أسئلة القسم
تدرب على أسئلة المقابلات في هذا القسم. اكتب إجابتك، قم بتقييمها، أو اضغط على "عرض الإجابة" بعد التفكير.
How would you handle exceptions in MVC? صعب
Use Exception Filters (IExceptionFilter) for controller-level errors. Use middleware for global exception handling. Configure custom error pages in Program.cs with app.UseExceptionHandler().
How would you secure your WebAPI? صعب
- HTTPS only.
- Authentication (JWT, OAuth, API Keys).
- Authorization (roles, policies).
- Input validation + Anti-forgery where needed.
- Rate limiting / throttling.
What is the flow of generating, obtaining, and passing JWT token in a .NET application? صعب
- User sends credentials to Auth endpoint.
- Server validates and issues JWT (signed).
- Client stores JWT (localStorage, cookies).
- Client sends JWT in Authorization: Bearer
header for each request. - Server middleware validates token signature and claims.
When using JWT tokens in an API, how does the server ensure it talks to a legitimate client? صعب
- Server verifies signature with secret/public key.
- Checks issuer, audience, expiration claims.
- (Optional) Use TLS and extra device checks.
Is the API security compromised when the user’s JWT token is stolen? صعب
Yes. JWT is bearer token: anyone holding it can act as user until it expires. Mitigations: Short lifetimes + refresh tokens, revoke via blacklists.
Explain Caching strategies in ASP.NET Core. صعب
- In-Memory Cache: per app instance.
- Distributed Cache: Redis/SQL for multi-server scenarios.
- Response Caching: caches entire HTTP responses.
- Output caching (new in .NET 8): caches action results.
Write the complete steps/code for creating an HTTP POST API - taking a request and returning response in JSON. صعب
[HttpPost("products")]
public IActionResult Create([FromBody] ProductDto dto) {
// validate & save
return CreatedAtAction(nameof(GetById), new { id = 1 }, dto);
}
Write a Custom Middleware (with Invoke method). صعب
public class MyMiddleware {
private readonly RequestDelegate _next;
public MyMiddleware(RequestDelegate next) => _next = next;
public async Task Invoke(HttpContext context) {
// pre logic
await _next(context);
// post logic
}
}
// registration:
app.UseMiddleware<MyMiddleware>();
What is gRPC and how is it different from REST APIs? صعب
| Feature | gRPC | REST |
|---|---|---|
| Protocol | HTTP/2 | HTTP 1.1/2 |
| Data Format | Protobuf (binary) | JSON/XML |
| Speed | Faster, smaller payloads | Slower |
| Streaming | Built-in bidirectional streaming | Limited |
Write different ways for API Versioning in .NET Core. صعب
- URL versioning: /api/v1/products
- Query string: ?api-version=1.0
- Header versioning: X-Version:1
- Use Microsoft’s Asp.Versioning NuGet for built-in support.
Write code/steps to Upload & Retrieve an image from Azure Blob Storage. صعب
Upload:
var blob = container.GetBlobClient("image.jpg");
await blob.UploadAsync(stream);
Retrieve:
var blob = container.GetBlobClient("image.jpg");
var download = await blob.DownloadAsync();
Write steps to create an API in .NET. صعب
- dotnet new webapi
- Add Models
- Add DbContext (if needed)
- Add Controllers
- Configure DI and routing
- Test with Swagger.
Write code to call an API from a .NET client. صعب
var client = httpClientFactory.CreateClient();
var response = await client.GetAsync("https://api.example.com/data");
var content = await response.Content.ReadAsStringAsync();