- Introduction
- Full-stack Applications
- Follow me
This is one of my E-commerce API app implementations. It is written in .Net C Sharp using ASP.Net Core MVC framework. This is not a finished project by any means, but it has a valid enough shape to be git cloned and studied if you are interested in this topic. If you are interested in this project take a look at my other server API implementations I have built(see below).
- Spring Boot + Spring Data Hibernate
- Spring Boot + JAX-RS Jersey + Spring Data Hibernate
- Node Js + Sequelize
- Node Js + Bookshelf
- Node Js + Mongoose
- Python Django
- Flask
- Golang go gonic
- Ruby on Rails
- AspNet Core
- Laravel
The next to come are:
- Spring Boot + Spring Data Hibernate + Kotlin
- Spring Boot + Jax-RS Jersey + Hibernate + Kotlin
- Spring Boot + mybatis
- Spring Boot + mybatis + Kotlin
- Asp.Net Web Api v2
- Elixir
- Golang + Beego
- Golang + Iris
- Golang + Echo
- Golang + Mux
- Golang + Revel
- Golang + Kit
- Flask + Flask-Restful
- AspNetCore + NHibernate
- AspNetCore + Dapper
This client side E-commerce application is also implemented using other client side technologies:
- Spring Boot + Spring Data Hibernate
- Go + Gin Gonic
- NodeJs + Mongoose
- Laravel
- Ruby on Rails + JBuilder
- Django + Rest-Framework
- Asp.Net Core
- Flask + Flask-SQLAlchemy
The next to come are:
- Spring Boot + Spring Data Hibernate + Kotlin
- Spring Boot + Jax-RS Jersey + Hibernate + Kotlin
- Spring Boot + mybatis
- Spring Boot + mybatis + Kotlin
- Asp.Net Web Api v2
- Elixir
- Golang + Beego
- Golang + Iris
- Golang + Echo
- Golang + Mux
- Golang + Revel
- Golang + Kit
- Flask + Flask-Restful
- AspNetCore + NHibernate
- AspNetCore + Dapper
The next come are
- Angular NgRx-Store
- Angular + Material
- React + Material
- React + Redux + Material
- Vue + Material
- Vue + Vuex + Material
- Ember
- Spring Boot + Spring Data Hibernate
- Spring boot + Spring Data Reactive Mongo
- Spring Boot + Spring Data Hibernate + Jersey
- NodeJs Express + Mongoose
- Nodejs Express + Bookshelf
- Nodejs Express + Sequelize
- Go + Gin-Gonic + Gorm
- Ruby On Rails
- Ruby On Rails + JBuilder
- Laravel
- AspNet Core
- AspNet Web Api 2
- Python + Flask
- Python + Django
- Python + Django + Rest Framework
- Angular NgRx-Store
- Angular + Material
- React + Material
- React + Redux + Material
- Vue + Material
- Vue + Vuex + Material
- Ember
- Vanilla javascript
- Spring Boot + Spring Data + Jersey
- Spring Boot + Spring Data
- Spring Boot Reactive + Spring Data Reactive
- Go with Gin Gonic
- Laravel
- Rails + JBuilder
- Rails
- NodeJs Express + Sequelize
- NodeJs Express + Bookshelf
- NodeJs Express + Mongoose
- Python Django
- Python Django + Rest Framework
- Python Flask
- AspNet Core
- AspNet Web Api 2
- NodeJs Express + Knex
- Flask + Flask-Restful
- Laravel + Fractal
- Laravel + ApiResources
- Go with Mux
- AspNet Web Api 2
- Jersey
- Elixir
- Angular NgRx-Store
- Angular + Material
- React + Material
- React + Redux + Material
- Vue + Material
- Vue + Vuex + Material
- Ember
- Vanilla javascript
- Youtube Channel I publish videos mainly on programming
- Blog Sometimes I publish the source code there before Github
- Twitter I share tips on programming
- Git clone the project
- Run reset_db.bat or execute each one of his commands to reset the database migrations, or if you prefer to just go ahead and migrate with the given migration files.
- Run the app, the application will automatically try to seed the database if there are no enough records, most likely the app will crash because Bogus(Faker for dotnet) generates product names for seeding that may not be unique, since there is a UNIQUE constraint on the database the app may crash, in that case run it again, hopefully this time will generate a product name that is not in the database yet.
- You can import the api.postman_collection.json into postman to make the requests by yourself
- Authentication / Authorization
- Paging
- Admin feature (incomplete)
- CRUD operations on products, comments, tags, categories
- Orders, guest users may place an order
- Create Initial Migration
dotnet ef migrations add InitialCreate - Migrate
dotnet ef database updateI always prefer to use dotnet instead of Nuget Console. But If you want the equivalent Nuget console commands then:Add-Migration InitialCreateUpdate-Database
- The Jwt middleware that ships with Asp.Net Core is fine, but it does not validate if the user actually exists, it only checks if the Jwt is valid, I have to create a middleware that does that validation, or at least, make sure user is not null when retrieving it from IUserService.GetCurrentUserAsync()
- Refractoring, there are some repeated code, check if it can be placed in a common place
- A lot of refactoring related to move files to appropriate namespaces, useful comments, cleanup code.
- Admin features
- Benchmark middleware or filter that prints in the console how much time it took the request to get the response
- Unique clauses for slugs and role.name
- User profile feature
- Improving database performance, there are some queries made that retrieve more data than used
- Improve performance by telling EF Core which model entry has its state changed: added/modified/deleted, instead of calling SaveChangesAsync() for each change
- Also related with security, I have to review the authorization(access control) to actions
- Rethink the Comment model(Rating, replies, etc.)
- Change CORS from allowing any to allow origins, methods and headers configured in settings json file
- There is a lack of validations and security checks in:
- OriginalFileName, (I have to research if this can lead to some kind of SQLi)
- Reflected XSS: comments, user's data(username, firstName, etc.)
- LFI: nots sure for now, review later.
- Not implemented yet access control for tags and categories management
- Every single input has to be validated, the code is trusting a lot, I have to add checks pretty much everywhere
- App Settings:
- The admin should be able to decide if user has to validate email registration or not
- I have to test if svg uploads may lead to XSS and how to prevent them