Web API

 Pipeline in MVC

https://www.c-sharpcorner.com/article/mvc-architecture-its-pipeline4/

We can say that pipeline of MVC contains the following processes,

• Routing
• Controller Initialization
• Action Execution
• Result Execution
• View Initialization and Rendering

• Routing is the first step in ASP.NET MVC pipeline.
• After finding the route successfully, ProcessRequest() method is invoked

While the ProcessRequest() method is invoked, it uses the IControllerFactory instance to create the controller for the URL request

After initialization of controller it has the information about the action method, this detail of action method is passed to controller’s InvokeAction() method

View Engine takes ViewResult type and renders it as a View and shows it by using IView

MVC

 Model?

It is basically a business entity which is used to represent the application data.

it's the presentation layer of ASP.Net MVC.

Controller

The Controller is responsible for taking the end user request and loading the appropriate Model and View.

Web API Security

There are two technique for security in Web API. one is basic authentication and second is token based authorization. We can also maintain session using token based atuhorization.

1. Serialization:

Person person = new Person { Name = "John", Age = 30, City = "New York" }; string serializedData = JsonSerializer.Serialize(person);

The JsonSerializer.Serialize() method is used to serialize the person object into a JSON string.

2. Deserialization:
3. string jsonString = "{\"Name\":\"John\",\"Age\":30,\"City\":\"New York\"}";Person deserializedPerson = JsonSerializer.Deserialize<Person>(jsonString);
4. In the deserialization example, we have a JSON string jsonString representing the serialized data. The JsonSerializer.Deserialize<T>() method is used to deserialize the JSON string back into a Person object.

The System.Text.Json namespace provides the JsonSerializer class, which offers serialization and deserialization capabilities using JSON format. It's available in .NET Core and .NET 5.0 and later versions.

Session, Cookie, JWT, Token, SSO, and OAuth 2.0 Explained in One Diagram

When you login to a website, your identity needs to be managed. Here is how different solutions work:

- Session - The server stores your identity and gives the browser a session ID cookie. This allows the server to track login state. But cookies don't work well across devices.

- Token - Your identity is encoded into a token sent to the browser. The browser sends this token on future requests for authentication. No server session storage is required. But tokens need encryption/decryption.

- JWT - JSON Web Tokens standardize identity tokens using digital signatures for trust. The signature is contained in the token so no server session is needed.

- SSO - Single Sign On uses a central authentication service. This allows a single login to work across multiple sites.

- OAuth2 - Allows limited access to your data on one site by another site, without giving away passwords.

- QR Code - Encodes a random token into a QR code for mobile login. Scanning the code logs you in without typing a password.

Over to you: QR code logins are gaining popularity. Do you know how it works?