Pre-Conference Workshop
12. listopadu 2025
Update Conference Prague bude v roce 2025 ještě lepší. Rozhodli jsme se přidat celodenní workshop na atraktivní téma Building Secure and Scalable Web APIs with ASP.NET 10, který se uskuteční den před konferencí, tedy ve středu 12. listopadu 2025. Workshop proběhne v sále Virgo v konferenčním patře hotelu Clarion Congress Hotel Prague. Kapacita je omezena na 60 účastníků.
Chris „Woody“ Woodruff je architekt ve společnosti Real Time Technologies s téměř 30 lety zkušeností. Je uznávaným odborníkem na softwarový vývoj a architekturu, vystupuje na mezinárodních konferencích a věnuje se mentoringu vývojářů prostřednictvím přednášek, článků a online obsahu. Spolumoderuje podcast a YouTube kanál „Breakpoint Show“ a v současnosti píše knihu o síťovém programování v jazyce C# a frameworku .NET.
Building Secure and Scalable Web APIs with ASP.NET 10
Hands-on Development from Routing to Role-based Security
Description
Web APIs power today's most compelling apps—from eCommerce to mobile experiences—and developers who can build secure, scalable APIs are in high demand. In this hands-on, full-day workshop, you'll learn how to build robust APIs using ASP.NET 10.
Join Chris Woodruff as he guides you through everything from foundational routing and CRUD operations to implementing advanced security practices using OAuth2, JWT tokens, and role-based authorization. You'll explore the critical security layers that protect your API, how to test them , and how to optimize performance through caching and clean architecture.
Build alongside Chris as you create a secure eCommerce API from scratch—complete with customer orders, sales rep assignments, and protected endpoints.
Target Audience
Intermediate to Advanced .NET Developers looking to strengthen their ASP.NET Web API skills with a focus on security and best practices.
Takeaways
By the end of this workshop, you'll be able to:
- Build production-grade Web APIs with ASP.NET 10 using a secure and modular architecture.
- Secure APIs using JWT, role-based access control, and ASP.NET Identity.
- Protect against common vulnerabilities and apply modern security standards.
- Optimize APIs through caching, dependency injection, and separation of concerns.
- Write effective integration and unit tests for robust API delivery.
Schedule
9:00 – 9:15 AM – Welcome & Setup
Environment check, intro to the workshop goal: Secure eCommerce API
9:15 – 10:30 AM – Session 1: Routing, Controllers, and Dependency Injection
• Attribute routing
• Controller structure
• Built-in dependency injection
• Hands-on: Create your first routes and endpoints
10:30 – 10:45 AM – Break
Short break.
10:45 – 12:00 PM – Session 2: Data Models, EF Core, and CRUD
• Designing domain models
• EF Core basics
• Validation and model binding
• Hands-on: Implement Create, Read, Update, Delete logic
12:00 – 1:00 PM – Lunch Break
Time to refuel and network.
1:00 – 2:15 PM – Session 3: Authentication Deep Dive
• ASP.NET Identity overview
• Cookie-based auth vs. Token-based auth
• Implementing JWT authentication
• Hands-on: Secure your API with JWT
2:15 – 3:30 PM – Session 4: Authorization & Role-Based Access Control
• [Authorize] attribute and policies
• Role-based claims and scopes
• Protecting sensitive endpoints
• Hands-on: Create user roles and restrict access
3:30 – 3:45 PM – Break
Short break.
3:45 – 4:45 PM – Session 5: API Security Best Practices
• Secure headers (CORS, CSP, etc.)
• HTTPS enforcement
• Rate limiting and throttling
• OWASP top threats and mitigations
• Hands-on: Apply security middleware
4:45 – 5:30 PM – Session 6: Testing, Optimization, and Caching
• Unit/integration testing (xUnit/MSTest)
• Using Postman and Swagger for testing
• Output caching and in-memory caching
• Hands-on: Write tests and add caching strategies
5:30 – 6:00 PM – Wrap-up & Q&A
• Review complete API architecture
• Deploying securely to the cloud
• Resources and next steps
Zaujala Vás nabídka? Registrujte se ihned!
Existují dvě možnosti účasti na workshopech. Můžete se registrovat odděleně od vstupenky na konferenci (pokud jste se již na konferenci registrovali dříve), nebo se můžete registrovat na workshop i na konferenci dohromady.
Speciální balíček zahrnující Regular vstupenku na oba dny konference Update Conference Prague 2025 a také vstup na pre-conference workshop (středa, 12. listopadu).
Více informací o vstupenkách na workshop nebo konferenci najdete v sekci Vstupenky.