IGD Support

A modern, secure ticketing system built with ASP.NET Core

Project Overview

IGD Support is a full-featured IT service management and ticketing solution designed to streamline support workflows. Built as a demonstration of modern web development practices, this application showcases enterprise-grade architecture patterns while maintaining simplicity and usability.

The system enables organisations to manage support requests, track issues, assign work to teams, and generate comprehensive reports on team performance and SLA compliance.

Technology Stack

Backend
  • ASP.NET Core 10 - Web framework
  • C# 13 - Programming language
  • Entity Framework Core - ORM for database access
  • Dapper - Micro-ORM for stored procedure calls
  • PostgreSQL - Relational database
  • Npgsql - .NET data provider for PostgreSQL
Frontend
  • Razor Views - Server-side rendering
  • Bootstrap 5.3 - CSS framework
  • Bootstrap Icons - Icon library
  • Vanilla JavaScript - Client-side interactivity
Cloud & DevOps
  • Azure App Service - Web hosting
  • Azure PostgreSQL - Managed database
  • GitHub Actions - CI/CD pipeline
Testing
  • xUnit - Unit testing framework
  • Moq - Mocking library
  • FluentAssertions - Readable assertions
  • Coverlet - Code coverage
  • Playwright - E2E browser testing
Quality Assurance
  • OWASP Security Tests - Automated security validation
  • Code Coverage Reports - HTML coverage visualization
  • Automated E2E Tests - Post-deployment validation

Architecture

The application follows a clean, layered architecture pattern:

Controllers
Handle HTTP requests
Services
Business logic layer
Repositories
Data access layer
Database
PostgreSQL with stored procedures
  • MVC Pattern - Clear separation of Models, Views, and Controllers
  • Repository Pattern - Abstracts data access logic from business logic
  • Dependency Injection - Built-in IoC container for loose coupling
  • DTO Pattern - Data Transfer Objects for clean API boundaries

Features & Capabilities

Ticket Management
  • Create, edit, and delete tickets
  • Assign to users and teams
  • Priority and category classification
  • Status workflow management
  • Due date tracking with SLA support
  • Comment system with internal notes
  • Full audit history
Team Management
  • Create and manage teams
  • Assign team managers
  • Add/remove team members
  • Team-based ticket assignment
  • Team performance tracking
Reporting & Analytics
  • Real-time dashboard with key metrics
  • Tickets by status/priority/category
  • Team and agent performance reports
  • SLA compliance tracking
  • Ticket trend analysis
User Management
  • User registration and authentication
  • Role-based access control
  • Profile management
  • Password change functionality
  • Account lockout protection

Security Practices

Security is a core focus of IGD Support. The following measures are implemented:

Authentication & Authorisation
  • Cookie-based Authentication - Secure, HTTP-only cookies with sliding expiration
  • Role-based Authorisation - Four roles: Administrator, Manager, Agent, User
  • Policy-based Access Control - Fine-grained permissions for different actions
  • Fallback Authorisation Policy - All endpoints require authentication by default
Password Security
  • PBKDF2 Hashing - Passwords hashed with 10,000 iterations of SHA-256
  • Random Salt Generation - Unique 32-byte salt per password
  • Password Complexity - Minimum 8 characters with letters, numbers, and special characters
  • Account Lockout - Automatic lockout after 5 failed login attempts
Database Security
  • Stored Procedures - All database operations via stored procedures to prevent SQL injection
  • Parameterised Queries - No string concatenation in SQL queries
  • Connection String Protection - Secrets stored in Azure App Settings, not in code
  • SSL/TLS Connections - Encrypted database connections
Web Security
  • CSRF Protection - Anti-forgery tokens on all forms
  • HTTPS Enforcement - HSTS enabled in production
  • Input Validation - Server-side validation with Data Annotations
  • XSS Prevention - Razor automatically encodes output
Audit & Logging
  • Action Logging - All significant actions logged with timestamps
  • Login Tracking - IP address and user agent recorded on login
  • Ticket History - Complete audit trail of all ticket changes
  • Structured Logging - Using ILogger for consistent log output

CI/CD Pipeline & Testing

Automated build, test, and deployment pipeline ensures code quality and reliability:

Push
Build
Unit Tests
Deploy
E2E Tests
Live
GitHub Actions Workflow
  • Automatic Triggers - Build on push to main branch and pull requests
  • Multi-stage Pipeline - Build → Test → Deploy → E2E validation
  • Azure Federated Credentials - Secure, passwordless deployment to Azure
  • Artifact Upload - Test results and reports stored for review
Unit Testing (113 Tests)
  • Service Layer Tests - Full coverage of business logic
  • DTO Validation Tests - Input validation rules verified
  • Result Pattern Tests - Operation result handling validated
  • Code Coverage Reports - Cobertura format with HTML visualization
E2E Testing (Playwright)
  • Core Functionality Tests - Ticket lifecycle, user workflows, team management
  • Security Tests - Authentication, authorization, CSRF, XSS, SQL injection
  • OWASP Validation - Sensitive data exposure, IDOR vulnerability checks
  • Cross-browser Support - Chromium-based testing in CI
  • Automatic Cleanup - Test data removed after each run

Developed as a demonstration project

© 2026 IGD