Book Image

C# 9 and .NET 5 – Modern Cross-Platform Development - Fifth Edition

By : Mark J. Price
Book Image

C# 9 and .NET 5 – Modern Cross-Platform Development - Fifth Edition

By: Mark J. Price

Overview of this book

In C# 9 and .NET 5 – Modern Cross-Platform Development, Fifth Edition, expert teacher Mark J. Price gives you everything you need to start programming C# applications. This latest edition uses the popular Visual Studio Code editor to work across all major operating systems. It is fully updated and expanded with a new chapter on the Microsoft Blazor framework. The book’s first part teaches the fundamentals of C#, including object-oriented programming and new C# 9 features such as top-level programs, target-typed new object instantiation, and immutable types using the record keyword. Part 2 covers the .NET APIs, for performing tasks like managing and querying data, monitoring and improving performance, and working with the file system, async streams, serialization, and encryption. Part 3 provides examples of cross-platform apps you can build and deploy, such as websites and services using ASP.NET Core or mobile apps using Xamarin.Forms. The best type of application for learning the C# language constructs and many of the .NET libraries is one that does not distract with unnecessary application code. For that reason, the C# and .NET topics covered in Chapters 1 to 13 feature console applications. In Chapters 14 to 20, having mastered the basics of the language and libraries, you will build practical applications using ASP.NET Core, Model-View-Controller (MVC), and Blazor. By the end of the book, you will have acquired the understanding and skills you need to use C# 9 and .NET 5 to create websites, services, and mobile apps.
Table of Contents (23 chapters)
22
Index

Authenticating and authorizing users

Authentication is the process of verifying the identity of a user by validating their credentials against some authority. Credentials include a username and password combination, or a fingerprint or face scan.

Once authenticated, the authority can make claims about the user, for example, what their email address is, and what groups or roles they belong to.

Authorization is the process of verifying membership of groups or roles before allowing access to resources such as application functions and data. Although authorization can be based on individual identity, it is good security practice to authorize based on group or role membership (that can be indicated via claims) even when there is only one user in the role or group. This is because that allows the user's membership to change in the future without reassigning the user's individual access rights.

For example, instead of assigning access rights to launch a nuclear strike...