Hey Tim, I loved this intro course. Thank you for dedicating time to this project. I'm sure that it's been very helpful to a lot of students around the world.
Hi Tim, I would love to see a video about lifetimes like singleton, transient and scoped, when to use which one with examples, and how to handle the incoming traffic of an api. How to set limits to get not overwhelmed by thousands of incoming requests for example. Like, how to make an api stable.
This was the fastest tutorial I every used in order to get something done from nothing. Thank-you. Made the Data Layer the API and a Blazor Server UI that feeds UI components on-premises SharePoint Project Site Pages. The Data Layer talks directly to the Project Server database and enterprise databases. The UI server is simply Razor components displayed in Sharepoint WebParts. Bougtht 4 of your other courses. I knew I was in the right place when your courses use Dapper and Procs.
And again we have a brilliant explanation of really complicated things from a brilliant person! I hope that you are a rich person Tim because you DESERVE it.
Just finished! Hope you can make a tutorial that uses WebAPI with Identity and also a tutorial on deploying it securely to the production. Thanks much 😁😁
Thanks for the suggestion. Please add it to the list on the suggestion site so others can vote on it as well: suggestions.iamtimcorey.com/ If you are looking for that content now, I do cover that and a LOT more in my WebAPI course: www.iamtimcorey.com/p/web-api-from-start-to-finish
Hello Tim, Thanks for providing amazing contents for us, i am a junior developer graduated from university couple of months ago, i am looking forward to becoming a dotnet developer over the next moments of my life, and your contents are doing me good because its pretty clear and well broken down Thanks.. regards
That's great, man. I'm study in the university but learning .NET as much as i can! Could we discuss this topic? I mean, your current knowledge and what kind of work you want to do?
Hi Tim, Absolutely an awesome introduction. The content is so easy to follow and do it along. Sincerely appreciate the time you’re spending to make all these great videos (watched three of them so far). I am going to give it a shot on web api training from your site. Cheers!
Great tutorials Tim, Very good for beginners. Thank you for sharing knowledge with everyone. Please know that your tutorials are helping people like me sitting thousands of miles away from you.
I have seen examples of Web API applications where the action methods return ActionResult where T is a business entity that you are modelling, or a collection of them. What is the difference in returning this as opposed to just returning the entity, or collection of entities,?
ActionResult allows you to explicitly specify the HTTP code to be returned with your call. So you can specify 200, 401, 404, etc. vs. having the system "guess" which code to return.
Hi Tim ! First of all, congratulations for another great video ! Your videos are invaluable learning resources. Channels like yours are what make Internet valuable. As far as I understood, the minimal API project gets rid of the controller layer and making the connection between the endpoint and its correspondent executing code more direct. You suggested to replace the anonymous functions for a new layer that represents the code itself and at the same time keeping the Program.cs cleaner. Is this difference between the two approaches are more related to code simplicity and maintenance ? I think in terms of more complex projects, it makes easier to debug because we don't need to concern about the controller layer in between which can make debugging confusing. Do you think the minimal API approach can replace controllers in the near future ?
There are some slight differences, but the more I use minimal APIs, the less I see the need for controllers. The extra overhead in complexity doesn't seem worth it based upon what little benefit it provides.
Should we enable swagger for production? Currently by default it is only accessible for development. Is there an issue exposing the schema in production?
It depends on your API and your security levels. I prefer to, but an API that is unknown is harder to attack (not by a lot, but it will reduce attacks).
I really like your style man. It's clean, complete and very practical but still don't miss out on theory we developers should know. What are the functions of the comments like // GET: api/controllername above the methods? Swagger still does document it right when you remove this?
The code comment is just there to make it easier for the developer to understand what the URL would look like to call that particular endpoint. I'm glad you are enjoying the content.
Hi Tim, thanks for your great course. What would be the best practice in using RESTful APIs, when we have some kind of "session" (I know this sounds not RESTful 🙂), but we need for a licensing service some kind of "session" to identify the client which has "checked-out" the license.
That sounds like an authentication system or token system. You would give them a token that they could use in all subsequent calls, proving that they have the license checked out. You wouldn't need state for that.
Hello Tim, How does the Web API improve security between the client and the dB? Can a username and password still pass through the Web API layer without it being secured and still be “intercepted” and viewed?
So, first, when you pass credential to an API, you are passing your user credentials. They don't have direct database access. You pass those credentials over HTTPS, thus securing their transport. The user knows what the password is because it is their password. However, this does not give them direct database access. Typically, a user can access only their data even though the database holds the data of multiple users for example. Once the user is authenticated, the API uses the database credentials to get the required data and send it to the user. There should not be any possibility of SQL injection or other attacks because of this "firewall". Also, if the user's credentials are compromised, the hacker would only have access to what the user has access to. The credentials could also be invalidated without affecting other users.
Well, that's going to be something to consider. Some people only publish the Swagger page internally or in development. Others publish it for everyone to see. Others give the actual page a different name and hope that obfuscation helps them out. It is up to you to figure out what works best for you. However, here are some things to consider. First, Swagger isn't actually exposing your endpoints. It is just giving you a UI to call them. If you turned it off, you could still call those endpoints using Postman or even the browser developer tools. Second, the user cannot do more than you have authorized them to do. So, if an endpoint requires authentication, it will require authentication in Swagger. Third, Swagger provides documentation for your endpoints. You should be giving that to those who need it somehow.
Do you have any videos that show a program incorporating and using Web API? I had created a Xamarin program that connects directly to the database which is bad, so I'm trying to learn about restful API's. I can't find any tutorials or classes regarding APIs that deal with something other than websites.
The TimCo Retail Manager course (free here on UA-cam and paid on my website) builds and uses an API with multiple front-ends. We start with the .NET Framework (intentionally) so that we can then upgrade to .NET Core 3.1 and then .NET 5. So, you will see how to do it with the .NET Framework and with .NET.
That's really subjective. In general, however, there is not a need for more than one API in most cases. Unless you find that there is a specific need to have separate APIs, keep them together. If, however, you have a business case for splitting them apart, do so. Also, projects often pull from APIs other than those that they control.
Got a really basic question. My problem is I'm having difficulty asking the question right. I'm trying to effeciently learn on my own how to call and consume the responses from three different apis with net 6 and c# in a scheduled console application with the fewest packages possible. I keep getting super confused with Google searches, no teacher available. I keep outdated responses as I don't know the current industry standard jargon. Can you guide me on keywords for searches? My current problem is how to convert the most likely paged response from the second call after getting bearer token into a form into something I can interact with. Thank you
I don't really understand your question. However, my advice is this: break the problem down into chunks. Then try to get one chunk at a time working. It sounds like you might want to get a bearer token from one call (that would be your first chunk), then use that toke on another call (second chunk) and then parse the results (third chunk). Then you can more easily research the issue as well.
Dear Sir, I have a full working asp.net6 core console Web API. Now I need to transform this console API to be working as a windows service. How can I do that? Thank you in advance for your advice.
An API and a service are two different things. You interact directly with an API. You do not interact directly with a service. You wouldn't host an API as a service. You would host it on a web server.
Yes of course. I mean that I need to host the api into a windows service. I need to not use the IIS to host my core webapi. The situation here is that I don't want to rewrite the Api.
lol, not outdated but definitely older. Those videos typically cover the .NET Framework, which is still supported and valid today. Things are different in .NET Core / .NET 5+, but even then a lot of the techniques are the same and a lot of the code is the same or similar.
Hey Tim, I asked this question when you did the class library video. I know my reasoning for when to choose either or, but Just wanted your opinion (thought process) when do you choose whether you want to go with an API or a class library?
They serve two different purposes. A class library allows code to be reused between projects, it allows for easier upgrades for projects, and it keeps your code cleanly separated from the UI. I personally use a class library in practically every project I build. An API is used as a barrier between the UI and the database. It also can be accessed from multiple UIs (including UIs that cannot access data directly). The difference is that an API has to run on its own (hosted on a web server). It also transmits the data across the web via HTTPS. That means there is an overhead to calling an API as opposed to directly calling a database. That cost is worth it in some circumstances and not in others.
@@IAmTimCorey How often do you use your class library to access the database over an API? Like for example if you only had 1 UI and the code will not be shared and doesn't need to be called over a web api, would you do your db access directly through the library? Again , always depends on the situation right.
Thank you for your information. But how do i consume a Web API in dotnet 6? Nobody really seems to do it how it was really intended, and the older ways dont seem to work.
I would like to know how much the performance will drop when using WebApi compared to using a local library? Are there any other shortcomings in using WebApi? Thanks Tim!
There isn't a set number I can give you. You would need to test it in your environment, based upon your load, your servers, and your network. In general, though, it isn't that significant unless you are attempting to transmit large amounts of data from your API to your client.
@@IAmTimCorey Ok, I'll try to add WebApi to the project and test it further. Feeling good to learn and add this powerfull tool to my toolbox. Thanks Tim!
I have a large database with 190 tables... I've generated the entity framework model... how do I auto generate the web api from the entity framework model? I don't want to do it buy adding a controller for each table... can a web api / wcf / web service be auto generated? Then I would like to create a partial class or my own classes with business logic in them.
For almost all cases, your API shouldn't be just a thin layer over your database. You should probably have some type of actual application on top of your database. I mean, you've got a relational database (I'm assuming). You should probably be returning data that has the related data attached. That means making decisions, which is why just generating an API layer on top of your database isn't usually the right call. There might be a tool out there to do it, but I've never used one.
@IAmTimCorey thx. Valid points. I am trying to replace stored procedures with managed code in api layer. Business logic will be in api code. However would be nice to click a button and generate basic api code for each table/class automatically.. just like ef generates code.. then the spi code can have business logic added. Maybe I have to write auto code myself based on table.
Hello Tim, Great tutorial again. Thank you! Currently, I'm working on a simple VOD streaming app with a web API. I'm wondering, how can I run some code during server startup? I want to create a file what would contain metadata (title, format, path, etc.) for the videos. Afterward, I would like to send this file to connected clients using SignalR, so they can make API calls for the videos. What's the proper and elegant way to achieve this? Thank you for the answer :)
@@IAmTimCorey I think maybe i managed to solve by adding a class as HostedService where i call my function in StartAsync, idk it's agood approach or not, but it does what it needs to
There doesn't need to be a constructor. When you ask for TemperatureF, it gets calculated at that time. The value is never set because it returns the value of a calculation.
Great videos always! Can you please do a video on combining an Asp API and a SQL database in docker and then putting them up on Azure? Also, since the docker images are read only, how does the user save to the docker SQL database? Thanks.
thanks tim well explained but time as i created a production api and now i'm targeting to test it for that purpose i needed to publish the api locally first on iis but there many major problem for example first problem is each time I update my api the web.config file will be changed and .net writes some code in it which will lead for and error on runtime and I have to comment those changed and after all of fixing that another problem will show up, in the configuration file i need to specify a default document to show up on load and all I can do is enabling directory browse and i'm unable to redirect for my controllers~ thanks for caring about my comment
I'm not sure how you are publishing your API, but it sounds like something is wrong there. You should be able to publish your API to IIS as an update and it just work.
24:05 for my montage. I've heard people at my job say that business logic goes in the controller, which we know is fake news. I'm making a montage to set them straight of all the examples I can find that explain that the controller handles requests and responses and delegates the work to services. They still think I'm mentally handicapped. I need a new job.
@@IAmTimCorey Also Tim when you say AddEndpointsApiExplorer, what do you mean it is swagger? Can you please explain why I need it? or do I need it only when I use swagger? I do not use swagger and whether I have that line or not my app works. One more thing, is it possible to pass more than one params(objects) to a post method? Thank you Tim
I'm a big fan of minimal API's with a repository backer. For example: app.MapGet("/people", async (IDataRepository rep) => await rep.GetPeopleAsync()).WithName("GetPeople"); Returns a list of PersonDTO as an IResult.
Hi Tim, Great tutorial. This sample code covers everything I was looking for. The only thing I am having a hard time with is incorporating Serilog into the static API class. Any pointers you can provide? Thank you!
Isnt a HTTPGet a bit of a misnomer because it implies you can just retrieve data from the server but you can also post data with a GET but it all goes as plain text in the URL, so is useless for sensitive info, You have to use POST. or have I got it wrong?
They are best practices, yes if you wish a GET request can have logic to delete data from a database or update a database etc... But rules is rules XD so GET is supposed to return data. Any URL is done over clear text.
I'm not sure how HTTPGet is a misnomer. It is used to get data. If you use it against its name, that's a mistake. POST is used to create data (we send new data to the server).
You can put the code in a different file with Minimal APIs as well. They just start out really small because you might not need that complexity. For instance, I've written a Minimal API in less than 60 lines of code that had full CRUD access to a table. That doesn't need additional files.
No. Postman has a lot deeper features. For instance, you can save an API testing plan and execute it all at once against your API. You can also chain calls and more.
To prevent abuse. When it was always open, people would get it for a month, illegally download all of the videos, then cancel it. Then when a new course would come out, they would do it again. Limiting access highly discourages this practice.
I'm not sure what this comment means. In this video, we were talking about WebAPI and what the differences were between controllers and minimal APIs. We weren't talking about databases.
Again, this was about WebAPI, how it worked, the differences between a full API and minimal API, how it was configured, etc. It was not designed as a deep dive into everything it can do. If that is what you are interested in, this course will cover data access and so much more: www.iamtimcorey.com/salespage.html?course=tr-api-01 That course is 18 hours, though. This video is only an hour. I can't cover everything in an hour.
I was smiling every time you ripped on Microsoft not using best practices, it's like they whipped up the code at on a Friday evening to be honest. They should have the best practices, naming and folder naming all included not what they done. It's like creating a Ferrari then painting it with poster paint.
Yeah, it is frustrating. In .NET 7, we are supposed to get Blazor templates without the sample data. I'm not sure about the other project types, though.
Too much unnecessary talk. One hour video can be done in 20 minutes. If it's is for beginners who don't have any idea about controller, swagger, and API may be it is OK. Everybody should start their video by mentioning their audience. I am well aware of all those basic technology but want to know about the new technology, Web API .NET 6. Not coming back again to this poster's video.
Hey Tim, I loved this intro course. Thank you for dedicating time to this project. I'm sure that it's been very helpful to a lot of students around the world.
I’m glad you enjoyed it.
Hi Tim, I would love to see a video about lifetimes like singleton, transient and scoped, when to use which one with examples, and how to handle the incoming traffic of an api. How to set limits to get not overwhelmed by thousands of incoming requests for example. Like, how to make an api stable.
Waiting for this tutorial
This man has a great voice for these tutorials.
Thanks!
I'm so grateful he doesn't have an Indian accent 🙏
This was the fastest tutorial I every used in order to get something done from nothing. Thank-you. Made the Data Layer the API and a Blazor Server UI that feeds UI components on-premises SharePoint Project Site Pages. The Data Layer talks directly to the Project Server database and enterprise databases. The UI server is simply Razor components displayed in Sharepoint WebParts. Bougtht 4 of your other courses. I knew I was in the right place when your courses use Dapper and Procs.
Awesome! Thanks for sharing.
Tim I after to say, after years of your support, I just couldn't watch this all the way through... I went to buy the full course instead!
I hope you get a lot of value out of it.
And again we have a brilliant explanation of really complicated things from a brilliant person! I hope that you are a rich person Tim because you DESERVE it.
I appreciate the kind words. I’m glad my content has been helpful.
Just finished! Hope you can make a tutorial that uses WebAPI with Identity and also a tutorial on deploying it securely to the production. Thanks much 😁😁
Thanks for the suggestion. Please add it to the list on the suggestion site so others can vote on it as well: suggestions.iamtimcorey.com/
If you are looking for that content now, I do cover that and a LOT more in my WebAPI course: www.iamtimcorey.com/p/web-api-from-start-to-finish
Hello Tim, Thanks for providing amazing contents for us, i am a junior developer graduated from university couple of months ago, i am looking forward to becoming a dotnet developer over the next moments of my life, and your contents are doing me good because its pretty clear and well broken down
Thanks..
regards
Awesome! Best wishes on your journey.
That's great, man. I'm study in the university but learning .NET as much as i can! Could we discuss this topic? I mean, your current knowledge and what kind of work you want to do?
This man is a blessing to the leaning web. So well done.
Thank you!
Perfect timing I was just assigned to work on the API at work! Awesome tutorial .
Great!
Very nice video. This tought me not only a lot about C#, which I'm a bit new to, but also things I didn't know about APIs in general.
Glad it was helpful!
Hi Tim, Absolutely an awesome introduction. The content is so easy to follow and do it along. Sincerely appreciate the time you’re spending to make all these great videos (watched three of them so far). I am going to give it a shot on web api training from your site. Cheers!
I’m glad you are getting value out of them.
Great tutorials Tim, Very good for beginners. Thank you for sharing knowledge with everyone. Please know that your tutorials are helping people like me sitting thousands of miles away from you.
I am glad they are helpful.
Great to have amazing person like you in this community. Keep it up man
Thank you!
I have seen examples of Web API applications where the action methods return ActionResult where T is a business entity that you are modelling, or a collection of them. What is the difference in returning this as opposed to just returning the entity, or collection of entities,?
ActionResult allows you to explicitly specify the HTTP code to be returned with your call. So you can specify 200, 401, 404, etc. vs. having the system "guess" which code to return.
Just when I'm starting a new webapi project without any knowledge. Thanks for this 😁😁
You are welcome.
Seriously man I looked into many tutorial but this one is exactly what I wanted and to the point. Thanks!
I am glad it was helpful.
Please make more videos about this topic! You just gained a subscriber
I have quite a few more to check out already: www.youtube.com/@IAmTimCorey/search?query=api
Learning a lot here. The best c# channel. I love how you structure and present information
Thank you!
Thanks for your explanations and effort put into this video!
It Clarified a lot for me!
Also: love the fact that you mentioned best practices!
You are welcome.
Love it. Thank you so much Tim for doing this video
You are welcome.
You Are really expert i like your way in simplifying things and making it clear thanks a lot for your time appreciated.
Thank you for the kind words.
Thanks for the video. Minimal API looks amazing
Thanks!
Hi Tim, do you have any videos regarding User Authentication using API?
Had been waiting for this one! Thank you so much!
You are welcome.
Really good overview. Thanks!
You are welcome.
Great channel and quality content!! Thank you a lot
You are welcome.
Hi Tim ! First of all, congratulations for another great video ! Your videos are invaluable learning resources. Channels like yours are what make Internet valuable.
As far as I understood, the minimal API project gets rid of the controller layer and making the connection between the endpoint and its correspondent executing code more direct. You suggested to replace the anonymous functions for a new layer that represents the code itself and at the same time keeping the Program.cs cleaner.
Is this difference between the two approaches are more related to code simplicity and maintenance ? I think in terms of more complex projects, it makes easier to debug because we don't need to concern about the controller layer in between which can make debugging confusing. Do you think the minimal API approach can replace controllers in the near future ?
There are some slight differences, but the more I use minimal APIs, the less I see the need for controllers. The extra overhead in complexity doesn't seem worth it based upon what little benefit it provides.
Thank you, Tim.. Very well explained.. i am still halfway, though..
You are welcome.
Hi Tim can you pls share the link for intro to minimal api link you mentioned please?
Hello Tim, thank you for your video! It was enjoyable and easy to follow 😊
You are welcome.
Should we enable swagger for production? Currently by default it is only accessible for development. Is there an issue exposing the schema in production?
It depends on your API and your security levels. I prefer to, but an API that is unknown is harder to attack (not by a lot, but it will reduce attacks).
Thank you Tim, your tutorial helped my a lot.
You are welcome.
I really like your style man. It's clean, complete and very practical but still don't miss out on theory we developers should know. What are the functions of the comments like // GET: api/controllername above the methods? Swagger still does document it right when you remove this?
The code comment is just there to make it easier for the developer to understand what the URL would look like to call that particular endpoint. I'm glad you are enjoying the content.
Thanks, I have been waiting for this!
You are welcome.
Hi Tim, thanks for your great course. What would be the best practice in using RESTful APIs, when we have some kind of "session" (I know this sounds not RESTful 🙂), but we need for a licensing service some kind of "session" to identify the client which has "checked-out" the license.
That sounds like an authentication system or token system. You would give them a token that they could use in all subsequent calls, proving that they have the license checked out. You wouldn't need state for that.
Hello Tim, How does the Web API improve security between the client and the dB? Can a username and password still pass through the Web API layer without it being secured and still be “intercepted” and viewed?
So, first, when you pass credential to an API, you are passing your user credentials. They don't have direct database access. You pass those credentials over HTTPS, thus securing their transport. The user knows what the password is because it is their password. However, this does not give them direct database access. Typically, a user can access only their data even though the database holds the data of multiple users for example. Once the user is authenticated, the API uses the database credentials to get the required data and send it to the user. There should not be any possibility of SQL injection or other attacks because of this "firewall". Also, if the user's credentials are compromised, the hacker would only have access to what the user has access to. The credentials could also be invalidated without affecting other users.
should swagger be authenticated? I've done an api for customers only, and I'm not keen on publishing endpoints for everybody
Well, that's going to be something to consider. Some people only publish the Swagger page internally or in development. Others publish it for everyone to see. Others give the actual page a different name and hope that obfuscation helps them out. It is up to you to figure out what works best for you. However, here are some things to consider. First, Swagger isn't actually exposing your endpoints. It is just giving you a UI to call them. If you turned it off, you could still call those endpoints using Postman or even the browser developer tools. Second, the user cannot do more than you have authorized them to do. So, if an endpoint requires authentication, it will require authentication in Swagger. Third, Swagger provides documentation for your endpoints. You should be giving that to those who need it somehow.
thanks alot for doing what you do
You are welcome.
Thank you for all the great info. This was really helpful!
You are so welcome!
Do you have any videos that show a program incorporating and using Web API? I had created a Xamarin program that connects directly to the database which is bad, so I'm trying to learn about restful API's. I can't find any tutorials or classes regarding APIs that deal with something other than websites.
The TimCo Retail Manager course (free here on UA-cam and paid on my website) builds and uses an API with multiple front-ends. We start with the .NET Framework (intentionally) so that we can then upgrade to .NET Core 3.1 and then .NET 5. So, you will see how to do it with the .NET Framework and with .NET.
Great Video!! Thanks Tim!!
You are welcome.
Great video! Thanks.
You are welcome.
Helpful thanks for this!
You are welcome.
Do most projects contain only one API which is the separation/interface of the client and the database? When are more APIs used in a project?
That's really subjective. In general, however, there is not a need for more than one API in most cases. Unless you find that there is a specific need to have separate APIs, keep them together. If, however, you have a business case for splitting them apart, do so. Also, projects often pull from APIs other than those that they control.
@@IAmTimCorey can I utilize one API with two separate databases? (MSSQL and the other Postgre).
Sure. Not a problem.
Do you have any videos on setting up tests for a web API and using a local SQLite DB for tests?
Not specifically, no.
@@IAmTimCorey Darn! I'm really looking for a thorough guide, nearly all the other resources I've found for WebAPIs are really lacking this.
You can add it to the suggestion site so others can vote on it as well: suggestions.iamtimcorey.com/
@@IAmTimCorey Thanks, I just submitted!
Got a really basic question. My problem is I'm having difficulty asking the question right.
I'm trying to effeciently learn on my own how to call and consume the responses from three different apis with net 6 and c# in a scheduled console application with the fewest packages possible. I keep getting super confused with Google searches, no teacher available. I keep outdated responses as I don't know the current industry standard jargon.
Can you guide me on keywords for searches?
My current problem is how to convert the most likely paged response from the second call after getting bearer token into a form into something I can interact with.
Thank you
I don't really understand your question. However, my advice is this: break the problem down into chunks. Then try to get one chunk at a time working. It sounds like you might want to get a bearer token from one call (that would be your first chunk), then use that toke on another call (second chunk) and then parse the results (third chunk). Then you can more easily research the issue as well.
Dear Sir, I have a full working asp.net6 core console Web API.
Now I need to transform this console API to be working as a windows service.
How can I do that?
Thank you in advance for your advice.
An API and a service are two different things. You interact directly with an API. You do not interact directly with a service. You wouldn't host an API as a service. You would host it on a web server.
Yes of course. I mean that I need to host the api into a windows service. I need to not use the IIS to host my core webapi. The situation here is that I don't want to rewrite the Api.
I am not going to name drop, but I recently worked at a fortune
The language you choose won’t fix bad coding practices, for sure.
Thank you for all your videos. Are all the videos where you have hair on your head outdated ?
lol, not outdated but definitely older. Those videos typically cover the .NET Framework, which is still supported and valid today. Things are different in .NET Core / .NET 5+, but even then a lot of the techniques are the same and a lot of the code is the same or similar.
Hey Tim, I asked this question when you did the class library video. I know my reasoning for when to choose either or,
but Just wanted your opinion (thought process)
when do you choose whether you want to go with an API or a class library?
They serve two different purposes. A class library allows code to be reused between projects, it allows for easier upgrades for projects, and it keeps your code cleanly separated from the UI. I personally use a class library in practically every project I build. An API is used as a barrier between the UI and the database. It also can be accessed from multiple UIs (including UIs that cannot access data directly). The difference is that an API has to run on its own (hosted on a web server). It also transmits the data across the web via HTTPS. That means there is an overhead to calling an API as opposed to directly calling a database. That cost is worth it in some circumstances and not in others.
@@IAmTimCorey How often do you use your class library to access the database over an API? Like for example if you only had 1 UI and the code will not be shared and doesn't need to be called over a web api, would you do your db access directly through the library? Again , always depends on the situation right.
Thank you for your information. But how do i consume a Web API in dotnet 6? Nobody really seems to do it how it was really intended, and the older ways dont seem to work.
This should help: ua-cam.com/video/vdhFw1VSowg/v-deo.html
Basically, it is the same as in .NET 5 but the startup content will go in Program.cs
I would like to know how much the performance will drop when using WebApi compared to using a local library? Are there any other shortcomings in using WebApi? Thanks Tim!
accidental complexity can be a drawback
There isn't a set number I can give you. You would need to test it in your environment, based upon your load, your servers, and your network. In general, though, it isn't that significant unless you are attempting to transmit large amounts of data from your API to your client.
@@IAmTimCorey Ok, I'll try to add WebApi to the project and test it further. Feeling good to learn and add this powerfull tool to my toolbox. Thanks Tim!
Great video! Thanks for Sharing!
You are welcome.
I have a large database with 190 tables... I've generated the entity framework model... how do I auto generate the web api from the entity framework model? I don't want to do it buy adding a controller for each table... can a web api / wcf / web service be auto generated? Then I would like to create a partial class or my own classes with business logic in them.
For almost all cases, your API shouldn't be just a thin layer over your database. You should probably have some type of actual application on top of your database. I mean, you've got a relational database (I'm assuming). You should probably be returning data that has the related data attached. That means making decisions, which is why just generating an API layer on top of your database isn't usually the right call. There might be a tool out there to do it, but I've never used one.
@IAmTimCorey thx. Valid points. I am trying to replace stored procedures with managed code in api layer. Business logic will be in api code. However would be nice to click a button and generate basic api code for each table/class automatically.. just like ef generates code.. then the spi code can have business logic added. Maybe I have to write auto code myself based on table.
Hello Tim,
Great tutorial again. Thank you!
Currently, I'm working on a simple VOD streaming app with a web API. I'm wondering, how can I run some code during server startup? I want to create a file what would contain metadata (title, format, path, etc.) for the videos. Afterward, I would like to send this file to connected clients using SignalR, so they can make API calls for the videos. What's the proper and elegant way to achieve this?
Thank you for the answer :)
I'm sorry, I don't have an example to share with you.
@@IAmTimCorey I think maybe i managed to solve by adding a class as HostedService where i call my function in StartAsync, idk it's agood approach or not, but it does what it needs to
How is the TemperatureF gets Set , unable to understand WeatherForecast Constructor Call, how is TemperatureF value is set.
It doesn't get set. It only has a getter. The value is just a calculation based off of the TemperatureC.
@@IAmTimCorey there is no constructor defined for weatherforecast class
There doesn't need to be a constructor. When you ask for TemperatureF, it gets calculated at that time. The value is never set because it returns the value of a calculation.
Great videos always! Can you please do a video on combining an Asp API and a SQL database in docker and then putting them up on Azure? Also, since the docker images are read only, how does the user save to the docker SQL database? Thanks.
Thanks for the suggestion. Please add it to the list on the suggestion site so others can vote on it as well: suggestions.iamtimcorey.com/
thanks tim well explained but time as i created a production api and now i'm targeting to test it for that purpose i needed to publish the api locally first on iis but there many major problem for example first problem is each time I update my api the web.config file will be changed and .net writes some code in it which will lead for and error on runtime and I have to comment those changed and after all of fixing that another problem will show up, in the configuration file i need to specify a default document to show up on load and all I can do is enabling directory browse and i'm unable to redirect for my controllers~ thanks for caring about my comment
I'm not sure how you are publishing your API, but it sounds like something is wrong there. You should be able to publish your API to IIS as an update and it just work.
24:05 for my montage. I've heard people at my job say that business logic goes in the controller, which we know is fake news. I'm making a montage to set them straight of all the examples I can find that explain that the controller handles requests and responses and delegates the work to services. They still think I'm mentally handicapped. I need a new job.
Thanks, great video!
You are welcome.
Hello Tim. Can you make video about IIS Express, what it is/what it does and if we can use it in production env. Thanks
Thanks for the suggestion. Please add it to the list on the suggestion site so others can vote on it as well: suggestions.iamtimcorey.com/
@@IAmTimCorey Also Tim when you say AddEndpointsApiExplorer, what do you mean it is swagger? Can you please explain why I need it? or do I need it only when I use swagger? I do not use swagger and whether I have that line or not my app works. One more thing, is it possible to pass more than one params(objects) to a post method? Thank you Tim
is it possible to implement swagger in an API that is using inheriting a custom basecontroller?
Yep.
@@IAmTimCorey do you have a sample code or github link?
I'm a big fan of minimal API's with a repository backer. For example:
app.MapGet("/people", async (IDataRepository rep) => await rep.GetPeopleAsync()).WithName("GetPeople");
Returns a list of PersonDTO as an IResult.
They can be powerful.
Hi Tim, Great tutorial. This sample code covers everything I was looking for. The only thing I am having a hard time with is incorporating Serilog into the static API class. Any pointers you can provide?
Thank you!
Isnt a HTTPGet a bit of a misnomer because it implies you can just retrieve data from the server but you can also post data with a GET but it all goes as plain text in the URL, so is useless for sensitive info, You have to use POST. or have I got it wrong?
They are best practices, yes if you wish a GET request can have logic to delete data from a database or update a database etc... But rules is rules XD so GET is supposed to return data.
Any URL is done over clear text.
I'm not sure how HTTPGet is a misnomer. It is used to get data. If you use it against its name, that's a mistake. POST is used to create data (we send new data to the server).
Looking forward to the Gaming project types
They are coming soon.
@@IAmTimCorey brilliant. And , can you get me from C# winforms to Grafana : I’m having a Dickens of a time.
Awesome video!!
Thanks!
I like controller method and code going into different file. Minimal API seems weird to me
You can put the code in a different file with Minimal APIs as well. They just start out really small because you might not need that complexity. For instance, I've written a Minimal API in less than 60 lines of code that had full CRUD access to a table. That doesn't need additional files.
Excellent.
Thanks!
Does OpenAPI mean the death of Postman, do you think?
No. Postman has a lot deeper features. For instance, you can save an API testing plan and execute it all at once against your API. You can also chain calls and more.
I hope it covers dapper for crud 👍thnx
I've covered using Dapper for CRUD quite a bit. It is the same code every time.
Very good!
Thanks!
it will not run without docker?
Web API? You can run it without Docker.
@@IAmTimCorey right! was having some errors before, but now it's working thank you
Thank you so much sir! :)
You are welcome.
Hope you can make a video tutorial on how to host a WebAPI and and frontend like AngularJs.
At this point, I am not teaching Angular (or the other JavaScript frameworks). Sorry.
Thx! it was useful!
You are welcome.
Why monthly subscription is disabled
To prevent abuse. When it was always open, people would get it for a month, illegally download all of the videos, then cancel it. Then when a new course would come out, they would do it again. Limiting access highly discourages this practice.
API; the bouncer/butler
True.
very helpful!
I'm glad!
tim there is no database application (CRUD) in the controllers
I'm not sure what this comment means. In this video, we were talking about WebAPI and what the differences were between controllers and minimal APIs. We weren't talking about databases.
In the controllers there is no insert update delete method. A real example should contain httpget,httpput,httpdelete
I mean there is no database connection.
Again, this was about WebAPI, how it worked, the differences between a full API and minimal API, how it was configured, etc. It was not designed as a deep dive into everything it can do. If that is what you are interested in, this course will cover data access and so much more: www.iamtimcorey.com/salespage.html?course=tr-api-01
That course is 18 hours, though. This video is only an hour. I can't cover everything in an hour.
This was a very informative video, Ma Shaa Allah. Keep up the good work :")
I am glad it was helpful.
Im receiving http error 403 forbidden, this error is killing me
Sounds like you have authentication on your action, but you aren't sending the token to say you are authenticated.
Thanks!
Thank you!
great
👍
I need calling web apis from asp.core web application video
Here you go: ua-cam.com/video/cwgck1k0YKU/v-deo.html
THis but with Entity Framework please.
I don't typically cover Entity Framework. It isn't my strength and it is also not something I recommend for most circumstances.
@@IAmTimCorey what's wrong with Entity Framework?
C# God in flesh
I wouldn't go that far.
Minor deity OK?
32:10 this is the way google does it XD
Frustrating, isn't it.
I was smiling every time you ripped on Microsoft not using best practices, it's like they whipped up the code at on a Friday evening to be honest.
They should have the best practices, naming and folder naming all included not what they done.
It's like creating a Ferrari then painting it with poster paint.
Yeah, it is frustrating. In .NET 7, we are supposed to get Blazor templates without the sample data. I'm not sure about the other project types, though.
Too much unnecessary talk. One hour video can be done in 20 minutes. If it's is for beginners who don't have any idea about controller, swagger, and API may be it is OK. Everybody should start their video by mentioning their audience. I am well aware of all those basic technology but want to know about the new technology, Web API .NET 6. Not coming back again to this poster's video.
My assumption is that when I say "intro", people understand that it is an introduction to the topic. Something for beginners.
Incredible!
Thanks!
Thanks!
You are welcome.