Migrate Legacy / Desktop application to .NET 7 - Legal Agency

We convinced the client to migrate the legacy application to modern .NET application with the latest .NET framework.

• Message Broker : As the client's application consists of multiple small modules, we decided to implement RabbitMQ as the message broker. By doing so, we achieved loose coupling between these modules, enabling them to communicate with each other in a decoupled manner. For instance, when the customer portal needs to send an email, it publishes a request to the RabbitMQ exchange. The Email sending service, which has subscribed to this exchange, receives the request and initiates the process of sending the email. This decoupled architecture allows for scalability and flexibility, as new modules can be added or existing modules can be modified without disrupting the overall system.
• CI / CD : Given the client's requirement of deploying the application to multiple different servers, we adopted Azure DevOps as our chosen CI/CD platform. Azure DevOps provided us with a comprehensive set of tools and capabilities to automate the build, test, and deployment processes. We created separate code pipelines for each server, ensuring that changes made to the codebase are automatically built and deployed to the respective server when pushed to the release branch. This streamlined approach eliminated manual intervention and reduced the chances of human error, resulting in more efficient and reliable deployments.
• .NET 7 Implementation : To meet the client's needs for a project with messaging functionality and a login screen, we opted to develop a backend minimal API using .NET 7. This version of the .NET framework offers various enhancements and features that facilitate rapid development and improved performance. Leveraging .NET 7's capabilities, we were able to design an API that efficiently handled messaging tasks, such as sending and receiving messages, while also incorporating a user-friendly login screen. To complement the backend, we utilized Blazor WebAssembly for the frontend, allowing for a responsive and interactive user interface.
• Upgrading to the Latest .NET Framework Version : Recognizing the importance of maintaining a supported and secure codebase, we undertook the task of upgrading the existing code from .NET Framework 4.5.2 to the latest supported version, .NET Framework 4.8. By upgrading to the latest framework, we ensured that the client's application benefited from the latest security patches, performance improvements, and compatibility with other components. This upgrade involved a meticulous process of updating dependent NuGet packages to their compatible versions, making necessary code changes, and conducting comprehensive testing to guarantee the stability and reliability of the system. The successful completion of this upgrade allowed the client to leverage the advancements offered by the latest .NET Framework version, enabling them to stay up-to-date with the latest industry standards.
• Implementation of Dapper : In certain areas of the application where efficient data retrieval into lists from the database was critical, we made the decision to replace the existing NHibernate ORM with Dapper. Dapper, a lightweight micro-ORM, offers superior performance for such scenarios due to its optimized data mapping and minimized overhead. By implementing Dapper, we were able to improve the response time of select operations, enhancing the overall performance of the application. This change positively impacted the user experience by providing faster and more efficient data retrieval, particularly in areas where large datasets were involved.
• Third-party API Integration with OAuth 2.0 Mechanism : The client's requirement of displaying combined data from a legacy database and an external API necessitated the integration of a third-party API with OAuth 2.0 authentication. To achieve this, we developed a robust integration solution that seamlessly merged the results obtained from the legacy database and the API response. To enhance usability and performance, we implemented pagination and filtering mechanisms, allowing users to efficiently navigate through the combined data. As OAuth 2.0 requires the periodic generation of access tokens based on refresh tokens, we designed a reliable mechanism using generics and delegates. This approach ensured that whenever an error, such as an expired token, was encountered during API communication, the system automatically fetched an updated token using the refresh token and seamlessly resumed the original request. This implementation provided a secure and efficient integration with the third-party API, ensuring a smooth user experience and reliable data retrieval.
• Improved Front-end Page Load Performance :Recognizing the importance of optimal page load times for a seamless user experience, we focused on various strategies to improve front-end performance:
  • Minifying JavaScript Files: We analyzed and optimized the JavaScript files used in the application, ensuring they were minimized to their essential code. By utilizing minified versions of these files, such as jquery.min.js instead of the regular jquery.js, we reduced file sizes and improved loading times.
  • Leveraging Content Delivery Networks (CDNs): We identified specific JavaScript libraries that were commonly used across the application and replaced local file references with their corresponding versions hosted on reputable CDNs. This approach allowed us to leverage the distributed infrastructure of CDNs, resulting in faster and more reliable delivery of these files to end-users.
  • Script Bundling: To further optimize the loading of common scripts used across multiple pages, we implemented script bundling. By combining and compressing these scripts into a single file, we reduced the number of HTTP requests required and minimized the overall file size. This approach contributed to improved load times, especially for repeat visits where the bundled script could be cached by the browser.
  • Optimized Script Code: We reviewed and refactored script code in critical sections, identifying opportunities to enhance performance. This included optimizing loops, reducing unnecessary DOM manipulations, and improving asynchronous operations where applicable. These optimizations aimed to minimize execution time and improve the responsiveness of the user interface.
  • Asynchronous Functionality: Wherever feasible, we converted synchronous functions to asynchronous counterparts. This allowed the application to handle time-consuming operations, such as API calls or database queries, without blocking the main thread. By leveraging asynchronous programming, we achieved better concurrency and responsiveness, resulting in an overall improved user experience.
  By implementing these front-end performance optimizations, we significantly reduced page load times, ensuring that users could access and interact with the application more quickly and efficiently.
• Antiforgery Token Mechanism : To enhance the security of the application and prevent Cross-Site Request Forgery (CSRF) attacks, we incorporated the built-in Antiforgery mechanism provided by the .NET Framework. This mechanism generates a unique token for each request and validates it upon submission. By including this token in forms or AJAX requests, the server can verify the authenticity of the request, mitigating the risk of unauthorized actions. This implementation effectively protects the application and its users from potential CSRF vulnerabilities.
• Serilog Implementation : In order to improve the logging capabilities of the application, we replaced the manual log file implementation with Serilog, a popular third-party logging tool. Serilog offers a wide range of features, including various sinks for storing logs in different formats and destinations. By utilizing Serilog, we gained advantages such as enhanced log management, the ability to easily configure log levels and destinations, and comprehensive support for log rotation and retention policies. Additionally, Serilog automatically handles concurrency concerns, ensuring that every log line is correctly recorded in the designated log files. This implementation improved the overall logging experience, making it more efficient and reliable for monitoring and debugging purposes.
• Azure KeyVault : Recognizing the importance of secure storage for sensitive information such as secrets, we integrated Azure KeyVault into the application. Azure KeyVault provides a centralized and highly secure platform for storing and managing secrets, such as API keys, database connection strings, and cryptographic keys. By utilizing Azure KeyVault, we removed the need to store secrets directly in configuration files, reducing the risk of unauthorized access. Instead, the application retrieves the required secrets securely from Azure KeyVault at runtime, ensuring a higher level of security and compliance with best practices