This is a complete eCommerce microservices application built with .NET 9.0 and Docker. The project demonstrates modern microservices architecture patterns including:
- Service-Oriented Architecture (SOA)
- API Gateway Pattern (Ocelot)
- Identity and Access Management (Duende IdentityServer)
- Message Queue Communication (RabbitMQ)
- Reverse Proxy (Nginx with HTTPS)
- Multi-Database Strategy (MySQL, PostgreSQL, MongoDB)
- Containerization (Docker & Docker Compose)
An eCommerce platform where users can:
- Register and authenticate
- Browse and manage products
- Create and manage orders
- View order history
- .NET 9.0 - Latest .NET framework
- ASP.NET Core Web API - RESTful API framework
- C# - Primary programming language
- Ocelot - API Gateway for routing and aggregation
- Duende IdentityServer - Identity and Access Management (OAuth 2.0 / OpenID Connect)
- MySQL 8.4 - Product Service (Relational data)
- PostgreSQL 16 - User Service (Relational data)
- MongoDB 7.0 - Order Service (Document database)
- RabbitMQ 3.13 - Asynchronous inter-service communication
- Docker - Containerization
- Docker Compose - Multi-container orchestration
- Nginx - Reverse proxy with HTTPS support
- Entity Framework Core - ORM for MySQL (Product Service)
- Dapper - Lightweight ORM for PostgreSQL (User Service)
- MongoDB.Driver - MongoDB client (Order Service)
- FluentValidation - Input validation
- AutoMapper - Object mapping
- Serilog - Structured logging
┌─────────────────────────────────────────────────────────────┐
│ CLIENT LAYER │
│ (Browser, Mobile App, Postman) │
└───────────────────────────┬─────────────────────────────────┘
│ HTTPS/HTTP
▼
┌─────────────────────────────────────────────────────────────┐
│ REVERSE PROXY LAYER │
│ Nginx (Port 443/80) │
│ - SSL/TLS Termination │
│ - Load Balancing │
│ - Request Routing │
└───────────────────────────┬─────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────┐
│ API GATEWAY LAYER │
│ Ocelot (Port 8010) │
│ - Request Routing │
│ - Authentication/Authorization │
│ - Rate Limiting │
│ - Request Aggregation │
└──────┬───────────────┬───────────────┬──────────────────────┘
│ │ │
▼ ▼ ▼
┌──────────────┐ ┌──────────────┐ ┌──────────────┐
│ USER SERVICE │ │PRODUCT SERVICE│ │ORDER SERVICE │
│ (Port 7155) │ │ (Port 7252) │ │ (Port 7080) │
└──────┬───────┘ └──────┬───────┘ └──────┬───────┘
│ │ │
▼ ▼ ▼
┌──────────────┐ ┌──────────────┐ ┌──────────────┐
│ PostgreSQL │ │ MySQL │ │ MongoDB │
│ (Port 5432) │ │ (Port 3306) │ │ (Port 27017)│
└──────────────┘ └──────────────┘ └──────────────┘
┌─────────────────────────────────────────────────────────────┐
│ IDENTITY SERVER │
│ Duende IdentityServer (Port 9009) │
│ - OAuth 2.0 / OpenID Connect │
│ - JWT Token Issuance │
│ - User Authentication │
└───────────────────────────┬─────────────────────────────────┘
│
▼
┌──────────────┐
│ PostgreSQL │
│ (Users DB) │
└──────────────┘
┌─────────────────────────────────────────────────────────────┐
│ MESSAGE QUEUE │
│ RabbitMQ (Port 5672) │
│ - Event-Driven Communication │
│ - Async Processing │
└─────────────────────────────────────────────────────────────┘
-
API Gateway Pattern
- Single entry point for all client requests
- Centralized authentication/authorization
- Request routing and aggregation
-
Microservices Pattern
- Each service is independently deployable
- Service-specific databases
- Loose coupling between services
-
Database per Service Pattern
- Each microservice has its own database
- No shared database dependencies
- Service autonomy
-
Service Discovery
- Docker service names for internal communication
- Environment variables for service URLs
-
Event-Driven Architecture
- RabbitMQ for asynchronous communication
- Decoupled service interactions
-
Reverse Proxy Pattern
- Nginx as entry point
- SSL/TLS termination
- Load balancing capability
Purpose: User management and authentication
Technology:
- .NET 9.0 Web API
- PostgreSQL 16
- Dapper (Data Access)
- Duende IdentityServer (Token Integration)
Responsibilities:
- User registration
- User login
- User profile management
- Integration with Identity Server for token generation
Database: PostgreSQL (ecommerce_users_db)
- Table:
Users(UserId, Email, Password, Name, Gender)
Ports:
- External:
7155 - Internal (Docker):
8090
API Endpoints:
POST /api/User/Register- Register new userPOST /api/User/Login- Login and get tokenGET /api/User/{id}- Get user by ID (Protected)
Purpose: Product catalog management
Technology:
- .NET 9.0 Web API
- MySQL 8.4
- Entity Framework Core
- RabbitMQ (Event Publishing)
Responsibilities:
- Product CRUD operations
- Product search and filtering
- Product inventory management
- Event publishing for order processing
Database: MySQL (ecommerce_products_db)
- Table:
Products(ID, Name, Category, Price, Quantity, ImagePath)
Ports:
- External:
7252 - Internal (Docker):
8080
API Endpoints:
GET /api/products- Get all products (Protected)GET /api/products/search/product-id/{productId}- Search by ID (Public)POST /api/products- Create product (Protected)PUT /api/products- Update product (Protected)DELETE /api/products/{ProductId}- Delete product (Protected)
Purpose: Order management and processing
Technology:
- .NET 9.0 Web API
- MongoDB 7.0
- MongoDB.Driver
- RabbitMQ (Event Consumption)
- HTTP Client (Service-to-Service calls)
Responsibilities:
- Order creation and management
- Order history retrieval
- Order search (by User, Product, Order ID)
- Integration with User and Product services
- Event consumption from RabbitMQ
Database: MongoDB (OrdersDatabase)
- Collection:
Order(Document-based)
Ports:
- External:
7080 - Internal (Docker):
8100
API Endpoints:
GET /api/Orders- Get all orders (Protected)POST /api/Orders- Create order (Protected)GET /api/Orders/search/orderid/{orderID}- Search by Order ID (Protected)GET /api/Orders/search/productid/{productID}- Search by Product ID (Protected)GET /api/Orders/search/userid/{userID}- Search by User ID (Protected)PUT /api/Orders/{orderID}- Update order (Protected)DELETE /api/Orders/{orderID}- Delete order (Protected)
Purpose: Authentication and authorization
Technology:
- Duende IdentityServer
- .NET 9.0
- PostgreSQL (User validation)
Responsibilities:
- OAuth 2.0 / OpenID Connect implementation
- JWT token issuance
- User credential validation
- Client and scope management
Database: PostgreSQL (ecommerce_users_db)
- Validates users against
Userstable
Ports:
- External:
9009 - Internal (Docker):
8080
Endpoints:
POST /connect/token- Token endpoint (OAuth 2.0)GET /.well-known/openid-configuration- Discovery documentGET /- Identity Server UI
Grant Types:
- Resource Owner Password Credentials (for user login)
- Client Credentials (for service-to-service)
Purpose: Single entry point for all client requests
Technology:
- Ocelot
- .NET 9.0
- JWT Bearer Authentication
Responsibilities:
- Request routing to appropriate microservices
- Authentication/Authorization enforcement
- Request aggregation
- Rate limiting (configurable)
- Request/Response transformation
Ports:
- External:
8010 - Internal (Docker):
8001
Configuration: ocelot.json
- Defines routes, authentication, and downstream services
Purpose: Entry point with HTTPS support
Technology:
- Nginx Alpine
- SSL/TLS certificates
Responsibilities:
- SSL/TLS termination
- HTTP to HTTPS redirection
- Load balancing (future)
- Request forwarding to API Gateway and Identity Server
Ports:
- HTTP:
80 - HTTPS:
443
Domains:
api-local.ecommerce.com- API Gatewayid-local.ecommerce.com- Identity Server
- ✅ OAuth 2.0 / OpenID Connect
- ✅ JWT token-based authentication
- ✅ Scope-based authorization
- ✅ Token validation at API Gateway and microservices
- ✅ Resource Owner Password Credentials grant
- ✅ Client Credentials grant for service-to-service
- ✅ HTTPS support via Nginx
- ✅ SSL/TLS certificates
- ✅ Password hashing (should be implemented)
- ✅ Token expiration (1 hour)
- ✅ Defense in depth (Gateway + Service validation)
- ✅ Microservices architecture (independent scaling)
- ✅ Stateless services
- ✅ Database per service
- ✅ Message queue for async processing
- ✅ Health checks for all services
- ✅ Docker service dependencies
- ✅ Error handling middleware
- ✅ Structured logging
- ✅ Swagger/OpenAPI documentation
- ✅ Docker Compose for easy setup
- ✅ Environment-based configuration
- ✅ Hot reload support (development)
eCommerce/
├── APIGateway/ # API Gateway (Ocelot)
│ ├── APIGateway.csproj
│ ├── Program.cs
│ ├── ocelot.json # Gateway routing config
│ ├── Dockerfile
│ └── nginx/ # Nginx configuration
│ ├── nginx.local.conf
│ ├── id-local.conf # SSL certificate config
│ ├── certs/ # SSL certificates
│ └── private/ # Private keys
│
├── eCommerce.IdentityService/ # Identity Server
│ └── Shop.Identity/
│ ├── Shop.Identity.csproj
│ ├── Program.cs
│ ├── Config.cs # Clients, Scopes, Resources
│ ├── HostingExtensions.cs # Service configuration
│ ├── Services/
│ │ └── UserService.cs # User validation
│ ├── Validators/
│ │ └── ResourceOwnerPasswordValidator.cs
│ └── Dockerfile
│
├── eCommerce.UserService/ # User Microservice
│ ├── eCommerce.Domain/ # Domain layer
│ │ ├── DbContext/
│ │ └── Repository/
│ ├── eCommerce.Core/ # Business logic
│ │ ├── Service/
│ │ │ ├── UserService.cs
│ │ │ └── IdentityService.cs # Identity Server client
│ │ ├── Repository/
│ │ ├── DTOs/
│ │ └── Validator/
│ └── eCommerce.UserService/ # API layer
│ ├── Program.cs
│ └── Dockerfile
│
├── eCommerce.ProductService/ # Product Microservice
│ ├── eCommerce.Domain/ # Domain layer
│ │ ├── DbContext/
│ │ ├── Models/
│ │ └── Repository/
│ ├── eCommerce.Core/ # Business logic
│ │ ├── Service/
│ │ ├── DTOs/
│ │ └── Validator/
│ └── eCommerce.ProductService/ # API layer
│ ├── Program.cs
│ ├── Controllers/
│ └── Dockerfile
│
├── eCommerce.OrderService/ # Order Microservice
│ ├── eCommerce.Domain/ # Domain layer
│ │ ├── Entities/
│ │ └── Repository/
│ ├── eCommerce.Core/ # Business logic
│ │ ├── Service/
│ │ ├── HttpClient/ # Service-to-service calls
│ │ ├── RabbitMQ/ # Message queue
│ │ ├── DTOs/
│ │ └── Validator/
│ └── eCommerce.OrderService/ # API layer
│ ├── Program.cs
│ ├── Controllers/
│ └── Dockerfile
│
├── eCommerce.Shared/ # Shared libraries
│ └── eCommerce.Shared/
│ ├── DTOs/ # Shared data transfer objects
│ ├── Enums/
│ └── Errors/
│
├── docker-compose.yaml # Docker orchestration
├── init-mysql.sql # MySQL initialization
├── init-postgres.sql # PostgreSQL initialization
└── eCommerce.slnx # Solution file
Client → Nginx → API Gateway → User Service → PostgreSQL
↓
Identity Server (for future token)
Client → Nginx → API Gateway → User Service → PostgreSQL
↓
Identity Server → Returns JWT Token
Client → Nginx → API Gateway (validates token) → Product Service → MySQL
↓
RabbitMQ (events)
Client → Nginx → API Gateway (validates token) → Order Service
↓
┌─────────────────┴─────────────────┐
↓ ↓
Product Service User Service
(verify product) (verify user)
↓ ↓
┌────────┴────────┐
↓ ↓
MongoDB RabbitMQ
(save order) (publish events)
- Client sends HTTP/HTTPS request
- Nginx terminates SSL and forwards to API Gateway
- API Gateway validates authentication (if required)
- API Gateway routes to appropriate microservice
- Microservice processes request and queries database
- Microservice returns response
- API Gateway aggregates/transforms response
- Nginx returns response to client
- Client sends login request
- User Service validates credentials
- User Service calls Identity Server
- Identity Server validates user and issues JWT token
- Token returned to client
- Client uses token for subsequent requests
- API Gateway validates token on each request
- Microservices also validate token (defense in depth)
- Nginx Layer - SSL/TLS termination
- API Gateway Layer - Token validation, scope checking
- Microservice Layer - Token validation, user context
Identity Server → Issues JWT Token
↓
Client stores token
↓
Client sends token in Authorization header
↓
API Gateway validates token
↓
Microservice validates token
↓
Request processed
- Each microservice can be scaled independently
- Stateless services allow multiple instances
- Load balancer can distribute requests
- Each service has its own database
- Can scale databases independently
- Read replicas can be added
- RabbitMQ handles async processing
- Decouples services
- Enables event-driven scaling
- Docker Compose for local development
- All services run in containers
- Hot reload support
- Kubernetes for orchestration
- Separate database instances
- SSL certificates from CA
- Monitoring and logging
- CI/CD pipeline
This project includes comprehensive documentation:
- PROJECT_OVERVIEW.md (this file) - High-level overview
- ARCHITECTURE_DETAILED.md - Detailed architecture explanation
- IMPLEMENTATION_FROM_SCRATCH.md - Step-by-step implementation guide
- COMPONENT_DOCUMENTATION.md - Each component explained
- API_DOCUMENTATION.md - Complete API reference
- DEPLOYMENT_GUIDE.md - Docker and deployment instructions
- DATABASE_SCHEMA.md - Database schemas
- NGINX_CONFIGURATION_GUIDE.md - Nginx setup
- IDENTITY_SERVER_GUIDE.md - Identity Server configuration
This is a production-ready microservices architecture demonstrating:
- ✅ Modern .NET 9.0 development
- ✅ Microservices best practices
- ✅ Secure authentication/authorization
- ✅ Multi-database strategy
- ✅ Containerization with Docker
- ✅ API Gateway pattern
- ✅ Event-driven communication
- ✅ HTTPS/SSL support
Perfect for:
- Learning microservices architecture
- Building scalable eCommerce platforms
- Understanding OAuth 2.0 / OpenID Connect
- Docker and containerization
- API Gateway patterns
Next Steps:
- Read
IMPLEMENTATION_FROM_SCRATCH.mdto build this from scratch - Read
COMPONENT_DOCUMENTATION.mdfor detailed component explanations - Read
API_DOCUMENTATION.mdfor API usage