Category

C#

Microsoft C#

C#, Web

ASP.NET Identity for your custom user and roles models

I’ve been seeing a lot of requests by developers in the past months who seem to be struggling with adding their custom user authentication model into their application; they want to be able to integrate it into the ASP.NET pipeline to play nice with the Authentication middleware (i.e. AuthorizeAttribute). ASP.NET Identity Core has been rewritten to leverage the use of interfaces (abstraction!) so you can easily develop a system that caters to your needs. In this post, I want to show you how to leverage that by using ASP.NET Identity in an ASP.NET Core 2.0 application. Setup The first thing is to add the ASP.NET Identity package to your project. In Visual Studio 2017, you can right click on the Dependencies…

Read more
Azure, C#

The moment I came to play with .NET Standard 2.0 part 2!

So I’ve been on a mission to get all my pieces from my last post to work. While configuring my Continuous Integration (CI) pipeline for my bot, I’ve came across an error that made my CI build fail:

What? My project compiles fine on my computer and I thought that .NET Framework 4.7.1 had built-in support for .NET Standard 2.0. Well according to this GitHub issue something ain’t quite right yet. Adding the reference <Reference Include=”netstandard” /> directly into the csproj fixes the issue (thanks techaimail!) Azure Functions 2 Azure functions 2 (using the .NET Standard 2 framework) is still in preview (beta). So when you deploy your function through your CI/CD pipeline, make sure to go in the Application…

Read more
Azure, C#

The moment I came to play with .NET Standard 2.0…

I’ve been playing around with Azure Functions, the Bot Framework and the .NET Standard 2.0 framework recently and I’ve come across some quite interesting challenges that I want to share with you. I’ve been developing a system that has the following layout: As you can see, I have an Azure Function (Time Trigger) that pushes data to an Azure SQL database. I have an ASP.NET Core Web API (targeting the .NET Core 2.0 framework) that is the data abstraction for anything that wants to consume my data. Right now, only the Bot (Bot Framework) is the client. To have a functional and reusable ecosystem, I created some libraries to interact with my system which includes the Data Access Layer (DAL), …

Read more
C#, Software Architecture, WebApi

Web APIs: The real existential questions

The real existential questions I was talking to my buddy Alexandre about Web APIs and we had a great general discussion on the subject. What he made me realize and what I want to bring up with you guys is that building APIs goes beyond the technical implementation. Sometimes you have to look at things from a higher point of view. He shared with me with the following questions that I found very interesting. How do you project your backend API? How do you protect your core business systems? How do you enforce your IT and business policies? How do you engage with developers? How do you reduce the time-to-first API call? How do you measure their use and impact? Before…

Read more
C#, Web, WebApi

Web APIs: what you should not forget

In today’s day and age, you probably have heard of (REST) Web APIs as the way to consume data over the web. This is especially true with the emergence of microservices. You are probably building, have built or thinking of building a/some Web API(s). You are or may be planning to consume a/some Web API(s). In this post, I want to highlight certain things not to forget, on a technical stand point, when consuming and building Web APIs. Remember that those are just a start. There are multiple resources on the internet to help you adopt good practices. A good one that I recommend is the Microsoft API Implementation guide. TL;DR In building APIs: Versioning Verbs to nouns Status codes overload…

Read more
C#, Tools

3rd party open source .NET libraries to add to your toolbox

It’s always a pleasure to see the community help each other out in ways we think are unimaginable. One of the best way some people help, is to open source their hard work into libraries, so you don’t have to code the behavior yourself. It’s always hard to know what’s out there, so in this post, I want to give a shootout to some of the .NET libraries I find could definitely enhance your application(s) and if not, beef up your toolbox. As a developer, it’s good to know they exist, so you can increase your knowledge of the available tools out there. They definitely can help you out in the future. Note that I am listing here some libraries…

Read more
C#, Team Services

Accessing TFS/VSTS 2017 programmatically

Being able to have access to the data in Team Foundation Server (TFS)/Visual Studio Team Services (VSTS) can be useful for automating processes where, for instance, you want to either create custom reports, or trigger certain actions based on certain conditions in your development process. Prior to TFS 2017 (and VSTS), the known method was to use the NuGet packages Microsoft.TeamFoundationServer.Client to perform such tasks. With the arrival of TFS 2017/VSTS, Microsoft introduced a REST API that can be used to access the same data. This is a great news as this enables multiple programming languages to access TFS/VSTS. In this post, I will show you how to access your data using both the package and through the API. Accessing TFS/VSTS…

Read more
C#, Visual Studio

How to debug your .NET applications and packages without the actual source

Debugging is a big part of a developer’s job. It becomes even more critical when things don’t happen quite right in production. If you are lucky, your production application has been compiled with the symbols (PDBs or Program Database). Since I always tend to forget how to debug in such a way, I am writing it here as reminder to myself, but also to remind you that the world does not stop here if you did not compile the pdbs with your production application. To be able to debug, a copy of Visual Studio is needed. Debugging a .NET application when the source code is unavailable Debugging an application when the source is unavailable can now be done with tools…

Read more
Angular, C#, Web

Secure your Angular/ASP.NET Core application with Anti-forgery token

Security has always been at the forefront of Web Applications. There are so many security concerns one has to think of when developing web applications. Today, I want to share with you guys how to secure a Single Page Application (SPA) from Cross-site request forgery (CSRF or XSRF) using Angular 4. If you’re still using Angular 2 this works as well but I recommend upgrading to 4. It’s easy and they made the code faster and smaller (maybe a topic for another day ;-]) By default, the Angular core HTTP library will look for a token in the cookie with the name XSRF-TOKEN and add it to the request. Thanks to the CookieXSRFStrategy provided by Angular, Angular does that part for you. However,…

Read more
C#, Web

Two-Factor authentication in ASP.NET Identity 3 using TOTP authenticator

Two-Factor authentication is becoming more critical especially in business applications where sensitive and/or critical data can be accessed. A business application should communicate on a secure channel (https) and should implement Two-Factor as a minimum for their users especially if they can access the application remotely, which means everywhere. You could obviously skip the Two-Factor authentication when the user is on the intranet. This is not implemented in this article. What is a Two-Factor authentication? I will give a brief overview of what Two-Factor authentication actually is. As Joel Franusic described it in his post Two-Factor Authentication or TFA is a method where your users are required to log in with two “factors”: a password, and a code from a device that…

Read more