All build stories

01 / .NET product rebuild / 2025 — 2026

Taskie

How a university MVC project became a containerized ASP.NET Core application.

I revisited a third-year academic task manager and rebuilt it around an ASP.NET Core API, a React client, explicit permissions, and a safer local deployment workflow.

RoleFull-stack developer
StatusPortfolio-ready repository
Period2025 — 2026
StackC# · ASP.NET Core · EF Core · SQL Server · React · TypeScript · Docker

01 / Context

The project already existed. My understanding needed to catch up with it.

Taskie started as a third-year ASP.NET MVC assignment. It could demonstrate a basic workflow, but it did not yet represent the kind of backend structure, security boundaries, or deployment discipline I wanted to discuss in a .NET interview.

I returned to the project after gaining production exposure and used it as a focused environment for rebuilding my C#, SQL, and ASP.NET Core foundations around a product I already understood.

02 / Problem

A task board is simple until several people need different levels of control.

The product needed more than CRUD screens. Boards required ownership, invitations, role changes, ordered lists, ordered cards, comments, and clear rules around who could see or change each resource.

That made authorization and data relationships the real center of the project—not the drag-and-drop interface alone.

  • Owners manage members and workspace-level decisions.
  • Editors can change board content without controlling ownership.
  • Viewers can inspect the work without mutating it.
  • Position changes must survive refreshes and container restarts.

03 / Decisions

I separated the experience from the API and made permissions explicit.

The current version uses a React and TypeScript client against an ASP.NET Core Web API. Entity Framework Core maps the domain to SQL Server, while Docker Compose provides a repeatable local environment.

Authentication uses a short-lived JWT stored in an HttpOnly, SameSite cookie. The browser includes credentials without exposing the token to application JavaScript. Authorization policies then distinguish board access, content editing, and owner-only operations.

The design goal was not to claim perfect security. It was to make each trust boundary visible enough that I could explain, test, and improve it.

04 / Implementation

The rebuild became a map for the fundamentals I want to master.

Controllers, services, DTOs, middleware, LINQ queries, migrations, relationships, environment configuration, and cookie authentication are all connected to concrete user behavior in this repository.

Instead of studying each concept in isolation, I can now trace a request from a React interaction, through authentication and authorization, into EF Core and SQL Server, then back to the UI.

  • Board, list, card, comment, and membership workflows.
  • Owner, Editor, and Viewer permission checks on write operations.
  • Persistent SQL Server volume with explicit migration and backup commands.
  • Environment-based secrets and configurable CORS origins.
  • Admin boundaries and DTO-shaped responses instead of exposing entities directly.

05 / AI-assisted work

AI accelerated the refactor; the repository is now my responsibility to defend.

I used AI heavily to accelerate implementation, security review, documentation, and refactoring. That makes verification more important, not less.

My next phase is deliberate: revisit each C#, SQL, EF Core, and ASP.NET Core decision until I can explain where it lives, why it exists, how it fails, and what I would change under different constraints.

06 / Honest status

The project is useful evidence because its remaining gaps are visible.

The backend and frontend build successfully in the current repository, and the Docker workflow has been made safer and non-destructive. The project still lacks an automated test suite, production monitoring, and a hosted demo with resettable synthetic data.

Those are not details to hide. They define the next engineering work and give me concrete subjects to study before interviews.

System view

A simplified architecture to replace with the final diagram.

This intentionally describes boundaries without exposing credentials, internal hostnames, or company identifiers.

01React + Vite
02ASP.NET Core API
03Entity Framework Core
04SQL Server

Evidence snapshot

What this story can honestly support.

ArchitectureAPI + SPA
AuthorizationOwner / Editor / Viewer
DeploymentDocker Compose
Current gapAutomated tests

Media shot list

The current rebuild in use.

These views use controlled portfolio data to demonstrate the product workflow, collaboration model, and persisted application state.

Taskie dashboard with owned and shared project boardsOpen full image

Dashboard view

Boards owned and shared from one workspace

The dashboard separates owned and shared work while providing board creation, search, recency filters, and sorting.

Taskie card detail dialog with status, due date, description, and discussion fieldsOpen full image

Card interaction

Card details remain part of the workflow

A focused card surface connects status, due date, description, discussion, and destructive actions to one persisted work item.

Taskie board member dialog showing Editor and Viewer rolesOpen full image

Permission view

Collaboration with explicit board roles

The member dialog makes Editor and Viewer access visible while owner-only membership controls are enforced by the ASP.NET Core API.

Public portfolio rule

Prove the work without exposing the environment.

All demos should use synthetic content, personal sandbox accounts, rotated credentials, and newly captured media. Never publish tokens, private keys, internal logs, production endpoints, Drive identifiers, or company-only source code.

Next build story

CreateStory