55340AC Developing ASP.NET Core Web Applications

Microsoft ASP.NET Core web technologies can help you build and host dynamic, powerful, and extensible web applications. ASP.NET Core is an open source, cross-platform framework based on .NET that allows you to build web applications. You can develop and run ASP.NET Core web apps on Windows, macOS, Linux, or any other platform that supports it. ASP.NET Core supports an agile, test-driven development cycle. It also allows you to use the latest HTML standards and front-end frameworks like Angular, React, and more.

Microsoft ASP.NET Core is a programming model that you can use to build powerful and complex web applications. However, all complex development projects, and large projects in particular, can be challenging and intricate to fully understand. Without a full understanding of the purposes of a project, you cannot develop an effective solution to the client's problem. You need to know how to identify a set of business needs and then make technology decisions and plan your web application to meet those needs. The planning phase assures stakeholders that you understand their requirements and communicates the functionality of the web application, its user interface, structure, and data storage to developers.

ASP.NET Core is a framework that allows us to build many types of applications. In this module, we'll first take a closer look at ASP.NET Razor Pages, as a quick way to build a web application that doesn't require the complexity of the MVC model. Then we'll look at middleware, which has particular meaning in the context of the ASP.NET Core request pipeline, potentially allowing multiple independent requests to be handled in a completely different way and receive independent responses. You'll learn how to take advantage of the ASP.NET Core framework to handle requests and responses through existing and custom middleware, and how to configure services for use in the middleware and in other parts of the application, such as controllers. We will also see the Services; classes that expose functionality that you can then use in different parts of the application. This is accomplished without having to manually track the scope at each individual location, or instantiate any dependencies, by using Dependency Injection. Dependency injection is a technique used by ASP.NET Core that allows us to add dependencies to code without having to worry about instantiating objects, keeping them in memory, or passing required dependencies.

ASP.NET Core MVC is a framework for building web applications using the Model-View-Controller (MVC) architectural pattern. The controller is essentially responsible for processing a web request by interacting with the model and then passing the results back to the view. The model represents the business layer and can include data objects, application logic, and business rules. The View uses the data it receives from the controller to produce the HTML or other output that is sent back to the browser. In this module we will focus on developing controllers, specialized classes that are fundamental to MVC applications. Understanding how controllers work is critical to being able to create the appropriate model objects, manipulate them, and pass them to the appropriate views. Controllers have several methods that are called "actions". When an MVC application receives a request, it finds which controller and which action should handle the request. It determines this by using Uniform Resource Locator (URL) routing; another very important concept needed to develop MVC applications. We'll also see how to maximize code reuse in controllers by writing action filters.

Views are one of the three main components of the Model-View-Controller (MVC) programming model. You can define the user interface for your web application by creating views; a combination of HTML markup and C# code that runs on a web server. To create a view, you must know how to write HTML markup and C# code and use the various helper classes built into MVC. You also need to know how to create partial views and view components, which represent sections of HTML that can be reused in your web application. We'll also take a closer look at Razor's markup syntax for embedding .NET-based code in web pages.

Most web applications interact with various types of data or objects. An e-commerce application, for example, manages products, shopping carts, customers, and orders. A social networking app can help manage users, status updates, comments, photos, and videos. A blog is used to manage blog posts, comments, categories, and tags. When you write a Model-View-Controller (MVC) web application, you create an MVC model to model the data for your web application. Inside this model, create a model class for each type of object. The model class describes the properties of each type of object and can include business logic that matches business processes. Therefore, the model is a fundamental building block in an MVC application. We'll also look at validating user input.

Web applications often require a data store for dynamic information, for example, to create a web application that continually changes in response to user input, administrative actions, and publish events. The data store is usually a database, but other types of data stores are also used. In Model-View-Controller (MVC) applications, you can create a model that implements data access logic and business logic. Alternatively, you can separate business logic from data access logic by using a repository class that a controller can use to read or write to an underlying data store. When you write an ASP.NET application, you can use Entity Framework Core (EF Core) and Language Integrated Query (LINQ) technologies, which make data access code very fast to write and easy to understand. In this module,

When building web applications, you must apply a uniform appearance to the application. Typically, you would include consistent header and footer sections and navigation controls across all views. Microsoft ASP.NET Core uses special templates called layouts to accomplish this, along with Cascading Style Sheets (CSS) to improve the appearance and usability of your web application. You can also create interactive HTML elements using JavaScript to provide client-side code in your web application, along with client-side JavaScript libraries.

When building an application, it's important to know how to develop the client-side and server-side code for the application. In this module, you'll learn client-side tools that allow you to build complex web applications at any scale, including using the Bootstrap CSS framework to style your web application. You'll learn how to use Sass, a CSS preprocessor that adds code-like features such as variables, nested rules, and functions that improve maintainability of complex CSS style sheets. You will learn responsive design principles that will allow you to adapt your web application based on the capabilities of the web browser or device using CSS media queries and how to use a responsive grid system. Next, You'll learn how to configure the gulp task runner and use it to compile Sass files at build time and perform bundling and minification of CSS and JavaScript files, and how to configure a watchdog task to automatically compile Sass files as you write your code. Finally, we'll introduce the Blazor framework for building an interactive client-side web UI with .NET.

The software development process inevitably results in coding errors or failures that result in exceptions, unexpected behavior, or incorrect results. To improve the quality of your web application and provide a good user experience, you must identify errors from any source and eliminate them. In traditional software development, most testing is done by testers at the end of a development project. However, in recent years it has been widely accepted that testing throughout the project life cycle improves code quality and greatly reduces the number of bugs in production software. You need to understand how to run tests on individual components to ensure they work as expected before assembling them into a complete web application. It's also important that you know how to handle exceptions when they occur and handle them correctly to provide proper user feedback, without leaking information about the application's structure. Finally, by using application-wide logging, you can monitor user activities that could lead to unexpected problems and troubleshoot production issues by tracing flows through the application.

Applications are typically delivered via a web browser, over the public Internet, to a large number of users. This means that security should always be at the forefront when building these applications, as in addition to legitimate users, the application will be exposed to malicious third parties. Users can have anonymous access or they can have a logged in identity, and you must decide which users can perform which actions. Authentication is the act of establishing a user's identity, while authorization is the process in which an already authenticated user is granted access to specific actions or resources. By using authorization, you can prevent users from accessing confidential material or information and resources intended for another user or prevent them from performing certain actions. The costs of security breaches can be very high, resulting in data loss, legal action, and reputational damage. Therefore, in the final section, we will look at some specific malicious attacks, such as cross-site scripting and SQL injection, and how to defend against them.

Modern web applications must be able to respond quickly to a large number of user requests in a short period of time. Caching allows you to store common requests, avoiding the need to perform the same logic repeatedly. This provides the user with a fast response time and reduces the system resources used to carry out the action logic. By using various forms of state management, you can build stateful applications on top of stateless web protocols, giving responses tailored to the contexts of individual users within the same application. Finally, SignalR is an easy-to-use two-way communications API that is an abstraction of several different web communications protocols. This allows you to create server-side logic to deliver content to browser-based web applications in real time.

Most web applications require integration with external systems. Representational State Transfer (REST) ​​services help reduce application overhead and limit the data that is passed between client and server systems using open standards. You should know how to expose a web API that implements REST services in your ASP.NET application. You also need to know how to call a web API using server-side and client-side code to consume external REST-style web APIs.