.NET Aspire: What is it?
A contemporary, opinionated framework called.NET Aspire was created to make it easier to develop cloud-native and microservices-based applications within the.NET ecosystem. It offers a cohesive method for creating, implementing, and overseeing dispersed applications with the least amount of hassle.

.NET Aspire is built to solve common challenges developers face when working with microservices and cloud-native architectures, such as,Service Orchestration: Managing multiple services seamlessly within a single environment.

• Built-in Observability: Automatically integrating logging, tracing, and metrics for monitoring application health.
• Configuration Management: Simplifying configuration across multiple services.
• Dependency Injection: Enabling easy integration of external services like databases, message brokers, and caching mechanisms.
• Cloud-Native Compatibility: Supporting seamless deployment to cloud environments, including Azure, AWS, and Kubernetes.

By leveraging .NET Aspire, developers can focus more on business logic and less on infrastructure concerns, resulting in faster development cycles, improved maintainability, and better performance.

What Was There Before .NET Aspire vs. Now?
Before .NET Aspire, developers working with microservices in .NET had to rely on multiple tools and frameworks to achieve the same functionality Aspire now provides natively. Some challenges and comparisons include,

• Service Orchestration
  • Before: Developers manually orchestrated microservices using custom scripts, Kubernetes, or third-party tools.
  • Now: .NET Aspire provides a built-in orchestration model, reducing the complexity of managing services.
• Observability (Logging, Tracing, and Metrics)
  • Before: Developers had to integrate multiple libraries (like OpenTelemetry, Serilog, and Prometheus) separately.
  • Now: Aspire includes built-in observability, making logging, tracing, and metrics easy to implement.
• Configuration Management
  • Before: Configuration was handled manually via environment variables, JSON files, or external providers.
  • Now: Aspire offers a structured approach to configuration management, reducing manual effort and errors.
• Service-to-Service Communication
  • Before: Developers had to implement gRPC, HTTP clients, or messaging systems manually.
  • Now: Aspire simplifies service communication with built-in abstractions.
• Deployment and Cloud Readiness
  • Before: Deploying microservices required setting up infrastructure using Docker, Kubernetes, or cloud-specific tools.
  • Now: Aspire provides streamlined deployment options, making cloud-native application development more accessible.

A Quick Comparison Table

With these improvements, .NET Aspire significantly reduces the development overhead and allows teams to focus more on building features rather than configuring infrastructure.

Why .NET Aspire for Modern .NET Developers?
As software development shifts towards microservices and cloud-first approaches, developers need tools that enable efficiency, scalability, and maintainability. .NET Aspire addresses these needs by offering.

• Seamless Orchestration: Manage multiple services effortlessly within a unified environment.
• Built-in Observability: Gain insights into application performance with logging and tracing.
• Simplified Service Integration: Easily connect microservices and external dependencies.

Cloud-Ready Architecture: Deploy applications to cloud platforms with minimal configuration.

in online forms. WebMethod and ScriptMethod Attributes are used by Net programs to call client-side scripts such as JavaScript and Jquery web calls. The shared function keyword from server-side pages is used in this technique. The function will send a post and receive a request on that, as indicated by the Shared keyword and WebMethod property that WebService exposes. The same kind of online technique will be utilized for sharing data in JSON format. Below is an example of the code.

Server End code

Public Class WebCall
    Inherits System.Web.UI.Page
    <WebMethod()>
    <ScriptMethod()>
    Public Shared Function GetServerTime() As String
        Return DateTime.Now.ToString()
    End Function

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
        ' No server-side logic needed for this example.
    End Sub
End Class

From the client end, an OnClick event will be sent a request for getting a server date & timely response. The client-side code example is below.
<asp:Content ID="BodyContent" ContentPlaceHolderID="MainContent" runat="server"><main>
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
    <script type="text/javascript">
        function callWebMethod() {
            alert("callweb");
            $.ajax({
                type: "POST",
                url: "WebCall.aspx/GetServerTime",
                data: "{}",
                contentType: "application/json; charset=utf-8",
                dataType: "json",
                success: function (msg) {
                    alert(msg.d);
                    $("#lblTime").text(msg.d);
                },
                error: function (xhr, status, error) {
                    alert("Error: " + xhr.responseText);
                }
            });
        }
    </script>
    <div>

  <button type="button" onclick="callWebMethod()">Get current server time</button><p id="btnGetTime"></p>
          <label id="lblTime" Text=""></label>
    </div>
    </main>
</asp:Content>

Output

A wealth of information can be found in server logs. They can provide you with a wealth of information on user behavior, system performance, and any problems. However, manually identifying those problems is challenging. Examining logs is necessary, but it can be challenging when there are many logs. Anomaly detection can help with it. One machine learning method that can automatically identify anomalies is anomaly detection. Within the.NET environment, developers can create robust anomaly detection systems using.NET 9 and Microsoft's open-source machine learning framework, ML.NET. Using a real-world example, we will examine the capabilities of ML.NET and how to apply it to identify issues in server logs with.NET 9.

What is ML.NET?
ML.NET is a powerful, cross-platform machine learning framework designed for .NET developers. It allows you to create, train, and deploy custom machine learning models directly in C# or F# without requiring extensive data science expertise. Launched by Microsoft, ML.NET supports a wide range of scenarios.

• Classification: Binary (e.g., spam detection) or multi-class (e.g., categorizing support tickets).
• Regression: Predicting future values (e.g., sales forecasting).
• Clustering: Grouping similar data points (e.g., segmenting customers).
• Anomaly Detection: Finding outliers in datasets (e.g., identifying irregularities in server logs).
• Time-Series Analysis: Finding trends and outliers in sequential data.
• Recommendation Systems: Suggesting products or content based on user behavior.

ML.NET’s strengths include its integration with .NET tools like Visual Studio, support for pre-trained models (e.g., ONNX, TensorFlow), and the Model Builder GUI for simplified development. Whether you’re processing small datasets or scaling to enterprise-level applications, ML.NET offers flexibility and performance, making it an ideal choice for embedding intelligence into .NET 9 projects.

Project Overview: Detecting Error Spikes in Server Logs
We’re going to create a .NET 9 console application that uses ML.NET to find unusual activity in server log data. We’re especially looking at error counts over time. This example is like a real-world situation where a sudden increase in errors could mean there’s a problem with the server. This would let administrators fix the problem before it gets worse.

Step 1. Setting Up the Environment
Please find the complete source code: Click Here

To begin, ensure you have,

• .NET 9 SDK: Installed from the official Microsoft site.
• Visual Studio Code (or Visual Studio): For coding and debugging. I will be using VS Code for this project.
• ML.NET Packages: Added via NuGet.

Let’s start. If you have C# Dev Kit, then you can create the project in VS Code or use below command.

Create a new console application.
dotnet new console -n AnomalyDetection -f net9.0
cd AnomalyDetection

Add the ML.NET NuGet packages.
dotnet add package Microsoft.ML
dotnet add package Microsoft.ML.TimeSeries

Step 2. Defining the Data Models.
Create a Models folder and add two classes.
LogData.cs: Represents server log entries with timestamps and error counts.
    namespace AnomalyDetection.Models;

    public record LogData
    {
        public DateTime Timestamp { get; set; }
        public float ErrorCount { get; set; }

    }

AnomalyPrediction.cs: Represents the model’s output, indicating whether an anomaly is detected.
using Microsoft.ML.Data;

namespace AnomalyDetection.Models;

public record AnomalyPrediction
{
    [VectorType(3)]
    public double[] Prediction { get; set; } =  [];

}

AnomalyResult.cs: Represents the output result from the model.
namespace AnomalyDetection.Models;

public record AnomalyResult
{
    public DateTime Timestamp { get; set; }
    public float ErrorCount { get; set; }
    public bool IsAnomaly { get; set; }
    public double ConfidenceScore { get; set; }

}

Step 3. Implementing Anomaly Detection Logic with ML.NET
Create a Services folder and add AnomalyDetector.cs.
using System;
using AnomalyDetection.Models;
using Microsoft.ML;

namespace AnomalyDetection.Services;

public class AnomalyDetectionTrainer
{
    private readonly MLContext _mlContext;
    private ITransformer _model;

    public AnomalyDetectionTrainer()
    {
        _mlContext = new MLContext(seed: 0);
        TrainModel();
    }

    private void TrainModel()
    {
        // Simulated training data (in practice, load from a file or database)
        var data = GetTrainingData();

        var dataView = _mlContext.Data.LoadFromEnumerable(data);

        // Define anomaly detection pipeline
       var pipeline = _mlContext.Transforms.DetectIidSpike(
                outputColumnName: "Prediction",
                inputColumnName: nameof(LogData.ErrorCount),
                confidence: 95.0, // Double instead of int
                pvalueHistoryLength: 5
            );

        // Train the model
        _model = pipeline.Fit(dataView);

    }

    public List<AnomalyResult> DetectAnomalies(List<LogData> logs)
        {
            var dataView = _mlContext.Data.LoadFromEnumerable(logs);
            var transformedData = _model.Transform(dataView);
            var predictions = _mlContext.Data.CreateEnumerable<AnomalyPrediction>(transformedData, reuseRowObject: false);

            return logs.Zip(predictions, (log, pred) => new AnomalyResult
            {
                Timestamp = log.Timestamp,
                ErrorCount = log.ErrorCount,
                IsAnomaly = pred.Prediction[0] == 1,
                ConfidenceScore = pred.Prediction[1]
            }).ToList();
        }

    //dummy training data
    private List<LogData> GetTrainingData()
    {
        return new List<LogData>(){
            new() { Timestamp = DateTime.Now.AddHours(-5), ErrorCount = 2 },
            new() { Timestamp = DateTime.Now.AddHours(-4), ErrorCount = 3 },
            new() { Timestamp = DateTime.Now.AddHours(-3), ErrorCount = 2 },
            new() { Timestamp = DateTime.Now.AddHours(-2), ErrorCount = 50 }, // Anomaly: Spike!
            new() { Timestamp = DateTime.Now.AddHours(-1), ErrorCount = 4 },
            new() { Timestamp = DateTime.Now.AddHours(-6), ErrorCount = 2 }
        };
    }
}

Explanation
_mlContext: An instance of MLContext, the core ML.NET object for managing data, models, and transformations. It’s initialized with a seed (0) for reproducible results.
_model: An ITransformer object that holds the trained anomaly detection model, applied later for predictions.
private void TrainModel()
{
    var data = GetTrainingData();
    var dataView = _mlContext.Data.LoadFromEnumerable(data);
    var pipeline = _mlContext.Transforms.DetectIidSpike(
        outputColumnName: "Prediction",
        inputColumnName: nameof(LogData.ErrorCount),
        confidence: 95.0,
        pvalueHistoryLength: 5
    );
    _model = pipeline.Fit(dataView);
}

Purpose: Trains the anomaly detection model using simulated data.

Steps

• Data Loading: Calls GetTrainingData to fetch dummy server log data, then converts it into an IDataView using LoadFromEnumerable.
• Pipeline Definition: Uses DetectIidSpike from MLContext.Transforms to create a pipeline for detecting anomalies in independent and identically distributed (IID) data:
  • outputColumnName: “Prediction”: Names the output column for anomaly results.
  • inputColumnName: nameof(LogData.ErrorCount): Specifies the input data (error counts).
  • confidence: 95.0: Sets a 95% confidence level for anomaly detection.
  • pvalueHistoryLength: 5: Defines a sliding window of 5 data points to evaluate anomalies.
• Training: Fits the pipeline to the data, producing a trained _model.

DetectAnomalies Method
public List<AnomalyResult> DetectAnomalies(List<LogData> logs)
{
    var dataView = _mlContext.Data.LoadFromEnumerable(logs);
    var transformedData = _model.Transform(dataView);
    var predictions = _mlContext.Data.CreateEnumerable<AnomalyPrediction>(transformedData, reuseRowObject: false);
    return logs.Zip(predictions, (log, pred) => new AnomalyResult
    {
        Timestamp = log.Timestamp,
        ErrorCount = log.ErrorCount,
        IsAnomaly = pred.Prediction[0] == 1,
        ConfidenceScore = pred.Prediction[1]
    }).ToList();
}

Step 4. Check the anomalies in the logs with the above service
Update Program.cs
using AnomalyDetection.Models;
using AnomalyDetection.Services;

//create a dummy log data
var logs = new List<LogData>(){
    new() { Timestamp = DateTime.Now.AddHours(-5), ErrorCount = 2 },
    new() { Timestamp = DateTime.Now.AddHours(-4), ErrorCount = 3 },
    new() { Timestamp = DateTime.Now.AddHours(-3), ErrorCount = 2 },
    new() { Timestamp = DateTime.Now.AddHours(-2), ErrorCount = 50 },
    new() { Timestamp = DateTime.Now.AddHours(-1), ErrorCount = 4 },
    new() { Timestamp = DateTime.Now.AddHours(-6), ErrorCount = 2 }
};

//create an instance of the AnomalyDetectionTrainer
var trainer = new AnomalyDetectionTrainer();

//detect anomalies
var results = trainer.DetectAnomalies(logs);

//print the results
foreach (var result in results)
{
    Console.WriteLine($"Timestamp: {result.Timestamp}, ErrorCount: {result.ErrorCount}, IsAnomaly: {result.IsAnomaly}, ConfidenceScore: {result.ConfidenceScore}");
}

Let's run the console app and validate the results.
The project structure is as shown below.

A wealth of information can be found in server logs. They can provide you with a wealth of information on user behavior, system performance, and any problems. However, manually identifying those problems is challenging. Examining logs is necessary, but it can be challenging when there are many logs. Anomaly detection can help with it. One machine learning method that can automatically identify anomalies is anomaly detection. Within the.NET environment, developers can create robust anomaly detection systems using.NET 9 and Microsoft's open-source machine learning framework, ML.NET. Using a real-world example, we will examine the capabilities of ML.NET and how to apply it to identify issues in server logs with.NET 9.

Having well-organized and aesthetically pleasing API documentation is essential in modern web development. For creating visually appealing API documentation for ASP.NET Core applications, Scalar is a great tool. The easy integration of Scalar into an ASP.NET Core project and the creation of API documentation will be covered in this post.

Scalar: What is it?
An open-source tool for API documentation, Scalar offers a user-friendly and aesthetically pleasing interface for testing and researching APIs. It is a straightforward and user-friendly substitute for Redoc and Swagger UI.

Why Use Scalar for API Documentation?

• User-friendly Interface: Scalar provides a clean and modern UI.
• Interactive API Testing: Allows developers to test APIs directly from the documentation.
• Easy Integration: Simple setup process with minimal configuration.
• Open Source: Free to use and modify according to project needs.

Setting Up Scalar in ASP.NET Core
Step 1. Install Scalar Package
To integrate Scalar into your ASP.NET Core project, you need to install the Scalar NuGet package. Run the following command in the terminal.
Install-Package Scalar.AspNetCore

Step 2. Configure Scalar in Startup.cs.
Modify the Startup.cs file to add Scalar middleware.
using Scalar.AspNetCore;

public void ConfigureServices(IServiceCollection services)
{
    services.AddControllers();
    services.AddScalar();
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }

    app.UseRouting();

    app.UseEndpoints(endpoints =>
    {
        endpoints.MapControllers();
    });

    app.UseScalar(); // Enable Scalar documentation
}

Step 3. Access API Documentation.
Once the configuration is complete, run your ASP.NET Core application and navigate to the following URL.
https://localhost:<port>/scalar

You should see a beautifully generated API documentation interface.

Customizing Scalar Documentation
Scalar provides customization options to enhance the API documentation experience.

1. Adding API Metadata
You can customize API metadata such as title, version, and description by modifying the Scalar configuration.
services.AddScalar(options =>
{
    options.DocumentTitle = "My API Documentation";
    options.ApiVersion = "v1.0";
    options.Description = "This is a sample API documentation using Scalar.";
});

2. Securing API Documentation
You can use authentication middleware to secure the Scalar endpoint and limit access to your API documentation.

Conclusion
With ASP.NET Core, Scalar is a potent tool for producing visually appealing and interactive API documentation. It is a great substitute for more conventional documentation tools like Swagger because of its simplicity of integration, intuitive interface, and customizable features. You may rapidly set up Scalar and enhance your experience with API documentation by following the instructions in this article.

I will illustrate Null Coalescing (??) and Null Conditional (?.) in this article. Programmers frequently struggle with null references, although contemporary languages like C# provide sophisticated solutions. Two separate but complimentary methods for creating safe and clear code are the null conditional operator (?.) and the null coalescing operator (??). This page explains how to use them, gives examples, and examines their capabilities.

What is Null Coalescing (??)?
The null coalescing operator (??) provides a fallback value when a variable is null, serving as a concise alternative to traditional null-checking if statements.

Syntax
result = variable ?? fallbackValue;

How does Null Coalescing (??) work?
If variable is not null, its value is assigned to result.
If variable is null, the fallbackValue is assigned instead.
    string userName = null;
   string displayName = userName ?? "Guest User";
   Console.WriteLine(displayName);

The null coalescing operator (??) simplifies null-checking logic.

In this example, displayName is guaranteed to have a value, even if userName is null.

This approach is more concise and readable compared to an equivalent if statement:
The traditional method to achieve this before the introduction of ??
string displayName;
if (userName != null)
{
    displayName = userName;
}
else
{
    displayName = "Guest";
}

When to use the null coalescing operator (??)

Default Values: Assign a default value when a variable is null.

Dictionary<string, string> userPreferences = new Dictionary<string, string>()
        {
            { "theme", "dark" },
            { "language", "en" }
        };

// Use ?? to provide a default value if the key doesn't exist
string theme = userPreferences.GetValueOrDefault("theme") ?? "light";
string fontSize = userPreferences.GetValueOrDefault("fontSize") ?? "medium";

Console.WriteLine($"Theme: {theme}");       // Output: Theme: dark
Console.WriteLine($"Font Size: {fontSize}"); // Output: Font Size: medium

Output

• Theme: dark   => requested value exists in the dictionary, so it will return the same value
• Font Size: medium  => requested values do not exist, then it will return default values provided using the null coalescing operator (??)

Chained Fallbacks: Provide multiple fallback options.
string preferredName = null;
string alternateName = null;
        
// Use ?? to check both variables and provide a default value if both are null
string displayName = preferredName ?? alternateName ?? "Unknown Person";
Console.WriteLine(displayName);  // Output: Unknown Person

Output
"Unknown Person" because both variable assigned with null value.

• The null coalescing operator can be chained to check multiple variables.
• The operator will return the first non-null value from the chain.
• If all variables are null, it will return the last fallback value. In this case, "Unknown".

The traditional method to achieve multiple null checks before the introduction of ??
string preferredName = null;
string alternateName = null;

// Traditional method using if statements
string displayName;

 if (preferredName != null)
 {
     displayName = preferredName;
}
 else if (alternateName != null)
  {
     displayName = alternateName;
  }
  else
  {
     displayName = "Unknown Person";
  }

Console.WriteLine(displayName);  // Output: Unknown Person

What is Null Conditional (?.)
The null conditional operator ?. allows safe navigation of objects and their properties, avoiding null reference exceptions. It short-circuits evaluation if the object or property being accessed is null.
result = object?.Property;

How does Null Conditional (?.) work?
public class Person
{
    public int Id { get; set; }
    public string Name { get; set; }
    public Address Address { get; set; }
}

public class Address
{
    public int Id { get; set; }
    public string City { get; set; }
    public string PinCode { get; set; }
}Person person = null;

 // Use the null conditional operator to safely access a property
 string name = person?.Name ?? "Unknown";

 Console.WriteLine(name);  // Output: Unknown

 string persionCity = person?.Address?.City ?? "London"; // If person or Address object null then it will assign default city as LondonThe null conditional operator (?.) is used to safely access the Name property of person. Since person is null, person?.Name will return null.
When to use Null Conditional (?.)

• The null conditional operator (?.) allows you to safely access properties or methods of potentially null objects without throwing exceptions.
• It can be chained to access multiple levels of properties, like person?.Address?.City.
• It works well in scenarios where the object might be null and you want to avoid explicit null checks.

Comparing Null Coalescing (??) and Null Conditional (?.)
Null Coalescing (??)

• Use it when you need to provide a fallback value if an expression evaluates to null.
• It's commonly used in scenarios involving value assignment or default parameters.

Null Conditional (?.)

• Use it when you need to safely access or call properties and methods on potentially null objects.
• It's frequently used in deep object hierarchies or when dealing with nullable types.

Combining Both ?? and ?
Consider the example above with the Person class, which has an Address reference, and we want to use a combination of both ?? and ?. to check for null. Here's how we can implement it:
string userCity = person?.Address?.City ?? "Unknown City";
Console.WriteLine(userCity); // Output: Unknown City

Summary
In this article, we have examined how to handle null checks more efficiently by utilizing C#'s Null Coalescing (??) and Null Conditional (?.) operators. We discussed how these features can be applied to implement null checks in a cleaner, more readable manner, improving both the clarity and maintainability of the code. Additionally, we explored how to use these operators individually as well as how to combine them in a single statement to handle multiple null checks effectively, making the code more concise and eliminating the need for verbose null-checking logic.

Feel free to follow me here, and you can read more articles at this link: Click Here to explore my articles.

• New LINQ Methods in .NET 9: Index, CountBy, and AggregateBy
• Working with JSON in .NET Core: Newtonsoft.Json, NetJSON, and System.Text.Json
• Implement a retry policy in .NET 6 Applications with Polly
• Understanding Model Binding in ASP.NET Core with .NET 8
• Data Conversions in C# with SuperConvert

Any application or API that is made available to the public must include rate limitation. It guards against harmful attacks including denial-of-service (DoS) attacks, guarantees equitable utilization among clients, and stops resource exhaustion. We'll go over what rate limiting is, why it's important, and how to use Visual Studio's tools to create it in.NET in this comprehensive guide.

What is Rate Limiting?
Rate limiting is the practice of controlling the number of requests a client can make to a server within a specific time period. It ensures that resources are distributed fairly and that a single client cannot overwhelm the system.

Why Implement Rate Limiting?

Here’s why rate limiting is vital.

• Prevent System Overload: Protect your server from being overwhelmed by a flood of requests.
• Ensure Fair Usage: Distribute resources equitably among users.
• Mitigate Attacks: Defend against DoS attacks or API abuse.
• Cost Control: Avoid unnecessary resource consumption, especially in cloud-based systems.
• Improve Stability: Enhance the reliability and performance of your application.

Setting Up Rate Limiting in .NET Using Visual Studio
.NET 7 introduces a built-in rate-limiting middleware that simplifies the implementation of rate limits. Follow these detailed steps using Visual Studio to integrate this feature into your application.

Step 1. Create a New Web API Project

• Open Visual Studio.
• Click on Create a new project.
• Select ASP.NET Core Web API and click Next.
• Name your project (e.g., RateLimitingExample) and click Next.

Choose .NET 7 as the framework and click Create.
This creates a new Web API project with the required dependencies.

Step 2. Add Rate Limiting Middleware
To implement rate limiting, configure the middleware in the Program.cs file.

Open the Program.cs file.
Add rate-limiting policies to control the traffic flow. Replace the existing content with the following code.
using Microsoft.AspNetCore.RateLimiting;
using System.Threading.RateLimiting;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddControllers();
// Configure rate limiting policies
builder.Services.AddRateLimiter(options =>
{
    options.AddPolicy("FixedWindowPolicy", context =>
        RateLimitPartition.GetFixedWindowLimiter(
            partitionKey: context.Connection.RemoteIpAddress?.ToString() ?? "default",
            factory: _ => new FixedWindowRateLimiterOptions
            {
                PermitLimit = 10, // Allow 10 requests
                Window = TimeSpan.FromSeconds(10), // Within 10 seconds
                QueueProcessingOrder = QueueProcessingOrder.OldestFirst,
                QueueLimit = 2 // Allow 2 requests in queue
            }));
});

var app = builder.Build();
// Use rate limiting middleware
app.UseRateLimiter();
// Map endpoints
app.MapControllers();
app.Run();

Step 3. Add a Controller

• Right-click on the Controllers folder in Solution Explorer.
• Select Add > Controller.
• Choose API Controller – Empty and name it WeatherForecastController.
• Replace the contents of the generated file with the following code.

using Microsoft.AspNetCore.Mvc;
[ApiController]
[Route("[controller]")]
public class WeatherForecastController : ControllerBase
{
    [HttpGet]
    [EnableRateLimiting("FixedWindowPolicy")]
    public IActionResult GetWeather()
    {
        return Ok(new { Message = "Weather data retrieved successfully!" });
    }
}

This controller applies the FixedWindowPolicy rate limit to the GetWeather action.

Step 4. Test the Application

• Press F5 or click Start to run the application.
• Open your browser, Postman, or another API testing tool.
• Send multiple GET requests to the endpoint:
• http://localhost:<port>/WeatherForecast After 10 requests within 10 seconds, the API will return a 429 Too Many Requests response.

Advanced Features of Rate Limiting
The built-in middleware allows you to customize rate-limiting strategies further.

• Sliding Window Policy: Provides smoother rate limiting by spreading limits across smaller time segments.
• Token Bucket Policy: Allows short bursts of requests but enforces an overall rate limit.
• Concurrency Policy: Limits the number of simultaneous requests processed by the server.

You can define these policies in the Program.cs file is similar to the fixed window example.

Consequences of Not Using Rate Limiting
Without rate limiting, your application might face.

• Resource Exhaustion: Overloaded servers, slower response times, and potential crashes.
• Unfair Usage: A single client can monopolize resources, leaving others without access.
• Security Risks: Increased vulnerability to DoS attacks and brute-force attempts.
• Higher Costs: Excessive resource consumption can drive up operational expenses.

Benefits of Using Visual Studio
Using Visual Studio to set up rate limiting provides a streamlined and integrated environment where you can.

• Write and test code with built-in debugging tools.
• Quickly add or manage dependencies through the NuGet Package Manager.
• Leverage IntelliSense and code completion for error-free implementation.

Conclusion
Rate limiting is essential for building robust, secure, and scalable APIs. By using .NET’s built-in Rate Limiting Middleware and Visual Studio’s powerful tools, you can implement and test rate-limiting policies efficiently. This ensures your application is protected, performs well, and provides a fair experience for all users. Try out these steps in your project, and ensure your APIs are ready for real-world usage.

Using aspnet_regiis.exe tool to Encrypt and Decrypt Web.config Sections

Prerequisite (Deployment Server)

• Locate the Framework Folder in the IIS Server, Ex: C:\Windows\Microsoft.NET\Framework{xx}\ v4.0.xxxxx OR v2.0.xxxxx.
• Run the command prompt as Administrator Access,

Note. This tool (aspnet_regiis.exe) is typically found in the .NET Framework directory:

• C:\Windows\Microsoft.NET\Framework\v4.0.xxxxx\aspnet_regiis.exe
• C:\Windows\Microsoft.NET\Framework64\v4.0.xxxxx\aspnet_regiis.exe (for 64-bit)

Prerequisite (Local Development Machine)
Run the Developer Command Prompt for VS 20xx as Administrator Access

Commands to Execute

To Encrypt Section
> aspnet_regiis.exe -pef “<Section Name>” “<Physical Path located the Config File>”

To Decrypt Section
> aspnet_regiis.exe -pdf “<Section Name>” “<Physical Path located the Config File>”

Note
Encrypt or Decrypt Configuration Sections
    -pef <section> <physicalPath> → Encrypts a specific configuration section.

Example: aspnet_regiis -pef "appSettings" "C:\MyApp"

    -pdf <section> <physicalPath> → Decrypts a specific configuration section.

Example: aspnet_regiis -pdf " appSettings" "C:\MyApp"

C#13's Preview functionality is now semi-auto-implemented Properties. When specifying properties in class files, this feature greatly improves readability and cuts down on boilerplate code. Let's examine one straightforward situation to gain a better understanding.

Situation
Typically, an auto-implemented property is declared in C#.
public int EmplSalary { get; set; }

The compiler automatically generates a backing field like (Ex: _empSalary) and internal getter/setter methods (void set_EmplSalary(int empSalary) and int get_EmplSalary()).
However, In our real-time project cases, we need to set some custom logic such as validation, default values, computations, or lazy loading in the property’s getter or setter, we typically need to manually define the backing field.

C# 13 preview
This process is simplified by the introduction of the field keyword, which allows direct access to the backing field without the need for manual definition, as this feature is currently in the Preview stage. We have to apply the following keyword to use this in our project settings. Edit the project file by adding <LangVersion>preview</LangVersion>. So, It supports field property in project usage.

The following code gives a more illustrative idea about usage.

Before .NET 9

private int _empSalary;

/// <summary>
/// Before .NET 9
/// </summary>
public int EmpSalary
{
    get => _empSalary;
    set
    {
        if (value <= 0)
            throw new ArgumentOutOfRangeException(nameof(value),
                "Salary must be greater than 0");
        _empSalary = value;
    }
}

.NET 9 (Preview)
/// <summary>
/// In .NET 9
/// </summary>
public int EmployeeSalary
{
    get => field;
    set
    {
        if (value <= 0)
            throw new ArgumentOutOfRangeException(nameof(value),
                "Salary must be greater than 0");
        field = value;
    }
}

Benefits

• Less Boilerplate Code: Removes the necessity for private backing fields, leading to more streamlined and concise code.
• Enhanced Readability: Eliminates concerns about naming backing fields, as the standardized field keyword improves code clarity.
• Property-Scoped Field: The private property field is accessible only within the property itself, ensuring better encapsulation and preventing unintended access elsewhere in the parent class. This key feature of C# 13 Semi-Auto Properties effectively mitigates a common source of errors.

Please also read Understanding UUID v7 in .NET 9 for other .NET9 related features.

Summary
This feature helps in our project's day-to-day scenarios with the benefits of Less Boilerplate Code, Enhanced Readability, and Property-Scoped Fields. As this feature is still in Preview mode, please use it with caution in our real-time projects.

Microsoft declared that they would no longer include the default Swagger gen UI with any.NET API project after the release of.NET 9. In the past, Microsoft incorporated the Swagger Swashbuckle package automatically when we established a.NET API project. This package had methods like apps.UseSwagger() and app.UseSwaggerUI(). Without the need for third-party apps like Postman, these techniques demonstrated API documentation with a preset user interface for testing straight in the browser. Nevertheless,.NET 9 web API projects no longer integrate Swagger. The package hasn't been properly maintained lately, and a lot of user-reported problems are still unfixed, hence this choice was made.

Microsoft.AspNetCore is a new package developed by the Microsoft team.Similar to Swagger, OpenApi offers integrated OpenAPI documentation production. Nevertheless, this just offers JSON documentation for all endpoints and schema definitions; the browser does not display any user interface. This change's primary objective is to enable customers to utilize any UI library they choose, be it Swagger or another option. You may still add Swagger to your project and carry out all of the same tasks as before, even though Microsoft removed the default package.

Although there are a lot of Swagger substitutes out there right now, we'll talk about and use Scalar in our API project in this post. Scalar has gained popularity among developers after Swagger.

Starting a New Project
You will be prompted to configure OpenAPI support when you create new projects with.NET 9. This checkbox will register the OpenAPI service in the program and add the Microsoft.AspNetCore.OpenApi package to your project.such a cs file.

var builder = WebApplication.CreateBuilder(args);
builder.Services.AddOpenApi();

var app = builder.Build();

if (app.Environment.IsDevelopment())
{
    app.MapOpenApi();
}

Now, when you run your API and navigate to /OpenApi/v1.json, it will show the documentation generated by default, which contains information about your endpoints and all the schemas you have used, as shown in the image below.

Configure Scalar.NET
First, open your package manager and install Scalar.AspNetCore.

Then, just add the app.MapScalarApiReference(); in your program.cs file to map all the API references and routes of Scalar UI. Now, if you go to /Scalar/V1, you will see a beautiful UI for your endpoints. Here, I only have one endpoint, so it looks like this.

Configure Options of Scalar
You can configure multiple options and change the settings of your UI. Some configurations include.

• Title: Set the document title which shows on top of the browser tab
• DarkMode: true/false to enable and disable dark mode
• Favicon: Set the favicon of the document
• DefaultHttpClient: Show the default HTTP client when UI loads in the browser. It shows the code implementation for the respective programming language.
• HideModels: true/false to set whether to show model definitions
• Layout: Set the layout/theme of Scalar UI
• ShowSidebar: true/false to set whether to show sidebar. This only works when you have chosen the modern layout.

And many more.

Open Scalar UI by Default
You might have noticed that we have to type scalar/v1 every time in the URL to see the Scalar UI. We can change the launch URL so we don't have to do this repeatedly. Open the launchsettings.json file and add the launch URL to your profile. I have added it for both HTTP and HTTPS. You can configure it as per your requirements.

Working with Authorization and JWT Token
In most APIs, we implement JWT tokens or other types of token authentication. So, I have added a few lines of code to implement authorization using the JWT token. I have also installed Microsoft.AspNetCore.Authentication.JwtBearer package for this.
builder.Services
    .AddAuthorization()
    .AddAuthentication(x =>
    {
        x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
        x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
    })
    .AddJwtBearer(x =>
    {
        x.RequireHttpsMetadata = false;
        x.SaveToken = true;
        x.TokenValidationParameters = new TokenValidationParameters
        {
            ValidateIssuerSigningKey = false,
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes("your_jwt_key")),
            ValidateIssuer = false,
            ValidateAudience = false
        };
    });

app.UseAuthentication();
app.UseAuthorization();

app.MapGet("/test1", () => "This is test 1 endpoint")
    .WithName("Test1")
    .RequireAuthorization();

When I call this test1 endpoint, it gives me a 401 error (unauthorized). So, how can we resolve this? We can simply pass an auth token, but if you look at Scalar, there's no option to add an auth/bearer token on their UI. There's no option for Auth type even if I have added PreferredSecurityScheme as Bearer in MapScalarApiReference.
options.Authentication = new ScalarAuthenticationOptions
{
    PreferredSecurityScheme = "Bearer"
};

If you pass your auth token in headers with the Authorization key, it works, but that's not what we want, right? We want a similar interface to Swagger, which shows options to add tokens on the home page or in individual endpoints.

However, there is a way to achieve what we want and resolve this issue. We can use the functionality of document transformers in OpenAPI

Using this Transformer, we can inform Scalar that we want to show the Authentication option on our UI so that Scalar can add it on the home page and also in individual endpoints.

Here's the transformer class.
internal sealed class BearerSecuritySchemeTransformer : IOpenApiDocumentTransformer
{
    private readonly IAuthenticationSchemeProvider _authenticationSchemeProvider;

    public BearerSecuritySchemeTransformer(IAuthenticationSchemeProvider authenticationSchemeProvider)
    {
        _authenticationSchemeProvider = authenticationSchemeProvider;
    }

    public async Task TransformAsync(OpenApiDocument document, OpenApiDocumentTransformerContext context, CancellationToken cancellationToken)
    {
        var authenticationSchemes = await _authenticationSchemeProvider.GetAllSchemesAsync();

        if (authenticationSchemes.Any(authScheme => authScheme.Name == "Bearer"))
        {
            var requirements = new Dictionary<string, OpenApiSecurityScheme>
            {
                ["Bearer"] = new OpenApiSecurityScheme
                {
                    Type = SecuritySchemeType.Http,
                    Scheme = "bearer",
                    In = ParameterLocation.Header,
                    BearerFormat = "JWT"
                }
            };

            document.Components ??= new OpenApiComponents();
            document.Components.SecuritySchemes = requirements;

            foreach (var operation in document.Paths.Values.SelectMany(path => path.Operations))
            {
                operation.Value.Security.Add(new OpenApiSecurityRequirement
                {
                    [new OpenApiSecurityScheme
                    {
                        Reference = new OpenApiReference
                        {
                            Id = "Bearer",
                            Type = ReferenceType.SecurityScheme
                        }
                    }] = Array.Empty<string>()
                });
            }
        }
    }
}

This code will add an Authentication option on the Home page and in all request endpoints where you can pass your token to send requests.

This code modifies OpenAPI/Scalar documentation to show that the API supports Bearer token authentication.

• It first checks if the API has "Bearer" authentication enabled
• If Bearer authentication exists, it adds a security scheme in OpenAPI/Scalar
• This security scheme tells OpenAPI/Scalar that requests should include a JWT (JSON Web Token) in the Authorization header
• By default, this only adds support for authentication but does not require it in OpenAPI/Scalar UI
• To make authentication look required in the UI, the code loops through all API endpoints and marks them as needing a Bearer token

The following loop does that,
foreach (var operation in document.Paths.Values.SelectMany(path => path.Operations))
{
    operation.Value.Security.Add(new OpenApiSecurityRequirement
    {
        [new OpenApiSecurityScheme
        {
            Reference = new OpenApiReference
            {
                Id = "Bearer",
                Type = ReferenceType.SecurityScheme
            }
        }] = Array.Empty<string>()
    });
}

This only affects the OpenAPI/Scalar UI and does not actually enforce authentication in the API. Even if the UI shows authentication as required, the API will still accept requests without a token unless it has [Authorize] or RequireAuthorization().

To apply this transformation in OpenAPI/Scalar, use the following line.
builder.Services.AddOpenApi(options =>
{
    options.AddDocumentTransformer<BearerSecuritySchemeTransformer>();
});

This ensures the security scheme and requirements are added whenever OpenAPI/Scalar documentation is generated. If you want to actually enforce authentication, you need to add [Authorize] to controllers or RequireAuthorization() in Minimal API. Now you can pass your token in this input, and it will be passed to the server without any issue, and you won't get a 401 error anymore.

I hope you like this article. If you have any questions, you can ask them in the comments, and don't forget to like and follow.

Abstract: In an ASP.NET8 MVC application, we demonstrate how to set up the use of numerous Bootstrap 5 themes. There are a lot of free Bootstrap 5 themes online that can improve the appearance of web apps.

1. The requirement for a more polished user interface
By default, the ASP.NET8 MVC project uses the Bootstrap 5 CSS UI framework. However, for some reason, the Bank application I was working on does not look very good with the default Bootstrap 5 color scheme. I therefore had to find some better Bootstrap 5 themes.

1.1. Free Bootstrap 5 themes
There are many free Bootstrap themes on the Internet. I liked the site Bootswatch [1]. Themes there are FREE, with an MIT license. I decided to use those free themes for my project. I realized, theoretically, I can even make the admin choose the theme for the app from several themes I offer preinstalled. So, I decided to make a proof-of-concept application.

2. Installing multiple Bootstrap 5 Themes
2.1. Configuration in appsetting.json
I decided to enable the web application admin to select the theme he/she prefers using the configuration option in appsettings.json.

2.2. Installing multiple themes
I downloaded several themes I liked and installed in the app.

2.3. Passing theme number to the Partial view
I defined my model and passed the info to _Layout.cshtml.
From there, I passed the info to the partial view _LoadingLayoutJsAndCss.cshtml.

In that partial view _LoadingLayoutJsAndCss.cshtml, I decide which Bootstrap theme to load based on the number configured in appsettings.json.

3. Final result
I will just show here what some themes look like in my prototype ASP.NET8 app. Please note that Theme 0 is the default Bootstrap 5 theme. It is pretty impressive how a good theme can change an app's look. The problem is that Bootstrap Theme sometimes changes not just colors but border thickness, button shape (rounded, square, etc), spacing between elements, etc. Theoretically, you need to test every dialog/form for each Bootstrap Theme you offer to users.

4. Concerns and Conclusion
The problem is that each theme not only changes colors but also button sizes and spacing, so theoretically, one would need to test “every form for every theme” to make sure it renders properly before delivering the product. I needed to do some work on CSS to support Themes. I needed to make sure components CSS like Breadcrumb and DataTables inherit colors from the theme. The problem is if they have color definitions in their own CSS, they will not follow the theme. You might need to do some work there.

If the project team/QA team wants to focus on only one theme, you can use the HARDCODE theme number in the release build and disable that config option. Just, I think the developers-team would need to do development in the Bootstrap default theme (0), to make sure they do not fall for some bug in the theme itself. Those themes themselves can have bugs/issues. Still, it is amazing how many quality free resources one can find for the Bootstrap UI framework.