Tweet
Tweet

Slide 1

Slide 1 text

An Opinionated and Maintainable API Code Architecture For ASP.NET Core Spencer Schneidenbach

Slide 2

Slide 2 text

No content

Slide 3

Slide 3 text

Setting the Stage • “We need a new React backend” • “We need a new REST API”

Slide 4

Slide 4 text

ASP.NET Core

Slide 5

Slide 5 text

“Zero to Make Magic Happen”

Slide 6

Slide 6 text

SCAFFOLDING

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

Introducing the Employee public class Employee { public int Id { get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string SocialSecurityNumber { get; set; } }

Slide 9

Slide 9 text

The Employee Object • Is part of payroll software • Contains sensitive data (social security number)

Slide 10

Slide 10 text

No content

Slide 11

Slide 11 text

No content

Slide 12

Slide 12 text

That’s better public class Employee { public int Id { get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

Slide 13

Slide 13 text

The Employee Object • Is part of payroll software • Contains sensitive data (social security number) rodné číslo

Slide 14

Slide 14 text

You, the Developer • Loves dotnet command line/Visual Studio tooling • Loves to get stuff done

Slide 15

Slide 15 text

ASP.NET Core + Entity Framework Core

Slide 16

Slide 16 text

File -> New Project

Slide 17

Slide 17 text

Startup.cs

Slide 18

Slide 18 text

No content

Slide 19

Slide 19 text

No content

Slide 20

Slide 20 text

No content

Slide 21

Slide 21 text

No content

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

No content

Slide 24

Slide 24 text

No content

Slide 25

Slide 25 text

No content

Slide 26

Slide 26 text

No content

Slide 27

Slide 27 text

No content

Slide 28

Slide 28 text

“Scaffolding is AMAZING!”

Slide 29

Slide 29 text

No content

Slide 30

Slide 30 text

No content

Slide 31

Slide 31 text

Scaffolding is a LIE

Slide 32

Slide 32 text

Controller is a one man army • Route the request • Validate the request • Run service to execute request • Return data

Slide 33

Slide 33 text

ZERO Separation of Concerns

Slide 34

Slide 34 text

Controller should ONLY • Route the request • Return data

Slide 35

Slide 35 text

Entity is ALSO the request

Slide 36

Slide 36 text

public class Employee { public int Id { get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

Slide 37

Slide 37 text

No content

Slide 38

Slide 38 text

No content

Slide 39

Slide 39 text

Let’s Break it Up

Slide 40

Slide 40 text

CQRS Command Query Responsibility Segregation

Slide 41

Slide 41 text

Bottom Line - move: • Validation • Execution • Request

Slide 42

Slide 42 text

Why? • Separation of concerns • Easier testing • An easy pattern to follow

Slide 43

Slide 43 text

First, the request

Slide 44

Slide 44 text

public class Employee { public int Id { get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

Slide 45

Slide 45 text

Problem? • Entity being used for requests • Model/model validation are not separate

Slide 46

Slide 46 text

Rule 1: Separate Entity from Model So let’s refactor!

Slide 47

Slide 47 text

public class Employee { public int Id { get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

Slide 48

Slide 48 text

Business Rule Can create employee with RodneCislo but not update it later using this API

Slide 49

Slide 49 text

Create (POST) public class CreateEmployeeRequest { public int Id { get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

Slide 50

Slide 50 text

Update (PUT) public class UpdateEmployeeRequest { public int Id { get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } }

Slide 51

Slide 51 text

Delete (DELETE) public class DeleteEmployeeRequest { public int Id { get; set; } }

Slide 52

Slide 52 text

Validation public class CreateEmployeeRequest { public int Id { get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

Slide 53

Slide 53 text

Clunky to validate

Slide 54

Slide 54 text

No content

Slide 55

Slide 55 text

Rule 2: Separate Validation from Model Introducing FluentValidation

Slide 56

Slide 56 text

public class CreateEmployeeRequest { [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } }

Slide 57

Slide 57 text

Let’s isolate the validation functionality

Slide 58

Slide 58 text

public class EmployeeCreateValidator : AbstractValidator { public EmployeeValidator() { RuleFor(e => e.FirstName).NotEmpty() .WithMessage("First name is required.") RuleFor(e => e.LastName).NotEmpty() .WithMessage("Last name is required.") } }

Slide 59

Slide 59 text

public class EmployeeCreateValidator : AbstractValidator { public EmployeeValidator() { RuleFor(e => e.FirstName).NotEmpty() .WithMessage("First name is required.") RuleFor(e => e.LastName).NotEmpty() .WithMessage("Last name is required.") } } public class EmployeeCreateRequest { public string FirstName { get; set; } public string LastName { get; set; } }

Slide 60

Slide 60 text

[Test] public void EmployeeNameIsRequired() { var request = new EmployeeCreateRequest(); //no props var validator = new EmployeeCreateValidator(); var result = validator.Validate(request); var firstNameMissing = result.Any(r => r.PropertyName == "FirstName"); var lastNameMissing = result.Any(r => r.PropertyName == "LastName"); Assert.That(firstNameMissing, Is.EqualTo(true)); Assert.That(lastNameMissing, Is.EqualTo(true)); } Test Independently

Slide 61

Slide 61 text

Dependencies public class EmployeeDeleteValidator : AbstractValidator { public ApplicationDbContext Context { get; } public EmployeeValidator(ApplicationDbContext context) { Context = context; RuleFor(e => e.Id).Must(ExistInDatabase) .WithMessage("ID does not exist.") } public void ExistInDatabase(EmployeeDeleteRequest request) { return Context.Employee.Find(request.Id) != null; } }

Slide 62

Slide 62 text

What We’ve Accomplished • Separated requests from the entity • Separated validation from entity and requests

Slide 63

Slide 63 text

No content

Slide 64

Slide 64 text

Rule 3: Separate Request Handler from Controller Introducing MediatR

Slide 65

Slide 65 text

MediatR • Requests • Handlers

Slide 66

Slide 66 text

public class EmployeeCreateRequest : IRequest { public string FirstName { get; set; } public string LastName { get; set; } }

Slide 67

Slide 67 text

public class EmployeeCreateHandler : IRequestHandler { public EmployeeCreateHandler(ApplicationDbContext context) { ... } public async Task Handle(EmployeeCreateRequest request) { var newEmployee = new Employee { FirstName = request.FirstName, LastName = request.LastName }; _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

Slide 68

Slide 68 text

public class EmployeeCreateHandler : IRequestHandler { public EmployeeCreateHandler(ApplicationDbContext context) { ... } public async Task Handle(EmployeeCreateRequest request) { var newEmployee = new Employee { FirstName = request.FirstName, LastName = request.LastName }; _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

Slide 69

Slide 69 text

public class EmployeeCreateHandler : IRequestHandler { public EmployeeCreateHandler(ApplicationDbContext context) { ... } public async Task Handle(EmployeeCreateRequest request) { var newEmployee = new Employee { FirstName = request.FirstName, LastName = request.LastName }; _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

Slide 70

Slide 70 text

public class EmployeeCreateHandler : IRequestHandler { public EmployeeCreateHandler(ApplicationDbContext context) { ... } public async Task Handle(EmployeeCreateRequest request) { var newEmployee = new Employee { FirstName = request.FirstName, LastName = request.LastName }; _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

Slide 71

Slide 71 text

public class EmployeeCreateHandler : IRequestHandler { public EmployeeCreateHandler(ApplicationDbContext context) { ... } public async Task Handle(EmployeeCreateRequest request) { var newEmployee = new Employee { FirstName = request.FirstName, LastName = request.LastName }; _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

Slide 72

Slide 72 text

No content

Slide 73

Slide 73 text

AutoMapper

Slide 74

Slide 74 text

public class EmployeeCreateHandler : IRequestHandler { public EmployeeCreateHandler( ApplicationDbContext context, IMapper mapper) { ... } public async Task Handle(EmployeeCreateRequest request) { var newEmployee = _mapper.Map(request); _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

Slide 75

Slide 75 text

public class EmployeeCreateHandler : IRequestHandler { public EmployeeCreateHandler( ApplicationDbContext context, IMapper mapper) { ... } public async Task Handle(EmployeeCreateRequest request) { var newEmployee = _mapper.Map(request); _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

Slide 76

Slide 76 text

AutoMapper • Great for simple CRUD APIs/view models • Anything more complex, I usually just write mapper manually

Slide 77

Slide 77 text

Why? • Separation of concerns • Easier testing • An easy pattern to follow

Slide 78

Slide 78 text

Putting it all together • Dependency injection handles dependencies • FluentValidation handles validation • MediatR handles request/responses • AutoMapper handles mapping • Controller will handle HTTP requests

Slide 79

Slide 79 text

public async Task Post([FromBody] EmployeeCreateRequest request) { if (!ModelState.IsValid) { return BadRequest(ModelState); } var newId = await Mediator.Send(request); return CreatedAtAction("GetEmployee", new { id = employee.Id }); }

Slide 80

Slide 80 text

public async Task Post([FromBody] EmployeeCreateRequest request) { if (!ModelState.IsValid) { return BadRequest(ModelState); } var newId = await Mediator.Send(request); return CreatedAtAction("GetEmployee", new { id = employee.Id }); }

Slide 81

Slide 81 text

public async Task Post([FromBody] EmployeeCreateRequest request) { if (!ModelState.IsValid) { return BadRequest(ModelState); } var newId = await Mediator.Send(request); return CreatedAtAction("GetEmployee", new { id = employee.Id }); }

Slide 82

Slide 82 text

public async Task Post([FromBody] EmployeeCreateRequest request) { if (!ModelState.IsValid) { return BadRequest(ModelState); } var newId = await Mediator.Send(request); return CreatedAtAction("GetEmployee", new { id = employee.Id }); }

Slide 83

Slide 83 text

Cleaner code?

Slide 84

Slide 84 text

Multiple status codes?

Slide 85

Slide 85 text

public class EmployeeUpdateHandler : IRequestHandler { public EmployeeUpdateHandler( ApplicationDbContext context IMapper mapper) { ... } public async Task Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return new NotFoundResult(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return new OkObjectResult(employee); } }

Slide 86

Slide 86 text

public class EmployeeUpdateHandler : IRequestHandler { public EmployeeUpdateHandler( ApplicationDbContext context IMapper mapper) { ... } public async Task Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return new NotFoundResult(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return new OkObjectResult(employee); } }

Slide 87

Slide 87 text

public class EmployeeUpdateHandler : IRequestHandler { public EmployeeUpdateHandler( ApplicationDbContext context IMapper mapper) { ... } public async Task Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return new NotFoundResult(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return new OkObjectResult(employee); } }

Slide 88

Slide 88 text

We can do better

Slide 89

Slide 89 text

public class EmployeeUpdateHandler : IRequestHandler> { public EmployeeUpdateHandler( ApplicationDbContext context IMapper mapper) { ... } public async Task> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return controller => controller.NotFound(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return controller => controller.Ok(employee); } }

Slide 90

Slide 90 text

public class EmployeeUpdateHandler : IRequestHandler> { public EmployeeUpdateHandler( ApplicationDbContext context IMapper mapper) { ... } public async Task> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return controller => controller.NotFound(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return controller => controller.Ok(employee); } }

Slide 91

Slide 91 text

public class EmployeeUpdateHandler : IRequestHandler> { public EmployeeUpdateHandler( ApplicationDbContext context IMapper mapper) { ... } public async Task> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return controller => controller.NotFound(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return controller => controller.Ok(employee); } }

Slide 92

Slide 92 text

public class EmployeeUpdateHandler : IRequestHandler> { public EmployeeUpdateHandler( ApplicationDbContext context IMapper mapper) { ... } public async Task> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return controller => controller.NotFound(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return controller => controller.Ok(employee); } }

Slide 93

Slide 93 text

public class EmployeeUpdateHandler : IRequestHandler> { public EmployeeUpdateHandler( ApplicationDbContext context IMapper mapper) { ... } public async Task> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return controller => controller.NotFound(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return controller => controller.View("~/Employees/ViewEmployee.cshtml", employee); }

Slide 94

Slide 94 text

[Route("api/Employees")] public class EmployeeController : BaseController { [HttpGet] public Task Get() => Handle(new GetEmployeesRequest()); [HttpGet("{id}")] public Task Get(int id) => Handle(new GetEmployeeRequest(id)); [HttpPost] public Task Post(CreateEmployeeRequest request) => Handle(request); [HttpPut("{id}")] public Task Put(UpdateEmployeeRequest request) => Handle(request); }

Slide 95

Slide 95 text

protected async Task Handle(object request) { if (!ModelState.IsValid) { return BadRequest(ModelState); } var func = await _mediator.Send(request); return func(this); }

Slide 96

Slide 96 text

Tips

Slide 97

Slide 97 text

Create repeatable patterns

Slide 98

Slide 98 text

Write tests for everything

Slide 99

Slide 99 text

Concerns • May be unnecessary complexity • Bigger learning curve - not as “out of the box”

Slide 100

Slide 100 text

Best for • Medium-large applications • Long-term reliability

Slide 101

Slide 101 text

More resources rest.schneids.net

Slide 102

Slide 102 text

Thank you! schneids.net @schneidenbach