Thursday, 24 August 2017

Playing further with ASP.Net Core whilst on my hols... VSCode fun and cool new Anti Forgery Validation

I'm on vacation, 10 days in Norfolk with extremely limited connectivity and action packed days with the kids. Whilst here on two nights everyone has fallen asleep before me so I decided it would be a good time to poke around further at ASP.Net Core as I've still not produced any production code with it yet, only small samples.

Now I don't have my laptop on me but I do an old one that's here purely for any work emergencies and for childcare emergencies, (you know the ones, its 6am and the 2 year old is awake, peppa pig at 6am is an emergency!). This means I have literally nothing on me and I can only tether internet via my wife's iPhone 6 which has barely a bar of signal, this rules out a cloud VM running VS. So I turned to VSCode, its sooo lightweight its easy to download, install and run on this laptop. Get the .Net Core 2.0 SDK and the VSCode C# extension and you are literally running within 30 mins.

I won't go to much into the projects setup and stuff as its well documented but I want to highlight a few things I've stumbled upon and thought worth sharing.

Installing Packages

In Visual Studio I would just use the Nuget package manager UI to manage all of my dependencies, I know I could use the package manager console but I've become lazy and use my mouse too much..... But in VSCode this doesn't exist without further extensions.

So how do you install packages?

Turns out its really simple, bring up your terminal window (be this console, powershell, bash etc) and use the .Net Core CLI. You simply type:

dotnet add package [packagename]

where [packagename] is what you want to install. This then uses Nuget to find the package and install appropriately. Very quick and powerful.

Anti-Forgery Validation

If you have done any ASP.Net MVC applications you have discovered and used Anti Forgery Validation. I won't go into the details as many places discuss its benefits and importance. Within ASP.Net Core I've found things have improved further. Previously with Razor you had the @HTML.AntiForgeryToken helper syntax and attributes which you start to litter your views and controllers with.

Within ASP.Net Core things have been tidied up, Red Gate have a great post covering the specifics, but essentially if you use the asp tag helpers to generate a form post url (which you almost always will be when building mvc applications) and add a global anti forgery filter you never have to worry about decorating actions with attributes or using the html helpers within your razor views. You get excellent protection pretty much for free which is ace!

That's it for tonight, I'll blog more as I try out more :)

No comments:

Post a Comment