Monday, 19 January 2026

How to Begin Using Minimal APIs in.NET Core?

By Friedrich , , Leave a Comment

Microsoft introduced Minimal APIs, a streamlined approach to creating HTTP APIs with fewer boilerplate and a greater emphasis on functionality, with the release of.NET 6. Microservices, lightweight APIs, and quick prototyping are all best served by minimal APIs.


Minimal APIs: What Are They?
Developers can design RESTful services without controllers, starting classes, or complicated configurations thanks to minimal APIs. The Program.cs file contains definitions for everything.

They are:

  • Lightweight

  • Fast to develop

  • Easy to read

  • Perfect for small to medium APIs

Why Minimal APIs?

Traditional Web APIs require:

  • Controllers

  • Attributes

  • Dependency injection setup

  • Multiple files

Minimal APIs reduce this complexity by enabling you to define endpoints directly using lambda expressions.

Benefits:

  • Less boilerplate code

  • Improved performance

  • Easy learning curve

  • Clean and concise syntax

Creating a Minimal API in .NET Core

Step 1: Create a New Project

Use the following command:

dotnet new web -n MinimalApiDemo
Plain text

Open the project in Visual Studio or VS Code.

Step 2: Program.cs Example

Here is a simple Minimal API example:

var builder = WebApplication.CreateBuilder(args);
var app = builder.Build();

app.MapGet("/", () => "Welcome to Minimal API!");

app.MapGet("/hello/{name}", (string name) =>
{
    return $"Hello, {name}!";
});

app.Run();
Plain text

Step 3: Run the Application

Run the project and navigate to:

  • https://localhost:5001/

  • https://localhost:5001/hello/John

HTTP Methods in Minimal APIs

app.MapGet("/users", () => "Get all users");

app.MapPost("/users", (User user) => $"User {user.Name} created");

app.MapPut("/users/{id}", (int id, User user) =>
    $"User {id} updated");

app.MapDelete("/users/{id}", (int id) =>
    $"User {id} deleted");
Plain text

Model Binding Example

public record User(int Id, string Name, string Email);
Plain text

Minimal APIs automatically bind request data to models.

Dependency Injection in Minimal APIs

builder.Services.AddScoped<IUserService, UserService>();

app.MapGet("/service", (IUserService service) =>
{
    return service.GetMessage();
});
Plain text

When Should You Use Minimal APIs?

  • Microservices

  • Lightweight REST APIs

  • Prototypes & PoCs

  • Serverless applications

Not ideal for very large, complex enterprise applications

Minimal APIs vs Controller-Based APIs

FeatureMinimal APIsController APIs
BoilerplateVery LowHigh
Learning CurveEasyModerate
PerformanceHighGood
StructureFlatLayered

Conclusion

A contemporary, tidy, and effective method of creating APIs in.NET is using minimal APIs. They preserve power and flexibility while lowering complexity. Minimal APIs are a great option if your application doesn't need complex architecture.

Read More...

Tuesday, 13 January 2026

Learning FastEndpoints in ASP.NET

By Friedrich , , , Leave a Comment

In the evolution of ASP.NET Core, we have moved from the rigid structure of MVC (Model-View-Controller) to the streamlined simplicity of Minimal APIs. However, as applications grow, Minimal APIs can become disorganized, and Controllers often suffer from “bloat”—violating the Single Responsibility Principle.

 

Enter FastEndpoints.

This library is not just another framework; it is a philosophy shift. It wraps the performance of Minimal APIs in a structured, maintainable pattern known as REPR (Request-Endpoint-Response). In this post, we will dive deep into what FastEndpoints is, why it matters, and how to implement it in your .NET projects.

The Problem with Controllers 

Traditionally, .NET developers group logic by resource. A UserController, for example, might handle Get, Create, Update, and Delete operations.

While this looks organized initially, it leads to several issues:

  • Constructor Bloat: A controller injecting dependencies for all its methods means every request instantiates services it might not need.

  • Hidden Coupling: Shared private methods inside a controller create tight coupling between unrelated endpoints (e.g., “Get User” logic bleeding into “Update User”).

  • Violation of SRP: A controller handles many responsibilities, rather than just one.

The Solution: The REPR Pattern 

FastEndpoints implements the REPR pattern, which stands for Request-Endpoint-Response.

Instead of grouping by resource (a Controller), you group by feature (an Endpoint). Each endpoint is a distinct class dedicated to a single purpose (e.g., CreateUserEndpoint, GetUserEndpoint).

The Components

  1. Request: A DTO (Data Transfer Object) defining what the client sends.

  2. Endpoint: A class containing the logic for only that specific request.

  3. Response: A DTO defining what the server returns.

Getting Started with FastEndpoints 

Let’s look at how to implement a simple “Create User” feature using FastEndpoints in .NET 8.

  1. Installation

First, install the necessary package via the NuGet Package Manager or CLI:

dotnet add package FastEndpoints

  1. Configuration

In your Program.cs, register and enable FastEndpoints. It sits on top of the existing ASP.NET Core pipeline, so it integrates seamlessly.

using FastEndpoints;

var builder = WebApplication.CreateBuilder(args);
builder.Services.AddFastEndpoints(); // Register services
var app = builder.Build();
app.UseFastEndpoints(); // Register middleware
app.Run();

  1. Defining the Endpoint

Here is where the magic happens. Instead of a method inside a controller, we define a class.

The DTOs:

public class CreateUserRequest
{
    public string FirstName { get; set; } = default!;
    public string LastName { get; set; } = default!;
    public string Email { get; set; } = default!;
}
public class CreateUserResponse
{
    public string FullName { get; set; } = default!;
    public string Message { get; set; } = default!;
}

 The Endpoint:

using FastEndpoints;
public class CreateUserEndpoint : Endpoint<CreateUserRequest, CreateUserResponse>
{
    public override void Configure()
    {
        Post("/api/users/create");
        AllowAnonymous();
    }
    public override async Task HandleAsync(CreateUserRequest req, CancellationToken ct)
    {
        // Simulate database logic
        var fullName = $"{req.FirstName} {req.LastName}";
        // Send the response
        await SendAsync(new CreateUserResponse
        {
            FullName = fullName,
            Message = "User created successfully!"
        }, cancellation: ct);
    }
}

Breakdown of the Code

  • Inheritance: The class inherits from Endpoint<TRequest, TResponse>, providing strict typing immediately.

  • Configure(): This replaces route attributes ([HttpPost], [Route]). You define the configuration imperatively, which is often cleaner and more discoverable.

  • HandleAsync(): This contains your business logic. It takes the strongly-typed Request object and a CancellationToken automatically.

Key Features & Benefits

1. Built-in Validation

FastEndpoints integrates heavily with FluentValidation. You don’t need to manually check ModelState.IsValid. You simply define a validator, and the library handles the 400 Bad Request response automatically if validation fails.

public class CreateUserValidator : Validator<CreateUserRequest>
{
    public CreateUserValidator()
    {
        RuleFor(x => x.Email).NotEmpty().EmailAddress();
        RuleFor(x => x.FirstName).NotEmpty().MinimumLength(3);
    }
}
2. Vertical Slice Architecture

By forcing you to create a file per endpoint, FastEndpoints naturally pushes your project toward Vertical Slice Architecture. All files related to a feature (the Endpoint, the Request/Response DTOs, the Validator, and the Mapper) can live in a single folder. This makes navigating code significantly easier than jumping between Controllers/, Models/, and Services/ folders.

3. Performance

Because FastEndpoints is a wrapper around ASP.NET Core’s Minimal APIs, it is extremely performant—significantly faster than traditional MVC Controllers and effectively on par with raw Minimal APIs. It builds the expression trees for mapping and validation at startup, ensuring runtime speed is maximized.

Conclusion

FastEndpoints offers the “sweet spot” for modern .NET API development. It provides the structure that Minimal APIs lack and removes the bloat that Controllers impose. If you are looking to build maintainable, high-performance, and type-safe APIs, adopting the REPR pattern with FastEndpoints is a powerful choice.

Happy Coding !!!

ASP.NET Core 10.0 Hosting Recommendation

One of the most important things when choosing a good ASP.NET Core 10.0 hosting is the feature and reliability. HostForLIFE is the leading provider of Windows hosting and affordable ASP.NET Core, their servers are optimized for PHP web applications. The performance and the uptime of the hosting service are excellent and the features of the web hosting plan are even greater than what many hosting providers ask you to pay for. 

At HostForLIFE.eu, customers can also experience fast ASP.NET Core hosting. The company invested a lot of money to ensure the best and fastest performance of the datacenters, servers, network and other facilities. Its datacenters are equipped with the top equipments like cooling system, fire detection, high speed Internet connection, and so on. That is why HostForLIFE.eu guarantees 99.9% uptime for ASP.NET Core. And the engineers do regular maintenance and monitoring works to assure its Orchard hosting are security and always up.

 
Read More...

Thursday, 8 January 2026

Right now, Which Version of .NET Should I use?

By Friedrich , , , Leave a Comment

If you are starting a new application today, use .NET 10. It is the current Long Term Support release and will be supported until November 2028. That alone makes it the safest default.

If you are maintaining an existing production system, your safest choices right now are .NET 10 or .NET 8. Both are supported, but .NET 8 has a much shorter runway left. If you are considering .NET 9, do it intentionally. It is a Short Term Support release and only makes sense if your team is comfortable upgrading again soon.

Supported .NET versions right now
.NET VersionSupport TypeEnd of Support
.NET 10LTSNovember 2028
.NET 9STSNovember 2026
.NET 8LTSNovember 2026

This table explains almost every decision you need to make.

LTS vs STS explained like a human

LTS is what you choose when stability matters more than chasing the newest features. LTS releases are supported for about three years and are ideal for business applications, enterprise systems, and long-lived products.

STS is for teams that like moving fast and upgrading often. STS releases are supported for a shorter time and assume you will move to the next version on schedule.

Most problems happen when teams choose STS but behave like they chose LTS.

Which .NET version should you use based on what you’re building

New applications

Use .NET 10. It gives you the longest support window, modern performance improvements, and a clean baseline for future upgrades. Starting new projects on older versions usually creates unnecessary work later.

Existing applications on .NET 8

If your app is already on .NET 8, you are not in trouble, but the clock is ticking. Support ends in November 2026. If your dependencies allow it and your test coverage is reasonable, upgrading to .NET 10 sooner rather than later usually reduces future pain.

Existing applications on .NET 9

Treat .NET 9 as a temporary stop, not a destination. It is fine if you knowingly chose STS, but you should already have a plan to move to .NET 10 well before 2026 ends.

Applications on .NET 6 or .NET 7

These versions are already out of support. Running out-of-support frameworks is not just a security concern. Over time, tooling, hosting providers, and third-party libraries quietly move on, and your upgrade becomes harder and more expensive. If possible, jump straight to .NET 10. If not, use .NET 8 as a short-term bridge.

.NET Framework applications

If you are on .NET Framework, your decision is different. For Windows-only legacy systems with heavy dependencies, staying put for now may be realistic. For anything that needs cloud deployment, containers, cross-platform support, or modern performance, you should plan a gradual migration to modern .NET.

A decision framework that actually works

  • Is this a new app meant to live for years? Use .NET 10.

  • Do you want the least maintenance and longest support? Use .NET 10 LTS.

  • Are you blocked by dependencies or vendors? Use .NET 8 temporarily and plan your move to .NET 10.

  • Are you intentionally upgrading every one to two years? Then .NET 9 can make sense.

Locking your team to the right version

Check installed SDKs.

dotnet --list-sdks
dotnet --list-runtimes

Pin the SDK using global.json to avoid environment drift.

{"sdk": {
    "version": "10.0.100",
    "rollForward": "latestFeature"}}

Target the correct framework.

<PropertyGroup>
  <TargetFramework>net10.0</TargetFramework>
</PropertyGroup>

For shared libraries.

<PropertyGroup>
  <TargetFrameworks>net8.0;net10.0</TargetFrameworks>
</PropertyGroup>
A low-risk upgrade strategy

  • Upgrade the SDK and build pipeline first without changing the target framework. This separates tooling issues from runtime issues.

  • Update NuGet packages early because most upgrade problems come from outdated dependencies.

  • Avoid mixing framework upgrades with large refactors so rollbacks stay cheap.

  • Measure before and after. Startup time, memory usage, throughput, and latency should guide decisions, not assumptions.

Common mistakes teams keep making

  • Choosing STS for long-lived systems and forgetting to upgrade.

  • Staying on unsupported versions because nothing is broken yet.

  • Upgrading without pinning the SDK and wasting time debugging environment differences.

Final recommendation

If you want one boring, correct answer, use .NET 10.

It gives you the longest support window, aligns with Microsoft’s direction, and minimizes forced upgrades.

Use .NET 8 only as a short-term step if you are blocked.
Use .NET 9 only if you are disciplined about upgrading again.

Top 5 FAQs: Choosing the Right .NET Version

1. Should I still start a new project on .NET 8?

Only if you have a hard dependency that does not yet support .NET 10. Otherwise, .NET 10 is the better long-term choice.

2. Is .NET 9 safe for production?

Yes, but only if you treat it as short-term. The risk is not stability, it is forgetting to upgrade later.

3. How often should I upgrade .NET in production apps?

Most teams should upgrade every LTS cycle, roughly every three years. STS requires a faster and more disciplined cadence.

4. Can I skip versions when upgrading .NET?

In most cases, yes. Many teams move directly from .NET 6 or 7 to .NET 10 as long as dependencies are compatible.

5. Does upgrading .NET automatically improve performance?

Often, but not magically. Real gains come when you upgrade, test, measure, and remove old workarounds that newer runtimes no longer need.

ASP.NET Core 10.0 Hosting Recommendation

One of the most important things when choosing a good ASP.NET Core 10.0 hosting is the feature and reliability. HostForLIFE is the leading provider of Windows hosting and affordable ASP.NET Core, their servers are optimized for PHP web applications. The performance and the uptime of the hosting service are excellent and the features of the web hosting plan are even greater than what many hosting providers ask you to pay for. 

At HostForLIFE.eu, customers can also experience fast ASP.NET Core hosting. The company invested a lot of money to ensure the best and fastest performance of the datacenters, servers, network and other facilities. Its datacenters are equipped with the top equipments like cooling system, fire detection, high speed Internet connection, and so on. That is why HostForLIFE.eu guarantees 99.9% uptime for ASP.NET Core. And the engineers do regular maintenance and monitoring works to assure its Orchard hosting are security and always up.

 
Read More...

Monday, 5 January 2026

ASP.NET Core's Observability Becomes a First-Class Feature

By Friedrich , , Leave a Comment
Contemporary applications require visibility into production in addition to functional coding. With built-in metrics, diagnostics, logging, and tracing, ASP.NET Core now views observability as a first-class feature.

This article discusses:
  • ASP.NET Core's built-in observability features
  • Detailed setup
  • Examples of real-world coding for tracking, logging, and metrics
  • Alerts, dashboards, and production preparedness
What Is Observability and Why Does It Matter?

Observability is the ability to understand the internal state of your application from external outputs like metrics, logs, and traces.

Core Observability Components

  1. your application's internal state from external outputs such asMetrics – Quantitative data (request rate, latency, errors).

  2. Logs – Detailed events or errors with structured information.as Metrics

  3. Traces – End-to-end visibility of requests across services.

Proper observability ensures you can detect and diagnose issues without guessing .

Built-In Observability Features in ASP.NET Core

ASP.NET Core now ships with rich diagnostics:

  • HTTP request counts and durations

  • Active requests

  • Failed requests (4xx / 5xx)

  • Connection, TLS, and runtime metrics (CPU, memory, GC)

These features reduce the need for heavy custom instrumentation and integrate easily with Prometheus, Grafana, and Azure Monitor.

Step-by-Step Setup of Observability

1. Create or Open Your ASP.NET Core App

dotnet new webapi -n ObservabilityDemo
cd ObservabilityDemo

2. Add Required NuGet Packages

dotnet add package OpenTelemetry
dotnet add package OpenTelemetry.Extensions.Hosting
dotnet add package OpenTelemetry.Instrumentation.AspNetCore
dotnet add package OpenTelemetry.Exporter.Prometheus.AspNetCore

3. Configure OpenTelemetry in Program.cs

using OpenTelemetry.Metrics;

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddOpenTelemetry()
    .WithMetrics(metrics =>
    {
        metrics
            .AddAspNetCoreInstrumentation()
            .AddRuntimeInstrumentation()
            .AddPrometheusExporter();
    });

var app = builder.Build();

app.MapPrometheusScrapingEndpoint();
app.MapControllers();

app.Run();

Your app now exposes production-ready metrics at /metrics.

Real-World Coding Examples

These examples illustrate practical observability in production scenarios.

Example 1: Track API Usage (Business Metric)

using System.Diagnostics.Metrics;

public static class AppMetrics
{
    public static readonly Meter Meter = new("ObservabilityDemo");

    public static readonly Counter<int> OrdersCreated =
        Meter.CreateCounter<int>("orders_created");
}

[ApiController]
[Route("api/orders")]
public class OrdersController : ControllerBase
{
    [HttpPost]
    public IActionResult CreateOrder()
    {
        AppMetrics.OrdersCreated.Add(1);
        return Ok("Order created successfully");
    }
}

Scenario: Track how many orders your API receives per minute for business insight.

Example 2: Measure Request Duration for a Specific Endpoint

using System.Diagnostics;

[HttpGet("inventory")]
public async Task<IActionResult> GetInventory()
{
    var stopwatch = Stopwatch.StartNew();

    var inventory = await _inventoryService.GetItemsAsync();

    stopwatch.Stop();
    Console.WriteLine($"Inventory request took {stopwatch.ElapsedMilliseconds} ms");

    return Ok(inventory);
}

Scenario: Measure performance of heavy endpoints like inventory queries or report generation.

Example 3: Track Failures with Custom Counter

public static readonly Counter<int> PaymentFailures =
    AppMetrics.Meter.CreateCounter<int>("payment_failures");

[HttpPost("payments")]
public IActionResult ProcessPayment(PaymentRequest request)
{
    try
    {
        _paymentService.Process(request);
        return Ok();
    }
    catch(Exception)
    {
        PaymentFailures.Add(1);
        return StatusCode(500, "Payment failed");
    }
}

Scenario: Monitor payment failures in real-time for alerting or retries.

Example 4: Add Distributed Tracing for Downstream Calls

builder.Services.AddOpenTelemetry()
    .WithTracing(tracing =>
    {
        tracing.AddAspNetCoreInstrumentation();
        tracing.AddHttpClientInstrumentation();
    });

[HttpGet("external-data")]
public async Task<IActionResult> GetExternalData()
{
    var client = _httpClientFactory.CreateClient();
    var response = await client.GetAsync("https://api.example.com/data");
    return Ok(await response.Content.ReadAsStringAsync());
}

Scenario: Trace latency across external API calls to identify bottlenecks.

Dashboards and Alerts
Prometheus & Grafana

For dashboards and alerts we can use open sourced, self-hosted, cloud-friendly observability tools Prometheus and Grafana. They work on-prem, cloud, hybrid, and air-gapped systems. Cloud providers offer managed versions.

Dashboard Panels:

  • Request rate ( http_server_request_duration_seconds_count )

  • Latency P95 ( histogram_quantile(0.95, rate(...)) )

  • Error rate ( rate(http_server_request_duration_seconds_count{status_code=~"5.."}[1m]) )

Alerts:

  • High error rate

  • High latency

  • CPU/memory spikes

Include service name, severity, and dashboard links in every alert.

Production Observability Checklist

Before going live, ensure:

  • Metrics endpoint exposes system and business metrics

  • Structured logging with correlation IDs is enabled

  • Distributed tracing is enabled for all incoming/outgoing requests

  • Health checks and readiness probes are configured

  • Dashboards visualize key metrics and errors

  • Alerts are actionable and tested

  • Deployment markers and versions are visible

Production-ready apps answer: "What broke, why, and how badly — using metrics, logs, and traces alone."

Key Takeaways

ASP.NET Core's first-class observability enables developers to monitor apps confidently in production. By combining metrics, logs, tracing, dashboards, and alerts, you can proactively detect and resolve issues, optimize performance, and ensure your applications are reliable.

Observability is no longer optional — it's essential. Start implementing it from day one and make your app production-ready.

Happy Coding!

I write about modern C#, .NET, and real-world development practices. Follow me on C# Corner for regular insights, tips, and deep dives.

Best ASP.NET Core 10.0 Hosting Recommendation

One of the most important things when choosing a good ASP.NET Core 8.0 hosting is the feature and reliability. HostForLIFE is the leading provider of Windows hosting and affordable ASP.NET Core, their servers are optimized for PHP web applications. The performance and the uptime of the hosting service are excellent and the features of the web hosting plan are even greater than what many hosting providers ask you to pay for. 

At HostForLIFEASP.NET, customers can also experience fast ASP.NET Core hosting. The company invested a lot of money to ensure the best and fastest performance of the datacenters, servers, network and other facilities. Its datacenters are equipped with the top equipments like cooling system, fire detection, high speed Internet connection, and so on. That is why HostForLIFEASP.NET guarantees 99.9% uptime for ASP.NET Core. And the engineers do regular maintenance and monitoring works to assure its Orchard hosting are security and always up.
Read More...

Monday, 22 December 2025

Session Count-Based Concurrent Login Management in ASP.NET WebForms

By Friedrich , , Leave a Comment

Limiting the amount of concurrent logins per user is a typical practice in many real-world applications, including banking portals, trading platforms, admin panels, and business systems.
Data inconsistencies, license abuse, and security problems might result from permitting infinite logins with the same credentials.


This article describes a traditional concurrent login/session-count control requirement, explores several solutions, and offers a simple ASP.NET WebForms + SQL Server solution with functioning logic and output explanation.

Problem Statement

  • A single user account should be allowed to log in from only N sessions (example: 2, 3, or 4).

  • If the user logs in again after reaching the limit:

    • Either deny login OR

    • Automatically terminate the oldest inactive session and allow new login.

  • Sessions may remain active if:

    • Browser is closed suddenly

    • User forgets to log out

  • The system must handle these cases automatically.

Requirements Summary

  • Allow configurable session count per user

  • Track:

    • Login time

    • Last activity

    • Active / inactive status

  • Automatically expire unused sessions

  • Ensure latest active users are not disturbed

Possible Approaches

Option 1: ASP.NET Session Only (Not Recommended )

  • Uses Session[] variables

  • Fails when:

    • Browser crashes

    • Multiple devices used

  • No central control

Not suitable for concurrent login control

Option 2: Database-Based Session Tracking (Recommended )

  • Store sessions in a database table

  • Track activity per login

  • Kill old sessions safely

This is the correct and professional approach

Database Design

adminmaster Table

Stores user details and allowed session count.

CREATE TABLE adminmaster
(
    Srno INT PRIMARY KEY,
    userid VARCHAR(50),
    password VARCHAR(50),
    SessionCount INT DEFAULT 3
);

UserSessions Table

Tracks each login session.

CREATE TABLE UserSessions
(
    SessionId UNIQUEIDENTIFIER PRIMARY KEY,
    UserSrno INT NOT NULL,
    LoginTime DATETIME,
    LastActivity DATETIME,
    IsActive BIT,
    CONSTRAINT FK_UserSession_Admin
        FOREIGN KEY (UserSrno) REFERENCES adminmaster(Srno)
);

Concept Used

1. GUID-Based Session Identification

  • Each login creates a unique SessionId

  • Avoids conflicts

  • Safe across multiple users and devices

2. Least Recently Used (LRU) Strategy

  • Sessions ordered by LastActivity

  • Oldest inactive session is terminated first

3. Configurable Session Limit

  • Each user has a different SessionCount

  • Can be changed without code modification

Login Flow Logic

  1. Validate username & password

  2. Read allowed session count

  3. Fetch active sessions

  4. If session limit reached:

    • Kill the oldest active session

  5. Create a new session

  6. Allow login

ASP.NET WebForms Login Code

// Validate user
string sqlqry = @"
SELECT Srno, userid, SessionCount
FROM adminmaster (NOLOCK)
WHERE userid=@UserId AND password=@passwrd";

DataSet ds = SqlHelper.ExecuteDataset(con, CommandType.Text, sqlqry, param);

if (ds == null || ds.Tables[0].Rows.Count == 0)
{
    ErrLbl.Text = "Invalid UserID or Password";
    return;
}

// User is valid
DataRow row = ds.Tables[0].Rows[0];
int userSrno = Convert.ToInt32(row["Srno"]);
int maxSession = row["SessionCount"] == DBNull.Value ? 0 : Convert.ToInt32(row["SessionCount"]);

// Get active sessions
string activeQry = @"
SELECT SessionId
FROM UserSessions
WHERE UserSrno=@uid AND IsActive=1
ORDER BY LastActivity";

SqlParameter[] pActive =
{
    new SqlParameter("@uid", userSrno)
};

DataTable dtActive =
    SqlHelper.ExecuteDataset(con, CommandType.Text, activeQry, pActive)
    .Tables[0];

// Kill oldest session if limit reached
if (dtActive.Rows.Count >= maxSession)
{
    Guid oldSessionId =
        Guid.Parse(dtActive.Rows[0]["SessionId"].ToString());

    SqlParameter[] pKill =
    {
        new SqlParameter("@sid", oldSessionId)
    };

    SqlHelper.ExecuteNonQuery(
        con,
        CommandType.Text,
        "UPDATE UserSessions SET IsActive=0 WHERE SessionId=@sid",
        pKill);
}

// Create new session
Guid newSessionId = Guid.NewGuid();

SqlParameter[] pInsert =
{
    new SqlParameter("@sid", newSessionId),
    new SqlParameter("@uid", userSrno)
};

SqlHelper.ExecuteNonQuery(
    con,
    CommandType.Text,
    @"INSERT INTO UserSessions
      VALUES (@sid,@uid,GETDATE(),GETDATE(),1)",
    pInsert);

// Store session
Session["UserSrno"] = userSrno;
Session["SessionId"] = newSessionId;

Response.Redirect("Dashboard.aspx");

Session Activity Update (BasePage Concept)

protected void Page_Load(object sender, EventArgs e)
{
    if (Session["SessionId"] != null)
    {
        SqlParameter[] p =
        {
            new SqlParameter("@sid", Session["SessionId"])
        };

        SqlHelper.ExecuteNonQuery(
            con,
            CommandType.Text,
            @"UPDATE UserSessions
              SET LastActivity=GETDATE()
              WHERE SessionId=@sid AND IsActive=1",
            p);
    }
}

Auto-Expire Inactive Sessions (SQL Job)

UPDATE UserSessions
SET IsActive = 0
WHERE IsActive = 1
AND DATEDIFF(MINUTE, LastActivity, GETDATE()) > 30;

Purpose

  • Handles browser crash

  • Cleans unused sessions

  • Keeps session count accurate

Output Explanation

Scenario 1

User allowed 3 sessions, logs in 3 times
All logins allowed

Scenario 2

User logs in 4th time

  • Oldest session is terminated automatically

  • New session is created

  • Login succeeds

Scenario 3

User closes browser without logout

  • Session becomes inactive after timeout

  • Slot is freed for new login

Advantages of This Approach

  • Secure

  • Scalable

  • Works across devices

  • Handles unexpected logouts

  • Professional enterprise-ready solution

Conclusion

Concurrent login control is a critical security feature in modern applications.
By using a database-driven session tracking mechanism with GUID-based session IDs and LRU session termination, we can efficiently control active logins without impacting user experience.

This solution is simple, clean, and production-ready for ASP.NET WebForms applications.

 

Best ASP.NET Core 10.0 Hosting Recommendation

One of the most important things when choosing a good ASP.NET Core 8.0.11 hosting is the feature and reliability. HostForLIFE is the leading provider of Windows hosting and affordable ASP.NET Core, their servers are optimized for PHP web applications. The performance and the uptime of the hosting service are excellent and the features of the web hosting plan are even greater than what many hosting providers ask you to pay for. 

At HostForLIFE.eu, customers can also experience fast ASP.NET Core hosting. The company invested a lot of money to ensure the best and fastest performance of the datacenters, servers, network and other facilities. Its datacenters are equipped with the top equipments like cooling system, fire detection, high speed Internet connection, and so on. That is why HostForLIFEASP.NET guarantees 99.9% uptime for ASP.NET Core. And the engineers do regular maintenance and monitoring works to assure its Orchard hosting are security and always up.

Read More...

Tuesday, 16 December 2025

ASP.NET Core Tutorial :: An Example of the Post-Redirect-Get (PRG) Pattern in ASP.NET Core

By Friedrich , , Leave a Comment

Form submissions are a common feature of web applications, where users upload data to the server. When a user refreshes the site after completing a form, a frequent problem occurs: the browser makes the POST request again, which could result in double submissions. Developers use the Post-Redirect-Get (PRG) pattern, a well-known design strategy that improves user experience and avoids inadvertent duplicate operations, to lessen this.

Understanding the PRG Pattern

The PRG pattern follows a simple workflow:

  1. Post: The client submits data via an HTTP POST request.

  2. Redirect: The server processes the request and issues an HTTP redirect (usually 302 Found) to a new URL.

  3. Get: The client follows the redirect and issues an HTTP GET request to retrieve the updated resource or confirmation page.

This ensures that refreshing the page only repeats the GET request, not the original POST, thereby avoiding duplicate submissions.

Benefits of PRG

  • Prevents Duplicate Form Submissions: Refreshing or navigating back does not resubmit the POST request.

  • Improves User Experience: Users see a clean confirmation or result page after submission.

  • Supports Bookmarking and Sharing: Since the final step is a GET request, the resulting URL can be bookmarked or shared.

  • Aligns with REST Principles: GET requests are idempotent, making them safe for repeated execution.

When to Use the PRG Pattern

  • Form Submissions: Use PRG for any scenario where a form submission can create or change server-side data (e.g., orders, registrations, comments).

  • Multi-Step Processes: It’s useful in multi-step forms or wizards where each step might commit data changes that should not be duplicated.

Example Implementation in ASP.NET Core

Step 1: Create the Model

public class Feedback
{
    public string Name { get; set; }
    public string Comments { get; set; }
}

Step 2: Create the Controller

public class FeedbackController : Controller
{
    [HttpGet]
    public IActionResult Submit()
    {
        return View();
    }

    [HttpPost]
    public IActionResult Submit(Feedback model)
    {
        if (ModelState.IsValid)
        {
            // Process the feedback (e.g., save to database)

            // Redirect to confirmation page using PRG
            return RedirectToAction("Confirmation");
        }
        return View(model);
    }

    [HttpGet]
    public IActionResult Confirmation()
    {
        return View();
    }
}

Step 3: Create the Views

  • Submit.cshtml: Contains the feedback form.

  • Confirmation.cshtml: Displays a success message after submission.

Workflow Explanation

  1. The user navigates to /Feedback/Submit and fills out the form.

  2. On submission, the form data is posted to the server via POST.

  3. The server processes the data and issues a redirect to /Feedback/Confirmation.

  4. The browser follows the redirect and performs a GET request to display the confirmation page.

  5. If the user refreshes the confirmation page, only the GET request is repeated, not the original POST.

Best Practices

  • Always validate input before redirecting.

  • Use TempData to pass short-lived messages (e.g., success notifications) across redirects.

  • Ensure redirects point to meaningful pages that provide feedback to the user.

  • Combine PRG with anti-forgery tokens for secure form submissions.

One reliable solution to the issue of duplicate form submissions in web applications is the Post-Redirect-Get (PRG) pattern. Using RedirectToAction or Redirect, ASP.NET Core offers simple ways to implement PRG. Developers can produce apps that are safer, more user-friendly, and compliant with web standards by following this approach.

Best ASP.NET Core 10.0 Hosting Recommendation

One of the most important things when choosing a good ASP.NET Core 8.0.11 hosting is the feature and reliability. HostForLIFE is the leading provider of Windows hosting and affordable ASP.NET Core, their servers are optimized for PHP web applications. The performance and the uptime of the hosting service are excellent and the features of the web hosting plan are even greater than what many hosting providers ask you to pay for. 

At HostForLIFE.eu, customers can also experience fast ASP.NET Core hosting. The company invested a lot of money to ensure the best and fastest performance of the datacenters, servers, network and other facilities. Its datacenters are equipped with the top equipments like cooling system, fire detection, high speed Internet connection, and so on. That is why HostForLIFEASP.NET guarantees 99.9% uptime for ASP.NET Core. And the engineers do regular maintenance and monitoring works to assure its Orchard hosting are security and always up.

Read More...

Monday, 8 December 2025

A Comprehensive Guide for Developers on Image Generation in.NET

By Friedrich , , , Leave a Comment

AI-powered image generating has revolutionized contemporary applications in automation, design, e-commerce, and content development. With Azure OpenAI, OpenAI models (such GPT-4o and DALL·E), and.NET 8, developers can create robust image-generation systems with straightforward APIs. This article describes popular use cases, best practices, interview-ready concepts, how image generation operates, and how to connect it with .NET.

1. What Is AI Image Generation?

AI image generation is the process of creating new images from text instructions (prompts).
Modern models such as DALL·E, Stable Diffusion, and GPT-4o convert natural language into high-quality images by understanding your scene description.

Capabilities

  • Generate new images from text

  • Modify or extend existing images

  • Change styles (photorealistic, 3D, illustration)

  • Remove/replace objects

  • Upscale or improve quality

2. Tools Available for Image Generation in .NET
1. OpenAI / Azure OpenAI Image API

Supports:

  • Text-to-Image

  • Image editing

  • Image variations

NuGet package:

dotnet add package OpenAI
2. Third-party models (Stable Diffusion, Midjourney APIs)

Useful when:

  • You need local/on-prem image generation

  • GPU-based custom workflows

3. Custom models with ONNX Runtime

For enterprise offline image synthesis.

3. Setting Up Image Generation in .NET

First install the official OpenAI package:

dotnet add package OpenAI

Then initialize the client:

using OpenAI;

var client = new OpenAIClient("your_api_key");
4. Generate Images from Text (Text-to-Image)

This is the most common use case.

var result = await client.Images.GenerateAsync(new ImageGenerationRequest
{
    Prompt = "A futuristic city skyline at sunset with flying cars",
    Size = "1024x1024",
    Model = "gpt-image-1"
});

var imageBytes = Convert.FromBase64String(result.Data[0].B64Json);
await File.WriteAllBytesAsync("city.png", imageBytes);

Explanation

  • Model: "gpt-image-1" or latest

  • Prompt: Natural-language description

  • Size: 256x256, 512x512, 1024x1024

  • Result is Base64 encoded, saved as PNG

5. Image Editing in .NET (Add / Modify Content)

You can edit existing images by providing:

  • Base image

  • Mask image (transparent area = editable)

  • New prompt

Example: Replacing the background of a product image.

var baseImage = await File.ReadAllBytesAsync("product.png");
var maskImage = await File.ReadAllBytesAsync("mask.png");

var response = await client.Images.EditAsync(new ImageEditRequest
{
    Image = baseImage,
    Mask = maskImage,
    Prompt = "Replace the background with a clean white studio backdrop",
    Size = "1024x1024"
});

var edited = Convert.FromBase64String(response.Data[0].B64Json);
await File.WriteAllBytesAsync("output.png", edited);
6. Create Image Variations

Useful in:

  • Logo generation

  • Different styles of same object

  • Marketing content variations

var original = await File.ReadAllBytesAsync("logo.png");

var variation = await client.Images.CreateVariationAsync(new ImageVariationRequest
{
    Image = original,
    Size = "512x512"
});

var output = Convert.FromBase64String(variation.Data[0].B64Json);
await File.WriteAllBytesAsync("logo_variation.png", output);
7. Real-World Use Cases
1. E-commerce

  • Auto-generate product images

  • Change backgrounds

  • Create color variations

  • Social media previews

2. Marketing and Design

  • Banner images

  • Thumbnails

  • Posters

  • Animated storyboard frames

3. App & Game Development

  • Character avatars

  • Environment concept art

  • Texture generation

4. Automation

  • Generate dozens of images dynamically through .NET APIs

  • Auto-generate visuals for reports

8. Architecture for Image Generation in .NET
Pattern 1: REST API Microservice

  • ASP.NET Core MVC or Minimal API

  • Expose /generate-image, /edit-image endpoints

  • Can scale independently

  • Works well with frontend apps (React, Angular, MAUI)

Pattern 2: Background Task Worker

  • Queue requests

  • Generate images in background job

  • Use Hangfire, Azure Functions, or WorkerService

Pattern 3: Hybrid RAG + Image Generation

  • Search metadata for design descriptions

  • Generate images automatically

  • Useful in content automation platforms

9. Best Practices

  1. Use meaningful long prompts

  2. Always compress or resize for storage

  3. Cache generated images to reduce cost

  4. Validate user prompts to avoid misuse

  5. Limit max image-size for performance

  6. Avoid blocking UI threads; use async

Conclusion

Integrating AI-based image generation into .NET applications is now straightforward. With simple APIs, you can generate complex visuals, automate design workflows, and build creative tools directly within .NET. As .NET continues evolving, image generation will play an increasingly important role in enterprise automation, marketing, and end-user applications.

Best ASP.NET Core 10.0 Hosting in Europe with 15% OFF Discount!

One of the most important things when choosing a good ASP.NET Core 10.0 hosting in Europe is the feature and reliability. Led by a team with expert who are familiar on ASP.NET technologies, HostForLIFE offers an array of both basic and advanced ASP.NET Core 10.0 features in the package at the same time, such as:


All of their Windows & ASP.NET Core 10.0 Hosting servers are located in state of the art data center facilities that provide 24 hour monitoring and security. You can rest assured that while we do aim to provide cheap Windows and ASP.NET Core 10.0 hosting, we have invested a great deal of time and money to ensure you get excellent uptime and optimal performance. While there are several ASP.NET Core 10.0 Hosting providers many of them do not provide an infrastructure that you would expect to find in a reliable Windows platform.

 

Read More...