This week I’ve spent a ton of time looking into Web API on .NET Core. There are a number of tutorials that make it pretty easy to get up to speed quickly. Since using Web API with .NET Core is so similar to how it was before with ASP.NET 5, there is a very natural learning curve for developers familiar with the technology. There is one area of development I’ve found severely lacking in terms of guidance though: how to Web API for authentication with .NET Identity and IdentityServer4. I am in the process of finding out how to use the platform to authenticate a web React front end and then authenticate the API when calls are made from the app.

With all the time spent working with .NET Core, I didn’t actually finish any courses on Pluralsight this week. I did continue the two .NET core courses I’ve been working through. In addition to those courses, I dug deeper through Building Scalable React Apps. Any mysteries or confusion around containers, components, and React Boilerplate are disappearing.

For reading, I breezed through Derek Sivers’ Anything You Want. It’s a refreshing take on how to get what you want in life. The book is short but is filled with a lot of wisdom. Sivers’ thoughts on ideas vs. execution was my favorite takeaway from the book. There are lots of great stories and insights from Sivers’ time starting and running CD Baby. I definitely recommend the book for anyone who’s heard of Sivers or used CD Baby before.

Finished

Book(s): Anything You Want

Currents

MOOC(s): Sabermetrics 101: Introduction to Baseball Analytics

PluralSight Course(s): Implementing and Securing an API with ASP.NET Core, Building a RESTful API with ASP.NET Core

Book(s): Smalltalk Best Practice Patterns

On the Next…

I’m going to continue digging deeper into how to use a .NET Core Web API to secure a React frontend and the API itself. I’m planning to read through docs and implement any security tutorials I can find. The .NET Core MVC project shows how to implement the basic .NET Identity features (register account, login, logout, etc.). At the very least, I should be able to mimic this functionality using REST based calls.