Handling unauthorized requests......Page 467
15.3 Using policies for claims-based authorization......Page 468
15.4 Creating custom policies for authorization......Page 471
15.4.1 Requirements and handlers: the building blocks of a policy......Page 472
15.4.2 Creating a policy with a custom requirement and handler......Page 473
15.5 Controlling access with resource-based authorization......Page 479
15.5.1 Manually authorizing requests with IAuthorizationService......Page 480
15.5.2 Creating a resource-based AuthorizationHandler......Page 482
15.6 Hiding elements in Razor templates from unauthorized users......Page 484
Summary......Page 487
16 Publishing and deploying your application......Page 489
16.1 Understanding the ASP.NET Core hosting model......Page 491
16.1.1 Running vs. publishing an ASP.NET Core app......Page 493
16.1.2 Choosing a deployment method for your application......Page 496
16.2.1 Configuring IIS for ASP.NET Core......Page 498
16.2.2 Preparing and publishing your application to IIS......Page 501
16.3 Hosting an application on Linux......Page 503
16.3.1 Running an ASP.NET Core app behind a reverse proxy on Linux......Page 504
16.3.2 Preparing your app for deployment to Linux......Page 506
16.4.1 Using an environment variable......Page 508
16.4.2 Using configuration values......Page 509
16.5 Optimizing your client-side assets using BundlerMinifier......Page 513
16.5.1 Speeding up an app using bundling and minification......Page 516
16.5.2 Adding BundlerMinifier to your application......Page 518
16.5.3 Using minified files in production with the environment tag helper......Page 522
16.5.4 Serving common files from a CDN......Page 523
Summary......Page 524
Part 3 Extending your applications......Page 527
17 Monitoring and troubleshooting errors with logging......Page 529
17.1 Using logging effectively in a production app......Page 531
17.1.1 Highlighting problems using custom log messages......Page 532
17.1.2 The ASP.NET Core logging abstractions......Page 533
17.2 Adding log messages to your application......Page 535
17.2.1 Log level: how important is the log message?......Page 537
17.2.2 Log category: which component created the log......Page 539
17.2.3 Formatting messages and capturing parameter values......Page 540
17.3 Controlling where logs are written using logging providers......Page 542
17.3.1 Adding a new logging provider to your application......Page 543
17.3.2 Replacing the default ILoggerFactory with Serilog......Page 545
17.4 Changing log verbosity with filtering......Page 549
17.5 Structured logging: creating searchable, useful logs......Page 554
17.5.1 Adding a structured logging provider to your app......Page 555
17.5.2 Using scopes to add additional properties to your logs......Page 558
Summary......Page 560
18 Improving your application’s security......Page 562
18.1 Adding HTTPS to an application......Page 563
18.1.1 Setting up IIS and IIS Express to use encryption......Page 566
18.1.2 Creating a self-signed certificate for local development......Page 569
18.1.3 Using HTTPS directly in Kestrel......Page 572
18.1.4 Enforcing HTTPS for your whole app......Page 573
18.2 Defending against cross-site scripting (XSS) attacks......Page 576
18.3 Protecting from cross-site request forgery (CSRF) attacks......Page 579
18.4 Calling your web APIs from other domains using CORS......Page 584
18.4.1 Understanding CORS and how it works......Page 585
18.4.2 Adding CORS to your whole app with middleware......Page 587
18.4.3 Adding CORS to specific MVC actions with EnableCorsAttribute......Page 589
18.4.4 Configuring CORS policies......Page 590
18.5.1 Detecting and avoiding open redirect attacks......Page 592
18.5.2 Avoiding SQL injection attacks with EF Core and parameterization......Page 594
18.5.4 Protecting your users’ passwords and data......Page 596
Summary......Page 597
19 Building custom components......Page 600
19.1 Customizing your middleware pipeline......Page 602
19.1.1 Creating simple endpoints with the Run extension......Page 603
19.1.2 Branching middleware pipelines with the Map extension......Page 604
19.1.3 Adding to the pipeline with the Use extension......Page 606
19.1.4 Building a custom middleware component......Page 609
19.2 Handling complex configuration requirements......Page 611
19.2.1 Partially building configuration to configure additional providers......Page 612
19.2.2 Using services to configure IOptions with IConfigureOptions......Page 614
19.3 Using a third-party dependency injection container......Page 617
19.4 Creating a custom Razor Tag Helper......Page 619
19.4.1 Printing environment information with a custom Tag Helper......Page 620
19.4.2 Creating a custom Tag Helper to conditionally hide elements......Page 623
19.5 View components: adding logic to partial views......Page 625
19.6 Building a custom validation attribute......Page 629
Summary......Page 633
20 Testing your application......Page 635
20.1 An introduction to testing in ASP.NET Core......Page 636
20.2 Unit testing with xUnit......Page 638
20.2.1 Creating your first test project......Page 639
20.2.2 Running tests with dotnet test......Page 641
20.2.3 Referencing your app from your test project......Page 642
20.2.4 Adding Fact and Theory unit tests......Page 645
20.2.5 Testing failure conditions......Page 648
20.3 Unit testing custom middleware......Page 649
20.4 Unit testing MVC controllers......Page 652
20.5 Integration testing: testing your whole app with a Test Host......Page 655
20.5.1 Creating a TestServer using the Test Host package......Page 656
20.5.2 Using your application’s Startup file for integration tests......Page 658
20.5.3 Rendering Razor views in TestServer integration tests......Page 660
20.5.4 Extracting common setup into an xUnit test fixture......Page 663
20.6 Isolating the database with an in-memory EF Core provider......Page 665
Summary......Page 669
appendix A Getting to grips with .NET Core and .NET Standard......Page 672
A.1 Exploring the motivations for .NET Core......Page 673
A.2 Sharing code between projects......Page 675
A.2.1 Finding a common intersection with Portable Class Libraries......Page 676
A.2.2 .NET Standard: a common interface for .NET......Page 677
A.2.3 Fudging .NET Standard 2.0 support with the compatibility shim......Page 682
A.3 Choosing a target framework for your libraries and apps......Page 683
A.3.1 If you’re building an ASP.NET Core app......Page 684
A.3.2 If you’re building a shared library or NuGet package......Page 685
A.3.3 Referencing .NET Framework libraries from .NET Standard projects......Page 686
Summary......Page 689
Relevant books......Page 691
Microsoft documentation......Page 692
ASP.NET Core GitHub repositories......Page 693
ASP.NET Core blogs......Page 694
Video links......Page 695
A......Page 697
B......Page 698
C......Page 699
D......Page 700
E......Page 701
H......Page 702
L......Page 703
M......Page 704
O......Page 705
R......Page 706
S......Page 708
U......Page 709
X......Page 710