Azure, C#

The moment I came to play with .NET Standard 2.0…

I’ve been playing around with Azure Functions, the Bot Framework and the .NET Standard 2.0 framework recently and I’ve come across some quite interesting challenges that I want to share with you. I’ve been developing a system that has the following layout: As you can see, I have an Azure Function (Time Trigger) that pushes data to an Azure SQL database. I have an ASP.NET Core Web API (targeting the .NET Core 2.0 framework) that is the data abstraction for anything that wants to consume my data. Right now, only the Bot (Bot Framework) is the client. To have a functional and reusable ecosystem, I created some libraries to interact with my system which includes the Data Access Layer (DAL), …

Read more
C#, Software Architecture, WebApi

Web APIs: The real existential questions

The real existential questions I was talking to my buddy Alexandre about Web APIs and we had a great general discussion on the subject. What he made me realize and what I want to bring up with you guys is that building APIs goes beyond the technical implementation. Sometimes you have to look at things from a higher point of view. He shared with me with the following questions that I found very interesting. How do you project your backend API? How do you protect your core business systems? How do you enforce your IT and business policies? How do you engage with developers? How do you reduce the time-to-first API call? How do you measure their use and impact? Before…

Read more
C#, Web, WebApi

Web APIs: what you should not forget

In today’s day and age, you probably have heard of (REST) Web APIs as the way to consume data over the web. This is especially true with the emergence of microservices. You are probably building, have built or thinking of building a/some Web API(s). You are or may be planning to consume a/some Web API(s). In this post, I want to highlight certain things not to forget, on a technical stand point, when consuming and building Web APIs. Remember that those are just a start. There are multiple resources on the internet to help you adopt good practices. A good one that I recommend is the Microsoft API Implementation guide. TL;DR In building APIs: Versioning Verbs to nouns Status codes overload…

Read more
C#, Tools

3rd party open source .NET libraries to add to your toolbox

It’s always a pleasure to see the community help each other out in ways we think are unimaginable. One of the best way some people help, is to open source their hard work into libraries, so you don’t have to code the behavior yourself. It’s always hard to know what’s out there, so in this post, I want to give a shootout to some of the .NET libraries I find could definitely enhance your application(s) and if not, beef up your toolbox. As a developer, it’s good to know they exist, so you can increase your knowledge of the available tools out there. They definitely can help you out in the future. Note that I am listing here some libraries…

Read more
Angular, Web

Custom control validation in Angular

Validation is an integral part of a web application. Making sure that a first validation pass is done on the client side can (to some extent) help you cleanse your data and show useful messages to your users when the input data is invalid. Angular comes with a pre-determined set of validators, and you can find find some validators libraries on GitHub, but sometimes this is not enough as you need custom rules for validating your data. Since form validation can occur through reactive forms or template driven forms, let’s go over each of them to see how we can add a custom validator in each case. Custom validator through reactive forms Validation can occur on a formControl or on a…

Read more
C#, Team Services

Accessing TFS/VSTS 2017 programmatically

Being able to have access to the data in Team Foundation Server (TFS)/Visual Studio Team Services (VSTS) can be useful for automating processes where, for instance, you want to either create custom reports, or trigger certain actions based on certain conditions in your development process. Prior to TFS 2017 (and VSTS), the known method was to use the NuGet packages Microsoft.TeamFoundationServer.Client to perform such tasks. With the arrival of TFS 2017/VSTS, Microsoft introduced a REST API that can be used to access the same data. This is a great news as this enables multiple programming languages to access TFS/VSTS. In this post, I will show you how to access your data using both the package and through the API. Accessing TFS/VSTS…

Read more
C#, Visual Studio

How to debug your .NET applications and packages without the actual source

Debugging is a big part of a developer’s job. It becomes even more critical when things don’t happen quite right in production. If you are lucky, your production application has been compiled with the symbols (PDBs or Program Database). Since I always tend to forget how to debug in such a way, I am writing it here as reminder to myself, but also to remind you that the world does not stop here if you did not compile the pdbs with your production application. To be able to debug, a copy of Visual Studio is needed. Debugging a .NET application when the source code is unavailable Debugging an application when the source is unavailable can now be done with tools…

Read more
Angular, C#, Web

Secure your Angular/ASP.NET Core application with Anti-forgery token

Security has always been at the forefront of Web Applications. There are so many security concerns one has to think of when developing web applications. Today, I want to share with you guys how to secure a Single Page Application (SPA) from Cross-site request forgery (CSRF or XSRF) using Angular 4. If you’re still using Angular 2 this works as well but I recommend upgrading to 4. It’s easy and they made the code faster and smaller (maybe a topic for another day ;-]) By default, the Angular core HTTP library will look for a token in the cookie with the name XSRF-TOKEN and add it to the request. Thanks to the CookieXSRFStrategy provided by Angular, Angular does that part for you. However,…

Read more
Angular, Web

Demystifying a few Angular2 concepts for starters

Being immersed in the JavaScript frameworks world can be intimidating. Today, I will try to demystify a few concepts and perhaps at the same time answer some questions that someone starting with Angular2 will most probably have. The framework is mature enough at this point in time to be able share some of the basics, but useful, things that one should have in mind when using it. Angular2 uses TypeScript TypeScript is a subset of JavaScript that is strongly typed, unlike JavaScript which is dynamically typed. Without going into too much details, it basically means that the compiler will not let you put a type into another. For instance, assigning a number (may it be a short, int, double, etc) to a…

Read more
Tools, Visual Studio, Web

Synchronizing node version with your environment in Visual Studio 2017

Visual Studio 2017 is official finally out and Microsoft did a tremendous job in listening to their user base. They simplified the install process, enhanced the speed of the load of the projects, enhanced their IntelliSense and debugging tools to say the least. If you have not tried it yet, go and grab yourself a copy today! The community edition is free and is available to everyone! On that note, one may remember the nodejs binding problem that would occur in Visual Studio 2015 when it comes to gulp and node-sass

This happens because Visual Studio has a set of paths that are searched to find node/npm etc. By default Visual Studio 2017 comes with Node 5.4.1 and npm 3.3.4 shipped. As…

Read more
Documentation

Why you should have release notes

Building software is exciting. You get your first release out there, rock back your chair or celebrate with your team and overall everyone is happy. The word goes out and people start using what you’ve built. Exciting! Like any living software, you start improving your software and fix some bugs. There are a few times where I am looking at software (may it be a full blown application or plugins), I see that a new version is out, but I don’t see what has been changed. I also often come across releases where the major version has changed. As per semver, a major version means that one makes incompatible API changes. However, do developers really do follow that? Some may want to…

Read more
Software Architecture

The importance of good logging

Lately, as you may have noticed through my other posts, I’ve been doing a lot of migration and DevOps. I’ve had my fair share of problems and the fact that I was able to skim through the logs for clues helped me put everything into production. I want to discuss in this post the importance of good information logging whether it is general information for the user or errors occurring in the application. Often we see applications not having any logs or the logs they provide are poor in content. Every system is different; not every system is configured the same way and/or has the same applications installed. Here are some points that should be followed by every developer when it comes…

Read more
Continuous Integration, Web

ASP.NET Core web.config publishing blues

I’ve been working on being able to use Octopus Deploy to deploy ASP.NET Core applications through IIS and I was faced with an interesting challenge. When publishing to a File System through the Visual Studio Publish command, it will trigger a PowerShell script that essentially will call Microsoft Web Deploy V3 (msdeploy) to put your FileSystem up to date with your release. But before calling MSDeploy, it will update (or should I say overwrite) your web.config with the proper handlers that match your application. This means that it will create a generic web.config and removing all the settings you may want. The ASP.NET team is aware I believe of the fact that the publishing tool is limited and thus in need of some customization features…

Read more
Server administration

Having IIS and Tomcat running side by side on Windows

It has been an interesting week for me as I’ve been doing a lot of DevOps and migrating a lot of the internal tools that we use. One problem I faced with was to make IIS and Tomcat friends. It must be easy right? Setup IIS, setup Tomcat, bind each to a respective IP address so they can run on the regular ports (80/443). You start IIS, you start Tomcat and then you look at the logs of Tomcat and you get the famous java.net.BindException: Address already in use exception. There’s a solution. By default, IIS goes through HTTP.sys and binds to all available IP addresses. You have to tell it which addresses it can be bound to. To do that,…

Read more
C#, Web

Two-Factor authentication in ASP.NET Identity 3 using TOTP authenticator

Two-Factor authentication is becoming more critical especially in business applications where sensitive and/or critical data can be accessed. A business application should communicate on a secure channel (https) and should implement Two-Factor as a minimum for their users especially if they can access the application remotely, which means everywhere. You could obviously skip the Two-Factor authentication when the user is on the intranet. This is not implemented in this article. What is a Two-Factor authentication? I will give a brief overview of what Two-Factor authentication actually is. As Joel Franusic described it in his post Two-Factor Authentication or TFA is a method where your users are required to log in with two “factors”: a password, and a code from a device that…

Read more