Skip to content

6 - ASP.NET

ASP.NET Core is a cross-platform, high-performance, open-source framework for building modern web apps using .NET. The framework is built for large-scale app development and can handle any size workload, making it a robust choice for enterprise-level apps.1

Key features:

  • Lightweight and modular HTTP request pipeline.
  • Kestrel: A high-performance and cross-platform HTTP server.
  • Integrated dependency injection.
  • Environment-based configuration.
  • Rich logging, tracing, and runtime metrics.
  • Blazor: Create rich interactive web UI components using C#—no JavaScript required.
  • Integrate seamlessly with popular client-side frameworks and libraries, including Angular, React, Vue, and Bootstrap.
  • Minimal APIs: Build fast web APIs with minimal code and configuration by fluently declaring API routes and endpoints.
  • Security: Built-in security features for authentication, authorization, and data protection.
  • Testing: Easily create unit and integration tests.

ASP.NET Core MVC

The Model-View-Controller (MVC) architectural pattern separates an application into three main groups of components: Models, Views, and Controllers. This pattern helps to achieve separation of concerns. Using this pattern, user requests are routed to a Controller which is responsible for working with the Model to perform user actions and/or retrieve results of queries. The Controller chooses the View to display to the user, and provides it with any Model data it requires3.

There are more UI solutions for ASP.NET Core, if the reader is interested in them, follow the link2.

This delineation of responsibilities helps you scale the application in terms of complexity because it's easier to code, debug, and test something (model, view, or controller) that has a single job. It's more difficult to update, test, and debug code that has dependencies spread across two or more of these three areas.

Both the view and the controller depend on the model. However, the model depends on neither the view nor the controller. This is one of the key benefits of the separation. This separation allows the model to be built and tested independent of the visual presentation.

Model Responsibilities

The Model in an MVC application represents the state of the application and any business logic or operations that should be performed by it. Business logic should be encapsulated in the model, along with any implementation logic for persisting the state of the application. Strongly-typed views typically use ViewModel types designed to contain the data to display on that view. The controller creates and populates these ViewModel instances from the model.

View Responsibilities

Views are responsible for presenting content through the user interface. They use the Razor view engine to embed .NET code in HTML markup. There should be minimal logic within views, and any logic in them should relate to presenting content. If you find the need to perform a great deal of logic in view files in order to display data from a complex model, consider using a View Component, ViewModel, or view template to simplify the view.

Controller Responsibilities

Controllers are the components that handle user interaction, work with the model, and ultimately select a view to render. In an MVC application, the view only displays information; the controller handles and responds to user input and interaction. In the MVC pattern, the controller is the initial entry point, and is responsible for selecting which model types to work with and which view to render (hence its name - it controls how the app responds to a given request).

Note

Controllers shouldn't be overly complicated by too many responsibilities. To keep controller logic from becoming overly complex, push business logic out of the controller and into the domain model.

WebShop part of the Apiary

Right click to the Apiary solution and add new project. Select:

ASP.NET project
Create new ASP.NET Core Web App (Model-View-Controller) application

Name it as WebShop:

ASP.NET project name
Name: WebShop

From the next window, you can enable container support and add authentication support. The drop-down menu for Authentication Type has the following four options:

  • None: No authentication.
  • Individual accounts: These authentications are stored in a local or Azure-based database.
  • Microsoft identity platform: This option uses Microsoft Entra ID or Microsoft 365 for authentication.
  • Windows: Suitable for intranet applications.

Leave the Enable container support box unchecked, and select None for Authentication Type.

ASP.NET project properties
Project properties

After the process, set the newly created project as the startup project and run!

Note

You might get a message that asks if you want to accept an ASP.NET Core SSL certificate. To view the code in a web browser, select Yes, and then select Yes if you receive a follow-up security warning message.

ASP.NET project created
WebShop created
ASP.NET project
WebShop project

Tip

Explore the project files one-by-one!

wwwroot: The project contains a wwwroot folder, which is the root for your website. You can put static site content such as CSS, images, and JavaScript libraries directly in the paths where you want them.

appsettings.json: The project also contains configuration files that manage the web app at run time. The default application configuration is stored in appsettings.json. However, you can override these settings by using appsettings.Development.json.

Routing

ASP.NET Core MVC is built on top of ASP.NET Core's routing, a URL-mapping component that lets you build applications that have comprehensible and searchable URLs. This enables you to define your application's URL naming patterns that work well for search engine optimization (SEO) and for link generation, without regard for how the files on your web server are organized. You can define your routes using a convenient route template syntax that supports route value constraints, defaults and optional values3.

Convention-based routing enables you to globally define the URL formats that your application accepts and how each of those formats maps to a specific action method on a given controller. When an incoming request is received, the routing engine parses the URL and matches it to one of the defined URL formats, and then calls the associated controller's action method.

Program.cs
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
var app = builder.Build();

// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
    app.UseExceptionHandler("/Home/Error");
}
app.UseRouting();

app.UseAuthorization();

app.MapStaticAssets();
app.MapControllerRoute(
    name: "default",
    pattern: "{controller=Home}/{action=Index}/{id?}")
    .WithStaticAssets();

app.Run();

Attribute routing enables you to specify routing information by decorating your controllers and actions with attributes that define your application's routes. This means that your route definitions are placed next to the controller and action with which they're associated.

1
2
3
4
5
6
7
8
9
[Route("api/[controller]")]
public class ProductsController : Controller
{
    [HttpGet("{id}")]
    public IActionResult GetProduct(int id)
    {
      // ...
    }
}

Model binding and validation

Model binding converts client request data (form values, route data, query string parameters, HTTP headers) into objects that the controller can handle. As a result, your controller logic doesn't have to do the work of figuring out the incoming request data; it simply has the data as parameters to its action methods. The architecture supports validation by decorating your model object with data annotation validation attributes. The validation attributes are checked on the client side before values are posted to the server, as well as on the server before the controller action is called.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
using System.ComponentModel.DataAnnotations;
public class LoginViewModel
{
    [Required]
    [EmailAddress]
    public string Email { get; set; }

    [Required]
    [DataType(DataType.Password)]
    public string Password { get; set; }

    [Display(Name = "Remember me?")]
    public bool RememberMe { get; set; }
}

And a controller action:

1
2
3
4
5
6
7
8
9
public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
    if (ModelState.IsValid)
    {
      // work with the model
    }
    // At this point, something failed, redisplay form
    return View(model);
}

The framework handles validating request data both on the client and on the server. Validation logic specified on model types is added to the rendered views as unobtrusive annotations and is enforced in the browser with jQuery.

Filters

Filters help developers encapsulate cross-cutting concerns, like exception handling or authorization. Filters enable running custom pre- and post-processing logic for action methods, and can be configured to run at certain points within the execution pipeline for a given request. Filters can be applied to controllers or actions as attributes (or can be run globally). Several filters (such as Authorize) are included in the framework. [Authorize] is the attribute that is used to create MVC authorization filters.

1
2
[Authorize]
public class AccountController : Controller

References

  1. Overview of ASP.NET Core 

  2. Choose an ASP.NET Core web UI 

  3. Overview of ASP.NET Core MVC