.net Core Prod Ready Microservice API

I wrote yet another asp.net core web API boiler plate code considering the best practices in mind to achieve optimal performance.

Some of the middleware or services used within the code may initially seem unnecessary but will prove useful when moving forward to production ready API state.

Disclaimer: Repository and data is about English Monarchs (preparing for life in the UK test now a days, so English Monarchy is on top of my head all the time)

Github link

Below is brief overview of structure of project:

Services:

  1. JSON web token (JWT)

To do the authorisation based on tokens, clients can generate tokens, some operations are admin based so for that has to create admin based token. It includes TokenGenerator, which shouldn’t be part of it but for ease i included.

For ease of testing, i kept GetAll method anonymously accessible

  1. Allowed Cross Region Resource sharing

To allow different origin requests

  1. Redis Distribution cache + E-Tags caching mechanism

download redis from herehttps://redis.io/download

Redis is in-memory database used for caching, super fast and reliable. I implemented that only for demo purpose.

  1. Add versioning

For having different versions of services, its necessary to know best practices

  1. Added Swagger support

For me its WSDL for REST full services

  1. Repository (json based database file)

some English monarchs tenures data (preparing for life in the uk test now a days, so monarchy is on top of my head all the time)

 

Middleware:

  1. Error handling middleware

Handle exception handling by logging problems only

  1. Response Compression

Preferably use Hosting server based compression like IIS, Apache, Nginx but useful if Hosting on Kestrel or HTTP.sys server

  1. Limiting Middleware

To restrict number of request to avoid basic level of DOS attacks and crawlers

  1. UseCookiePolicy

for EU GDPR regulations

  1. Health checks

asp.net core offers built in health checks libraries

  1. Seri Logger File Rolling

.net core comes with built in logger but thats very limited, I used SeriLog library as its faster than others like NLog and Log4net and provides structured logs. logging is backbone of any production based APIs so has to be very careful with that what you choose.

Best Practices

1. Used service extension methods to enhance readability of code 
   specially in Startup.cs
2. Used DI/IOC to register DAL based classes as service and utilized
   .net core IOC feature, so does ILogger and others
3. Async actions optimized to use max processor threads
4. Middleware to handle request of ErrorHandling, ETag, Limiting requests 
5. Extension methods for versioning, swagger and JWT authentication
6. Redis-ETag cache helper 
7. ApiConventionType .net core 2.2 feature which analyzes controller 
   for differnt status code and help swagger like tool to generate
8. Global error handling
9. Attribute based Routing
10. Ilogger /Serilog
11. Using JWT to add authentication tokens to avoid unauthorized requests

TL;DR

Picture speaks a thousand words , i know i know its local host but still guys, its on my 5 year old laptop

Github link

 

What next

I will add more stuff in it like using some enterprise service bus, docker deployments, CQRS, Event sourcing and etc so subscribe for more 🙂

Muhammad Adnan

Author Since: July 3, 2019

Leave a Reply

Your email address will not be published. Required fields are marked *

Rating*