RDNLabs
System Design

License Platform Architecture

Clean architecture with CQRS, domain-driven design, dual authentication, and cryptographic token management.

System Overview

Consumer App

Rdn.Identity

License API

.NET 10

Endpoints

MediatR

Domain

SQL Server

EF Core 10

Backend Architecture

1

Endpoints Layer

RESTful API controllers organized by resource. Versioned routes with Swagger documentation. Thin controllers that dispatch to MediatR handlers and return standardized responses.

2

CQRS Handlers

MediatR command and query handlers organized by feature area. Each operation gets its own subfolder with a request class and handler class extending ApiRequestHandlerBase.

3

Domain Layer

Core entities (Product, PricingTier, LicenseKey, Customer, Activation) with EF Core configurations, soft-delete support, audit tracking, and value converters.

4

Persistence Layer

Entity Framework Core 10 with SQL Server. Dapper for raw queries. Data Protection encryption via [Protected] attribute with custom EF Core value converter.

5

Authentication Pipeline

Dual auth schemes: JWT Bearer for admin/user sessions (via Rdn.Identity) and API Key scheme (X-Api-Key header) for machine-to-machine calls from consuming applications. Permission-based access control via [HasPermission] attribute.

6

Token Signing Service

RSA-256 JWT signing with configurable key source: local PEM file for development or Azure Key Vault for production. Key Vault integration delegates signing remotely so the private key never leaves the vault.

Project Structure

License API

.NET 10 backend with feature-based endpoint organization, CQRS command/query handlers, token signing service, and Data Protection encryption.

License Domain

Core entity models, EF Core configurations, DbContext, interfaces, value converters, and domain abstractions.

License Web

Next.js 16 dashboard with App Router, NextAuth.js OIDC, admin management views, user self-service, and drag-and-drop sortable lists.

Shared Platform

Rdn.Platform.Authorization NuGet package providing JWT validation and permission-based access control shared across all RDN services.

Frontend Architecture

Public

Unauthenticated

  • /register - Self-service registration
  • Product catalog browsing

User Dashboard

Authenticated

  • View active licenses
  • Claim pending licenses
  • Auto-provisioned customer record

Admin Panel

Permission-Protected

  • Products management
  • Pricing tiers and features
  • Customers and license keys
  • Activations and pending claims
  • System logs and API health

Technology Stack

Backend

.NET 10
ASP.NET Core
EF Core 10
Dapper
MediatR 14
AutoMapper 16
FluentValidation 12
Serilog
Azure Key Vault
Data Protection

Frontend

Next.js 16
React 19
TypeScript 5.9
Tailwind CSS 4
NextAuth.js v5
React Icons
@dnd-kit
App Router

Quick Start

1

Clone Repo

git clone github.com/...
2

Configure

Edit appsettings.json
3

Run API

dotnet run
4

Run Web

npm run dev