ASP.NET Core 2.0 Cookie Authentication – Local logins

ASP.NET Core 2.0 makes it very easy and straightforward to setup a cookie authentication mechanism in your application. Framework provides numerous ways to achieve that, with or without ASP.NET Core Identity membership system.

This post is part of a series on ASP.NET Core 2.0 Authentication and I am about to talk Cookie Authentication without ASP.NET Core Identity. I will show how to setup, login and logout using local logins, a custom implementation of a membership system. In the coming examples I will show how to simply secure your ASP.NET Core 2.0 MVC application using cookies and in-memory stored users, though they could be stored anywhere, database, flat files, etc.
In coming blog posts I am going to show a more appropriate way to do the local login authentication, using a database, signing-up users, transforming their claims, etc., but first let’s see something quick and simple.
Continue reading

Unit testing and code coverage for ASP.NET Web API (2/2)

This post continues from earlier article on Unit testing and code coverage for ASP.NET Web API (1/2).
Much about the topic is inspired from the truly magnificent book “The Clean Coder: A Code of Conduct for Professional Programmers” of Robert C. Martin Series, which of course, I definitely recommend.

Specifying the low level architecture

Professional software developers always test their code. It is part of our daily job, we should be proud and flexible on writing tests. It is a proof that our code actually follows our intent, at least on system’s low level. There are many more tests to be followed, composing a testing strategy, but this post is going to focus solely on one aspect of such strategy, the unit tests.
Continue reading

Unit testing and code coverage for ASP.NET Web API (1/2)

This is the second post in the series on Web API. Topic is TDD and code coverage, so I am going to demonstrate how to unit test your core code, as well as the API code and in the end, how to measure the code coverage you achieved on testing your code base. First, I am going through the changes needed to take place in  the application architecture and then I will go to tests, so this article is divided into two parts.
Continue reading

Using OWIN to self-host Web API and secure endpoints

In this post we are going to talk a little bit about OWIN. What is it, how can we use it with ASP.NET Web API to expose API endpoints, as well as how to secure those endpoints.

The application uses OWIN to self-host the Web API as well as ASP.NET Identity as underlying membership mechanism. Users can fetch public data from /api/people endpoint, as well as secured private data from /api/user endpoint. The latter one is to demonstrate security in Web API.
Continue reading

Mocking a class dependency which casts into a derived type using Moq

Let’s say we have the following, one class named Implementor which has an IParentInterface dependency.

In method DoWork of the class, we call the interface’s method, but we also call another method, which comes by casting the dependency to a derived interface.
All, good, we go ahead and create a unit test project, adding the Moq package as well, in order to mock dependencies.
Continue reading