A modern, production-ready authentication and authorization server built with .NET 9, implementing Clean Architecture principles, CQRS pattern, and Domain-Driven Design (DDD).
This project follows Clean Architecture with clear separation of concerns across multiple layers:
┌─────────────────────────────────────┐
│ Presentation Layer │
│ (Web.Api) │
├─────────────────────────────────────┤
│ Application Layer │
│ (Use Cases & Handlers) │
├─────────────────────────────────────┤
│ Domain Layer │
│ (Entities & Business Logic) │
└─────────────────────────────────────┘
↑
│ Dependencies
│
┌────────┴────────┐
│ Infrastructure │
│ (EF Core, Auth) │
└─────────────────┘
- Clean Architecture: Dependency inversion with core business logic independent of external concerns
- CQRS: Command Query Responsibility Segregation for read/write operations
- Domain Events: Event-driven architecture for decoupled domain logic
- Result Pattern: Railway-oriented programming for error handling
- Repository Pattern: Data access abstraction via DbContext
- Decorator Pattern: Cross-cutting concerns (validation, logging) via Scrutor
- JWT Bearer Token authentication
- Permission-based authorization system
- Secure password hashing with BCrypt
- User registration and login
- Claims-based identity management
- User Management: Registration, authentication, profile retrieval
- Todo Management: Full CRUD operations with priority levels
- Domain Events: Async event handling for domain state changes
- FluentValidation: Request validation with decorator pattern
- Entity Framework Core: PostgreSQL database with migrations
- Health Checks: Application and database health monitoring
- Structured Logging: Serilog with Seq integration
- Swagger/OpenAPI: Interactive API documentation
- Docker Support: Multi-container deployment with docker-compose
- Framework: .NET 9.0
- Database: PostgreSQL 17
- ORM: Entity Framework Core 9.0
- Authentication: JWT Bearer Tokens
- Validation: FluentValidation 12.0
- Logging: Serilog with Seq
- Testing: xUnit, NetArchTest
- Containerization: Docker & Docker Compose
- .NET 9 SDK
- Docker Desktop (for containerized deployment)
- PostgreSQL 17 (if running without Docker)
-
Clone the repository
git clone https://github.com/Dapplesoft-AD/AuthServer.git cd AuthServer
-
Run with Docker Compose
docker-compose up --build
-
Access the application
- API:
http://localhost:5000 - Swagger UI:
http://localhost:5000/swagger - Seq Logs:
http://localhost:8081
- API:
-
Clone the repository
git clone https://github.com/Dapplesoft-AD/AuthServer.git cd AuthServer
-
Update connection string (if needed)
Edit
src/Web.Api/appsettings.Development.json:"ConnectionStrings": { "Database": "Host=localhost;Database=clean-architecture;Username=postgres;Password=postgres" }
-
Apply database migrations
cd src/Web.Api dotnet ef database update -
Run the application
dotnet run
-
Access Swagger UI
Navigate to:
https://localhost:5001/swagger
AuthServer/
├── src/
│ ├── Domain/ # Enterprise business rules
│ │ ├── Users/ # User aggregate
│ │ └── Todos/ # Todo aggregate
│ ├── Application/ # Application business rules
│ │ ├── Abstractions/ # Interfaces & contracts
│ │ ├── Users/ # User use cases
│ │ └── Todos/ # Todo use cases
│ ├── Infrastructure/ # External concerns
│ │ ├── Authentication/ # JWT & password hashing
│ │ ├── Authorization/ # Permission system
│ │ ├── Database/ # EF Core DbContext
│ │ └── DomainEvents/ # Event dispatcher
│ ├── SharedKernel/ # Shared primitives
│ │ ├── Entity.cs # Base entity
│ │ ├── Result.cs # Result pattern
│ │ └── Error.cs # Error handling
│ └── Web.Api/ # Presentation layer
│ ├── Endpoints/ # Minimal API endpoints
│ └── Middleware/ # HTTP pipeline
└── tests/
└── ArchitectureTests/ # Architecture enforcement tests
| Method | Endpoint | Description |
|---|---|---|
| POST | /users/register |
Register a new user |
| POST | /users/login |
Authenticate and receive JWT token |
| GET | /users/{id} |
Get user by ID (requires auth) |
| Method | Endpoint | Description |
|---|---|---|
| GET | /todos |
Get all todos for authenticated user |
| GET | /todos/{id} |
Get specific todo by ID |
| POST | /todos |
Create a new todo |
| PUT | /todos/{id}/complete |
Mark todo as completed |
| DELETE | /todos/{id} |
Delete a todo |
| Method | Endpoint | Description |
|---|---|---|
| GET | /health |
Application health check |
dotnet test tests/ArchitectureTestsArchitecture tests enforce:
- Domain layer has no dependencies on Application, Infrastructure, or Presentation
- Application layer has no dependencies on Infrastructure or Presentation
- Infrastructure layer has no dependencies on Presentation
Edit appsettings.json:
{
"Jwt": {
"Secret": "your-secret-key-min-32-characters",
"Issuer": "AuthServer",
"Audience": "AuthServer",
"ExpirationInMinutes": 60
}
}{
"ConnectionStrings": {
"Database": "Host=localhost;Database=clean-architecture;Username=postgres;Password=postgres"
}
}The project includes:
Dockerfilefor the Web APIdocker-compose.ymlorchestrating:- web-api: .NET application (ports 5000, 5001)
- postgres: PostgreSQL database (port 5432)
- seq: Structured log viewer (port 8081)
This project maintains high code quality standards:
- ✅ TreatWarningsAsErrors: Enabled
- ✅ Nullable Reference Types: Enabled
- ✅ SonarAnalyzer: Static code analysis
- ✅ Architecture Tests: Layer dependency enforcement
- ✅ Central Package Management: Consistent versioning
Contributions are welcome! Please follow these guidelines:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
Dapplesoft-AD
- Clean Architecture by Robert C. Martin
- Domain-Driven Design by Eric Evans
- CQRS pattern inspiration from various enterprise implementations
Built with ❤️ using .NET 9
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
