Intro to Web API in .NET 6 - Including Minimal APIs, Swagger, and more
Вставка
- Опубліковано 5 лип 2024
- The API project type is one of the most powerful web project types in .NET. Instead of relying on a person to interact with it graphically, the API project type can be interacted with from other applications or directly from a person. This allows the API project type to support microservices, client-side projects like Blazor WebAssembly, mobile application types, and even "regular" projects like WPF or Blazor Server. In this video, we will look at what an API is, what comes out of the box, and how it operates. We will also compare minimal APIs to "regular" APIs.
Full Training Courses: IAmTimCorey.com
Source Code: leadmagnets.app/?Resource=Int...
Mailing List: signup.iamtimcorey.com/
0:00 - Intro
1:20 - Creating ASP. NET Core Web API project
5:57 - Default API application overview
11:22 - What is API
15:20 - API web app code review
25:06 - Creating API controller
30:56 - REST API
33:19 - Minimal API application
36:42 - Why the minimal API
42:59 - Best practices, summary, and final remarks
Hey Tim, I loved this intro course. Thank you for dedicating time to this project. I'm sure that it's been very helpful to a lot of students around the world.
I’m glad you enjoyed it.
Hi Tim, Absolutely an awesome introduction. The content is so easy to follow and do it along. Sincerely appreciate the time you’re spending to make all these great videos (watched three of them so far). I am going to give it a shot on web api training from your site. Cheers!
I’m glad you are getting value out of them.
And again we have a brilliant explanation of really complicated things from a brilliant person! I hope that you are a rich person Tim because you DESERVE it.
I appreciate the kind words. I’m glad my content has been helpful.
This man has a great voice for these tutorials.
Thanks!
I'm so grateful he doesn't have an Indian accent 🙏
Hi Tim, I would love to see a video about lifetimes like singleton, transient and scoped, when to use which one with examples, and how to handle the incoming traffic of an api. How to set limits to get not overwhelmed by thousands of incoming requests for example. Like, how to make an api stable.
Waiting for this tutorial
Perfect timing I was just assigned to work on the API at work! Awesome tutorial .
Great!
Very nice video. This tought me not only a lot about C#, which I'm a bit new to, but also things I didn't know about APIs in general.
Glad it was helpful!
Great to have amazing person like you in this community. Keep it up man
Thank you!
Thanks for your explanations and effort put into this video!
It Clarified a lot for me!
Also: love the fact that you mentioned best practices!
You are welcome.
Just finished! Hope you can make a tutorial that uses WebAPI with Identity and also a tutorial on deploying it securely to the production. Thanks much 😁😁
Thanks for the suggestion. Please add it to the list on the suggestion site so others can vote on it as well: suggestions.iamtimcorey.com/
If you are looking for that content now, I do cover that and a LOT more in my WebAPI course: www.iamtimcorey.com/p/web-api-from-start-to-finish
This was the fastest tutorial I every used in order to get something done from nothing. Thank-you. Made the Data Layer the API and a Blazor Server UI that feeds UI components on-premises SharePoint Project Site Pages. The Data Layer talks directly to the Project Server database and enterprise databases. The UI server is simply Razor components displayed in Sharepoint WebParts. Bougtht 4 of your other courses. I knew I was in the right place when your courses use Dapper and Procs.
Awesome! Thanks for sharing.
Seriously man I looked into many tutorial but this one is exactly what I wanted and to the point. Thanks!
I am glad it was helpful.
Love it. Thank you so much Tim for doing this video
You are welcome.
Learning a lot here. The best c# channel. I love how you structure and present information
Thank you!
Had been waiting for this one! Thank you so much!
You are welcome.
Great tutorials Tim, Very good for beginners. Thank you for sharing knowledge with everyone. Please know that your tutorials are helping people like me sitting thousands of miles away from you.
I am glad they are helpful.
Tim I after to say, after years of your support, I just couldn't watch this all the way through... I went to buy the full course instead!
I hope you get a lot of value out of it.
Hello Tim, Thanks for providing amazing contents for us, i am a junior developer graduated from university couple of months ago, i am looking forward to becoming a dotnet developer over the next moments of my life, and your contents are doing me good because its pretty clear and well broken down
Thanks..
regards
Awesome! Best wishes on your journey.
That's great, man. I'm study in the university but learning .NET as much as i can! Could we discuss this topic? I mean, your current knowledge and what kind of work you want to do?
Thanks, I have been waiting for this!
You are welcome.
This man is a blessing to the leaning web. So well done.
Thank you!
Thanks for the video. Minimal API looks amazing
Thanks!
Please make more videos about this topic! You just gained a subscriber
I have quite a few more to check out already: www.youtube.com/@IAmTimCorey/search?query=api
Hello Tim, thank you for your video! It was enjoyable and easy to follow 😊
You are welcome.
Really good overview. Thanks!
You are welcome.
Just when I'm starting a new webapi project without any knowledge. Thanks for this 😁😁
You are welcome.
Thank you for all the great info. This was really helpful!
You are so welcome!
Great channel and quality content!! Thank you a lot
You are welcome.
You Are really expert i like your way in simplifying things and making it clear thanks a lot for your time appreciated.
Thank you for the kind words.
Great Video!! Thanks Tim!!
You are welcome.
Great video! Thanks for Sharing!
You are welcome.
Great video! Thanks.
You are welcome.
Thanks, great video!
You are welcome.
Helpful thanks for this!
You are welcome.
I have seen examples of Web API applications where the action methods return ActionResult where T is a business entity that you are modelling, or a collection of them. What is the difference in returning this as opposed to just returning the entity, or collection of entities,?
ActionResult allows you to explicitly specify the HTTP code to be returned with your call. So you can specify 200, 401, 404, etc. vs. having the system "guess" which code to return.
Hi Tim, Great tutorial. This sample code covers everything I was looking for. The only thing I am having a hard time with is incorporating Serilog into the static API class. Any pointers you can provide?
Thank you!
Awesome video!!
Thanks!
thanks alot for doing what you do
You are welcome.
Very good!
Thanks!
Hi Tim, do you have any videos regarding User Authentication using API?
I really like your style man. It's clean, complete and very practical but still don't miss out on theory we developers should know. What are the functions of the comments like // GET: api/controllername above the methods? Swagger still does document it right when you remove this?
The code comment is just there to make it easier for the developer to understand what the URL would look like to call that particular endpoint. I'm glad you are enjoying the content.
Excellent.
Thanks!
Hi Tim ! First of all, congratulations for another great video ! Your videos are invaluable learning resources. Channels like yours are what make Internet valuable.
As far as I understood, the minimal API project gets rid of the controller layer and making the connection between the endpoint and its correspondent executing code more direct. You suggested to replace the anonymous functions for a new layer that represents the code itself and at the same time keeping the Program.cs cleaner.
Is this difference between the two approaches are more related to code simplicity and maintenance ? I think in terms of more complex projects, it makes easier to debug because we don't need to concern about the controller layer in between which can make debugging confusing. Do you think the minimal API approach can replace controllers in the near future ?
There are some slight differences, but the more I use minimal APIs, the less I see the need for controllers. The extra overhead in complexity doesn't seem worth it based upon what little benefit it provides.
Thank you so much sir! :)
You are welcome.
Hey Tim, I asked this question when you did the class library video. I know my reasoning for when to choose either or,
but Just wanted your opinion (thought process)
when do you choose whether you want to go with an API or a class library?
They serve two different purposes. A class library allows code to be reused between projects, it allows for easier upgrades for projects, and it keeps your code cleanly separated from the UI. I personally use a class library in practically every project I build. An API is used as a barrier between the UI and the database. It also can be accessed from multiple UIs (including UIs that cannot access data directly). The difference is that an API has to run on its own (hosted on a web server). It also transmits the data across the web via HTTPS. That means there is an overhead to calling an API as opposed to directly calling a database. That cost is worth it in some circumstances and not in others.
@@IAmTimCorey How often do you use your class library to access the database over an API? Like for example if you only had 1 UI and the code will not be shared and doesn't need to be called over a web api, would you do your db access directly through the library? Again , always depends on the situation right.
Thx! it was useful!
You are welcome.
very helpful!
I'm glad!
Great videos always! Can you please do a video on combining an Asp API and a SQL database in docker and then putting them up on Azure? Also, since the docker images are read only, how does the user save to the docker SQL database? Thanks.
Thanks for the suggestion. Please add it to the list on the suggestion site so others can vote on it as well: suggestions.iamtimcorey.com/
This was a very informative video, Ma Shaa Allah. Keep up the good work :")
I am glad it was helpful.
Thanks!
You are welcome.
Hi Tim, thanks for your great course. What would be the best practice in using RESTful APIs, when we have some kind of "session" (I know this sounds not RESTful 🙂), but we need for a licensing service some kind of "session" to identify the client which has "checked-out" the license.
That sounds like an authentication system or token system. You would give them a token that they could use in all subsequent calls, proving that they have the license checked out. You wouldn't need state for that.
I would like to know how much the performance will drop when using WebApi compared to using a local library? Are there any other shortcomings in using WebApi? Thanks Tim!
accidental complexity can be a drawback
There isn't a set number I can give you. You would need to test it in your environment, based upon your load, your servers, and your network. In general, though, it isn't that significant unless you are attempting to transmit large amounts of data from your API to your client.
@@IAmTimCorey Ok, I'll try to add WebApi to the project and test it further. Feeling good to learn and add this powerfull tool to my toolbox. Thanks Tim!
Hello Tim, How does the Web API improve security between the client and the dB? Can a username and password still pass through the Web API layer without it being secured and still be “intercepted” and viewed?
So, first, when you pass credential to an API, you are passing your user credentials. They don't have direct database access. You pass those credentials over HTTPS, thus securing their transport. The user knows what the password is because it is their password. However, this does not give them direct database access. Typically, a user can access only their data even though the database holds the data of multiple users for example. Once the user is authenticated, the API uses the database credentials to get the required data and send it to the user. There should not be any possibility of SQL injection or other attacks because of this "firewall". Also, if the user's credentials are compromised, the hacker would only have access to what the user has access to. The credentials could also be invalidated without affecting other users.
Thank you for your information. But how do i consume a Web API in dotnet 6? Nobody really seems to do it how it was really intended, and the older ways dont seem to work.
This should help: ua-cam.com/video/vdhFw1VSowg/v-deo.html
Basically, it is the same as in .NET 5 but the startup content will go in Program.cs
Do you have any videos that show a program incorporating and using Web API? I had created a Xamarin program that connects directly to the database which is bad, so I'm trying to learn about restful API's. I can't find any tutorials or classes regarding APIs that deal with something other than websites.
The TimCo Retail Manager course (free here on UA-cam and paid on my website) builds and uses an API with multiple front-ends. We start with the .NET Framework (intentionally) so that we can then upgrade to .NET Core 3.1 and then .NET 5. So, you will see how to do it with the .NET Framework and with .NET.
Hello Tim. Can you make video about IIS Express, what it is/what it does and if we can use it in production env. Thanks
Thanks for the suggestion. Please add it to the list on the suggestion site so others can vote on it as well: suggestions.iamtimcorey.com/
@@IAmTimCorey Also Tim when you say AddEndpointsApiExplorer, what do you mean it is swagger? Can you please explain why I need it? or do I need it only when I use swagger? I do not use swagger and whether I have that line or not my app works. One more thing, is it possible to pass more than one params(objects) to a post method? Thank you Tim
I hope it covers dapper for crud 👍thnx
I've covered using Dapper for CRUD quite a bit. It is the same code every time.
Hello Tim,
Great tutorial again. Thank you!
Currently, I'm working on a simple VOD streaming app with a web API. I'm wondering, how can I run some code during server startup? I want to create a file what would contain metadata (title, format, path, etc.) for the videos. Afterward, I would like to send this file to connected clients using SignalR, so they can make API calls for the videos. What's the proper and elegant way to achieve this?
Thank you for the answer :)
I'm sorry, I don't have an example to share with you.
@@IAmTimCorey I think maybe i managed to solve by adding a class as HostedService where i call my function in StartAsync, idk it's agood approach or not, but it does what it needs to
Isnt a HTTPGet a bit of a misnomer because it implies you can just retrieve data from the server but you can also post data with a GET but it all goes as plain text in the URL, so is useless for sensitive info, You have to use POST. or have I got it wrong?
They are best practices, yes if you wish a GET request can have logic to delete data from a database or update a database etc... But rules is rules XD so GET is supposed to return data.
Any URL is done over clear text.
I'm not sure how HTTPGet is a misnomer. It is used to get data. If you use it against its name, that's a mistake. POST is used to create data (we send new data to the server).
Do you have any videos on setting up tests for a web API and using a local SQLite DB for tests?
Not specifically, no.
@@IAmTimCorey Darn! I'm really looking for a thorough guide, nearly all the other resources I've found for WebAPIs are really lacking this.
You can add it to the suggestion site so others can vote on it as well: suggestions.iamtimcorey.com/
@@IAmTimCorey Thanks, I just submitted!
Should we enable swagger for production? Currently by default it is only accessible for development. Is there an issue exposing the schema in production?
It depends on your API and your security levels. I prefer to, but an API that is unknown is harder to attack (not by a lot, but it will reduce attacks).
Hope you can make a video tutorial on how to host a WebAPI and and frontend like AngularJs.
At this point, I am not teaching Angular (or the other JavaScript frameworks). Sorry.
Thank you for all your videos. Are all the videos where you have hair on your head outdated ?
lol, not outdated but definitely older. Those videos typically cover the .NET Framework, which is still supported and valid today. Things are different in .NET Core / .NET 5+, but even then a lot of the techniques are the same and a lot of the code is the same or similar.
Got a really basic question. My problem is I'm having difficulty asking the question right.
I'm trying to effeciently learn on my own how to call and consume the responses from three different apis with net 6 and c# in a scheduled console application with the fewest packages possible. I keep getting super confused with Google searches, no teacher available. I keep outdated responses as I don't know the current industry standard jargon.
Can you guide me on keywords for searches?
My current problem is how to convert the most likely paged response from the second call after getting bearer token into a form into something I can interact with.
Thank you
I don't really understand your question. However, my advice is this: break the problem down into chunks. Then try to get one chunk at a time working. It sounds like you might want to get a bearer token from one call (that would be your first chunk), then use that toke on another call (second chunk) and then parse the results (third chunk). Then you can more easily research the issue as well.
great
👍
is it possible to implement swagger in an API that is using inheriting a custom basecontroller?
Yep.
@@IAmTimCorey do you have a sample code or github link?
thanks tim well explained but time as i created a production api and now i'm targeting to test it for that purpose i needed to publish the api locally first on iis but there many major problem for example first problem is each time I update my api the web.config file will be changed and .net writes some code in it which will lead for and error on runtime and I have to comment those changed and after all of fixing that another problem will show up, in the configuration file i need to specify a default document to show up on load and all I can do is enabling directory browse and i'm unable to redirect for my controllers~ thanks for caring about my comment
I'm not sure how you are publishing your API, but it sounds like something is wrong there. You should be able to publish your API to IIS as an update and it just work.
I have a large database with 190 tables... I've generated the entity framework model... how do I auto generate the web api from the entity framework model? I don't want to do it buy adding a controller for each table... can a web api / wcf / web service be auto generated? Then I would like to create a partial class or my own classes with business logic in them.
For almost all cases, your API shouldn't be just a thin layer over your database. You should probably have some type of actual application on top of your database. I mean, you've got a relational database (I'm assuming). You should probably be returning data that has the related data attached. That means making decisions, which is why just generating an API layer on top of your database isn't usually the right call. There might be a tool out there to do it, but I've never used one.
@IAmTimCorey thx. Valid points. I am trying to replace stored procedures with managed code in api layer. Business logic will be in api code. However would be nice to click a button and generate basic api code for each table/class automatically.. just like ef generates code.. then the spi code can have business logic added. Maybe I have to write auto code myself based on table.
I like controller method and code going into different file. Minimal API seems weird to me
You can put the code in a different file with Minimal APIs as well. They just start out really small because you might not need that complexity. For instance, I've written a Minimal API in less than 60 lines of code that had full CRUD access to a table. That doesn't need additional files.
Dear Sir, I have a full working asp.net6 core console Web API.
Now I need to transform this console API to be working as a windows service.
How can I do that?
Thank you in advance for your advice.
An API and a service are two different things. You interact directly with an API. You do not interact directly with a service. You wouldn't host an API as a service. You would host it on a web server.
Yes of course. I mean that I need to host the api into a windows service. I need to not use the IIS to host my core webapi. The situation here is that I don't want to rewrite the Api.
24:05 for my montage. I've heard people at my job say that business logic goes in the controller, which we know is fake news. I'm making a montage to set them straight of all the examples I can find that explain that the controller handles requests and responses and delegates the work to services. They still think I'm mentally handicapped. I need a new job.
Looking forward to the Gaming project types
They are coming soon.
@@IAmTimCorey brilliant. And , can you get me from C# winforms to Grafana : I’m having a Dickens of a time.
How is the TemperatureF gets Set , unable to understand WeatherForecast Constructor Call, how is TemperatureF value is set.
It doesn't get set. It only has a getter. The value is just a calculation based off of the TemperatureC.
@@IAmTimCorey there is no constructor defined for weatherforecast class
There doesn't need to be a constructor. When you ask for TemperatureF, it gets calculated at that time. The value is never set because it returns the value of a calculation.
Does OpenAPI mean the death of Postman, do you think?
No. Postman has a lot deeper features. For instance, you can save an API testing plan and execute it all at once against your API. You can also chain calls and more.
Why monthly subscription is disabled
To prevent abuse. When it was always open, people would get it for a month, illegally download all of the videos, then cancel it. Then when a new course would come out, they would do it again. Limiting access highly discourages this practice.
API; the bouncer/butler
True.
tim there is no database application (CRUD) in the controllers
I'm not sure what this comment means. In this video, we were talking about WebAPI and what the differences were between controllers and minimal APIs. We weren't talking about databases.
In the controllers there is no insert update delete method. A real example should contain httpget,httpput,httpdelete
I mean there is no database connection.
Again, this was about WebAPI, how it worked, the differences between a full API and minimal API, how it was configured, etc. It was not designed as a deep dive into everything it can do. If that is what you are interested in, this course will cover data access and so much more: www.iamtimcorey.com/salespage.html?course=tr-api-01
That course is 18 hours, though. This video is only an hour. I can't cover everything in an hour.
it will not run without docker?
Web API? You can run it without Docker.
@@IAmTimCorey right! was having some errors before, but now it's working thank you
C# God in flesh
I wouldn't go that far.
Minor deity OK?
Im receiving http error 403 forbidden, this error is killing me
Sounds like you have authentication on your action, but you aren't sending the token to say you are authenticated.
I am not going to name drop, but I recently worked at a fortune
The language you choose won’t fix bad coding practices, for sure.
Incredible!
Thanks!
THis but with Entity Framework please.
I don't typically cover Entity Framework. It isn't my strength and it is also not something I recommend for most circumstances.
@@IAmTimCorey what's wrong with Entity Framework?
32:10 this is the way google does it XD
Frustrating, isn't it.
I need calling web apis from asp.core web application video
Here you go: ua-cam.com/video/cwgck1k0YKU/v-deo.html
I was smiling every time you ripped on Microsoft not using best practices, it's like they whipped up the code at on a Friday evening to be honest.
They should have the best practices, naming and folder naming all included not what they done.
It's like creating a Ferrari then painting it with poster paint.
Yeah, it is frustrating. In .NET 7, we are supposed to get Blazor templates without the sample data. I'm not sure about the other project types, though.
Too much unnecessary talk. One hour video can be done in 20 minutes. If it's is for beginners who don't have any idea about controller, swagger, and API may be it is OK. Everybody should start their video by mentioning their audience. I am well aware of all those basic technology but want to know about the new technology, Web API .NET 6. Not coming back again to this poster's video.
My assumption is that when I say "intro", people understand that it is an introduction to the topic. Something for beginners.
I'm a big fan of minimal API's with a repository backer. For example:
app.MapGet("/people", async (IDataRepository rep) => await rep.GetPeopleAsync()).WithName("GetPeople");
Returns a list of PersonDTO as an IResult.
They can be powerful.
Thanks!
Thank you!