Laraue Software Blog β€” C# .NET Development & Open Source

Real code, real decisions, real tradeoffs. We write about what we build β€” .NET libraries, Telegram bots, AI integrations, and the architecture mistakes worth learning from.

Telegram Login Widget vs Mini App auth in .NET β€” two validation schemes, one JWT
Part 13 of building a Telegram task tracker solo. Users asked for a web version outside Telegram, so it needed its own login. Adding the Telegram Login Widget meant a second validation scheme alongside the Mini App's β€” and both end at the same JWT, because the app barely depends on Telegram past login.
Read β†’
Saving media from a Telegram bot β€” store the preview, stream the original
Part 11 of building a Telegram task tracker solo. Teaching the capture bot to handle photos and video, and the storage decision behind it β€” keep small previews on disk, stream full files straight from Telegram on demand without buffering them in memory, using nginx range-request passthrough, instead of re-hosting everything.
Read β†’
When not to use a nullable foreign key β€” modelling the empty state as a default row
Part 9 of building a Telegram task tracker solo. The issue layer in the web app and the database design decision at its centre β€” when a nullable foreign key is the wrong choice and a dedicated default row is better, using issues, epics and the backlog as the example.
Read β†’
Telegram Mini App authentication in .NET end to end β€” initData validation, JWT issuing and the Nuxt frontend
Part 8 of building a Telegram task tracker solo. The full Telegram Mini App authentication flow in a real .NET and Nuxt app β€” validating the initData signature on the server with HMAC-SHA256, issuing and using a JWT bearer, reading the user from HttpContext, and why CORS matters.
Read β†’