BiteStash

Overview

BiteStash is a full-stack mobile application built as a learning-focused project to deepen my understanding of modern backend development with ASP.NET Core. The app allows users to save and track restaurants they’ve visited or want to try, along with personal notes, ratings, and visit history.

While the core functionality is intentionally simple, the focus of the project was on building a production-style backend with proper architecture, external API integration, and cloud deployment.

Key Features

• Search and select real-world restaurants using the Google Places Api.
• Save restaurants as 'Visited' or 'Want to Try'
• Add personal notes, ratings, and optional visit dates
• Open restaurants directly in Google Maps for full details
• Secure authentication with persistent login sessions

API Key Features

• ASP.NET Core Web API with clean layered architecture (Controllers → Services → Data)
• JWT Authentication + Refresh Tokens using ASP.NET Identity for secure, persistent mobile sessions
• Hashed refresh token storage with support for multiple concurrent device sessions
• Cloud deployment on Azure Container Apps from container images published to GitHub Container Registry
• Azure SQL Database + Entity Framework Core for relational data access and migrations
• Secure secret management with Azure Key Vault
• Dockerized backend for consistent builds and deployment portability
• Google Places API Integration for accurate restaurant search and selection (place ID-based)
• Backend-only external API calls to protect API keys and centralize integrations
• DTO-based API design to enforce clear contracts between frontend and backen

Technical Highlights

The backend is built with ASP.NET Core Web API using a clean layered architecture that separates controllers, business logic, and data access. Entity Framework Core is used for database interactions with Azure SQL, including migrations and schema management. The API uses DTOs for all request and response models to maintain clear boundaries between layers and avoid exposing internal database structures.

Authentication is implemented using ASP.NET Identity with JWT access tokens and refresh tokens to support persistent mobile sessions. Refresh tokens are securely stored in hashed form and allow multiple concurrent sessions across devices.

Cloud and Deployment

One of the primary goals of this project was to gain hands-on experience with the Azure ecosystem and understand how backend applications are deployed in a more enterprise-oriented cloud environment.

This led to a deployment pipeline where the backend is containerized using Docker, published as an image to GitHub Container Registry (GHCR), and deployed to Azure Container Apps. The application uses Azure SQL Database for persistent storage, while Azure Key Vault is used to securely manage sensitive configuration such as connection strings and API keys, ensuring a clear separation between code and infrastructure.