asp.net mvc training session
DESCRIPTION
During 4 days, I presented a training session for the .Net team in Business & Decision Tunisia about Asp.net MVC. In this training we talked about: MVC as a design pattern the history and the utility Microsoft’s approach in Asp.net MVC What's new in MVC 4 Data Access in Asp.net MVC How to secure an Asp.net application Dependency Injection in Asp.net MVCTRANSCRIPT
Introduction To Asp.net MVC
HRICHI MohamedConfirmed Consultant
What Is MVC ?
• A design Pattern (Methodology)
• Invented by Smalltalk programmer (Trygve
Reenskaug 1979).
• Separation of Concerns / Single
Responsibility Principle
• More easily testable
What Is MVC ?
MModel
VView
CController
• Representation of domain data• Business Logic• Persistence mechanisms
• User Interface• The representation of Model
• An intermediary between Model and View• Application’s Brain (Handle user requests,
bind Data, return views)
Model View Controller Pattern
Ok
CController
MModel
VView
CreateInvoice (fact)
Create invoice (data)fact = new Invoice ()
LatestInvoices ()
return view ("Last-Invoices", ListFact[])
ListFact[]
HTML
Asp.net MVC
• Part of ASP.NET
• Not an upgrade or replacement for Web
Forms
ASP.NET
Webforms MVC Webpages
Asp.net MVC vs WebForms
• No server controls
• No ViewState
• No Code Behind
• Full control over html
• Unit Testing
Asp.net MVC
• Separation of application tasks (No code
Behind)
• Flexibility and Extensibility
• Friendly URLs (Routing)
• Scalability and Performance
• Supports existing ASP.NET features
(Authentication, Membership, roles, output
caching,…)
• Natural integration with Ajax
Asp.net MVC First App & Project Template Architecture
Views In Asp.net MVC
• View Engines
o Aspx
o Razor
• Layout
• Partial View
• Section
• HtmlHelper, AjaxHelper
HtmlHelpers
• ActionLink
@Html.ActionLink(“Modifier", “Edit“, new {Id=3})
<a href="/Product/Edit/6">Modifier</a>
• Form Elements (Form, TextBox, Hidden,….)
@Html.TextBox(“Nom")
<input id=" Nom " type="text" value="" name="
Nom ">
HtmlHelpers
• DropDownList
var db = new NorthwindDataContext();
IEnumerable<SelectListItem> items = db.Categories
.Select(c => new SelectListItem { Value = c.CategoryID.ToString(), Text =
c.CategoryName });
ViewBag.Categories = items;
@Html.DropDownList("CategoryID",
(IEnumerable<SelectListItem>)
ViewBag.Categories)
AjaxHelpers
• Ajax ActionLink @Ajax.ActionLink("Get Time", "GetTime", new AjaxOptions () {
UpdateTargetId="divTorefresh", HttpMethod="GET"
})
<a href="/Home/GetTime" data-ajax-update="#divTorefresh" data-ajax-mode="after" data-ajax-method="GET" data-ajax="true">Get Time</a>
View In Asp.net MVC
Controller In Asp.net MVC
• Action Results
• Filters
• Caching
Controller Action Results
• ViewResult
• PartialViewResult
• JsonResult
• JavaScriptResult
• ContentResult
• FileResult
• RedirectResult
Filters In Asp.net MVC
• Authorization filters
• Action filters
• Result filters
• Exception filters
Caching In MVC
[OutputCache(Duration=3600)]Public ActionResult GetListCountries(){
// Logic to get countries list}
[OutputCache(Duration=3600, VaryByParam = "countryId")]Public ActionResult GetListRegions(int countryId){
// Logic to get regions list}
Controller In Asp.net MVC
Model In Asp.net MVC
• Annotation
• Validation(Client Side & Server Side)
Annotation In MVC
• Required
• DisplayName
• Range
• DataType
• StringLength
Annotation & Validation
Nuget
• Open source package manager for the .NET
Framework
• Provide the ability to produce and consume
packages
Nuget
Asp.net MVC 4 new Features
• Bundling & Minification
• Web Api
• Template Mobile
• Asynchronous
• RealTime avec SignalR
Bundling and Minification
Improve JavaScript and CSS files loading
• Minimize the Number of requests (Bundle in one File)
• Reduce the size of files (remove spaces, enters and comments)
Fully customizable and extensible
Without Bundling and Minification
With Bundling and Minification
MVC4 New Features
Asp.net MVC and Data Access
• Entity Framework
• Database First
• Model First
• Code First
Entity Framework
• Object-relational mapping (ORM)
Framework
• Gives an automated mechanism for Data
Access
• Manipulate Data as Object
• Reduce hard coded Query
• Have inheritance relationships between
entities
• Performing basic CRUD(Create, Read, Update,
Delete)
Asp.net MVC and Data Access
DataBase First Approach
• Existing DataBase
• Generate .Edmx From DataBase
• Use ObjectContext & DBContext
• Use T4 template (POCO)
Model First Approach
• Empty Edmx Model
• Design th DB Schema
• Generate DataBase From Model
Code First Approach
• Create Domain Models (Class)
• Generate DataBase From Domain Models
• Full Control Over Code
• No Autogenerated code
Entity Framework
ASP.NET MVC Security
• User Authentification
• Authorization
• Cross-site request forgery
• Cross-site Scripting
Authentification Mode
• Forms Authentification
• Cookies
• Windows Authentification
• Windows Session
• Via IIS
• OAuth
• Facebook, google, Hotmail, twitter, etc.
Authorization In Asp.net MVC
• Role-based Authorization
• [Authorize(Roles = "Admin, Super User")]
• [Authorize(Users = "Betty, Johnny")]
Cross-Site Request Forgery (CSRF)
• Malicious attack (Cross Domain)
• Using Forms
• Session hijacking
Cross-site Scripting
• Malicious attack Using Script Injection
• Inject Code Inside Pages
Security
Dependency injection
• Design pattern
• Removal of hard-coded dependencies
• Giving an object its instance variables
(Dynamically)
Dependency injection
Thank you for your attention
Questions