In this article, we will look into the implementation of reading Queries and Write Commands using CQRS and Dapper ORM in the ASP.Net Core 5.0 template. CQRS is a popular architecture pattern because it addresses a common problem with most enterprise applications. Separating write behavior from reading behavior, which is the essence of the CQRS architectural pattern, provides stability and scalability to enterprise applications while also improving overall performance.

In scenarios, when you have complex business logic CQRS may simplify understanding of the domain by dividing the problem into the command and query parts. In situations, when your UI is based on workflows and utilizes the Interface pattern it is easier to identify user's intents and translate them into domain events.

Setup the Project
    Open Visual Studio and select "Create a new project" and click the "Next" button.
    Add the "project name" and "solution name", also choose the path to save the project in that location, click on "Next".
    Now choose the target framework ".Net 5.0" which we get once we install the SDK and also will get one more option to configure Open API support by default with that check box option.

Tables Schema
Create a Database in the SQL Server to execute the below schema under that database to create respective tables. If the database already exists then we can directly execute the schema without creating the database. Here we have created two tables Order & Product to work with CRUD Operations.
USE [OrderDb]
GO
/****** Object:  Table [dbo].[Orders]    Script Date: 17-08-2021 10:54:38 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE TABLE [dbo].[Orders](
    [OrderId] [int] IDENTITY(1,1) NOT NULL,
    [OrderDetails] [nvarchar](max) NULL,
    [IsActive] [bit] NOT NULL,
    [OrderedDate] [datetime2](7) NOT NULL,
 CONSTRAINT [PK_Orders] PRIMARY KEY CLUSTERED
(
    [OrderId] ASC
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
GO
/****** Object:  Table [dbo].[Products]    Script Date: 17-08-2021 10:54:38 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE TABLE [dbo].[Products](
    [ProductId] [int] IDENTITY(1,1) NOT NULL,
    [Name] [nvarchar](max) NULL,
    [Price] [real] NOT NULL,
    [isDisCountApplied] [bit] NOT NULL,
 CONSTRAINT [PK_Products] PRIMARY KEY CLUSTERED
(
    [ProductId] ASC
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON, OPTIMIZE_FOR_SEQUENTIAL_KEY = OFF) ON [PRIMARY]
) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
GO

Adding the Domain Models
Let's create the table models inside the project. To separate the things from each other we will be following the Onion Architecture pattern in which we will maintain all our Models under the Domain Layer. Create a Class library named Domain Layer and add the below class files inside that.

Order.cs
using System;

namespace DomainLayer
{
   public class Order
    {
       public int OrderId { get; set;}
       public string OrderDetails { get; set; }
       public bool IsActive { get; set; }
       public DateTime OrderedDate { get; set; }
    }
}

Product.cs
namespace DomainLayer
{
    public class Product
    {
       public int ProductId { get; set; }
       public string Name { get; set; }
       public float Price { get; set; }
       public bool isDisCountApplied  { get; set; }
    }
}

Domain Layer

Commands & Queries
Commands are nothing but task-based operations where they will perform the write operations to the database. Here will need one more project (Class Library) to maintain all these Read/Write Operations so that will have layered architecture with fewer dependencies. Create a class library named ApplicationLayer to have the commands and queries based on requirements.

Create a folder named Commands and Query and inside that will add the classes based on the tables and operations. Below is the image of the Application Layer

Adding the Required Packages in Application Layer
As referenced before, the Application Layer will contain the CQRS Commands and Queries that are explicit for this application.

Right off the bat, Add Reference to the Domain Project.

Then, at that point, introduce the necessary bundles through Console.

Install-Package MediatR.Extensions.Microsoft.DependencyInjection

Adding the Dependency Injection
This is another variation that I have seen in numerous tremendous arrangements. Suppose you have around 100 interfaces and 100 executions. Do you add this load of 100 lines of code to the Startup.cs to enroll them in the holder? That would be crazy according to the viability perspective. To keep things clean, what we can do is, Create a DependencyInjection static Class for each layer of the arrangement and just add the comparing expected administrations to the comparing Class.

Along these lines, we are decentralizing the code lines and keeping our Startup class slick and clean. Here is an augmentation technique over the IServiceCollection.
using MediatR;
using Microsoft.Extensions.DependencyInjection;
using System.Reflection;

namespace ApplicationLayer
{
public static class DependencyInjection
{
    #region Services Injection
    public static void AddApplication(this IServiceCollection services)
    {
        services.AddMediatR(Assembly.GetExecutingAssembly());
    }
    #endregion

}
}

Basically, these classes would cover our CRUD Operations implementation by using the SQL Queries - Dapper

CreateOrUpdateOrderCommand.cs
using Dapper;
using MediatR;
using Microsoft.Extensions.Configuration;
using System.ComponentModel.DataAnnotations;
using System.Data.SqlClient;
using System.Threading;
using System.Threading.Tasks;

namespace ApplicationLayer.Commands.Orders
{
public class CreateOrUpdateOrderCommand : IRequest<int>
{
    public int OrderId { get; set; }
    [Required]
    public string OrderDetails { get; set; }
    public class CreateOrUpdateOrderCommandHandler : IRequestHandler<CreateOrUpdateOrderCommand, int>
    {
        private readonly IConfiguration configuration;
        public CreateOrUpdateOrderCommandHandler(IConfiguration configuration)
        {
            this.configuration = configuration;
        }
        public async Task<int> Handle(CreateOrUpdateOrderCommand command, CancellationToken cancellationToken)
        {
            if (command.OrderId > 0)
            {
                var sql = "Update Orders set OrderDetails = @OrderDetails Where OrderId = @OrderId";
                using (var connection = new SqlConnection(configuration.GetConnectionString("DefaultConnection")))
                {
                    connection.Open();
                    var result = await connection.ExecuteAsync(sql, command);
                    return result;
                }
            }
            else
            {
                var sql = "Insert into Orders (OrderDetails) VALUES (@OrderDetails)";
                using (var connection = new SqlConnection(configuration.GetConnectionString("DefaultConnection")))
                {
                    connection.Open();
                    var result = await connection.ExecuteAsync(sql, new { ClientName = command.OrderDetails });
                    return result;
                }
            }
        }
    }
}
}

DeleteProductByIdCommand.cs
using Dapper;
using MediatR;
using Microsoft.Extensions.Configuration;
using System.ComponentModel.DataAnnotations;
using System.Data.SqlClient;
using System.Threading;
using System.Threading.Tasks;

namespace ApplicationLayer.Commands.Products
{
public class DeleteProductByIdCommand : IRequest<int>
{
    [Required]
    public int ProductId { get; set; }
    public class DeleteProductByIdCommandHandler : IRequestHandler<DeleteProductByIdCommand, int>
    {
        private readonly IConfiguration _configuration;
        public DeleteProductByIdCommandHandler(IConfiguration configuration)
        {
            _configuration = configuration;
        }
        public async Task<int> Handle(DeleteProductByIdCommand command, CancellationToken cancellationToken)
        {
            var sql = "DELETE FROM Products WHERE ProductId = @ProductId";
            using (var connection = new SqlConnection(_configuration.GetConnectionString("DefaultConnection")))
            {
                connection.Open();
                var result = await connection.ExecuteAsync(sql, new { ClientID = command.ProductId });
                return result;
            }
        }
    }
}
}

GetAllORdersQuery.cs
using Dapper;
using DomainLayer;
using MediatR;
using Microsoft.Extensions.Configuration;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Threading;
using System.Threading.Tasks;

namespace ApplicationLayer.Queries.Orders
{
public class GetAllOrdersQuery : IRequest<IList<Order>>
{
    public class GetAllOrderQueryHandler : IRequestHandler<GetAllOrdersQuery, IList<Order>>
    {
        private readonly IConfiguration _configuration;
        public GetAllOrderQueryHandler(IConfiguration configuration)
        {
            _configuration = configuration;
        }
        public async Task<IList<Order>> Handle(GetAllOrdersQuery query, CancellationToken cancellationToken)
        {
            var sql = "Select * from Orders";
            using (var connection = new SqlConnection(_configuration.GetConnectionString("DefaultConnection")))
            {
                connection.Open();
                var result = await connection.QueryAsync<Order>(sql);
                return result.ToList();
            }
        }
    }
}
}

GetAllProductsQuery.cs
using Dapper;
using DomainLayer;
using MediatR;
using Microsoft.Extensions.Configuration;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Threading;
using System.Threading.Tasks;

namespace ApplicationLayer.Queries.Products
{
public class GetAllProductsQuery : IRequest<IList<Product>>
{
    public class GetAllOrderQueryHandler : IRequestHandler<GetAllProductsQuery, IList<Product>>
    {
        private readonly IConfiguration _configuration;
        public GetAllOrderQueryHandler(IConfiguration configuration)
        {
            _configuration = configuration;
        }
        public async Task<IList<Product>> Handle(GetAllProductsQuery query, CancellationToken cancellationToken)
        {
            var sql = "Select * from Products";
            using (var connection = new SqlConnection(_configuration.GetConnectionString("DefaultConnection")))
            {
                connection.Open();
                var result = await connection.QueryAsync<Product>(sql);
                return result.ToList();
            }
        }
    }
}
}

Firstly, add a connection string to the appsettings.json found in the WebApi Project.

appsettings.json
"ConnectionStrings": {
"DefaultConnection": "Server=**********;Database=OrderDb;Trusted_Connection=True;"
}

Furthermore, in the Startup class/ConfigureServices strategy for the WebApi Just Add the accompanying line. You would now be able to see the benefit of this sort of approach.
#region Dependency Injection
services.AddApplication();
#endregion

Adding the MediatR Handler and Controllers

This is the last step of setting up Onion Architecture In ASP.NET Core. We should wire up a regulator to the Application Layer.

Make a Base API Controller. This will be an Empty API Controller which will have a MediatR object. What is the point of this Base Controller? It is simply to diminish the lines of code. Say, we add another regulator. We won't need to re-characterize the MediatR object. Be that as it may, we will simply add the BaseAPI Controller as the base class. Get it? I will show it in execution.

Add another Empty API Controller in the Controllers envelope and name it BaseController.

BaseController.cs
using MediatR;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.DependencyInjection;

namespace OnionArchitecture_CQRS_Dapper.Controllers
{
[Route("api/[controller]")]
[ApiController]
public abstract class BaseController : ControllerBase
{
    #region Property
    private IMediator _mediator;
    #endregion
    protected IMediator Mediator => _mediator ??= HttpContext.RequestServices.GetService<IMediator>();
}
}

OrderController.cs
using ApplicationLayer.Commands.Orders;
using ApplicationLayer.Queries.Orders;
using Microsoft.AspNetCore.Mvc;
using System.Threading.Tasks;

namespace OnionArchitecture_CQRS_Dapper.Controllers
{
public class OrderController : BaseController
{
    /// <summary>
    /// Save newly added order to database
    /// </summary>
    /// <param name="command"></param>
    /// <returns></returns>
    [HttpPost(nameof(SaveOrderData))]
    public async Task<IActionResult> SaveOrderData(CreateOrUpdateOrderCommand command) => Ok(await Mediator.Send(command));
    /// <summary>
    /// Fetch all data from the Orders table.
    /// </summary>
    /// <returns></returns>
    [HttpGet]
    public async Task<IActionResult> GetAllOrders() => Ok(await Mediator.Send(new GetAllOrdersQuery()));
}
}

ProductController.cs
using ApplicationLayer.Commands.Products;
using ApplicationLayer.Queries.Products;
using Microsoft.AspNetCore.Mvc;
using System.Threading.Tasks;

namespace OnionArchitecture_CQRS_Dapper.Controllers
{
public class ProductController : BaseController
{
    /// <summary>
    /// Delete Product from the Products Table
    /// </summary>
    /// <param name="command"></param>
    /// <returns></returns>
    [HttpDelete(nameof(DeleteProduct))]
    public async Task<IActionResult> DeleteProduct(DeleteProductByIdCommand command) => Ok(await Mediator.Send(command));
    /// <summary>
    /// Fetch all Product Data from the Database
    /// </summary>
    /// <returns></returns>
    [HttpGet]
    public async Task<IActionResult> GetAllProducts() => Ok(await Mediator.Send(new GetAllProductsQuery()));
}
}

Testing
Run the application and open up Swagger. We will do a simple test to ensure that our solution works.

HostForLIFE.eu ASP.NET Core Hosting

European best, cheap and reliable ASP.NET hosting with instant activation. HostForLIFE.eu is #1 Recommended Windows and ASP.NET hosting in European Continent. With 99.99% Uptime Guaranteed of Relibility, Stability and Performace. HostForLIFE.eu security team is constantly monitoring the entire network for unusual behaviour. We deliver hosting solution including Shared hosting, Cloud hosting, Reseller hosting, Dedicated Servers, and IT as Service for companies of all size.

SqlDataSource control is a data source control provided in ASP.NET to connect to database providers such as SQL, OLEDB, ODBC, and Oracle. This control only establishes a connection with the data source; it does not display data on the web page. The data is displayed by binding the SqlDataSource control to a data-bound control such as a GridView or DataList. These data-bound controls, in turn, display the data on the web page. The SqlDataSource control also supports editing, updating, deleting, and sorting of the records retrieved from the database. This support to manipulate the data in the data source can be implemented in data-bound controls without writing any code. In other words, a SqlDataSource control allows you to access databases without creating a Connection, Command, or a Data Reader object.
Adding SqlDataSource Control

A SqlDataSource control is added to the webform using markup or by dragging it from the Toolbox and dropping it on the web form. The code below shows the markup to create a SqlDataSource control.
<asp:SqlDataSource ID=”sqldsSuppliers” runat=”server”>
</asp:SqlDataSource>

The markup in this code creates a SqlDataSource control named sqldsSuppliers. This control will be used to connect to the NWSuppliers table in the Northwind database.
Configuring SqlDataSource Control

The basic configuration of the SqlDataSource control involves setting two attributes, namely ConnectionString and SelectCommand. The ConnectionString attribute specifies the connection string to connect to a particular database. The SelectCommand attribute specifies the select statement to retrieve the records from a database table. Source code uses these attributes to connect to the Northwind database located on the SQL Server instance, SQLEXPRESS, installed on the system 10.2.1.51.

<asp:SqlDataSource ID=”sqldsSuppliers” runat=”server” ConnectionString=”Data Source=10.2.1.51\SQLEXPRESS;Initial Catalog=Northwind; Integrated Security=True” SelectCommand=”select * from NWSupplierss;”>
</asp:SqlDataSource>

The SqlDataSource control, sqldsSuppliers, will retrieve all the records from the NWSuppliers table.

The attribute ConnectionString and SelectCommand are available only in the Source view of the web form in design view, the selectCommand attribute is available as a SelectQuery property.

Binding to a Data Bound Control
After the SqlDataSource control is configured to retrieve data from the database, it is bound to a data-bound control. The code below shows the code to bind an SQqlDataSource control named sqldsSuppliers to a DataList control named dlstSuppliers using the DataSourceID property.

<asp:DataList ID=”dlstSuppliers” runat=”server” backcolor=”LightGoldenrodYellow” BorderColor=”Tan” BorderWidth=”1px” CellPadding=”2” DataSourceID=”sqldsSuppliers” Font-Name=”verdana” Font-Size=”Smaller” ForeColor=”Black”>
</asp:Datalist>

The same SqlDataSource control can be bound to another data-bound control such as the GridView control by setting the DataSourceID property to sqldsSuppliers. Code shows the ItemTemplate code to display the data in a DataList control named dlstSuppliers.
<ItemTemplate>
  <strong>Supplier ID </strong>
  <asp:Label ID=”lblSupplierID” runat=”server” Text=’<%#Eval(“SupplierID”)%>’ width=”45px” Font-size=”x-small”>
  </asp:Label> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <strong> Company Name:</strong>
  <asp:Label ID=”lblCompanyName” runat=”server” Test=’<%#Eval(“Companyname”)%>’ width=”197px” Font-size=”x-small”>
  </asp:Label>
  <br />
  <br />
  <strong> Contact Name:</strong>
  <asp:Label ID=”lblContactName” runat=”server” Test=’<%#Eval(“ContactName”)%>’ width=”127px” Font-size=”x-small” Font-Bold=”False”>
  </asp:Label>
  <br />
  <br />
  <strong> Phone:</strong>
  <asp:Label ID=”lblPhone” runat=”server” Test=’<%#Eval(“Phone”)%>’ width=”111px” Font-size=”xx-small” Font-Bold=”False”>
  </asp:Label>
  <br />
  <br />
</ItemTemplate>
<AlternatingItemStyle BackColor=”PaleGoldenrod” />

The ItemTemplate in the source code comprises four times. It displays four textual labels namely Supplier ID, Company name, Contacts Name, and Phone. The ItemTemplate also has four corresponding Label controls namely lblSupplierID, lblCompanyName, lblContactName, and lblPhone respectively. These Label controls are bound to the columns SupplierID, CompanyName, ContactName, and Phone respectively of the NWSuppliers table.
Commands in SqlDataSource Control

The SqlDataSource control uses the SelectCommand property to retrieve the records from a database table. Similarly, SqlDataSource control is provided with DeleteCommand, UpdateCommand, and InsertCommand properties to delete, update and add a new record into a database table.

DeleteCommand Property
The DeleteCommand property is used to specify the DELETE statement to delete a record. DeleteCommand is available as an attribute of the SQLDataSource tag in source view. In the Design view, the DELETE statement is specified as a value of the property, DeleteQuery. Source code shows in bold how to set the DeleteCommand attribute of the SqlDataSource tag.
<asp:SqlDataSource ID=”sqldssuppliers” runat=”server” ConnectionString=”Data Source=10.2.1.51\SQLEXPRESS;Initial Catalog=Northwind;Integrated Security=”True” SelectCommand=”Select * from NWSuppliers ;”DeleteCommand=”delete from NWSuppliers where SupplierID=@SupplierID” >
    <DeleteParameters>
        <asp:Parameter Type=”Int32” Name=”SupplierID” />
    </DeleteParameters>
</asp:SqlDataSource>

The DeleteCommand in code contains a placeholder, @SupplierID, for SupplierID value. The details about this placeholder are specified by the <DeleteParameters> element. This data source control can now be used with a data-bound control such as a DataList control.

If the SqlDataControl is used with a GridView control, you can provide delete functionality by setting two properties. The DataSource property is set to sqldsSuppliers and the DataKeyNames property is set to SupplierID.

The steps to be followed in order to implement delete functionality in the DataList control, dlstSuppliers are listed below:

In the Properties window of the dlstSuppliers control, set the DatakeyField property to the primary key column of the database table, NWSuppliers. In this case, you set it to SupplierID. The DataKeyField attribute specifies the name of the primary key column, which is used to delete or update a record in the database table.

In the ItemTemplate of dlstSuppliers control, add a LinkButton Web Server control with the CommandName property set to delete and Text property set to Delete. This will render the DataList control with a Delete link to delete an item.

Add a DeleteCommand event handler to dlstSuppliers control a shown in code below,

protected void dlstSuppliers DeleteCommand(object source, DataListCommandEventArgs e) {
    int id = (int) dlstSuppliers.DataKeys[e.Item.ItemIndex];
    sqldsSuppliers.DeleteParameters[“SupplierID”].DefaultValue = id.ToString();
    sqldsSuppliers.Delete();
}

The DataKeys collection of dlstSuppliers contains all the keys values of the items listed in the control. Therefore, the SupplierID value of the item clicked is retrieved by indexing the Datakeys collection with the index of the item clicked. The ItemIndex property returns the index of the item clicked. The SupplierID value retrieved is then assigned to the delete parameter of the SqlDataSource control named sqldsSuppliers. Finally, the delete() method is invoked.

The SqlDataSource control is used to connect to databases such as Access, SQLServer, and Oracle. The SqlDataSource and XMLDataSource controls are associated with a data-bound control using the DataSourceID attribute. The SelectCommand attribute of the SqlDataSource tag is used to specify a SELECT statement while the DeleteCommand attribute is used to specify a DELETE statement. Parameters to DELETE statement in a DeleteCommand are described using the <DeleteParameters> element.

HostForLIFE.eu ASP.NET Core Hosting

European best, cheap and reliable ASP.NET hosting with instant activation. HostForLIFE.eu is #1 Recommended Windows and ASP.NET hosting in European Continent. With 99.99% Uptime Guaranteed of Relibility, Stability and Performace. HostForLIFE.eu security team is constantly monitoring the entire network for unusual behaviour. We deliver hosting solution including Shared hosting, Cloud hosting, Reseller hosting, Dedicated Servers, and IT as Service for companies of all size.

HttpClient class provides a base class for sending/receiving the HTTP requests/responses from a URL. It is a supported async feature of .NET framework. HttpClient is able to process multiple concurrent requests. It is a layer over HttpWebRequest and HttpWebResponse. All methods with HttpClient are asynchronous.

In this example, I have created a console application.

To call Web API methods from the console Application, the first step is to install the required packages, using NuGet Package Manager. The following package needs to be installed in the console Application.

Install-Package Microsoft.AspNet.WebApi.Client

Next step is to create HttpClient object. In the following code snippet, the main function calls private static method "CallWebAPIAsync" and this blocks until CallWebAPIAsync completes the process, using wait function.
static void Main(string[] args)
{
    CallWebAPIAsync()
        .Wait();
}
static asyncTaskCallWebAPIAsync()
{
    using(var client = newHttpClient())
    {
        //Send HTTP requests from here.
    }
}

Afterwards, we have set the base URL for the HTTP request and set the Accept header. In this example, I have set Accept header to "application/json" which tells the Server to send the data into JSON format.
using(var client = newHttpClient())
{
    client.BaseAddress = newUri("http://localhost:55587/");
    client.DefaultRequestHeaders.Accept.Clear();
    client.DefaultRequestHeaders.Accept.Add(newMediaTypeWithQualityHeaderValue("application/json"));
}

HTTP GET Request
Following code is used to send a GET request for department, as shown below:
using(var client = newHttpClient())
{
    client.BaseAddress = newUri("http://localhost:55587/");
    client.DefaultRequestHeaders.Accept.Clear();
    client.DefaultRequestHeaders.Accept.Add(newMediaTypeWithQualityHeaderValue("application/json"));
    //GET Method
    HttpResponseMessage response = awaitclient.GetAsync("api/Department/1");
    if (response.IsSuccessStatusCode)
    {
        Departmentdepartment = awaitresponse.Content.ReadAsAsync < Department > ();
        Console.WriteLine("Id:{0}\tName:{1}", department.DepartmentId, department.DepartmentName);
        Console.WriteLine("No of Employee in Department: {0}", department.Employees.Count);
    }
    else
    {
        Console.WriteLine("Internal server Error");
    }
}

In the code given above, I have used GetAsync method to send HTTP GET request asynchronously. When the execution of this method is finished, it returns HttpResponseMessage,  which contains HTTP response. If the response contains success code as response, it means the response body contains the data in the form of JSON. ReadAsAsync method is used to deserialize the JSON object.

HttpClient does not throw any error when HTTP response contains an error code, but it sets the IsSuccessStatusCode property to false. If we want to treat HTTP error codes as exceptions, we can use HttpResponseMessage.EnsureSuccessStatusCode method.

When we run the code, given above, it throws the exception "Internal Server error".

We have to configure the serializer to detect then handle self-referencing loops. The following code needs to be placed in Global.asax.cs in Web API:

GlobalConfiguration.Configuration.Formatters.JsonFormatter.SerializerSettings
.PreserveReferencesHandling =Newtonsoft.Json.PreserveReferencesHandling.All;

HTTP POST request
Following code is used to send a POST request for the department:
var department = newDepartment() { DepartmentName = "Test Department" };
HttpResponseMessage response = awaitclient.PostAsJsonAsync("api/Department", department);

if (response.IsSuccessStatusCode)
{
   // Get the URI of the created resource.
   UrireturnUrl = response.Headers.Location;
   Console.WriteLine(returnUrl);
}

In this code, PostAsJsonAsync method serializes the object into JSON format and sends this JSON object in POST request. HttpClient has a built-in method "PostAsXmlAsync" to send XML in POST request. Also, we can use "PostAsync" for any other formatter.

HTTP PUT Request
Following code is used to send a PUT request for the department:

//PUT Method
var department = newDepartment() { DepartmentId = 9, DepartmentName = "Updated Department" };
HttpResponseMessage response = awaitclient.PutAsJsonAsync("api/Department", department);
if (response.IsSuccessStatusCode)
{
   Console.WriteLine("Success");
}

Same as POST, HttpClient also supports all three methods: PutAsJsonAsync, PutAsXmlAsync and PutAsync.

HTTP DELETE Request
Following code is used to send a DELETE request for the department:
intdepartmentId = 9;
HttpResponseMessage response = awaitclient.DeleteAsync("api/Department/" + departmentId);
if (response.IsSuccessStatusCode)
{
   Console.WriteLine("Success");
}

HttpClient only supports DeleteAsync method because Delete method does not have a request body.

HostForLIFE.eu ASP.NET Core Hosting

European best, cheap and reliable ASP.NET hosting with instant activation. HostForLIFE.eu is #1 Recommended Windows and ASP.NET hosting in European Continent. With 99.99% Uptime Guaranteed of Relibility, Stability and Performace. HostForLIFE.eu security team is constantly monitoring the entire network for unusual behaviour. We deliver hosting solution including Shared hosting, Cloud hosting, Reseller hosting, Dedicated Servers, and IT as Service for companies of all size.

Add package by right clicking on the project. Click on manage nuget packages, browse package, search microsoft.entityframeworkcore.sqlserver , install it, search microsoft.entityframeworkcore.tool,microsoft.visualstudio.web.codegenerator.design , click ok and click accept on pop up.
 
This package will be added in packages. Add DataBaseContext.cs class in model inherit DbContext in the method class of DataBaseContext and use namespace. Microsoft.EntityFrameworkCore forDbContext Definition makes a constructor for connectivity with the database.
    public DataBaseContext(DbContextOptions<DataBaseContext> options) : base(options)  
    {  
    }  

In database context class add a class in the model for the table you want to make in the database. You can use a prop and double tab. For auto creating a property in class assign primary key here only on the property of class as an attribute with keyword [Key]. Use namespace System.ComponentModel.DataAnnotations for key attribute definition now link this table as DbSet type of property in DataBaseContext class LIKE this,
    public DbSet<Student> students { get; set; }   

Now use connection string in appsetting.json below "AllowedHosts": "*",
    "ConnectionStrings": {  
       "DatabaseConnection": "Data Source=DESKTOP-DCDA4OG\\SQLEXPRESS; Initial Catalog=CodeFirst; Integrated Security=True;"  
    }   

Now create a new database in SQL server rest of table will automatically be created by the project itself

add,
    string connection = Configuration.GetConnectionString("DataBaseConnection");  
    services.AddDbContext<DataBaseContext>(options => options.UseSqlServer(connection));  

in Configuresrevices in startup.cs use namespace microsoft.entityframeworkcore for usesqlserver connectivity keyword now add controller lets say with name usercontroller add model class add datacontext class click add you can auto create add update delete list by scaffolding now do migration,

select tools - > nugetpackage manager -> package manager console

write Add-Migration InitialCreate and enter

Write update-database enter

Now run controllers.

HostForLIFE.eu ASP.NET Core Hosting

European best, cheap and reliable ASP.NET hosting with instant activation. HostForLIFE.eu is #1 Recommended Windows and ASP.NET hosting in European Continent. With 99.99% Uptime Guaranteed of Relibility, Stability and Performace. HostForLIFE.eu security team is constantly monitoring the entire network for unusual behaviour. We deliver hosting solution including Shared hosting, Cloud hosting, Reseller hosting, Dedicated Servers, and IT as Service for companies of all size.

In this article, we build a secure REST API in ASP.NET Core using JWT Authentication. We begin with what essentially a JWT is and its structure.

Sections 1 - 4 of the article explain what a JWT token is, how to set it with .Net Core, Installing Required Packages, creating Application models, Migrations & Updating the Database

Sections 5 - 9  focus on generating Secure JWT tokens, making secure calls with and without the generated token, and registering users. Have used Postman for testing and firing Web requests to secure API.

1. JWT Structure
See the below JWT token. It is broken down and explained below as Header, Payload, Signature,
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1Njc3OCIsIm5hbWUiOiJSYWp1IEt1bWFyIiwiaWF0IjozNDU2Njd9.eJBP0IBy20JT9iwP6pHiKkFfHcbMPg_gVYKH-e5j0qk

Header
Provides details on the type of Token (JWT) and the algorithm used to sign the token, such as RSA, SHA256.  In the above example, it is,
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9

Payload
Contains user details also known as claims, this is the data to be secured. In the above example, it is,
eyJzdWIiOiI1Njc3OCIsIm5hbWUiOiJSYWp1IEt1bWFyIiwiaWF0IjozNDU2Njd9

Signature
Encryption between the header, payload, and a secret key. In the above example, it is,
eJBP0IBy20JT9iwP6pHiKkFfHcbMPg_gVYKH-e5j0qk

See this site JSON Web Tokens - jwt.io to decode this JWT token.

2. Let's start by Installing Required Packages
Create a new ASP.NET Core application using the API template and install the following packages. The target framework is 3.1 and above.
Install-Package Microsoft.AspNetCore.Authentication.JwtBearer
Install-Package Microsoft.AspNetCore.Identity.EntityFrameworkCore
Install-Package Microsoft.EntityFrameworkCore
Install-Package Microsoft.EntityFrameworkCore.Design
Install-Package Microsoft.EntityFrameworkCore.SqlServer
Install-Package Microsoft.EntityFrameworkCore.Tools
Install-Package Microsoft.VisualStudio.Web.CodeGeneration.Design
Install-Package System.IdentityModel.Tokens.Jwt

3(a). Configure JWT in code as shown
Add the following to appsettings.json,
"JWT": {
    "key": "C1CF4B7DC4C4175B6618DE4F55CA4",
    "Issuer": "MySecureRestApi",
    "Audience": "AsecureRestApiUser",
    "DurationInMinutes": 20
}

Create a corresponding class for the above settings, namely, Settings/JWT.cs which will be used to read data from our previously created JWT Section of appsettings.json using the IOptions feature of ASP.NET Core.
public class JWTSettings {
    public string Key {
        get;
        set;
    }
    public string Issuer {
        get;
        set;
    }
    public string Audience {
        get;
        set;
    }
    public double DurationInMinutes {
        get;
        set;
    }
}

Then, add the following classes to your project:
    DbContext - Add connection string in appsettings.json
    ApplicationUser which derives from IdentityUser

3(b). Configure JWT in code as shown
To configure the authentication, add code to ConfigureServices method as shown below-
public void ConfigureServices(IServiceCollection services) {
    Line 1 //The JWT Configuration from AppSettings
    services.Configure < JWTSettings > (_configuration.GetSection("JWT"));
    //The User Manager Service
    services.AddIdentity < ApplicationUser, IdentityRole > ().AddEntityFrameworkStores < ApplicationDbContext > ();
    services.AddScoped < IUserService, UserService > ();
    //Adding DB Context with MSSQL
    services.AddDbContext < ApplicationDbContext > (options => options.UseSqlServer(_configuration.GetConnectionString("DefaultConnection"), b => b.MigrationsAssembly(typeof(ApplicationDbContext).Assembly.FullName)));
    //The JWT Athentication
    services.AddAuthentication(options => {
        options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
    }).AddJwtBearer(oa => {
        oa.RequireHttpsMetadata = false;
        oa.SaveToken = false;
        oa.TokenValidationParameters = new TokenValidationParameters {
            ValidateIssuerSigningKey = true,
                ValidateIssuer = true,
                ValidateAudience = true,
                ValidateLifetime = true,
                ClockSkew = TimeSpan.Zero,
                ValidIssuer = _configuration["JWT:Issuer"],
                ValidAudience = _configuration["JWT:Audience"],
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Key"]))
        };
    });
    services.AddControllers();
}

4. For DB Migration
Add a Connection String in APP Settings.json. For creating the database, using Code First Approach of Entity Framework Core.

Before executing the application, please run the following commands on the Package Manager Console to apply migrations.

add-migration "migrationDB"
update-database

Following the set of ASPNET users and roles tables are created post a successful migration, see below

5. Registering a User
Create a Models/RegisterModel.cs with the following properties. The user has to post data with this object to register.
public class RegisterModel {
    [Required]
    public string FirstName {
        get;
        set;
    }
    [Required]
    public string LastName {
        get;
        set;
    }
    [Required]
    public string Username {
        get;
        set;
    }
    [Required]
    public string Email {
        get;
        set;
    }
    [Required]
    public string Password {
        get;
        set;
    }
}

In IUserService.cs, add the following 2 function definitions to Register users accepting a Register Model.
Task<string> RegisterAsync(RegisterModel model);
Task<AuthenticationModel> GetTokenAsync(TokenRequestModel model);

Go to Concrete class, UserService to implement the Register Function.
public async Task < string > RegisterAsync(RegisterModel model) {
    var user = new ApplicationUser {
        UserName = model.Username,
            Email = model.Email,
            FirstName = model.FirstName,
            LastName = model.LastName
    };
    var userWithSameEmail = await _userManager.FindByEmailAsync(model.Email);
    if (userWithSameEmail == null) {
        var result = await _userManager.CreateAsync(user, model.Password);
        if (result.Succeeded) {
            return $ "Success: User Registered with username {user.UserName}";
        } else {
            string descr = "";
            if (result.Errors.Any()) {
                foreach(var item in result.Errors) {
                    descr += item.Description;
                }
            }
            return $ "Error(s), registering user : {descr}";
        }
    } else {
        return $ "Error(s), Email {user.Email } is already registered.";
    }
}

In the above code snippet, we accept the RegisterModel object, perform validations and create the user in DB, else return the appropriate error message.

From the controller, the call will go as below,
[HttpPost("CreateUser")]
public async Task < ActionResult > RegisterAsync(RegisterModel model) {
    var result = await _userService.RegisterAsync(model);
    return Ok(result);
}

6. Test with Postman
Open up Postman and define a raw JSON object that is to be posted to <localhost>/api/user/CreateUser. Check the following screenshot, on success, we get a confirmed user-created message.

7. Generate JWT Token
Let’s try to fetch the JWT Token. We will build a Token Generation function that accepts a TokenRequestModel (email, password), validates them, and builds a token for us.

Following are model classes for token Models/TokenRequestModel.cs and Models/AuthenticationModel.cs,
public class TokenRequestModel {
    [Required]
    public string Email {
        get;
        set;
    }
    [Required]
    public string Password {
        get;
        set;
    }
}

Another class, AuthenticationModel.cs which is basically the response from the API endpoint. This endpoint will return a status message, user details, and finally our token.
public class AuthenticationModel {
    public string Message {
        get;
        set;
    }
    public bool IsAuthenticated {
        get;
        set;
    }
    public string UserName {
        get;
        set;
    }
    public string Email {
        get;
        set;
    }
    public string Token {
        get;
        set;
    }
}

Check below implementation in the concrete class of UserService for the token generation,
public async Task < AuthenticationModel > GetTokenAsync(TokenRequestModel model) {
    var authenticationModel = new AuthenticationModel();
    var user = await _userManager.FindByEmailAsync(model.Email);
    if (user == null) {
        authenticationModel.IsAuthenticated = false;
        authenticationModel.Message = $ "No Accounts Registered with {model.Email}.";
        return authenticationModel;
    }
    if (await _userManager.CheckPasswordAsync(user, model.Password)) {
        authenticationModel.IsAuthenticated = true;
        JwtSecurityToken jwtSecurityToken = await CreateJwtToken(user);
        authenticationModel.Token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
        authenticationModel.Email = user.Email;
        authenticationModel.UserName = user.UserName;
        return authenticationModel;
    }
    authenticationModel.IsAuthenticated = false;
    authenticationModel.Message = $ "Incorrect Credentials for user {user.Email}.";
    return authenticationModel;
}
private async Task < JwtSecurityToken > CreateJwtToken(ApplicationUser user) {
    var userClaims = await _userManager.GetClaimsAsync(user);
    var roles = await _userManager.GetRolesAsync(user);
    var roleClaims = new List < Claim > ();
    for (int i = 0; i < roles.Count; i++) {
        roleClaims.Add(new Claim("roles", roles[i]));
    }
    var claims = new [] {
        new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
            new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
            new Claim(JwtRegisteredClaimNames.Email, user.Email),
            new Claim("uid", user.Id)
    }.Union(userClaims).Union(roleClaims);
    var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwt.Key));
    var signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256);
    var jwtSecurityToken = new JwtSecurityToken(issuer: _jwt.Issuer, audience: _jwt.Audience, claims: claims, expires: DateTime.UtcNow.AddMinutes(_jwt.DurationInMinutes), signingCredentials: signingCredentials);
    return jwtSecurityToken;
}

Following are the activities in the above code function,

Line #4 to #11 check the validity of provided email and password and return a message if not.

Line #14 Calls the CreateJWTToken function. This function builds the JWT. It gets all the claims of the user ( user details ) as well as roles if any.

Finally, Line #51 to #57 creates a new JWT Security Token and returns them.

Now, wire this function to Controllers/UserController.cs

[HttpPost("GenerateToken")]
public async Task < IActionResult > GetTokenAsync(TokenRequestModel model) {
    var result = await _userService.GetTokenAsync(model);
    if (string.IsNullOrEmpty(result.Token)) return NotFound(" " + result.Message);
    return Ok(result.Token);
}

Next, post a valid email and password request to ../api/user/GenerateToken. See below Postman screenshot for the successful response of JWT token and AuthenticationModel object containing user details. The validity of this token is 20 minutes (as an expiration time is set to 20 minutes in app.json).

On Posting an invalid password for the same user, PostMan returns the following message: "Incorrect Credentials for user: [email protected]".

8. Access Database information securely, i.e. using the generated token.
I have earlier created few cities in my Database which I shall access using this bearer token. For this, I need to decorate the Get City endpoint with the [Authorize] keyword in the Controller class. Refer below codebase,
[Authorize]
[HttpGet]
[Route("AllCities")]
public IActionResult GetAllCities(string Email) {
    if (appdbcontext.CountryInfos == null || !appdbcontext.CountryInfos.Any()) return Ok("No Country-Cities created as yet.");
    var res = appdbcontext.CountryInfos.Where(aa => aa.Email == Email).
    Select(xx => new {
        City = xx.City,
            Email = xx.Email,
            Isfavourite = xx.Isfavourite
    });
    if (res.Count() < 1) {
        return NotFound("No records against this UserEmail" + Email);
    } else return Ok(res);
}

Now copy the bearer token in the previous snippet and fire this GET Request, ..api/user/allcities?email in POSTMAN to return cities. For a successful response, refer to the screen below,

In this article, you will learn how to integrate Mailjet Markup Language (MJML) in your ASP .Net Core Web API through the NuGet package. MJML sums up everything Mailjet has learned about HTML email creation over the past few years and includes a whole layer of complexity related to responsive email creation.

Make your speed and productivity enhanced with MJML semantic syntax. Say get rid of the endless HTML table or email client email. Creating a responsive email is much easier with tags like <mj-section>, <mj-image>, <mj-text> and <mj-column>. MJML is designed with responsiveness in mind. The abstraction it offers ensures you stay up-to-date with industry practice and responsiveness.

The only thing we do in our API is to add the NuGet package of MJML. Then we will write the MJML syntax for our email template and then we will call the “Render” method of the MJML Service which returns the HTML. We will simply pass it to our email body and it will be rendered in our email.

Let’s see how to do it in simple steps.
Steps

First of all open visual studio and click on create a new project.

Select ASP .NET Core Web API and click Next.

Enter the project name and click Next.

Select target framework as 3.1 and click on Create.

It will take few seconds and your project will be created. There will be a few folders and files in the project already. Right-click on the Controller folder and add a new empty MVC Controller.

Name the controller as “EmailController”. After creating the EmailController right-click on your project and click on manage NuGet packages. Write MJML in the browse tab and install the latest stable version of Mjml.AspNetCore package.

After installing the package add the namespace of “using Mjml.AspNetCore” in EmailController. You can use dependency injection which will make it much easier to use Mjml Services. For this purpose, write the below code in your “ConfigureServices” method in the startup.cs class and also add namespace “using Mjml.AspNetCore”.
services.AddMjmlServices(o => {
    o.DefaultKeepComments = true;
    o.DefaultBeautify = true;
});

We have successfully created the Mjml service now it’s time to inject it into our controller. Inject “MjmlServices” through the constructor and create a HttpGet method by the name “Send” which returns Ok in case of successful email send. After that write the Mjml syntax for your email template and call the “Render” method of the Mjml service. It will return HTML in response. Simply pass that HTML as your email body. Below is the complete code of the EmailController.
using Microsoft.AspNetCore.Mvc;
using Mjml.AspNetCore;
using System;
using System.Net;
using System.Net.Mail;
using System.Threading.Tasks;
namespace MJMLTestAPI.Controllers {
    [ApiController]
    [Route("[controller]")]
    public class EmailController: ControllerBase {
        public readonly IMjmlServices _mjmlServices;
        public EmailController(IMjmlServices _mjml) => (_mjmlServices) = (_mjml);
        [HttpGet]
        public IActionResult Send() {
            SendEmail();
            return Ok();
        }
        public async Task SendEmail() {
            var prehtml = "<mjml><mj-body><mj-container><mj-section><mj-column><mj-text>Hello World!</mj-text></mj-column></mj-section></mj-container></mj-body></mjml>";
            var result = await _mjmlServices.Render(prehtml);
            SendEmail(result.Html);
        }
        public void SendEmail(string emailBody) {
            try {
                SmtpClient objsmtp = new SmtpClient(EmailServer, Port);
                objsmtp.UseDefaultCredentials = false;
                objsmtp.Credentials = new NetworkCredential(UserName, Password);
                objsmtp.DeliveryMethod = SmtpDeliveryMethod.Network;
                MailMessage msg = new MailMessage(EmailFrom, EmailTo, "MJML Test", emailBody);
                msg.IsBodyHtml = true;
                objsmtp.Timeout = 50000;
                objsmtp.Send(msg);
            } catch (Exception ex) {}
        }
    }
}

Note that the variables (EmailServer, Port, UserName, Password, EmailFrom, EmailTo) in the above SendEmail method will be the settings of your SMTP email server. “prehtml” will be the MJML syntax by which you designed your email template. I used a sample syntax here. You can see sample email templates and their MJML code by visiting this link.

Now, just run your project and replace the weatherforecast in the URL with Email, and press enter button. The email will be sent to your desired email address with the generated email template in the email body.

A cache is a temporary storage used to store the results of frequently accessed data so that subsequent requests load faster. Most applications use the database as the main storage. Every time you load user data, one or more database calls are executed to get the particular data, which can hamper the performance.

Advantages
    One of the key benefits of having a separate cache is the ability to scale the cache system independently.
    The use of cache reduces latency for active data. This results in higher performance for a system or application.
    It reduces the overhead from server resources.
    It increases reliability

Disadvantage
Caching is not recommended for the system that performs more write operation than the read operation because every time to perform a write operation, you also have to update the cache.
Recommendations

Consistency
Keep the main data source and cache in sync, usually, inconsistency occurs when the write operation on the main data storage and the write/update on cache is not in a single transaction.

Eviction Policy
If you keep adding the items in the cache, there would be a time when you face a memory out-of-bounds exception so it’s recommended to clear the unwanted keys/items on the basis of eviction policies. There are multiple policies available to remove the keys from the cache, the most used is the Least-recently-used (LRU), which allows you to quickly identify which item hasn’t been used for the longest amount of time and removes it. Other eviction policies are Least Frequently Used (LFU), First in First Out (FIFO).

Single Point of Failure(SPOF)
Single point of failure refers to a part of the system which in the case failed will hamper the whole system and can entirely stop the system. To avoid this, deploy multiple cache systems across the different data centers/locations.

Expiration
It’s a good practice to have an expiration policy against every item. If you don’t provide it, the cached data will remain in the memory permanently or until the system restarts. There are different ways you can have an expiration policy. One of them is Absolute Time. In this, we provide the expiry time against every time and it will expire in that given time. Suppose you have set 5 mins absolute expiry time for item1. As soon as the 5 mins are over for item1. The system will remove the item1 from the cache and calls the eviction call back function. The other option is the Sliding Time, it will ensure that if the item is accessed within the specified time interval, the cache time span will be extended by the same interval value.

The above diagram is high level, we have used a load balancer to distribute the load among different web servers. All the write operations are redirected to the Master DB (SQL Server, NoSql, etc) and all the read operations are handled by the cache.

Today we will learn some basic settings/configurations to be made before we actually start development in the .net core web application (3.0). Let's get started.

Refreshing MVC Views
By default .Net Core web application does not allow changes made in the MVC view to appear directly on the browser when we refresh the page. To make changes appear on the browser we need to perform few steps as below.

Add/Install Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation into your project/application with the help of NuGet Package Manager as below,

Basic settingsconfiguration of .Net Core Web Application

By clicking the above option, the NuGet package manager will appear then click on the Browse option and search for Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation as below,

Once the search is done, please click on this option, and on the right side of the panel select your project and before you click on the install button please choose the appropriate version and then click on the install button.

Note
For .Net Core Version 3.0 please choose 3.1.17 version.

By clicking the install button, it will install/add "Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" into your application/project, you can see the progress in the output pane of the Visual Studio as below. When the install button is clicked it will prompt the library to be installed into your project. Click on OK and then accept License Acceptance.

Basic settingsconfiguration of .Net Core Web Application

Once the above process is done please add the below line into your startup.cs file as below,

public void ConfigureServices(IServiceCollection services)
{
    services.AddControllersWithViews().AddRazorRuntimeCompilation();
}

As per the below screen.

Please run and check the application to see the real-time changes of views to appear on the browser on refresh.

MVC Views folder when Publish
By default .Net Core web application does not append/add Views folder when publishing the application. To have that folder when publish we need to perform the below steps.

Right-click on root project and click on Edit Project File as below.

Once click that option below screen will have appeared.

Add the below settings to the Property Group node as below,

<MvcRazorCompileOnPublish>false</MvcRazorCompileOnPublish>
<CopyRazorGenerateFilesToPublishDirectory>true</CopyRazorGenerateFilesToPublishDirectory>

Once done it will add the Views folder when publishing the application.

The next major release is .NET 6. It has support for MAUI, Improved SPA templates, Blazor Enhancements, Lightweight API development, and much more. In this tutorial, we are going to cover how .NET 6 will allow us to develop lightweight APIs.

The good thing about this lightweight API is that no additional template and no extra effort are required. You can start from an empty web project and be up and running without any extra configuration. So, let’s get started with development.

Software and Packages Required

1. Visual Studio Code
2. .NET 6 SDK Preview 4

What we are building,

Solution Setup

Check .NET version

D:\LightweightDotnetAPI>dotnet --version

6.0.100-preview.4.21255.9

dotnet new sln #create new solution
dotnet new web -o Api #create API Project
dotnet sln add Api/Api.csproj #Add Project in Solution
dotnet add package Microsoft.AspNetCore.Mvc.NewtonsoftJson --version 5.0.7

The result project structure will look like this,

Code Walkthrough

Now, our Program.cs will be like the below file.

Program.cs

using System;
using Microsoft.AspNetCore.Builder;
using Microsoft.Extensions.Hosting;
using Microsoft.AspNetCore.Http;
using Newtonsoft.Json;
using System.IO;
using System.Text;
var builder = WebApplication.CreateBuilder(args);
await using
var app = builder.Build();
if (app.Environment.IsDevelopment()) {
    app.UseDeveloperExceptionPage();
}
app.MapGet("/", (Func < string > )(() => "Hello World!"));
app.MapPost("/", (Func < PostBody, string > )((body) => {
    string text = JsonConvert.SerializeObject(body);
    return text;
}));
app.MapDelete("/{id}", (Func < int, string > )((id) => "Delete Request for " + id));
await app.RunAsync();
public class PostBody {
    public string Data {
        get;
        set;
    }
}

That’s it, we have built an API that can accept GET, POST, and DELETE with very few lines of code. You can see in the above code that all the things have been done in one file and with minimal effort. With less overhead, we get more performance. Microservices can be built using this simple structure. It is very simple and easy to understand. 

We have built a lightweight API in .NET 6 (currently in Preview). We have covered the new Routing APIs that use Map Overloads in .NET 6 starting from Preview 4. We built API using GET, POST, and DELETE verbs in the Program.cs file. The lines of code were minimal. With minimum lines of code, we have better performance. So far we have covered,

1. Setting up the project in .NET CLI
2. Creating lightweight API in Program.cs
3. Advantages

As we all know, security is particularly important for all applications especially APIs as these expose our business logic to be consumed by various clients over the web. We created the .NET API server and then used Postman to call the .NET API endpoints. We attached the certificate to our request in Postman. In today’s article, we will see how to create a .NET client application which makes the call to the same .NET API server endpoint by using a certificate.

Creating the Client Application
To our existing solution, add a new C# console application project as below,

You will see the solution as below,

Add the below code to the “Program.cs” file,
using System;
using System.Net.Http;
using System.Security.Cryptography.X509Certificates;
var certificate = new X509Certificate2(@ "C:\CloudItems\Learning\CSharpCorner\Article 62\clientcert.pfx", "Client123");
var handler = new HttpClientHandler();
handler.ClientCertificates.Add(certificate);
using(var httpClient = new HttpClient(handler)) {
    using(var response = await httpClient.PostAsync("https://localhost:5001/api/Test", null)) {
        var returnValue = await response.Content.ReadAsStringAsync();
        Console.WriteLine(returnValue);
    }
}
Console.ReadLine();

Here, we see that we provide the client certificate and password to the client who then attaches it to the request. The server then validates the certificate and if all looks good, the request is processed. We run the server application and then the client application and make the request as below. Please note that I ran the server app from Visual Studio and the client application from the command line.

In this article, we looked at how to attach the client certificate we generated in the previous article and make an API call to the server using a .NET 5 client. Happy coding!