First off, I apologise if this is a trivial question but I am getting so confused by the information I am reading. I have put off posting on here as I feel my question is too broad but I can't find a definitive answer. I am a C++ developer by trade but I am wanting to get into web development.
My end goal is to have a web API that is consumed by both a web app and mobile app. I want to get the structure nailed first by developing an web API and web app and then expand it to a mobile platform later on.
My aim is to have 4 separate sections - Database -> WebAPI -> Web App -> Mobile App all of which are protected with username/password etc.
I have decided to use ASP.NET Core but when creating an application I am given two options in visual studio - ASP.NET Core Application or Web API. I have tried creating a Web API and a separate Core Application but can't work out how to call the web API. I have also tried creating a Core Application as it seems like I should be able to do everything I want in one project but I am worried that the Web API won't be separated enough to be able to call from a mobile app.
I will be working with a database containing sensitive information so obviously want to protect access to the Web API and Web/Mobile app. I have been watching courses on Pluralsight about Identity but I have read that it doesn't work well with Web API's.
Basically I am getting extremely confused when in my mind my end goal should be relatively simple to achieve. If anyone could give me any pointers as to what technologies I need to use would be fantastic.
ASP.NET Core WebAPI is specifically designed for building REST-ful services. ASP.NET Core Application is used to create web applications that returns both views and data (it's an analog of Asp.NET MVC from standard Framework). Which to choose is really depends on kind of WebApp you are going to use.
API is an interface that exposes an application's data to outside software, whereas web applications are one type of API with stricter requirements. These requirements include network communication, SOAP as the primary protocol, and less accessibility for the public.
ASP.NET Core supports creating web APIs using controllers or using minimal APIs. Controllers in a web API are classes that derive from ControllerBase. This article shows how to use controllers for handling web API requests.
NET Core is a runtime to execute applications build on it. ASP.NET Core is a web framework to build web apps, IoT apps, and mobile backends on the top of . NET Core or . NET Framework.
ASP.NET Core WebAPI is specifically designed for building REST-ful services.
ASP.NET Core Application is used to create web applications that returns both views and data (it's an analog of Asp.NET MVC from standard Framework).
Which to choose is really depends on kind of WebApp you are going to use. If you plan to use some SPA framework, you don't need mechanisms to generate views on server side - WebAPI is a great choice, otherwise choose Application. Here you can find more details on differences.
As of security concern, there no issues with WebAPI. It provides a lot of mechanisms to secure your API and restrict access to methods based on user's identity. Please look at this article as an example.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With