This project showcases a comprehensive full-stack solution, combining a robust ASP.NET Core Web API backend, an MVC web frontend, and a modern React single-page application — all seamlessly integrated to provide a highly secure, scalable, and user-friendly system.

⭐ Live Demo

Note: All services are hosted on Free Tier plans.

• 🗄️ Database automatically enters paused mode after inactivity. On the initial request, please allow 1-2 minutes for it to wake up.
• ⚡ Redis Cloud is used for distributed caching — cache may be evicted or unavailable during inactivity. The application automatically falls back to In-Memory Cache to ensure uninterrupted availability.
• 📊 OpenTelemetry is enabled in the live demo — telemetry data may be unavailable or delayed due to free tier limits on the observability backend.

                                                                                                                                     

Application	Platform	Link
ASP.NET Core API		View API Documentation 🡥
ASP.NET Web MVC		Launch MVC Frontend 🡥
React SPA		Launch React Frontend 🡥
React SPA		Launch React Frontend 🡥

---

🔐 Demo Credentials

Note: These demo credentials are provided for testing and demonstration purposes only.

Username	Password	Role	Description
og	og	SuperAdmin	Full CRUD access, data export, and role management
aa	aa	Admin	CRUD operations + exporting data
uu	uu	User	Read and filter data only

---

⚙️ Compatibility / Continuous Integration (CI) Checks

🔍 CodeQL, ESLint, and Security Analysis 🛡️

☁️ Deployment (CD) and Mirroring

---

📖 Table of Contents

• 🛫 Getting Started

• 🏗️ Architecture

• 📡 Backend - ASP.NET Core Web API

• 🌐 MVC Web Frontend

• ⚛️ React Frontend

• 🚀 Deployment

• 🔄 Mirroring

---

🛫 Getting Started

To run the project locally:

1. Clone the repository

git clone https://github.com/crni99/airport-automation.git

2. Navigate to the backend API project

cd airport-automation/backend/AirportAutomationApi

3. Configure Database Provider and Connection String

• Open appsettings.json and choose your preferred database provider.
• Update the DatabaseProvider value to match your choice (SqlServer, Postgres, or MySql).
• Update the corresponding connection string with your local server details, credentials, and port.

"DatabaseProvider": "SqlServer", // <- CHANGE this to your selected provider!
"ConnectionStrings": {
  "SqlServerConnection": "Data Source=YOUR_SQL_SERVER_INSTANCE;Initial Catalog=AirportAutomation;Integrated Security=True;TrustServerCertificate=True;MultipleActiveResultSets=true;",
  "PostgresConnection": "Host=localhost;Port=5432;Username=YOUR_USER;Password=YOUR_PASSWORD;Database=AirportAutomation",
  "MySqlConnection": "Server=localhost;Port=3306;Database=AirportAutomation;Uid=YOUR_USER;Pwd=YOUR_PASSWORD;"
}

4. Initialize the database

• You will need to run the appropriate SQL script for your chosen provider to create and seed the database.
• These scripts are located in Data folder.

Database Provider	SQL File to Run	Action
	mssql.sql 🡥	Execute script against SQL Server instance.
	npgsql.sql 🡥	Execute script against PostgreSQL server (e.g., via pgAdmin).
	mysql.sql 🡥	Execute script against MySQL server (e.g., via MySQL Workbench).

5. Optional: Enable Redis Caching

• By default, the application uses In-Memory Cache for seamless local development.
• However, for better performance and distributed environments, you can easily switch that.

"ConnectionStrings": {
  "Redis": "[host]:[port],password=[password],ssl=True,abortConnect=False"
},
"Redis": {
  "Enabled": true
}

6. Optional: Enable OpenTelemetry

• By default, the application has telemetry disabled for seamless local development.
• However, for observability in distributed environments, you can easily switch that.

"OpenTelemetry": {
  "Enabled": true,
  "Endpoint": "https://otlp-gateway-prod-eu-central-0.grafana.net/otlp",
  "Headers": "Authorization=Basic YOUR_BASE64_TOKEN",
  "ServiceName": "your-service-name",
  "ServiceVersion": "1.0.0"
}

7. In your IDE (e.g., Visual Studio / JetBrains Rider):

• Set AirportAutomationApi (Web API) and AirportAutomationWeb (MVC Web) as the startup projects.
• This ensures the API and MVC frontend run together.
• Alternatively (using CLI/VS Code): Open two separate terminal windows in the airport-automation/backend directory and run the following commands concurrently:
  • For the Web API: dotnet run --project AirportAutomationApi/AirportAutomationApi.csproj
  • For the MVC Frontend: dotnet run --project AirportAutomationWeb/AirportAutomationWeb.csproj

8. Start the application

dotnet run

Optional: To use the React instead of the MVC frontend:

1. Navigate to the React frontend

cd ../../react-frontend

2. Install dependencies

npm install

3. Start the React frontend

npm run start

---

🏗️ Architecture

---

📡 Backend - ASP.NET Core Web API 🡥

Modern .NET 8 Architecture

• Built on .NET 8 (LTS) - Long-term support until November 2026
• C# 12 features - Primary constructors, collection expressions
• Clean Architecture Principles - Separation of concerns through dedicated layers and shared package versioning.

Database and Entity Framework Core

• Support multiple database providers: SQL Server, PostgreSQL, and MySQL.
• Manage database schema and migrations via Entity Framework Core for version control.
• Abstract database operations through repository pattern in dedicated layers.
• Configure entities, relationships, and migrations for schema management.

RESTful API Design

• Design and implement RESTful endpoints following HTTP best practices.
• Support standard HTTP methods (GET, POST, PUT, PATCH, DELETE) with appropriate status codes.
• Structure endpoints with consistent naming conventions and resource hierarchies.

Input Validation and Data Integrity

• Implement comprehensive input validation using data annotations and custom validators.
• Validate requests at multiple layers (DTOs, model binding, business logic).
• Return detailed validation error messages following RFC 9457 problem details standard.

RFC 9457 Problem Details for Validation Errors

• Implement RFC 9457 standard for structured error responses.
• Return detailed problem details including:
  • Error type and title
  • HTTP status code
  • Trace identifier for debugging
  • Specific validation errors per field
• Provide consistent error format across all API endpoints.

Dependency Injection and Service Layer

• Leverage ASP.NET Core's built-in dependency injection container.
• Register services with appropriate lifetimes (Scoped, Transient, Singleton).
• Implement service interfaces for loose coupling and testability.
• Organize business logic in dedicated service layer separate from controllers.

Searching, Filtering, and Paging Resources

• Implement advanced features such as searching, filtering, and paging to improve the API’s usability and performance.

Distributed Caching with Redis

• Implement a hybrid caching strategy using Redis for distributed environments and In-Memory Cache as a secondary fallback.
• Smart Switch Mechanism: The system automatically detects if Redis is enabled and reachable; if not, it seamlessly falls back to local memory to ensure 100% uptime.
• Resilient Cache Layer: If Redis becomes unavailable or runs out of memory during runtime, the system gracefully handles the failure and falls back to the database, ensuring uninterrupted API availability.
• Use caching to optimize performance-heavy operations, such as frequently accessed lookups and search results.
• Cache Stampede Prevention: Under high concurrency, a SemaphoreSlim lock per cache key ensures only one request hits the database on a cache miss — all other concurrent requests wait and read from cache once it's populated.

Observability with OpenTelemetry

• Implement a unified observability stack using OpenTelemetry for distributed tracing, metrics collection, and structured log export.
• Smart Switch Mechanism: OpenTelemetry instrumentation is conditionally enabled via configuration — if disabled, the application runs without any telemetry overhead, ensuring zero performance impact in lightweight environments.
• Distributed Tracing: Instrument ASP.NET Core request pipeline, outbound HTTP calls, and Entity Framework Core database queries to produce end-to-end traces across service boundaries.
• Metrics Collection: Capture runtime, HTTP, and application-level metrics using ASP.NET Core and HTTP client instrumentation for real-time performance monitoring.
• Structured Log Export: Export enriched, formatted log entries (including scopes) via OTLP to a centralized observability backend for centralized analysis and alerting.
• Export all telemetry signals (traces, metrics, logs) over OTLP/HTTP Protobuf to a configurable endpoint, enabling integration with backends such as Grafana, Jaeger, Tempo, or any OpenTelemetry-compatible collector.

Advanced Filtering with Filter Pattern

• Implement dedicated filter classes for each entity type (PassengerSearchFilter, PilotSearchFilter, etc.) to enable multi-field search capabilities.
• Create filter extension methods to encapsulate query building logic and promote reusability.
• Support case-insensitive search across multiple fields simultaneously (e.g., search passengers by first name, last name, UPRN, passport, address, and phone).
• Apply filter pattern to maintain clean separation between controller logic and query construction.

Exporting Data to PDF and Excel

• Implement endpoints to export data in PDF and Excel formats for reporting and offline analysis.
• Ensure exported documents preserve formatting and reflect applied filters or search criteria.
• Use QuestPDF to generate high-quality, customizable PDF documents.
• Use ClosedXML to create Excel files with structured data, formatting, and support for advanced Excel features.

Securing API and CORS Implementation

• Enable a global CORS policy (_AllowAll) for development to facilitate frontend-backend communication.
• Important: Configure more restrictive CORS policies for production environments:
  • Specify allowed origins (e.g., your frontend domain)
  • Define allowed HTTP methods and headers
  • Enable credentials if needed
• Plan migration from permissive to strict CORS policies before production deployment.

Role-Based Authorization

• Implement role-based access control with policies:
  • RequireSuperAdminRole
  • RequireAdminRole
  • RequireUserRole
• Enable fine-grained endpoint access control based on user roles to ensure secure handling of sensitive data.

Versioning and Documenting API with Swagger

• Manage API versions to maintain backward compatibility.
• Document API endpoints comprehensively for developer-friendly integration.
• Customize Swagger UI with advanced features:
  • Toggleable dark/light theme for enhanced usability
  • Custom branding with favicon and logo
  • Custom styling and behavior via injected CSS and JavaScript
  • Custom controller ordering using SwaggerControllerOrder attribute

Logging and Middleware

• Integrate Serilog for structured, centralized logging with configuration from appsettings.json.
• Implement custom middleware for enhanced diagnostics:
  • RequestLogContextMiddleware - Enriches logs with request context (trace IDs, user info)
  • GlobalExceptionHandler - Standardizes error responses and captures unhandled exceptions
• Configure logging levels and outputs (console, file, external services) for different environments.

Configuration Management

• Centralize all configurations (e.g., Serilog, rate limiting, authentication secrets, pagination settings) in appsettings.json for better maintainability and environment flexibility.

API Rate Limiting

• Implement a rate limiter to protect API resources from abuse, mitigate DDoS attacks, and enhance overall API performance.

Central Package Management

• Maintain all NuGet package versions in Directory.Packages.props at solution root.
• Enable ManagePackageVersionsCentrally for unified version control across all projects.
• Benefits:
  • Version consistency - All projects use identical package versions
  • Easy updates - Change version once, updates everywhere
  • Cleaner .csproj files - Package references without version attributes
  • No conflicts - Eliminates version mismatch issues

Unit Testing with xUnit

• Write comprehensive unit tests using the xUnit framework to validate individual components in isolation.
• Ensure tests improve code reliability, support refactoring, and simplify debugging.

Monitoring Application Health with HealthChecks

• Monitor the health of critical components with custom health check implementations:
  • DatabaseHealthCheck - Verifies database connectivity and accessibility
  • ApiHealthCheck - Monitors API availability and responsiveness
• Configure health check endpoints to provide visibility into system status and integrate them into Swagger documentation for easy access.
• Return detailed health status with Healthy/Degraded/Unhealthy states and custom messages.

---

🌐 MVC Web Frontend 🡥

HTTP Communication Layer

• Implement HttpClientFactory with Polly resilience policies:
  • Transient fault handling with exponential backoff
  • Circuit breaker for prolonged failures
  • Request timeout enforcement
• Centralize HttpClient configuration for consistent headers.

Generic API Service Layer

• Create generic CRUD methods (CreateData, ReadData, etc.) for type-safe communication.
• Dynamically construct endpoints with custom pluralization rules.
• Support advanced filtering, pagination, and data export.

View Layer

• Handle data presentation with MVC templates and model binding.
• Develop validated input forms with Bootstrap 5 styling.
• Implement AJAX requests for asynchronous updates.

Client-Side Scripting and AJAX Requests

• Leverage JavaScript, jQuery, and AJAX to build responsive and interactive user interfaces, enabling asynchronous data fetching and partial page updates without full reloads.

Centralized Message Management

• Implement Resource Files (.resx) for centralized alert and error message management.
• Create AlertService to retrieve localized messages from resource files.
• Use ResourceManager to access messages dynamically based on message keys.
• Prepare foundation for future internationalization (i18n) support.

Exporting Data to PDF and Excel

• Integrate the export functionality from the API into the MVC frontend, allowing users to generate and download PDF and Excel reports directly from the web interface.
• Provide options to reflect applied filters or search terms in the exported documents, ensuring consistency between the UI and downloaded data.
• Ensure user-friendly interactions with appropriate UI components (e.g., export buttons, spinners, error handling) for a seamless reporting experience.

Ensuring Web Application Security

• Enforce HTTPS to secure data transmission between client and server.
• Implement protections against common vulnerabilities such as Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and control Cross-Origin Resource Sharing (CORS).
• Secure API calls with bearer token authorization headers automatically added to all HTTP requests.

---

⚛️ React Frontend 🡥

User Interface Design

• Build the frontend using functional components and React Hooks.
• Design a responsive, mobile-friendly layout with modern styling techniques.
• Utilize the rich set of components from Material UI (MUI) to implement a sleek, professional, and accessible user interface based on Material Design principles.
• Implement toggleable dark/light theme with user preference persistence in localStorage.
• Customize Material-UI theme configuration for consistent styling across the application.

State Management

• Manage application state via Context API with multiple dedicated contexts:
  • DataContext - Centralized API URL configuration
  • ThemeContext - User theme preference (dark/light mode)
  • SidebarContext - Sidebar collapse/expand state
• Handle asynchronous operations efficiently using the native fetch API and middleware where necessary.

Custom Hooks for Reusability

• Implement custom hooks to abstract common data operations and promote code reuse:
  • useFetch - Generic data fetching with pagination, filtering, and error handling
  • useCreate - Unified logic for creating new entities with validation
  • useUpdate - Consistent update operations across all entities
  • useDelete - Reusable delete functionality with confirmation
  • useExport - Centralized export logic for PDF and Excel generation

Data Fetching and Integration

• Fully integrate with the backend API to retrieve and manage data such as flights, passengers, and airport operations.
• Dynamically render components based on API responses and user interactions.

Form Handling and Validation

• Manage form inputs using custom hooks (useCreate, useUpdate) with built-in validation.
• Provide real-time validation with user-friendly error handling and feedback via Snackbar notifications.

Comprehensive Client-Side Validation

• Implement entity-specific validation rules with 245+ lines of validation logic.
• Support multiple validation types:
  • Required fields, string lengths, numeric ranges, date/time formats, foreign keys
• Validate specific business rules (e.g., UPRN 13 chars, Passport 9 chars, FlyingHours 0-40000).
• Provide real-time error messages with centralized validation utilities.

Error Handling

• Implement centralized error handling with CustomError class for consistent error messages.
• Use errorUtils to differentiate between network errors, server errors, and validation errors.
• Provide user-friendly error messages and graceful degradation for edge cases.

Routing and Navigation

• Handle navigation using React Router, including dynamic and nested routes for scalability.
• Enable seamless page transitions without full reloads.

Exporting Data to PDF and Excel

• Integrate the frontend with API endpoints to allow users to export data to PDF and Excel formats.
• Allow users to apply filters or search terms before export, with generated documents reflecting those criteria.
• Accompany export actions with UI feedback such as loading spinners and error messages for an improved user experience.
• Provide download links directly in the UI for quick access to exported files.

Security and Authentication

• Implement secure user login using JWT-based authentication.
• Apply role-based access control with ProtectedRoute component to restrict features based on user permissions.
• Automatically redirect unauthenticated users to login page.
• Store authentication tokens securely and manage token expiration.

Google Maps Integration

• Integrate Google Maps embedding to display destination locations visually.
• Implement MapEmbed component for dynamic map rendering based on address input.
• Use iframe embedding with lazy loading for optimized performance.
• Provide visual context for airport destinations with interactive maps.

Performance Optimization

• Improve performance through lazy loading, code splitting, and memoization.
• Optimize re-renders using React best practices to enhance responsiveness.

Progressive Web App (PWA) Support

• Implement a complete web app manifest (manifest.json) including appropriate names, unique ID, theme colors (#009be5), and icons (including a maskable icon).
• Configure service-worker.js for offline functionality and caching strategies.
• Ensure the application meets all core PWA installability criteria (served over HTTPS, valid manifest, and service worker) to allow users to install it as a native application on their devices.

---

🚀 Deployment 🡥

• The .NET API is deployed to Azure Web App (service name airport-automation) via the automated GitHub Actions CI/CD pipeline.
• The .NET Web MVC is deployed to Azure Web App.
• The React Frontend is deployed to two platforms to ensure high availability and redundancy:
  • Azure Static Web Apps
  • Vercel
• Integrate basic logging and monitoring solutions to track application health and capture errors in production environments.

---

🔄 Mirroring 🡥

• The project is mirrored from GitHub to GitLab and Bitbucket, where custom GitHub Actions are configured to automatically trigger CI/CD pipelines on code changes.
• This mirroring setup ensures continuous integration and deployment on both GitLab and Bitbucket by synchronizing code changes pushed to GitHub.
• Both GitLab and Bitbucket automatically pick up the changes pushed from GitHub, triggering their respective CI/CD pipelines for seamless integration and deployment.

---