This document summarizes the key features of ASP.NET Web API 2.X, including routing improvements, global error handling, documentation with Help Page, enabling CORS for cross-domain requests, and caching support. The presenter is Ugo Lattanzi, head of technologies at Gaia, a Microsoft MVP, and expert in web development technologies.
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
Codemotion Rome 2014
1. WEB API 2.X
What’s new and …..
Ugo Lattanzi
Head of Technologies @ Gaia
Microsoft MVP, MCP
Twitter: @imperugo
Blog (en): http://tostring.it
Blog (it): http://imperugo.tostring.it
E-mail: imperugo@gmail.com
2. Agenda
• Who am I?
• What’s ASP.NET Web API?
• What’s a RESTful service?;
• Routing old and new;
• Global Error Handling;
• Help Page;
• CORS;
• BSON serialization;
• Ignore route;
• …. caching;
4. Who am I?
• Head of Technologies at Gaia (www.gaia.is.it);
• Microsoft MVP (ASP.NET / IIS);
• Speaker / Trainer;
• Book / Article author;
• “Opensourcer”;
• Github lover;
• Everything about Web Dev;
8. Web API and REST
It is not a WebService (SOAP), a pattern or a
protocol, but is a style of software architecture for
distributed systems such as the World Wide Web
9. Web API and REST
ASP.NET Web API is a framework (FW 4.x) for processing
data and returning data, typically in json or xml (RESTful
services);
It seems like MVC but it isn't, if you need both, use both.
10. What is similar to MVC?
• Released with NuGet;
• Routing;
• Controllers and Actions;
• Filters;
• ModelBindings;
• Dependency Injection;
11. What is different from MVC?
• Dispatching (based on http verbs);
• Formatters;
• Async everywhere;
• Self hosted (no need for IIS);
• Content negotiation;
• Everything is under System.Web.Http;
12. RESTful
• Stateless architecture based on HTTP;
• Each url is a resources (no transaction between two
requests);
• Base on HTTP Verbs (GET, POST, PUT, DELETE);
• The status of the response is based on HTTP Status code
(401, 200, 404 and so on);
15. Attribute Routing
Allows you to override the default routing for a single
action/controller;
/customers/1/orders
/api/v1/products
/api/v2/products
Good Article: http://bit.ly/1dwdc2D
17. Global error handling (the problem)
There’s no easy way in Web API to log or handle errors
globally (prev v2.x);
I.E.:
• Exceptions thrown from controller constructors
• Exceptions thrown from message handlers
• Exceptions thrown during routing
• Exceptions thrown during response content serialization
Good Article: http://bit.ly/1eiUvBB
18. Global error handling (the solution)
WEB API (2.x) provides two new user-replaceable
services, IExceptionLogger and IExceptionHandler, to
log and handle unhandled exceptions. The services are
very similar, with two main differences:
23. Help Page
• “Automatic” API Documentation;
• Based on MVC (all via nuget);
• Template on top of Bootstrap
• Support validation attributes;
• Code comments;
• Support complex types also for GET Methods (new);
• Support for Enums;
29. CORS - Cross-Origin Resource Sharing -
(the problem)
By default it's not possible to make HTTP requests using
Javascript from a source domain that is different from the
called endpoint.
For example, this means that it's not possible to call the
URL http://mysite.com/api/myrestendpoint from a domain
http://yoursite.com
This limitation was introduced for security reasons: in
fact, without this protection, malicious javascript code could
get info from another site with the user noticing.
31. CORS (the problem)
Ok, but sometimes we need to do this. How can we do
that?
• JSONP is easy to use and it's supported by all browsers;
the only problem is that the only HTTP VERB supported is
GET, which has a limitation on the length of the string that
can be passed as query parameter.
• Otherwise, if you need to send lot of information we can't
use this way, so the soulution could be to "proxy" the
request locally and forward the data server side or to use
CORS.
32. CORS (the solution)
Basically CORS communication allow you to bypass the
problem by defining some rules that makes the request
more "secure".
Of course the first thing we need is a browser that supports
CORS: fortunately all the latest browsers support it.
Anyway, we have to consider that, looking at the real
world, there are several clients that are still using Internet
Explorer 8 which, among other things, doesn't fully support
CORS (IE8 has limited support for CORS).
38. CACHING
• Did you know that HTTP supports caching?
• Do we really need to use server side caching?
• What do I need to do in my code?
39. Caching
How does it work?
The client will ask the server if it has an updated copy of
the resource by sending some information about the
cached resources it holds using a request header
called ETag
If there are no updates, the server return 304 with an empty
body, otherwise a 200 with the new data
41. Cache Cow
It’s an open source library available on nuget (the source
code is on github) that allows you to enable caching in you
APIs;
Supports different providers to store the cache
(memcache, ravendb, azure caching, Redis and so on);
43. THANKS
Ugo Lattanzi
Head of Technologies @ Gaia
Microsoft MVP, MCP
Twitter: @imperugo
Blog (en): http://tostring.it
Blog (it): http://imperugo.tostring.it
E-mail: imperugo@gmail.com
Notas do Editor
One advantage of convention-based routing is that templates are defined in a single place, and the routing rules are applied consistently across all controllers. Unfortunately, convention-based routing makes it hard to support certain URI patterns that are common in RESTful APIs.