DEV Community

mesCode
mesCode

Posted on

ASP.NET Core mesCode

In this backend development guide, we are setting up a secure RESTful API endpoint using ASP.NET Core Web API.

1. Database Configuration (appsettings.json)

First, configure your SQL Server connection details inside the application environment variables. You can either use Windows Integrated Security or standard SQL Server Authentication.

Option A: Integrated Security (Windows Auth)

"AllowedHosts": "*",
"ConnectionStrings": {
"DefaultConnection": "Server=nameofserver;Database=nameofDB;Integrated Security=True;MultipleActiveResultSets=True;TrustServerCertificate=True;"
}
}

Option B: SQL Server Authentication

"AllowedHosts": "*",
"ConnectionStrings": {
"DefaultConnection": "Server=nameofserver;Database=nameofDB;User Id=your_username;Password=your_password;MultipleActiveResultSets=True;TrustServerCertificate=True;"
}
}

  1. Defining the Service Contract (IService.cs) To maintain loose coupling, we define an asynchronous interface containing standard CRUD contracts for our data mutations.

Task<IEnumerable<Student>> GetAllStudentsAsync();
Task<Student> GetStudentByIDAsync(int id);
Task<int> AddStudentAsync(Student student);
Task<int> UpdateStudentAsync(Student student);
Task<int> DeleteStudentAsync(int id);

  1. Core Architecture: Async Stored Procedure Execution (StudentService.cs) Here is the underlying service layer that handles optimal stream reading with native asynchronous ADO.NET extensions.

` public class StudentService(IConfiguration config) : IStudentService
{
private string connectionString = config.GetConnectionString("DefaultConnection")!;

 public async Task<IEnumerable<Student>> GetAllStudentsAsync()
 {
     try
     {
         var students = new List<Student>();
         using var connection = new SqlConnection(connectionString);
         using var command = new SqlCommand("[GetAllStudent]", connection)
         {
             CommandType = System.Data.CommandType.StoredProcedure,
         };
         await connection.OpenAsync();
         using var reader = await command.ExecuteReaderAsync();
         while (reader.Read())
         {
             Student student = new Student();
             {
                 student.StudentID = reader.GetInt32(reader.GetOrdinal("StudentID"));
                 student.StudentName = reader.GetString(reader.GetOrdinal("StudentName"));
                 student.Email = reader.GetString(reader.GetOrdinal("Email"));
                 student.Phone = reader.GetString(reader.GetOrdinal("Phone"));
                 student.Gender = reader.GetString(reader.GetOrdinal("Gender"));
                 student.Address = reader.GetString(reader.GetOrdinal("Address"));
                 student.Rank = reader.GetDecimal(reader.GetOrdinal("Rank"));
                 student.DOB = reader.GetDateTime(reader.GetOrdinal("DOB"));
                 student.CourseID = reader.GetInt32(reader.GetOrdinal("CourseID"));
                 student.CourseName = reader.GetString(reader.GetOrdinal("CourseName"));

             }
             ;
             students.Add(student);
         }
         return students;
     }
     catch (Exception ex)
     { 
         throw new Exception($"error retrirving Student: {ex.Message}", ex);
     }

 }
 public async Task<Student> GetStudentByIDAsync(int id)
 {
     try
     {

         using var connection = new SqlConnection(connectionString);
         using var command = new SqlCommand("[GetstudentbyID]", connection)
         {
             CommandType = System.Data.CommandType.StoredProcedure
         };
         command.Parameters.AddWithValue("@StudentID", id);
         await connection.OpenAsync();
         using var reader = await command.ExecuteReaderAsync();
         Student std = new Student();
         while (await reader.ReadAsync())
         {
             Student student = new Student();
             {
                 student.StudentID = reader.GetInt32(reader.GetOrdinal("StudentID"));
                 student.StudentName = reader.GetString(reader.GetOrdinal("StudentName"));
                 student.Email = reader.GetString(reader.GetOrdinal("Email"));
                 student.Phone = reader.GetString(reader.GetOrdinal("Phone"));
                 student.Gender = reader.GetString(reader.GetOrdinal("Gender"));
                 student.Address = reader.GetString(reader.GetOrdinal("Address"));
                 student.Rank = reader.GetDecimal(reader.GetOrdinal("Rank"));
                 student.DOB = reader.GetDateTime(reader.GetOrdinal("DOB"));
                 student.CourseID = reader.GetInt32(reader.GetOrdinal("CourseID"));
                 student.CourseName = reader.GetString(reader.GetOrdinal("CourseName"));
             }
             ;
             std = student;
         }
         return std;
     }
     catch (Exception ex)
     {
         throw new Exception($"Error Get student: {ex.Message}", ex);
     }
 }

 public async Task<int> AddStudentAsync(Student student)
 {
     try
     {
         using var connection = new SqlConnection(connectionString);
         using var command = new SqlCommand("[SaveStudent]", connection)
         {
             CommandType = System.Data.CommandType.StoredProcedure
         };

         command.Parameters.AddWithValue("@StudentID", student.StudentID);
         command.Parameters.AddWithValue("@StudentName", student.StudentName);
         command.Parameters.AddWithValue("@Email", student.Email);
         command.Parameters.AddWithValue("@Phone", student.Phone);
         command.Parameters.AddWithValue("@Gender", student.Gender);
         command.Parameters.AddWithValue("@Address", student.Address);
         command.Parameters.AddWithValue("@Rank", student.Rank);
         command.Parameters.AddWithValue("@DOB", student.DOB);
         command.Parameters.AddWithValue("@CourseID", student.CourseID);
         await connection.OpenAsync();
         var result = await command.ExecuteNonQueryAsync();
         return result;

     }
     catch (Exception ex)
     {
         throw new Exception($"Erro Add Student: {ex.Message}", ex);
     }

 }`
Enter fullscreen mode Exit fullscreen mode
  1. RESTful API Presentation Layer (Controller.cs) Expose the endpoints using attributes routing so that front-end modern frameworks can interact safely via HTTP request methods.

` public class StudentController(IStudentService _studentService) : ControllerBase
{
[HttpGet("student")]
public async Task GetAllStudents()
{
try
{
var students = await _studentService.GetAllStudentsAsync();
return Ok(students);

     }
     catch (Exception ex)
     {
         return BadRequest(ex.Message);
     }

 }

 [HttpGet("{id:int}")]
 public async Task<IActionResult> GetStudentbyID(int id)
 {
     var student = await _studentService.GetStudentByIDAsync(id);
     if (student == null)
     {
         return NotFound($"Student With Id {id} not found");
     }
     return Ok(student);
 }

 [HttpPost]
 public async Task<IActionResult> AddStudent([FromBody] Student student)
 {
     var result = await _studentService.AddStudentAsync(student);
     return Ok(result);

 }
 [HttpPut("{id}")]
 public async Task<IActionResult> UpdateStudent(int id, [FromBody] Student student)
 {
     var result = await _studentService.UpdateStudentAsync(student);
     return NoContent();
 }

 [HttpDelete("{id:int}")]

 public async Task <IActionResult> DeleteStudent(int id)
 {
     var result = await _studentService.DeleteStudentAsync(id);
     return NoContent();
 }`
Enter fullscreen mode Exit fullscreen mode
  1. Dependency Injection & Service Registration (Program.cs) Register the custom domain services and open global Cross-Origin Resource Sharing (CORS) rules to enable decoupling integrations.

// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
_builder.Services.AddScoped<IStudentService,StudentService>();_

`// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}

app.UseCors(builder =>
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader());

`

Top comments (0)