A comprehensive .NET 8 Web API for managing movies with user authentication, ratings, and advanced features like caching, API versioning, and health checks.
This project follows Clean Architecture principles with the following structure:
- Movies.Api - Web API layer with minimal API endpoints
- Movies.Application - Business logic, services, and data access
- Movies.Contract - DTOs and contracts for API communication
- Identity.Api - Separate identity service for JWT token generation
- Movies.Api.Sdk - SDK for consuming the Movies API
- Movies.Api.Sdk.Consumer - Example consumer application
- .NET 8 - .NET version
- ASP.NET Core Web API - Web API framework
- Minimal APIs - Lightweight endpoint definitions
- PostgreSQL - Primary database
- Dapper - Lightweight ORM for data access
- Npgsql - PostgreSQL .NET driver
- JWT Bearer Authentication - Token-based authentication
- Custom Authorization Policies - Admin and trusted member policies
- API Key Authentication - Additional security layer
- API Versioning - Multiple API versions support (v1.0, v2.0)
- Swagger/OpenAPI - API documentation and testing
- Output Caching - Performance optimization
- Health Checks - Application health monitoring
- FluentValidation - Request validation
- Docker - Containerization support
- User Secrets - Secure configuration management
- Environment-based Configuration - Different settings per environment
- β Create, read, update, and delete movies
- β Movie search and filtering by title, year, genre
- β Pagination support
- β Slug-based movie URLs (e.g., "the-matrix-1999")
- β Movie metadata (title, year, genres)
- β User movie ratings (1-5 stars)
- β Average rating calculations
- β User-specific rating retrieval
- β Rating management (create/delete)
- β JWT-based authentication
- β Role-based authorization (Admin, Trusted Member)
- β API key authentication for admin operations
- β User context in requests
- β Output caching with configurable policies
- β Database health checks
- β Request/response validation
- β Error handling middleware
- .NET 8 SDK
- PostgreSQL database
- Docker (optional)
-
Using Docker (Recommended):
cd Movies.Application docker-compose up -d -
Manual PostgreSQL Setup:
- Install PostgreSQL
- Create a database for the application
- Update connection string in configuration
-
Set up User Secrets (for development):
cd Movies.Api dotnet user-secrets init dotnet user-secrets set "Database:ConnectionString" "Host=localhost;Port=5433;Database=movies;Username=your_user;Password=your_password"
-
Environment Variables:
export POSTGRES_USER=your_user export POSTGRES_PASSWORD=your_password export POSTGRES_DB=movies
-
Start the Identity API:
cd Identity.Api dotnet run -
Start the Movies API:
cd Movies.Api dotnet run -
Access the API:
- Movies API:
https://localhost:7001 - Identity API:
https://localhost:7002 - Swagger UI:
https://localhost:7001/swagger
- Movies API:
POST /token - Generate JWT token (Identity API)GET /api/movies - Get all movies (paginated, filterable)
GET /api/movies/{idOrSlug} - Get movie by ID or slug
POST /api/movies - Create movie (Admin only)
PUT /api/movies/{id} - Update movie (Admin only)
DELETE /api/movies/{id} - Delete movie (Admin only)POST /api/movies/{id}/ratings - Rate a movie
DELETE /api/movies/{id}/ratings - Delete movie rating
GET /api/ratings/me - Get user's ratingsGET /_health - Health check endpointcurl -X POST "https://localhost:7002/token" \
-H "Content-Type: application/json" \
-d '{
"email": "admin@movies.com",
"customClaims": {
"admin": "true",
"trusted_member": "true"
}
}'curl -X GET "https://localhost:7001/api/movies?page=1&pageSize=10&title=matrix" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"curl -X POST "https://localhost:7001/api/movies" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"title": "The Matrix",
"yearOfRelease": 1999,
"genres": ["Action", "Sci-Fi"]
}'curl -X POST "https://localhost:7001/api/movies/{movieId}/ratings" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"rating": 5
}'MoviesCore/
βββ Movies.Api/ # Web API layer
β βββ Endpoints/ # Minimal API endpoints
β βββ Auth/ # Authentication & authorization
β βββ Mapping/ # Request/response mapping
β βββ Swagger/ # API documentation
βββ Movies.Application/ # Business logic layer
β βββ Services/ # Business services
β βββ Repositories/ # Data access
β βββ Models/ # Domain models
β βββ Validators/ # Input validation
βββ Movies.Contract/ # API contracts
β βββ Requests/ # Request DTOs
β βββ Responses/ # Response DTOs
βββ Identity.Api/ # Identity service
βββ Movies.Api.Sdk/ # Client SDK
βββ Movies.Api.Sdk.Consumer/ # SDK usage example
- Repository Pattern - Data access abstraction
- Service Layer - Business logic encapsulation
- Dependency Injection - Loose coupling
- Options Pattern - Configuration management
- Minimal APIs - Lightweight endpoint definitions
dotnet testdotnet publish -c Release- JWT tokens are used for authentication
- API keys provide additional security for admin operations
- User secrets are used for sensitive configuration in development
- Environment variables should be used for production secrets
- HTTPS is enforced in production
- Output Caching: Configurable caching policies for movie endpoints
- Database Connection Pooling: Efficient database connections
- Async/Await: Non-blocking operations throughout
- Pagination: Efficient data retrieval for large datasets
- Health checks for database connectivity
- Structured logging with different log levels
- API versioning for backward compatibility
- Swagger documentation for API exploration
This project is part of a Dometrain course and is for educational purposes.
