Diving into the Deep With ASP.NET

Diving into the Deep With ASP.NET

A talk I gave at Twin Cities Code Camp on April 27, 2013. I talked about various Web API topics and shared code from my closed source project, Keep Track of My Games (http://keeptrackofmygames.com).

The notes and links can be found in this post: http://kamranicus.com/Blog/Posts/73/slides-and-resources-for-tccc14-web-api-talk

B924bc0147903cbd7a4506d7d26ab328?s=128

Kamran Ayub

April 27, 2013
Tweet

Transcript

  1. DIVING INTO THE DEEP WITH ASP .NET WEB API @kamranayub

    Cannonball - Luis Martins, from The Noun Project
  2. None
  3. < > gaming coding Attribution: Code - Nikhil Dev,, Video

    Game Controller - 42, Batman - Ilias Ismanalijev, French Fries - Stephanie Wauters, - from The Noun Project metal-ing learning eating *i wish. vigilante-ing*
  4. None
  5. Web API MVC4 Knockout.js OAuth OpenID EF5 Ninject Twilio Quartz.NET

    AppHarbor SendGrid
  6. TOPICS FOR DISCUSSION Debugging & Performance Logging Dependency Injection Authorization

    & Authentication Anti-Forgery Custom Routing Exception Handling Async Tasks Multi-Platform Consumption Versioning
  7. Debugging FIDDLER POSTMAN CHROME

  8. PerfIt Adds performance counters to your action methods

  9. MiniProfiler Profiles MVC and Web API actions along with Entity

    Framework queries
  10. None
  11. LogEntries Geared toward actual logging

  12. AppFail Geared toward reporting bugs

  13. DEPENDENCY [N]INJECTION

  14. HTTP Authorization Web API supports action filters just like MVC

    In this case, I’ve implemented a custom System.Web.Http.AuthorizeAttribute named HttpRequireProfile that checks my database for the logged-in user
  15. IUserContext stores info about the current user and is populated

    on login.
  16. USE SSL (Just do it) The Noun Project

  17. Anti-Forgery (CSRF) gist.github.com/kamranayub/5449779

  18. ATTRIBUTE ROUTING

  19. gist.github.com/kamranayub/4438411

  20. EXCEPTIONS

  21. None
  22. public async Task ViewPresentation() { return await _presenter.IsFunny(); } (Like

    that’ll ever finish executing amirite) Doesn’t serve a “real” purpose Generates a state machine NOT void* *except in certain cases
  23. async !== multi-threading

  24. None
  25. Boring sync method

  26. This is wrong

  27. This is [mostly] OK

  28. 3 users 60 second load ~7000 requests Async makes a

    difference. About 36% in this instance, but not every call benefits from awaiting. Sync Async Difference # Requests 4354 6890 +36% Avg Requests/s 71.59 113 +36% Avg Response (ms) 42ms 26ms -61%
  29. Multiple Clients Web-based AJAX calls Calls from jQuery Windows 8

    App Calls using WinJS
  30. And let’s not forget C#! Yes, that’s 5 lines of

    actual code! No configuration No XML No WCF
  31. 0.0.1-versioning

  32. Someone also wants to add semantic versioning to Attribute Routing

    (no, it wasn’t me) Not sure about Web API support, though (Maybe I’ll go add it…)
  33. API Domain Database Namespacing? Duplicate code? Different schemas? Multiple DBs?

    Easy, relatively speaking
  34. Recommended Libraries • Javascript • Underscore.js • TrafficCop.js • Knockout.js

    • Moment.js or Date.js • URI.js • .NET • Attribute Routing • DotNotOpenAuth (or WorldDomination.Web.Auth) • Common Logging • Ninject • ActionMailer • Cassette • FluentValidation • MiniProfiler • PerfIt • Westwind.RazorHosting
  35. Thanks! Hopefully you learned a thing or two about using

    Web API I also hope you saw how awesome it is, even with complex problems @kamranayub kamranicus.com