Skip to main content

Prerequisites

Before installing AndanDo, ensure you have the following requirements:

Required Software

  • .NET SDK 10.0 (or 8.0+)
  • SQL Server 2019+ or SQL Express
  • Git for source control
  • Visual Studio 2022+ or VS Code

External Services

  • Internet connection (for Nominatim geolocation)
  • PayPal Developer Account (optional, for payments)
  • Google Maps API Key (optional, for maps)
  • SMTP Server (optional, for emails)
If you don’t have .NET 10 SDK, you can use .NET 8.0 by changing TargetFramework in AndanDo.csproj to net8.0.

Installation Steps

1

Download the Source Code

Clone or download the AndanDo repository:
git clone <repository-url>
cd AndanDo
2

Install .NET SDK

Download and install the .NET SDK from dotnet.microsoft.com.Verify installation:
dotnet --version
Expected output: 10.0.x or 8.0.x
3

Set Up SQL Server

Install SQL Server and create the database:
CREATE DATABASE AndandoDB;
GO

-- Create a user for the application
CREATE LOGIN andando_user WITH PASSWORD = 'YourSecurePassword123!';
GO

USE AndandoDB;
GO

CREATE USER andando_user FOR LOGIN andando_user;
ALTER ROLE db_owner ADD MEMBER andando_user;
GO
In production, use a dedicated user with minimal required permissions instead of db_owner.
4

Run Database Migrations

Execute the database schema scripts to create all required tables and stored procedures:
-- Core tables: Usuarios, Roles, UsuarioRoles
-- Tour tables: Tours, TourHeroInfo, TourInclusions, TourItinerary, TourFaq
-- Ticket tables: TourTicketTypes, TourExtras, TourExtraTicketPrices
-- Reservation tables: TourReservations, TourReservationTickets
-- Utility tables: PostLikes, Reviews, Settings
Check the Database folder in the repository for complete SQL scripts.
5

Configure Application Settings

Navigate to the project directory and configure appsettings.json:
cd AndanDo/
See the Configuration section below for detailed settings.
6

Restore NuGet Packages

Install all dependencies:
dotnet restore
This installs:
  • Microsoft.Data.SqlClient v6.1.3
  • System.IdentityModel.Tokens.Jwt v8.14.0
  • MailKit v4.14.1
  • System.Drawing.Common v8.0.7
7

Build the Project

Compile the application:
dotnet build
Verify no build errors occur.
8

Run the Application

Start the development server:
dotnet run
Or for production:
dotnet run --configuration Release

Configuration

Database Connection

Configure the SQL Server connection in appsettings.json:
appsettings.json
{
  "ConnectionStrings": {
    "DefaultConnection": "Server=localhost;Database=AndandoDB;User Id=andando_user;Password=YourSecurePassword123!;TrustServerCertificate=true;"
  }
}
For Azure SQL Database, use: Server=tcp:yourserver.database.windows.net,1433;Initial Catalog=AndandoDB;User ID=youruser;Password=yourpass;Encrypt=True;

JWT Authentication

Configure JWT settings for secure authentication:
appsettings.json
{
  "Jwt": {
    "Issuer": "AndanDo",
    "Audience": "AndanDo",
    "SecretKey": "c0d3x-andando-production-secret-key-must-be-min-32-chars",
    "ExpirationMinutes": 120
  }
}
Security Critical: Change the SecretKey to a strong, randomly generated value. Never use the example key in production!
openssl rand -base64 32

SMTP Email Configuration

Configure email service for notifications and password resets:
appsettings.json
{
  "Smtp": {
    "Host": "smtp.gmail.com",
    "Port": 587,
    "UseSsl": false,
    "UseStartTls": true,
    "User": "[email protected]",
    "Password": "your-app-specific-password",
    "FromEmail": "[email protected]",
    "FromName": "AndanDo"
  }
}
For Gmail, use an App Password instead of your regular password.

PayPal Integration

Configure PayPal for payment processing:
appsettings.json
{
  "PayPal": {
    "Mode": "sandbox",
    "ClientId": "your-paypal-client-id",
    "ClientSecret": "your-paypal-client-secret",
    "BaseUrl": "https://api-m.sandbox.paypal.com"
  }
}
1

Create PayPal Developer Account

Visit developer.paypal.com and create a developer account.
2

Create App Credentials

Create a new app in the PayPal Developer Dashboard to get ClientId and ClientSecret.
3

Configure for Production

For production, change:
  • Mode to "live"
  • BaseUrl to "https://api-m.paypal.com"
  • Use production credentials

Environment-Specific Configuration

Create appsettings.Development.json for local development:
appsettings.Development.json
{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "ConnectionStrings": {
    "DefaultConnection": "Server=localhost;Database=AndandoDB_Dev;User Id=dev_user;Password=dev_pass;TrustServerCertificate=true;"
  }
}
appsettings.Development.json overrides settings from appsettings.json when running in Development mode.

Project Structure

Understanding the AndanDo project structure: 
AndanDo/
├── Components/
│   ├── Pages/
│   │   ├── Home.razor              # Landing page
│   │   ├── Marketplace.razor       # Tour marketplace
│   │   ├── SearchResults.razor     # Search results
│   │   ├── TourDetails.razor       # Tour detail view
│   │   ├── Login_Account.razor     # User login
│   │   ├── Register_Account.razor  # User registration
│   │   ├── Invoice.razor           # Invoice generation
│   │   └── Dashboard/
│   │       ├── Index.razor         # Dashboard home
│   │       ├── MyBookings.razor    # User reservations
│   │       ├── MyProfile.razor     # User profile
│   │       └── Settings.razor      # User settings
│   └── Shared/
│       ├── Searchbar.razor         # Search component
│       ├── NavMenu.razor           # Navigation
│       └── ValidateLogin.razor     # Auth guard
├── Services/
│   ├── Auth/
│   │   ├── AuthService.cs          # Authentication logic
│   │   ├── UserSession.cs          # Session management
│   │   └── PasswordResetService.cs # Password recovery
│   ├── Tour/
│   │   └── TourService.cs          # Tour management
│   ├── Paypal/
│   │   ├── PaypalService.cs        # PayPal integration
│   │   └── PaypalOptions.cs        # PayPal config
│   ├── Email/
│   │   ├── EmailService.cs         # Email sending
│   │   └── SmtpOptions.cs          # SMTP config
│   ├── JWT/
│   │   └── JwtTokenService.cs      # JWT tokens
│   └── Utility/
│       ├── PostLikeService.cs      # Likes system
│       ├── ReviewService.cs        # Reviews
│       ├── CurrencyConversionService.cs
│       └── AssistanceTextService.cs
├── Dtos/
│   ├── TourDtos.cs                 # Tour DTOs
│   ├── AuthDtos.cs                 # Auth DTOs
│   └── SearchFilterDto.cs          # Search DTOs
├── wwwroot/
│   ├── uploads/                    # Uploaded images
│   └── template/
│       └── Factura_Template.html   # Invoice template
├── Program.cs                      # Application entry point
├── appsettings.json               # Configuration
└── AndanDo.csproj                 # Project file

Service Registration

AndanDo services are registered in Program.cs:
Program.cs
var builder = WebApplication.CreateBuilder(args);

// Add Blazor Server components
builder.Services.AddRazorComponents()
    .AddInteractiveServerComponents();

// Register application services
builder.Services.AddScoped<ITourService, TourService>();
builder.Services.AddScoped<TourService>();

// JWT configuration
builder.Services.Configure<JwtOptions>(builder.Configuration.GetSection("Jwt"));
builder.Services.AddScoped<IJwtTokenService, JwtTokenService>();

// Authentication services
builder.Services.AddScoped<IAuthService, AuthService>();
builder.Services.AddScoped<IPasswordResetService, PasswordResetService>();
builder.Services.AddScoped<UserSession>();

// Email services
builder.Services.Configure<SmtpOptions>(builder.Configuration.GetSection("Smtp"));
builder.Services.AddScoped<IEmailService, EmailService>();
builder.Services.AddScoped<IMailService, MailService>();
builder.Services.AddSingleton<MailNotificationDispatcher>();

// PayPal integration
builder.Services.Configure<PaypalOptions>(builder.Configuration.GetSection("PayPal"));
builder.Services.AddHttpClient<IPaypalService, PaypalService>();

// Protected browser storage
builder.Services.AddScoped<ProtectedLocalStorage>();

// Utility services
builder.Services.AddHttpClient<IAssistanceTextService, AssistanceTextService>();
builder.Services.AddScoped<ICurrencyConversionService, CurrencyConversionService>();
builder.Services.AddScoped<IPostLikeService, PostLikeService>();
builder.Services.AddScoped<IReviewService, ReviewService>();

// Authentication & authorization
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
    .AddCookie();
builder.Services.AddCascadingAuthenticationState();

Data Models

Core DTOs

public record TourRegistrationRequest(
    string OwnerUserId,
    string Title,
    string LocationLabel,
    string ShortDescription,
    string DescriptionHtml,
    string ImageList,
    bool IsActive,
    bool MuestraInstantanea,
    bool IsQuote,
    bool IsNoPayment,
    decimal? QuoteDepositPercent,
    int? QuoteDueDays,
    DateTime? CreatedAt,
    DateTime? UpdatedAt);

Security Considerations

Password Hashing

PBKDF2 with SHA256, 100,000 iterations, 16-byte salt, 32-byte key

JWT Tokens

Configurable expiration, secure secret key, issued and audience claims

SQL Injection Prevention

Parameterized queries and stored procedures throughout

HTTPS Enforcement

HSTS enabled, HTTPS redirection in production
Before deploying to production:
  • Replace all example credentials and API keys
  • Use environment variables for sensitive data
  • Enable HTTPS and HSTS
  • Configure proper CORS policies
  • Set up database backups
  • Review and restrict database user permissions

Running in Production

Build for Production

dotnet publish -c Release -o ./publish

Run as a Service

# Create service file: /etc/systemd/system/andando.service
[Unit]
Description=AndanDo Tour Marketplace

[Service]
WorkingDirectory=/var/www/andando
ExecStart=/usr/bin/dotnet /var/www/andando/AndanDo.dll
Restart=always
RestartSec=10
User=www-data
Environment=ASPNETCORE_ENVIRONMENT=Production

[Install]
WantedBy=multi-user.target

# Enable and start
sudo systemctl enable andando
sudo systemctl start andando

Troubleshooting

Symptoms: Cannot connect to SQL ServerSolutions:
  1. Verify SQL Server is running: services.msc (Windows) or systemctl status mssql-server (Linux)
  2. Test connection with SQL Server Management Studio or Azure Data Studio
  3. Check firewall allows port 1433
  4. Verify connection string format
  5. Ensure user has proper permissions
Symptoms: Users cannot log in, token validation failsSolutions:
  1. Ensure SecretKey is at least 32 characters
  2. Verify Issuer and Audience match in configuration
  3. Check token expiration time is reasonable
  4. Clear browser storage and try again
Symptoms: Payment creation fails, orders cannot be capturedSolutions:
  1. Verify ClientId and ClientSecret are correct
  2. Check BaseUrl matches your mode (sandbox vs live)
  3. Ensure PayPal developer account is active
  4. Review application logs for specific error messages
  5. Test with PayPal’s sandbox test accounts
Symptoms: Tour images don’t uploadSolutions:
  1. Verify wwwroot/uploads/ directory exists
  2. Check directory has write permissions
  3. Ensure file size is within limits
  4. Verify image format is supported (JPG, PNG)
Symptoms: Users don’t receive emailsSolutions:
  1. Verify SMTP settings are correct
  2. Check SMTP server allows connections from your IP
  3. For Gmail, ensure “App Passwords” are enabled
  4. Review firewall rules for outbound SMTP (port 587)
  5. Check application logs for SMTP errors

Next Steps

Tour Management

Learn how to create, edit, and manage tours with all features

User Authentication

Understand the authentication flow and user management

Booking System

Explore the multi-step booking workflow and reservation management

Dashboard Features

Discover creator dashboard capabilities and reports

Additional Resources

.NET Documentation

Official Microsoft .NET documentation

Blazor Server

Learn more about Blazor Server

SQL Server

SQL Server documentation and guides

PayPal Developer

PayPal integration documentation
For a quick setup without detailed configuration, see the Quick Start Guide.

Build docs developers (and LLMs) love

Get started for freeTalk to us