Upgrade to Pro — share decks privately, control downloads, hide ads and more …

An Opinionated, Maintainable API Code Architect...

Spencer Schneidenbach
November 26, 2020
Technology
0
68

An Opinionated, Maintainable API Code Architecture for ASP.NET Core

Spencer Schneidenbach

November 26, 2020
Tweet

More Decks by Spencer Schneidenbach

See All by Spencer Schneidenbach
Exploring Serverless Options for .NET in Azure, AWS, and Beyond
schneidenbach
0
56
Evaluating the State of APIs - Comparing REST, GraphQL, gRPC
schneidenbach
1
140
.NET Microservices
schneidenbach
0
120
[DevReach 2019] Never RESTing - RESTful API Best Practices using ASP.NET Core Web API
schneidenbach
0
330
Designing and Implementing REST APIs for the Long Haul
schneidenbach
1
58

Other Decks in Technology

See All in Technology
バクラクにおける可観測性向上の取り組み
yuu26
3
420
君は隠しイベントを見つけれるか?
mujyun
0
290
初心者に Vue.js を 教えるには
tsukuha
5
390
物価高なラスベガスでの過ごし方
zakky
0
380
一休.comレストランにおけるRustの活用
kymmt90
3
580
AIを駆使したゲーム開発戦略: 新設AI組織の取り組み / sge-ai-strategy
cyberagentdevelopers
PRO
1
130
わたしとトラックポイント / TrackPoint tips
masahirokawahara
1
240
CAMERA-Suite: 広告文生成のための評価スイート / ai-camera-suite
cyberagentdevelopers
PRO
3
270
小規模に始めるデータメッシュとデータガバナンスの実践
kimujun
3
590
話題のGraphRAG、その可能性と課題を理解する
hide212131
4
1.5k
なんで、私がAWS Heroに!? 〜社外の広い世界に一歩踏み出そう〜
minorun365
PRO
6
1.1k
「視座」の上げ方が成人発達理論にわかりやすくまとまってた / think_ perspective_hidden_dimensions
shuzon
2
2.2k

Featured

See All Featured
The Power of CSS Pseudo Elements
geoffreycrofte
72
5.3k
Code Reviewing Like a Champion
maltzj
519
39k
GitHub's CSS Performance
jonrohan
1030
460k
Making Projects Easy
brettharned
115
5.9k
Reflections from 52 weeks, 52 projects
jeffersonlam
346
20k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.6k
What's in a price? How to price your products and services
michaelherold
243
12k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
42
9.2k
Designing the Hi-DPI Web
ddemaree
280
34k
Become a Pro
speakerdeck
PRO
24
5k
Practical Orchestrator
shlominoach
186
10k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k

Transcript

  1. An Opinionated and Maintainable API Code Architecture For ASP.NET Core

    Spencer Schneidenbach
  2. None

  3. Setting the Stage • “We need a new React backend”

    • “We need a new REST API”

  4. ASP.NET Core

  5. “Zero to Make Magic Happen”

  6. SCAFFOLDING

  7. None

  8. Introducing the Employee public class Employee { public int Id

    { get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string SocialSecurityNumber { get; set; } }

  9. The Employee Object • Is part of payroll software •

    Contains sensitive data (social security number)
  10. None
  11. None

  12. That’s better public class Employee { public int Id {

    get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

  13. The Employee Object • Is part of payroll software •

    Contains sensitive data (social security number) rodné číslo

  14. You, the Developer • Loves dotnet command line/Visual Studio tooling

    • Loves to get stuff done

  15. ASP.NET Core + Entity Framework Core

  16. File -> New Project

  17. Startup.cs

  18. None
  19. None
  20. None
  21. None
  22. None
  23. None
  24. None
  25. None
  26. None
  27. None

  28. “Scaffolding is AMAZING!”

  29. None
  30. None

  31. Scaffolding is a LIE

  32. Controller is a one man army • Route the request

    • Validate the request • Run service to execute request • Return data

  33. ZERO Separation of Concerns

  34. Controller should ONLY • Route the request • Return data

  35. Entity is ALSO the request

  36. public class Employee { public int Id { get; set;

    } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }
  37. None
  38. None

  39. Let’s Break it Up

  40. CQRS Command Query Responsibility Segregation

  41. Bottom Line - move: • Validation • Execution • Request

  42. Why? • Separation of concerns • Easier testing • An

    easy pattern to follow

  43. First, the request

  44. public class Employee { public int Id { get; set;

    } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

  45. Problem? • Entity being used for requests • Model/model validation

    are not separate

  46. Rule 1: Separate Entity from Model So let’s refactor!

  47. public class Employee { public int Id { get; set;

    } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

  48. Business Rule Can create employee with RodneCislo but not update

    it later using this API

  49. Create (POST) public class CreateEmployeeRequest { public int Id {

    get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

  50. Update (PUT) public class UpdateEmployeeRequest { public int Id {

    get; set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } }

  51. Delete (DELETE) public class DeleteEmployeeRequest { public int Id {

    get; set; } }

  52. Validation public class CreateEmployeeRequest { public int Id { get;

    set; } [Required] public string FirstName { get; set; } [Required] public string LastName { get; set; } public DateTime DateOfBirth { get; set; } public DateTime DateOfHire { get; set; } public string RodneCislo { get; set; } }

  53. Clunky to validate

  54. None

  55. Rule 2: Separate Validation from Model Introducing FluentValidation

  56. public class CreateEmployeeRequest { [Required] public string FirstName { get;

    set; } [Required] public string LastName { get; set; } }

  57. Let’s isolate the validation functionality

  58. public class EmployeeCreateValidator : AbstractValidator<EmployeeCreateRequest> { public EmployeeValidator() { RuleFor(e

    => e.FirstName).NotEmpty() .WithMessage("First name is required.") RuleFor(e => e.LastName).NotEmpty() .WithMessage("Last name is required.") } }

  59. public class EmployeeCreateValidator : AbstractValidator<EmployeeCreateRequest> { public EmployeeValidator() { RuleFor(e

    => e.FirstName).NotEmpty() .WithMessage("First name is required.") RuleFor(e => e.LastName).NotEmpty() .WithMessage("Last name is required.") } } public class EmployeeCreateRequest { public string FirstName { get; set; } public string LastName { get; set; } }

  60. [Test] public void EmployeeNameIsRequired() { var request = new EmployeeCreateRequest();

    //no props var validator = new EmployeeCreateValidator(); var result = validator.Validate(request); var firstNameMissing = result.Any(r => r.PropertyName == "FirstName"); var lastNameMissing = result.Any(r => r.PropertyName == "LastName"); Assert.That(firstNameMissing, Is.EqualTo(true)); Assert.That(lastNameMissing, Is.EqualTo(true)); } Test Independently

  61. Dependencies public class EmployeeDeleteValidator : AbstractValidator<EmployeeDeleteRequest> { public ApplicationDbContext Context

    { get; } public EmployeeValidator(ApplicationDbContext context) { Context = context; RuleFor(e => e.Id).Must(ExistInDatabase) .WithMessage("ID does not exist.") } public void ExistInDatabase(EmployeeDeleteRequest request) { return Context.Employee.Find(request.Id) != null; } }

  62. What We’ve Accomplished • Separated requests from the entity •

    Separated validation from entity and requests
  63. None

  64. Rule 3: Separate Request Handler from Controller Introducing MediatR

  65. MediatR • Requests • Handlers

  66. public class EmployeeCreateRequest : IRequest<int> { public string FirstName {

    get; set; } public string LastName { get; set; } }

  67. public class EmployeeCreateHandler : IRequestHandler<EmployeeCreateRequest, int> { public EmployeeCreateHandler(ApplicationDbContext context)

    { ... } public async Task<int> Handle(EmployeeCreateRequest request) { var newEmployee = new Employee { FirstName = request.FirstName, LastName = request.LastName }; _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

  68. public class EmployeeCreateHandler : IRequestHandler<EmployeeCreateRequest, int> { public EmployeeCreateHandler(ApplicationDbContext context)

    { ... } public async Task<int> Handle(EmployeeCreateRequest request) { var newEmployee = new Employee { FirstName = request.FirstName, LastName = request.LastName }; _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

  69. public class EmployeeCreateHandler : IRequestHandler<EmployeeCreateRequest, int> { public EmployeeCreateHandler(ApplicationDbContext context)

    { ... } public async Task<int> Handle(EmployeeCreateRequest request) { var newEmployee = new Employee { FirstName = request.FirstName, LastName = request.LastName }; _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

  70. public class EmployeeCreateHandler : IRequestHandler<EmployeeCreateRequest, int> { public EmployeeCreateHandler(ApplicationDbContext context)

    { ... } public async Task<int> Handle(EmployeeCreateRequest request) { var newEmployee = new Employee { FirstName = request.FirstName, LastName = request.LastName }; _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

  71. public class EmployeeCreateHandler : IRequestHandler<EmployeeCreateRequest, int> { public EmployeeCreateHandler(ApplicationDbContext context)

    { ... } public async Task<int> Handle(EmployeeCreateRequest request) { var newEmployee = new Employee { FirstName = request.FirstName, LastName = request.LastName }; _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }
  72. None

  73. AutoMapper

  74. public class EmployeeCreateHandler : IRequestHandler<EmployeeCreateRequest, int> { public EmployeeCreateHandler( ApplicationDbContext

    context, IMapper mapper) { ... } public async Task<int> Handle(EmployeeCreateRequest request) { var newEmployee = _mapper.Map<Employee>(request); _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

  75. public class EmployeeCreateHandler : IRequestHandler<EmployeeCreateRequest, int> { public EmployeeCreateHandler( ApplicationDbContext

    context, IMapper mapper) { ... } public async Task<int> Handle(EmployeeCreateRequest request) { var newEmployee = _mapper.Map<Employee>(request); _context.Employee.Add(newEmployee); await _context.SaveChangesAsync(); return newEmployee.Id; } }

  76. AutoMapper • Great for simple CRUD APIs/view models • Anything

    more complex, I usually just write mapper manually

  77. Why? • Separation of concerns • Easier testing • An

    easy pattern to follow

  78. Putting it all together • Dependency injection handles dependencies •

    FluentValidation handles validation • MediatR handles request/responses • AutoMapper handles mapping • Controller will handle HTTP requests

  79. public async Task<IActionResult> Post([FromBody] EmployeeCreateRequest request) { if (!ModelState.IsValid) {

    return BadRequest(ModelState); } var newId = await Mediator.Send(request); return CreatedAtAction("GetEmployee", new { id = employee.Id }); }

  80. public async Task<IActionResult> Post([FromBody] EmployeeCreateRequest request) { if (!ModelState.IsValid) {

    return BadRequest(ModelState); } var newId = await Mediator.Send(request); return CreatedAtAction("GetEmployee", new { id = employee.Id }); }

  81. public async Task<IActionResult> Post([FromBody] EmployeeCreateRequest request) { if (!ModelState.IsValid) {

    return BadRequest(ModelState); } var newId = await Mediator.Send(request); return CreatedAtAction("GetEmployee", new { id = employee.Id }); }

  82. public async Task<IActionResult> Post([FromBody] EmployeeCreateRequest request) { if (!ModelState.IsValid) {

    return BadRequest(ModelState); } var newId = await Mediator.Send(request); return CreatedAtAction("GetEmployee", new { id = employee.Id }); }

  83. Cleaner code?

  84. Multiple status codes?

  85. public class EmployeeUpdateHandler : IRequestHandler<EmployeeUpdateRequest, IActionResult> { public EmployeeUpdateHandler( ApplicationDbContext

    context IMapper mapper) { ... } public async Task<IActionResult> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return new NotFoundResult(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return new OkObjectResult(employee); } }

  86. public class EmployeeUpdateHandler : IRequestHandler<EmployeeUpdateRequest, IActionResult> { public EmployeeUpdateHandler( ApplicationDbContext

    context IMapper mapper) { ... } public async Task<IActionResult> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return new NotFoundResult(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return new OkObjectResult(employee); } }

  87. public class EmployeeUpdateHandler : IRequestHandler<EmployeeUpdateRequest, IActionResult> { public EmployeeUpdateHandler( ApplicationDbContext

    context IMapper mapper) { ... } public async Task<IActionResult> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return new NotFoundResult(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return new OkObjectResult(employee); } }

  88. We can do better

  89. public class EmployeeUpdateHandler : IRequestHandler<EmployeeUpdateRequest, Func<Controller, IActionResult>> { public EmployeeUpdateHandler(

    ApplicationDbContext context IMapper mapper) { ... } public async Task<Func<Controller, IActionResult>> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return controller => controller.NotFound(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return controller => controller.Ok(employee); } }

  90. public class EmployeeUpdateHandler : IRequestHandler<EmployeeUpdateRequest, Func<Controller, IActionResult>> { public EmployeeUpdateHandler(

    ApplicationDbContext context IMapper mapper) { ... } public async Task<Func<Controller, IActionResult>> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return controller => controller.NotFound(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return controller => controller.Ok(employee); } }

  91. public class EmployeeUpdateHandler : IRequestHandler<EmployeeUpdateRequest, Func<Controller, IActionResult>> { public EmployeeUpdateHandler(

    ApplicationDbContext context IMapper mapper) { ... } public async Task<Func<Controller, IActionResult>> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return controller => controller.NotFound(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return controller => controller.Ok(employee); } }

  92. public class EmployeeUpdateHandler : IRequestHandler<EmployeeUpdateRequest, Func<Controller, IActionResult>> { public EmployeeUpdateHandler(

    ApplicationDbContext context IMapper mapper) { ... } public async Task<Func<Controller, IActionResult>> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return controller => controller.NotFound(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return controller => controller.Ok(employee); } }

  93. public class EmployeeUpdateHandler : IRequestHandler<EmployeeUpdateRequest, Func<Controller, IActionResult>> { public EmployeeUpdateHandler(

    ApplicationDbContext context IMapper mapper) { ... } public async Task<Func<Controller, IActionResult>> Handle(EmployeeUpdateRequest request) { var employee = await _context.FindAsync(request.Id); if (employee == null) { return controller => controller.NotFound(); } _mapper.Map(request, employee); await _context.SaveChangesAsync(); return controller => controller.View("~/Employees/ViewEmployee.cshtml", employee); }

  94. [Route("api/Employees")] public class EmployeeController : BaseController { [HttpGet] public Task<IActionResult>

    Get() => Handle(new GetEmployeesRequest()); [HttpGet("{id}")] public Task<IActionResult> Get(int id) => Handle(new GetEmployeeRequest(id)); [HttpPost] public Task<IActionResult> Post(CreateEmployeeRequest request) => Handle(request); [HttpPut("{id}")] public Task<IActionResult> Put(UpdateEmployeeRequest request) => Handle(request); }

  95. protected async Task<IActionResult> Handle(object request) { if (!ModelState.IsValid) { return

    BadRequest(ModelState); } var func = await _mediator.Send(request); return func(this); }

  96. Tips

  97. Create repeatable patterns

  98. Write tests for everything

  99. Concerns • May be unnecessary complexity • Bigger learning curve

    - not as “out of the box”

  100. Best for • Medium-large applications • Long-term reliability

  101. More resources rest.schneids.net

  102. Thank you! schneids.net @schneidenbach