Finalising our implementation of Identity and Access Management processes and flows. The last part of the series explains App Registrations and Firewall settings (Azure WAF / Front Door) to ease deployment to Azure.

Implementing a bespoke authentication/authorisation service in .NET with using OpenIdDict library illustrating with samples on GitHub.

Continue diving into Identity and Access Management processes and flows. This is a second part of a four-part series on modern authentication solutions for enterprise apps.

Designing a centralised auth service for a bespoke client-facing enterprise app with minimum maintenance and development overhead.

Practical approach to integration testing of the .NET + NoSQL bundle. Key features, examples and comparisons of RavenDB with other NoSQL engines.
This post is a part of the YABT series dedicated to building an enterprise application leveraging the .NET Core + RavenDB bundle.

There is a .NET project. Running hundreds of SQL commands and queries. Mostly via an ORM. But occasionally doing the heavy lifting in carefully tuned high-performed SQL queries.
How to orchestrate automated tests against SQL Server for this project?

A practical example of building custom load tests using k6, TypeScript and Docker along with Azure DevOps pipeline. The goal is to create tests maintained by developers and a testing pipeline in Azure.

There are many types of web performance tests that ensure your application is fast and stable — load, stress, capacity, soak, smoke tests. This post will guide you to pick the right tools to script out, execute and manage the tests.

Multi-tenancy is never simple and can be addressed at different levels. Arguably, the most interesting solution would be where the app and the database both support multiple tenants. Here I bring this solution to the YABT project.

A brutal post with cool examples of JavaScript dynamic typing and implicit casting.
It's dedicated to the 25th anniversary of JavaScript and has all chances to stay relevant for another ¼ of a century.
Check input for NULL and correct type, read the documentation and let JavaScript be with you (as it's not going away any time soon)...

When a team produces an enterprise solution with a Single-Page Application (SPA) front-end and .NET Web API back-end, what are the options to host the two beasts?
Ultimately, we want to preserve the front-end bundle unchanged between environments, inject environment variables and have custom caching policies.

Designing 'one-to-many' and 'many-to-many' relationships to reduce read operations on querying the data.
Let's take Users, Backlog Items and Comments entities from the YABT and consider their relationships from various angles, taking into account performance, operational costs, time/costs of development and maintenance.

Marrying the flexibility of NoSQL entities for storing various sets of fields with strongly-typed .NET languages and powerful RavenDB indexing tools. Store custom fields, manage their C# structures and filter/search on them in the queries.
This post is a part of the YABT series dedicated to building an enterprise application leveraging the .NET Core + RavenDB bundle.

Strategies for document identifiers in RavenDB (and NoSQL in general). Pros and cons of GUIDs, auto-incremented numbers, use of prefixes, ID masking and more.
This post is a part of the YABT series dedicated to building an enterprise application leveraging the .NET Core + RavenDB bundle.

Practical modelling of a NoSQL database using the DDD (Domain Driven Design) practices to define the problem area (Bounded context) of the project, its domain entities and aggregates. Comparison to designing a relational model for a traditional SQL.
This post is a part of the YABT series dedicated to building an enterprise application leveraging the .NET Core + RavenDB bundle.

NoSQL is not hard, it’s different. And to show that, RavenDB and I kick off a new series of articles dedicated to building an enterprise application leveraging the .NET Core + RavenDB bundle.

Five simple but often overlooked steps to provide a better experience to the devs using your NuGet package. Consider PDBs for the Symbol Server, Source Link integration, XML documentation, strong-named assemblies, CLS compliance and version managing.

Watching the LinkedIn feed full of dramatic pleas for job during last 3 months made me wondering whether being highly qualified make you crisis-proof? Whether a job crisis like a virus leaves the strongest (most skilled) ones in the workforce and slaughters the weak ones? Is the IT job market better than others? In other words, is the IT job market a Free Market?

A popular bundle of .NET + SPA framework (e.g. Angular, React, Vue) has a notorious problem of enforcing contracts between the back-end and the front-end. Among all solutions, code generation tools are particular tempting. And here is analysis of all the major players to get the job done: NSwag, Swagger Codegen, OpenAPI Generator, AutoRest, WebApiClientGen and TypeWriter (plus 2 extra tools with partial functionality).

When it comes to choosing a platform for a new application there is a lot to consider at different levels. For the CTO or Architect the focus is on providing the required scale, resiliency, maintainability, elasticity. And all of it within a certain price range. For the developers, the preference goes to elegant solutions, well integrated with the preferred technology stack and with smooth (pain-free) development experience.

Arguably, the Mediator pattern has become cool among the .NET devs when Jimmy Bogard released MediatR library 4 years ago. That library made words "Mediator" and "MediatR" interchangeable in the devs' lexicon. And as usual, trendy tools get often misused and applied without a second thought. Here I'm playing devil's advocate and look closely at its pros and cons. Is it still useful for modern .NET projects? May it become an anti-pattern one day as Service Locator did?

Following up on my "7 reasons not to NoSQL", here are my two reasons to go with NoSQL in enterprise projects - Cheaper to scale and Convenience of development.

Have you seen people affiliated with NoSQL databases aggressively advertising them as a solution for everything? And early adopters swearing allegiance to the NoSQL and claiming to pass the point of no return to SQL? Unsurprisingly, one may think of NoSQL as the silver bullet which solves all the problems. Should we always use NoSQL?

Coming from high-level programming languages to TypeScript, a mere mortal dev may naively use an enum for a predefined list of numeric or textual values. Because really, how could it possibly be different in TypeScript?.. Unfortunately, it can and here is a quick run down the Rabbit Hole of TypeScript enums.

Having actively used RavenDB for a couple of years, I constantly get asked by other devs about feedback on the database. They usually expect to hear something simple and straightforward, like "love it" or maybe even "hate it", but my experience doesn't fall into any of these extremes. After 2 years I'm torn apart by polarised feelings about the database, and my expected-to-be-simple response turns into a long story about all the pros and cons, love and hatred. So here is my story.

Cross-site scripting (XSS) is one of the most common application-layer web attacks. Are Angular or React apps safe? And if not, how to protect them? Some methods are easy to implement, others (like Content Security Policy) require more attention. Anyway, applying right settings is not a smooth ride, and some potholes and gotchas are described here.

For professional developers, code/peer review is an essential step of the internal QA. Over the years, among a wide variety of problems revealed on code reviews, I found that some appear more often than others. Here is a list of the most common ones. So, the code is working, meets acceptance criteria, passed dev's testing and here we go...

Strongly typed Reactive Forms is the elephant in the room the Angular team doesn't want to talk about. In the absence of the official solution, developers can use some tricks to enforce type checking in the Reactive Forms. Here are two plausible solutions.

Perhaps, Autofac is the most popular DI/IoC container for ASP.NET projects. But, since .NET Core has a pretty decent DI/IoC container, why would one still need Autofac? This is a story of gains and losses from switching a mid-sized project from Autofac to the standard .NET Core container.

Nowadays, an urge to write can be easily satisfied. Simply jump to Medium and you can fire away typing your first blog post. Not happy with your posts getting lost among millions of similar looking pages from thousands of bloggers? Then start building you own website for a small fee on Squarespace, WordPress and the likes. But for software developers…