Building a Scalable and Secure Backend with .NET 9 – TechTask_API

Luis Alejandro Solano — Thu, 09 Oct 2025 19:08:10 +0000

TechTask_API

Overview

TechTask_API is a multi-layered backend application built with .NET 9 Web API, designed to streamline project, sprint, and task management for software teams.

This project showcases a clean layered architecture, Entity Framework Core, and JWT authentication, emphasizing maintainability, scalability, and real-world business logic.

GitHub Repository: https://github.com/alejandrosnk/TechTask_API

What Is TechTask_API?

TechTask_API is part of a project management system that organizes the development process into Projects, Sprints, and Tasks, with two types of users:

Project Managers (PMs) – Create and manage projects, assign tasks, and track progress.
Developers (DEVs) – View and update assigned tasks.

This backend handles authentication, validation, and CRUD operations while enforcing strong business rules and security practices.

Architecture Overview

The project follows a Clean Layered Architecture divided into four independent layers:

TechTask_API.sln
│
├── TechTask_API/     # Web API Layer (Controllers, Program.cs)
├── TechTask.BLL/     # Business Logic Layer (Services, Auth)
├── TechTask.Core/    # Core Definitions (DTOs, Enums)
└── TechTask.DAL/     # Data Access Layer (Entities, DbContext)

Each layer is responsible for its own domain:

API: Exposes endpoints via controllers.
BLL: Contains business logic and validation.
Core: Defines DTOs and shared structures.
DAL: Uses Entity Framework Core to interact with SQL Server.

This separation ensures modularity, testability, and scalability.

Authentication with JWT

The system uses JSON Web Tokens (JWT) to handle secure authentication.

Once the user logs in, a token is generated using a secret key and stored temporarily on the client side.

Example JWT configuration in `appsettings.json`

"Jwt": {
  "Key": "SuperSecretPrivateKey123!",
  "Issuer": "TechTask_API",
  "Audience": "TechTask_Users"
}

Protected endpoints require the token in the Authorization header:

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Main Features

.NET 9 Web API architecture.
Entity Framework Core with SQL Server 2022.
JWT Authentication and role-based access.
BCrypt password encryption.
Swagger UI integration for live testing.
Scoped services for dependency injection.
Clean separation between API, logic, and data layers.

Business Rules Snapshot

Module	Description
Users	PMs and DEVs, with role-based restrictions. Passwords are hashed with BCrypt.
Projects	Created by PMs, cannot be deleted if sprints exist.
Sprints	Must belong to one project and respect date constraints.
Tasks	May be unassigned; only DEVs can update their own task status.

Technical Highlights

SOLID principles applied in BLL services.
Scoped DbContext prevents concurrency issues.
DTO abstraction ensures clean and safe API responses.
Centralized business logic keeps controllers lightweight.
Swagger configuration enables secure token testing via “Authorize”.

Example Endpoint: Create Project (Protected)

[Authorize(Roles = "PM")]
[HttpPost]
public async Task<IActionResult> Create([FromBody] ProjectCreateDTO dto)
{
    var result = await _projectService.CreateAsync(dto);
    if (!result.Success)
        return BadRequest(new { success = false, message = result.Message });

    return CreatedAtAction(nameof(GetById), new { id = result.Data!.Id }, result.Data);
}

How to Run Locally

# Clone repository
git clone https://github.com/alejandrosnk/TechTask_API.git
cd TechTask_API

# Restore dependencies
dotnet restore

# Run API
dotnet run --project TechTask_API

Open Swagger:

https://localhost:7082/swagger

Conclusion

TechTask_API demonstrates how to build a secure, modular, and scalable backend using .NET 9, EF Core, and JWT Authentication — ready for production-level scenarios.

Whether you are learning backend architecture or building enterprise systems, this project is a clear example of applying Clean Architecture and Security Best Practices in modern .NET development.

Building a Rock-Paper-Scissors Simulation with JavaScript: Animation, Logic, and Persistence

Luis Alejandro Solano — Tue, 23 Sep 2025 17:57:42 +0000

I recently developed a project that simulates the classic game of Rock, Paper, Scissors, but with a twist. Instead of two players, entities (rock, paper, and scissors) are automatically generated and moved randomly within an arena until only one type remains. Here's the repository: https://github.com/alejandrosnk/Cachipun-Automatic.

To make it even more engaging, I added a betting system where users can place virtual bets on the eventual winner. The system uses localStorage to retain points between sessions, providing a game-like experience and demonstrating basic web development concepts.

🔑 What this project demonstrates

DOM Manipulation: Dynamically managing entity creation, movement, and deletion.
Collision Detection: Enforcing Rock, Paper, Scissors rules when entities collide.
Persistence: Use of localStorage to manage points and bets. - Simulation flow: From initialization → movement → battles → winner determination.
User interaction: Betting controls, speed settings, and modal dialogs.

🛠️ Tech stack

HTML5 for the structure
CSS3 for layout and animations
Basic JavaScript for logic, events, and the simulation loop

🚀 How to run it

Clone the repository.
Open index.html in your browser.
Start the simulation, adjust the speed, and place your bets.

⚡ Future Improvements

Add simulation history
More advanced entity movement
Multiplayer betting system
Backend integration for user profiles

👉 This project was a fun way to reinforce concepts of JavaScript animations, game logic, and client-side persistence.

💬 I'd love community feedback on how to take this further. What feature would you add next?

DEV Community: Luis Alejandro Solano