Building Web APIs with ASP.NET Core

Book description

Build fully-featured APIs with ASP.NET Core! This all-practical guide is written like a real development project, taking you hands-on with modern APIs utilizing REST and GraphQL standards.

In Building Web APIs with ASP.NET Core you will learn how to:

  • Set up your environment with VS 2022, Node, Git, and more
  • Create a ASP.NET Core project from scratch
  • Integrate with SQL Server
  • Use Entity Framework Core to set up a data model
  • Create back-end controllers
  • Design an API to serve data
  • Write API documentation using Swagger and Swashbuckle
  • Consume an API using typical web client-side frameworks
  • Handle requests and routes using controllers and Minimal API
  • Release and deploy your Web API in production on cloud-based hosting services such as MS Azure

Building Web APIs with ASP.NET Core is a practical beginner’s guide to creating your first web APIs using ASP.NET Core. In it, you’ll develop an API that feeds web-based services, including websites and mobile apps, for a board games application. The book is cleverly structured to mirror a real-world development project, with each chapter introducing a new feature request. You’ll build your API with an ecosystem of ASP.NET Core tools that help simplify everything from setting up your data model to generating documentation.

About the Technology
Web APIs are the front door to an application, providing controlled access to its data and features. ASP.NET Core, Microsoft’s web framework, simplifies and accelerates API creation with powerful, developer-friendly features, including an innovative “no compile” coding experience. It is reliable, fast, free, open-source, and backed by Microsoft’s legendary support.

About the Book
Building Web APIs with ASP.NET Core teaches you how to write safe, maintainable, and performant REST APIs. It’s full of best practices for modern and classic API styles, including REST and GraphQL. You’ll love the groundbreaking Minimal API model that helps you build pro-quality APIs with just a few lines of code. Each chapter contains realistic user stories, backlog items, and development tasks.

What's Inside
  • Create an ASP.NET Core project from scratch
  • Set up a data model with Entity Framework Core
  • Create backend controllers
  • Design an API to serve data


About the Reader
For developers with some experience using the .NET Framework.

About the Author
Valerio De Sanctis has more than 20 years of experience in web development and project management using ASP.NET, PHP, and Java.

Quotes
Great blend of foundational and advanced concepts and techniques.
- Darren Gillis, BlackLabel Digital

REST, authentication/authorization, validation, and even documentation are all covered in one place. This is the book you’re looking for!
- Paul Brown, VacoBuilt

Fantastic! Provides realistic examples and gets the reader comfortable quickly with API development.
- Foster Haines, J2 Interactive

I like the pragmatic way to learn by building a real ASP.NET Core API.
- Enzo Aggazio, SCAI Lab

Table of contents

  1. inside front cover
  2. Building Web APIs with ASP.NET Core
  3. Copyright
  4. contents
  5. front matter
    1. preface
    2. acknowledgments
    3. about this book
      1. Who should read this book
      2. How this book is organized: A road map
      3. About the code
      4. liveBook discussion forum
    4. about the author
    5. about the cover illustration
  6. Part 1 Getting started
  7. 1 Web APIs at a glance
    1. 1.1 Web APIs
      1. 1.1.1 Overview
      2. 1.1.2 Real-world example
      3. 1.1.3 Types of web APIs
      4. 1.1.4 Architectures and message protocols
    2. 1.2 ASP.NET Core
      1. 1.2.1 Architecture
      2. 1.2.2 Program.cs
      3. 1.2.3 Controllers
      4. 1.2.4 Minimal APIs
      5. 1.2.5 Task-based asynchronous pattern
    3. Summary
  8. 2 Our first web API project
    1. 2.1 System requirements
      1. 2.1.1 .NET SDK
      2. 2.1.2 Integrated development environment
    2. 2.2 Installing Visual Studio
    3. 2.3 Creating the web API project
    4. 2.4 MyBGList project overview
      1. 2.4.1 Reviewing launchSettings.json
      2. 2.4.2 Configuring the appsettings.json
      3. 2.4.3 Playing with the Program.cs file
      4. 2.4.4 Inspecting the WeatherForecastController
      5. 2.4.5 Adding the BoardGameController
    5. 2.5 Exercises
      1. 2.5.1 launchSettings.json
      2. 2.5.2 appsettings.json
      3. 2.5.3 Program.cs
      4. 2.5.4 BoardGame.cs
      5. 2.5.5 BoardGameControllers.cs
    6. Summary
  9. 3 RESTful principles and guidelines
    1. 3.1 REST guiding constraints
      1. 3.1.1 Client-server approach
      2. 3.1.2 Statelessness
      3. 3.1.3 Cacheability
      4. 3.1.4 Layered system
      5. 3.1.5 Code on demand
      6. 3.1.6 Uniform interface
    2. 3.2 API documentation
      1. 3.2.1 Introducing OpenAPI
      2. 3.2.2 ASP.NET Core components
    3. 3.3 API versioning
      1. 3.3.1 Understanding versioning
      2. 3.3.2 Should we really use versions?
      3. 3.3.3 Implementing versioning
    4. 3.4 Exercises
      1. 3.4.1 CORS
      2. 3.4.2 Client-side caching
      3. 3.4.3 COD
      4. 3.4.4 API documentation and versioning
    5. Summary
  10. Part 2 Basic concepts
  11. 4 Working with data
    1. 4.1 Choosing a database
      1. 4.1.1 Comparing SQL and NoSQL
      2. 4.1.2 Making a choice
    2. 4.2 Creating the database
      1. 4.2.1 Obtaining the CSV file
      2. 4.2.2 Installing SQL Server
      3. 4.2.3 Installing SSMS or ADS
      4. 4.2.4 Adding a new database
    3. 4.3 EF Core
      1. 4.3.1 Reasons to use an ORM
      2. 4.3.2 Setting up EF Core
      3. 4.3.3 Creating the DbContext
      4. 4.3.4 Setting up the DbContext
      5. 4.3.5 Creating the database structure
    4. 4.4 Exercises
      1. 4.4.1 Additional fields
      2. 4.4.2 One-to-many relationship
      3. 4.4.3 Many-to-many relationship
      4. 4.4.4 Creating a new migration
      5. 4.4.5 Applying the new migration
      6. 4.4.6 Reverting to a previous migration
    5. Summary
  12. 5 CRUD operations
    1. 5.1 Introducing LINQ
      1. 5.1.1 Query syntax vs. method syntax
      2. 5.1.2 Lambda expressions
      3. 5.1.3 The IQueryable<T> interface
    2. 5.2 Injecting the DbContext
      1. 5.2.1 The sync and async methods
      2. 5.2.2 Testing the ApplicationDbContext
    3. 5.3 Seeding the database
      1. 5.3.1 Setting up the CSV file
      2. 5.3.2 Installing the CsvHelper package
      3. 5.3.3 Creating the BggRecord class
      4. 5.3.4 Adding the SeedController
      5. 5.3.5 Reading the CSV file
      6. 5.3.6 Executing the SeedController
    4. 5.4 Reading data
      1. 5.4.1 Paging
      2. 5.4.2 Sorting
      3. 5.4.3 Filtering
    5. 5.5 Updating and deleting data
      1. 5.5.1 Updating a BoardGame
      2. 5.5.2 Deleting a BoardGame
    6. 5.6 Exercises
      1. 5.6.1 Create
      2. 5.6.2 Read
      3. 5.6.3 Update
      4. 5.6.4 Delete
    7. Summary
  13. 6 Data validation and error handling
    1. 6.1 Data validation
      1. 6.1.1 Model binding
      2. 6.1.2 Data validation attributes
      3. 6.1.3 A nontrivial validation example
      4. 6.1.4 Data validation and OpenAPI
      5. 6.1.5 Binding complex types
    2. 6.2 Error handling
      1. 6.2.1 The ModelState object
      2. 6.2.2 Custom error messages
      3. 6.2.3 Manual model validation
      4. 6.2.4 Exception handling
    3. 6.3 Exercises
      1. 6.3.1 Built-in validators
      2. 6.3.2 Custom validators
      3. 6.3.3 IValidatableObject
      4. 6.3.4 ModelState validation
      5. 6.3.5 Exception handling
    4. Summary
  14. Part 3 Advanced concepts
  15. 7 Application logging
    1. 7.1 Application logging overview
      1. 7.1.1 From boats to computers
      2. 7.1.2 Why do we need logs?
    2. 7.2 ASP.NET logging
      1. 7.2.1 A quick logging test
      2. 7.2.2 Log levels
      3. 7.2.3 Logging configuration
      4. 7.2.4 Logging providers
      5. 7.2.5 Event IDs and templates
      6. 7.2.6 Exception logging
    3. 7.3 Unstructured vs. structured logging
      1. 7.3.1 Unstructured logging pros and cons
      2. 7.3.2 Structured logging advantages
      3. 7.3.3 Application Insights logging provider
    4. 7.4 Third-party logging providers
      1. 7.4.1 Serilog overview
      2. 7.4.2 Installing Serilog
      3. 7.4.3 Configuring Serilog
      4. 7.4.4 Testing Serilog
      5. 7.4.5 Improving the logging behavior
    5. 7.5 Exercises
      1. 7.5.1 JSON console logging
      2. 7.5.2 Logging provider configuration
      3. 7.5.3 Exception logging’s new property
      4. 7.5.4 New Serilog enricher
      5. 7.5.5 New Serilog sink
    6. Summary
  16. 8 Caching techniques
    1. 8.1 Caching overview
    2. 8.2 HTTP response caching
      1. 8.2.1 Setting the cache-control header manually
      2. 8.2.2 Adding a default caching directive
      3. 8.2.3 Defining cache profiles
      4. 8.2.4 Server-side response caching
      5. 8.2.5 Response caching vs. client reload
    3. 8.3 In-memory caching
      1. 8.3.1 Setting up the in-memory cache
      2. 8.3.2 Injecting the IMemoryCache interface
      3. 8.3.3 Using the in-memory cache
    4. 8.4 Distributed caching
      1. 8.4.1 Distributed cache providers overview
      2. 8.4.2 SQL Server
      3. 8.4.3 Redis
    5. 8.5 Exercises
      1. 8.5.1 HTTP response caching
      2. 8.5.2 Cache profiles
      3. 8.5.3 Server-side response caching
      4. 8.5.4 In-memory caching
      5. 8.5.5 Distributed caching
    6. Summary
  17. 9 Authentication and authorization
    1. 9.1 Basic concepts
      1. 9.1.1 Authentication
      2. 9.1.2 Authorization
    2. 9.2 ASP.NET Core Identity
      1. 9.2.1 Installing the NuGet packages
      2. 9.2.2 Creating the user entity
      3. 9.2.3 Updating the ApplicationDbContext
      4. 9.2.4 Adding and applying a new migration
      5. 9.2.5 Setting up the services and middleware
      6. 9.2.6 Implementing the AccountController
    3. 9.3 Authorization settings
      1. 9.3.1 Adding the authorization HTTP header
      2. 9.3.2 Setting up the [authorize] attribute
      3. 9.3.3 Testing the authorization flow
    4. 9.4 Role-based access control
      1. 9.4.1 Registering new users
      2. 9.4.2 Creating the new roles
      3. 9.4.3 Assigning users to roles
      4. 9.4.4 Adding role-based claims to JWT
      5. 9.4.5 Setting up role-based auth rules
      6. 9.4.6 Testing the RBAC flow
      7. 9.4.7 Using alternative authorization methods
    5. 9.5 Exercises
      1. 9.5.1 Adding a new role
      2. 9.5.2 Creating a new user
      3. 9.5.3 Assigning a user to roles
      4. 9.5.4 Implementing a test endpoint
      5. 9.5.5 Testing the RBAC flow
    6. Summary
  18. 10 Beyond REST
    1. 10.1 REST drawbacks
      1. 10.1.1 Overfetching
      2. 10.1.2 Underfetching
    2. 10.2 GraphQL
      1. 10.2.1 GraphQL advantages
      2. 10.2.2 GraphQL drawbacks
      3. 10.2.3 Implementing GraphQL
      4. 10.2.4 Working with GraphQL
    3. 10.3 Google Remote Procedure Call
      1. 10.3.1 gRPC pros
      2. 10.3.2 gRPC cons
      3. 10.3.3 Installing the NuGet packages
      4. 10.3.4 Implementing the gRPC Server
      5. 10.3.5 Implementing the gRPC client
      6. 10.3.6 Adding Authorization support
    4. 10.4 Other REST alternatives
      1. 10.4.1 Newline Delimited JSON (NDJSON)
      2. 10.4.2 Falcor
      3. 10.4.3 Thrift
    5. 10.5 Exercises
      1. 10.5.1 Write a new GraphQL query
      2. 10.5.2 Fetch GraphQL data for a mutation
      3. 10.5.3 Implement new gRPC server features
      4. 10.5.4 Add new gRPC client wrappers
      5. 10.5.5 Test the new gRPC features
    6. Summary
  19. Part 4 Toward production
  20. 11 API documentation
    1. 11.1 Web API potential audience
      1. 11.1.1 Prospectors
      2. 11.1.2 Contractors
      3. 11.1.3 Builders
    2. 11.2 API documentation best practices
      1. 11.2.1 Adopt an automated description tool
      2. 11.2.2 Describe endpoints and input parameters
      3. 11.2.3 Add XML documentation support
      4. 11.2.4 Work with Swashbuckle annotations
      5. 11.2.5 Describe responses
      6. 11.2.6 Add request and response samples
      7. 11.2.7 Group endpoints into sections
      8. 11.2.8 Exclude reserved endpoints
    3. 11.3 Filter-based Swagger customization
      1. 11.3.1 Emphasizing the authorization requirements
      2. 11.3.2 Changing the application title
      3. 11.3.3 Adding a warning text for passwords
      4. 11.3.4 Adding custom key/value pairs
    4. 11.4 Exercises
      1. 11.4.1 Use XML documentation
      2. 11.4.2 Use Swashbuckle annotations
      3. 11.4.3 Exclude some endpoints
      4. 11.4.4 Add a custom filter
      5. 11.4.5 Add custom key/value pairs
    5. Summary
  21. 12 Release and deployment
    1. 12.1 Prepublishing tasks
      1. 12.1.1 Considering security
      2. 12.1.2 Choosing a domain name
      3. 12.1.3 Setting up a CDN
      4. 12.1.4 Fine-tuning our APP
      5. 12.1.5 Understanding the .NET publishing modes
    2. 12.2 Creating a Windows VM server
      1. 12.2.1 Accessing Azure
      2. 12.2.2 Creating and setting up the Windows VM
      3. 12.2.3 Working with the VM public IP address
      4. 12.2.4 Creating an SSL/TLS origin certificate
      5. 12.2.5 Setting Cloudflare Encryption Mode to Full
    3. 12.3 Configuring the Windows VM server
      1. 12.3.1 Installing IIS
      2. 12.3.2 Installing the ASP.NET Core hosting bundle
      3. 12.3.3 Installing the Web Deploy component
      4. 12.3.4 Opening the 8172 TCP port
      5. 12.3.5 Configuring IIS
      6. 12.3.6 Creating the production database
      7. 12.3.7 Creating the appsettings.Production.json file
    4. 12.4 Publishing and deploying
      1. 12.4.1 Introducing Visual Studio publish profiles
      2. 12.4.2 Creating an Azure VM publish profile
      3. 12.4.3 Configuring the publish profile
      4. 12.4.4 Publishing, deployment, and testing
      5. 12.4.5 Final thoughts
    5. Summary
  22. appendix A.
    1. A.1 Installing SQL Server
    2. A.2 Installing Internet Information Services
    3. A.3 Installing the IIS Management Service
    4. A.4 Installing the ASP.NET Core Windows hosting bundle
    5. A.5 Installing Web Deploy
    6. A.6 Adding an inbound port rule in Azure
  23. index
  24. inside back cover

Product information

  • Title: Building Web APIs with ASP.NET Core
  • Author(s): Valerio De Sanctis
  • Release date: June 2023
  • Publisher(s): Manning Publications
  • ISBN: 9781633439481