Published:
This post covers the two testing layers most .NET teams rely on heavily: unit tests with xUnit and integration tests with WebApplicationFactory. Unit tests give you fast feedback on isolated logic. Integration tests prove that your application actually boots, routes requests, resolves dependencies, and returns the expected HTTP responses.
Published:
This post covers some of the most useful EF Core performance techniques you will apply in read-heavy applications: disable tracking for read-only queries, project only the data you need, use compiled queries for hot paths, and understand when split queries help avoid large join explosions. Performance work starts with measurement, but these patterns are worth knowing early.
Published:
This post covers the pieces of Entity Framework Core you need before building real data-backed applications. The essential model is: your entities represent data, DbContext coordinates access to that data, migrations evolve the schema, and change tracking decides what EF Core will insert, update, or delete.
Published:
This post covers the part of security that decides what an authenticated user is allowed to do. In ASP.NET Core, authorization usually builds on roles, claims, named policies, and sometimes resource-specific checks performed in code. If authentication answers “who are you?”, authorization answers “may you do this?”.
Published:
This post gives an overview of the most common authentication approaches you will see in .NET applications: cookies, JWT bearer tokens, and OAuth2/OIDC-based sign-in flows. The important thing is not memorizing every protocol detail. The important thing is understanding what each approach is for and when it fits.
Published:
This post covers the API design habits that matter once you move beyond “it works on my machine” and start building endpoints other systems will rely on. Good REST design is mostly about clear resource modeling, predictable status codes, safe query patterns, and a versioning strategy you decide before clients are locked in.
Published:
This post covers how to handle failures in an ASP.NET Core API without leaking stack traces or returning random error shapes. The goal is not to prevent every exception. The goal is to catch failures at the right level, log them, and return a consistent response contract such as ProblemDetails.
Published:
This post covers two important jobs the framework performs for you: model binding and validation. Model binding turns incoming HTTP data into .NET values. Validation checks whether those values satisfy your rules. If you understand where each responsibility begins and ends, your endpoints become much easier to reason about.
Published:
This post shows how to build your first ASP.NET Core Web API and, more importantly, how to think about the choices you make along the way. The two main styles are controllers and minimal APIs, and both rely on the same routing system underneath. Once you understand those pieces, building new endpoints stops feeling mysterious.
Published:
This post covers the built-in Dependency Injection container in .NET and the concepts you need to use it safely. If you remember only one idea, make it this: services should declare what they need through constructor parameters, and the container should create those dependencies with the correct lifetime.