Asp.net MVC training session
44
Introduction To Asp.net MVC HRICHI Mohamed Confirmed Consultant
-
Upload
hrichi-mohamed -
Category
Technology
-
view
4.343 -
download
1
description
During 4 days, I presented a training session for the .Net team in Business & Decision Tunisia about Asp.net MVC. In this training we talked about: MVC as a design pattern the history and the utility Microsoft’s approach in Asp.net MVC What's new in MVC 4 Data Access in Asp.net MVC How to secure an Asp.net application Dependency Injection in Asp.net MVC
Transcript of Asp.net MVC training session
Introduction To Asp.net MVC
HRICHI MohamedConfirmed Consultant
What Is MVC ?
• A design Pattern (Methodology)
• Invented by Smalltalk programmer (Trygve
Reenskaug 1979).
• Separation of Concerns / Single
Responsibility Principle
• More easily testable
What Is MVC ?
MModel
VView
CController
• Representation of domain data• Business Logic• Persistence mechanisms
• User Interface• The representation of Model
• An intermediary between Model and View• Application’s Brain (Handle user requests,
bind Data, return views)
Model View Controller Pattern
Ok
CController
MModel
VView
CreateInvoice (fact)
Create invoice (data)fact = new Invoice ()
LatestInvoices ()
return view ("Last-Invoices", ListFact[])
ListFact[]
HTML
Asp.net MVC
• Part of ASP.NET
• Not an upgrade or replacement for Web
Forms
ASP.NET
Webforms MVC Webpages
Asp.net MVC vs WebForms
• No server controls
• No ViewState
• No Code Behind
• Full control over html
• Unit Testing
Asp.net MVC
• Separation of application tasks (No code
Behind)
• Flexibility and Extensibility
• Friendly URLs (Routing)
• Scalability and Performance
• Supports existing ASP.NET features
(Authentication, Membership, roles, output
caching,…)
• Natural integration with Ajax
Asp.net MVC First App & Project Template Architecture
Views In Asp.net MVC
• View Engines
o Aspx
o Razor
• Layout
• Partial View
• Section
• HtmlHelper, AjaxHelper
HtmlHelpers
• ActionLink
@Html.ActionLink(“Modifier", “Edit“, new {Id=3})
<a href="/Product/Edit/6">Modifier</a>
• Form Elements (Form, TextBox, Hidden,….)
@Html.TextBox(“Nom")
<input id=" Nom " type="text" value="" name="
Nom ">
HtmlHelpers
• DropDownList
var db = new NorthwindDataContext();
IEnumerable<SelectListItem> items = db.Categories
.Select(c => new SelectListItem { Value = c.CategoryID.ToString(), Text =
c.CategoryName });
ViewBag.Categories = items;
@Html.DropDownList("CategoryID",
(IEnumerable<SelectListItem>)
ViewBag.Categories)
AjaxHelpers
• Ajax ActionLink @Ajax.ActionLink("Get Time", "GetTime", new AjaxOptions () {
UpdateTargetId="divTorefresh", HttpMethod="GET"
})
<a href="/Home/GetTime" data-ajax-update="#divTorefresh" data-ajax-mode="after" data-ajax-method="GET" data-ajax="true">Get Time</a>
View In Asp.net MVC
Controller In Asp.net MVC
• Action Results
• Filters
• Caching
Controller Action Results
• ViewResult
• PartialViewResult
• JsonResult
• JavaScriptResult
• ContentResult
• FileResult
• RedirectResult
Filters In Asp.net MVC
• Authorization filters
• Action filters
• Result filters
• Exception filters
Caching In MVC
[OutputCache(Duration=3600)]Public ActionResult GetListCountries(){
// Logic to get countries list}
[OutputCache(Duration=3600, VaryByParam = "countryId")]Public ActionResult GetListRegions(int countryId){
// Logic to get regions list}
Controller In Asp.net MVC
Model In Asp.net MVC
• Annotation
• Validation(Client Side & Server Side)
Annotation In MVC
• Required
• DisplayName
• Range
• DataType
• StringLength
Annotation & Validation
Nuget
• Open source package manager for the .NET
Framework
• Provide the ability to produce and consume
packages
Nuget
Asp.net MVC 4 new Features
• Bundling & Minification
• Web Api
• Template Mobile
• Asynchronous
• RealTime avec SignalR
Bundling and Minification
Improve JavaScript and CSS files loading
• Minimize the Number of requests (Bundle in one File)
• Reduce the size of files (remove spaces, enters and comments)
Fully customizable and extensible
Without Bundling and Minification
With Bundling and Minification
MVC4 New Features
Asp.net MVC and Data Access
• Entity Framework
• Database First
• Model First
• Code First
Entity Framework
• Object-relational mapping (ORM)
Framework
• Gives an automated mechanism for Data
Access
• Manipulate Data as Object
• Reduce hard coded Query
• Have inheritance relationships between
entities
• Performing basic CRUD(Create, Read, Update,
Delete)
Asp.net MVC and Data Access
DataBase First Approach
• Existing DataBase
• Generate .Edmx From DataBase
• Use ObjectContext & DBContext
• Use T4 template (POCO)
Model First Approach
• Empty Edmx Model
• Design th DB Schema
• Generate DataBase From Model
Code First Approach
• Create Domain Models (Class)
• Generate DataBase From Domain Models
• Full Control Over Code
• No Autogenerated code
Entity Framework
ASP.NET MVC Security
• User Authentification
• Authorization
• Cross-site request forgery
• Cross-site Scripting
Authentification Mode
• Forms Authentification
• Cookies
• Windows Authentification
• Windows Session
• Via IIS
• OAuth
• Facebook, google, Hotmail, twitter, etc.
Authorization In Asp.net MVC
• Role-based Authorization
• [Authorize(Roles = "Admin, Super User")]
• [Authorize(Users = "Betty, Johnny")]
Cross-Site Request Forgery (CSRF)
• Malicious attack (Cross Domain)
• Using Forms
• Session hijacking
Cross-site Scripting
• Malicious attack Using Script Injection
• Inject Code Inside Pages
Security
Dependency injection
• Design pattern
• Removal of hard-coded dependencies
• Giving an object its instance variables
(Dynamically)
Dependency injection
Thank you for your attention
Questions
