Syllabus

ASP.NET Core Complete Tutorial (ShopNest)

Module 1: Foundations
What is ASP.NET Core? Complete Guide Setting Up ASP.NET Core Development Environment ASP.NET Core Project Structure Explained MVC Architecture in ASP.NET Core — Complete Guide Controllers and Actions in ASP.NET Core Routing in ASP.NET Core — Conventional and Attribute Routing Views and Razor Syntax in ASP.NET Core Layouts, Partial Views and View Components Models and ViewModels in ASP.NET Core Forms, Model Binding and Validation in ASP.NET Core Tag Helpers in ASP.NET Core — Complete Guide Static Files, Bundling and Minification in ASP.NET Core
Module 2: Entity Framework Core
Entity Framework Core — Introduction and Setup EF Core Code First — Models, Migrations, Database EF Core CRUD Operations — Create, Read, Update, Delete EF Core LINQ Queries — Beginner to Advanced EF Core Relationships — One-to-One, One-to-Many, Many-to-Many EF Core Fluent API — Advanced Configuration EF Core Repository Pattern and Unit of Work EF Core Performance Optimization Database First Approach with EF Core (Scaffold) EF Core with SQL Server — Advanced Features
Module 3: Dependency Injection & Middleware
Dependency Injection in ASP.NET Core — Complete Guide Middleware in ASP.NET Core — Complete Guide Configuration in ASP.NET Core — appsettings, Environment Variables, Secrets Filters in ASP.NET Core — Action, Authorization, Exception, Resource, Result Logging in ASP.NET Core — ILogger, Serilog, NLog Error Handling and Exception Management in ASP.NET Core
Module 4: Authentication & Security
ASP.NET Core Identity — Complete Setup Guide Authentication in ASP.NET Core — Cookie and JWT Authorization in ASP.NET Core — Roles, Policies, Claims JWT Authentication with Refresh Tokens — Complete Implementation OAuth2 and External Login (Google, Facebook, Microsoft) Data Protection and Encryption in ASP.NET Core HTTPS, SSL Certificates and Security Best Practices
Module 5: Web API
Building REST APIs with ASP.NET Core — Complete Guide API Versioning in ASP.NET Core Swagger / OpenAPI Documentation in ASP.NET Core Input Validation in Web APIs — FluentValidation and Data Annotations Pagination, Filtering and Sorting in ASP.NET Core APIs HTTP Client and Consuming External APIs in ASP.NET Core Minimal APIs in ASP.NET Core .NET 8 SignalR — Real-Time Web Applications
Module 6: Advanced Architecture
Clean Architecture in ASP.NET Core CQRS Pattern with MediatR in ASP.NET Core Repository Pattern — Deep Dive with Generic Repository Background Services and Hosted Services in ASP.NET Core Caching in ASP.NET Core — In-Memory, Distributed, Redis Health Checks in ASP.NET Core AutoMapper in ASP.NET Core Microservices with ASP.NET Core — Introduction Message Queues with RabbitMQ / Azure Service Bus in ASP.NET Core gRPC with ASP.NET Core
Module 7: Testing
Unit Testing ASP.NET Core with xUnit and Moq Integration Testing in ASP.NET Core Testing EF Core — In-Memory vs SQLite Performance Testing and Load Testing ASP.NET Core APIs Test-Driven Development (TDD) in ASP.NET Core
Module 8: Deployment & DevOps
Deploying ASP.NET Core to IIS on Windows Server Docker and Containerization for ASP.NET Core Deploying ASP.NET Core to Azure App Service CI/CD with GitHub Actions for ASP.NET Core Azure SQL Database with ASP.NET Core Environment Configuration and Secrets Management
Module 9: Real-World Projects
Build a Complete Blog Website with ASP.NET Core MVC Build an E-Commerce Product Catalog API (ASP.NET Core Web API) Build a Student Management System (Complete CRUD App) Build a Job Portal (Full Stack ASP.NET Core) Build a REST API with Clean Architecture — Complete Guide Build a Real-Time Chat App with SignalR and ASP.NET Core
Module 10: Advanced Topics
Blazor WebAssembly and Blazor Server — Complete Guide gRPC, GraphQL and Alternative API Styles in ASP.NET Core Rate Limiting and API Throttling in ASP.NET Core .NET 8 Output Caching in ASP.NET Core .NET 8 ASP.NET Core .NET 9 New Features — Complete Guide
ASP.NET Core Complete Tutorial (ShopNest)
Lesson 24 of 75 32% of course

Middleware in ASP.NET Core — Complete Guide

1 · 5 min · 5/24/2026

Learn Middleware in ASP.NET Core — Complete Guide in our free ASP.NET Core Complete Tutorial (ShopNest) series. Step-by-step explanations, examples, and interview tips on Toolliyo Academy.

Sign in to track progress and bookmarks.

Middleware in ASP.NET Core — Complete Guide — ShopNest
Article 24 of 75 · Module 3: Dependency Injection & Middleware · ShopNest API Gateway / Request Logging
Target keyword: middleware asp.net core · Read time: ~29 min · .NET: 8 / 9 · Project: ShopNest API Gateway / Request Logging

Introduction

Middleware forms the ASP.NET Core pipeline — each component can inspect, modify, or short-circuit the HTTP request. Like airport security: every passenger (request) passes checkpoints in a fixed order before reaching the gate (controller).

After this article you will

  • Understand pipeline order: Exception → HTTPS → Static → Routing → Auth → Endpoints
  • Build custom logging and timing middleware
  • Short-circuit with Run/Map
  • Compare IMiddleware vs convention-based middleware
  • Know when middleware beats action filters

Prerequisites

Concept deep-dive

Correct order (simplified)

ExceptionHandler → HTTPS → StaticFiles → Routing → CORS
→ Authentication → Authorization → Endpoints

Bug example: UseAuthorization() before UseAuthentication() — user is never authenticated, all [Authorize] fails mysteriously.

// Convention-based middleware
public class RequestTimingMiddleware
{
    private readonly RequestDelegate _next;
    private readonly ILogger<RequestTimingMiddleware> _logger;

    public RequestTimingMiddleware(RequestDelegate next, ILogger<RequestTimingMiddleware> logger)
    {
        _next = next;
        _logger = logger;
    }

    public async Task InvokeAsync(HttpContext context)
    {
        var sw = Stopwatch.StartNew();
        await _next(context);
        sw.Stop();
        _logger.LogInformation("{Method} {Path} {Status} {Ms}ms",
            context.Request.Method, context.Request.Path,
            context.Response.StatusCode, sw.ElapsedMilliseconds);
    }
}

// Register
app.UseMiddleware<RequestTimingMiddleware>();

IMiddleware: resolved from DI per request — inject scoped services safely. Inline: app.Use(async (ctx, next) => { ... });

MiddlewareAction filters
Entire pipeline, all requestsMVC/API actions only
Routing, auth, static filesModel binding, validation, caching per action

Hands-on — ShopNest API Gateway / Request Logging

  1. RequestTimingMiddleware — log duration and status code.
  2. RequestResponseLoggingMiddleware — log body in Development only (mask passwords).
  3. Map("/health", app => app.Run(async ctx => await ctx.Response.WriteAsync("OK"))).
  4. Verify order in Program.cs matches diagram above.

Common errors & best practices

  • Middleware after MapControllers that never calls next — later middleware skipped.
  • Reading request body without EnableBuffering — stream consumed, model binding breaks.
  • Heavy logic in middleware for one route — use filters or endpoint metadata instead.

Interview questions

Q: Middleware order?
A: First registered runs first on way in; reverse on way out — auth before authorization.

Q: Short-circuit?
A: Don't call next() — pipeline stops, response sent (e.g. IP block).

Q: Middleware vs filter?
A: Middleware for cross-cutting HTTP concerns; filters for MVC action pipeline.

Summary

  • Pipeline order is critical — auth before authorization
  • Custom middleware logs ShopNest API gateway traffic
  • IMiddleware enables DI in middleware classes
  • Use Map/Run for branch pipelines

Previous: Dependency Injection
Next: Configuration in ASP.NET Core

FAQ

Can middleware access DbContext?

Use IMiddleware with scoped injection, not singleton middleware holding DbContext.

Where put rate limiting?

.NET 8 built-in rate limiter middleware before endpoints.

Interview Q&A for this course

Test your knowledge

Quizzes linked to this course—pass to earn certificates.

SOLID Design Principles — Practice Quiz
Test your understanding of SOLID Design Principles Tutorial. Single responsibility, open/c…
Intermediate 15 min
SignalR Real-Time — Practice Quiz
Test your understanding of SignalR Real-Time Tutorial. WebSockets, hubs, and live updates …
Intermediate 15 min
Microservices with .NET — Practice Quiz
Test your understanding of Microservices with .NET. Distributed systems, APIs, messaging, …
Intermediate 15 min
LINQ — Practice Quiz
Test your understanding of LINQ Tutorial. Query in-memory and database data with fluent LI…
Intermediate 15 min
Entity Framework Core — Practice Quiz
Test your understanding of Entity Framework Core Tutorial. Modern ORM: Code First, migrati…
Intermediate 15 min
Design Patterns in C# — Practice Quiz
Test your understanding of Design Patterns in C#. Creational, structural, and behavioral p…
Intermediate 15 min
Browse all quizzes
Previous Next
ASP.NET Core Complete Tutorial (ShopNest)

On this page

Introduction After this article you will Prerequisites Concept deep-dive Correct order (simplified) Hands-on — ShopNest API Gateway / Request Logging Common errors &amp; best practices Interview questions Summary FAQ Can middleware access DbContext? Where put rate limiting?
Module 1: Foundations
What is ASP.NET Core? Complete Guide Setting Up ASP.NET Core Development Environment ASP.NET Core Project Structure Explained MVC Architecture in ASP.NET Core — Complete Guide Controllers and Actions in ASP.NET Core Routing in ASP.NET Core — Conventional and Attribute Routing Views and Razor Syntax in ASP.NET Core Layouts, Partial Views and View Components Models and ViewModels in ASP.NET Core Forms, Model Binding and Validation in ASP.NET Core Tag Helpers in ASP.NET Core — Complete Guide Static Files, Bundling and Minification in ASP.NET Core
Module 2: Entity Framework Core
Entity Framework Core — Introduction and Setup EF Core Code First — Models, Migrations, Database EF Core CRUD Operations — Create, Read, Update, Delete EF Core LINQ Queries — Beginner to Advanced EF Core Relationships — One-to-One, One-to-Many, Many-to-Many EF Core Fluent API — Advanced Configuration EF Core Repository Pattern and Unit of Work EF Core Performance Optimization Database First Approach with EF Core (Scaffold) EF Core with SQL Server — Advanced Features
Module 3: Dependency Injection & Middleware
Dependency Injection in ASP.NET Core — Complete Guide Middleware in ASP.NET Core — Complete Guide Configuration in ASP.NET Core — appsettings, Environment Variables, Secrets Filters in ASP.NET Core — Action, Authorization, Exception, Resource, Result Logging in ASP.NET Core — ILogger, Serilog, NLog Error Handling and Exception Management in ASP.NET Core
Module 4: Authentication & Security
ASP.NET Core Identity — Complete Setup Guide Authentication in ASP.NET Core — Cookie and JWT Authorization in ASP.NET Core — Roles, Policies, Claims JWT Authentication with Refresh Tokens — Complete Implementation OAuth2 and External Login (Google, Facebook, Microsoft) Data Protection and Encryption in ASP.NET Core HTTPS, SSL Certificates and Security Best Practices
Module 5: Web API
Building REST APIs with ASP.NET Core — Complete Guide API Versioning in ASP.NET Core Swagger / OpenAPI Documentation in ASP.NET Core Input Validation in Web APIs — FluentValidation and Data Annotations Pagination, Filtering and Sorting in ASP.NET Core APIs HTTP Client and Consuming External APIs in ASP.NET Core Minimal APIs in ASP.NET Core .NET 8 SignalR — Real-Time Web Applications
Module 6: Advanced Architecture
Clean Architecture in ASP.NET Core CQRS Pattern with MediatR in ASP.NET Core Repository Pattern — Deep Dive with Generic Repository Background Services and Hosted Services in ASP.NET Core Caching in ASP.NET Core — In-Memory, Distributed, Redis Health Checks in ASP.NET Core AutoMapper in ASP.NET Core Microservices with ASP.NET Core — Introduction Message Queues with RabbitMQ / Azure Service Bus in ASP.NET Core gRPC with ASP.NET Core
Module 7: Testing
Unit Testing ASP.NET Core with xUnit and Moq Integration Testing in ASP.NET Core Testing EF Core — In-Memory vs SQLite Performance Testing and Load Testing ASP.NET Core APIs Test-Driven Development (TDD) in ASP.NET Core
Module 8: Deployment & DevOps
Deploying ASP.NET Core to IIS on Windows Server Docker and Containerization for ASP.NET Core Deploying ASP.NET Core to Azure App Service CI/CD with GitHub Actions for ASP.NET Core Azure SQL Database with ASP.NET Core Environment Configuration and Secrets Management
Module 9: Real-World Projects
Build a Complete Blog Website with ASP.NET Core MVC Build an E-Commerce Product Catalog API (ASP.NET Core Web API) Build a Student Management System (Complete CRUD App) Build a Job Portal (Full Stack ASP.NET Core) Build a REST API with Clean Architecture — Complete Guide Build a Real-Time Chat App with SignalR and ASP.NET Core
Module 10: Advanced Topics
Blazor WebAssembly and Blazor Server — Complete Guide gRPC, GraphQL and Alternative API Styles in ASP.NET Core Rate Limiting and API Throttling in ASP.NET Core .NET 8 Output Caching in ASP.NET Core .NET 8 ASP.NET Core .NET 9 New Features — Complete Guide