ASP.NET MVC 5 – walk-through – (Part 2)

For full documentation please visit:

Repository Pattern with C# and Entity Framework

Sorting Example:

X.PagedList This is fork of Troy’s project PagedList ( The main different is that X.PagedList is portable assembly. It means, that you can use it not only in Web projects, but in Winforms, Window Phone, Silverlight and etc. projects.

Implement paging in asp net mvc

Load Balancers

sample ILogger interface


You write method overrides that are automatically called when query is about to be executed. In these methods you can examine or log the query that is being sent to the database, and you can change the query before it’s sent to the database or return something to Entity Framework yourself without even passing the query to the database.


Application_Start method

These lines of code are what causes your interceptor code to be run when Entity Framework sends queries to the database. Notice that because you created separate interceptor classes for transient error simulation and logging, you can independently enable and disable them.

Another option is to put this code in the DbConfiguration class that you created earlier to configure the execution policy.

Wherever you put this code, be careful not to execute DbInterception.Add for the same interceptor more than once, or you’ll get additional interceptor instances. For example, if you add the logging interceptor twice, you’ll see two logs for every SQL query.

Entity Framework Code First Approach

Entity Framework Code First End To End

If you deploy a database by running migrations automatically and you are deploying to a web site that runs on multiple servers, you could get multiple servers trying to run migrations at the same time.  Migrations are atomic, so if two servers try to run the same migration, one will succeed and the other will fail (assuming the operations can’t be done twice). In that scenario if you want to avoid those issues, you can call migrations manually and set up your own code so that it only happens once.

By using data annotation attributes, you can make one code change that will fix the display format in every view that shows the data. DataType attributes do not provide any validation.

You can also use attributes to control how your classes and properties are mapped to the database.

It means we can use DataAnnotations for both client-side formatting/validation and for database formatting, validation and mapping.

The DatabaseGenerated attribute with the None parameter on the CourseID property specifies that primary key values are provided by the user rather than generated by the database.

Column mapping is generally not required, because the Entity Framework usually chooses the appropriate SQL Server data type based on the CLR type that you define for the property. The CLR decimal type maps to a SQL Server decimal type. But in this case you know that the column will be holding currency amounts, and the money data type is more appropriate for that.

By convention, the Entity Framework enables cascade delete for non-nullable foreign keys and for many-to-many relationships. This can result in circular cascade delete rules, which will cause an exception when you try to add a migration.

Example on foreign key constraint and delete cascade

Many to many relationship in entity framework code first

Fluent API

You can use the fluent API to specify most of the formatting, validation, and mapping rules that you can do by using attributes.

Entity Framework Relationships Fluent API

First look at the Fluent API

Lazy loading in LINQ to SQL

Eager loading in LINQ to SQL

Difference between eager loading and lazy loading

Eager loading often offers the best performance, because a single query sent to the database is typically more efficient than separate queries for each entity retrieved.

On the other hand, in some scenarios lazy loading is more efficient. Eager loading might cause a very complex join to be generated, which SQL Server can’t process efficiently.

Lazy loading might perform better because eager loading would retrieve more data than you need. If performance is critical, it’s best to test performance both ways in order to make the best choice.

One way to avoid serialization problems is to serialize data transfer objects (DTOs) instead of entity objects.

Here are some other ways to disable lazy loading:

  • For specific navigation properties, omit the virtual keyword when you declare the property.
  • For all navigation properties, set LazyLoadingEnabled to false, put the following code in the constructor of your context class:

The code specifies eager loading for the Instructor.OfficeAssignment and the Instructor.Courses navigation property.

Eager loading is better than lazy loading only if the page is displayed more often with a course selected than without.

Inserting Updating and Deleting entities in Entity Framework

Normally the scaffolder doesn’t scaffold a primary key because the key value is generated by the database and can’t be changed and isn’t a meaningful value to be displayed to users. For Course entities the scaffolder does include an text box for the CourseID field because it understands that the DatabaseGeneratedOption.None attribute means the user should be able enter the primary key value.

Stored Procedures in Entity Framework

Using stored procedures with entity framework code first approach

ASP.NET MVC5 Async Queries


A web server has a limited number of threads available, and in high load situations all of the available threads might be in use. When that happens, the server can’t process new requests until the threads are freed up. With synchronous code, many threads may be tied up while they aren’t actually doing any work because they’re waiting for I/O to complete. With asynchronous code, when a process is waiting for I/O to complete, its thread is freed up for the server to use for processing other requests. As a result, asynchronous code enables server resources to be use more efficiently, and the server is enabled to handle more traffic without delays.

The following highlights show what was added to the synchronous code for the Index method to make it asynchronous:

Some things to be aware of when you are using asynchronous programming with the Entity Framework:

  • The async code is not thread safe. In in other words, don’t try to do multiple operations in parallel using the same context instance. For example do not update bank account balance of an user in parallel. Because context is not thread safe, you may be updating bank account with different value than you are intending.
  • If you want to take advantage of the performance benefits of async code, make sure that any library packages that you’re using (such as for paging), also use async if they call any Entity Framework methods that cause queries to be sent to the database.

Use stored procedures for inserting, updating, and deleting

This code instructs Entity Framework to use stored procedures for insert, update, and delete operations on the Department entity.

More details for implementation visit: or check videos above.

Concurrency Check in Entity Framework

A concurrency conflict occurs when one user displays an entity’s data in order to edit it, and then another user updates the same entity’s data before the first user’s change is written to the database. If you don’t enable the detection of such conflicts, whoever updates the database last overwrites the other user’s changes. In many applications, this risk is acceptable: if there are few users, or few updates, or if isn’t really critical if some changes are overwritten, the cost of programming for concurrency might outweigh the benefit. In that case, you don’t have to configure the application to handle concurrency conflicts.

If your application does need to prevent accidental data loss in concurrency scenarios, one way to do that is to use database locks. This is called pessimistic concurrency. For example, before you read a row from a database, you request a lock for read-only or for update access. If you lock a row for update access, no other users are allowed to lock the row either for read-only or update access, because they would get a copy of data that’s in the process of being changed. If you lock a row for read-only access, others can also lock it for read-only access but not for update.

Difference between optimistic and pessimistic concurrency control

Managing locks has disadvantages. It can be complex to program. It requires significant database management resources, and it can cause performance problems as the number of users of an application increases. For these reasons, not all database management systems support pessimistic concurrency. The Entity Framework provides no built-in support for it.

optimistic concurrency

The alternative to pessimistic concurrency is optimistic concurrency. Optimistic concurrency means allowing concurrency conflicts to happen, and then reacting appropriately if they do. For example,

John runs the Departments Edit page, changes the Budget amount for the English department from $350,000.00 to $0.00.

Before John clicks Save, Jane runs the same page and changes the Start Date field from 9/1/2007 to 8/8/2013.

John clicks Save first and sees his change when the browser returns to the Index page, then Jane clicks Save. What happens next is determined by how you handle concurrency conflicts. Some of the options include the following:

  • You can keep track of which property a user has modified and update only the corresponding columns in the database. In the example scenario, no data would be lost, because different properties were updated by the two users. The next time someone browses the English department, they’ll see both John’s and Jane’s changes — a start date of 8/8/2013 and a budget of Zero dollars.

    You can let Jane’s change overwrite John’s change. The next time someone browses the English department, they’ll see 8/8/2013 and the restored $350,000.00 value. This is called a Client Wins or Last in Wins scenario. (All values from the client take precedence over what’s in the data store.) As noted in the introduction to this section, if you don’t do any coding for concurrency handling, this will happen automatically.

  • You can prevent Jane’s change from being updated in the database. Typically, you would display an error message, show her the current state of the data, and allow her to reapply her changes if she still wants to make them. This is called a Store Wins scenario. (The data-store values take precedence over the values submitted by the client.)

You can resolve conflicts by handling OptimisticConcurrencyException exceptions that the Entity Framework throws. In order to know when to throw these exceptions, the Entity Framework must be able to detect conflicts.

The rowversion value is a sequential number that’s incremented each time the row is updated. In an Update or Delete command, the Where clause includes the original value of the tracking column (the original row version) . If the row being updated has been changed by another user, the value in the rowversion column is different than the original value, so the Update or Delete statement can’t find the row to update because of the Where clause.

The attribute is called Timestamp because previous versions of SQL Server used a SQL timestamp data type before the SQL rowversion replaced it. The .Net type for rowversion is a byte array.

fluent API:

code implementation:

Using ROWVERSION or TIMESTAMP to detect concurrency conflicts


Node.js Part 2

Node is a good platform for writing an email server, file server, or proxy server, for example, and it can also be used as a client for these kinds of services. Node provides a few tools to aid in writing high quality and performant I/O applications.

From a programming point of view, you can think of buffers as similar to arrays, except they’re not resizable and can only contain the numbers 0 through 255 as values. This makes them ideal for storing binary data of, well, anything. Because buffers work with raw bytes, you can use them to implement any low ­level protocol that you desire.

A simple TCP server that echoes any data it receives back to the client

What’s the difference between pipes and sockets?

The pipe() function reads data from a readable stream as it becomes available and writes it to a destination writable stream.

Define a debug function based on a  DEBUG environment variable

What is an “event emitter”?

A  move() function that renames, if possible, or falls back to copying

The Node stack is composed of globally available functionality, core modules, and community­ created modules.

Debugging with the console module


Node Inspector

There are no classes in JavaScript because objects inherit directly from other objects, which is called prototypal inheritance.

Exporting and Importing Modules

Another bad part in browser JavaScript is that there is no way to include modules. Scripts are supposed to be linked together using a different language (HTML), but dependency management is lacking. CommonJS ( and RequireJS ( solve this problem with the AJAX­y approach. Node.js borrowed many things from the CommonJS concept.

it’s a common practice in node.js apps (and Mongoose) to open a database connection once, when the program starts, and then to keep it open until termination. this applies to web apps and servers as well.

creating TLS/SSL Keys and Certificates

HTTPS server

mocha, describe, beforeEach, afterEach, it, console.log usage

Module Patterns

How to store Node.js deployment settings/configuration files?


Instances of the Buffer class are similar to arrays of integers but correspond to fixed­ sized, raw memory allocations outside the V8 heap. The size of the Buffer is established when it is created and cannot be resized.

Use of SlowBuffer should be used only as a last resort after a developer has observed undue memory retention in their applications.


Node.js – walk-through – Part 1

RESTful = Http Verbs.
Real-time application framework for Node.js
Allows to send messages from one server to multiple connected browsers.
Supports fallback functionality. Means supports old type browsers. Works between Server-Client.

REST framework for Node.js, defines page handles for routes.

Node uses Module names as Namespaces.

Node.js is not ideal for large applications, because it has high CPU usage and also high memory data sets. Node.js is not best for CRUD applications, is not really good just for simple Database read/write applications.

Tip: You should keep variables in a scope that is local to the functions that need to use them.

Installing a Module$ npm install <package name>
Sample: $ npm install sax

Uninstalling a Module$ npm uninstall <package name>
$ npm uninstall -g <package name> to remove globally installed package.

Updating a Module$ npm update <package name>

Event-driven or asynchronous programming is a programming style whereby the flow of execution is determined by events. Events are handled by event handlers or event callbacks.

Allowing JavaScript developers to create extremely high performance servers by leveraging Google’s V8 JavaScript engine, and asynchronous I/O.
This project turned the difficult task of writing event-driven server-side applications into an easy one. Node allows you to easily construct fast and scalable network services.

The most significant difference between child_process.spawn and child_process.exec is in what they return –
spawn returns a stream and exec returns a buffer.
spawn is best used to when you want the child process to return a large amount of data to Node – image processing, reading binary data etc.
So what do you use exec for? Use it to run programs that return result statuses, instead of data. to spawn child processes that execute external commands by using the child_process.spawn method.

When you use​ stream.pause();​​ you will not receive any further “data” events.
Readable Stream example; in the second example we specify Encoding type.

Node does not block on I/O,​​ it does not block on read or write commands.
Knowing When the Stream Ends

 The ​transmission control protocol​​ (TCP) is one of the fundamental protocols of the Internet.  It sits on top of the ​Internet protocol​​ (IP) and provides a
transport mechanism for the application layer.

​HTTP​​, for instance, works on top of ​TCP​​, as do many other connection­oriented applications such as iRC,

Lifecycle example of a ​TCP server​​.

​The socket.setKeepAlive() setting periodically sends an empty packet to keep the ​connection alive​​, whereas ​socket.setTimeout​​() is used to define a
local inactivity timeout.

When you get the request event on a server, you don’t immediately get the body of that request​​, simply because it has not arrived yet. But if you want to, ​you can listen for data events​​, or even pipe the request body into a WriteStream, such as a file or a TCP connection.

Piping a File When you browse this movie through web browser, ​the movie should start playing immediately​​, even though it’s not fully loaded.

You can stop HTTP server with this command: ​server.close();

HTTP​​, for instance, solves these problems whereby an application needs a request­ response workflow from a server and request and response messages are clearly delimited.

TCP ​​guarantees that the messages you receive are in order. Remember that TCP guarantees only that the packets are received in order by the application, not that they are received at all. TCP is not message­oriented; it just provides a continuous stream of data.

Printing Server Messages
conn.pipe(process.stdout, {end: false});

TCP is connection ­oriented protocol​​ that provides a reliable, ordered stream of bytes from one network node to another.

User Datagram Protocol ​(UDP), however, is a connection less protocol ​​that does not provide the delivery characteristics of TCP. When sending UDP packets,you are not guaranteed of The order they arrive in or even whether they arrive at all.

Despite these limitations, ​UDP can be quite useful​​; for instance, when you ​need to broadcast messages, you don’t need hard delivery guarantees or message ordering, or when you don’t know the addresses of your peers.

The Node https module extends the functionality of the HTTP module and uses the ​TLS ​​module to provide the ​underlying transport on top of HTTP​​.


Using a logger ​middleware

Some are separate modules that you can glue together, and some, like ​Express.js​​, offer an integrated solution that you can rapidly implement.

WebSocket connection is just a conventional TCP connection between an HTTP server and an HTTP client​​. It’s established using a handshake protocol, which is very similar to an HTTP handshake. The client initializes the connection. To do this, the browser sends a special HTTP/1.1 request to the server, asking it to turn the connection of this request into a WebSockets connection.

The best practice is not to include a ​node_modules ​​folder into ​Git repository ​​when the project is a module that supposed to be use in other application. However, it’s recommended to include ​node_­ modules ​​for deployable applications. This prevents a breakage caused by unfortunate dependency update.

The best debugger is console.log​​(), but sometime we need to see the call stack and orient ourselves in async code a bit more.

send404, ​404 ​​response from node.js

how module.exports works

Any synchronous call will block Node from doing anything until the call has finished. For example, if you’re running an HTTP server, you would take a performance hit if you used require on each incoming request. ​This is typically why require and other synchronous operations ​​are used only when the application initially loads.

Event emitters fire events and include the ability to handle those events when triggered​​. Some important Node API components, such as ​HTTP servers​​, TCP servers, and streams, are ​implemented as event emitters​​. You can also create your own.

Node, like many other languages, provides a ​REPL ​​(​read­eval­print­loop​​) interface, available by running node from the command line without any

Cookies​​ are often used by web browsers to ​simulate state ​​because ​HTTP is a stateless protocol​​.

Get and Set a Single Cookie with Node.js HTTP Server

JSON COOKIES The special JSON cookie is prefixed with j:, which informs Connect that it is intended to be serialized JSON. JSON cookies can be either
signed or unsigned.

vhost(): virtual hosting The vhost() (virtual host) middleware component is a simple, lightweight way to route requests via the Host request header. This task is commonly performed by a reverse proxy, which then forwards the request to a web server running locally on a different port​​.

csrf​​(): cross­site request forgery protection The csrf() component works by generating a 24­ character unique ID, the authenticity token, and assigning it to the user’s session as req.session._csrf. This token can then be included as a ​hidden form input named _csrf​​, and the CSRF component can validate the token on submission. This process is repeated for each interaction.

The ​compress​​() component auto detects accepted encodings via the Accept­ Encoding header field. If this field isn’t present, the identity encoding is used, meaning the response is untouched. Otherwise, if the field contains ​gzip, deflate​​, or both, the response will be compressed.

Practically speaking, ​TDD and BDD are largely the same thing, with the differences mostly being in the language used to describe the tests​​, as you’ll see when we go through some examples.

in MVC web applications, the user will typically request a resource from the server, which will cause the controller to request application data from the model and then pass the data to the view, which will finally format the data for the end user.

noSQL databases, has table, key/value pair

Database usage and decision on Web Applications

Cross Browser Testing:

Securing user passwords

Error handling middle-ware in Connect

Authenticating user logins

NODE_ENV, process.env object


node specific cloud­hosting and ide services

Auto­reload of files in Node.js

In addition to using all CPU cores, you’ll want to avoid using Node to host static files for high ­volume production sites. Node is geared toward interactive applications, such as web applications and TCP / IP protocols, and it can’t serve static files as efficiently as software optimized to do only that.

For serving static files you’ll want to ​use technologies like Nginx (, which specializes in serving static files​​.

Alternatively, you could upload all your ​static files to a content delivery network ( CDN ), like Amazon S3 (, and reference those files in your application. ​​In this section, we’ll cover some server uptime and performance tips:

Using Upstart to keep your application up and running through restarts and crashes Using Node’s cluster API to utilize multi core processors Serving Node application static files using Nginx.


Most modern computer CPU’s have multiple cores, but a Node process uses only one of them when running​​. If you were hosting a Node application on a server and wanted to maximize the server’s usage, ​you could manually start multiple instances of your application on different TCP / IP ports and use a load balancer to distribute web traffic to these different instances​​, but that’s laborious to set up.

To make it easier to use multiple cores for a single application, the ​cluster API ​​was added to Node. This API makes it easy for your application to simultaneously run multiple “workers” on different cores that each do the same thing and respond to the same TCP / IP port. Figure 12.4 shows how an application’s processing would be organized using the cluster API on a four­core processor.

A demonstration of Node’s cluster API