ASP.NET Core in Action
Andrew Lock
  • June 2018
  • ISBN 9781617294617
  • 712 pages
  • printed in black & white

Comprehensive coverage of the latest and greatest .NET technology.

Jason Pike, Atlas RFID Solutions

ASP.NET Core in Action is for C# developers without any web development experience who want to get started and productive fast using ASP.NET Core 2.0 to build web applications.

Table of Contents detailed table of contents

Part 1: Getting Started with MVC

1. Getting Started with ASP.NET Core

1.1. An introduction to ASP.NET Core

1.1.1. Using a web framework

1.1.2. The benefits and limitations of ASP.NET

1.1.3. What is ASP.NET Core?

1.2. When to choose ASP.NET Core

1.2.1. What type of applications can you build?

1.2.2. If you’re new to .NET development

1.2.3. If you’re a .NET Framework developer creating a new application

1.2.4. Converting an existing ASP.NET application to ASP.NET Core

1.3. How does ASP.NET Core work?

1.3.1. How does an HTTP web request work?

1.3.2. How does ASP.NET Core process a request?

1.4. Choosing a platform for ASP.NET Core

1.4.1. Advantages of using the .NET Framework

1.4.2. Advantages of using .NET Core

1.5. Preparing your development environment

1.5.1. If you’re a Windows user

1.5.2. If you’re a Linux or macOS user

1.6. Summary

2. Your first application

2.1. A brief overview of an ASP.NET Core application

2.2. Creating your first ASP.NET Core application

2.2.1. Using a template to get started

2.2.2. Building the application

2.3. Running the web application

2.4. Understanding the project layout

2.5. The .csproj project file: defining your dependencies

2.6. The Program class — building a web host

2.7. The Startup class - configuring your application

2.7.1. Adding and configuring services

2.7.2. Defining how requests are handled with middleware

2.8. MVC middleware and the Home Controller

2.9. Generating HTML with Razor template Views

2.10. Summary

3. Handling requests with the Middleware pipeline

3.1. What is middleware?

3.2. Combining middleware in a pipeline

3.2.1. Simple pipeline scenario 1: A holding page

3.2.2. Simple pipeline scenario 2: Handling static files

3.2.3. Simple pipeline scenario 3: An MVC web application

3.3. Handling errors using middleware

3.3.1. Viewing exceptions in development: the DeveloperExceptionPage

3.3.2. Handling exceptions in production: the ExceptionHandlerMiddleware

3.3.3. Handling other errors: the StatusCodePagesMiddleware

3.3.4. Disabling error handling middleware for web APIs

3.4. Summary

4. Creating web pages with MVC Controllers

4.1. An introduction to MVC

4.1.1. The MVC design pattern

4.1.2. MVC in ASP.NET Core

4.1.3. Adding the MvcMiddleware to your application

4.1.4. What makes a controller a controller?

4.2. MVC Controllers and action methods

4.2.1. Accepting parameters to action methods

4.2.2. Using ActionResults

4.3. Summary

5. Mapping URLs to methods using conventional routing

5.1. What is routing?

5.2. Routing to MVC controllers and actions

5.3. Routing using conventions

5.3.1. Understanding route templates

5.3.2. Using optional and default values

5.3.3. Adding additional constraints to route parameters

5.3.4. Defining default values and constraints using anonymous objects

5.3.5. Matching arbitrary URLs with the catch-all parameter

5.4. Handling multiple matching actions for a route

5.5. Generating URLs from route parameters

5.5.1. Generating URLs based on an action name

5.5.2. Generating URLs based on a route name

5.5.3. Generating URLs with ActionResults

5.6. Summary

6. The binding model: retrieving and validating user input

6.1. Understanding the M in MVC

6.2. From request to model: making the request useful

6.2.1. Binding simple types

6.2.2. Binding complex types

6.2.3. Choosing a binding source

6.3. Handling user input with model validation

6.3.1. The need for validation

6.3.2. Using DataAnnotations attributes for validation

6.3.3. Validating on the server for safety

6.3.4. Validating on the client for user experience

6.4. Summary

7. Rendering HTML using Razor views

7.1. Views: Rendering the user interface in MVC

7.2. Creating Razor views

7.2.1. Selecting a view from a controller

7.2.2. Introducing Razor templates

7.2.3. Passing data to views

7.3. Creating dynamic web pages with Razor

7.3.1. Using C# in Razor templates

7.3.2. Adding loops and conditionals to Razor templates

7.3.3. Rendering HTML with Raw

7.4. Layouts, partial views and _ViewStart

7.4.1. Using layouts for shared markup

7.4.2. Overriding parent layouts using sections

7.4.3. Using partial views to encapsulate markup

7.4.4. Running code on every view with _ViewStart and _ViewImports

7.5. Summary

8. Building forms with Tag Helpers

8.1. Catering to editors with Tag Helpers

8.2. Creating forms using Tag Helpers

8.2.1. The Form Tag Helper

8.2.2. The Label Tag Helper

8.2.3. The Input and Textarea Tag Helpers

8.2.4. The Select Tag Helper

8.2.5. The Validation Message and Validation Summary Tag Helpers

8.4. Cache-busting with the Append Version Tag Helper

8.5. Using conditional markup with the Environment Tag Helper

8.6. Summary

9. Creating a Web API for mobile and client applications using MVC

9.1. What is a Web API, and when should you use one?

9.2. Creating your first Web API Controller

9.3. Applying the MVC design pattern to a Web API

9.4. Attribute routing: taking fine grained control of your URLs

9.4.1. Ordering of conventional and attribute routes

9.4.2. Combining route attributes to keep your route templates DRY

9.4.3. Using token replacement to reduce duplication in attribute routing

9.4.4. Handling multiple matching actions with attribute routing

9.5. Enabling additional input formatters: binding to XML data

9.6. Generating a response from a model

9.6.1. Customizing the default formatters: adding XML support

9.6.2. Choosing a response format with content negotiation

9.7. Summary

Part 2: Building complete applications

10. Service configuration with dependency injection

10.1. Introduction to dependency injection

10.1.1. Understanding the benefits of dependency injection

10.1.2. Creating loosely coupled code

10.1.3. Dependency injection in ASP.NET Core

10.2. Using the dependency injection container

10.2.1. Adding ASP.NET Core framework services to the container

10.2.2. Registering your own services with the container

10.2.3. Registering services using objects and lambdas

10.2.4. Registering a service in the container multiple times

10.2.5. Injecting services into action methods and view templates

10.3. Understanding lifetimes: when are services created?

10.3.1. Transient: everyone is unique

10.3.2. Scoped: let’s stick together, lads

10.3.3. Singleton: there can be only one

10.3.4. Keeping an eye out for captured dependencies

10.4. Summary

11. Configuring an ASP.NET Core application

11.1. Introducing the ASP.NET Core configuration model

11.2. Configuring your application with CreateDefaultBuilder

11.3. Building a configuration object for your app

11.3.1. Adding a configuration provider in Program.cs

11.3.2. Using multiple providers to override configuration values

11.3.3. Storing configuration secrets safely

11.3.4. Reloading configuration values when they change

11.4. Using strongly typed settings with the options pattern

11.4.1. Introducing the IOptions interface

11.4.2. Reloading strongly typed options with IOptionsSnapshot

11.4.3. Designing your options classes for automatic binding

11.5. Configuring an application for multiple environments

11.5.1. Identifying the hosting environment

11.5.2. Loading environment-specific configuration files

11.5.3. Setting the hosting environment

11.6. Summary

12. Saving data with Entity Framework Core

12.1. Introducing Entity Framework Core

12.1.1. What is Entity Framework Core?

12.1.2. Why use an Object-Relational Mapper?

12.1.3. When should you choose Entity Framework Core?

12.1.4. Mapping a database to your application code

12.2. Adding Entity Framework Core to an application

12.2.1. Choosing a database provider and installing EF Core

12.2.2. Building a data model

12.2.3. Registering a data context

12.3. Managing changes with migrations

12.3.1. Creating your first migration

12.3.2. Adding a second migration

12.4. Querying data from and saving data to the database

12.4.1. Creating a record

12.4.2. Loading a list of records

12.4.3. Loading a single record

12.4.4. Updating a model with changes

12.5. Using Entity Framework Core in production applications

12.6. Summary

13. The MVC filter pipeline

13.1. Understanding filters and when to use them

13.1.1. The MVC filter pipeline

13.1.2. Filters or middleware: which should you choose?

13.1.3. Creating a simple filter

13.1.4. Adding filters to your actions, controllers, and globally

13.1.5. Understanding filter execution order

13.2. Creating custom filters for your application

13.2.1. Authorization filters: protecting your APIs

13.2.2. Resource filters: short-circuiting your action methods

13.2.3. Action filters: customizing model binding and action results

13.2.4. Exception filters: custom exception handling for your action methods

13.2.5. Result filters: customizing action results before they execute

13.3. Understanding pipeline short-circuiting

13.4. Using dependency injection with filter attributes

13.5. Summary

14. Authentication: adding users to your application with Identity

14.1. Introducing authentication and authorization

14.1.1. Understanding users and claims in ASP.NET Core

14.1.2. Authentication in ASP.NET Core: services and middleware

14.1.3. Authentication for APIs and distributed applications

14.2. What is ASP.NET Core Identity?

14.3. Creating a new project that uses ASP.NET Core Identity

14.3.1. Creating the project from a template

14.3.2. Exploring the template in solution explorer

14.3.3. The ASP.NET Core Identity data model

14.3.4. Interacting with ASP.NET Core Identity: the MVC controllers

14.4. Adding ASP.NET Core Identity to an existing project

14.4.1. Configuring the ASP.NET Core Identity services and middleware

14.4.2. Updating the EF Core data model to support Identity

14.4.3. Adding the Controllers, view models and Views

14.5. Managing users: adding new claims to users

14.6. Summary

15. Authorization: securing your application

15.1. Introduction to authorization

15.2. Authorization in ASP.NET Core

15.2.1. Preventing anonymous users accessing your application

15.2.2. Handling unauthorized requests

15.3. Using policies for claims-based authorization

15.4. Creating custom policies for authorization

15.4.1. Requirements and handlers: the building blocks of a policy

15.4.2. Creating a policy with a custom requirement and handler

15.5. Controlling access with resource based authorization

15.5.1. Manually authorizing requests with the IAuthorizationService

15.5.2. Creating a resource based AuthorizationHandler

15.6. Hiding elements in Razor templates for unauthorized users

15.7. Summary

16. Publishing and deploying your application

16.1. Understanding the ASP.NET Core hosting model

16.1.1. Running versus publishing an ASP.NET Core app

16.1.2. Choosing a deployment method for your application

16.2. Publishing your app to IIS

16.2.1. Configuring IIS for ASP.NET Core

16.2.2. Preparing and publishing your application to IIS

16.3. Hosting an application on Linux

16.3.1. Running an ASP.NET Core app behind a reverse proxy on Linux

16.3.2. Preparing your app for deployment to Linux

16.4. Configuring the URLs for your application

16.4.1. Using an environment variable

16.4.2. Using configuration values

16.5. Optimizing your client-side assets using BundlerMinifier

16.5.1. Speeding up an app using bundling and minification

16.5.2. Adding BundlerMinifier to your application

16.5.3. Using minified files in production with the environment tag helper

16.5.4. Serving common files from a CDN

16.6. Summary

Part 3: Extending your applications

17. Monitoring and troubleshooting errors with logging

17.1. Using logging effectively in a production app

17.1.1. Highlighting problems using custom log messages

17.1.2. The ASP.NET Core logging abstractions

17.2. Adding log messages to your application

17.2.1. Log level: how important is the log message?

17.2.2. Log category: which component created the log

17.2.3. Formatting messages and capturing parameter values

17.3. Controlling where logs are written using logging providers

17.3.1. Adding a new logging provider to your application

17.3.2. Replacing the default ILoggerFactory with Serilog

17.4. Changing log verbosity with filtering

17.5. Structured logging: creating searchable, useful logs

17.5.1. Adding a structured logging provider to your app

17.5.2. Using scopes to add additional properties to your logs

17.6. Summary

18. Improving your application’s security

18.1. Adding HTTPS to an application

18.1.1. Setting up IIS and IIS Express to use encryption

18.1.2. Creating a self-signed certificate for local development

18.1.3. Using HTTPS directly in Kestrel

18.1.4. Enforcing HTTPS for your whole app

18.2. Defending against cross-site scripting (XSS) attacks

18.3. Protecting from cross site request forgery (CSRF) attacks

18.4. Calling your web APIs from other domains using CORS

18.4.1. Understanding CORS and how it works

18.4.2. Adding CORS to your whole app with middleware

18.4.3. Adding CORS to specific MVC actions with the EnableCorsAttribute

18.4.4. Configuring CORS policies

18.5. Exploring other attack vectors

18.5.1. Detecting and avoiding open redirect attacks

18.5.2. Avoiding SQL injection attacks with EF Core and parameterization

18.5.3. Preventing insecure direct object references

18.5.4. Protecting your users' passwords and data

18.6. Summary

19. Building custom components

19.1. Customizing your middleware pipeline

19.1.1. Creating simple endpoints with the Run extension

19.1.2. Branching middleware pipelines with the Map extension

19.1.3. Adding to the pipeline with the Use extension

19.1.4. Building a custom middleware component

19.2. Handling complex configuration requirements

19.2.1. Partially building configuration to configure additional providers

19.2.2. Using services to configure IOptions with IConfigureOptions

19.3. Using a third-party dependency injection container

19.4. Creating a custom Razor Tag Helper

19.4.1. Printing environment information with a custom Tag Helper

19.4.2. Creating a custom Tag Helper to conditionally hide elements

19.5. View components: adding logic to partial views

19.6. Building a custom validation attribute

19.7. Summary

20. Testing your application

20.1. An introduction to testing in ASP.NET Core

20.2. Unit testing with xUnit

20.2.1. Creating your first test project

20.2.2. Running tests with dotnet test

20.2.3. Referencing your app from your test project

20.2.4. Adding Fact and Theory unit tests

20.2.5. Testing failure conditions

20.3. Unit testing custom middleware

20.4. Unit testing MVC controllers

20.5. Integration testing: testing your whole app with a Test Host

20.5.1. Creating a TestServer using the Test Host package

20.5.2. Using your application’s Startup file for integration tests

20.5.3. Rendering Razor views in TestServer integration tests

20.5.4. Extracting common setup into an xUnit test fixture

20.6. Isolating the database with an in-memory EF Core provider

20.7. Summary

Appendixes

Appendix A: Getting to grips with .NET Core and .NET Standard

A.1. Exploring the motivations for .NET Core

A.2. Sharing code between projects

A.2.1. Finding a common intersection with Portable Class Libraries

A.2.2. .NET Standard: A common interface for .NET

A.2.3. Fudging .NET Standard 2.0 support with the compatibility shim

A.3. Choosing a target framework for your libraries and apps

A.3.1. If you’re building an ASP.NET Core app

A.3.2. If you’re building a shared library or NuGet package

A.3.3. Referencing .NET Framework libraries from .NET Standard projects

A.4. Summary

Appendix B: Useful references

B.1. Relevant books

B.2. Announcement blog posts

B.3. Microsoft documentation

B.5. ASP.NET Core GitHub repositories

B.6. Tooling and services

B.7. ASP.NET Core blogs

About the Technology

The dev world has permanently embraced open platforms with flexible tooling, and ASP.NET Core has changed with it. This free, open source web framework delivers choice without compromise. You can enjoy the benefits of a mature, well-supported stack and the freedom to develop and deploy from and onto any cloud or on-prem platform.

About the book

ASP.NET Core in Action opens up the world of cross-platform web development with .NET. You’ll start with a crash course in .NET Core, immediately cutting the cord between ASP.NET and Windows. Then, you’ll begin to build amazing web applications step by step, systematically adding essential features like logins, configuration, dependency injection, and custom components. Along the way, you’ll mix in important process steps like testing, multiplatform deployment, and security.

What's inside

  • Covers ASP.NET Core 2.0
  • Dynamic page generation with the Razor templating engine
  • Developing ASP.NET Core apps for non-Windows servers
  • Clear, annotated examples in C#

About the reader

Readers need intermediate experience with C# or a similar language.

About the author

Andrew Lock has been developing professionally with ASP.NET for the last seven years. His focus is currently on the ASP.NET Core framework.


buy

FREE domestic shipping on three or more pBooks

A thorough and easy-to-read training guide to the future of Microsoft cross-platform web development.

Mark Harris, Microsoft

An outstanding presentation of the concepts and best practices. Explains not only what to do, but why to do it.

Mark Elston, Advantest America

Superb starting point for .NET Core 2.0 with valid and relevant real-world examples.

George Onofrei, Devex