A production-ready RESTful API for managing tasks with JWT-based authentication, built with ASP.NET Core 10 and Entity Framework Core.
- 🔐 JWT Authentication — Secure token-based auth for all protected endpoints
- 📋 Task CRUD — Full Create, Read, Update, Delete operations on tasks
- 👤 User Registration & Login — Stateless auth with hashed passwords
- 📄 Swagger UI — Interactive API documentation out of the box
- 🏗️ Clean Architecture — Separated Controllers, Services, DTOs, Models, and Data layers
- ⚙️ Entity Framework Core — Code-first migrations with SQL Server
TaskManagerAPI/
├── Controllers/
│ ├── AuthController.cs # Registration & login endpoints
│ └── TasksController.cs # Task CRUD endpoints
├── DTOs/
│ ├── LoginDto.cs
│ ├── RegisterDto.cs
│ ├── TaskCreateDto.cs
│ ├── TaskUpdateDto.cs
│ └── TaskResponseDto.cs
├── Data/
│ └── AppDbContext.cs # EF Core database context
├── Middleware/
│ └── ... # Custom middleware
├── Migrations/ # EF Core database migrations
├── Models/
│ ├── User.cs
│ └── TaskItem.cs
├── Services/
│ ├── IAuthService.cs
│ ├── AuthService.cs
│ ├── ITaskService.cs
│ └── TaskService.cs
├── appsettings.json
├── appsettings.Development.json
└── Program.cs
- .NET 10 SDK
- SQL Server (or SQL Server Express / LocalDB)
- Git
-
Clone the repository
git clone https://github.com/ahmedosamaexe/task-manager-api.git cd task-manager-api -
Configure the connection string
Open
appsettings.jsonand update theConnectionStringssection:{ "ConnectionStrings": { "DefaultConnection": "Server=YOUR_SERVER;Database=TaskManagerDB;Trusted_Connection=True;TrustServerCertificate=True" } } -
Configure JWT settings
In
appsettings.json, set your JWT secret:{ "Jwt": { "Key": "your-super-secret-key-at-least-32-characters", "Issuer": "TaskManagerAPI", "Audience": "TaskManagerAPI" } } -
Apply database migrations
dotnet ef database update
-
Run the API
dotnet run
-
Open Swagger UI
Navigate to
https://localhost:{port}/swaggerin your browser to explore and test the API interactively.
| Method | Endpoint | Description | Auth Required |
|---|---|---|---|
| POST | /api/auth/register |
Register a new user | ❌ |
| POST | /api/auth/login |
Login and receive JWT | ❌ |
| Method | Endpoint | Description | Auth Required |
|---|---|---|---|
| GET | /api/tasks |
Get all tasks for user | ✅ |
| GET | /api/tasks/{id} |
Get a task by ID | ✅ |
| POST | /api/tasks |
Create a new task | ✅ |
| PUT | /api/tasks/{id} |
Update an existing task | ✅ |
| DELETE | /api/tasks/{id} |
Delete a task | ✅ |
This API uses JWT Bearer Tokens for authentication.
POST /api/auth/register
Content-Type: application/json
{
"username": "ahmed",
"email": "ahmed@example.com",
"password": "YourPassword123!"
}POST /api/auth/login
Content-Type: application/json
{
"email": "ahmed@example.com",
"password": "YourPassword123!"
}A successful login returns a JWT token:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}Include the token in the Authorization header for all protected requests:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...Swagger UI: Click the Authorize button (🔒) at the top of the Swagger page and enter
Bearer <your_token>to authenticate all requests directly from the browser.
Ahmed Osama
This project is open source and available under the MIT License.