Alex KlausDeveloper  |  Architect  |  Leader
March 2023
Transparent Auth Gateway. #4. Deploying to Azure: App Registrations, WAF + Front Door
Finalising our implementation of Identity and Access Management processes and flows. The last part of the series explains App Registrations and Firewall settings (Azure WAF / Front Door) to ease deployment to Azure.
Read more
March 2023
Transparent Auth Gateway. #3. Writing the code in C#
Implementing a bespoke authentication/authorisation service in .NET with using OpenIdDict library illustrating with samples on GitHub.
Read more
February 2023
Transparent Auth Gateway. #2. Auth Flows
Continue diving into Identity and Access Management processes and flows. This is a second part of a four-part series on modern authentication solutions for enterprise apps.
Read more
January 2023
Transparent Auth Gateway. #1. Needs and means
Designing a centralised auth service for a bespoke client-facing enterprise app with minimum maintenance and development overhead.
Read more
June 2022
NoSQL Integration Testing – Convenience of RavenDB vs MongoDB, CosmosDB & DynamoDB
Practical approach to integration testing of the .NET + NoSQL bundle. Key features, examples and comparisons of RavenDB with other NoSQL engines.
This post is a part of the YABT series dedicated to building an enterprise application leveraging the .NET Core + RavenDB bundle.
Read more
March 2022
Pain & Gain of automated tests against SQL (MS SQL, PostgreSQL)
There is a .NET project. Running hundreds of SQL commands and queries. Mostly via an ORM. But occasionally doing the heavy lifting in carefully tuned high-performed SQL queries.
How to orchestrate automated tests against SQL Server for this project?
Read more
November 2021
Load Testing. k6 + TypeScript + Azure DevOps
A practical example of building custom load tests using k6, TypeScript and Docker along with Azure DevOps pipeline. The goal is to create tests maintained by developers and a testing pipeline in Azure.
Read more
November 2021
Load Testing. Choose a cloud-friendly tool
There are many types of web performance tests that ensure your application is fast and stable — load, stress, capacity, soak, smoke tests. This post will guide you to pick the right tools to script out, execute and manage the tests.
Read more
September 2021
Multi-tenant applications with NoSQL
Multi-tenancy is never simple and can be addressed at different levels. Arguably, the most interesting solution would be where the app and the database both support multiple tenants. Here I bring this solution to the YABT project.
Read more
June 2021
In Input We Don't Trust... and in JavaScript, don't trust output either ;)
A brutal post with cool examples of JavaScript dynamic typing and implicit casting.
It's dedicated to the 25th anniversary of JavaScript and has all chances to stay relevant for another ¼ of a century.
Check input for NULL and correct type, read the documentation and let JavaScript be with you (as it's not going away any time soon)...
Read more
March 2021
Hosting SPA + .NET API solutions. Caching and environment variables
When a team produces an enterprise solution with a Single-Page Application (SPA) front-end and .NET Web API back-end, what are the options to host the two beasts?
Ultimately, we want to preserve the front-end bundle unchanged between environments, inject environment variables and have custom caching policies.
Read more
January 2021
Entity Relationships in NoSQL (one-to-many, many-to-many)
Designing 'one-to-many' and 'many-to-many' relationships to reduce read operations on querying the data.
Let's take Users, Backlog Items and Comments entities from the YABT and consider their relationships from various angles, taking into account performance, operational costs, time/costs of development and maintenance.
Read more
December 2020
Power of Dynamic fields for indexing dictionaries and collections in RavenDB
Marrying the flexibility of NoSQL entities for storing various sets of fields with strongly-typed .NET languages and powerful RavenDB indexing tools. Store custom fields, manage their C# structures and filter/search on them in the queries.
This post is a part of the YABT series dedicated to building an enterprise application leveraging the .NET Core + RavenDB bundle.
Read more
November 2020
Hidden side of document IDs in RavenDB
Strategies for document identifiers in RavenDB (and NoSQL in general). Pros and cons of GUIDs, auto-incremented numbers, use of prefixes, ID masking and more.
This post is a part of the YABT series dedicated to building an enterprise application leveraging the .NET Core + RavenDB bundle.
Read more
October 2020
NoSQL Data Model through the DDD prism
Practical modelling of a NoSQL database using the DDD (Domain Driven Design) practices to define the problem area (Bounded context) of the project, its domain entities and aggregates. Comparison to designing a relational model for a traditional SQL.
This post is a part of the YABT series dedicated to building an enterprise application leveraging the .NET Core + RavenDB bundle.
Read more
October 2020
Yet Another Bug Tracker (YABT). Start of a series
NoSQL is not hard, it’s different. And to show that, RavenDB and I kick off a new series of articles dedicated to building an enterprise application leveraging the .NET Core + RavenDB bundle.
Read more
September 2020
5 steps to better NuGet package
Five simple but often overlooked steps to provide a better experience to the devs using your NuGet package. Consider PDBs for the Symbol Server, Source Link integration, XML documentation, strong-named assemblies, CLS compliance and version managing.
Read more
July 2020
Why the IT job market is not a Free Market?
Watching the LinkedIn feed full of dramatic pleas for job during last 3 months made me wondering whether being highly qualified make you crisis-proof? Whether a job crisis like a virus leaves the strongest (most skilled) ones in the workforce and slaughters the weak ones? Is the IT job market better than others? In other words, is the IT job market a Free Market?
Read more
April 2020
6+ ways to marry C# with TypeScript
A popular bundle of .NET + SPA framework (e.g. Angular, React, Vue) has a notorious problem of enforcing contracts between the back-end and the front-end. Among all solutions, code generation tools are particular tempting. And here is analysis of all the major players to get the job done: NSwag, Swagger Codegen, OpenAPI Generator, AutoRest, WebApiClientGen and TypeWriter (plus 2 extra tools with partial functionality).
Read more
March 2020
RavenDB vs Cosmos DB
When it comes to choosing a platform for a new application there is a lot to consider at different levels. For the CTO or Architect the focus is on providing the required scale, resiliency, maintainability, elasticity. And all of it within a certain price range. For the developers, the preference goes to elegant solutions, well integrated with the preferred technology stack and with smooth (pain-free) development experience.
Read more
January 2020
Is Mediator/MediatR still cool?
Arguably, the Mediator pattern has become cool among the .NET devs when Jimmy Bogard released MediatR library 4 years ago. That library made words "Mediator" and "MediatR" interchangeable in the devs' lexicon. And as usual, trendy tools get often misused and applied without a second thought. Here I'm playing devil's advocate and look closely at its pros and cons. Is it still useful for modern .NET projects? May it become an anti-pattern one day as Service Locator did?
Read more
November 2019
Two reasons to NoSQL
Following up on my "7 reasons not to NoSQL", here are my two reasons to go with NoSQL in enterprise projects - Cheaper to scale and Convenience of development.
Read more
September 2019
Seven reasons not to NoSQL
Have you seen people affiliated with NoSQL databases aggressively advertising them as a solution for everything? And early adopters swearing allegiance to the NoSQL and claiming to pass the point of no return to SQL? Unsurprisingly, one may think of NoSQL as the silver bullet which solves all the problems. Should we always use NoSQL?
Read more
August 2019
Wonderland of TypeScript enums
Coming from high-level programming languages to TypeScript, a mere mortal dev may naively use an enum for a predefined list of numeric or textual values. Because really, how could it possibly be different in TypeScript?.. Unfortunately, it can and here is a quick run down the Rabbit Hole of TypeScript enums.
Read more
July 2019
RavenDB. Two years of pain and joy
Having actively used RavenDB for a couple of years, I constantly get asked by other devs about feedback on the database. They usually expect to hear something simple and straightforward, like "love it" or maybe even "hate it", but my experience doesn't fall into any of these extremes. After 2 years I'm torn apart by polarised feelings about the database, and my expected-to-be-simple response turns into a long story about all the pros and cons, love and hatred. So here is my story.
Read more
June 2019
Preventing Cross-site scripting (XSS) attacks in Angular and React
Cross-site scripting (XSS) is one of the most common application-layer web attacks. Are Angular or React apps safe? And if not, how to protect them? Some methods are easy to implement, others (like Content Security Policy) require more attention. Anyway, applying right settings is not a smooth ride, and some potholes and gotchas are described here.
Read more
May 2019
6 most common mistakes of Angular devs revealed on code reviews
For professional developers, code/peer review is an essential step of the internal QA. Over the years, among a wide variety of problems revealed on code reviews, I found that some appear more often than others. Here is a list of the most common ones. So, the code is working, meets acceptance criteria, passed dev's testing and here we go...
Read more
April 2019
Make Angular Reactive Forms strongly typed
Strongly typed Reactive Forms is the elephant in the room the Angular team doesn't want to talk about. In the absence of the official solution, developers can use some tricks to enforce type checking in the Reactive Forms. Here are two plausible solutions.
Read more
March 2019
.NET Core project without Autofac. Is it viable?
Perhaps, Autofac is the most popular DI/IoC container for ASP.NET projects. But, since .NET Core has a pretty decent DI/IoC container, why would one still need Autofac? This is a story of gains and losses from switching a mid-sized project from Autofac to the standard .NET Core container.
Read more
March 2019
Gatsby. Blogging platform engine for developers
Nowadays, an urge to write can be easily satisfied. Simply jump to Medium and you can fire away typing your first blog post. Not happy with your posts getting lost among millions of similar looking pages from thousands of bloggers? Then start building you own website for a small fee on Squarespace, WordPress and the likes. But for software developers…
Read more