The backend of the eUNI application is responsible for secure data management, business logic processing, and API service delivery for a student scheduling web platform. It is implemented in C# using ASP.NET Core 8 and follows a multi-layered N-Layer architecture.
The backend is divided into three core layers (N-Layered Architecture):
- User Interface Layer - contains controllers that expose REST API endpoints. Responsible for receiving HTTP requests and returning responses.
- Business Logic Layer (BLL) - contains services that handle business rules and data processing. Acts as an intermediary between UI and data access layers.
- Data Access Layer (DAL) - uses Entity Framework Core (EF Core) for ORM. Handles CRUD operations and database interactions.
eUNI-API/Attributes/– Custom attributes (e.g., role-based auth)Configuration/– JWT and other config settingsControllers/– API endpointsData/– EF Core DB context and migrationsEnums/– Constant definitionsException/– Custom exceptionsHelpers/– Shared utility methodsMiddlewares/– Global error handling logicModels/DTOs&Models/Entities– Data transfer and DB modelsRepositories/– Data layer access logicServices/– Business logic implementationsProgram.cs– Entry point and API bootstrappingappsettings.json– Environment-based configurations
Tokens are transmitted via HTTP headers and cookies to ensure secure session management. The application uses:
- JWT (JSON Web Token) - for stateless authentication.
- Refresh Token - stored in HTTP-only cookies, used to renew JWTs.
The default expiration time for tokens is:
- JWT: 15 minutes
- Refresh Token: 3 days
Passwords are hashed using bcrypt with added salt on frontend. Next the server-side app uses hashing utilizes PBKDF2 to mitigate brute-force attacks.
- Users: Stores credentials, role, and hashed passwords
- Roles: Role-based access control
- RefreshTokens: Stores refresh tokens for session extension
- PasswordResetLogs: For password recovery
- Classes, ClassDates, Hours - Handle scheduling
- FieldOfStudy, FieldOfStudyLogs - Degree programs
- StudentGroups, Groups - Student cohorts
- OrganizationOfTheYear, DaysOff, Years - Academic calendar
The backend supports role-based access via JWT claims. RESTful APIs provide endpoints for:
- User registration & login
- Profile & schedule management
- Admin features: course/year management, user roles
Ical.Net library is used to generate iCalendar-compatible files. Schedule exports to Google Calendar or Outlook are supported.
A global middleware component captures unhandled exceptions and returns standardized JSON responses with the appropriate HTTP status codes (e.g., 400, 403, 500). To support this mechanism, custom exception classes were implemented to handle specific error types, including:
- HttpBadRequestException
- HttpUnauthorizedException
- HttpForbiddenException
- HttpNotFoundException
- HttpCustomException
- Copy
.env.exampleto.env.
cp .env.example .env- Create a secure key for the
JWT__Keyenvironment variable using the following command.
node -e "console.log(require('crypto').randomBytes(256).toString('hex'));"- Configure CORS by specifing the frontend adress in
AllowedOrigins.
When ASPNETCORE_ENVIRONMENT is set to Development in the .env file, the Swagger UI is available at http://localhost:5000/swagger
A live demo of the app is hosted at: api-euni.jakubniewelt.pl
NOTE: Deployment handled via Coolify with GitHub Actions integration for automated CI/CD.