outline

Things that matter when building a web app

A few years ago I started building web applications, I discovered since then that building high quality software is hard; a lot of concerns need to be addressed.

I am currently specializing in ASP.NET Core and I am exploring how this platform can help in building exceptional web applications, in this post I am sharing a list of questions worth considering when aiming to achieve technical domination and customer success.

General software practices

  • Do you have a strong build process that includes automated tests, inspections and packaging?
  • Do you version control your source code?
  • Do you have an issue tracker?
  • Do you have a WIKI?
  • Do you run continuous integration?
  • Do you practice software design?
  • Do you write clean code?
  • Do you have a fast feedback loop?
  • Do you keep an eye on performance bottlenecks?

Domain model

  • Does the application have a domain model expressed in software that depends only on: the language, its standard library, interfaces and classes that are defined in the domain layer?
  • Does your domain model enforce data constraints? All of them? Some of them? None of them? Do you make it explicit?
  • Have you considered the fact that your domain model might be used in a concurrent, parallel, distributed fashion?

Web application

  • Do you leverage your framework scaffolding capabilities for generating CRUD code (HTML+C#)? Are you aware of how much time can be saved by using a scaffolder? Do you understand the code generated by your scaffolder?
  • Are you able to use complex data bindings?
  • Do you design your urls to be legit Restfull resources?
  • Do you enforce AAA(Authenication, Authorization and Accounting) on your application? Do you understand the mechanisms provided by ASP.NET Identity?
  • Do you have a comprehensible, efficient and non-clunky way for logging the webapp activity?
  • Do you treat your javascript code as an important artifact that needs to be inspected and tested and reviewed?
  • Did you made sure to integrate a css preprocessor in your workflow? Are you even aware of the productivity boost associated with it?
  • Do you pay attention to your pages load speed on the client side? Do you minify static resources? Optimize images? Use a CDN? Do you lazy load static resources whenever relevant?
  • Do you use CSRF tokens and perform validations on input?
  • Do you properly encode server output?
  • Do you have a solid strategy for handling session state?
  • Do you have a solid strategy for Data caching?
  • Do you make sure to wrap your Domain Models into View Models to keep them free of UI specific stuff?
  • Do you make sure that your application does not hoard unused dependencies(Nuget/npm/bower)?
  • Do you make sure that your webapp is compatible across browser and that it is responsive?
  • Do you use SSL at all?
  • Do you have a localization/internationalization strategy?
  • Do you understand how the ASP.NET platform handles request (and how it creates threads for each request maybe)?
  • Do you understand the dependency injection mechanism you are using? Do you make sure it does not make unnecessary allocations?

Databases

  • Do you use an ORM, a lightweight ORM or direct SQL queries? And Why?
  • Have you considered NoSQL alternatives?
  • Do you use connection pooling for 3rd party services in general?
  • If using SQL, do you have a normalized schema that maintains data integrity?
  • Do you make sure to optimize queries?
  • Do you use prepared statements? Do you make sure to avoid SQL injections?
  • Do you use some transaction mechanism to ensure atomicity of writes that requires multiple steps?

Infrastructure

  • Have you considered how you webapp is going to be operated?
  • Did you build monitoring and logging capabilities that will allow to XRay the application while it runs?
  • Did you designed a deployment model that will allow the application to scale linearly by adding servers or by buying better servers?
  • Have you set up continuous deployment process?
  • Did you made sure that your application is stable no matter what crazy conditions you throw at it?
  • Did you plan for reliability and capacity?