LogiTrack Order Management System

A comprehensive, production-ready order management system built with ASP.NET Core, featuring inventory tracking, user authentication, performance optimization, and state management.

🚀 Features

Core Functionality

• Inventory Management: Full CRUD operations for inventory items
• Order Management: Complete order lifecycle with item tracking
• User Authentication: JWT-based authentication with role-based authorization
• Performance Optimization: In-memory caching with intelligent invalidation
• State Management: Persistent state with session tracking
• Real-time Monitoring: Performance metrics and system health monitoring

Security Features

• JWT Authentication: Secure token-based authentication
• Role-based Authorization: Admin, Manager, and Employee roles
• Password Policies: Complexity requirements and account lockout protection
• Input Validation: Comprehensive validation and sanitization
• Secure Error Handling: No information leakage in error responses

Performance Features

• Intelligent Caching: 30-second expiration with sliding window
• Query Optimization: AsNoTracking and eager loading
• Performance Monitoring: Real-time metrics and response time tracking
• Memory Management: Efficient memory usage with cache limits
• Response Headers: Cache status and timing information

🏗️ Architecture

Technology Stack

• Framework: ASP.NET Core 9.0
• Database: SQLite with Entity Framework Core
• Authentication: ASP.NET Identity + JWT Bearer Tokens
• Caching: IMemoryCache with custom expiration policies
• Documentation: Swagger/OpenAPI 3.0
• Monitoring: Custom performance monitoring service

Design Patterns

• Repository Pattern: Entity Framework DbContext
• Dependency Injection: Built-in DI container
• CQRS: Separate read/write operations with caching
• State Management: Session-based state persistence
• Observer Pattern: Performance metrics collection

📋 API Endpoints

Authentication

• POST /api/auth/register - User registration
• POST /api/auth/login - User login (returns JWT token)
• POST /api/auth/create-role - Create new role (Admin)
• POST /api/auth/assign-role - Assign role to user (Admin)

Inventory Management

• GET /api/inventory - Get all inventory items
• GET /api/inventory/{id} - Get specific inventory item
• POST /api/inventory - Create inventory item (Manager/Admin)
• PUT /api/inventory/{id} - Update inventory item (Manager/Admin)
• DELETE /api/inventory/{id} - Delete inventory item (Admin only)
• GET /api/inventory/performance-stats - Performance metrics (Admin)

Order Management

• GET /api/orders - Get all orders
• GET /api/orders/{id} - Get specific order
• GET /api/orders/{id}/summary - Get order summary
• POST /api/orders - Create order (Employee/Manager/Admin)
• PUT /api/orders/{id} - Update order (Manager/Admin)
• DELETE /api/orders/{id} - Delete order (Manager/Admin)
• POST /api/orders/{id}/items - Add item to order
• DELETE /api/orders/{id}/items/{itemId} - Remove item from order

System Management

• GET /api/system/health - System health check
• GET /api/system/status - System status (Authenticated)
• GET /api/system/performance - Performance metrics (Admin)
• POST /api/system/cleanup - System cleanup (Admin)

Documentation

• GET /api/documentation - API documentation
• GET /api/documentation/architecture - System architecture

🔐 Authentication & Authorization

Default Admin Credentials

• Email: admin@logitrack.com
• Password: Admin123!
• Role: Admin

Role Permissions

• Admin: Full system access including user management
• Manager: Inventory and order management (cannot delete inventory used in orders)
• Employee: Order creation and management, view-only inventory access

JWT Token Usage

Include the JWT token in the Authorization header:

Authorization: Bearer {your-jwt-token}

🚀 Getting Started

Prerequisites

• .NET 9.0 SDK
• Visual Studio Code or Visual Studio 2022

Installation

1. Clone the repository
2. Navigate to the project directory
3. Restore packages:

   dotnet restore

4. Run database migrations:

   dotnet ef database update

5. Start the application:

   dotnet run

Access Points

• API: https://localhost:7000
• Swagger UI: https://localhost:7000/swagger
• Health Check: https://localhost:7000/api/system/health

🧪 Testing

Automated Testing

Run the comprehensive workflow test:

.\test-workflow.ps1

Manual Testing

1. Access Swagger UI at /swagger
2. Use the "Authorize" button to set your JWT token
3. Test all endpoints interactively

Performance Testing

• Monitor response times via X-Response-Time headers
• Check cache performance via X-Cache headers
• View performance metrics at /api/system/performance

📊 Performance Features

Caching Strategy

• Duration: 30 seconds absolute, 15 seconds sliding
• Invalidation: Automatic on data modifications
• Headers: X-Cache (HIT/MISS) and X-Response-Time

Query Optimization

• AsNoTracking: Reduces memory usage by 30-50%
• Eager Loading: Prevents N+1 query problems
• Consistent Ordering: Predictable result ordering

Monitoring

• Real-time performance metrics
• Cache hit/miss ratios
• Response time tracking
• System health monitoring

🗄️ Database Schema

Core Entities

• InventoryItem: Item management with location tracking
• Order: Order management with status tracking
• ApplicationUser: User management with Identity
• UserSession: Session tracking and management

Relationships

• Orders have many-to-many relationship with InventoryItems
• Users can create multiple orders
• Sessions track user activity

🔧 Configuration

Environment Variables

• ASPNETCORE_ENVIRONMENT: Development/Production
• JwtSettings__SecretKey: JWT signing key
• JwtSettings__Issuer: JWT issuer
• JwtSettings__Audience: JWT audience

Database Connection

• Development: SQLite file (logitrack.db)
• Production: Configurable via connection strings

📈 Monitoring & Observability

Health Checks

• Database connectivity
• Cache functionality
• System metrics
• Performance statistics

Logging

• Structured logging with different levels
• Performance monitoring
• Error tracking
• Security events

🛡️ Security Considerations

Authentication

• JWT tokens with 24-hour expiration
• Secure password hashing
• Account lockout protection

Authorization

• Role-based access control
• Endpoint-level security
• Business logic protection

Data Protection

• Input validation and sanitization
• SQL injection prevention
• XSS protection
• Secure error handling

🚀 Production Deployment

Recommendations

1. Use a production database (SQL Server, PostgreSQL)
2. Configure proper JWT secrets
3. Enable HTTPS in production
4. Set up proper logging
5. Configure monitoring and alerting
6. Use a reverse proxy (nginx, IIS)
7. Implement backup strategies

Performance Tuning

• Adjust cache expiration times
• Optimize database queries
• Configure connection pooling
• Monitor memory usage
• Set up performance alerts

📝 API Documentation

The API includes comprehensive documentation available at:

• /api/documentation - Complete API reference
• /api/documentation/architecture - System architecture
• /swagger - Interactive API testing

🤝 Contributing

1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Add tests
5. Submit a pull request

📄 License

This project is part of a Coursera capstone project and is for educational purposes.

🎯 Project Summary

This LogiTrack Order Management System demonstrates:

• Modern Architecture: Clean, scalable design with separation of concerns
• Security Best Practices: Comprehensive authentication and authorization
• Performance Optimization: Intelligent caching and query optimization
• Production Readiness: Health checks, monitoring, and error handling
• Developer Experience: Comprehensive documentation and testing tools

The system is ready for production deployment and serves as a portfolio-quality example of modern .NET development practices.

---

Built with ❤️ using ASP.NET Core 9.0