- Project Overview
- Architecture & Design Patterns
- Technology Stack
- Database Design
- Project Structure
- Core Features
- Security Implementation
- User Interface
- Payment Integration
- Code Quality Analysis
- Performance Considerations
- Deployment & Configuration
- Testing Strategy
- Maintenance & Scalability
- Recommendations
BookedIn is a full-featured e-commerce web application built with ASP.NET Core 9.0, designed for online book retailing. The application supports both customer-facing shopping experiences and administrative management capabilities.
- Primary Function: Online bookstore with shopping cart and order management
- Target Users: Book buyers (customers) and store administrators
- Key Features: Product catalog, shopping cart, order processing, payment integration, user management
- Multi-role user system (Admin, Customer, Company, Employee)
- Product catalog with categories
- Shopping cart functionality
- Order management with status tracking
- Payment processing via Stripe
- Responsive web interface
The application follows a Layered Architecture with clear separation of concerns:
┌─────────────────────────────────────┐
│ Presentation Layer │
│ (ASP.NET Core MVC) │
├─────────────────────────────────────┤
│ Business Logic │
│ (Controllers & Services) │
├─────────────────────────────────────┤
│ Data Access Layer │
│ (Repository Pattern + EF Core) │
├─────────────────────────────────────┤
│ Data Layer │
│ (SQL Server Database) │
└─────────────────────────────────────┘
- Purpose: Abstracts data access logic from business logic
- Implementation:
IUnitOfWorkinterface for transaction management- Individual repository interfaces (
ICategory,IProduct, etc.) - Concrete implementations in
Repositoryfolder
- Purpose: Manages database transactions and ensures data consistency
- Implementation:
UnitOfWorkclass coordinates multiple repositories
- Purpose: Separates domain models from view-specific data
- Implementation: ViewModels in
Bulky.Models/ViewModels/
- Purpose: Loose coupling and testability
- Implementation: Services registered in
Program.cs
- Framework: ASP.NET Core 9.0
- Language: C# 12.0
- Database: SQL Server (with SQLite support)
- ORM: Entity Framework Core 9.0
- Authentication: ASP.NET Core Identity
- Payment: Stripe.net 48.2.0
- UI Framework: Bootstrap 5.x
- JavaScript Libraries:
- jQuery 3.x
- DataTables 1.13.4
- SweetAlert2 11.x
- Toastr.js
- Icons: Bootstrap Icons 1.11.3
- Package Manager: NuGet
- Code Generation: Microsoft.VisualStudio.Web.CodeGeneration.Design
- Pagination: X.PagedList.Mvc.Core 10.5.7
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ Application │ │ Product │ │ Category │
│ User │ │ │ │ │
├─────────────────┤ ├─────────────────┤ ├─────────────────┤
│ Id (PK) │ │ Id (PK) │ │ Id (PK) │
│ Name │ │ Title │ │ Name │
│ StreetAddress │ │ Description │ │ DisplayOrder │
│ City │ │ Author │ └─────────────────┘
│ State │ │ ISBN │ │
│ PostalCode │ │ ListPrice │ │
│ Email │ │ Price │ │
│ PhoneNumber │ │ Price50 │ │
└─────────────────┘ │ Price100 │ │
│ │ CategoryId (FK) │◄─────────────┘
│ │ ImageUrl │
│ └─────────────────┘
│ │
│ ┌─────────────────┐
│ │ ShoppingCart │
│ ├─────────────────┤
│ │ Id (PK) │
└────────────►│ ApplicationUserId│
│ ProductId (FK) │
│ Count │
└─────────────────┘
│
┌─────────────────┐
│ OrderHeader │
├─────────────────┤
│ Id (PK) │
│ Name │
│ PhoneNumber │
│ StreetAddress │
│ City │
│ State │
│ PostalCode │
│ OrderDate │
│ OrderTotal │
│ ApplicationUserId│
│ OrderStatus │
│ PaymentStatus │
│ SessionId │
│ PaymentIntentId │
└─────────────────┘
│
┌─────────────────┐
│ OrderDetail │
├─────────────────┤
│ Id (PK) │
│ OrderHeaderId │
│ ProductId (FK) │
│ Count │
│ Price │
└─────────────────┘
- Identity Integration: Extends ASP.NET Core Identity with custom user properties
- Audit Fields: OrderDate, OrderStatus, PaymentStatus for tracking
- Payment Integration: SessionId and PaymentIntentId for Stripe integration
- Data Seeding: Initial categories and products seeded in
AppsContext
BookedIn/
├── Application/ # Main Web Application
│ ├── Areas/ # Feature-based organization
│ │ ├── Admin/ # Administrative features
│ │ ├── Customer/ # Customer-facing features
│ │ └── Identity/ # Authentication & authorization
│ ├── Controllers/ # MVC Controllers
│ ├── Views/ # Razor Views
│ ├── wwwroot/ # Static files (CSS, JS, Images)
│ └── Program.cs # Application entry point
├── Bulky.DataAccess/ # Data Access Layer
│ ├── Data/ # DbContext and configurations
│ ├── Repository/ # Repository implementations
│ ├── DBinitializer/ # Database seeding
│ └── Migrations/ # EF Core migrations
├── Bulky.Models/ # Domain Models & ViewModels
│ ├── ViewModels/ # View-specific models
│ └── [Entity Models] # Domain entities
└── Bulky.Utility/ # Utility classes & constants
The application uses ASP.NET Core Areas for logical separation:
- Controllers: CategoryController, ProductController, OrderController
- Features: CRUD operations, order management, user management
- Access: Admin role only
- Controllers: HomeController, ShoppingCartController, OrderController
- Features: Product browsing, shopping cart, order placement
- Access: Authenticated customers
- Features: User registration, login, password management
- Integration: ASP.NET Core Identity with custom user model
- CRUD Operations: Full create, read, update, delete functionality
- Image Upload: File upload with automatic image processing
- Category Organization: Products organized by categories
- Pricing Tiers: Multiple pricing levels (List, Price, Price50, Price100)
- Session Management: Cart items persisted per user
- Quantity Management: Add/update/remove items
- Price Calculation: Automatic total calculation
- Order Creation: From shopping cart to order
- Status Tracking: Order and payment status management
- Payment Integration: Stripe payment processing
- Role-Based Access: Admin, Customer, Company, Employee roles
- Profile Management: Extended user profile with address information
- Authentication: Email/password authentication
- Product Management: Full product lifecycle management
- Order Management: View and update order statuses
- User Management: Create and manage user accounts
- Framework: ASP.NET Core Identity
- User Store: SQL Server with custom ApplicationUser
- Password Policy: Default ASP.NET Core Identity policies
- Role-Based Authorization:
[Authorize(Roles = "Admin")]attributes
- HTTPS Enforcement: Configured in production
- CSRF Protection: Anti-forgery tokens (partially implemented)
- Input Validation: Model validation with Data Annotations
- File Upload Security: Image file validation and secure storage
- API Keys in Configuration: Stripe keys stored in appsettings.json
- Missing CSRF Protection: Some endpoints lack anti-forgery validation
- No Rate Limiting: No protection against brute force attacks
- Framework: Bootstrap 5.x for responsive design
- Icons: Bootstrap Icons for consistent iconography
- Color Scheme: Primary blue theme with consistent styling
- Navigation: Role-based navigation with dropdown menus
- Product Cards: Responsive grid layout for product display
- Data Tables: Admin interface with sorting and filtering
- Notifications: Toastr.js for user feedback
- Modals: SweetAlert2 for confirmations
- Mobile-First: Bootstrap responsive classes
- Grid System: Flexible column layouts
- Touch-Friendly: Appropriate button sizes and spacing
- Package: Stripe.net 48.2.0
- Configuration: API keys in appsettings.json
- Features:
- Payment intent creation
- Session management
- Payment status tracking
- User adds items to cart
- Proceeds to checkout
- Stripe payment intent created
- Payment processed
- Order status updated
- Clean Architecture: Well-separated concerns
- Consistent Patterns: Repository and Unit of Work patterns
- Modern C# Features: Nullable reference types, pattern matching
- Dependency Injection: Proper service registration
- Error Handling: Limited exception handling
- Logging: No structured logging implementation
- Validation: Could benefit from FluentValidation
- Async/Await: Some operations could be asynchronous
- Cyclomatic Complexity: Generally low due to simple business logic
- Coupling: Low coupling through dependency injection
- Cohesion: High cohesion within individual components
- Indexing: No explicit index configuration
- Query Optimization: Entity Framework Core query optimization
- Connection Pooling: Default EF Core connection pooling
- No Caching: No application-level caching implemented
- Static Files: Standard ASP.NET Core static file serving
- Horizontal Scaling: Stateless design supports horizontal scaling
- Database Scaling: No specific database scaling considerations
- Development: appsettings.Development.json
- Production: appsettings.Production.json
- Connection Strings: SQL Server configuration
- IIS: Traditional Windows hosting
- Azure: Cloud deployment ready
- Docker: No containerization implemented
- Secrets: API keys in configuration files (security concern)
- Environment Variables: Standard ASP.NET Core configuration
- No Test Projects: No unit or integration tests
- Manual Testing: Relies on manual testing
- Unit Tests: Test individual components and services
- Integration Tests: Test database interactions
- End-to-End Tests: Test complete user workflows
- Database Migrations: EF Core migrations for schema changes
- Logging: Implement structured logging for monitoring
- Monitoring: No application monitoring implemented
- Database: Consider read replicas for high traffic
- Caching: Implement Redis for session and data caching
- CDN: Use CDN for static assets
-
Security Enhancements
- Move API keys to Azure Key Vault or environment variables
- Implement CSRF protection on all forms
- Add rate limiting for authentication endpoints
-
Testing Implementation
- Add unit tests for business logic
- Implement integration tests for data access
- Add end-to-end tests for critical user flows
-
Error Handling
- Implement global exception handling
- Add structured logging with Serilog
- Create user-friendly error pages
-
Performance Optimization
- Implement caching with Redis
- Add database indexing
- Optimize image processing
-
Feature Additions
- Product reviews and ratings
- Email notifications
- Advanced search and filtering
- Inventory management
-
Architecture Improvements
- Implement CQRS pattern
- Add API layer for mobile applications
- Implement event sourcing for order tracking
-
Frontend Modernization
- Consider Blazor Server or WebAssembly
- Implement Progressive Web App features
- Add real-time updates with SignalR
-
Infrastructure
- Containerize with Docker
- Implement CI/CD pipeline
- Add application monitoring
The BookedIn application demonstrates a solid foundation with good architectural patterns and modern .NET Core practices. While there are areas for improvement in security, testing, and performance, the codebase is well-structured and maintainable. The application successfully implements core e-commerce functionality with a clean separation of concerns and follows many industry best practices.
The modular design and use of established patterns make it suitable for further development and scaling. With the recommended improvements, this application could serve as a robust foundation for a production e-commerce platform.