Dasith Wijesiriwardena

Software Engineer | Solutions Architect | Tech Speaker | Geek with an unhealthy fascination for distributed systems and a #microsoftie. Not in that order. I’m currently based in Melbourne and work for Microsoft.

I’ve been developing software for close to 2 decades now. Since my early days of playing with C++, VB, ASP and PHP, software development has gone through a paradigm shift. These days I mostly work on things that run natively on the cloud and edge. Join me on my journey through the world of .NET and all things distributed.

Consider any opinions expressed here as my own.

The Shell Game Called Eventual Consistency - API Days Jakarta 2021

3 minute read

A few weeks ago I spoke at API Days Jakarta about some of experiences building distributed systems. As more and more companies take their businesses to the web, they are finding that their customers are demanding highly responsive and highly available systems. So developers are expected to build those responsive distributed systems more than anytime in the past. This means that in certain situations you as developers have to let go of strong consistency or distributed transactions. Even in other cases m...

Not All “Microservices Frameworks” Are Made The Same - NDC Sydney 2020

3 minute read

Last October I spoke at NDC Sydney about the pitfalls associated with microservices frameworks and how you can still leverage libraries and runtimes to help with distributed system complexities. In my experience, microservices frameworks tend to give diminishing results as your project evolves and even makes your team less agile and productive. Microservices are an architectural style and frameworks tie you down to a lot of opinions that do not age well. This is my first time speaking at NDC and due to ...

Building Distributed Systems on the Shoulders of Giants - API Days Live, Australia 2020

2 minute read

I recently spoke about building distributed systems at API Days Australia conference. My talk is titled Building distributed systems on the shoulders of giants. It’s a reference to the popular metaphor about leveraging the knowledge on people who have been here before us. About API Days Live Australia On the website it says APIdays is the leading industry tech and business series of conferences in APIs and the programmable economy. As APIs become mainstream, our world becomes more connected, more au...

Converting a Visual Studio database project to use DbUp migrations

10 minute read

Database projects in Visual Studio have been a very popular way to develop and manage the database schema and logic in the past. With more and more applications now preferring to have the data tier logic and validation within the bounds of the application and use the database just for persistence, I’ve come across clients who want to convert their database projects to a more CI/CD friendly database migrations. So I decided to share an approach used to convert existing database project to use database mi...

Preventing fat/bloated/god controllers by following a simple endpoint pattern

5 minute read

I’ve been working with ASP.NET/CORE MVC and WebApi for a while now and there is a problem I often run in to. It’s the case of the fat/bloated/god controller. This is a fairly simple problem to diagnose and most developers I speak to understand why this is an anti pattern. But why does it keep happening and how do we prevent it? What makes good developers fall into this trap? The library referenced in this post SimpleEndpoints is hosted at https://github.com/dasiths/SimpleEndpoints. The Why Typical...

Integration Testing an AspNet Core API That is Protected With CSRF/XSRF Tokens

5 minute read

I was working on writing integrations tests for an AspNet Core Web API project recently (I blogged about how to write integration tests here). The front end was developed using Angular and we had CSRF protection enabled. If you haven’t done this before, the Microsoft documentation is a good place to start. How It Works On the first request to the server, it returns a cookie with a special name (i.e. XSRF-TOKEN). The SPA is expected to extract the value from the cookie and reattach that in the subseque...

Upcoming talk @ API Days, Melbourne 2019

19 minute read

I’ll be speaking about some of my Microservices scars at the upcoming API Days conference to be held at Melbourne convention & exhibition centre. My talk is titled A Game of Snake And Ladders Called Microservices. It’s a reference to the popular board game and hopeful to carry the theme throughout my talk.

Speaking @ DDD Melbourne 2019

1 minute read

Last weekend I spoke at @DDDMelbourne and it was my first time doing so. The event attracted close to 900 people and had 5 concurrent tracks. I spoke at the @JuniorDev channel about Modern Authentication.

Protecting Assets Without Using Authorization Headers (i.e. Bearer Tokens)

6 minute read

tl;dr; If you want to access an api endpoint but don’t have a way to append the authorization info to your request, you need to create a magic url that is short lived and has limited use. Go directly here for code samples. Consider this scenario. You have developed a SPA (Single Page Application) that uses some form of OAuth to retrieve an access/bearer token. You now append that to your http request header when you call your backend REST API. The backend inspects the token and processes the request....

Setting Up AzureAD Multi-tenant Authentication With ASP NET Core And Angular

6 minute read

Using Azure AD to implement a multi-tenant application is fairly straight forward. It requires turning on a few knobs and switches from the portal and you’re most of the way there. In this post we will look at how to setup an multi-tenant app registration and implement the logic in the front end to direct the user to a common sign-in endpoint. We will also look at how to control access to a pre determined set of tenants. App Registration This is the easy part. Create an app registration from the Azure ...