[FREE PDF sample] Asp.net 8 best practices 1 / converted edition jonathan r. danylko ebooks

Edition Jonathan R. Danylko

Visit to download the full and correct content document: https://ebookmass.com/product/asp-net-8-best-practices-1-converted-edition-jonatha n-r-danylko/

More products digital (pdf, epub, mobi) instant download maybe you interests ...

Productizing Quantum Computing 1 / converted Edition

Dhairyya Agarwal

https://ebookmass.com/product/productizing-quantumcomputing-1-converted-edition-dhairyya-agarwal/

Modern TypeScript 1 / converted Edition Ben BeattieHood

https://ebookmass.com/product/modern-typescript-1-convertededition-ben-beattie-hood/

Coding Clean, Reliable, and Safe REST APIs with ASP.NET Core 8 1st Edition Anthony Giretti

https://ebookmass.com/product/coding-clean-reliable-and-saferest-apis-with-asp-net-core-8-1st-edition-anthony-giretti/

Coding Clean, Reliable, and Safe REST APIs with ASP.NET

Core 8: Develop Robust Minimal APIs with .NET 8 Anthony Giretti

https://ebookmass.com/product/coding-clean-reliable-and-saferest-apis-with-asp-net-core-8-develop-robust-minimal-apis-withnet-8-anthony-giretti/

Mastering Adobe Photoshop 2024 1 / converted Edition Gary Bradley

https://ebookmass.com/product/mastering-adobephotoshop-2024-1-converted-edition-gary-bradley/

Business Ethics: Best Practices for Designing and Managing Ethical

https://ebookmass.com/product/business-ethics-best-practices-fordesigning-and-managing-ethical/

The Master Guide to Controllers' Best Practices Elaine Stattler

https://ebookmass.com/product/the-master-guide-to-controllersbest-practices-elaine-stattler/

(eTextbook PDF) for Policing America: Challenges and Best Practices 9th Edition

https://ebookmass.com/product/etextbook-pdf-for-policing-americachallenges-and-best-practices-9th-edition/

Mastering Cloud Security Posture Management (CSPM) 1 / converted Edition Qamar Nomani

https://ebookmass.com/product/mastering-cloud-security-posturemanagement-cspm-1-converted-edition-qamar-nomani/

ASP.NET 8 Best Practices

Copyright

© 2023 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned

in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Group Product Manager: Rohit Rajkumar

Publishing Product Manager: Jane D’Souza

Senior Editor: Aamir Ahmed

Book Project Manager: Sonam Pandey

Technical Editor: Simran Ali

Copy Editor: Safis Editing

Proofreader: Safis Editing

Indexer: Manju Arasan

Production Designer: Prashant Ghare

DevRel Marketing Coordinator: Nivedita Pandey

First published: December 2023

Production reference: 1011223

Published by Packt Publishing Ltd.

11 St Paul’s Square

B3 1RB, UK

ISBN 978-1-83763-212-1

www.packtpub.com

To my family, for their continued support throughout my career (even though I tend to live in the oce).

To my colleagues and mentors: this book is a culmination of our discussions, experiences, and solutions (and some fires) we’ve encountered over the years.

To my readers and supporters on DanylkoWeb.com, who allow me to turn their questions into blog posts to further everyone’s knowledge in the end.

Finally, to my parents, who bought me that Commodore VIC-20 when I was 11, which started me on my journey of building software.

Contributors

About the author

Jonathan R. Danylko is an award-winning web architect who works at Insight, an international company providing enterprise-level solutions. He started development at age 11 with a Commodore VIC-20. He has competed in international programming competitions and has contributed to various publications as an author and technical editor. His career spans 25 years of building internet and intranet websites for small, medium, and Fortune 500 companies, since 1996. He also created, developed, and maintains a blog called DanylkoWeb.com and has been writing blog posts since 2006. Jonathan continues to write code on a daily basis in his personal and professional career.

About the reviewers

Matthew D. Groves is a guy who loves to code. It doesn’t matter whether it’s C#, jQuery, or PHP: he’ll submit pull requests for

anything. He has been coding professionally ever since he wrote a QuickBASIC point-of-sale app for his parent’s pizza shop back in the 90s. He currently works for Couchbase, helping developers in any way he can. His free time is spent with his family, watching the Reds, and getting involved in the developer community. He is the author of AOP in .NET, co-author of Pro Microservices in .NET, a Pluralsight author, and a Microsoft MVP.

Abdulkabir Abdulwasiu is a dedicated individual from Nigeria, holding a bachelor’s degree in mathematics and education. My journey led me to the Federal University of Technology Minna, honing my skills in this specialization. Further education at Nigeria Defense Academy earned me a post-graduate diploma in computer science, igniting my passion for its dynamic potential.

As a classroom teacher for over four years, I’ve inspired young minds through math education. In 2021, I began a software developer role at Vatebra Limited, driving tech innovation in Nigeria. Proficient in C# and .NET, I leverage technology for positive change.

My commitment to learning extends beyond teaching and coding. As a research assistant with Ph.D. students, I explore uncharted territories, refining my research skills. This journey

encapsulates my dedication to growth and contributing to cutting-edge academia.

I would like to express my gratitude to my mentors, colleagues, and family for their unwavering support. Their guidance has been invaluable in shaping my journey as an educator, researcher, and software developer. Their belief in my potential has inspired me to reach new heights, and for that, I am truly thankful.

Table of Contents

Preface

1

Taking Control with Source Control

Technical requirements

Branching Strategies

GitFlow

Hotfix branches

GitHub Flow

GitLab Flow

Creating short-lived branches

Understanding Common Practices

Rebase when Private, Merge when Public

Always “Get Latest” Before Committing

Always Build and Test Before Committing

Avoid Committing Binaries

Use tags for versioning

Summary

2

CI/CD – Building Quality Software

Automatically

Technical requirements

What is CI/CD?

Preparing your Code

Building Flawlessly

Avoiding Relative Path Names with Filebased Operations

Confirming that your Unit Tests are Unit Tests

Creating Environment Settings

Understanding the Pipeline

Pulling Code

Building the application

Running Unit Tests/Code Analysis

Creating Artifacts

Creating a Container

Deploying the software

The Two “Falling” Approaches

Falling Backward (or fallback)

Falling Forward

Deploying Databases

Backing up Before Deploying

Creating a Strategy for Table Structures

Creating a Database Project

Using Entity Framework Core’s Migrations

The three Types of Build Providers

CI/CD Providers

Microsoft Azure Pipelines

GitHub Actions

Amazon CodePipeline

Google CI

Walkthrough of Azure Pipelines

Preparing the Application

Introducing Azure Pipelines

Identifying the Repository

Creating the Build

Creating the Artifacts

Creating a Release

Deploying the Build Summary

Best Approaches for Middleware

Technical requirements

Using Middleware

Understanding the Middleware Pipeline

Using Request Delegates – Run, Use, and Map

Common Practices for Middleware

Defer to Asynchronous

Prioritizing the Order

Consolidating existing Middleware

Encapsulating your Middleware

Creating an Emoji Middleware Component

Encapsulating the Middleware

Examining the Component’s Pipeline

Summary

Applying Security from the Start

Technical requirements

Developing Security

Do I have any sensitive data to protect?

Am I exposing anything through the application?

Am I sanitizing user input?

Securing Access

Common Security Practices

Logging

Keep your Framework and Libraries Current

Always Force SSL

Never Trust the Client

Always Encode User Input

Securing Your Headers

Securing Entity Framework Core

Use Microsoft Entra for Securing Applications

Protecting Your Pages with Anti-Forgery

Safeguarding Against the Top 3 Security Threats

Broken Access Control

Cryptographic Failures

Data Access with Entity

Core

requirements Entity Framework Core Implementations

Repository/Unit of Work

The

Specification Pattern

Extension Methods

Common Entity Framework Core Practices

Confirming Your Model

Using Async/Await

Logging Your Queries

Using Resources for Large Seed Data

Understanding Deferred Execution

Using a Read-Only State with .AsNoTracking()

Leveraging the Database

Avoiding the Manual Property Mapping

Implementing the Theme Park Example

Overview

Creating the Database

Adding an Asynchronous Read-Only Mode

Including Child Entities

Extending your Model

Summary

6

Best Practices with Web User

Interfaces

Technical requirements

Using a task runner

What is a task runner?

Setting up the Task Runner

Structure of a gulpfile

Running automatically

Creating a workflow structure

Defining our workflow paths

Transpiling TypeScript

Bundling and minifying

Implementing additional tasks

Applying standards to UIs

Centralizing your site links

Keeping controllers/pages small

Using ViewComponents

Using Tag Helpers instead of HTML Helpers

Creating SEO-friendly URLs

Introducing Buck’s coffee shop project

Setting up Buck’s website

Updating the links

Creating an OffCanvas Tag Helper

Testing Your Code

Technical requirements

Understand testing concepts

Unit tests

Integration tests

Regression tests

Load testing

System testing (end-to-end or E2E)

UI testing

Best approaches for testing

Why do we write tests?

The “100% test coverage” myth

Using AAA

Avoid writing unit test code for your code

Avoid large unit tests

Avoid unnecessary mocks, fakes, or stubs

Using tests as documentation

Identifying slow integration tests

Find a bug, write a test

Avoid testing .NET

Testing data access

Adding the SQLite provider

Creating the AttractionService test

Creating the LocationService test Summary

8 Catching Exceptions with Exception

Handling

Technical requirements

Using exception handling

What is exception handling?

When to use exception handling

Handling global exceptions

Performance considerations

Common exception handling techniques

Prevention before exception

Use logging

Apply a unit testing methodology

Avoid empty catch statements

Use exception filtering and pattern matching

Use finally blocks for cleanup

Knowing when to throw

Technical requirements

Creating APIs quickly

Using Visual Studio

Why minimal APIs?

Designing APIs

Disconnecting from existing schemas

Identifying the resources

Relating HTTP verbs to resources

Returning HTTP status codes

Testing Web APIs

Visual Studio Endpoints Explorer

Integration testing APIs

Standardized Web API techniques

Using the right HTTP verbs and status codes

Beware dependent resources

Pagination in API results

Versioning APIs

Use DTOs, not entities!

Avoid new instances of HttpClient Summary

10 Push Your Application with Performance

Technical requirements

Why Performance Matters

Establishing Baselines

Using Client-Side Tools

Using Server-Side Tools

Databases

Applying Performance Best Practices

Optimizing client-side performance

Common Server-side Practices

Understanding caching

Summary

11

Appendix

Technical requirements

Programming guidelines

DRY

YAGNI

KISS

Separation of concerns

Refactoring as a process

SOLID principles

Project structure

Creating project layers

Summary

Thank you!

Index Other Books You May Enjoy

Preface

Welcome to ASP.NET 8 Best Practices!

ASP.NET 8 Best Practices contains over 100 best practices used in the ASP.NET community, covering topics such as how to squeeze the best performance out of your ASP.NET web application, what Entity Framework patterns are available, how to design a minimal web API, and how to structure Visual Studio projects based on project type.

The standards covered in the book include version control, creating software pipelines, creating structured middleware, security practices, Entity Framework Core patterns and techniques, and automating time-consuming client-side tasks.

We’ll also look at common practices when testing your code, when and how to apply exception handling, how to design the best API for web applications, how to optimize a web application for performance, and finally, review common terms and guidelines when building ASP.NET web applications.

While best practices are considered recommendations on how to write professional code, there will always be exceptions to the rule. As developers know, there are so many ways to write