Tahir Naushad
C# Corner
United Kingdom
Contact Tahir
Discover and connect with journalists and influencers around the world, save time on email research, monitor the news, and more.
| Recent: |
|
| Past: |
|
Past articles by Tahir:
Azure AD B2C With ASP.NET Core 2.0
In this writeup, I’ll demonstrate how to use Azure AD B2C to delegate identity and access management to Azure. One of the key difference is that we will not pre-register users in Azure AD using Azure AD domain name, like previous post, instead consumers of our applications can create users using any domain e.g. gmail.com. → Read More
Azure AD With ASP.NET Core 2.0
In this and the next post I’ll demonstrate how to use Azure AD to delegate identity and access management to Azure, simplifying our application. → Read More
Design Tip - Write Honest Methods
As developers we learn that giving meaningful names to methods produces clean, readable and maintainable code. However, that’s not all we should be concerned about when it comes to method signatures. There are two other aspects of a method signature that must be given consideration when writing code: a) parameters b) return value. → Read More
Design Tip - Avoid Enum Types In Domain Layer
An enum is a special value type that lets you specify a group of named numeric constants. They can help make code more readable, as opposed to using int to represent constants or flags. → Read More
ASP.NET Core 2.0 Identity
In a previous post, I showed how to use cookie authentication middleware to protect your web application. ASP.NET Core also provides a richer set of services, called Identity, to work with user authentication and management scenarios. For instance, in addition to authentication and password hashing, it provides features for registering new users, creating forgot & reset password tokens and their… → Read More
ASP.NET Core Apps In Docker Swarm Deployed To Azure
In the previous post, I deployed a Docker Swarm on VMs setup on my local PC, which is fine for testing. In this post I’ll deploy the same services on a Docker Swarm hosted in Azure using “Docker EE for Azureâ€. Let’s start. → Read More
ASP.NET Core Apps In Docker Swarm
First, we need a few Virtual Machines to make a cluster of machines to run Docker on. I am using Windows 10 and will use Hyper-V for this purpose. If you’re using another OS then skip the first part of the tutorial where I setup VMs. → Read More
Deploying Multiple ASP.NET Core Apps To Docker And Azure
API - has controller with CRUD operations for a movies database. It uses a class library Data, which contains repositories. Database is hosted in Azure and connection string stored in application settings (appsettings.json). → Read More
Publish Nuget Packages In .NET Core
Now that you have a registry and key to upload your packages, let’s create and push a package. I am using here a simple .NET Core class library I wrote to work with CSV files, the source code can be found on GitHub. You can of course use any of your projects. → Read More
Deploying ASP.NET Core 2.0 App To Azure Using Docker
Azure provides a highly scalable, configurable and easy to use Platform-as-a-Service (PaaS) environment for our ASP.NET Core web applications. Azure Web App is one of the simplest ways to host web applications and the new Web App Container makes it really easy to host Docker containers. → Read More
Custom Model Binding In ASP.NET Core 2.0
In an earlier post I discussed how to prevent insecure object references by encrypting the internal references (e.g. table primary keys) using Data Protection API. To avoid duplication of code that encrypts/decrypts on every controller I used filters in that example. In this post I’ll use another complimentary technique: custom model binding. → Read More
Identity Server 4 With ASP.NET Core 2.0
OAuth 2 provides several flows or grant types for various use cases. I personally group them into two categories; flows that require user interaction with authorisation server and flows that don’t’. → Read More
Using CSP Header In ASP.NET Core 2.0
Content Security Policy (CSP) is an additional level of security that could help prevent Cross Site Scripting (XSS) attacks. In these attacks malicious scripts are executed on user’s browser since browser doesn’t know whether the source of the script is trustworthy or not. → Read More
Preventing CSRF Attacks In ASP.NET Core 2.0
OWASP 2013 classifies Cross Site Request Forgery (CSRF) as one of the Top 10 risks and is present if attacker can force the victim's browser to send forged request to your web application and it considers it a legitimate request. → Read More
ASP.NET Core 2.0 Status Code Pages
Exception handling middleware (as discussed here) will catch unhandled exceptions however if you want to display error pages for individual HTTP status codes then framework provides another middleware for this purpose. → Read More
Preventing Insecure Object References In ASP.NET Core 2.0
How to prevent insecure direct object reference in ASP.NET Core. → Read More
Preventing Redirect Attacks In ASP.NET Core 2.0
When your controllers redirect to another location based on user input (e.g. via query string), it is important to ensure that the location is not malicious and prevent open redirect attacks. The simplest way to ensure this is by examining the URL provided by the user. → Read More
Hashing In ASP.NET Core 2.0
The new Data Protection API in .NET Core includes functionality to create hashes using PBKDF2algorithm. ASP.NET Core uses this behind the scenes in PasswordHasher class, which is used in ASP.NET Core Identity. → Read More
Using HTTPS In ASP.NET Core 2.0
Create an empty project and update Startup to add services and middleware for MVC, including the filter for HTTPS. → Read More
CORS In ASP.NET Core 2.0
To allow clients from a different origin to access your ASP.NET Core Web API, you’ll need to allow Cross-Origin Requests (CORS). Here same origin means clients who have identical schemes, hosts and ports. → Read More