ASP.NET Web API 2: Building a REST Service from Start to Finish
All
Stack Overflow 8
This Year
Stack Overflow 4
This Month
Stack Overflow 1
I'm not sure why you said ASP.Net Core and Web API 2. They are mutually exclusive; we don't normally use both in same project.
In Web API 2, you can easily implement Basic Authentication using DelegatingHandler.
Here is the sample code -
IBasicSecurityService
BasicSecurityService
BasicAuthenticationMessageHandler
Credit: Page 121 of ASP.NET Web API 2: Building a REST Service from Start to Finish.
There are four basic approaches to version the RESTful way -
URI Path This approach takes the following form:
http://api/v2/Tasks/{TaskId}
URI Parameter This approach takes the following form:
http://api/Tasks/{TaskId}?v=2
Content Negotiation This is done in the HTTP header.
Content Type: application/vnd.taskManagerApp.v2.param.json
Request Header This is also done in the HTTP header.
x-taskManagerApp-version: 2
I personally like 1st approach. You can read Mike Wasson's ASP.NET Web API: Using Namespaces to Version Web APIs.
Many people have modified Mike Wasson's Original Source. I like the one used in ASP.NET Web API 2 book by Jamie Kurtz, Brian Wortman.
Since it has too many moving pieces, I created a sample project at GitHub.
Then, you add ApiVersionConstraint
Usage
You just place RoutePrefix on a controller, and you are done.
If you ask 10 people, they will answer 10 different answers.
Look at open source project such as NopCommerce, Orchard or Umbraco. (They are all MVC; it is hard to find Web Form project these days).
Recently, I read ASP.NET Web API 2: Building a REST Service from Start to Finish. It explains how to create project structure step-by-step. (Although it is written for Web API, you will get the idea of how projects are layout.) Here is the source code.
You do not want to instantiate DbContext inside service classes. Instead, you want to inject dependencies using IoC container.
In addition, you do not want to call HttpContext object inside Database layer like you did in the method parameter.
FYI: you situation is very similar to Dependency Injection in .NET book Chapter 2. In the book, Mark Seemann explains the problem of tight coupling, and how to solve using dependency injection.
Some people like to return IQueryable from service classes instead of IList or custom collection. If IQueryable, you can retrieve only the properties that you want.
Other thoughts
If it is a new project, I would like to suggest to use ASP.Net MVC instead of Web Form. The reason is you cannot unit test Web Form, and it is hard to inject dependencies in Web Form.
Updated: 10/8/2014
I see. However, layers of class libraries are basically same; only presentation layer is different. Main concept is you should be able to add Web Form, WPF, MVC, Web API to your existing solution without changing anything in class libraries. In order to do that you need to inject dependencies instead of tight coupling (you can still implement dependency injection in Web Form).
On thing I forget to mention is you want to access DbContext via Repository. In other words, Service layer should not need to know what kind of database you are using.
Look at those open source projects in answers 1.
ASP.NET Web API 2.1 have framework support for global handling of unhandled exceptions.
It allows use to customize the HTTP response that is sent when an unhandled application exception occurs.
So, do not catch exception in Class Library. If you are required to log exception in Class Library, then re-throw those exception to Presentation.
WebApiConfig
GlobalExceptionHandler
CustomErrorResult
Credit to ASP.NET Web API 2: Building a REST Service from Start to Finish
Here is the sample code for BasicAuthenticationMessageHandler which uses message handler to support HTTP Basic Authentication.
You can read more at Page 121 of ASP.NET Web API 2: Building a REST Service from Start to Finish.
IBasicSecurityService
BasicSecurityService
BasicAuthenticationMessageHandler