- Routing: Conventional vs Attribute based
- Route templates
- Action Methods and HTTP Verbs
- Helpers Methods
- URL Generation
- Filters
- Areas
- Methods Result: e.g. Views, Json, File etc.
- Dependency Injection in Controller
- Dependency Injection in Action
- Razor Syntax
- Tag Helpers: Form, Input, Label, Select
- Partial Views
- View Components
- View Discovery
- Layout
- ViewData and ViewBag
- Dependency Injection in View
- Model Binding
- Validation
- @model Directive
- View Models
- PageModel
- Scaffolding
- CRUD Operations
- Sorting, Filtering, Grouping
- Migrations
- Complex Model
- Joins (Related Data)
- Updating Related Data
- Web API with Controller
- Minimal web API
- Web API Routing
- Swagger
- Action Return types
- Validation in Web API
- Authentication with Identity
- Claims
- Scaffolding Identity
- Cookies and JWT Authentication
- Role, Claims and Policy based authorization
- Authorize Attribute
- Authorization in Views
- User Principle, User Identity
- Deployment with IIS
- Deployment with Kestrel
- Deployment on Windows vs Linux
- Deployment with Docker
- DbContext Configuration and Initialization
- Entity Model
- Entity Properties
- Keys
- Fluent API Configuration
- Generated Values
- Relationships
- Indexes and Constraints
- Backing Fields
- Data Seeding
- Managing Migrations and Schemas
- Querying Data
- Client vs Server Evaluation
- Change Tracker, Tracking and Non Tracking
- Loading Related Data (Joins)
- Eager, Explicit and Lazy Loading
- Pagination
- Raw SQL Queries
- Global Query Filters
- How Queries Work
- Save Data
- Update Operation
- Updating Related Data
- Cascade Delete
- Concurrency
- Transactions
- Performance
- Asynchronous Programming
- Database Providers
- MS SQL
- SQLite
- Globalization and Localization
- Application Configuration and Options Pattern
- AutoMapper: A convention-based object-object mapper.
- SignalR: A library for ASP.NET developers that simplifies the process of adding real-time web functionality to applications.
- MediatR: A simple library that uses the Mediator pattern for in-process messaging.
- Hangfire
- Unit Testing
- XUnit
- NUnit
- MSTest
- Middleware’s
- HttpContext
- Logging
- gRPC: A high-performance, open-source and universal RPC framework.
- GraphQL: A data query language and runtime to request and deliver data to mobile and web apps.
This document outlines best practices, coding conventions, and architectural guidelines for ASP.NET Core backend development. It aims to foster consistency, efficiency, and excellence, ensuring scalable, maintainable, and performant backend solutions.
- Backend Developers (Senior and Junior)
- CTO
- Project Managers
- Software Architects
- Quality Assurance Engineers
Proper project organization is key for maintainability and scalability.
- Organize by Feature: Structure your project files and directories based on features for enhanced readability.
- Adhere to SOLID Principles: Design your codebase with SOLID principles to improve modularity.
- Dependency Injection: Use ASP.NET Core's dependency injection for managing dependencies.
- Environment-specific Configurations: Manage configurations using appsettings.json for different environments.
- Centralize Database Migrations: Keep database migrations in a specific location to manage schema changes efficiently.
Consistent naming conventions and coding standards are crucial.
- Follow C# Naming Conventions: Use Microsoft's C# naming conventions.
- Asynchronous Programming: Use async/await for better scalability and non-blocking calls.
- Exception Handling: Implement global exception handling for unhandled exceptions.
- Use of Var: Use
varwhen the type is apparent to enhance readability. - Comments and Documentation: Comment complex logic and maintain XML documentation for public APIs.
Entity Framework Core optimization ensures performance and maintainability.
- Manage DbContext Lifecycle: Use a scoped lifetime for DbContext in web applications.
- Query Optimization: Optimize queries by selecting only required fields and avoiding N+1 queries.
- Use of Migrations: Apply EF Core Migrations for database schema changes.
- Separation of Concerns: Separate entity models from business logic using DTOs.
Implementing robust security measures is paramount.
- Authentication and Authorization: Implement policy-based authorization with ASP.NET Core Identity.
- Data Protection: Encrypt sensitive data using ASP.NET Core's data protection APIs.
- Secure API Endpoints: Secure all API endpoints using appropriate authentication schemes.
- Input Validation: Validate incoming data to protect against vulnerabilities.
Optimizing application performance is essential.
- Response Caching: Use response caching to improve response times.
- Efficient Use of Middleware: Minimize middleware usage to reduce overhead.
- Application Insights: Use Application Insights for performance monitoring.
- Use of Asynchronous Methods: Improve scalability with asynchronous methods.
Code reviews and quality assurance practices maintain code quality.
- Implement Code Reviews: Conduct regular code reviews to enforce standards and detect issues.
- Static Code Analysis: Use Roslyn analyzers for static code analysis.
- Automated Testing: Develop automated tests for reliability and facilitate CI/CD.
- CI/CD Pipelines: Implement CI/CD for automated testing and deployment.
Adhering to these guidelines ensures that our backend solutions meet the highest standards of quality, maintainability, scalability, and security. This document will evolve with emerging technologies and practices.