A production-ready, modular RESTful API for e-commerce β featuring JWT-based authentication, the Specification & Repository patterns, Redis-powered caching & shopping baskets, full order lifecycle management, Stripe payment integration, delivery method management, global exception handling with RFC 7807 ProblemDetails, and a strict onion architecture that isolates business logic from all infrastructure concerns.
π Docs Β· π Quick Start Β· π Report Bug Β· π‘ Request Feature
- Highlights
- Architecture Overview
- Solution Structure
- Tech Stack
- API Reference
- Quick Start
- Configuration
- Design Patterns in Depth
- Error Handling
- Roadmap
- Contributing
- License
- Author
| Feature | Description |
|---|---|
| ποΈ Clean Onion Architecture | 8 dedicated projects with strict inward-only dependency flow |
| π JWT Authentication | Full user registration, login, email check & current-user retrieval, powered by ASP.NET Core Identity + JWT Bearer tokens |
| π Basket Module (Redis) | Shopping cart persisted in Redis with create, update & delete support |
| π¦ Orders Module | Full order lifecycle β create, retrieve all orders & retrieve a single order by ID, all tied to the authenticated user |
| π Delivery Methods | Configurable shipping options served from /api/orders/DeliveryMethods (no auth required) |
| π³ Stripe Payment | Payment intent creation & confirmation via Stripe API |
| β‘ Redis Response Caching | Custom [RedisCache] action filter attribute for automatic response caching |
| π‘οΈ Global Exception Handling | Custom middleware returning RFC 7807 ProblemDetails responses |
| π Specification Pattern | Composable, reusable query objects for filters, sorting, pagination & eager loading |
| π¦ Unit of Work + Generic Repository | Transactional consistency with a single, type-safe abstraction |
| πΊοΈ AutoMapper + Custom Resolvers | Entity-to-DTO mapping with ProductPictureUrlResolver for dynamic image URLs |
| π Pagination, Sorting & Filtering | Server-side pagination via PaginatedResult<T>, dynamic sorting & flexible query params |
| π·οΈ Brands & Types | Dedicated sub-endpoints to retrieve all product brands and product types |
This project follows Onion Architecture (also known as Clean Architecture), enforcing strict inward-only dependencies:
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Presentation Layer β
β (Controllers, Attributes, Action Filters) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Services Layer β
β (AuthenticationService, OrderService, β
β BasketService, CacheService, ProductService) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Services Abstraction Layer β
β (Interfaces, DTOs, Service Contracts) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Persistence Layer β
β (EF Core DbContext, Migrations, Repositories, β
β Unit of Work, Data Seeding) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Shared Layer β
β (Common Utilities, Constants, CommonResult) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Domain Layer β
β (Entities, Contracts, No dependencies) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β² Dependencies flow inward only β²
E-Commerce.Web.slnx
β
βββ E Commerce.Domain/
β βββ Entities/
β β βββ ProductModule/ # Product, Brand, ProductType
β β βββ BasketModule/ # CustomerBasket, BasketItem
β β βββ OrderModule/ # Order, OrderItem, OrderAddress,
β β β # DeliveryMethod, OrderStatus,
β β β # ProductItemOrdered
β β βββ IdentityModule/ # ApplicationUser
β βββ Contracts/ # Repository & Unit of Work interfaces
β
βββ E Commerce.Persistence/
β βββ Data/ # EF Core DbContext, migrations, seed data
β βββ Repositories/ # Generic & specific repository implementations
β
βββ E Commerce.Services Abstraction/
β βββ IProductService.cs
β βββ IBasketService.cs
β βββ IOrderService.cs
β βββ IAuthenticationService.cs # β¨ NEW β login, register, email check, current user
β βββ DTOs/ # Request / Response data transfer objects
β βββ ProductDTOs/
β βββ BasketDTOs/
β βββ OrderDTOs/
β βββ IdentityDTOs/ # β¨ NEW β LoginDTO, RegisterDTO, UserDTO
β
βββ E Commerce.Services/
β βββ ProductService.cs
β βββ BasketService.cs
β βββ OrderService.cs # β¨ NEW β full order creation & retrieval by ID
β βββ AuthenticationService.cs # β¨ NEW β register, login, JWT generation (HMAC-SHA256)
β βββ CacheService.cs # β¨ NEW β Redis response cache abstraction
β βββ Specifications/ # Composable query specification objects
β βββ MappingProfiles/ # AutoMapper profiles
β βββ Exceptions/ # Custom domain exception types
β
βββ E Commerce.Presentation/
β βββ Controllers/
β β βββ ApiBaseController.cs
β β βββ ProductsController.cs # β¨ UPDATED β now requires JWT; adds /brands & /types
β β βββ BasketsController.cs # β¨ UPDATED β added DELETE endpoint
β β βββ OrdersController.cs # β¨ NEW β create, get all, get by ID & delivery methods
β β βββ AuthenticationController.cs # β¨ NEW β register, login, emailExists, currentUser
β βββ Attributes/
β βββ RedisCacheAttribute.cs # β¨ NEW β declarative response caching
β
βββ E Commerce.Shared/
β βββ CommonResult/ # Result<T>, Error (NotFound, Validation, InvalidCredentials)
β βββ (Shared utilities & constants)
β
βββ E-Commerce.Web/
βββ CustomMiddleWares/ # β¨ NEW β global exception handling middleware
βββ Extensions/ # Service & middleware registration extensions
βββ Factories/ # Problem details factory
βββ Program.cs
βββ appsettings.json
βββ wwwroot/ # Static assets (product images)
| Category | Technology |
|---|---|
| Framework | ASP.NET Core 9 Web API |
| Language | C# 13 |
| ORM | Entity Framework Core 9 |
| Database | SQL Server |
| Cache / Basket Store | Redis (StackExchange.Redis) |
| Authentication | ASP.NET Core Identity + JWT Bearer (HMAC-SHA256) |
| Object Mapping | AutoMapper |
| API Documentation | Swagger / OpenAPI (Swashbuckle) |
| Architecture | Clean Onion Architecture |
| Method | Endpoint | Auth | Description |
|---|---|---|---|
POST |
/api/authentication/register |
β | Register a new user; returns UserDTO with JWT |
POST |
/api/authentication/login |
β | Login and receive a JWT token |
GET |
/api/authentication/emailExists?email= |
β | Check whether an email address is already registered |
GET |
/api/authentication/CurrentUser |
β JWT | Get the current authenticated user's profile |
UserDTO response:
{
"email": "user@example.com",
"displayName": "John Doe",
"token": "<jwt-token>"
}| Method | Endpoint | Auth | Description |
|---|---|---|---|
GET |
/api/products |
β JWT | Get all products (paginated, sortable, filterable) β cached via Redis |
GET |
/api/products/{id} |
β | Get a single product by ID |
GET |
/api/products/brands |
β | Get all available product brands |
GET |
/api/products/types |
β | Get all available product types |
Query Parameters for GET /api/products:
| Parameter | Type | Description |
|---|---|---|
pageIndex |
int |
Page number (default: 1) |
pageSize |
int |
Items per page (default: 6) |
sort |
string |
Sort field (e.g. priceAsc, priceDesc, nameAsc) |
brandId |
int? |
Filter by brand ID |
typeId |
int? |
Filter by type ID |
search |
string? |
Search by product name |
| Method | Endpoint | Auth | Description |
|---|---|---|---|
GET |
/api/baskets?id= |
β | Get a basket by its Redis key |
POST |
/api/baskets |
β | Create or update a basket |
DELETE |
/api/baskets/{id} |
β | Delete a basket by ID |
| Method | Endpoint | Auth | Description |
|---|---|---|---|
POST |
/api/orders |
β JWT | Create a new order from the authenticated user's basket |
GET |
/api/orders |
β JWT | Get all orders for the authenticated user |
GET |
/api/orders/{id} |
β JWT | Get a specific order by its GUID |
GET |
/api/orders/DeliveryMethods |
β | Get all available delivery methods |
OrderDTO request body:
{
"basketId": "basket-123",
"deliveryMethodId": 1,
"shippingAddress": {
"firstName": "John",
"lastName": "Doe",
"street": "123 Main St",
"city": "Cairo",
"country": "Egypt"
}
}| Method | Endpoint | Auth | Description |
|---|---|---|---|
POST |
/api/payments/{basketId} |
β JWT | Create or update a Stripe payment intent for a basket |
1. Clone the repository
git clone https://github.com/Jaser1010/E-Commerce.Web.git
cd E-Commerce.Web2. Start Redis (using Docker)
docker run -d --name redis-ecommerce -p 6379:6379 redis:alpine3. Configure the application (appsettings.Development.json)
{
"ConnectionStrings": {
"DefaultConnection": "Server=.;Database=ECommerceDB;Trusted_Connection=True;",
"RedisConnection": "localhost:6379"
},
"JWTOptions": {
"SecretKey": "<your-secret-key-32-chars-min>",
"Issuer": "ECommerceApp",
"Audience": "ECommerceUsers"
},
"StripeSettings": {
"SecretKey": "<your-stripe-secret-key>"
}
}4. Apply database migrations
dotnet ef database update --project "E Commerce.Persistence" --startup-project "E-Commerce.Web"5. Run the application
dotnet run --project "E-Commerce.Web"Swagger UI is available at: https://localhost:<port>/swagger
| Key | Description |
|---|---|
ConnectionStrings:DefaultConnection |
SQL Server connection string |
ConnectionStrings:RedisConnection |
Redis server address (e.g. localhost:6379) |
JWTOptions:SecretKey |
Secret key for signing JWT tokens (min 32 characters) |
JWTOptions:Issuer |
JWT token issuer |
JWTOptions:Audience |
JWT token audience |
StripeSettings:SecretKey |
Stripe secret API key |
Query objects (e.g. ProductWithBrandAndTypeSpecification) encapsulate filtering, sorting, pagination and eager loading:
// Composable, reusable, testable
var spec = new ProductWithBrandAndTypeSpecification(queryParams);
var products = await _unitOfWork.Repository<Product>().GetAllWithSpecAsync(spec);A single IUnitOfWork gives type-safe access to all repositories and coordinates transactions:
var order = await _unitOfWork.Repository<Order>().GetByIdAsync(id);
await _unitOfWork.CompleteAsync();All service methods return Result<T> β eliminating exceptions for expected failure scenarios:
// In AuthenticationService:
if (user is null)
return Error.NotFound("User.NotFound", $"No user with email {email} was found");
return new UserDTO(user.Email!, user.DisplayName, token);Decorate any action with [RedisCache] to automatically cache the response:
[Authorize]
[HttpGet]
[RedisCache]
public async Task<ActionResult<PaginatedResult<ProductDTO>>> GetAllProducts(...)All errors are returned as RFC 7807 ProblemDetails via the global exception-handling middleware:
{
"statusCode": 404,
"message": "No User With Email user@example.com Was Found"
}Authentication & validation errors use the Result<T> pattern with typed Error codes:
| Error Type | HTTP Status | Example |
|---|---|---|
NotFound |
404 | User or resource not found |
InvalidCredentials |
401 | Wrong email or password |
Validation |
400 | Identity validation errors on register |
- Clean Onion Architecture
- Products & Baskets
- Redis Caching
- Global Exception Handling
- JWT Authentication (register, login, email check, current user)
- Product Brands & Types endpoints
- Full Orders Module (create, get all, get by ID)
- Delivery Methods
- Basket Delete endpoint
- Result Pattern (CommonResult)
- Stripe Payment Integration
- User address management
- Real-time order status (SignalR)
- Admin product management (CRUD)
Contributions are welcome! Please open an issue first to discuss what you'd like to change.
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License.
Jaser Kasim
