TechTask_API is a multi-layered backend application built with .NET 9 Web API, designed to streamline project, sprint, and task management for software teams.
This project showcases a clean layered architecture, Entity Framework Core, and JWT authentication, emphasizing maintainability, scalability, and real-world business logic.
GitHub Repository: https://github.com/alejandrosnk/TechTask_API
What Is TechTask_API?
TechTask_API is part of a project management system that organizes the development process into Projects, Sprints, and Tasks, with two types of users:
Project Managers (PMs) – Create and manage projects, assign tasks, and track progress.
Developers (DEVs) – View and update assigned tasks.
This backend handles authentication, validation, and CRUD operations while enforcing strong business rules and security practices.
Architecture Overview
The project follows a Clean Layered Architecture divided into four independent layers:
TechTask_API.sln
│
├── TechTask_API/ # Web API Layer (Controllers, Program.cs)
├── TechTask.BLL/ # Business Logic Layer (Services, Auth)
├── TechTask.Core/ # Core Definitions (DTOs, Enums)
└── TechTask.DAL/ # Data Access Layer (Entities, DbContext)
Each layer is responsible for its own domain:
API: Exposes endpoints via controllers.
BLL: Contains business logic and validation.
Core: Defines DTOs and shared structures.
DAL: Uses Entity Framework Core to interact with SQL Server.
This separation ensures modularity, testability, and scalability.
Authentication with JWT
The system uses JSON Web Tokens (JWT) to handle secure authentication.
Once the user logs in, a token is generated using a secret key and stored temporarily on the client side.
Example JWT configuration in appsettings.json:
"Jwt": {
"Key": "SuperSecretPrivateKey123!",
"Issuer": "TechTask_API",
"Audience": "TechTask_Users"
}
Protected endpoints require the token in the Authorization header:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Main Features
✅ .NET 9 Web API architecture.
✅ Entity Framework Core with SQL Server 2022.
✅ JWT Authentication and role-based access.
✅ BCrypt password encryption.
✅ Swagger UI integration for live testing.
✅ Scoped services for dependency injection.
✅ Clean separation between API, logic, and data layers.
Business Rules Snapshot
Module Description
Users PMs and DEVs, with role-based restrictions. Passwords are hashed with BCrypt.
Projects Created by PMs, cannot be deleted if sprints exist.
Sprints Must belong to one project and respect date constraints.
Tasks May be unassigned; only DEVs can update their own task status.
Technical Highlights
SOLID principles applied in BLL services.
Scoped DbContext prevents concurrency issues.
DTO abstraction ensures clean and safe API responses.
Centralized business logic keeps controllers lightweight.
Swagger configuration enables secure token testing via “Authorize”.
Example Endpoint: Create Project (Protected)
[Authorize(Roles = "PM")]
[HttpPost]
public async Task Create([FromBody] ProjectCreateDTO dto)
{
var result = await _projectService.CreateAsync(dto);
if (!result.Success)
return BadRequest(new { success = false, message = result.Message });
return CreatedAtAction(nameof(GetById), new { id = result.Data!.Id }, result.Data);
}
How to Run Locally
Clone repository
git clone https://github.com/alejandrosnk/TechTask_API.git
cd TechTask_API
Restore dependencies
dotnet restore
Run API
dotnet run --project TechTask_API
Open Swagger:
https://localhost:7082/swagger
Login to get your JWT token → click “Authorize” → paste the token → test secured endpoints
Conclusion
TechTask_API demonstrates how to build a secure, modular, and scalable backend using .NET 9, EF Core, and JWT Authentication — ready for production-level scenarios.
Whether you’re learning backend architecture or building enterprise systems, this project is a great example of applying Clean Architecture + Security Best Practices in modern .NET development.
Top comments (0)