- it's an interview project. you can read the project requirements in this file
You are tasked with developing a Tender Management API for a company that oversees the publication of tenders and collection of vendor bids. Vendors can register and submit bids to open tenders, and administrators can review and update the bid statuses.
This project evaluates your skills in:
- .NET backend development
- Database modeling
- EF Core + Dapper integration
- Software architecture and best practices
You are expected to:
- Design a normalized SQL Server schema (you define the table structures).
- Use Entity Framework Core (EF Core) for write operations (POST, PUT, DELETE).
- Use Dapper for read operations, especially where joins are involved.
- Build a RESTful API using .NET (C#).
- Implement JWT-based authentication for secure access.
- Deploy the API to IIS.
- Provide a Postman collection demonstrating all endpoints.
Your implementation should:
- Follow RESTful conventions.
- Implement proper error handling (e.g., 400, 404, 500).
- Include input validation (e.g., required fields).
- Use
Statusas a reference table (not inline text or enums). - Return related data using nested object models (e.g., Tender includes an array of Bids).
- Use appropriate HTTP status codes and messages.
- Use async/await throughout.
- Ensure clear separation of concerns (e.g., services, repositories, controllers).
Implement JWT-based authentication.
Endpoints:
POST /api/auth/register: Register new user (username, password, role)POST /api/auth/login: Authenticate user and return JWT token
Users should have a role:
AdminVendor
Protected endpoints:
- Only Admins can:
- Approve or reject bids
- Create, update, or delete tenders
You are expected to design and implement the following entities:
- User – For authentication (including role)
- Tender – Projects open for bidding
- Category – Tender classification
- Vendor – A company that submits bids
- Bid – A vendor’s proposal on a tender
- Status – Reusable status values (used for both Tender and Bid)
-
POST /api/auth/register
Register a new user (username, password, role) -
POST /api/auth/login
Authenticate and return a JWT token
-
GET /api/tenders
Return a list of tenders
Includes: Id, Title, Description, Deadline, Category (object), Status (object) -
GET /api/tenders/{id}
Return tender details
Includes: Category, Status, Bids (Bid Id, Amount, Submission Date, Vendor, Status) -
POST /api/tenders
Create a new tender (Admin only)
Requires: Title, Description, Deadline, CategoryId, StatusId -
PUT /api/tenders/{id}
Update an existing tender (Admin only) -
DELETE /api/tenders/{id}
Delete a tender (Admin only)
-
GET /api/vendors
List all vendors
Optional: include summary of bids -
GET /api/vendors/{id}
Show vendor details including bids -
POST /api/vendors
Create a new vendor
-
POST /api/bids
Submit a new bid
Requires: TenderId, VendorId, BidAmount, Comments
Status should default toPending -
PUT /api/bids/{id}/status
Update bid status (Admin only)
Requires: StatusId
-
GET /api/categories
List of tender categories -
GET /api/statuses
List of all status values (e.g., Open, Closed, Pending)
- EF Core for create/update/delete
- Dapper for read operations (especially joins/aggregations)
- SQL Server as the database engine
- JWT for authentication
- Use
appsettings.jsonfor configuration (JWT secret, token expiration)
Deploy the API on IIS.
Include:
- Deployment instructions
- Authentication configuration notes
Provide a Postman collection with:
- All endpoints
- Sample requests and responses
- Environment support (e.g., base URL, JWT token)
- README for authentication and using secured routes
- Source code (GitHub link or ZIP)
- Database backup file (.bak)
- Postman collection
- Deployment instructions (IIS)
- README file (this one)
- Correct and complete database schema
- Clear separation of EF and Dapper responsibilities
- Code structure and maintainability
- Proper JWT authentication and role-based authorization
- RESTful API design and correct use of HTTP methods
- Robust error handling and validation
- Usability of the API (via Postman)
- Successful deployment on IIS