outline
Things that matter when building a web app
A few years ago I started building web applications, I discovered since then that building high quality software is hard; a lot of concerns need to be addressed.
I am currently specializing in ASP.NET Core and I am exploring how this platform can help in building exceptional web applications, in this post I am sharing a list of questions worth considering when aiming to achieve technical domination and customer success.
General software practices
- Do you have a strong build process that includes automated tests, inspections and packaging?
- Do you version control your source code?
- Do you have an issue tracker?
- Do you have a WIKI?
- Do you run continuous integration?
- Do you practice software design?
- Do you write clean code?
- Do you have a fast feedback loop?
- Do you keep an eye on performance bottlenecks?
Domain model
- Does the application have a domain model expressed in software that depends only on: the language, its standard library, interfaces and classes that are defined in the domain layer?
- Does your domain model enforce data constraints? All of them? Some of them? None of them? Do you make it explicit?
- Have you considered the fact that your domain model might be used in a concurrent, parallel, distributed fashion?
Web application
- Do you leverage your framework scaffolding capabilities for generating CRUD code (HTML+C#)? Are you aware of how much time can be saved by using a scaffolder? Do you understand the code generated by your scaffolder?
- Are you able to use complex data bindings?
- Do you design your urls to be legit Restfull resources?
- Do you enforce AAA(Authenication, Authorization and Accounting) on your application? Do you understand the mechanisms provided by ASP.NET Identity?
- Do you have a comprehensible, efficient and non-clunky way for logging the webapp activity?
- Do you treat your javascript code as an important artifact that needs to be inspected and tested and reviewed?
- Did you made sure to integrate a css preprocessor in your workflow? Are you even aware of the productivity boost associated with it?
- Do you pay attention to your pages load speed on the client side? Do you minify static resources? Optimize images? Use a CDN? Do you lazy load static resources whenever relevant?
- Do you use CSRF tokens and perform validations on input?
- Do you properly encode server output?
- Do you have a solid strategy for handling session state?
- Do you have a solid strategy for Data caching?
- Do you make sure to wrap your Domain Models into View Models to keep them free of UI specific stuff?
- Do you make sure that your application does not hoard unused dependencies(Nuget/npm/bower)?
- Do you make sure that your webapp is compatible across browser and that it is responsive?
- Do you use SSL at all?
- Do you have a localization/internationalization strategy?
- Do you understand how the ASP.NET platform handles request (and how it creates threads for each request maybe)?
- Do you understand the dependency injection mechanism you are using? Do you make sure it does not make unnecessary allocations?
Databases
- Do you use an ORM, a lightweight ORM or direct SQL queries? And Why?
- Have you considered NoSQL alternatives?
- Do you use connection pooling for 3rd party services in general?
- If using SQL, do you have a normalized schema that maintains data integrity?
- Do you make sure to optimize queries?
- Do you use prepared statements? Do you make sure to avoid SQL injections?
- Do you use some transaction mechanism to ensure atomicity of writes that requires multiple steps?
Infrastructure
- Have you considered how you webapp is going to be operated?
- Did you build monitoring and logging capabilities that will allow to XRay the application while it runs?
- Did you designed a deployment model that will allow the application to scale linearly by adding servers or by buying better servers?
- Have you set up continuous deployment process?
- Did you made sure that your application is stable no matter what crazy conditions you throw at it?
- Did you plan for reliability and capacity?