Added firstapi sample and some docs

Author: csharpfritz

sessions/Season-05/0505-ApiDesignAndDevelopment/README.md

@@ -1,5 +1,7 @@
 # 0505 - API Design and Development with C# and .NET
 
+In response to [question #79](https://github.com/csharpfritz/csharp_with_csharpfritz/issues/79) we invited Shayne to join us to talk about APIs.
+
 ## Topics
 
 - Build an API with ASP()[].NET Core and Swagger
@@ -12,6 +14,85 @@
 - Connecting to a frontend framework: Razor Pages, Blazor, etc
 - Deployment - Containers and App Service
 
+## Build your first API with ASP[]().NET Core and Swagger
+
+It's drop dead simple to get your first app running with Swagger to get awesome documentation and interactions for your API.
+
+```cli
+dotnet new webapi
+```
+
+When you run the app and navigate to https://localhost:5001/swagger you'll find the swagger documentation for your new API:
+
+![Swagger Page for your API](firstapi_swagger.png)
+
+Customize it further with [Swashbuckle tools](https://docs.microsoft.com/aspnet/core/tutorials/getting-started-with-swashbuckle?view=aspnetcore-5.0&tabs=visual-studio). 
+
+You can generate and build client-side code with the dotnet-openapi tool.  Details at https://docs.microsoft.com/aspnet/core/web-api/Microsoft.dotnet-openapi
+
+## Design Patterns
+
+## API Versioning
+
+## Caching
+
+## Pagination
+
+## Uploading files to an API
+
+Instead of receiving an input parameter of type string or int, receive an input parameter of type `IFormFile` like this:
+
+```csharp
+[HttpPost]
+public async Task<IActionResult> UploadFile(
+	IFormFile file,
+	CancellationToken token
+)
+{
+
+	using (var stream = new FileStream("somefolder\\myuploadedfile.txt"))
+	{
+
+		await file.CopyToAsync(stream);
+
+	}
+
+}
+```
+
+The ASP[]().NET team has some [recommendations when handling files](https://docs.microsoft.com/aspnet/core/mvc/models/file-uploads?view=aspnetcore-5.0) for you, and we'll copy them here to ensure you see them:
+
+### Security Considerations
+
+Use caution when providing users with the ability to upload files to a server. Attackers may attempt to:
+
+- Execute denial of service attacks.
+- Upload viruses or malware.
+- Compromise networks and servers in other ways.
+
+Security steps that reduce the likelihood of a successful attack are:
+
+- Upload files to a dedicated file upload area, preferably to a non-system drive. A dedicated ___location makes it easier to impose security restrictions on uploaded files. Disable execute permissions on the file upload ___location.†
+- Do not persist uploaded files in the same directory tree as the app.†
+- Use a safe file name determined by the app. Don't use a file name provided by the user or the untrusted file name of the uploaded file.† HTML encode the untrusted file name when displaying it. For example, logging the file name or displaying in UI (Razor automatically HTML encodes output).
+- Allow only approved file extensions for the app's design specification.†
+- Verify that client-side checks are performed on the server. Client-side checks are easy to circumvent.
+- Check the size of an uploaded file. Set a maximum size limit to prevent large uploads.
+- When files shouldn't be overwritten by an uploaded file with the same name, check the file name against the database or physical storage before uploading the file.
+- Run a virus/malware scanner on uploaded content before the file is stored.
+
+### Server Configuration
+
+YOu will need to [extend the configuration of Kestrel](https://docs.microsoft.com/aspnet/core/mvc/models/file-uploads?view=aspnetcore-5.0#server-and-app-configuration) in order to receive larger files.
+
+## JWT Authentication
+
+Blog at: https://devblogs.microsoft.com/aspnet/jwt-validation-and-authorization-in-asp-net-core/
+
+## Connecting to a front-end framework
+
+## Deploying - Docker, Azure, etc
+
 ## Reference articles
 
 - Brady's API series on DevBlogs:

sessions/Season-05/0505-ApiDesignAndDevelopment/firstapi_swagger.png

@@ -0,0 +1,39 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+
+namespace FirstApi.Controllers
+{
+    [ApiController]
+    [Route("[controller]")]
+    public class WeatherForecastController : ControllerBase
+    {
+        private static readonly string[] Summaries = new[]
+        {
+            "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
+        };
+
+        private readonly ILogger<WeatherForecastController> _logger;
+
+        public WeatherForecastController(ILogger<WeatherForecastController> logger)
+        {
+            _logger = logger;
+        }
+
+        [HttpGet]
+        public IEnumerable<WeatherForecast> Get()
+        {
+            var rng = new Random();
+            return Enumerable.Range(1, 5).Select(index => new WeatherForecast
+            {
+                Date = DateTime.Now.AddDays(index),
+                TemperatureC = rng.Next(-20, 55),
+                Summary = Summaries[rng.Next(Summaries.Length)]
+            })
+            .ToArray();
+        }
+    }
+}

sessions/Season-05/0505-ApiDesignAndDevelopment/src/FirstApi/Controllers/WeatherForecastController.cs

@@ -0,0 +1,11 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>net5.0</TargetFramework>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="5.6.3" />
+  </ItemGroup>
+
+</Project>

sessions/Season-05/0505-ApiDesignAndDevelopment/src/FirstApi/FirstApi.csproj

@@ -0,0 +1,26 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Hosting;
+using Microsoft.Extensions.Logging;
+
+namespace FirstApi
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            CreateHostBuilder(args).Build().Run();
+        }
+
+        public static IHostBuilder CreateHostBuilder(string[] args) =>
+            Host.CreateDefaultBuilder(args)
+                .ConfigureWebHostDefaults(webBuilder =>
+                {
+                    webBuilder.UseStartup<Startup>();
+                });
+    }
+}

sessions/Season-05/0505-ApiDesignAndDevelopment/src/FirstApi/Program.cs

@@ -0,0 +1,31 @@
+{
+  "$schema": "http://json.schemastore.org/launchsettings.json",
+  "iisSettings": {
+    "windowsAuthentication": false,
+    "anonymousAuthentication": true,
+    "iisExpress": {
+      "applicationUrl": "http://localhost:40344",
+      "sslPort": 44372
+    }
+  },
+  "profiles": {
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "launchUrl": "swagger",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "FirstApi": {
+      "commandName": "Project",
+      "dotnetRunMessages": "true",
+      "launchBrowser": true,
+      "launchUrl": "swagger",
+      "applicationUrl": "https://localhost:5001;http://localhost:5000",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}

sessions/Season-05/0505-ApiDesignAndDevelopment/src/FirstApi/Properties/launchSettings.json

@@ -0,0 +1,59 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.HttpsPolicy;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
+using Microsoft.Extensions.Logging;
+using Microsoft.OpenApi.Models;
+
+namespace FirstApi
+{
+    public class Startup
+    {
+        public Startup(IConfiguration configuration)
+        {
+            Configuration = configuration;
+        }
+
+        public IConfiguration Configuration { get; }
+
+        // This method gets called by the runtime. Use this method to add services to the container.
+        public void ConfigureServices(IServiceCollection services)
+        {
+
+            services.AddControllers();
+            services.AddSwaggerGen(c =>
+            {
+                c.SwaggerDoc("v1", new OpenApiInfo { Title = "FirstApi", Version = "v1" });
+            });
+        }
+
+        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
+        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
+        {
+            if (env.IsDevelopment())
+            {
+                app.UseDeveloperExceptionPage();
+                app.UseSwagger();
+                app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "FirstApi v1"));
+            }
+
+            app.UseHttpsRedirection();
+
+            app.UseRouting();
+
+            app.UseAuthorization();
+
+            app.UseEndpoints(endpoints =>
+            {
+                endpoints.MapControllers();
+            });
+        }
+    }
+}

sessions/Season-05/0505-ApiDesignAndDevelopment/src/FirstApi/Startup.cs

@@ -0,0 +1,15 @@
+using System;
+
+namespace FirstApi
+{
+    public class WeatherForecast
+    {
+        public DateTime Date { get; set; }
+
+        public int TemperatureC { get; set; }
+
+        public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);
+
+        public string Summary { get; set; }
+    }
+}

sessions/Season-05/0505-ApiDesignAndDevelopment/src/FirstApi/WeatherForecast.cs

@@ -0,0 +1,9 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft": "Warning",
+      "Microsoft.Hosting.Lifetime": "Information"
+    }
+  }
+}

sessions/Season-05/0505-ApiDesignAndDevelopment/src/FirstApi/appsettings.Development.json

@@ -0,0 +1,10 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft": "Warning",
+      "Microsoft.Hosting.Lifetime": "Information"
+    }
+  },
+  "AllowedHosts": "*"
+}