CSRF Attack

 A CSRF (Cross-Site Request Forgery) attack is a type of security vulnerability that tricks a user into performing actions on a website or web application without their knowledge or consent. This type of attack takes advantage of the trust a website has in the user's browser.How CSRF Works:Victim logged in: The victim is authenticated and logged into a web application (e.g., a banking website).Malicious...

Continue Reading →

Identify application performance

Below are steps and methods you can use to diagnose application performance problems:1. Monitor Server MetricsBefore diving deep into the application, gather information about the server’s resource usage:CPU Usage: Check if the server's CPU is being heavily utilized (over 85% usage for extended periods) which could indicate that your application or system processes are CPU-bound.Memory Usage: Excessive...

Continue Reading →

Prevent SQL injection

To prevent SQL injection in a C# web application or web API, it's essential to follow best practices for interacting with databases. SQL injection occurs when malicious users insert or manipulate SQL queries to perform unauthorized actions on the database. Here are several strategies you can implement to prevent SQL injection:Use Parameterized Queries: The parameters are treated as data, not...

Continue Reading →

Entity Framework Vs Entity Framework Core

 The main differences between Entity Framework (EF) and Entity Framework Core (EF Core) stem from their architectural changes, cross-platform support, performance improvements, and additional features. Below are the key distinctions:1. Platform Support:Entity Framework (EF):Primarily designed to run on the .NET Framework, which is Windows-only.Entity Framework Core (EF Core):Cross-platform: Works...

Continue Reading →

Claim in jwt authentication token

 In JWT (JSON Web Token) authentication, a claim is a piece of information that is encoded within the token. Claims represent statements about an entity (usually the user) and additional metadata. Claims are used to convey information that is relevant to the authentication or authorization process.A JWT typically contains three parts: the header, the payload, and the signature. The claims are...

Continue Reading →

What information JWT token contains

JWT (JSON Web Token) is a compact, URL-safe token format used for securely transmitting information between parties. In the context of a Web API, a JWT typically contains three main parts:1. Header:The header typically consists of two parts:Type: This is usually "JWT" to indicate the token format.Algorithm: The algorithm used for signing the token, such as HS256 (HMAC SHA-256) or RS256 (RSA SHA-256)....

Continue Reading →

JWT Token Generation Code in C#

Install the required NuGet packagesYou'll need the following packages in your C# project:System.IdentityModel.Tokens.Jwt (for JWT token generation and validation)Microsoft.IdentityModel.Tokens (for creating signing keys and algorithms)Set up the JWT Token Generation CodeHere’s an example of how to generate a JWT token in C# using various options:public string GenerateJwtToken(string username){ ...

Continue Reading →

Refresh Token : JWT Token Authentication WEBAPI

 To implement JWT (JSON Web Token) refresh token logic in a Web API, the general idea is to issue two tokens when a user successfully logs in:Access Token (short-lived): This token is used for authenticating requests and is typically valid for a short duration (e.g., 15 minutes).Refresh Token (long-lived): This token is used to get a new access token when the old one expires. It typically has...

Continue Reading →

Dynamically passing method : Action, Func delegates

 In C#, you can dynamically pass a method or a delegate to another method by using either delegates or Action/Func types. These approaches allow you to abstract the invocation of methods in a flexible and reusable way.Let’s look at how to pass methods dynamically using Action (for methods that return void) or Func<T> (for methods that return a value). Both Action and Func are predefined...

Continue Reading →

Coding Test: Extension method

Create an extension method to filter out odd and even numbers from a collection like a list or array. Below is an example of how you can write such extension methods.1. Extension Method to Filter Odd NumbersThis method filters odd numbers from a collection of integers.using System;using System.Collections.Generic;public static class NumberExtensions{    // Extension method to get odd numbers...

Continue Reading →

Coding Test : find common character between two string

 Try to find common character with it's count between two strings and display it console.Input:  string1: Dotnet , string2: HotstarOutput:  o - 1, t - 2  string str1 = "Dotnet";  string str2 = "Hotstar";  List<char> lst1 = str1.ToList();  List<char> lst2 = str2.ToList();  Dictionary<char, int> commonCharsDic = new Dictionary<char, int>(); ...

Continue Reading →

Flags Attribute in C#

 In C#, the Flags Attribute is used to indicate that an enumeration (enum) can be treated as a bit field,  where individual bits represent different values that can be combined using bitwise operations. This allows you to represent multiple options or states in a single variable using a combination of flags.Purpose of the Flags Attribute:The Flags attribute provides a way to describe an...

Continue Reading →