2. WHOS THIS GUY Malisa Ncube Software Engineer at Infectious
Diseases Institute (Uganda) Blogger
http://geekswithblogs.net/malisancube Follow me on Twitter handle -
@malisancube My email is [email protected] Leader of Uganda .NET
Usergroup #MSOpenDoor Urban Artist High sense of humor
3. AGENDA ASP.NET MVC Best Practices A bit of ASP.NET MVC 4
Preview Well see Conclusion Q&A
4. What is ASP.NET MVC?
5. What is ASP.NET MVC? Model: The model contains the core
information for an application. This includes the data and
validation rules as well as data access and aggregation logic.
View: The view encapsulates the presentation of the application,
and in ASP.NET this is typically the HTML markup. Controller: The
controller contains the control-flow logic. It interacts with the
Model and Views to control the flow of information and execution of
the application
6. What is ASP.NET MVC? (Continued) Opensource Released under
MSL for Pre release components. http://aspnet.codeplex.com Proven:
There are many sites that are using ASP.NET MVC framework and many
resources. Testable: Enables good software development
practices.
7. Practices
8. 1) Isolate your layers properly. Use the ViewModel for
transmitting data to the view. They should be simple POCO
de-normalised objects. Use the Domain Model Entities for
persistence, validation, Behaviours and complex relationships .
Mapping with ViewModel can be done with tools like Automapper.
9. 1) Isolate your layers properly (Continued). Use Controllers
for selecting the view to be shown and not for business logic. Use
the view for displaying Html which will be rendered by the browser.
Not for business logic. Use Services/Repositories for manipulating
business objects. Lets see come code
10. 2) Use the PRG (PostRedirectGet) pattern Prevent reposts to
the form Issues an HTTP302 with temporary redirect Watch out for
Json redirects. Check the type of requests. Use proper verbs
[HttpPost], [HttpGet] on you controllers
11. 3) Secure site from forgery Confused deputy problem (A
confused deputy is a computer program that is innocently fooled by
some other party into misusing its authority) Prevent (cross site
request Forgery)CSRF/XSRF Prevent (cross site request
Forgery)CSRF/XSRF With Ajax Use Anti-forgery helpers for form posts
@Html.AntiForgeryToken and ValidateAntiForgeryTokenAttribute which
peeks into Request.Form collection for antiforgery token
12. 4) Make you application testable, maintainable and
extensible Use IoC to make your application testable Have actual
tests for different segments of your application. You can scaffold
the application using NuGet packages like MvcScaffold and include
the repository and unit tests. Lets see come code
13. 5) Write clean code Use Action Filters for crosscutting
concerns. - They help clean up your code by giving you a
declarative approach to programming, similar to Aspect Oriented
programming. More specifically Postsharp. - Handling errors,
Authorisation, Tracing. Lets see come code
14. 6) Use strongly typed views You may decide to inherit
behaviour of all views from a certain base class. Avoid the ViewBag
Lets see come code
15. 7) JSON endpoints All JSON endpoints require [HttpPost] to
prevent JSON hijacking http://haacked.com/archive/2009/06/25/json-
hijacking.aspx - With [HttpPost], returning arrays is allowed.
16. 8) Performance Tips Test the application performance.
(Fiddler, YSlow) Optimise /compress your images Minify your scripts
and CSS Lets see come code
17. 9) Productivity Tips Use "Nuget" packages that help with
productivity. ELMAH MvcScafolding Create you own nuget packages
Lets see come code
18. Tips
19. 1) ASP.NET is still has the power of ASP.NET You can extend
using HttpModules, HttpHandlers You can use HttpCaching Lets see
come code
20. 2) Think about globalization from the beginning Make you
application support globalisation if its going to be on the
internet. Dont forget to make accessibility
http://plugins.jquery.com/project/KeyTips
21. ASP.NET 4.0 Preview
22. ASP.NET 4.0 Preview PageInspector Nuget (Enabling MSBuild
and Continuous Integration environments) Mobile phone support
improvements HTML5 support Easier deployment + minification
(Including cloud deployment) Asynchronous / Await Tooling (Page
Inspector) Web Sockets
23. New Features in ASP.NET MVC 4 Developer Preview
24. New Features in ASP.NET MVC 4 Developer Preview