Posts

ClaimsPrincipal, ClaimsIdentity, Claims explained in dotnet authentication

Image
claimsprincipal_dotnet Authentication means identifying a subject (user, external application etc) ASP.Net Core Identity is a framework that uses claims based authentication to authenticate users Key concepts in Claims-based authentication Claim Claim is a statement about the subject (user) being authenticated It is a key value pair (like username=John is a claim, email=john1543@gmail.com is a claim, userId=236 is a claim) A claim can have an issuer (for example: userId=236 as per system , date of birth=1st-Jan-2006 as per Gmail ; here system and Gmail are the issuers) ClaimsIdentity ClaimsIdentity is a collection of claims of the subject (user) For example, driving license of a subject (user) can be a ClaimsIdentity that has claims like name, photo, date of birth, address etc. Passport can be a ClaimsIdentity that has claims like name, place of birth, photo, nationality, permanent address etc ClaimsIdentity also has a string property called Authenti
Post a Comment
Read more

Implicit usings, top level statements, file scoped namespaces in dotnet

implicit usings Implicit usings = no repeated using statement in all files With implicit usings feature in a C# project, common using statements are automatically added by the compiler in all the C# files. For example using System; statement is not required to run the dotnet console application as shown below Console . WriteLine ( "Hello World!" ) ; Additional implicit usings can be declared in a C# project with global usings statements in any one of the project’s C# files as shown below. global using Ardalis . GuardClauses ; global using MediatR ; global using Project2 . Utils ; Existing implicit usings can be removed or included in the .csproj file of the C# project as shown below < ItemGroup > < Using Remove = " System.Threading.Tasks " /> < Using Include = " System.Math " /> </ ItemGroup > The implicit usings added in a C# project is based on the project type as sh
Post a Comment
Location: Mumbai, Maharashtra, India
Read more

Manage packages in dotnet applications

Image
dotnet_packages By using packages , third party logic can be used in dotnet applications Packages declaration in csproj file The external packages used by a project are declared in its csproj file like the following The packages will be downloaded and linked as per the csproj package references during the restore or build process Browse Nuget packages online Nuget packages can searched online at https://www.nuget.org/PACKAGES Manage packages from dotnet cli Install / update a package command - dotnet add <PROJECT_FOLDER> package <PACKAGE_NAME> -v <VERSION> The following command adds/updates a package in a project. If the package is already present, it will be updated to the latest version dotnet add package Microsoft.Data.Sqlite Install a specific version using -v flag like the following dotnet add package Microsoft.Data.Sqlite -v 8.0.10 List all packages in a project command - dotnet list <PROJECT_FOLDER> package
Post a Comment
Location: Mumbai, Maharashtra, India
Read more

Setup dotnet development in Visual Studio, dotnet CLI and VS code

Image
dotnet_setup Install dotnet Download and install dotnet sdk from https://dotnet.microsoft.com/en-us/download Verify dotnet version with the command dotnet --version Solution and Projects in dotnet Project is a C# application. It is defined by a .csproj file Solution is a collection of multiple projects. It is defined using a .sln file A simple C# solution folder structure can be as follows ConsoleAppSolution │ ConsoleAppSolution.sln │ ├───ConsoleApp1 │ ConsoleApp1.csproj │ Program.cs │ └───ConsoleApp2 ConsoleApp2.csproj Program.cs Development with Visual studio Download and install visual studio from https://visualstudio.microsoft.com/downloads/ Open Visual studio and select “Create New Project” Select project type as “Console Application” Enter the solution name and project name Select the dotnet version Now a solution is created in visual studio as shown below Development with dotnet CLI dotnet C
Post a Comment
Location: Mumbai, Maharashtra, India
Read more

Introduction to dotnet with a simple hello world example

Image
dotnet_intro Introduction to dotnet with a simple hello world example What is dotnet Dotnet is an ecosystem or a framework that consists of languages, runtime (CLR), common language infrastructure (CLI), base class libraries (BCL) CLR is like JVM for Java applications Where can dotnet run dotnet can run on multiple operating systems like windows, linux based systems, android, macOS Why use Dotnet Using Dotnet, we can create secure, cross-platform, enterprise grade, high performance, maintainable, reusable, testable, easily hostable web applications We can exploit the rich open source .NET ecosystem that has been around for decades and still actively maintained by community and Microsoft .NET uses C# language which is best for creating readable and maintainable code. C# is evolving faster to become more powerful due to open source community thereby increasing the developer friendliness and productivity Common Dotnet Frameworks Dotnet has framewo
Post a Comment
Location: Mumbai, Maharashtra, India
Read more

Security best practices for Web application development in Dotnet

Security Best Practices Web Application Development Security Best Practices The following are some of the security best practices that can be followed while developing web applications Cross Site Request Forgery (CSRF) Prevention CSRF is possible if the authenticity is checked only based on the cookie. To avoid this, developers we can adopt the Synchronizer Token Pattern (random “challenge” tokens that are associated with the user’s current session). These challenge tokens are then inserted within the HTML forms and links associated with sensitive server-side operations. When a form is submitted, the form token is also validated along with cookie to safeguard against CSRF attacks. Many mature frameworks already have easy ways to mitigate CSRF. For example dotnet core has the Antiforgery middleware by default in all forms rendered via MVC or razor pages ( https://learn.microsoft.com/en-us/aspnet/core/security/anti-request-forgery?view=aspnetcore-7.0 )
Post a Comment
Location: Mumbai, Maharashtra, India
Read more