ASP.NET Core in Action, Second Edition

ASP.NET Core in Action, Second Edition

by Andrew Lock
Released May 2021
Publisher(s): Manning Publications
ISBN: 9781617298301

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Fully updated to ASP.NET 5.0, ASP.NET Core in Action, Second Edition is a hands-on primer to building cross-platform web applications with your C# and .NET skills. Even if you've never worked with ASP.NET you'll start creating productive cross-platform web apps fast.

About the Technology
Build full-stack web applications that run anywhere. Developers love ASP.NET Core for its libraries and pre-built components that maximize productivity. Version 5.0 offers new features for server-side apps, as well as background services for cross-platform development.

About the Book
ASP.NET Core in Action, Second Edition is a comprehensive guide to creating web applications with ASP.NET Core 5.0. Go from basic HTTP concepts to advanced framework customization. Illustrations and annotated code make learning visual and easy. Master logins, dependency injection, security, and more. This updated edition covers the latest features, including Razor Pages and the new hosting paradigm.

What's Inside
  • Developing apps for Windows and non-Windows servers
  • Configuring applications
  • Building custom components
  • Logging, testing, and security


About the Reader
For intermediate C# developers.

About the Author
Andrew Lock is a Microsoft MVP who has worked with ASP.NET Core since before its first release.

Quotes
One of the greatest and most complete books about ASP.NET Core!
- Delcoigne Vincent, Wavenet

Fantastic book. The topics are explained clearly and thoroughly.
- Luis Moux, EMO

A comprehensive reference for ASP.NET Core.
- Jean-François Morin, Laval University

The most comprehensive ASP.NET Core book on the market. It covers just about everything you need to learn to quickly become productive in the often confusing and fast-changing world of .NET Core.
- Filip Wojcieszyn, Sonova AG

Publisher resources

View/Submit Errata

Table of contents

  1. inside front cover
  2. ASP.NET Core in Action
  3. Copyright
  4. brief contents
  5. contents
  6. front matter
    1. preface
    2. acknowledgments
    3. about this book
      1. Who should read this book
      2. How this book is organized: A roadmap
      3. About the code
      4. liveBook discussion forum
    4. about the author
    5. about the cover illustration
  7. Part 1. Getting started with ASP.NET Core
  8. 1 Getting started with ASP.NET Core
    1. 1.1 An introduction to ASP.NET Core
      1. 1.1.1 Using a web framework
      2. 1.1.2 What is ASP.NET Core?
    2. 1.2 When to choose ASP.NET Core
      1. 1.2.1 What type of applications can you build?
      2. 1.2.2 If you’re new to .NET development
      3. 1.2.3 If you’re a .NET Framework developer creating a new application
      4. 1.2.4 Converting an existing ASP.NET application to ASP.NET Core
    3. 1.3 How does ASP.NET Core work?
      1. 1.3.1 How does an HTTP web request work?
      2. 1.3.2 How does ASP.NET Core process a request?
    4. 1.4 What you will learn in this book
    5. Summary
  9. 2 Your first application
    1. 2.1 A brief overview of an ASP.NET Core application
    2. 2.2 Creating your first ASP.NET Core application
      1. 2.2.1 Using a template to get started
      2. 2.2.2 Building the application
    3. 2.3 Running the web application
    4. 2.4 Understanding the project layout
    5. 2.5 The .csproj project file: Defining your dependencies
    6. 2.6 The Program class: Building a web host
    7. 2.7 The Startup class: Configuring your application
      1. 2.7.1 Adding and configuring services
      2. 2.7.2 Defining how requests are handled with middleware
    8. 2.8 Generating responses with Razor Pages
      1. 2.8.1 Generating HTML with Razor Pages
      2. 2.8.2 Handling request logic with PageModels and handlers
    9. Summary
  10. 3 Handling requests with the middleware pipeline
    1. 3.1 What is middleware?
    2. 3.2 Combining middleware in a pipeline
      1. 3.2.1 Simple pipeline scenario 1: A holding page
      2. 3.2.2 Simple pipeline scenario 2: Handling static files
      3. 3.2.3 Simple pipeline scenario 3: A Razor Pages application
    3. 3.3 Handling errors using middleware
      1. 3.3.1 Viewing exceptions in development: DeveloperExceptionPage
      2. 3.3.2 Handling exceptions in production: ExceptionHandlerMiddleware
      3. 3.3.3 Handling other errors: StatusCodePagesMiddleware
      4. 3.3.4 Error handling middleware and Web APIs
    4. Summary
  11. 4 Creating a website with Razor Pages
    1. 4.1 An introduction to Razor Pages
      1. 4.1.1 Exploring a typical Razor Page
      2. 4.1.2 The MVC design pattern
      3. 4.1.3 Applying the MVC design pattern to Razor Pages
      4. 4.1.4 Adding Razor Pages to your application
    2. 4.2 Razor Pages vs. MVC in ASP.NET Core
      1. 4.2.1 MVC controllers in ASP.NET Core
      2. 4.2.2 The benefits of Razor Pages
      3. 4.2.3 When to choose MVC controllers over Razor Pages
    3. 4.3 Razor Pages and page handlers
      1. 4.3.1 Accepting parameters to page handlers
      2. 4.3.2 Returning responses with ActionResults
    4. Summary
  12. 5 Mapping URLs to Razor Pages using routing
    1. 5.1 What is routing?
    2. 5.2 Routing in ASP.NET Core
      1. 5.2.1 Using endpoint routing in ASP.NET Core
      2. 5.2.2 Convention-based routing vs. attribute routing
      3. 5.2.3 Routing to Razor Pages
    3. 5.3 Customizing Razor Page route templates
      1. 5.3.1 Adding a segment to a Razor Page route template
      2. 5.3.2 Replacing a Razor Page route template completely
    4. 5.4 Exploring the route template syntax
      1. 5.4.1 Using optional and default values
      2. 5.4.2 Adding additional constraints to route parameters
      3. 5.4.3 Matching arbitrary URLs with the catch-all parameter
    5. 5.5 Generating URLs from route parameters
      1. 5.5.1 Generating URLs for a Razor Page
      2. 5.5.2 Generating URLs for an MVC controller
      3. 5.5.3 Generating URLs with ActionResults
      4. 5.5.4 Generating URLs from other parts of your application
    6. 5.6 Selecting a page handler to invoke
    7. 5.7 Customizing conventions with Razor Pages
    8. Summary
  13. 6 The binding model: Retrieving and validating user input
    1. 6.1 Understanding the models in Razor Pages and MVC
    2. 6.2 From request to model: Making the request useful
      1. 6.2.1 Binding simple types
      2. 6.2.2 Binding complex types
      3. 6.2.3 Choosing a binding source
    3. 6.3 Handling user input with model validation
      1. 6.3.1 The need for validation
      2. 6.3.2 Using DataAnnotations attributes for validation
      3. 6.3.3 Validating on the server for safety
      4. 6.3.4 Validating on the client for user experience
    4. 6.4 Organizing your binding models in Razor Pages
    5. Summary
  14. 7 Rendering HTML using Razor views
    1. 7.1 Views: Rendering the user interface
    2. 7.2 Creating Razor views
      1. 7.2.1 Razor views and code-behind
      2. 7.2.2 Introducing Razor templates
      3. 7.2.3 Passing data to views
    3. 7.3 Creating dynamic web pages with Razor
      1. 7.3.1 Using C# in Razor templates
      2. 7.3.2 Adding loops and conditionals to Razor templates
      3. 7.3.3 Rendering HTML with Raw
    4. 7.4 Layouts, partial views, and _ViewStart
      1. 7.4.1 Using layouts for shared markup
      2. 7.4.2 Overriding parent layouts using sections
      3. 7.4.3 Using partial views to encapsulate markup
      4. 7.4.4 Running code on every view with _ViewStart and _ViewImports
    5. 7.5 Selecting a view from an MVC controller
    6. Summary
  15. 8 Building forms with Tag Helpers
    1. 8.1 Catering to editors with Tag Helpers
    2. 8.2 Creating forms using Tag Helpers
      1. 8.2.1 The Form Tag Helper
      2. 8.2.2 The Label Tag Helper
      3. 8.2.3 The Input and Textarea Tag Helpers
      4. 8.2.4 The Select Tag Helper
      5. 8.2.5 The Validation Message and Validation Summary Tag Helpers
    3. 8.3 Generating links with the Anchor Tag Helper
    4. 8.4 Cache-busting with the Append Version Tag Helper
    5. 8.5 Using conditional markup with the Environment Tag Helper
    6. Summary
  16. 9 Creating a Web API for mobile and client applications using MVC
    1. 9.1 What is a Web API and when should you use one?
    2. 9.2 Creating your first Web API project
    3. 9.3 Applying the MVC design pattern to a Web API
    4. 9.4 Attribute routing: Linking action methods to URLs
      1. 9.4.1 Combining route attributes to keep your route templates DRY
      2. 9.4.2 Using token replacement to reduce duplication in attribute routing
      3. 9.4.3 Handling HTTP verbs with attribute routing
    5. 9.5 Using common conventions with the [ApiController] attribute
    6. 9.6 Generating a response from a model
      1. 9.6.1 Customizing the default formatters: Adding XML support
      2. 9.6.2 Choosing a response format with content negotiation
    7. Summary
  17. Part 2. Building complete applications
  18. 10 Service configuration with dependency injection
    1. 10.1 Introduction to dependency injection
      1. 10.1.1 Understanding the benefits of dependency injection
      2. 10.1.2 Creating loosely coupled code
      3. 10.1.3 Dependency injection in ASP.NET Core
    2. 10.2 Using the dependency injection container
      1. 10.2.1 Adding ASP.NET Core framework services to the container
      2. 10.2.2 Registering your own services with the container
      3. 10.2.3 Registering services using objects and lambdas
      4. 10.2.4 Registering a service in the container multiple times
      5. 10.2.5 Injecting services into action methods, page handlers, and views
    3. 10.3 Understanding lifetimes: When are services created?
      1. 10.3.1 Transient: Everyone is unique
      2. 10.3.2 Scoped: Let’s stick together
      3. 10.3.3 Singleton: There can be only one
      4. 10.3.4 Keeping an eye out for captured dependencies
    4. Summary
  19. 11 Configuring an ASP.NET Core application
    1. 11.1 Introducing the ASP.NET Core configuration model
    2. 11.2 Configuring your application with CreateDefaultBuilder
    3. 11.3 Building a configuration object for your app
      1. 11.3.1 Adding a configuration provider in Program.cs
      2. 11.3.2 Using multiple providers to override configuration values
      3. 11.3.3 Storing configuration secrets safely
      4. 11.3.4 Reloading configuration values when they change
    4. 11.4 Using strongly typed settings with the options pattern
      1. 11.4.1 Introducing the IOptions interface
      2. 11.4.2 Reloading strongly typed options with IOptionsSnapshot
      3. 11.4.3 Designing your options classes for automatic binding
      4. 11.4.4 Binding strongly typed settings without the IOptions interface
    5. 11.5 Configuring an application for multiple environments
      1. 11.5.1 Identifying the hosting environment
      2. 11.5.2 Loading environment-specific configuration files
      3. 11.5.3 Setting the hosting environment
    6. Summary
  20. 12 Saving data with Entity Framework Core
    1. 12.1 Introducing Entity Framework Core
      1. 12.1.1 What is EF Core?
      2. 12.1.2 Why use an object-relational mapper?
      3. 12.1.3 When should you choose EF Core?
      4. 12.1.4 Mapping a database to your application code
    2. 12.2 Adding EF Core to an application
      1. 12.2.1 Choosing a database provider and installing EF Core
      2. 12.2.2 Building a data model
      3. 12.2.3 Registering a data context
    3. 12.3 Managing changes with migrations
      1. 12.3.1 Creating your first migration
      2. 12.3.2 Adding a second migration
    4. 12.4 Querying data from and saving data to the database
      1. 12.4.1 Creating a record
      2. 12.4.2 Loading a list of records
      3. 12.4.3 Loading a single record
      4. 12.4.4 Updating a model with changes
    5. 12.5 Using EF Core in production applications
    6. Summary
  21. 13 The MVC and Razor Pages filter pipeline
    1. 13.1 Understanding filters and when to use them
      1. 13.1.1 The MVC filter pipeline
      2. 13.1.2 The Razor Pages filter pipeline
      3. 13.1.3 Filters or middleware: Which should you choose?
      4. 13.1.4 Creating a simple filter
      5. 13.1.5 Adding filters to your actions, controllers, Razor Pages, and globally
      6. 13.1.6 Understanding the order of filter execution
    2. 13.2 Creating custom filters for your application
      1. 13.2.1 Authorization filters: Protecting your APIs
      2. 13.2.2 Resource filters: Short-circuiting your action methods
      3. 13.2.3 Action filters: Customizing model binding and action results
      4. 13.2.4 Exception filters: Custom exception handling for your action methods
      5. 13.2.5 Result filters: Customizing action results before they execute
      6. 13.2.6 Page filters: Customizing model binding for Razor Pages
    3. 13.3 Understanding pipeline short-circuiting
    4. 13.4 Using dependency injection with filter attributes
    5. Summary
  22. 14 Authentication: Adding users to your application with Identity
    1. 14.1 Introducing authentication and authorization
      1. 14.1.1 Understanding users and claims in ASP.NET Core
      2. 14.1.2 Authentication in ASP.NET Core: Services and middleware
      3. 14.1.3 Authentication for APIs and distributed applications
    2. 14.2 What is ASP.NET Core Identity?
    3. 14.3 Creating a project that uses ASP.NET Core Identity
      1. 14.3.1 Creating the project from a template
      2. 14.3.2 Exploring the template in Solution Explorer
      3. 14.3.3 The ASP.NET Core Identity data model
      4. 14.3.4 Interacting with ASP.NET Core Identity
    4. 14.4 Adding ASP.NET Core Identity to an existing project
      1. 14.4.1 Configuring the ASP.NET Core Identity services and middleware
      2. 14.4.2 Updating the EF Core data model to support Identity
      3. 14.4.3 Updating the Razor views to link to the Identity UI
    5. 14.5 Customizing a page in ASP.NET Core Identity’s default UI
    6. 14.6 Managing users: Adding custom data to users
    7. Summary
  23. 15 Authorization: Securing your application
    1. 15.1 Introduction to authorization
    2. 15.2 Authorization in ASP.NET Core
      1. 15.2.1 Preventing anonymous users from accessing your application
      2. 15.2.2 Handling unauthorized requests
    3. 15.3 Using policies for claims-based authorization
    4. 15.4 Creating custom policies for authorization
      1. 15.4.1 Requirements and handlers: The building blocks of a policy
      2. 15.4.2 Creating a policy with a custom requirement and handler
    5. 15.5 Controlling access with resource-based authorization
      1. 15.5.1 Manually authorizing requests with IAuthorizationService
      2. 15.5.2 Creating a resource-based AuthorizationHandler
    6. 15.6 Hiding elements in Razor templates from unauthorized users
    7. Summary
  24. 16 Publishing and deploying your application
    1. 16.1 Understanding the ASP.NET Core hosting model
      1. 16.1.1 Running vs. publishing an ASP.NET Core app
      2. 16.1.2 Choosing a deployment method for your application
    2. 16.2 Publishing your app to IIS
      1. 16.2.1 Configuring IIS for ASP.NET Core
      2. 16.2.2 Preparing and publishing your application to IIS
    3. 16.3 Hosting an application on Linux
      1. 16.3.1 Running an ASP.NET Core app behind a reverse proxy on Linux
      2. 16.3.2 Preparing your app for deployment to Linux
    4. 16.4 Configuring the URLs for your application
    5. 16.5 Optimizing your client-side assets using BundlerMinifier
      1. 16.5.1 Speeding up an app using bundling and minification
      2. 16.5.2 Adding BundlerMinifier to your application
      3. 16.5.3 Using minified files in production with the Environment Tag Helper
      4. 16.5.4 Serving common files from a CDN
    6. Summary
  25. Part 3. Extending your applications
  26. 17 Monitoring and troubleshooting errors with logging
    1. 17.1 Using logging effectively in a production app
      1. 17.1.1 Highlighting problems using custom log messages
      2. 17.1.2 The ASP.NET Core logging abstractions
    2. 17.2 Adding log messages to your application
      1. 17.2.1 Log level: How important is the log message?
      2. 17.2.2 Log category: Which component created the log
      3. 17.2.3 Formatting messages and capturing parameter values
    3. 17.3 Controlling where logs are written using logging providers
      1. 17.3.1 Adding a new logging provider to your application
      2. 17.3.2 Replacing the default ILoggerFactory with Serilog
    4. 17.4 Changing log verbosity with filtering
    5. 17.5 Structured logging: Creating searchable, useful logs
      1. 17.5.1 Adding a structured logging provider to your app
      2. 17.5.2 Using scopes to add additional properties to your logs
    6. Summary
  27. 18 Improving your application’s security
    1. 18.1 Adding HTTPS to an application
      1. 18.1.1 Using the ASP.NET Core HTTPS development certificates
      2. 18.1.2 Configuring Kestrel with a production HTTPS certificate
      3. 18.1.3 Enforcing HTTPS for your whole app
    2. 18.2 Defending against cross-site scripting (XSS) attacks
    3. 18.3 Protecting from cross-site request forgery (CSRF) attacks
    4. 18.4 Calling your web APIs from other domains using CORS
      1. 18.4.1 Understanding CORS and how it works
      2. 18.4.2 Adding a global CORS policy to your whole app
      3. 18.4.3 Adding CORS to specific Web API actions with EnableCorsAttribute
      4. 18.4.4 Configuring CORS policies
    5. 18.5 Exploring other attack vectors
      1. 18.5.1 Detecting and avoiding open redirect attacks
      2. 18.5.2 Avoiding SQL injection attacks with EF Core and parameterization
      3. 18.5.3 Preventing insecure direct object references
      4. 18.5.4 Protecting your users’ passwords and data
    6. Summary
  28. 19 Building custom components
    1. 19.1 Customizing your middleware pipeline
      1. 19.1.1 Creating simple endpoints with the Run extension
      2. 19.1.2 Branching middleware pipelines with the Map extension
      3. 19.1.3 Adding to the pipeline with the Use extension
      4. 19.1.4 Building a custom middleware component
    2. 19.2 Creating custom endpoints with endpoint routing
      1. 19.2.1 Creating a custom endpoint routing component
      2. 19.2.2 Creating simple endpoints with MapGet and WriteJsonAsync
      3. 19.2.3 Applying authorization to endpoints
    3. 19.3 Handling complex configuration requirements
      1. 19.3.1 Partially building configuration to configure additional providers
      2. 19.3.2 Using services to configure IOptions with IConfigureOptions
    4. 19.4 Using a third-party dependency injection container
    5. Summary
  29. 20 Building custom MVC and Razor Pages components
    1. 20.1 Creating a custom Razor Tag Helper
      1. 20.1.1 Printing environment information with a custom Tag Helper
      2. 20.1.2 Creating a custom Tag Helper to conditionally hide elements
      3. 20.1.3 Creating a Tag Helper to convert Markdown to HTML
    2. 20.2 View components: Adding logic to partial views
    3. 20.3 Building a custom validation attribute
    4. 20.4 Replacing the validation framework with FluentValidation
      1. 20.4.1 Comparing FluentValidation to DataAnnotations attributes
      2. 20.4.2 Adding FluentValidation to your application
    5. Summary
  30. 21 Calling remote APIs with IHttpClientFactory
    1. 21.1 Calling HTTP APIs: The problem with HttpClient
    2. 21.2 Creating HttpClients with IHttpClientFactory
      1. 21.2.1 Using IHttpClientFactory to manage HttpClientHandler lifetime
      2. 21.2.2 Configuring named clients at registration time
      3. 21.2.3 Using typed clients to encapsulate HTTP calls
    3. 21.3 Handling transient HTTP errors with Polly
    4. 21.4 Creating a custom HttpMessageHandler
    5. Summary
  31. 22 Building background tasks and services
    1. 22.1 Running background tasks with IHostedService
      1. 22.1.1 Running background tasks on a timer
      2. 22.1.2 Using scoped services in background tasks
    2. 22.2 Creating headless worker services using IHost
      1. 22.2.1 Creating a worker service from a template
      2. 22.2.2 Running worker services in production
    3. 22.3 Coordinating background tasks using Quartz.NET
      1. 22.3.1 Installing Quartz.NET in an ASP.NET Core application
      2. 22.3.2 Configuring a job to run on a schedule with Quartz.NET
      3. 22.3.3 Using clustering to add redundancy to your background tasks
    4. Summary
  32. 23 Testing your application
    1. 23.1 An introduction to testing in ASP.NET Core
    2. 23.2 Unit testing with xUnit
      1. 23.2.1 Creating your first test project
      2. 23.2.2 Running tests with dotnet test
      3. 23.2.3 Referencing your app from your test project
      4. 23.2.4 Adding Fact and Theory unit tests
      5. 23.2.5 Testing failure conditions
    3. 23.3 Unit testing custom middleware
    4. 23.4 Unit testing API controllers
    5. 23.5 Integration testing: Testing your whole app in-memory
      1. 23.5.1 Creating a TestServer using the Test Host package
      2. 23.5.2 Testing your application with WebApplicationFactory
      3. 23.5.3 Replacing dependencies in WebApplicationFactory
      4. 23.5.4 Reducing duplication by creating a custom WebApplicationFactory
    6. 23.6 Isolating the database with an in-memory EF Core provider
    7. Summary
  33. appendix A. Preparing your development environment
    1. A.1 Installing the .NET SDK
    2. A.2 Choosing an IDE or editor
      1. A.2.1 Visual Studio (Windows)
      2. A.2.2 JetBrains Rider (Windows, Linux, macOS)
      3. A.2.3 Visual Studio for Mac (macOS)
      4. A.2.4 Visual Studio Code (Windows, Linux, macOS)
  34. appendix B. Understanding the .NET ecosystem
    1. B.1 The evolution of .NET into .NET 5.0
      1. B.1.1 Exploring the .NET platforms that prompted .NET Core
      2. B.1.2 Introducing .NET Core
      3. B.1.3 .NET 5.0: The first step in the One .NET vision
      4. B.1.4 The future: .NET 6.0 and beyond
    2. B.2 Sharing code between projects
      1. B.2.1 Finding a common intersection with Portable Class Libraries
      2. B.2.2 .NET Standard: A common interface for .NET
      3. B.2.3 Fudging .NET Standard 2.0 support with the compatibility shim
    3. B.3 .NET 5.0 and the future of .NET Standard
    4. Summary
  35. appendix C. Useful references
    1. C.1 Relevant books
    2. C.2 Announcement blog posts
    3. C.3 Microsoft documentation
    4. C.4 Security-related links
    5. C.5 ASP.NET Core GitHub repositories
    6. C.6 Tooling and services
    7. C.7 ASP.NET Core blogs
    8. C.8 Video links
  36. index

Product information

  • Title: ASP.NET Core in Action, Second Edition
  • Author(s): Andrew Lock
  • Release date: May 2021
  • Publisher(s): Manning Publications
  • ISBN: 9781617298301