What you will learn in this course
Essential ASP.NET MVC 4 is an examination of Microsoft's latest web development framework. MVC focuses on enabling the developer to build testable, maintainable, standards compliant browser based applications. MVC also includes features for security, state management, caching, validation as well as Ajax. You will learn about all of these aspects of MVC and see how to use them in your web applications.
You'll get answers to these questions:
- What is ASP.NET MVC and how is it different than ASP.NET WebForms?
- What are controllers, how do they get invoked and how do they accept input?
- How do I write views using Razor to render HTML dynamically?
- How does model binding really work?
- How can I build validation into my application?
- How can I use jQuery and Ajax with MVC?
- How can I secure my MVC application?
- What are the new features in MVC 4?
Come and learn to build great websites using MVC!
Course outline and topics
This module provides an introduction to the ASP.NET MVC framework. We will provide an overview of the MVC architecture including how a controller processes requests, communicates with the model layer and chooses a view to generate a response. Part of this overview will include looking at URL routing, model binding and the Razor view engine.
URLs and Routing
URL Routing is the part of the framework responsible for examining incoming requests and locating the code responsible for processing those requests. In this module we will examine how to configure the URLs that will be handled by your application and how those URLs can be customized.
Controllers and actions are the centerpiece of an MVC application. In this module we will examine the look at how the controller framework locates and invokes action methods. We will then explore the various action results which are used to generate a response.
Razor View Engine
Razor is the new default view engine introduced in MVC3. It is designed to provide a streamlined syntax for creating dynamic views. This module covers the Razor syntax and the underlying compilation model. We will also see Razor's support for reusable templates with partial views and layout templates.
While a goal of MVC is to allow developers a high degree of control over their markup, it is still desirable to provide conveniences for rendering common markup. This is why MVC includes Html Helpers. These are APIs to encapsulate rendering common markup such an input fields, hyperlinks, forms and URLs. We will then see how to create your own custom Html helpers.
Model binding is an important part of the MVC framework to ease input processing for controllers. We will see how data is mapped from the request to parameters of action methods and how complex objects can also be model bound.
In this module we examine how MVC provides a complete framework for server-side validation. We'll see how it uses validation helpers, ModelState, data annotations and the IValidatableObject interface.
In this module we explore action filters and result filters as a technique to provide reusable functionality across controllers and action methods for such things as security, logging and error handling. We will see how to use controller filters and develop custom controller filters.
Errors are bound to happen. In this module we'll show how to capture error information for logging and how to display user-friendly error pages. To achieve this we will utilize exception filters, application-wide error handler (from global.asax) and the custom errors plumbing from ASP.NET.
Authentication and Authorization
Security is crucial for online applications. This module on security discusses the basics of authentication and authorization in MVC. We will discuss Windows and Forums authentication, how roles are assigned to the user and how to prevent access to controllers using authorization filters.
Threats and Mitigation
This module on security describes many of the common attacks against websites including SQL injection, cross site scripting attacks and cross site request forgery attacks. We will see how MVC provides support to thwart or mitigate these and other types of attacks.
Caching is an approach to improving application performance. In this module we look at the data cache as a means to store data to avoid making expensive network round trips to a data store. We will also look at page output caching which allows for caching rendered HTML by setting the cache control headers on the HTTP response.
While HTTP may be a stateless protocol, web applications are not. There are various state management mechanisms in MVC that we will cover including Cookies, Session and TempData.
This module examines areas which is a feature in MVC to organize and segregate the development of discrete features of an application. This is ideal for different groups working on different features on a single web application. We also look into customizing the built-in view engines from MVC so that we can organize our code and files within our projects.
This module covers all the new features in MVC 4 that aren't covered elsewhere in the course. This includes bundling/minification support for improving performance of script and CSS, the new Assets API for allowing dynamic inclusion of scripts and CSS, display modes for mobile device support, OAuth/OpenID support for user authentication from social networking websites, and the updated Task-based asynchronous controller support for improved server performance.
This module provides an introduction to WebAPI which is the new framework for building HTTP-based RESTful services. We will cover the motivation for HTTP oriented services as an alternative to SOAP-based services. We'll examine the major tenets including the importance of URIs, HTTP methods and status codes, content negotiation and hypermedia. We'll conclude with the new client-side programming model for HTTP services with the HttpClient API.
Appendix: Asynchronous Controllers
Scalability is an ever important deign goal. MVC assists the developer designing for throughput in an application with asynchronous controllers.
Appendix: Custom Model Binding
Model binding can be customized. This allows for developers to customize what data will be used for model binding and control how the format of that data is converted to an object model.
Appendix: Custom Validation Providers
Appendix: Dependency Injection
In this module we discuss designing for testability by decoupling layers of your application using dependency injection. We will use Microsoft's Inversion of control container (called Unity) to manage and create dependent objects in our application. We'll also look at MVC3's native support for dependency injection and how to utilize it.
Appendix: Extending jQuery
jQuery is designed for extensibility. In this module we will see how a custom plug-in can be developed for jQuery.
Appendix: IIS 7
In order to understand MVC it's important to understand the web server in which you will be hosting your application. This module covers the architecture of Internet Information Server 7 (IIS 7) which is Microsoft's latest version of its web server product.
Appendix: URL Routing
URL Routing allows application developers fine grained control over URLs and how they are processed by application code. In this lecture we will discuss defining routes and route handlers at the IIS level and examine how requests are dispatched.
Localization is the process of translating an application for different languages and cultures. In this lecture, we will discuss how to use the localization features of the .NET framework to localize our MVC applications.
Appendix: Mocking & Testing MVC
Unit testing is one of the main motivators for MVC. This module discusses strategies for unit testing your code. We will see using a mocking framework to implement fakes for testing as well as developing helper libraries for common tasks while unit testing.
Appendix: Template Helpers
Template helpers are a feature that provides an abstraction layer for rendering data. It allows rendering based upon data type or other metadata. We'll see how to control this rendering and how to customize it.
Appendix: Unit Testing with Visual Studio
Unit testing is one of the main motivators for MVC. In this module we will see the basics of writing unit tests using Microsoft's unit testing framework.
In this module we'll use Microsoft's Inversion of control container (called Unity) to manage and create dependent objects in our application (via dependency injection).
Appendix: WebForms View Engine
MVC allows for componentization and reuse of rendering logic with partial views and master pages. Both of these features leverage features from traditional ASP.NET WebForms (user controls and master pages), but the context is entirely different. We'll see how they are properly utilized in MVC.
Appendix: Windows Identity Foundation
Microsoft has released a new framework called WIF (Windows Identity Foundation) for identity management. It supports an enhanced authorization model that uses claims and the ability to federate authentication for single sign on scenarios.