Storing Access Tokens (JWT) in LocalStorage is insecure (XSS vulnerability). Storing them in HttpOnly cookies is safer, but SPAs can’t read cookies. The solution? The **Backend for Frontend (BFF)** pattern. The Architecture Using YARP (Yet Another Reverse Proxy) Microsoft’s YARP is the perfect tool to build a .NET BFF. Key Takeaways **Zero Tokens in Browser**: […]
Read more โHigh Performance C#: Span and Memory
`Span<T>` allows you to work with contiguous memory regions (Arrays, Stack, Native Heap) without allocating new objects. It’s the secret sauce behind Kestrel’s speed. Slicing without Allocation Stackalloc Allocate memory on the stack (super fast, auto-cleaned) instead of the heap (GC pressure). Key Takeaways `Span<T>` is a `ref struct`, meaning it can only live on […]
Read more โAzure Durable Functions: Fan-Out/Fan-In Pattern
The Fan-Out/Fan-In pattern allows you to execute tasks in parallel and then aggregate the results. This is famously difficult in standard serverless, but trivial with Durable Functions. The Orchestrator How it Scales Key Takeaways The Orchestrator function replays from the start after every `await`. Avoid non-deterministic code (like `DateTime.Now`) inside the orchestrator logic. Activities run […]
Read more โAngular State Management: NgRx vs Akita
State management in Angular is often over-engineered. Do you really need the full Redux pattern (NgRx) with its boilerplate Actions, Reducers, Effects, and Selectors? Or is Akita’s OO-approach better? NgRx: The Strict Pure Approach NgRx is verbose but predictable. It shines in large teams where strict enforcement of “One Way Data Flow” prevents spaghetti code. […]
Read more โObservability with OpenTelemetry in .NET
Vendor lock-in is a real risk in observability. If you instrument your code with `ApplicationInsights.TrackEvent()`, migrating to Datadog or Prometheus later requires a rewrite. OpenTelemetry (OTel) solves this. The OTel Collector Pattern Your app sends data to a local “Collector” (Sidecar), which then exports it to multiple backends. This code is vendor-neutral. The OTel Collector […]
Read more โAzure Functions 3.0 to 4.0: Performance Deep Dive
With the release of Azure Functions 4.0 (running on .NET 6), the performance landscape for serverless has shifted dramatically. Upgrading from 3.0 (.NET Core 3.1) isn’t just a version bump; it is an overhaul of the worker process. Cold Start Analysis The “Cold Start” is the time it takes for Azure to provision your instance […]
Read more โ