.net Core Prod Ready Micro service API

I wrote yet another asp.net core web API boiler plate code considering the best practices in mind to achieve optimal performance.

Some of the middle ware or services used within the code may initially seem unnecessary but will prove useful when moving forward to production ready API state.

Disclaimer: Repository and data is about English Monarchs (preparing for life in the UK test now a days, so English Monarchy is on top of my head all the time)

Below is brief overview of structure of project:

Services:
JSON web token (JWT)

To do the authorization based on tokens, clients can generate tokens, some operations are admin based so for that has to create admin based token. It includes Token Generator, which shouldn’t be part of it but for ease i included.

For ease of testing, i kept GetAll method anonymously accessible

Allowed Cross Region Resource sharing

To allow different origin requests

Redis Distribution cache + E-Tags caching mechanism

download redis from here
https://redis.io/download

Redis is in-memory database used for caching, super fast and reliable. I implemented that only for demo purpose.

Add versioning

For having different versions of services, its necessary to know best practices

Added Swagger support

For me its WSDL for REST full services

Repository (json based database file)

some English monarchs tenures data (preparing for life in the uk test now a days, so monarchy is on top of my head all the time)

Middleware:
  1. Error handling middle ware

Handle exception handling by logging problems only

  1. Response Compression

Preferably use Hosting server based compression like IIS, Apache, Nginx but useful if Hosting on Kestrel or HTTP.sys server

  1. Limiting Middleware

To restrict number of request to avoid basic level of DOS attacks and crawlers

  1. UseCookiePolicy

for EU GDPR regulations

  1. Health checks

asp.net core offers built in health checks libraries

  1. Seri Logger File Rolling

.net core comes with built in logger but thats very limited, I used SeriLog library as its faster than others like NLog and Log4net and provides structured logs. logging is backbone of any production based APIs so has to be very careful with that what you choose.

Best Practices
  • Used service extension methods to enhance readability of code
    specially in Startup.cs
  • Used DI/IOC to register DAL based classes as service and utilized
    .net core IOC feature, so does I Logger and others
  • Async actions optimized to use max processor threads
  • Middle ware to handle request of Error Handling, E Tag, Limiting requests
  • Extension methods for versioning, swagger and JWT authentication
  • Redis-E Tag cache helper
  • ApiConventionType .net core 2.2 feature which analyzes controller
    for different status code and help swagger like tool to generate
  • Global error handling
  • Attribute based Routing
  • Ilogger /Serilog
  • Using JWT to add authentication tokens to avoid unauthorized requests

We use cookies to give you the best online experience. Please let us know if you agree to all of these cookies.

Accept

Back to top