Advanced Built-in Middleware (Static Files, Routing, Auth) in ASP.NET Core Tutorial. Deep dive with production-oriented examples—not a shallow overview.
Architecture & mental model
The ASP.NET Core middleware pipeline is a chain of delegates. Order matters: exception handling early, HTTPS, routing, authentication, authorization, then endpoints. Each middleware can short-circuit or call next.
Implementation (production-style)
Type the code below; change names and types to match your domain. Compare with how ASP.NET Core teams structure layers in mature codebases.
var app = builder.Build();
app.UseExceptionHandler("/error");
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
// Custom middleware
app.Use(async (context, next) =>
{
var sw = Stopwatch.StartNew();
await next();
sw.Stop();
context.Response.Headers["X-Elapsed-Ms"] = sw.ElapsedMilliseconds.ToString();
});Decision checklist
- Requirements: What are latency, consistency, and security needs for "Built-in Middleware (Static Files, Routing, Auth)"?
- Boundaries: Which layer owns this logic (UI, API, domain, infrastructure)?
- Failure modes: What happens when dependencies time out or return partial data?
- Observability: What logs or metrics prove this feature works in production?
Hands-on lab (45–60 min)
- Reproduce the primary example for "Built-in Middleware (Static Files, Routing, Auth)" in a scratch project using ASP.NET Core.
- Add one automated test (unit or integration) that would fail if you break the core behavior.
- Introduce a deliberate bug (wrong lifetime, missing await, wrong dependency order) and observe the symptom.
- Document one trade-off you would present in a design review.
Pitfalls senior engineers avoid
- Running auth after endpoints are mapped incorrectly.
- Duplicate UseRouting/UseEndpoints patterns on older templates.
- Heavy work in middleware that should be a filter or handler.
Interview depth
Question: Explain Built-in Middleware (Static Files, Routing, Auth) to a junior developer in 2 minutes, then list two trade-offs.
Strong answer: Start with the problem it solves, describe one real project usage, mention a failure you debugged or would test for, and close with alternatives (when not to use this approach).
Next level
Pair this lesson with official docs for ASP.NET Core, then read source or decompile one framework call path involved in "Built-in Middleware (Static Files, Routing, Auth)". Advanced mastery comes from combining reading, debugging, and shipping.
Summary
You completed an advanced treatment of Built-in Middleware (Static Files, Routing, Auth). Revisit after building a feature that uses it end-to-end; spaced repetition with real code beats re-reading alone.