Building Web APIs with ASP.NET Core
Published on 11. July 2023
472 pages
978-1-63835-194-8 (ISBN)
Description
Build fully-featured APIs with ASP.NET Core! This all-practical guide is written like a real development project, taking you hands-on with modern APIs utilizing REST and GraphQL standards.
In Building Web APIs with ASP.NET Core you will learn how to:
- Set up your environment with VS 2022, Node, Git, and more
- Create a ASP.NET Core project from scratch
- Integrate with SQL Server
- Use Entity Framework Core to set up a data model
- Create back-end controllers
- Design an API to serve data
- Write API documentation using Swagger and Swashbuckle
- Consume an API using typical web client-side frameworks
- Handle requests and routes using controllers and Minimal API
- Release and deploy your Web API in production on cloud-based hosting services such as MS Azure
- Create an ASP.NET Core project from scratch
- Set up a data model with Entity Framework Core
- Create backend controllers
- Design an API to serve data
More details
Other editions
Additional editions
Valerio Sanctis
Building Web APIs with ASP.NET Core
Book
08/2023
Manning Publications
€56.00
Shipment within 3-4 weeks
Person
Valerio De Sanctis has more than 20 years of experience in web development and project management using ASP.NET, PHP, and Java. He has held senior positions at financial and insurance companies, most recently as Chief Technology Officer, Chief Security Officer, and Chief Operating Officer. Since 2018, he has been a Microsoft Most Valuable Professional (MVP) for Developer Technologies & Cloud and Datacenter Management.
Content
- Intro
- inside front cover
- Building Web APIs with ASP.NET Core
- Copyright
- contents
- front matter
- preface
- acknowledgments
- about this book
- Who should read this book
- How this book is organized: A road map
- About the code
- liveBook discussion forum
- about the author
- about the cover illustration
- Part 1 Getting started
- 1 Web APIs at a glance
- 1.1 Web APIs
- 1.1.1 Overview
- 1.1.2 Real-world example
- 1.1.3 Types of web APIs
- 1.1.4 Architectures and message protocols
- 1.2 ASP.NET Core
- 1.2.1 Architecture
- 1.2.2 Program.cs
- 1.2.3 Controllers
- 1.2.4 Minimal APIs
- 1.2.5 Task-based asynchronous pattern
- Summary
- 2 Our first web API project
- 2.1 System requirements
- 2.1.1 .NET SDK
- 2.1.2 Integrated development environment
- 2.2 Installing Visual Studio
- 2.3 Creating the web API project
- 2.4 MyBGList project overview
- 2.4.1 Reviewing launchSettings.json
- 2.4.2 Configuring the appsettings.json
- 2.4.3 Playing with the Program.cs file
- 2.4.4 Inspecting the WeatherForecastController
- 2.4.5 Adding the BoardGameController
- 2.5 Exercises
- 2.5.1 launchSettings.json
- 2.5.2 appsettings.json
- 2.5.3 Program.cs
- 2.5.4 BoardGame.cs
- 2.5.5 BoardGameControllers.cs
- Summary
- 3 RESTful principles and guidelines
- 3.1 REST guiding constraints
- 3.1.1 Client-server approach
- 3.1.2 Statelessness
- 3.1.3 Cacheability
- 3.1.4 Layered system
- 3.1.5 Code on demand
- 3.1.6 Uniform interface
- 3.2 API documentation
- 3.2.1 Introducing OpenAPI
- 3.2.2 ASP.NET Core components
- 3.3 API versioning
- 3.3.1 Understanding versioning
- 3.3.2 Should we really use versions?
- 3.3.3 Implementing versioning
- 3.4 Exercises
- 3.4.1 CORS
- 3.4.2 Client-side caching
- 3.4.3 COD
- 3.4.4 API documentation and versioning
- Summary
- Part 2 Basic concepts
- 4 Working with data
- 4.1 Choosing a database
- 4.1.1 Comparing SQL and NoSQL
- 4.1.2 Making a choice
- 4.2 Creating the database
- 4.2.1 Obtaining the CSV file
- 4.2.2 Installing SQL Server
- 4.2.3 Installing SSMS or ADS
- 4.2.4 Adding a new database
- 4.3 EF Core
- 4.3.1 Reasons to use an ORM
- 4.3.2 Setting up EF Core
- 4.3.3 Creating the DbContext
- 4.3.4 Setting up the DbContext
- 4.3.5 Creating the database structure
- 4.4 Exercises
- 4.4.1 Additional fields
- 4.4.2 One-to-many relationship
- 4.4.3 Many-to-many relationship
- 4.4.4 Creating a new migration
- 4.4.5 Applying the new migration
- 4.4.6 Reverting to a previous migration
- Summary
- 5 CRUD operations
- 5.1 Introducing LINQ
- 5.1.1 Query syntax vs. method syntax
- 5.1.2 Lambda expressions
- 5.1.3 The IQueryable&T& interface
- 5.2 Injecting the DbContext
- 5.2.1 The sync and async methods
- 5.2.2 Testing the ApplicationDbContext
- 5.3 Seeding the database
- 5.3.1 Setting up the CSV file
- 5.3.2 Installing the CsvHelper package
- 5.3.3 Creating the BggRecord class
- 5.3.4 Adding the SeedController
- 5.3.5 Reading the CSV file
- 5.3.6 Executing the SeedController
- 5.4 Reading data
- 5.4.1 Paging
- 5.4.2 Sorting
- 5.4.3 Filtering
- 5.5 Updating and deleting data
- 5.5.1 Updating a BoardGame
- 5.5.2 Deleting a BoardGame
- 5.6 Exercises
- 5.6.1 Create
- 5.6.2 Read
- 5.6.3 Update
- 5.6.4 Delete
- Summary
- 6 Data validation and error handling
- 6.1 Data validation
- 6.1.1 Model binding
- 6.1.2 Data validation attributes
- 6.1.3 A nontrivial validation example
- 6.1.4 Data validation and OpenAPI
- 6.1.5 Binding complex types
- 6.2 Error handling
- 6.2.1 The ModelState object
- 6.2.2 Custom error messages
- 6.2.3 Manual model validation
- 6.2.4 Exception handling
- 6.3 Exercises
- 6.3.1 Built-in validators
- 6.3.2 Custom validators
- 6.3.3 IValidatableObject
- 6.3.4 ModelState validation
- 6.3.5 Exception handling
- Summary
- Part 3 Advanced concepts
- 7 Application logging
- 7.1 Application logging overview
- 7.1.1 From boats to computers
- 7.1.2 Why do we need logs?
- 7.2 ASP.NET logging
- 7.2.1 A quick logging test
- 7.2.2 Log levels
- 7.2.3 Logging configuration
- 7.2.4 Logging providers
- 7.2.5 Event IDs and templates
- 7.2.6 Exception logging
- 7.3 Unstructured vs. structured logging
- 7.3.1 Unstructured logging pros and cons
- 7.3.2 Structured logging advantages
- 7.3.3 Application Insights logging provider
- 7.4 Third-party logging providers
- 7.4.1 Serilog overview
- 7.4.2 Installing Serilog
- 7.4.3 Configuring Serilog
- 7.4.4 Testing Serilog
- 7.4.5 Improving the logging behavior
- 7.5 Exercises
- 7.5.1 JSON console logging
- 7.5.2 Logging provider configuration
- 7.5.3 Exception logging's new property
- 7.5.4 New Serilog enricher
- 7.5.5 New Serilog sink
- Summary
- 8 Caching techniques
- 8.1 Caching overview
- 8.2 HTTP response caching
- 8.2.1 Setting the cache-control header manually
- 8.2.2 Adding a default caching directive
- 8.2.3 Defining cache profiles
- 8.2.4 Server-side response caching
- 8.2.5 Response caching vs. client reload
- 8.3 In-memory caching
- 8.3.1 Setting up the in-memory cache
- 8.3.2 Injecting the IMemoryCache interface
- 8.3.3 Using the in-memory cache
- 8.4 Distributed caching
- 8.4.1 Distributed cache providers overview
- 8.4.2 SQL Server
- 8.4.3 Redis
- 8.5 Exercises
- 8.5.1 HTTP response caching
- 8.5.2 Cache profiles
- 8.5.3 Server-side response caching
- 8.5.4 In-memory caching
- 8.5.5 Distributed caching
- Summary
- 9 Authentication and authorization
- 9.1 Basic concepts
- 9.1.1 Authentication
- 9.1.2 Authorization
- 9.2 ASP.NET Core Identity
- 9.2.1 Installing the NuGet packages
- 9.2.2 Creating the user entity
- 9.2.3 Updating the ApplicationDbContext
- 9.2.4 Adding and applying a new migration
- 9.2.5 Setting up the services and middleware
- 9.2.6 Implementing the AccountController
- 9.3 Authorization settings
- 9.3.1 Adding the authorization HTTP header
- 9.3.2 Setting up the [authorize] attribute
- 9.3.3 Testing the authorization flow
- 9.4 Role-based access control
- 9.4.1 Registering new users
- 9.4.2 Creating the new roles
- 9.4.3 Assigning users to roles
- 9.4.4 Adding role-based claims to JWT
- 9.4.5 Setting up role-based auth rules
- 9.4.6 Testing the RBAC flow
- 9.4.7 Using alternative authorization methods
- 9.5 Exercises
- 9.5.1 Adding a new role
- 9.5.2 Creating a new user
- 9.5.3 Assigning a user to roles
- 9.5.4 Implementing a test endpoint
- 9.5.5 Testing the RBAC flow
- Summary
- 10 Beyond REST
- 10.1 REST drawbacks
- 10.1.1 Overfetching
- 10.1.2 Underfetching
- 10.2 GraphQL
- 10.2.1 GraphQL advantages
- 10.2.2 GraphQL drawbacks
- 10.2.3 Implementing GraphQL
- 10.2.4 Working with GraphQL
- 10.3 Google Remote Procedure Call
- 10.3.1 gRPC pros
- 10.3.2 gRPC cons
- 10.3.3 Installing the NuGet packages
- 10.3.4 Implementing the gRPC Server
- 10.3.5 Implementing the gRPC client
- 10.3.6 Adding Authorization support
- 10.4 Other REST alternatives
- 10.4.1 Newline Delimited JSON (NDJSON)
- 10.4.2 Falcor
- 10.4.3 Thrift
- 10.5 Exercises
- 10.5.1 Write a new GraphQL query
- 10.5.2 Fetch GraphQL data for a mutation
- 10.5.3 Implement new gRPC server features
- 10.5.4 Add new gRPC client wrappers
- 10.5.5 Test the new gRPC features
- Summary
- Part 4 Toward production
- 11 API documentation
- 11.1 Web API potential audience
- 11.1.1 Prospectors
- 11.1.2 Contractors
- 11.1.3 Builders
- 11.2 API documentation best practices
- 11.2.1 Adopt an automated description tool
- 11.2.2 Describe endpoints and input parameters
- 11.2.3 Add XML documentation support
- 11.2.4 Work with Swashbuckle annotations
- 11.2.5 Describe responses
- 11.2.6 Add request and response samples
- 11.2.7 Group endpoints into sections
- 11.2.8 Exclude reserved endpoints
- 11.3 Filter-based Swagger customization
- 11.3.1 Emphasizing the authorization requirements
- 11.3.2 Changing the application title
- 11.3.3 Adding a warning text for passwords
- 11.3.4 Adding custom key/value pairs
- 11.4 Exercises
- 11.4.1 Use XML documentation
- 11.4.2 Use Swashbuckle annotations
- 11.4.3 Exclude some endpoints
- 11.4.4 Add a custom filter
- 11.4.5 Add custom key/value pairs
- Summary
- 12 Release and deployment
- 12.1 Prepublishing tasks
- 12.1.1 Considering security
- 12.1.2 Choosing a domain name
- 12.1.3 Setting up a CDN
- 12.1.4 Fine-tuning our APP
- 12.1.5 Understanding the .NET publishing modes
- 12.2 Creating a Windows VM server
- 12.2.1 Accessing Azure
- 12.2.2 Creating and setting up the Windows VM
- 12.2.3 Working with the VM public IP address
- 12.2.4 Creating an SSL/TLS origin certificate
- 12.2.5 Setting Cloudflare Encryption Mode to Full
- 12.3 Configuring the Windows VM server
- 12.3.1 Installing IIS
- 12.3.2 Installing the ASP.NET Core hosting bundle
- 12.3.3 Installing the Web Deploy component
- 12.3.4 Opening the 8172 TCP port
- 12.3.5 Configuring IIS
- 12.3.6 Creating the production database
- 12.3.7 Creating the appsettings.Production.json file
- 12.4 Publishing and deploying
- 12.4.1 Introducing Visual Studio publish profiles
- 12.4.2 Creating an Azure VM publish profile
- 12.4.3 Configuring the publish profile
- 12.4.4 Publishing, deployment, and testing
- 12.4.5 Final thoughts
- Summary
- appendix A.
- A.1 Installing SQL Server
- A.2 Installing Internet Information Services
- A.3 Installing the IIS Management Service
- A.4 Installing the ASP.NET Core Windows hosting bundle
- A.5 Installing Web Deploy
- A.6 Adding an inbound port rule in Azure
- index
- inside back cover
