C#
- Related Articles
- Integrating Python into C# : A Comprehensive Guide to Embedding Python in C# Applications
- Introduction to .NET Programming
- C# 9.0 - Introduction To Top-Level Statements
- How to use Global Using Directives in C#
- List pattern matching in C#
- Required Members in C#
- Collection Expressions in C#
- Dependency Injection in .Net Core
- Understanding HTTP Codes
- C# 12 Features
- Validation Requests in .Net Core API
- Understanding Dependency Injection in Depth in .Net Core
- Real time use of Func Delegate in C#
- Securing API with IP Block List in C#
- Validating Life time of objecs in .Net core
- Concept of Middleware
- Securing API with DDOS attack
- Generate Report via Converting Data table to HTML in .net core API.
- Understanding Generics in C#
- Learning .Net Core with Docker
- LINQ (Language Integrated Query) in C#
- Tips and Tricks for HTTP Client in .Net core
- Learning IHttpClientFactory in .net core
- Basics Of Generic Classes In C#
- Lambda Expressions in C#
- Extension Method in C#
- What is a Dynamic Type in C#
- Async and Await in C#
- CRUD Operations in Generic List C#
- Essential Things in Generic List C# that every developer must know
- CRUD operations .Net Core API
- C# String Interpolation
- Expression-Bodied Members in C#
- Property initializer in C#
- When should you use a Tuple in C#
- Custom Middleware in .Net Core API
- Pattern Matching in C#
- What is a Nullable Reference Type in C#
- Understanding C# Default Interface Methods
- Record types in C#
- Learning IServiceProvider in .Net Core
- Learn Cancellation Token in .Net Core
- .Net Core 8.0 Pipeline
- Consuming RestAPI from .Net Console Applications
- Endpoint Explorer in Visual Studio 2022
- Export DataTable To CSV In C#
- Regex for Numbers only in C#
- How to get the URL of the current page in C#?
- Read and parse a Json File in C#
- ComboBox: Adding Text and Value to an Item (no Binding Source) in C#
- Using String Format to show decimal up to 2 places or simple integer in c#
- What is the Get and Set syntax in C#
- How to remove time portion of date in C# in DateTime object only?
- Get int value from enum in C#
- How to iterate over a dictionary in C#?
- Writing data into CSV file in C#
- Join and Where with LINQ and Lambda in C#
- Multiline string literal in C#
- How do I make calls to a REST API using C#?
- Setting Authorization Header of HttpClient in C#
- Reading CSV file and storing values into an array in C#
- How do you get the index of the Current Iteration of a Foreach loop in C#
- How do I save a stream to a file in C#?
- How can we Generate Random Alphanumeric strings in C#
- Calling the Base constructor in C#
- How to set the Content-Type header for an HttpClient request in C#
- LINQ query on a DataTable in C#
- What is the Best way to give a C# auto-property an Initial Value
- AddTransient, AddScoped and AddSingleton Services Differences in C#
- How do I Encode and Decode a Base64 string in C#
- How to enumerate an Enum in C#?
- Identify if a string is a number in C#
- Abstract and Sealed Classes in C#
- Advanced Concepts in C#
- Type Checking: typeof, GetType, or is?
- How to Execute a Stored Procedure Within a C# Program
- Creating a Byte Array from a Stream in C#
- How to Reverse a String in C#
- How Do I Turn a C# Object into a JSON String in .NET?
- How to Return Multiple Values to a Method Caller in C#
- How Do I Display a Decimal Value to 2 Decimal Places in C#?
- How to Calculate Difference Between Two Dates (Number of Days) in C#?
- How Do I Cast int to Enum in C#?
- Pass Method as Parameter using C#
- How Do I Generate a Random Integer in C#?
- How to Sort a List<T> by a Property in the Object in C#
- How Do I Make a Textbox That Only Accepts Numbers in C#?
- GroupBy in LINQ in C#
- Converting a String to DateTime in C#
- How can I convert String to Int?
- What is the Difference Between String and string in C#?
- LINQ's Distinct() on a Particular Property in C#
- Arrays and Strings in C#
- Read and Write a Text File in C#
- Converting String to Int in C#
- Mastering C# Parse Int
- C# Convert String to DateTime
- C# Convert String to Int
- Convert a C# String to an Integer
- Parse String as Int in C#
- cast string to integer c#
- C# Pattern Matching
- C# Convert String to Integer
- Cast String to Int in C#
- How can we Convert String to Int in C#
Validation Requests in .NET Core API
Validating API input is crucial for ensuring data integrity, security, and the overall functionality of your application. When designing a RESTful API (or any kind of web service), it's important to validate the inputs before processing them
We will implement 3 ways to validate input requests.
- Custom Middleware for input validation
- Model Validation with Data Annotations
- Validation Requests using Action Attributes
1. Custom Middleware for Validating Input
We will be creating custom middleware to add validation for all input requests and that will be centralize code for all api endpoints.
Below will be flow diagram for .net core api request processing and we added middleware which will work like if Validation fails then middleware will send response back to User.
Steps for implementations
a. Create RequestValidationMiddleware class
b. Inject RequestDelegate object in contructor : this will take care to pass request to next middleware in pipeline.
c. Add logic in InvokeAsync method which will take httpcontext as input request and now we will have all data which input request should have.
d. Register middleware in statup.cs.
public class RequestValidationMiddleware { private readonly RequestDelegate _next; private readonly ILogger<RequestValidationMiddleware> _logger; public RequestValidationMiddleware(RequestDelegate next, ILogger<RequestValidationMiddleware> logger) { _next = next; _logger = logger; } public async Task InvokeAsync(HttpContext httpContext) { // Check if the request is JSON (Content-Type: application/json) if (httpContext.Request.ContentType?.ToLower() == "application/json") { // Read the body content var body = await new StreamReader(httpContext.Request.Body).ReadToEndAsync(); if (string.IsNullOrWhiteSpace(body)) { httpContext.Response.StatusCode = 400; // Bad Request await httpContext.Response.WriteAsync("Request body cannot be empty."); return; } // Here you would usually deserialize the body into a specific object (e.g., User model) // Let's simulate checking for a required field (for example, Name is required) if (!body.Contains("Name")) { httpContext.Response.StatusCode = 400; // Bad Request await httpContext.Response.WriteAsync("Name is required."); return; } } // Proceed to the next middleware or controller if validation passes await _next(httpContext); } }
API end point code
[HttpPost] public IActionResult CreateUser([FromBody] User user) { return Ok($"User {user.Name} created successfully!"); } /// ///Model class public class User { public string Name { get; set; } public string Email { get; set; } }
Execution and verification:
It is required to add Name in parameter but i am only adding email in input so we should get error.
//INPUT { "email": "sanjay@gmail.com" }
When we execute this request middleware will call and below code will execute: we can see we are getting JSON data which we are passing from user input.
As this is invalid input we are getting status 400 in response.
2. Model Validation with Data Annotations
One of the most common and clean ways to validate input in ASP.NET Core is using data annotations. This technique uses attributes to define validation rules on model properties.
Let's have a code below, we are going to create user model and will add some validation attributes.
public class UserModel { [Required] [StringLength(50, MinimumLength = 5)] public string Name { get; set; } [EmailAddress] public string Email { get; set; } [Range(18, 100)] public int Age { get; set; } }
We have defined Range for Age, Emailaddresss and Name and mandatory.
Validation Code at API end point
public class UserController : Controller { [HttpPost] public IActionResult Post(UserModel user) { if (!ModelState.IsValid) { return BadRequest(ModelState); // Returns validation errors to the client } return Ok(); } }
We have used Modelstate which is defined on controller base class and it take care for all validations.
Testing: below is running screen of API and we have added valid input.
Negative scenario Testing.
a. I have removed name from input, now we should get error message as we made it required.
{ "email": "user@example.com", "age": 34 }
Error as expected.
b. Let's make Age as out of range like 150.
{ "name": "devesh", "email": "user@example.com", "age": 150 }
Output
we can see we are getting expected validation messsage when we pass invalid input to API.
3. Validation Requests using Action Attributes
we have one problem in above approach, we have to add code to validate input inside controller action.
so if we have 100 of controllers then we need to add similar code on each endpoint or function which some time difficult to manage.
in this case we will create centralize place from where request get validate.
We are going to create Actionfilter class via below way and will validate all input data inside OnActionExecuting method.
public class ValidateInputActionFilter : ActionFilterAttribute { public ValidateInputActionFilter() { } public override void OnActionExecuting(ActionExecutingContext context) { // Check if the model state is valid if (!context.ModelState.IsValid) { // If the model state is invalid, log the error and return a bad request response context.Result = new BadRequestObjectResult(context.ModelState); return; // Prevents the action method from being called } base.OnActionExecuting(context); } }
Apply Attribute
[ValidateInputActionFilter] [HttpPost] public IActionResult Post(UserModel user) { return Ok(); }
Testing
1. Invalid Email
{ "name": "string", "email": "usera@@@@@@example.com", "age": 100 }
Result. we can see this is working and getting validation message.
Conclusion:
We have learnt 3 approaches but Best approaches will be custom middleware because by using middleware for validation, you can centralize all your validation logic in one place, making it easier to maintain and update.
