Understanding Middleware in ASP.NET Core (A Practical Guide)
Introduction
Middleware is the backbone of every ASP.NET Core application. It’s the pipeline that handles HTTP requests and responses — and every feature like authentication, routing, and logging relies on it.
In simple terms, middleware are components that process requests in sequence before sending a response back to the client.
Why Middleware Matters
- Centralized logic: Handle cross-cutting concerns like logging, caching, or authentication in one place.
- Extensible: You can add, remove, or reorder components easily.
- Modular design: Each middleware has a single, well-defined responsibility.
Middleware Flow in ASP.NET Core
ASP.NET Core uses a request pipeline built by chaining multiple middleware components.
Flow example:
- Incoming HTTP request
- Logging middleware
- Authentication middleware
- Routing middleware
- Endpoint execution
- Response middleware (e.g., error handling, compression)
Example: Built-in Middleware Setup in Program.cs
var builder = WebApplication.CreateBuilder(args);
var app = builder.Build();
// Built-in middleware in action
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
Each line like UseRouting() or UseAuthorization() adds a middleware to the pipeline. The order matters — placing one incorrectly can break authentication or routing.
Creating a Custom Middleware
Here’s how to build your own logging middleware 👇
public class RequestLoggingMiddleware
{
private readonly RequestDelegate _next;
public RequestLoggingMiddleware(RequestDelegate next)
{
_next = next;
}
public async Task InvokeAsync(HttpContext context)
{
Console.WriteLine($"[{DateTime.Now}] Request: {context.Request.Method} {context.Request.Path}");
await _next(context); // Call the next middleware
Console.WriteLine($"[{DateTime.Now}] Response: {context.Response.StatusCode}");
}
}
Register it in Program.cs:
app.UseMiddleware<RequestLoggingMiddleware>();
Now every request will log to the console before and after it’s processed.
Understanding Middleware Order
Order defines behavior. Example:
✅ Correct order:
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
❌ Wrong order (Authorization before Authentication):
app.UseAuthorization();
app.UseAuthentication();
The wrong order will cause unauthorized responses even when users are authenticated.
Shortcuts: Use, Run, and Map
ASP.NET Core provides three main methods to register middleware:
| Method | Description |
|---|---|
Use | Adds middleware that can call the next component |
Run | Adds terminal middleware — stops pipeline here |
Map | Branches the pipeline for specific routes |
Example:
app.Map("/health", builder =>
{
builder.Run(async context =>
{
await context.Response.WriteAsync("Healthy ✅");
});
});
Visiting /health will only execute this middleware branch.
Middleware Best Practices
- ✅ Keep middleware small and focused on a single task.
- 🔁 Reuse middleware across projects when possible.
- 🚫 Don’t perform long-running operations inside middleware.
- 🔒 Always register authentication before authorization.
- 📄 Add exception-handling middleware at the top of the pipeline.
Conclusion
Middleware is one of the most powerful and flexible features of ASP.NET Core. Once you understand how the pipeline works, you can easily add custom logic, enhance performance, and create clean, modular applications.
Use it wisely — and your web apps will be faster, safer, and easier to maintain.
Post Tags:
#aspnet-core #csharp #dotnet #middleware #webapi