Einmal API mit allem, bitte: ASP.NET Core MVC und SignalR in Action!

ASP.NET Core MVC und SignalR in Action!
Einmal API mit allem, bitte.
Sebastian Gingter Manuel Rauber
@PhoenixHawk @ManuelRauber
Consultant Consultant

View Slide

Speakers
[email protected]
@manuelrauber
https://manuel-rauber.com
Microsoft MVP
[email protected]
@PhoenixHawk
https://gingter.org/

View Slide

Time Doing
09:00 – 10:30 Part I
10:30 – 11:00 ☕
11:00 – 12:30 Part II
12:30 – 13:30 " # $ %
13:30 – 15:00 Part III
15:00 – 15:30 ☕ & &
15:30 – 17:00 Part IV
Timetable

View Slide

• Lightweight service-based architecture
• Functional services with dedicated interfaces
• Use other services, like database or file system
• (JSON-based) HTTPS Web APIs
• Application push services via WebSocket
• SignalR
• Socket.io
Target Architecture
HTTP HTTPS WebSocket
Service A Service B Service C
Web APIs
(ASP.NET, Node.js, …)
HTML5-Application
(Single-Page Application)
Web Cordova Electron

View Slide

• Functional services with dedicated interfaces
• Strict REST services do not model real world
• Better: Design interfaces according to use case
• Single Web API can use multiple backend services
• (JSON-based) HTTPS Web APIs
• Embraces usage of common denominator
• Content Negotation
• HTTP Status Codes
• Resources are mapped to URLs
• Lightweight & scalable
Target Architecture
HTTP HTTPS WebSocket
Service A Service B Service C
Web APIs
(ASP.NET, Node.js, …)
AuthN & AuthZ
Client

View Slide

From specification to implementation
.NET Standard & .NET Core

View Slide

What exactly is it?
• .NET Standard is an open source specification: https://github.com/dotnet/standard
• Represents a common set of API to be implemented by all .NET platforms
• .NET Standard replaces PCLs
.NET Standard

View Slide

One library to rule them all
.NET tomorrow today!
https://blogs.msdn.microsoft.com/dotnet/2016/09/26/introducing-net-standard/

View Slide

.NET Core 3.0 Future

View Slide

Overview
• .NET Core is an open source implementation of the .NET Standard specification:
• https://github.com/dotnet/core
• Runs on Linux, macOS and Windows
• CLI tools available
• Supports C# and F#
• Compatible to .NET Framework, Xamarin and Mono (due to .NET Standard)
• Fully supported by Microsoft (LTS support three years after GA)
.NET Core

View Slide

Platform-specific APIs
Some APIs are not available everywhere (e.g. Registy, Windows Identity, Reflection Emit) and will
throw a PlatformNotSupportedException.
.NET Core

View Slide

IDEs
.NET Core
VS 2017
VS Code JetBrains Rider
VS for Mac

View Slide

Use case depending alternatives
• Node.js
• JavaScript, TypeScript, CoffeeScript, …
• Restify, Express, Koa.js
• TypeORM, SequelizeJS, ORM
• Node Package Manager, YARN
• Java
• Jersey, RESTful WebServices
• Hibernate, ORM
• Maven, Package Management
• Ruby, Python, …
.NET Core

View Slide

Summary
• Powerful language/tools and base for creating cross-platform .NET libs & apps
• Good and growing API support
• „No breaking changes between versions“
• Targeting platform specific APIs could result in an error or conditional compilation
• Cloud-ready
.NET Standard & .NET Core

View Slide

Ready for your next Todo App? ;-)
The Sample

View Slide

Security Token Service
Identity Server
Database Todo-
API
Push-
API
Realtime-Data
Users
Web-Server
SPA (static files)
Demo Architecture

View Slide

Demo Client Application

View Slide

Cross-Platform Web Application & Web APIs
ASP.NET Core

View Slide

Overview
• Unifies MVC and Web APIs
• Built-in dependency injection
• Cloud-ready configuration system
• HTTP Request Pipeline
• Hostable in IIS or as Self Host
• Everything’s a NuGet Package
• Leads to having a lot packages installed (“Hello node_modules J”)
• Built on .NET Core
• Open Source, https://github.com/aspnet/Home
• “Can I port my application to .NET Core?”
• https://icanhasdot.net/
ASP.NET Core

View Slide

Compared to ASP.NET
ASP.NET Core
• Runs on Linux, macOS, Windows
• C#, F#
• MVC & Web API, Razor Pages
• SignalR is in development
• New platform, new toolings
• Multiple versions per machine
• MSDN: “Ultra Performance”
ASP.NET
• Runs on Windows
• C#, F#, VB.NET
• MVC, Web API, WebForms, WebPages,
SignalR
• Mature platform
• One version per machine
• MSDN: “High Performance”
ASP.NET Core

View Slide

Hosting
• Kestrel: ASP.NET Core’s Web Server
• IISIntegration to host in IIS
• Mandatory for App Services
• Specifies a class used
for Startup configuration
ASP.NET Core
public class Program
{
public static void Main(string[] args)
{
var host = new WebHostBuilder()
.UseKestrel()
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseStartup()
.Build();
host.Run();
}
}

View Slide

Startup
• ConfigureServices: Used for configuring the built-in dependency injection
• Configure: Used for configuring the HTTP pipeline via IApplicationBuilder
ASP.NET Core
public class Startup
{
public void ConfigureServices(IServiceCollection services) { }
public void Configure(IApplicationBuilder app,
IHostingEnvironment env, ILoggerFactory loggerFactory) { }
}

View Slide

Dependency Injection
• Constructor injection should be preferred over direct DI container access
• Overriding the container is possible, e.g. to use AutoFac instead
• Throws an error when a dependency could not be resolved (e.g. wrong container configuration)
ASP.NET Core

View Slide

Dependency Injection
• Supports three lifetimes
• Transient: Creates an instance each it is requested
• Scoped: Creates an instance once per request
• Singleton: Creates an instance once per application
ASP.NET Core
public void ConfigureServices(IServiceCollection services)
{
services.AddTransient();
services.AddScoped();
services.AddSingleton();
}

View Slide

Pipeline
• Customizable HTTP pipeline
• Every request will run through
• Order in code defines the order of the pipeline
• Nesting of pipelines is possible
• IApplicationBuilder is used to define the pipeline
ASP.NET Core
https://docs.microsoft.com/en-us/aspnet/core/fundamentals/middleware
public void Configure(IApplicationBuilder app)
{
app.UseExceptionHandler("/Home/Error");
app.UseStaticFiles();
app.UseMvcWithDefaultRoute();
}
Middleware 1
// Server logic
next()
// more logic
Middleware 2
// Server logic
next()
// more logic
Middleware 3
// Server logic
// more logic
Request
Response
Client
Logging Authentication …

View Slide

Multiple Environments
• Support multiple environments like Development, Staging or Production out-of-box
• Can be set via environment variable ASPNETCORE_ENVIRONMENT
• Convention based application startup
• Startup, StartupDevelopment, Startup{Environment}
• Careful, using webhostBuilder.UseStartup() overrides this behavior
• Configure, ConfigureDevelopment, Configure{Environment}
• ConfigureServices, ConfigureDevelopmentServices, Configure{Environment}Services
ASP.NET Core

View Slide

Multiple Environments
IHostingEnvironment for checking environment at runtime
ASP.NET Core
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment() || env.IsProduction() || env.IsStaging() || env.IsEnvironment(”MyEnv"))
{ }
}

View Slide

Configuration System
• ConfigurationBuilder is used to define configuration sources
• Order is used for configuration overriding, later defined sources override previous defined
• Optional sources and sources depending on the environment are possible
ASP.NET Core
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
.AddEnvironmentVariables();
Configuration = builder.Build();
}

View Slide

Options Pattern
• Typed (nested) Configurations
• Injectable
• Runtime-reloadable
ASP.NET Core
{
services.Configure(Configuration.GetSection("PushServer"));
}
public class PushService {
private readonly PushServerSettings _config;
public PushService(IOptions settingsAccessor) {
_config = settingsAccessor.Value;
}
}

View Slide

Authentication
• Middleware within the pipeline
• “Plug & Play” solutions for authentication
• ASP.NET Identity
• IdentityServer 4, open source project
• Different authentication schemes
• Cookies
• Bearer
• Basic
• External providers
• Custom
ASP.NET Core

View Slide

Controllers
• Two base classes for controllers
• ControllerBase: Preferred for Web APIs, offers everything except Views
• Controller: Preferred for MVC, inherits from ControllerBase and adds View capabilities
• Offer various methods for returning a result
• Ok() / NotFound() / StatusCodeResult()
• FileResult() / FileContentResult() / FileStreamResult()
• Offers access to authenticated user via User property
• Can be asynchronous using async/await pattern
• If enabled, automatic Content Negotiation
ASP.NET Core

View Slide

Routing
• Routing: Mapping URLs to actions (methods within a controller)
• Routing via definition in pipeline
• Routing via attributes
• Routing via custom routing handler
• Support for all important HTTP verbs like GET, POST, PUT, DELETE
ASP.NET Core
public void Configure(IApplicationBuilder app) =>
app.UseMvc(routes => routes.MapRoute("api", "{controller}/{action}"));
[Route("customers")]
public class CustomerApiController : ControllerBase
{
[HttpGet("{id:int}")]
public IActionResult Get(int id) { }
}

View Slide

Error Handling
• Provides a developer exception page with detailed information about errors
• Supports error page per status code or custom error pages
• Supports custom error filter per action, controller or globally
ASP.NET Core
{
// Use in development only
app.UseDeveloperExceptionPage();
// Simple status code error pages
app.UseStatusCodePages();
// Custom error handler
app.UseExceptionHandler("/error");
}

View Slide

Swagger Help Pages
• NuGet: Swashbuckle.AspNetCore
• Swagger: Generates a swagger.json containing all information about your Web APIs
• Swagger UI: Provides a basic UI to view the swagger.json
ASP.NET Core
{
services.AddSwaggerGen(options =>
{
options.SwaggerDoc("v1", new Info() { Title = "Awesome Customer API", Version = "1.0" });
});
}
{
app.UseSwagger();
app.UseSwaggerUI(options => { options.SwaggerEndpoint("v1/swagger.json", "API v1"); });
}

View Slide

Swagger Help Pages
ASP.NET Core

View Slide

• Built-in logging
• Third party logging solutions (e.g. Serilog, Nlog) can be easily integrated without changing the
logging API
Logging
public class SampleController : ControllerBase {
private readonly ILogger _logger;
public SampleController(ILogger logger)
{
_logger = logger;
}
[HttpGet]
public IActionResult Get(int listId, string listName)
{
_logger?.LogDebug($"{nameof(SendListCreated)}: {{ListId}}, {{ListName}}", listId, listName);
// Useful code
}
}

View Slide

• https://github.com/stefanprodan/AspNetCoreRateLimit
• Public APIs
• DDoS protection
• Pay per request APIs
• Rates for “expensive” resources
• Rates per timeframe: Hour, Minute, Second
• How?
• IP-based
• Account-based
Rate Limiting
{
services
.Configure(Configuration.GetSection("IpRateLimiting"))
.Configure(Configuration.GetSection("IpRateLimitPolicies"))
.AddSingleton()
.AddSingleton();
}
{
app.UseIpRateLimiting();
}

View Slide

• Tell client that the data did not change
• HTTP Status Code 304
• Two standardized options
• Last Modified Header: Did data change since …?
• Etag-Header: Checksum of data
• e.g.: https://github.com/KevinDockx/HttpCacheHeaders
Reduce traffic
Initial request
GET /item/1
OK 200
Etag: 123123123123
Following request
GET /item/1
If-None-Match: 123123123123
304 Not Modified

View Slide

• Supported by all modern browsers
• Supported by most servers
• Reduces traffic by up to 70 %
• But
• more computation on server and client
• is not always smaller
• https://docs.microsoft.com/en-us/aspnet/core/performance/response-compression
GZIP
{
services.AddResponseCompression();
}
{
app.UseResponseCompression();
}

View Slide

• Via URL (api.com/v1/item/1)
• Via Accept-Header
• Via Custom-Header
• https://github.com/Microsoft/aspnet-api-versioning
Versioning
public class Startup
{
{
services.AddMvc();
services.AddApiVersioning();
}
}
[ApiVersion("1.0")]
[Route("[controller]")]
public class PeopleController : Controller
{
[HttpGet]
public IActionRoute Get() => Ok(new[] { new Person() });
}

View Slide

• Hypermedia as the engine of application state
• Navigate from anywhere to everywhere
• Usage of API without prior knowledge
HATEOAS

View Slide

• Example: POST
• Example: Pagination
HATEOAS
POST /items
201 Created
Location: https://api.io/item/3
GET /items?page=1&size=10
200 OK
Link:
; rel=“next”,
; rel=“last”

View Slide

• Bi-directional real time communication server <-> client
• Integrates into the whole ASP.NET Core universe (Routing, Dependency Injection)
• No jQuery dependency on client-side anymore!!!!111
• Usable not only on client-side JavaScript, but in Node.js or Web Workers
• Browser support: IE 11, all evergreens
SignalR

View Slide

Integrate into ASP.NET Core pipeline
Add NuGet “Microsoft.AspNetCore.SignalR” (included by default)
SignalR
{
services.AddSignalR();
}
{
app.UseSignalR(routes =>
{
routes.MapHub("/chathub");
});
}

View Slide

Hub
• Represents a high-level pipeline allowing clients and
servers to call methods on each other.
• Bridges dispatching messages between client and
server to easily call methods.
• Strongly-typed parameters, model binding
• Text protocol on JSON, binary protocol on MessagePack
SignalR
Hubs
Endpoints
Clients
Transport
WebSocket
Server-Sent Events
Long Polling
Built on top of
Text/Binary protocol
via
JSON/MessagePack
public class ChatHub : Hub
{
public async Task SendMessage(string user, string message)
{
await Clients.All.SendAsync("ReceiveMessage", user, message);
}
}

View Slide

JavaScript Client
• Install via NPM: @aspnet/signalr
• Don’t forget CORS!
• Possibility to receive and invoke methods
• Third party modules for RxJS integration
SignalR
const connection = new signalR.HubConnection(
"/chathub", { logger: signalR.LogLevel.Information });
connection.on("ReceiveMessage", (user, message) => {
// Do something with the payload
});
// Send something (e.g. via button)
connection.invoke("SendMessage", user, message).catch(err => console.error);
// Start the connection
connection.start().catch(err => console.error);

View Slide

Summary
• Unifies MVC and Web APIs
• Cloud-ready
• HTTP Pipeline & Configuration System
• Several hosting options
• Help Pages via Swagger
• Don’t forget gzip, versioning, rate limiting, …
• SignalR enables real time connections for server -> client communication scenarios
ASP.NET Core

View Slide

Lightweight & cross-platform data access
EntityFramework Core

View Slide

Overview
• Open source implementation: https://github.com/aspnet/EntityFramework
• Lightweight & cross-platform version of .NET’s full-fledged EntityFramework
• Support different database providers
• MS SQL
• SQLite
• Postgres
• InMemory
• Offers Commandline Tools
• Code First, Database First
• Migrations

View Slide

Compared to EntityFramework 6
• EntityFramework Core does offer the following features, but some of them are still in
development
• Complex value types (without an ID)
• Spatial data (geography, geometry) (in development)
• Graphical visualization of the model (Model First) (in development)
• Complex LINQ-Queries
• Many-to-Many without a joining entity (in development)
• Lazy Loading
• Stored Procedures
• Data Seeding (via model definition)
• Full list available at https://docs.microsoft.com/en-us/ef/efcore-and-ef6/features

View Slide

NuGet Package & CLI
• Core Package: Microsoft.EntityFrameworkCore
• Database Provider Packages
• MS SQL: Microsoft.EntityFrameworkCore.SqlServer
• Postgres: Npgsql.EntityFrameworkCore.PostgreSQL
• SQLite: Microsoft.EntityFrameworkCore.SQLite
• CLI Tools
• Powershell: Microsoft.EntityFrameworkCore.Tools
• cmd/bash: Microsoft.EntityFrameworkCore.Tools.DotNet
• Careful: cmd/bash is not installable via NuGet, only by editing .csproj directly

View Slide

Model
• Working with EntityFramework Core is based on a model
• A model is a simple class with specific attributes
public class CustomerEntity
{
[Key]
[DatabaseGenerated(DatabaseGeneratedOption.Identity)]
public int Id { get; set; }
[Required]
public string FirstName { get; set; }
public string LastName { get; set; }
public int Age { get; set; }
}

View Slide

Database Context
• A database context (DbContext) represents a session to the database
• Has one or multiple DbSet to query the database
• Allows executing raw SQL queries
public class SampleApplicationDbContext : DbContext
{
public SampleApplicationDbContext(DbContextOptions options)
: base(options)
{
// Overriding constructor is necessary to make use of DbContextOptions
}
public DbSet Customers { get; set; }
}

View Slide

Database Context
• DbContext can be added to the dependency injection
• Services can request a DbContext via constructor injection
{
services.AddDbContext(options =>
{
options.UseSqlServer(Configuration.GetConnectionString("SampleApplication"));
}
);
}
public class CustomerService
{
public CustomerService(SampleApplicationDbContext dbContext)
{ }
}

View Slide

Fluent API
• Instead of using attributes to define a model, the Fluent API can be used
• Fluent API has a richer API than the attributes for more complex scenarios
public class SampleApplicationDbContext : DbContext
{
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
modelBuilder.Entity()
.HasKey(e => e.Id);
modelBuilder.Entity()
.Property(e => e.FirstName)
.IsRequired();
}
}

View Slide

Querying
• LINQ for database querying
• Simple selects
• Ordering
• Grouping
• Limiting
• Can load related data
• Eager Loading
• Explicitly
• Lazy Loading (soon)
public class CustomerService
{
private readonly SampleApplicationDbContext _dbContext;
public CustomerService(SampleApplicationDbContext dbContext)
{
_dbContext = dbContext;
}
public ICollection List()
{
return _dbContext.Customers
.OrderBy(c => c.Id)
.ToList();
}
}

View Slide

Saving
• Tracks changes on entities per default
• Writes back changes to the database when the DbContext is saved
public void Update()
{
var entity = _dbContext.Customers.First();
entity.FirstName = "Max";
_dbContext.SaveChanges();
}

View Slide

Saving
• Related data is also saved on change tracked entities
• Use AsNoTracking() when querying to not track changes, e.g. for read-only scenarios
public ICollection List()
{
return _dbContext.Customers
.AsNoTracking() .ToList();
}

View Slide

Transactions
• SaveChanges() calls done as a transaction by default
• Custom transaction can be create by using DbContext.Database.BeginTransaction()
using (var transaction = _dbContext.Database.BeginTransaction())
{
try
{
_dbContext.Customers.Add(new CustomerEntity { FirstName = "Max" });
_dbContext.Customers.Add(new CustomerEntity { FirstName = "Erika" });
transaction.Commit();
}
catch (Exception e)
{
// TODO: Handle exception
}
}

View Slide

Migrations
• Needs the PowerShell or cmd/bash tools installed
• Add Migrations via
• PowerShell: Add-Migration MigrationName
• cmd/bash: dotnet ef migrations add MigrationName
• Custom database initializer is needed to actually apply the migrations on startup
public class DatabaseInitializer
{
public void Migrate()
{
_dbContext.Database.Migrate();
}
}

View Slide

Summary
• Cross-platform version of .NET’s EntityFramework
• Not all features are supported yet
• Offers PowerShell and cmd/bash toolings
• Supports transactions & migrations
• Support multiple database providers and an InMemory database for testing

View Slide

Better safe than sorry
Unit & Integration Testing

View Slide

Overview
• Well-known „.NET toolbelt“ can be used
• Xunit, Nunit
• Moq
• Fluent Assertions
• EntityFramework Core can be mocked for unit testing
• Additionally it has an in-memory provider for integration testing

View Slide

Unit Testing Sample
public class TodoServiceUnitTests
{
[Fact]
public void GetAllLists_should_return_lists()
{
// in-memory sample-data data
IQueryable lists = new List() { { Name = "First list" } }.AsQueryable();
var mockSet = new Mock>();
mockSet.As>().Setup(m => m.Provider).Returns(lists.Provider);
// ... more mock setup
var mockContext = new Mock();
mockContext.Setup(c => c.Lists).Returns(mockSet.Object);
var sub = new TodoService(null, mockContext.Object);
var actual = sub.GetAllLists();
actual.Should().NotBeEmpty().And.HaveCount(2);
actual.First().Value.Should().Be("First list");
}
}

View Slide

The cloud is just someone else‘s computer
Deployment

View Slide

Docker
• Docker is just one of multiple possibilities for deploying the application
• Runs on
• Microsoft Azure: Container Registry, Container Services, Container Instances
• Amazon EC2 Container Services
• Google Cloud Platform
• IBM Bluemix Container Services
• Runnable via
• Simple Azure (Linux-based) Web Apps
• Docker Swarm
• Kubernetes
Deployment

View Slide

Docker in Azure
• Multi-step Docker Image
• Build Image
• Runtime Image
• Runtime Image will be published to container host
• Fully Continuous Delivery compatible
Deployment
# Build Image
FROM microsoft/dotnet:2.1-sdk-alpine AS build-env
WORKDIR /app
COPY *.csproj ./
RUN dotnet restore
COPY . ./
RUN dotnet publish -c Release -o out
# Build runtime image
FROM microsoft/dotnet:2.1-aspnetcore-runtime-alpine
WORKDIR /app
COPY --from=build-env /app/out .
ENTRYPOINT ["dotnet", “MyApplication.dll"]

View Slide

Summary
• .NET Standard makes it easier to create multi-targeting code (replacing PCLs)
• .NET Standard 2.0 can target existing .NET code to reuse your existing business logic
• ASP.NET Core provides a cross-platform possibility for MVC & Web APIs
• ASP.NET Core is cloud-ready and offers a customizable HTTP pipeline
• EntityFramework Core provides cross-platform and cross-database capabilities
.NET Core & ASP.NET Core & EntityFramework Core

View Slide

.NET Standard MSDN
https://docs.microsoft.com/en-us/dotnet/articles/standard/library
Introducing .NET Standard
https://blogs.msdn.microsoft.com/dotnet/2016/09/26/introducing-net-standard/
.NET Core MSDN
https://docs.microsoft.com/en-us/dotnet/articles/core/
ASP.NET Core MVC MSDN
https://docs.microsoft.com/en-us/aspnet/core/mvc/overview
ASP.NET Core Web API MSDN
https://docs.microsoft.com/en-us/aspnet/core/mvc/web-api/
EntityFramework Core MSDN
https://docs.microsoft.com/en-us/ef/
Resources

View Slide

Thank you! Questions?
Repository
Sebastian Gingter Manuel Rauber
@PhoenixHawk @manuelrauber
Consultant Consultant
https://github.com/thinktecture/api-ms-summit-fall-2018-services-dotnetcore

View Slide

Einmal API mit allem, bitte: ASP.NET Core MVC und SignalR in Action!

Einmal API mit allem, bitte: ASP.NET Core MVC und SignalR in Action!

Manuel Rauber

More Decks by Manuel Rauber

Other Decks in Programming

Featured

Transcript