01 / Context
The project already existed. My understanding needed to catch up with it.
Taskie started as a third-year ASP.NET MVC assignment. It could demonstrate a basic workflow, but it did not yet represent the kind of backend structure, security boundaries, or deployment discipline I wanted to discuss in a .NET interview.
I returned to the project after gaining production exposure and used it as a focused environment for rebuilding my C#, SQL, and ASP.NET Core foundations around a product I already understood.
02 / Problem
A task board is simple until several people need different levels of control.
The product needed more than CRUD screens. Boards required ownership, invitations, role changes, ordered lists, ordered cards, comments, and clear rules around who could see or change each resource.
That made authorization and data relationships the real center of the project—not the drag-and-drop interface alone.
- Owners manage members and workspace-level decisions.
- Editors can change board content without controlling ownership.
- Viewers can inspect the work without mutating it.
- Position changes must survive refreshes and container restarts.
03 / Decisions
I separated the experience from the API and made permissions explicit.
The current version uses a React and TypeScript client against an ASP.NET Core Web API. Entity Framework Core maps the domain to SQL Server, while Docker Compose provides a repeatable local environment.
Authentication uses a short-lived JWT stored in an HttpOnly, SameSite cookie. The browser includes credentials without exposing the token to application JavaScript. Authorization policies then distinguish board access, content editing, and owner-only operations.
The design goal was not to claim perfect security. It was to make each trust boundary visible enough that I could explain, test, and improve it.
04 / Implementation
The rebuild became a map for the fundamentals I want to master.
Controllers, services, DTOs, middleware, LINQ queries, migrations, relationships, environment configuration, and cookie authentication are all connected to concrete user behavior in this repository.
Instead of studying each concept in isolation, I can now trace a request from a React interaction, through authentication and authorization, into EF Core and SQL Server, then back to the UI.
- Board, list, card, comment, and membership workflows.
- Owner, Editor, and Viewer permission checks on write operations.
- Persistent SQL Server volume with explicit migration and backup commands.
- Environment-based secrets and configurable CORS origins.
- Admin boundaries and DTO-shaped responses instead of exposing entities directly.
05 / AI-assisted work
AI accelerated the refactor; the repository is now my responsibility to defend.
I used AI heavily to accelerate implementation, security review, documentation, and refactoring. That makes verification more important, not less.
My next phase is deliberate: revisit each C#, SQL, EF Core, and ASP.NET Core decision until I can explain where it lives, why it exists, how it fails, and what I would change under different constraints.
06 / Honest status
The project is useful evidence because its remaining gaps are visible.
The backend and frontend build successfully in the current repository, and the Docker workflow has been made safer and non-destructive. The project still lacks an automated test suite, production monitoring, and a hosted demo with resettable synthetic data.
Those are not details to hide. They define the next engineering work and give me concrete subjects to study before interviews.



