|
I could stand up a .Net Core API using a new DAL with EF and slowly port things over.
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
Instead of doing all that, just roll your own DAL and do either sql queries or stored procs to get/put data. You have much more control in a smaller package without having to understand or deal with how Microsoft thinks the world of database access should work.
Generally speaking all ORM tools are garbage.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
I'm working on an ASP.Net Web API.
I found this article. It seems pretty straightforward, but it's a few years old. Is this still the way to secure a Web API? If not, can someone point me in the right direction?
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
You could set up a table in your database that contains authorization data (like an GUID that serves as an api key, and even further, api method name(s) that can be used by the key.
You'd have to manually maintain the table unless you took the time to write a tool to assist you.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Thanks!
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
i have add elements to navbar app.blade view after login
Link 1 link 2 link 3 --------------------User<>
|
|
|
|
|
I'm trying to set up a Web API and connect to it from a Xamarin Forms app. The API works, but the Xamarin Forms app wants the Web API to HTTPS.
So, I created a Self-Signed cert in IIS and installed my Web API using HTTPS and that cert.
When I click Browse in IIS, I get
There is a problem with this website’s security certificate.
The security certificate presented by this website was issued for a different website's address.
I click Continue and everything seems fine, and I can hit the API with Postman.
But when I try to hit it from my Xamarin Forms app, I get
Javax.Net.Ssl.SSLHandshakeException:
'java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.'
I'm out of my league here. I really know nothing about certs and setting up HTTPS. Can someone help a blind man?
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
When your API is published, you should use a valid SSL certificate. Assuming it's public, you should be able to get a free certificate from "Let's Encrypt".
For development purposes, you should be able to extract the public key of your self-signed certificate, and use the ServicePointManager.ServerCertificateValidationCallback to compare the public key of the certificate to the public key you extracted.
ServicePointManager.ServerCertificateValidationCallback Property (System.Net) | Microsoft Docs[^]
Apparently, there are also options to enable calling HTTP services - again, you'd only want to do this in the debug build:
Certificate Pinning in Android Application with Xamarin[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Richard Deeming wrote: ...."Let's Encrypt".
I'm just now getting back to this...
On that page you linked I read both the "With Shell Access" and the "Without Shell Access" sections and I'm thoroughly confused.
I created a .Net ASP.Net Web API and hosted it in IIS on my client's server. I'm not sure which of these two options I need.
The bottom line here is that I'm completely clueless about certifications and how to enable things in my Xamarin Forms app. I don't even know where to start learning. I've been Googling but the results are all over the board.
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
modified 20-Sep-21 15:38pm.
|
|
|
|
|
I can't find any reference to "shell" on either of the links I posted.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Richard Deeming wrote: I can't find any reference to "shell" on either of the links I posted.
I don't understand
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
|
I'm sorry. My mistake. I Googled "Let's Encrypt" and got this page.
I'm up to my neck in Google results, and I inadvertently referenced the wrong page.
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
|
Thanks I'll give it a try
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
Wow. Hello, My name is Michael. Just call me Mike.
|
|
|
|
|
I'm working on setting up a .Net Framework Web API. I have created a Controller Base class:
public class _ApiControllerBase : ApiController
{
private string connectionString;
public IBizLayer BL { get; set; }
public _ApiControllerBase()
{
connectionString = Properties.Settings.Default.ConnectionString;
BL = new BizLayer(connectionString);
}
}
Next I created a Jobs Controller:
public class JobsController : _ApiControllerBase
{
public int AddJob([FromBody] JobEntity entity)
{
var newJobId = BL.AddJob(entity);
return newJobId;
}
public void DeleteJob(int jobId)
{
BL.DeleteJob(jobId);
}
public IEnumerable GetAllJobs()
{
List results = new List();
results = BL.GetJobsForProject(278).ToList();
return results;
}
public JobEntity GetJob(int Job)
{
return BL.GetJob(Job);
}
public List GetJobsForProject(int projectId)
{
List results = new List();
results = BL.GetJobsForProject(projectId).ToList();
return results;
}
public void UpdateJob([FromBody] JobEntity entity)
{
BL.UpdateJob(entity);
}
}
and my WebApiConfig:
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{action}/{id}",
defaults: new { id = RouteParameter.Optional }
);
}
}
I have tested all of this with Postman and it seems to work OK.
Any reason not to structure all my controllers this way? Any issues or problems I should be aware of?
Thanks
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
If you're not using it elsewhere within the base class, you can get rid of the private connectionString field.
I'd also be inclined to make the _ApiControllerBase class abstract .
public abstract class _ApiControllerBase : ApiController
{
public IBizLayer BL { get; set; }
protected _ApiControllerBase()
{
string connectionString = Properties.Settings.Default.ConnectionString;
BL = new BizLayer(connectionString);
}
}
Beyond that, if you're happy with the routes containing the entity name, then it's fine. But if you want a proper RESTful service, you'd want the routes to look more like:
GET /api/controller to return the list of all entities;GET /api/controller/{id} to return a specific entity;POST /api/controller to add a new entity;PUT (or PATCH ) /api/controller/{id} to update an existing entity;DELETE /api/controller/{id} to delete an entity;
The GetJobsForProject action would be the exception to this pattern. I'd probably have it as: GET /api/projects/{projectId}/jobs
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
So to follow the REST standard, I would have to decorate each method with the Http Verbs?
Richard Deeming wrote: The GetJobsForProject action would be the exception to this pattern. I'd probably have it as: GET /api/projects/{projectId}/jobs
How would this signature look in the API?
Thanks
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
Kevin Marois wrote: So to follow the REST standard, I would have to decorate each method with the Http Verbs?
Yes. But you'd probably want to do that anyway - for example, you don't want actions which modify the data to be available via GET requests.
Kevin Marois wrote: How would this signature look in the API?
Depends on how you set up the routes. For example, if you don't have a RoutePrefix attribute on your controller:
public class JobsController : _ApiControllerBase
{
[HttpGet("api/projects/{projectId:int}/jobs")]
public List<JobEntity> GetJobsForProject(int projectId) { ... }
} However, my gut feeling is that this action would fit better as part of a ProjectsController :
[RoutePrefix("api/projects")
public class ProjectsController : _ApiControllerBase
{
[HttpGet("")]
public IEnumerable<ProjectEntity> GetAllProjects() { ... }
[HttpGet("{id:int}")]
public ProjectEntity GetProject(int id) { ... }
[HttpGet("{id:int}/jobs")]
public IEnumerable<JobEntity> GetJobsForProject(int id) { ... }
[HttpPost("")]
public int AddProject([FromBody] ProjectEntity entity) { ... }
[HttpPut("{id:int}")]
public void UpdateProject([FromBody] ProjectEntity entity) { ... }
[HttpDelete("{id:int}")]
public void DeleteProject(int id) { ... }
}
Attribute Routing in ASP.NET Web API 2 | Microsoft Docs[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Hello
Trying to create a Bootstap/PHP modal form that will hold a img/video upload, iframe(external videos), and comment section. Tried to have a comment modal separate from media and its not working. How do I create this? Here is my code:
<pre><button type="button" class="btn btn-link" data-bs-toggle="modal" data-bs-target="#exampleModal"> </label></div>
</div>
</div>
<div class="embed-responsive embed-responsive-16by9 z-depth-1-half">
<iframe class="embed-responsive-item" src="..." allowfullscreen></iframe>
</div>
<div class="form-group">
<label for="inputemail" class="col-lg-2 control-label">Comment</label>
<div class="col-lg-10">
<textarea name="bio" class="form-control" placeholder="..."><?php echo !empty($userData['comment'])?$userData['bio']:''; ?></textarea>
</div>
</div>
<div class="form-group">
<input type="submit" class="btn btn-light" name="proSubmit">
</div>
</div>
</div>
</div>
</div>
</div>
|
|
|
|
|
I have almost zero experience creating a Web API, so bear with me.
I opened VS2019 and created a new ASP.NET Web Application (.Net Framework). It comes with the standard Home and Values controllers.
I hit F5 and it ran. I then used Postman to verify passing "https://localhost:44312/api/Values". I get back the expected results. So far so good.
I then right clicked the project and chose "Publish" and published to a folder. I then copied the contents of the folder to the server and created a new Web Site in IIS pointing to my API and set the port to 44400. I clicked the Browse link in IIS and the browser opened. I added "/api/Values" to the end of the URL and got back this: Click: Here's the result.
I changed NOTHING in the app. Here's the Web.Config, which is what the error seems to be complaining about:
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
https:
-->
<configuration>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.7.2" />
<httpRuntime targetFramework="4.7.2" />
</system.web>
<system.webServer>
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" />
<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json" culture="neutral" publicKeyToken="30ad4fe6b2a6aeed" />
<bindingRedirect oldVersion="0.0.0.0-12.0.0.0" newVersion="12.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Optimization" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-5.2.7.0" newVersion="5.2.7.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701" />
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer+" />
</compilers>
</system.codedom>
</configuration>
First question: Any idea what's wrong?
Next question: How do I turn on/enable better debugging?
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
It looks like the configuration is locked down on your server.
Open IIS Manager, double-click on the "Feature Delegation" item in the "Management" group, and find the "Handler Mappings" item. Ensure that it's set to "Read/Write".
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
It doesn't seem to be there in IIS. See pic
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
No, you've double-clicked on "Handler Mappings", not "Feature Delegation".
NB: "Feature delegation" is only available at the root, when you click on the server name. It won't be available within a specific site or application.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|