Your ASP.NET Core Web API will change over time as you develop it. You can enhance current endpoints, modify answer formats, or add new functionalities. However, what happens to current users who have already made use of your API? API versioning becomes crucial in this situation.

By maintaining different versions of your API, you can enable new clients to utilize current features while maintaining the functionality of older clients. This post will teach you a straightforward, useful, and methodical approach to implementing API versioning in ASP.NET Core Web API.

What is versioning of an API?
One method that enables many versions of your API to exist simultaneously is called API versioning.

To put it simply:

• Version 1 is still being used by older users.
• Version 2 is available to new users.
• Your program is still reliable and compatible with older versions.

In real-world systems, where disruptive changes can impact thousands of users, this is crucial.

Why API Versioning is Important
API versioning helps you:

1. Avoid breaking existing clients
2. Introduce new features safely
3. Maintain backward compatibility
4. Manage API lifecycle effectively

Without versioning, even small changes can break applications that depend on your API.

Types of API Versioning in ASP.NET Core
There are multiple ways to implement API versioning:

• URL Versioning (most common)
• Query String Versioning
• Header Versioning
• Media Type Versioning

Let’s understand each one in simple terms.

URL Versioning
Version is included in the URL.

Example:
/api/v1/products
/api/v2/products

This is the easiest and most widely used approach.

Query String Versioning
Version is passed as a query parameter.

Example:
/api/products?version=1

Header Versioning

Version is passed in request headers.

Example:
api-version: 1

Media Type Versioning
Version is specified in the Accept header.

Example:
application/json;v=1

Prerequisites
Before starting, ensure you have:

• ASP.NET Core Web API project
• .NET SDK installed
• Basic understanding of controllers and routing

Step 1: Install API Versioning Package
Run the following command:
dotnet add package Microsoft.AspNetCore.Mvc.Versioning

This package provides built-in support for API versioning.

Step 2: Configure API Versioning in Program.cs
Open your Program.cs file and add the following configuration:
builder.Services.AddApiVersioning(options =>
{
    options.AssumeDefaultVersionWhenUnspecified = true;
    options.DefaultApiVersion = new ApiVersion(1, 0);
    options.ReportApiVersions = true;
});

Explanation:

1. AssumeDefaultVersionWhenUnspecified → Uses default version if not provided
2. DefaultApiVersion → Sets default version
3. ReportApiVersions → Returns supported versions in response headers

Step 3: Add Versioning to Controller
Now, define API version in your controller.
[ApiController]
[Route("api/v{version:apiVersion}/[controller]")]
[ApiVersion("1.0")]
public class ProductsController : ControllerBase
{
    [HttpGet]
    public IActionResult Get()
    {
        return Ok("Products from API Version 1");
    }
}

This controller handles version 1 of the API.

Step 4: Create Version 2 of API
Now, let’s create a second version.
[ApiController]
[Route("api/v{version:apiVersion}/[controller]")]
[ApiVersion("2.0")]
public class ProductsV2Controller : ControllerBase
{
    [HttpGet]
    public IActionResult Get()
    {
        return Ok("Products from API Version 2 with new features");
    }
}

Now you have two versions running side by side.

Step 5: Using Multiple Versions in Same Controller
You can also support multiple versions in a single controller.
[ApiController]
[Route("api/v{version:apiVersion}/[controller]")]
[ApiVersion("1.0")]
[ApiVersion("2.0")]
public class OrdersController : ControllerBase
{
    [HttpGet]
    [MapToApiVersion("1.0")]
    public IActionResult GetV1()
    {
        return Ok("Orders from Version 1");
    }

    [HttpGet]
    [MapToApiVersion("2.0")]
    public IActionResult GetV2()
    {
        return Ok("Orders from Version 2");
    }
}

This helps reduce code duplication.

Step 6: Configure Query String Versioning
If you want to use query string versioning:
options.ApiVersionReader = new QueryStringApiVersionReader("version");

Now API can be called like:
/api/products?version=1

Step 7: Configure Header Versioning
options.ApiVersionReader = new HeaderApiVersionReader("api-version");

Request example:
api-version: 1

Step 8: Best Practices for API Versioning
Follow these best practices:

• Use clear version naming (v1, v2)
• Avoid breaking changes in existing versions
• Deprecate old versions gradually
• Document all versions properly
• Use URL versioning for simplicity

Step 9: Real-World Example
Imagine an e-commerce API:
Version 1:

• Returns product name and price

Version 2:

• Adds product description and category
• Old apps continue using v1, while new apps use v2.
• This ensures smooth upgrades without breaking existing users.

Advantages of API Versioning

• Better maintainability
• Smooth upgrades
• Improved developer experience
• Backward compatibility

Summary
Building scalable and future-proof apps requires the use of ASP.NET Core Web API versioning. It enables you to implement changes without upsetting current customers. You may simply manage different API versions using URL, query string, or headers by utilizing built-in versioning functionality. As your API develops, adhering to best practices guarantees that it will continue to be dependable, adaptable, and simple to maintain.

User accounts must be protected from phishing, credential-stuffing, and password theft by modern web apps. Using Two-Factor Authentication (2FA) is one of the best techniques to improve authentication security. Modern apps are increasingly using Passkeys, which provide passwordless authentication based on the FIDO2/WebAuthn standard, in addition to more conventional 2FA techniques like email codes, SMS codes, and authenticator apps.

Hybrid Authentication Process: For a safe user experience, a single process that supports both contemporary, direct passkey login and conventional password-based entry with optional 2FA.

The Significance of Two-Factor Authentication
Passwords by themselves are no longer adequate for account security. Phishing, database leaks, and brute-force assaults are common ways for attackers to get passwords.

A second verification element is introduced by Two-element Authentication (2FA), which is usually classified as:

• Something you are familiar with, like a PIN or password
• You own a phone, an authenticator app, or a security key.
• Something you are: biometrics like Face ID or fingerprints

When 2FA is set, hackers cannot access the account without the second factor, even if a password is stolen.

Two-Factor Authentication Flow: A multi-layered security process requiring a secondary OTP verification step to ensure protected user access.

2FA Methods in ASP.NET Core
ASP.NET Core Identity provides built-in support for several 2FA mechanisms:

• Email verification codes
• SMS verification codes
• Authenticator apps (TOTP)
• Recovery codes

During login, if 2FA is enabled, the authentication process is split into two steps.

Passkeys vs 2FA

Passkeys in ASP.NET Core

In ASP.NET Core, passkeys
Modern, passwordless, and phishing-resistant authentication methods are made possible by ASP.NET Core's support for passkey authentication based on the FIDO2/WebAuthn standard.

The Fido2 can be used to accomplish the implementation.A ready-to-use library for incorporating passkey registration and authentication routines into ASP.NET Core applications is provided by the AspNet package, which is accessible on NuGet.

Add package Fido to Dotnet.2. AspNet—version 4.0.0

Simple registration process:

Basic registration flow:

• User clicks Register Passkey
• Server generates a WebAuthn challenge
• Browser prompts biometric verification
• Device creates a cryptographic key pair
• Public key is stored on the server

Login flow:

• User selects Sign in with Passkey
• Browser prompts biometric verification
• Device signs the challenge using private key
• Server validates the signature

Security Best Practices
When implementing authentication systems in ASP.NET Core, follow these recommendations:

• Enable account lockout after multiple failed attempts
• Require email confirmation
• Store recovery codes securely
• Enforce HTTPS
• Log authentication events
• Allow users to manage 2FA/passkey methods from a dashboard

Conclusion
Two-Factor Authentication significantly improves account security by requiring additional verification beyond passwords. ASP.NET Core Identity provides built-in support for implementing multiple 2FA methods including email, SMS, and authenticator apps. However, the future of authentication is shifting toward passwordless systems like passkeys , which offer stronger protection against phishing and credential theft while improving user experience.

By combining 2FA with passkey authentication , developers can build modern, secure, and user-friendly authentication systems.

Large files, like films, PDFs, or CAD models, must frequently be efficiently delivered to consumers by modern web apps. ASP.NET Core enables developers to handle HTTP range requests and stream files instead of loading whole files into memory, allowing clients to restart stopped downloads or download files in part. This approach saves memory, improves performance, and enhances the user experience.

1. Comprehending ASP.NET Core File Streaming
The full file is loaded into memory when using conventional file download techniques like File.ReadAllBytes(), which is ineffective for big files.
In contrast, streaming allows clients to begin receiving material while the remainder of the file is still being read because it transmits data in chunks.
For instance, simple file streaming.

[HttpGet("download/{fileName}")]
public async Task<IActionResult> DownloadFile(string fileName)
{
    var filePath = Path.Combine("Files", fileName);

    if (!System.IO.File.Exists(filePath))
        return NotFound("File not found.");

    var stream = new FileStream(filePath, FileMode.Open, FileAccess.Read);
    return File(stream, "application/octet-stream", fileName);
}

Key Points
The file is not fully loaded into memory.
ASP.NET Core handles streaming automatically using FileStreamResult.

Ideal for large media files or document downloads.

2. Supporting Range Requests for Partial Downloads
Modern browsers and video players often request byte ranges instead of entire files to support:

Resumable downloads
Media streaming (e.g., MP4 playback)

Efficient caching
You can manually implement HTTP range handling to support these cases.

Example: Range Request Implementation
[HttpGet("stream/{fileName}")]
public async Task<IActionResult> StreamFile(string fileName)
{
    var filePath = Path.Combine("Files", fileName);

    if (!System.IO.File.Exists(filePath))
        return NotFound();

    var fileInfo = new FileInfo(filePath);
    var fileLength = fileInfo.Length;
    var rangeHeader = Request.Headers["Range"].ToString();

    if (string.IsNullOrEmpty(rangeHeader))
        return PhysicalFile(filePath, "application/octet-stream", enableRangeProcessing: true);

    // Parse range
    var range = rangeHeader.Replace("bytes=", "").Split('-');
    var start = long.Parse(range[0]);
    var end = range.Length > 1 && !string.IsNullOrEmpty(range[1]) ? long.Parse(range[1]) : fileLength - 1;
    var contentLength = end - start + 1;

    Response.StatusCode = StatusCodes.Status206PartialContent;
    Response.Headers.Add("Accept-Ranges", "bytes");
    Response.Headers.Add("Content-Range", $"bytes {start}-{end}/{fileLength}");
    Response.Headers.Add("Content-Length", contentLength.ToString());

    using var fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read);
    fs.Seek(start, SeekOrigin.Begin);
    var buffer = new byte[64 * 1024]; // 64KB buffer

    long remaining = contentLength;
    while (remaining > 0)
    {
        var count = (int)Math.Min(buffer.Length, remaining);
        var read = await fs.ReadAsync(buffer, 0, count);
        if (read == 0) break;
        await Response.Body.WriteAsync(buffer.AsMemory(0, read));
        remaining -= read;
    }

    return new EmptyResult();
}

What Happens Here?
The API reads the Range header from the client request.

It calculates the byte segment to send.

The file is streamed incrementally, allowing pause/resume functionality.

3. Enabling Range Processing Automatically
ASP.NET Core provides built-in range processing for static or physical files:
app.UseStaticFiles(new StaticFileOptions
{
    ServeUnknownFileTypes = true,
    OnPrepareResponse = ctx =>
    {
        ctx.Context.Response.Headers.Append("Accept-Ranges", "bytes");
    }
});

Alternatively, you can use PhysicalFile() or VirtualFile() with:
return PhysicalFile(filePath, "application/pdf", enableRangeProcessing: true);

This is ideal when you want a simple and efficient approach without manually parsing headers.

4. Real-World Use Cases
Video Streaming Platforms – Serve MP4 files efficiently using range-based streaming.
Document Viewers (PDF, DOCX) – Load only required file sections for faster rendering.
AutoCAD or 3D File Renderers – Fetch model data progressively for WebGL visualization.
Download Managers – Enable users to pause/resume downloads seamlessly.

5. Performance Optimization Tips
Use asynchronous file I/O (await fs.ReadAsync) to avoid blocking threads.

• Keep buffer sizes between 32KB–128KB for optimal throughput.
• Serve large files from Azure Blob Storage, AWS S3, or CDN when possible.
• Cache metadata (file size, last modified) to reduce disk I/O.

Conclusion
Scalability, enhanced user experience, and effective resource use are guaranteed when file streaming and range requests are implemented in ASP.NET Core.
These methods let you manage contemporary client expectations, such resumable downloads and media streaming, without overtaxing your server memory, whether you're offering PDFs, movies, or big datasets.

You may create a versatile, high-performance file distribution system that satisfies user and company requirements by fusing custom streaming logic with ASP.NET Core's built-in range processing.

If you are using AutoWrapper for generating a consistent Http response for your ASP.NET Core API's and you have some server-side applications (.NET Clients) that consume the Response, chances are you are forced to create a schema to properly deserialize the ApiResponse to your Model. The idea behind this project was based on community feedback by dazinator. It occurs to me as well that this might be a common scenario. Big thanks to dazinator!

AutoWrapper.Server is simple library that enables you unwrap the Result property of the AutoWrapper's ApiResponse object in your C# .NET Client code. The goal is to deserialize the Result object directly to your matching Model without having you to create the ApiResponse schema.

Installation
1) Download and Install the latest AutoWrapper.Server from NuGet or via CLI:
PM> Install-Package AutoWrapper.Server -Version 2.0.0 

2) Declare the following namespace in the class where you want to use it.
using AutoWrapper.Server; 

Sample Usage
[HttpGet] 
public async Task<IEnumerable<PersonDTO>> Get()   
{ 
    var client = HttpClientFactory.Create(); 
    var httpResponse = await client.GetAsync("https://localhost:5001/api/v1/persons"); 
 
    IEnumerable<PersonDTO> persons = null; 
    if (httpResponse.IsSuccessStatusCode) 
    { 
        var jsonString = await httpResponse.Content.ReadAsStringAsync(); 
        persons = Unwrapper.Unwrap<IEnumerable<PersonDTO>>(jsonString); 
    } 
 
    return persons; 
} 

If you are using the [AutoWrapperPropertyMap] to replace the default Result property to something else like Payload, then you can use the following overload method below and pass the matching property:
Unwrapper.Unwrap<IEnumerable<PersonDTO>>(jsonString, "payload"); 

Using the UnwrappingResponseHandler

Alternatively you can use the UnwrappingResponseHandler like below:
[HttpGet] 
public async Task<IEnumerable<PersonDTO>> Get()   
{ 
    var client = HttpClientFactory.Create(new UnwrappingResponseHandler()); 
    var httpResponse = await client.GetAsync("https://localhost:5001/api/v1/persons"); 
 
    IEnumerable<PersonDTO> persons = null; 
    if (httpResponse.IsSuccessStatusCode) 
    { 
        var jsonString = await httpResponse.Content.ReadAsStringAsync(); 
        persons = JsonSerializer.Deserialize<IEnumerable<PersonDTO>>(jsonString); 
    } 
 
    return persons; 
} 

You can also pass the matching property to the handler like in the following:

var client = HttpClientFactory.Create( new UnwrappingResponseHandler("payload")); 

That's it. If you used AutoWrapper or if you find this useful, please give it a star to show your support and share it to others.

While working on the dotNetTips Dev Cleaner utility, I wanted to make the deletion of files even faster. While writing this utility I found and worked on speed issues, almost all relating to updating the user interface. So to decouple the deleting from the UI, I decided to add a new feature to the dotNetTips.Utility open source project.

Processor Class
I added a new class in the dotNetTips.Utility.IO namespace called Processor. The purpose of this class is to copy, move and delete files while firing events that can be used to update the UI. Unlike other methods I have used in other frameworks if an exception occurs, it fires an event and keeps processing.

First I created the event,
public event EventHandler<ProgressEventArgs> Processed; 
 
protected virtual void OnProcessed(ProgressEventArgs e) 
{ 
EventHandler<ProgressEventArgs> processedEvent = this.ProcessedEvent; 
if (processedEvent != null) 
{ 
processedEvent(this, e); 
} 
}  

//The event above is called by the code below: 

public int DeleteFiles(IEnumerable<FileInfo> files) 
{ 
    Encapsulation.TryValidateParam(files, "files", ""); 
    int result = 0; 
    IEnumerator<FileInfo> enumerator; 
    try 
    { 
        enumerator = files.AsParallel<FileInfo>().GetEnumerator(); 
        while (enumerator.MoveNext()) 
        { 
            FileInfo current = enumerator.Current; 
            if (current.Exists) 
            { 
                try 
                { 
                    current.Delete(); 
                    result++; 
                    ProgressEventArgs e = new ProgressEventArgs(); 
                    e.Name = current.FullName; 
                    e.ProgressState = ProgressState.Deleted; 
                    e.Size = current.Length; 
                    this.OnProcessed(e); 
                    continue; 
                } 
                catch (Exception ex) 
                { 
                    ProjectData.SetProjectError(ex); 
                    ProgressEventArgs e1 = new ProgressEventArgs(); 
                    e1.Name = current.FullName; 
                    e1.ProgressState = ProgressState.Error; 
                    e1.Size = current.Length; 
                    e1.Message = ex.Message; 
                    this.OnProcessed(e1); 
                    ProjectData.ClearProjectError(); 
                    continue; 
                } 
            } 

            ProgressEventArgs e2 = new ProgressEventArgs(); 
            e2.Name = current.FullName; 
            e2.ProgressState = ProgressState.Error; 
            e2.Size = current.Length; 
            e2.Message = Resources.FileNotFound; 
            this.OnProcessed(e2); 
        } 
    } 
    finally 
    { 
        if (enumerator != null) 
        { 
            enumerator.Dispose(); 
        } 
    } 

    return result; 
} 

This new class helped my utility go from deleting 1K files per second to up to around 2K per second!

HostForLIFE.eu ASP.NET Core 2.2.1 Hosting
European best, cheap and reliable ASP.NET hosting with instant activation. HostForLIFE.eu is #1 Recommended Windows and ASP.NET hosting in European Continent. With 99.99% Uptime Guaranteed of Relibility, Stability and Performace. HostForLIFE.eu security team is constantly monitoring the entire network for unusual behaviour. We deliver hosting solution including Shared hosting, Cloud hosting, Reseller hosting, Dedicated Servers, and IT as Service for companies of all size.

In this tutorial, I'm going to explain about cookie based authentication in ASP.NET 5. I am implementing a cookie authentication in ASP.NET MVC application. Similar to other middleware components in ASP.NET, Cookie Authentication is also a middleware component, which you need to plug into ASP.NET pipeline.

For implementing cookie authentication, you require reference of Cookie middleware, here is the project.json file.
{
    "dependencies": {
        "Microsoft.AspNet.Diagnostics": "1.0.0-beta1",
        "Microsoft.AspNet.Hosting": "1.0.0-beta1",
        "Microsoft.AspNet.Mvc": "6.0.0-beta1",
        "Microsoft.AspNet.Server.WebListener": "1.0.0-beta1",
        "Microsoft.AspNet.Security": "1.0.0-beta1",
        "Microsoft.AspNet.Security.Cookies": "1.0.0-beta1",
        "Microsoft.AspNet.StaticFiles": "1.0.0-beta1",
    },
    "commands": {
        "web": "Microsoft.AspNet.Hosting --server Microsoft.AspNet.Server.WebListener --server.urls http://localhost:5001"
    },
     "frameworks": {
        "aspnet50": {}
  }
}

All the components used in this project are available in ASP.NET Core Framework as well.

Now you need to plug the Cookie authentication module to use in ASP.NET pipeline, you can do this via Startup.cs file.

public class Startup
{
    public void Configure(IApplicationBuilder app)
    {
        app.UseErrorPage();
 
        app.UseServices(services =>
        {
            services.AddMvc();
        });
     
        app.UseCookieAuthentication(options => {
            options.LoginPath = new PathString("/Home/Login");
        });
        app.UseMvc();                       
    }       
}

Now, you need to apply the Authorize filter to protect resources, I am applying it in the class level. When there is a unauthorized request to such resource, filter returns 401 and the cookie middleware redirects to /Home/Login.

Note: You need to set the LoginPath property explicitly, otherwise it may not redirect.

Authorize]
public class HomeController : Controller
{
    public IActionResult Index()
    {
        return View();
    }
}

And here is the Login action method, this code is for illustration purpose only, I not validating against database, if username and password matches the hard coded credentials, identity is established with that username.

[AllowAnonymous]
public IActionResult Login()
{
    return View();
}
 
[HttpPost, AllowAnonymous]
public IActionResult Login(User user)
{
    if(user.UserName == "admin" && user.Password == "Password")
    {
        var claims = new[]
        {
            new Claim("name", user.UserName)
        };
        var identity = new ClaimsIdentity(claims,
            CookieAuthenticationDefaults.AuthenticationType);
        Context.Response.SignIn(identity);
 
        return Redirect("~/");
    }
    else
    {
        ModelState.AddModelError("LogOnError",
            "The user name or password provided is incorrect.");
    }
    return View(user);
}
 
public IActionResult Logout()
{
    Context.Response.SignOut
    (CookieAuthenticationDefaults.AuthenticationType);
    return View("Login");
}

And here is the Login view

@using(Html.BeginForm())
{
    @Html.LabelFor(model => model.UserName)
    @Html.EditorFor(model => model.UserName)
    @Html.LabelFor(model => model.Password)
    @Html.PasswordFor(model => model.Password)
    <input type="submit" value="Sign In" />
    <br/>
    @Html.ValidationMessage("LogOnError")
}

To verify the implementation, install the required packages using kpm restore command, once it finishes, execute k web command. If web server is started, browse http://localhost:5001/, which will redirect to /Home/Login page, where you can enter the credentials, you will redirect back to /Home/Index page.

HostForLIFE.eu ASP.NET 5 Hosting
European best, cheap and reliable ASP.NET hosting with instant activation. HostForLIFE.eu is #1 Recommended Windows and ASP.NET hosting in European Continent. With 99.99% Uptime Guaranteed of Relibility, Stability and Performace. HostForLIFE.eu security team is constantly monitoring the entire network for unusual behaviour. We deliver hosting solution including Shared hosting, Cloud hosting, Reseller hosting, Dedicated Servers, and IT as Service for companies of all size.

In this tutorial, I will explain about how to inject little codes in HTTP Pipeline in ASP.NET Core. “Middleware is defined in the OWIN specification as pass through components that form a pipeline between a server and application to inspect, route, or modify request and response messages for a specific purpose. Middleware consists of application components are incorporated into the ASP.NET HTTP pipeline.” The text is in the ASP.NET Core documentation, and as can be seen, with middleware we can insert a component that is incorporated in ASP.NET HTTP pipeline, that is, we can develop a code with a purpose to manipulate the requests and responses.

A characteristic of middleware is that normally there will a chain of middleware whereby order of configuration, one is called after the end of other and the current middleware can on any moment cancel invoking the next middleware, thus all chains of middleware will be canceled.

Do you have doubts about what is middlewares? We can compare middleware with the old http modules that today don’t exist in the new ASP.NET. I have already seen somebody comparing middlewares with a hamburger, because the middle is middleware and the ends are the application and the server. How much more middleware, bigger is the hamburger.

To get more clarity about the subject, I am going to show some middlewares that already are utilized by default in application templates to ASP.NET Core, and after I am going to create a custom middleware.

Below I show the startup class, note that there are some comments that indicate where there is a middleware.

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            loggerFactory.AddConsole(Configuration.GetSection("Logging"));
            loggerFactory.AddDebug();

            app.UseApplicationInsightsRequestTelemetry();

            if (env.IsDevelopment())
            {
                app.UseBrowserLink(); //Middleware
                app.UseDeveloperExceptionPage(); //Middleware
                app.UseDatabaseErrorPage(); //Middleware
            }
            else
            {
                app.UseExceptionHandler("/Home/Error"); //Middleware

                try
                {
                    using (var serviceScope = app.ApplicationServices.GetRequiredService<IServiceScopeFactory>()
                        .CreateScope())
                    {
                        serviceScope.ServiceProvider.GetService<ApplicationDbContext>()
                             .Database.Migrate();
                    }
                }
                catch { }
            }

            app.UseIISPlatformHandler(options => options.AuthenticationDescriptions.Clear()); //Middleware

            app.UseApplicationInsightsExceptionTelemetry(); //Middleware

            app.UseStaticFiles(); //Middleware

            app.UseIdentity(); //Middleware

            app.UseMvc(routes =>
            {
                routes.MapRoute(
                    name: "default",
                    template: "{controller=Home}/{action=Index}/{id?}");
            }); //Middleware
        }

Did you see the middlewares utilized in code? Here, each middleware has a responsibility and the gain that we have is we can choose only the ones needed for our project, different from old version of ASP.NET that by default many features were added even when they were not necessary. A very good phrase says: “Pay only by what you use”, in other words, how many fewer middleware you use, the less heavy will be the HTPP pipeline.

Other thing to observe that in code above, all the middlewares start with a “Use”, this is a pattern done by team ASP.NET.

Now I am going to create a own middleware and my goal will be creating one that shows the total time of application to take care of a request. Below following the code.

using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http;
using System.Diagnostics;
using System.IO;
using System.Threading.Tasks;

namespace MiddlewareArticle.Middleware
{
    public class ResponseTime
    {
        RequestDelegate _next;

        public ResponseTime(RequestDelegate next)
        {
            _next = next;
        }

        public async Task Invoke(HttpContext context)
        {
            var sw = new Stopwatch();
            sw.Start();

            await _next(context);

            var isHtml = context.Response.ContentType?.ToLower().Contains("text/html");

            if (context.Response.StatusCode == 200 && isHtml.GetValueOrDefault())
            {
                var body = context.Response.Body;
               
                using (var streamWriter = new StreamWriter(body))
                {
                    var textHtml = string.Format(
                        "<footer><div id='process'>Response Time {0} milliseconds.</div>",
                        sw.ElapsedMilliseconds);
                    streamWriter.Write(textHtml);
                }
            }
        }
    }
}

As can be seen, making a middleware is not difficult, it needs a constructor to receive the next middleware and an “Invoke” method that receives the context of HTTP. The goal of showing the total time of application gets in method Invoke. Before calling the next middleware, it is started the time and after of calling the next middleware, when all the middlewares already were executed, I execute the code to show in the HTML the total time.

Remember, I know that all middleware were executed because our middleware must be configured before of all others, thus the code will wait all executions and after the instruction “await _next(context);” we can write our code.

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            app.UseMiddleware<ResponseTime>(); //Our Middleware
           
            loggerFactory.AddConsole(Configuration.GetSection("Logging"));
            loggerFactory.AddDebug();
           
            //...
            //Continue with others codes

The code above is only to show the set up of our middleware in the Configure method of the Startup class. To that this works, it is needed using the instruction “app.UseMiddleware();”, where the UseMiddleware method is used to call custom middlewares.

Conclusion

The ASP.NET Core has changed, not the code that we know, but your core and by this, the way of manipulating a request and a response was changed to middleware. Now it’s lighter and easier to stay between an application and a server. However, take care, it is not because it got better that you must now only use that to develop.

HostForLIFE.eu ASP.NET Core 1.0 Hosting
European best, cheap and reliable ASP.NET hosting with instant activation. HostForLIFE.eu is #1 Recommended Windows and ASP.NET hosting in European Continent. With 99.99% Uptime Guaranteed of Relibility, Stability and Performace. HostForLIFE.eu security team is constantly monitoring the entire network for unusual behaviour. We deliver hosting solution including Shared hosting, Cloud hosting, Reseller hosting, Dedicated Servers, and IT as Service for companies of all size.

The JSON format is syntactically identical to the code for creating JavaScript objects. Because of this similarity, instead of using a parser (like XML does), a JavaScript program can use standard JavaScript functions to convert JSON data into native JavaScript objects.

Much Like XML Because

• Both JSON and XML is "self describing" (human readable)
• Both JSON and XML is hierarchical (values within values)
• Both JSON and XML can be parsed and used by lots of programming languages
• Both JSON and XML can be fetched with an XMLHttpRequest

Much Unlike XML Because

• JSON doesn't use end tag
• JSON is shorter
• JSON is quicker to read and write
• JSON can use arrays

The biggest difference is:

XML has to be parsed with an XML parser, JSON can be parsed by a standard JavaScript function.

Visual Studio 2015 with ASP.NET 5 is a sweet surprise for developers. ASP.NET 5 has various JSON files to play with. These files handles global settings for solution, project specific settings, client side packages and node modules packages. In the post, we will take a close look at every JSON file and its code.

As seen from the above image, there are mainly 6 configuration json files.

• Global.json
• appsetting.json
• Project.json
• launchsetting.json
• bower.json
• package.json
• hosting.json: Though this file is not present in solution explorer till RC 1 release but you can add it manually.

Global.json

As the name suggests, the settings defined in the file should work for the solution as whole. The settings defined in global.json implies to all the projects in the solution. If you open the file, by default you will see the following code.

{
  "projects": [ "src", "test" ],
  "sdk": {
    "version": "1.0.0-rc1-update1"
  }
}

The projects property defines the locations of your solution’s source code. VS 2015, specifies two location for projects in the solution src and test. While the src contains the actual application and test project contains any test (if you have selected option of creating test project while creating the solution for first time].

The team has also made a very interesting and useful change. If you recollect, when you build your application, then all your .dll are placed in bin directory in the same path, where your project is. And we have to handle bin folder very carefully while check-in the code in source control and at the time of deployment. But good news is that it is moved to another location. So you don’t have to worry now. The build artifact is now placed in “Artifact” folder (at the same location), which makes life easy while excluding things from source control.

And the second property sdk specifies the version of the DNX (.Net Execution Environment) that Visual Studio will use when opening the solution. Specifying the version has an advantage as while working on multiple projects, you can target different versions of ASP.NET 5.

appsettings.json

appsettings.json file is used to define application related settings like connection string, logging settings, or any other custom key which we used to define in web.config file.

{
  "Data": {
    "DefaultConnection": {
      "ConnectionString": "Server=(localdb)\\mssqllocaldb;Database=aspnet5-FirstApp-0ed2f710-6535-4c4e-b080-c26601fbb414;Trusted_Connection=True;MultipleActiveResultSets=true"
    }
  },
  "Logging": {
    "IncludeScopes": false,
    "LogLevel": {
      "Default": "Verbose",
      "System": "Information",
      "Microsoft": "Information"
    }
  }
}

Project.json

This file is used to define project settings and server side dependencies. It largely replaces the web.config file from previous versions of ASP.NET. Read “What is Project.json in ASP.NET 5 (vNext)”. Few things have changed in ASP.NET 5 RC1 release for project.json file.

launchSetting.json

This json file holds project specific settings associated with each profile Visual Studio is configured to use to launch the application, including any environment variables that should be used. You can define framework for your project for compliation and debugging for specific profiles.

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:2137/",
      "sslPort": 0
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "environmentVariables": {
        "Hosting:Environment": "Development"
      }
    },
    "web": {
      "commandName": "web",
      "environmentVariables": {
        "Hosting:Environment": "Development"
      },
      "sdkVersion": "dnx-clr-win-x86.1.0.0-rc1-update1"
    },
    "kestrel": {
      "commandName": "kestrel",
      "sdkVersion": "dnx-clr-win-x86.1.0.0-rc1-update1"
    }
  }
}

ASP.NET 5 ships with support for 3 different servers:

• Microsoft.AspNet.Server.IIS
• Microsoft.AspNet.Server.WebListener (WebListener)
• Microsoft.AspNet.Server.Kestrel (Kestrel)

So by default, there will be 3 different profiles. However, it also depends on the commands section of project.json. You can change settings for each profile via right click on the Project and then select properties. Read detailed post about launchsetting.json in ASP.NET 5

Bower.json

Bower is a package manager for the web. Bower can manage components that contain HTML, CSS, JavaScript, fonts or even image files. Bower doesn’t concatenate or minify code or do anything else – it just installs the right versions of the packages you need and their dependencies. With ASP.NET 5 web projects jQuery and bootstrap packages are already installed and bower, gulp and NPM are already in place.
Client-side packages are listed in the bower.json file. As mentioned earlier, bootstrap, jQuery and jQuery validation are pre-configured with ASP.NET 5 project templates.

{
  "name": "ASP.NET",
  "private": true,
  "dependencies": {
    "bootstrap": "3.3.5",
    "jquery": "2.1.4",
    "jquery-validation": "1.14.0",
    "jquery-validation-unobtrusive": "3.2.4"
  }
}

Visual Studio watches the bower.json file for changes. Upon saving, the bower install command is executed. There is another file named “ .bowerrc” which defines the location at which bower package needs to be installed. Open it, and notice that the directory property is set to “wwwroot/lib”.

Package.json

npm is another package manager like bower. But npm is used for installing Node js modules where bower is used for managing front end components like html, css, js, etc. As mentioned earlier, the ASP.NET 5 project template pre-configures NPM, Gulp and bower. Gulp is JavaScript task runner which is used to automate various tasks like minification and bundling of js and css, checking errors in js etc… Since Gulp is a node.js module so npm is used. So node.js modules are listed in package.json.\

{
  "name": "ASP.NET",
  "version": "0.0.0",
  "devDependencies": {
    "gulp": "3.8.11",
    "gulp-concat": "2.5.2",
    "gulp-cssmin": "0.1.7",
    "gulp-uglify": "1.2.0",
    "rimraf": "2.2.8"
  }
}

You can see the installed bower and npm modules by expanding src -> dependencies option.

HostForLIFE.eu ASP.NET 5 Hosting
European best, cheap and reliable ASP.NET hosting with instant activation. HostForLIFE.eu is #1 Recommended Windows and ASP.NET hosting in European Continent. With 99.99% Uptime Guaranteed of Relibility, Stability and Performace. HostForLIFE.eu security team is constantly monitoring the entire network for unusual behaviour. We deliver hosting solution including Shared hosting, Cloud hosting, Reseller hosting, Dedicated Servers, and IT as Service for companies of all size.

In this article, I want to share about Ext.Net. Before we begin to learn Ext.net, we need to know what it Ext.net, according to the official web ext.net of are.

Ext.Net is ported to .Net Programming Ext JS, Ext JS is actually also be used in .Net programming, but this Ext.Net easier for developers because it has been created controls can be drag directly to the webform.

Things need to be prepared are:

• IDE for .Net Programming, here I am using Visual Studio 2010
• Ext.Net, which can be downloaded on the official website download ext.net, in sharing this time I used ext.net 2.0.0.rc2 community edition version.
• Extract the downloaded ext.net, in which there Ext.net.dll.
• ASP.Net with C # code behind.

When you get all the things that needed to be prepared:

• Create a project, select Visual C # => Web, and then select ASP.Net Web Application
• Give the name of this project ext.net
• In the ToolBox window, usually on the left side of the screen, or if no can press Ctrl + Alt + X, right-click the toolbox and select Add Tab, named Ext.Net
• Right-click the Toolbox Ext.Net, select Choose Items.
• On the .Net Framework Components, click Browse, find Ext.net.dll then click OK
• Now the ToolBox Ext.Net already charged components Ext.net.
• The next step is to create a webform, named WebForm1.aspx
• Add a ResourceManager to WebForm1.aspx (ResourceManager can be found in the ToolBox Ext.net). ResourceManager is needed by each component Ext.net.
• Add Ext: Button, set property looks like this:
  <ext:Button ID="Button1" runat="server" Text="Direct Event">
        <DirectEvents>
            <Click OnEvent="Button1_Click" />
        </DirectEvents>
  </ext:Button>
  Button1 DirectEvents method to perform the action.
• Then, we move on Code Behind of Webform1.aspx, open webform1.aspx.cs or by pressing the F7 key or you can also select the menu View => Code.
• On Windows Code Behind, on the declaration using (top) add using Ext.Net;
• Then, add the following method Button1_Click
  protected void Button1_Click(Object sender, DirectEventArgs e)
  {
     X.Msg.Notify("DirectEvent", DateTime.Now.ToLongTimeString()).Show();
  }
• Back again to WebForm1.aspx by pressing the Shift + F7 keys or select menu View => Designer.
  Add an Ext: Button again into Webform1.aspx, set its properties as follows.
  <ext:Button ID="Button2" runat="server" Text="Direct Method">
        <Listeners>
            <Click Handler="Ext.net.DirectMethods.DoSomething();" />
        </Listeners>
  </ext:Button>
• Then, add Method Do Something in Code Behind (press F7 to switch to Code Behind window.
  [DirectMethod]
  public void DoSomething()
  {
     X.Msg.Notify("DirectMethod", "Akhirnya bisa Ext.Net").Show();
  }
• When finished, open the Web.Config the solution Explorer, add the following script.
  <httpModules>
     <add name="DirectRequestModule" type="Ext.Net.DirectRequestModule, Ext.Net" />
  </httpModules>
• Run the Project by Press F5 or select Debug menu => Start Debugging
  
  

HostForLIFE.eu ASP.NET 5 Hosting
European best, cheap and reliable ASP.NET hosting with instant activation. HostForLIFE.eu is #1 Recommended Windows and ASP.NET hosting in European Continent. With 99.99% Uptime Guaranteed of Relibility, Stability and Performace. HostForLIFE.eu security team is constantly monitoring the entire network for unusual behaviour. We deliver hosting solution including Shared hosting, Cloud hosting, Reseller hosting, Dedicated Servers, and IT as Service for companies of all size.