9
votes
Accepted
Should integration tests use database?
1) Should these tests use real database data? I mean I'll have to connect to a real database?
If you're testing the integration between your software and the database, then yes you should use the real ...
- 136k
8
votes
Accepted
Is it okay to have multiple get action methods in ASP .Net Web API controller according to RESTful API constraints?
I know you cannot have multiple gets according to REST
Not really. REST and API modelling are different subjects. REST APIs are meant to be an integration strategy, based on the premises introduced by ...
- 14.9k
5
votes
What is the simplest version of best practice application architecture for a backend in C# and ASP.NET Core WebAPI?
Firstly, there is no such thing as a "best practice" architecture. There is only that architecture that best fits the specific need at hand.
We're doing a great disservice to software developers ...
- 200k
5
votes
Accepted
Should you validate route parameters or let them fail with a 404?
If you want to return a meaningful error message you'll probably want to add validation. Every application I've worked on has done some request validation and returned an error message before ...
- 186
4
votes
Is it okay to have multiple get action methods in ASP .Net Web API controller according to RESTful API constraints?
as far as I know you cannot have multiple gets according to REST
No, not really. What you can't have is state. For instance, if you have an API such as:
POST /set-current-user/[id]
GET /user-info
GET ...
- 137k
4
votes
Accepted
Web API - How to prevent the POST-ing of entities with custom Id values
Actually... back in the day (and still today) it was very common to not give people the ability to generate ids on the client side for one simple reason: the ids were auto incremented integer values ...
- 10.4k
4
votes
Web API - strong classes or dynamic?
The advantage of having a strongly-typed return value is that you can have a descriptive document (for example swagger using Swashbuckle) that allows people to auto-generate a client for your API.
...
- 9,185
4
votes
Is it okay to have multiple get action methods in ASP .Net Web API controller according to RESTful API constraints?
REST does not limit the number of methods. You can use as many of them as you need. The API and your implementation are 2 different things. If you want your API to follow the REST architecture then it ...
- 355
3
votes
Accepted
Calling executables from an ASP.NET WebAPI
Its not a great idea to have a web api call an executable. There are a number of issues you have to consider.
1: Security
We are basically exposing the command line to the web. Any flaw in the way ...
- 81.9k
3
votes
Accepted
Onion Architecture, Project Architecting and Authentication
1) Am I going in the right direction?
This is a much too broad question if you want it answered with any amount of detail. We don't know exactly what your current experience is and whether there are ...
- 58.1k
3
votes
Why should I use REST API?
I know it might be a dumb question or this is the right question to ask.
aren't we always doing such kinds of things with simple web without REST API? The client-side (browser) will make a request, ...
- 34.4k
3
votes
Separation of concerns and other best practices across Controllers, Services, Providers and Stores in ASP.NET when building a REST web api
First, is this view of the separation of my classes really how others structure their code?
Yes, unfortunately.
Second, is it legitimate for one Service to instance and leverage a second Service?
...
- 12.3k
2
votes
What features are missing from WCF Rest Implementation
WCF can be pretty complicated if you let it but is pretty easy if you need basic SOAP and that holds true even if you need a few frills and more exotic transport, authentication or protocol options. ...
- 1,338
2
votes
Best technique for pushing many records and files to a system: WEB API or FTP
Have you looked into existing so-called "Content Management Systems" (CMS)?
In case you want to roll your own system, though, a REST endpoint with a single page web app as the frontend with a user ...
- 383
2
votes
Accepted
When designing a web application with Vue.js and ASP.NET Core, is ASP.NET solely for the API?
I guess you are trying to build Web Application using .Net Core and Vue.js and you do not want to use MVC Razor view. IF that is the case, .Net Core is the back-end (Server side) framework where you ...
- 144
2
votes
Web API - How to prevent the POST-ing of entities with custom Id values
Couple points here:
You should own your own, internal, unique identifier, which should not be exposed via the API, neither for adding or viewing. The identifier is for your database to create key ...
- 26.9k
2
votes
ASP.NET Web API and MVC Architecture for Web Application
It looks like you are missing a service layer between you business logic and your websites.
If you draw in a horizontal slice on your diagram for it you can see immediately that you have a choice of ...
- 81.9k
2
votes
How to manage model(s) between web client (DMZ) and web API?
Yes you should split them.
Why?
Security and Privacy
Backwards Compatibility
Security and Privacy
Imagine that you have a User and that user has a password:
do you wish to return that password when ...
- 16.5k
2
votes
Accepted
A True RESTful API | Help needed
Your RESTful API does not necessarily need to present a CRUD interface. Resources that are computed from other data do not need to support Create, Update or Delete operations, but they can still be ...
- 18.2k
2
votes
Should you validate route parameters or let them fail with a 404?
If you are considering to add such a route level validation then you should be aware of the following:
If the constraint is not met then your action won't be called. Other action might be called ...
- 549
2
votes
Accepted
How often should I request a token when communicating with a third-party API?
The third party API may use a well-known mechanism, such as OAuth 2, for authentication. In OAuth 2, the token is generated once, and is used for multiple requests, until it expires. The expiration ...
- 137k
1
vote
Putting it all together - DDD, CQRS, Web API
I am on the right path here or is this way off from proper form/practice?
You are on the right path.
The way I have it imagined is that I can send command objects
This spelling isn't quite right -- ...
- 34.4k
1
vote
Stateful authentication in REST API using tokens
Question 1: Any alternatives or remarks of the previously mentioned
issues, which would change the conclusion?
Cookies are just headers, your native client can add and read them them no problem. Not ...
- 81.9k
1
vote
What should be the REST API (URL) for a user to be assigned to multiple territories
REST doesn't care what spelling you use for your identifiers.
GET /715f9784-4b51-461a-b3ee-fdf2823c25cb
is perfectly fine, as far as REST is concerned.
www.xyz.com/Territory/User
www.xyz.com/User/...
- 34.4k
1
vote
Wait time created by having separated REST API and web application
If you have a REST API, you don't need an MVC application. Instead, create a frontend JavaScript application which uses your API directly.
Compare your current scheme:
[JS/HTML frontend] <---> ...
- 4,432
1
vote
Pattern for web service response caching, but only use the cache for when the data store goes down or request otherwise would fail
The closest thing that can still scale, is using "Circuit Breakers with Fallbacks" pattern. Check on Netflix's Hystrix https://github.com/Netflix/Hystrix/wiki/How-it-Works which is one implementation ...
- 277
1
vote
Web API - strong classes or dynamic?
You are right in that there is little advantage to the Strongly typed POCO object in the hosting layer.
In fact, even though I am a proponent of using strong typing, I would be happy to use dynamic ...
- 81.9k
1
vote
Accepted
Creating JWT token internally
Chances are, there are going to be more applications that need to generate tokens.
Most companies want to centralize security. To that end, they don't want individual applications generating tokens. ...
- 11.7k
1
vote
Connect to different database based on URL
Running separate instances
It appears you are operating multiple, logically separate instances of a service (one per company). Fundamentally, you question is about how best to ensure that this ...
- 2,857
1
vote
Accepted
Should I use the same solution for WebAPI and autogenerated client for it?
Any project that is going to be pushed to a NuGet server works better if it is in a separate repository for the following reasons:
It helps encapsulate all testing and support code in one place
It ...
- 46.4k
Only top scored, non community-wiki answers of a minimum length are eligible