.NET 8 💥 - ASP.NET Core Web API Filters

00:00

Hello friends thank you for watching

00:01

this video I am Muhammad and today we're

00:02

going to be discussing how we can

00:04

actually utilize filters within our. net

00:06

API we're going to be understanding how

00:07

do they work how do they fix within

00:09

middle words and then we're going to be

00:10

actually seeing how we can Implement

00:11

them within our code so let's get

00:13

started so what we're going to be doing

00:14

right now is we're going to be

00:15

understanding what's going to happen

00:16

whenever a request actually comes into

00:19

our web API so let's say we have a

00:20

request coming in and within this

00:22

request we're just going to hit a

00:23

controller and within this controller

00:25

we're going to have an action so the

00:27

request flow will going to be something

00:28

like this and then once the action

00:30

finish executing then we're going to get

00:32

back a response at the end and this flow

00:34

that we're currently seeing here is

00:35

basically the normal flow whenever we're

00:37

handling anything when it comes to a web

00:39

API we're request we're going to go to

00:41

our API it's going to find the

00:42

controller the action the actions going

00:44

to execute and response but this is not

00:46

the only way it's going to happen this

00:48

is a very simplistic view of how stuff

00:50

happen within nut we're going to have a

00:51

lot of different layers that's going to

00:53

request has to go through before it

00:55

actually even hits the controller ler so

00:57

we're going to have some like middle

00:58

Wares available in place and within

01:00

those middle words the request is going

01:01

to be basically go through different

01:03

types of either authentication

01:05

authorization uh verification Etc and

01:07

then it will hit the controllers so we

01:09

can see here that within our net there's

01:11

a lot of different middle Wares that

01:12

actually might intercept the call before

01:14

it actually execute or actually reach

01:17

the controller and all of this we have

01:18

discussed previously how actually

01:20

middleware comes into place and how do

01:21

they work in conjunction with our

01:23

controllers on action so on top of that

01:25

we're going to be discussing today how

01:27

we can actually add an extra layer in

01:29

order for us to actually manage our

01:30

actions and this is going to be

01:32

something called filters so what we want

01:33

to do is we want to actually attach a

01:35

filter to our request and through that

01:38

the filter will actually then forward

01:40

the request to response and once the

01:42

action has finished executing it's going

01:44

to basically then go to the filter and

01:46

then instead of the action directly

01:47

returning the response then through that

01:49

the response is going to go back and

01:51

this is what we're going to be doing

01:52

today we're going to be trying to adding

01:53

those filters in place and we're going

01:54

to be understanding how they actually

01:56

work so what I have here is I have a

01:58

full example of what's actually going to

02:00

happen when when the request comes in so

02:02

this is a HTTP request coming in we can

02:04

see it's going to hit the middleware So

02:06

within the middleware we're going to

02:07

execute some logic once it execute the

02:09

logic the middleware will forward that

02:10

request to the second middleware the

02:11

second middleware will also take this

02:13

request it will execute another logic so

02:15

one could be authentication the other

02:16

one could be authorization the third one

02:18

could be logging so let's add this here

02:20

so we can say this is authentication

02:22

this is authorization this could be

02:24

logging this could be background jobs I

02:26

don't know it could be something around

02:27

those lines ex start executing an in

02:30

appro and acing background operation and

02:32

lastly for example here so we're going

02:34

to have authentication authorization

02:36

logging and the background jobs and

02:38

basically we can see here that the

02:39

request flow is going to go from

02:40

middleware one once it execute the

02:41

authentication it will be forwarded to

02:43

middleware 2 execute the authorization

02:45

forwarded to middleware 3 execute the

02:47

author the loging forward it to

02:49

middleware 4 execute the background

02:51

shops and then here we want to actually

02:53

start executing the request when

02:54

actually it hits the controller so here

02:56

it's going to be the controller so once

02:57

it actually hits the controller what do

02:59

we want to do we want to actually run

03:01

some code before it actually hits the

03:02

action which is going to be executing

03:04

and this is what we're going to be doing

03:05

we're going to be actually seeing how we

03:07

can build those layers here filters and

03:09

these filters here is going to allow us

03:11

to actually have much more control about

03:13

those requests so we can have filters

03:15

here for specific types of auditing we

03:17

can have filters here for specific types

03:19

of uh logging mechanism we can have

03:21

specific types of validation that we

03:23

want to add so there's L different

03:25

implementation that we can actually

03:26

execute on on these different types of

03:28

filters that we want want to add soil

03:29

filters here will play a cual role into

03:31

the actual action itself so all of these

03:34

different middlewares that we have

03:35

before these will be executed for every

03:37

single request coming in there is no way

03:39

around it it will going to be so let's

03:41

say we have an an API with 100 end

03:44

points all of these 100 end points are

03:46

going to go through in this example

03:47

through these four different middlewares

03:49

on the other hand for filters we can

03:51

specify for every single action its own

03:53

filters so if we specify a filter that's

03:55

going to run on only five actions only

03:56

these five actions will actually have

03:58

these filters enabl onto them so filters

04:00

can be on the controllers and they could

04:01

be as well on the action itself so we're

04:04

not only limiting it to an an action

04:06

it's going to be for all request filters

04:09

for specific actions or controllers and

04:11

this is going to be the main thing so

04:13

we're going to be able to have a much

04:14

more control about what action is going

04:17

to be executed for which type of request

04:19

coming in and basically as we once we

04:22

the request will hit the controller if

04:24

we have a a filter on the action itself

04:26

so once that request hits the controller

04:28

the controller then will forward the

04:30

request to the filter on that action we

04:32

execute the filter before the execution

04:35

of the action then the action is

04:36

executed and then once that execution

04:38

has finished execution then we're going

04:40

to run the code after it uh from the

04:42

filter side once that's done then we're

04:44

going to be propagating and popping back

04:45

the response up into the same layer to

04:48

the same middleware so it's going to go

04:49

through the background jobs then it's

04:51

going to go to the logging to the

04:52

authorization authentication and then

04:54

we're going to get back the response so

04:55

all of this flow that we currently be

04:57

seeing here is going to be basically

04:58

building on top of the each other so

05:00

it's going to go through first second

05:01

three four middle Wares and once it's

05:03

going to go through those four middle

05:04

Wares it's going to go to the action

05:06

once the action does its work the filter

05:08

is going to be on the executing there as

05:10

well before and after and then we're

05:11

going to be returning back the response

05:13

so we can think this as a layered cake

05:15

and this within this layer cake the

05:17

filter is going to be sitting all the

05:18

way on top and the uh middle Wares are

05:20

basically going to be supporting this so

05:22

as we can see here that this is also

05:24

going to run a in a very structured

05:26

approach so the middlewares always have

05:28

to run first and then we're going to

05:30

have to run the filters when it comes to

05:31

filters we can have for example within a

05:34

single action we can have different

05:36

filters so we can have two three four

05:38

filters and we can actually specify the

05:40

order so so in this example here we have

05:42

added another filter so we have filter

05:44

one here run before then we're going to

05:45

go to filter two then once it have run

05:48

then we're going to go to the execution

05:49

then it's going to go to filter two then

05:51

to filter one and the nice thing about

05:52

if we're going to add multiple filters

05:54

filters together we can actually add

05:56

ordering to them so we can say this is

05:57

going to run before this or this going

05:59

to run before for this and we're going

06:00

to be seeing how we can actually

06:01

Implement something similar to this so

06:03

now that how we have understood how

06:04

filters and middleware works together

06:06

let's jump into our code and see how we

06:08

can Implement something like that so in

06:09

this example here we have the same

06:11

project that we have always been working

06:12

on where we have a controller we have a

06:14

driver's controller and we have an

06:16

achievement controller we're basically

06:17

doing a different crubs operation on our

06:19

controllers here so we can add a driver

06:21

remove a driver delete a driver and add

06:23

all of them we're using a SQL light

06:25

database and if we go to the program.cs

06:27

we can see here that we barely have any

06:29

middleware so we have basically the htps

06:31

redirection middleware we have the

06:33

authorization middleware and the map

06:34

controllers middleware so these are the

06:36

middlewares that we currently have don't

06:37

really have any other middlewares

06:39

running into place so what we want to do

06:40

right now is we want to create our own

06:42

filter and then once we create our own

06:44

filter we're going to attach it to one

06:45

of these controllers actions and then

06:47

from there we're going to be seeing how

06:48

that will work so what I want to do here

06:50

in the root directory I'm going to

06:51

create a new directory and I'm I'm going

06:53

to call this directory filters I can

06:55

call it whatever I want perfect so now

06:57

that I have created filters I'm going to

06:58

add a new class and this class we're

07:01

going to name it my logging okay great

07:03

so now that my class is up and running

07:04

what I want to do is I want to inherit

07:06

or basically I want to implement an

07:07

interface called I action filter and as

07:10

you can see here it's asking me directly

07:11

to implement one of the methods so I'm

07:13

going to implement this meth method and

07:15

click okay and it's going to ask me for

07:17

Implement another one okay perfect so

07:18

now that I have implemented both methods

07:20

we can see here that difficult

07:21

implementation that I need to do which

07:23

is going to be on action executing and

07:26

on action executed so the first thing

07:27

that I want to do to make it as simple

07:29

as possible is directly output stuff

07:31

onto the console so console do right

07:34

line we're going to say this filter

07:36

executed before I'm going to copy this

07:39

put it here I'm going to say here filter

07:40

executed after so now that I have done

07:42

this I now created my first filter and

07:45

then basically I attached the action to

07:46

it once I have done this I want to

07:48

basically go to my program.cs and what I

07:50

want to do is I want to attach it now

07:51

just so we can see it works to every

07:53

single action that currently exists so

07:55

in order for me to do that on the

07:57

Builder do service of add controller I

07:58

want to configure it to actually utilize

08:00

this filter so I'm going to put options

08:02

options do filters do add and I'm going

08:05

to say new my loging pretty

08:07

straightforward so now if I want to run

08:09

this so now that my application is

08:10

running let's go to postman and within

08:12

Postman I'm going to get all the drivers

08:14

and now we should be able to see that I

08:16

got one driver that currently exist and

08:18

if I go back to the log we can see here

08:20

I have filter executed before and I have

08:22

filter executed after and we can see

08:24

inside this is my command to the

08:25

database to execute the to extract the

08:27

driver's information so we can see here

08:29

now that directly my filter is actually

08:31

running whenever I execute any command

08:33

so if I try to run this again multiple

08:35

times you should be able to see that

08:36

this is directly after the execution

08:38

filter executed before executing again

08:41

then executing after similar executed

08:43

before then executed after so we can see

08:45

that this is working as it should be

08:47

let's try different endpoint so let's

08:48

say I want to get driver ID specify the

08:50

driver send we can see I'm getting a

08:52

single driver here again for this as

08:54

well I'm getting executed before and

08:56

we're getting here as well filter

08:58

executed after so this is all fine and

09:00

uh good but filters as we said we have

09:03

the power to actually specify them into

09:05

a single action rather than executing

09:06

them on all actions and controllers so

09:08

let's see how we can actually only

09:09

execute this on a single action so I'm

09:11

going to command this out and I'm going

09:12

to go to my loging here and I'm going to

09:14

update this to actually be able to

09:16

specify it and to make it as an

09:18

attribute available so the first thing

09:19

that I want to do is I want to put here

09:21

attribute and now once I put an

09:22

attribute here it means that I'm

09:24

actually able to make it as an attribute

09:26

and I want to update this in order for

09:27

me to take advantage of that so first of

09:30

all what I want to do is I'm going to

09:31

put private read only string and I'm

09:33

going to specify something called a

09:35

Coler name and I'm going to initialize

09:36

this through the Constructor okay

09:38

perfect and now once I have done that

09:40

what I want to do here is I want to

09:42

actually specify the Coler name so I'm

09:44

going to put here string interpolation

09:45

and I'm going to specify here that I'm

09:47

going to use the Coler name similarly

09:49

I'm going to do the same thing here and

09:51

now that I've done this I'm going to go

09:52

to my driers controller and for the get

09:55

old drivers which is the one that we

09:56

have used before can add a filter here

09:58

and this filter is going to be my

10:00

logging and for this we're going to give

10:02

it a name or basically the Coler name

10:04

that we currently specified here and for

10:06

this I'm just going to call it all

10:08

drivers so let's run this and see how

10:10

actually going to execute so now this is

10:11

running I'm going to go back to postman

10:13

and if I run this right now we can see

10:15

here this is with an ID I should not be

10:17

able to see that so now this is running

10:19

I got my response back if we go back to

10:21

postman we can see here that I did not

10:23

get that that logging inside my console

10:25

so now if I remove this and I'm now

10:27

doing get all driers I click on send we

10:30

get all drivers here and we can see here

10:32

that I got the filter only executed on

10:34

this so we can see filter executed

10:35

before all drivers and filter executed

10:38

after all drivers so we can see here

10:40

that this filter only executed on one

10:42

single action rather than having it

10:44

executed on all different actions so if

10:45

I try to put this back here the driver

10:48

ID that I have and I try to put it here

10:49

and click on send we can see I got back

10:51

the response but here we can see the

10:53

filter did not execute okay perfect so

10:55

now that I have was able to create the

10:57

filter only on single action and I was

10:59

able to actually pass information to my

11:01

filter for me to be able to utilize it

11:03

let's see how we can actually have a

11:04

filter which is going to be async so

11:06

here if I go to my logging filter that I

11:08

created let me stop my application we

11:10

can see here that everything is running

11:11

in a synchronous matter if I want to

11:13

execute an async one so I'm going to

11:15

create a new class I'm going to call it

11:16

my logging async and then here what I

11:18

want to do is I'm going to add it as an

11:20

attribute as I did before but the one

11:22

difference that I want to do here is I'm

11:23

going to put I a action filter and once

11:26

I have added this it's going to ask me

11:27

to actually implement the member and we

11:29

can see here instead of having two uh

11:31

members which is on on action executing

11:33

and on action executed I have one single

11:36

member and let me just put this so you

11:37

can see it on a single line but then the

11:39

asynchronous one I get only one method

11:41

and this method is contain a context and

11:44

contain an next so here what I need to

11:45

do is in order for me to make this

11:47

functional I need to put away next I

11:49

need to make this as an async and now

11:51

basically what I'm doing here is if we

11:53

go back to my diagram I'm actually

11:55

allowing this to run in a similar manner

11:57

to this where I'm having the next object

11:58

object in order for me to move it from

12:00

one to another I'm utilizing this

12:02

asynchronous approach in order for me to

12:03

allow the movement of the request from

12:06

one filter to another so if I do here

12:08

like this console do right line I'm

12:10

going to put this before the before the

12:13

request goes execute and we're going to

12:16

put after the request execute and I'm

12:18

going to do the same thing as I done

12:20

here I'm just going to copy this so I'm

12:21

actually able to have a reference to

12:23

Who's Calling it and I'm going to attach

12:25

this here and I'm going to put here it's

12:26

going to be Caller Name make this as an

12:29

synchron as string interpolation

12:31

similarly here perfect so now that I

12:33

have done this let's see how we can

12:34

actually utilize this my loging async

12:36

I'm going to copy this action I'm going

12:38

to copy the name of my class go to my

12:40

controllers and I'm going to add this

12:42

only when getting a single driver so I'm

12:44

going to go here to set get a single

12:45

driver I'm going to add this here and

12:47

then I'm going to specify my color name

12:49

and I'm going to say this color name

12:51

it's going to be get single driver so

12:53

now if I execute this we can see it's

12:55

running if I go back to postman now if I

12:57

get this run this this we're going to

12:59

get Lewis perfect if I go back to Rider

13:02

we can see here that before the request

13:04

execute get single driver and then after

13:06

the request execute G single driver this

13:08

is an async filter here we can see the

13:10

other one did not come into place if I

13:12

remove the ID here in order for me to be

13:15

able to get all the drivers and click on

13:17

send we'll be able to see I get my

13:18

synchronous approach which is going to

13:20

be filter executed before all drivers

13:22

and filter executed after all drivers

13:23

compared to the one before that which is

13:25

after the request executed so which is

13:27

going to be async or not let just make

13:29

the text a bit more clearer so I'm going

13:30

to put here sync so we know the

13:32

difference and here sync as well here

13:34

I'm going to put a sync and I'm going to

13:36

put here a sync okay perfect so let us

13:38

run this again get all drivers so this

13:40

should be the synchronous request we can

13:42

see I have my synchronous request coming

13:44

here and my synchronous request coming

13:46

here okay perfect if I add the driver ID

13:48

click on send now if I go down I can see

13:50

my a synchronous one is running and I

13:52

have my a synchron this one is running

13:53

as well so that's great so one of the

13:55

last items that we want to cover today

13:57

is we're going to be seeing how we can

13:59

actually attach two of them together so

14:01

what I'm going to do is I'm going to

14:02

take the asynchronous one and I'm going

14:04

to add it to get all drivers so all I'm

14:06

going to do here is after all my logging

14:07

all drivers I'm just going to update

14:09

this here and I'm going to run my code

14:11

again I'm going to go back to postman

14:13

and forget all drivers let's see what's

14:15

going to happen now we got the response

14:17

pack if I go back here we can see here

14:19

that first the synchronous one has run

14:21

and then the asynchronous one has run

14:22

afterward then the asynchronous finished

14:24

executing and then the synchronous one

14:25

here so we can see within this we are

14:27

actually able to attach multiple filters

14:29

together in order for us to get the

14:31

response that we want and to get the

14:32

action that we want and if I change the

14:34

order of this so if I put first of my a

14:36

synchronous and then my synchronous I'm

14:38

going to stop this and I'm going to run

14:40

this again go back to postman execute it

14:43

cut back the response and now we can see

14:44

here that the first one has happened

14:46

which is the asynchronous one and then

14:47

the synchronous one has has executed

14:49

synchronous finished executing and the

14:51

async has executed okay perfect So

14:54

within this we were able to see how

14:55

filters can actually work in conjunction

14:58

with middle in order for us to have much

15:00

more control about our actions and

15:02

basically we're able to specify specific

15:04

actions to run on specific request

15:06

rather than having it run on all of the

15:08

single rather than having it running on

15:10

all of the incoming requests filters

15:11

allow us to provide much more control on

15:14

what types of functionalities we want to

15:16

add to controllers to actions we can

15:18

specify the orders we can have actually

15:20

synchronous and asynchronous filters

15:22

available for us with that said I hope

15:24

this video was helpful if you have any

15:25

questions please make sure you put them

15:27

on the comments down below if you have

15:28

um if you'd like to support me please

15:30

consider supporting me on patreon or

15:31

buying me a coffee with that said thank

15:32

you very much for watching and have a

15:34

great day