Advanced Topics in ASP.NET Core Web API

This section dives into more complex and specialized features of ASP.NET Core Web API, enabling you to build robust, scalable, and maintainable applications.

1. Dependency Injection (DI)

ASP.NET Core has built-in support for Dependency Injection, which is crucial for creating loosely coupled and testable applications. Learn how to register services, inject them into controllers and other components, and manage their lifetimes.

Service Registration

Services are registered in the Startup.cs file within the ConfigureServices method.

public void ConfigureServices(IServiceCollection services)
{
    services.AddControllers();
    // Register a service with a singleton lifetime
    services.AddSingleton<IMyService, MyService>();
    // Register a service with a scoped lifetime
    services.AddScoped<IAnotherService, AnotherService>();
    // Register a service with a transient lifetime
    services.AddTransient<ITempService, TempService>();
}

Constructor Injection

Inject services into your controllers or other classes via their constructors.

public class MyController : ControllerBase
{
    private readonly IMyService _myService;

    public MyController(IMyService myService)
    {
        _myService = myService;
    }

    [HttpGet]
    public IActionResult Get()
    {
        var data = _myService.GetData();
        return Ok(data);
    }
}

2. Filters

Filters provide a way to implement cross-cutting concerns for your Web API actions. They can execute code before or after an action method is executed, or even before the response is sent back to the client.

Types of Filters

• Authorization Filters: Used for authorization logic (e.g., IAsyncAuthorizationFilter).
• Resource Filters: Execute early in the request pipeline (e.g., IAsyncResourceFilter).
• Action Filters: Execute before and after an action method executes (e.g., IAsyncActionFilter).
• Result Filters: Execute before and after an action result is executed (e.g., IAsyncResultFilter).
• Exception Filters: Handle exceptions thrown by the action method or other filters (e.g., IAsyncExceptionFilter).

Implementing a Custom Filter

Here's an example of a custom action filter to log request details:

public class LoggingActionFilterAttribute : ActionFilterAttribute
{
    public override void OnActionExecuting(ActionExecutingContext context)
    {
        Console.WriteLine($"Executing action: {context.ActionDescriptor.DisplayName}");
        base.OnActionExecuting(context);
    }

    public override void OnActionExecuted(ActionExecutedContext context)
    {
        Console.WriteLine($"Executed action: {context.ActionDescriptor.DisplayName}");
        base.OnActionExecuted(context);
    }
}

Apply the filter to an action method or controller:

[ServiceFilter(typeof(LoggingActionFilterAttribute))]
public class MyController : ControllerBase
{
    // ...
}

3. Asynchronous Programming

Web APIs often deal with I/O-bound operations, making asynchronous programming essential for responsiveness and scalability. Utilize async and await for non-blocking operations.

Example

public async Task<IActionResult> GetItemAsync(int id)
{
    var item = await _repository.GetItemByIdAsync(id);
    if (item == null)
    {
        return NotFound();
    }
    return Ok(item);
}

4. Caching

Implement caching to improve the performance of your Web API by reducing the need to re-compute or re-fetch data.

Response Caching

Use the [ResponseCache] attribute for simple response caching.

[ResponseCache(Duration = 60, VaryByQueryKeys = new[] { "*" })]
public IActionResult GetData()
{
    // ...
}

Distributed Caching

For more advanced scenarios, use distributed caches like Redis or Memcached with packages like Microsoft.Extensions.Caching.StackExchangeRedis.

5. Versioning

As your API evolves, you'll need strategies to handle different versions without breaking existing clients. Common approaches include URL path versioning, query string versioning, and custom headers.

URL Path Versioning Example

// Route for v1
[Route("api/v1/[controller]")]
public class ProductsController : ControllerBase { ... }

// Route for v2
[Route("api/v2/[controller]")]
public class ProductsController : ControllerBase { ... }

6. Cross-Origin Resource Sharing (CORS)

CORS is a security feature that prevents web pages from making requests to a different domain than the one that served the web page. Configure CORS in ASP.NET Core to allow cross-origin requests.

Configuration in Startup.cs

public void ConfigureServices(IServiceCollection services)
{
    // ...
    services.AddCors(options =>
    {
        options.AddPolicy("AllowSpecificOrigin",
                          builder => builder.WithOrigins("https://www.example.com")
                                            .AllowAnyHeader()
                                            .AllowAnyMethod());
    });
    // ...
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    // ...
    app.UseCors("AllowSpecificOrigin");
    // ...
}

7. API Gateway Patterns

For complex microservice architectures, consider using an API Gateway. It acts as a single entry point for clients, handling concerns like routing, authentication, rate limiting, and request aggregation.

Popular API Gateway solutions include:

• Azure API Management
• AWS API Gateway
• Ocelot (an open-source API Gateway for .NET)