Working with the latest and greatest is always exciting. As developers, we tend to download new software and SDKs in order to try it and, in some cases, benefit from early fixes or early access to new features. .NET Core 2.1 which was announced at Build is one such example. The first thing I did after the conference announcement was to go on my machine and download it so I could take it for a spin. However, as developers, we're not restricted to our machines. Eventually, the code is pushed into source control and from there the CI/CD …[read more]
Showing all posts tagged: '.NET Core'
A 15-post collection
I love how Microsoft and Azure is making developers' lives so much easier. Consider the title of this blog post. Now try to think how you would solve this problem 2 or 3 years ago. How much code, infrastructure and data would have to be produced in order to generate a text moderation service that scales, performs and works reliably every single time! Fast forward to today and solving the exact same problem takes no less than 100 lines of code by using the tools that MS has made available to our disposal. The heavy lifting is done by the …[read more]
In the early days of ASP.NET Core, Kestrel (the lightweight, open source web server) was fairly basic. And this was totally intentional! Kestrel provides a mechanism to spin up and run ASP.NET Core websites and APIs fast and efficiently with as little overhead as possible. This, combined with the other ASP.NET Core improvements (90% smaller HTTP requests etc) have contributed to ASP.NET Core's speed. Kestrel was great at its job but in some cases proved to be very basic. It's important to understand that Kestrel was never intended to run applications in production. Instead, the recommendation …[read more]
I'm a big proponent of delegated authentication. It's no surprise that Broken Authentication is #2 at the OWASP top 10 latest report. It's been #2 for a very long time, which means that developers and enterprises are still getting this wrong. There are so many ways that authentication that can go wrong, that delegated authentication should be the preferred and possibly the default choice for all platforms. There are many different services that can provide this. I've heavily worked with Azure AD and Azure AD B2C but this time I wanted to take Auth0 for a spin. In this post …[read more]
Managing sensitive information and secrets in config files is something we have to deal with on a daily basis. Unfortunately, this is also something that we still get wrong. In many cases, secrets spill from production to development and vice versa or we have to setup up obscure file transformations and processes to change said secrets as we move from one environment to another. .NET Core has introduced the notion of User Secrets which we can use to store application variables outside the application folder. The file that stores the secrets ends up in one of the following locations, depending …[read more]