- Added AppHost and ServiceDefaults for Aspire Support
- Switched from Microsoft SqlServer to PostgreSQL
- Added configurations to support migration inclusion for containerized environments
dotnet ef migrations add Init \
--project src/Infrastructure \
--startup-project src/ApiApply DB Update (From solution root)
dotnet ef database update --project src/Infrastructure/ --startup-project src/Api/- .NET Secret Manager
- Run from your project launch folder/composition root (Api in this case)
dotnet user-secrets init
dotnet user-secrets set "Authentication:Google:ClientSecret" "YOUR_GOOGLE_CLIENT_SECRET"❓ Screw it up? Soft reset to a prior commit.
- git reset --soft COMMITID will move history back to the specified commit but will not change local file status.
git log --online
git reset --soft ccee696REST API Response Code Notes
| Endpoint Type | Possible Response Codes | Code Short Description | Response Headers & Response Body |
|---|---|---|---|
GET /collection (e.g., GET /api/users) |
200 OK | Success. The request was successful, and the collection of resources is in the body. | Headers: Content-Type: application/json Body: A JSON array of the resources. This should be an empty array [] if no items are found, not a 404. |
| 400 Bad Request | The request included invalid parameters (e.g., an invalid filter or sort key). | Headers: Content-Type: application/problem+json Body: A JSON object detailing the error. |
|
GET /collection/{id} (e.g., GET /api/users/123) |
200 OK | Success. The specific resource was found and is in the body. | Headers: Content-Type: application/json Body: A single JSON object representing the resource. |
| 404 Not Found | Resource not found. The server could not find a resource matching the provided ID. | Headers: - Body: Typically empty, or a standard error object. |
|
POST /collection (e.g., POST /api/users) |
201 Created | Success (Best Practice). The resource was successfully created. | Headers: Location: /api/users/124 (URL to the new resource). Body: (Optional but recommended) A JSON representation of the newly created resource, including its server-generated ID. |
| 400 Bad Request | Validation failed. The request body contained invalid or missing data. [ApiController] does this automatically. |
Headers: Content-Type: application/problem+json Body: A JSON object detailing the model validation errors. |
|
| 409 Conflict | The resource could not be created because it would create a conflict (e.g., a user with that email already exists). | Headers: - Body: A JSON object explaining the nature of the conflict. |
|
PUT /collection/{id} (e.g., PUT /api/users/123) |
204 No Content | Success (Best Practice). The resource was fully updated. No body is returned as the client already has the new state. | Headers: - Body: Empty. |
| 200 OK | Success (Alternative). The resource was updated, and the server is returning the updated representation. | Headers: Content-Type: application/json Body: The full, updated JSON object. |
|
| 404 Not Found | The resource to be updated could not be found. | Headers: - Body: Typically empty. |
|
| 400 Bad Request | The request body for the update was invalid. | Headers: Content-Type: application/problem+json Body: A JSON object detailing the validation errors. |
|
DELETE /collection/{id} (e.g., DELETE /api/users/123) |
204 No Content | Success. The resource was successfully deleted. | Headers: - Body: Empty. |
| 404 Not Found | The resource to be deleted could not be found. | Headers: - Body: Typically empty. |
These codes can be returned by almost any endpoint.
| Response Code | Code Short Description | When It's Used |
|---|---|---|
| 401 Unauthorized | The client has not authenticated. | The request requires authentication, but no valid token (e.g., JWT Bearer token) was provided. The client should log in first. |
| 403 Forbidden | The client is not allowed to perform this action. | The client is authenticated (logged in), but their role or permissions do not grant them access to this specific resource or action. |
| 500 Internal Server Error | A generic, unhandled exception occurred on the server. | This indicates a bug in your API code. The response body should not expose sensitive details like stack traces in a production environment. |
Ok(object)-> 200 OK with a body.CreatedAtAction("ActionName", routeValues, object)-> 201 Created with aLocationheader and a body.NoContent()-> 204 No Content.BadRequest(object)-> 400 Bad Request with a body detailing errors.NotFound()-> 404 Not Found.Conflict(object)-> 409 Conflict with a body.Forbid()-> 403 Forbidden.Unauthorized()-> 401 Unauthorized.