Backend Engineering · Systems · APIs

Building Systems That Solve Real Problems

I focus on backend engineering, scalable APIs, distributed systems, and data-intensive applications. Each project below is a full case study — architecture decisions, challenges solved, and lessons learned.

3 Case Studies·Production-Grade·Security First·Open Source Principles
01 / Storage / Product Preview

Cloud Storage Platform

A Drive-style cloud storage product with folders, uploads, auth, sharing, and a polished file-management experience.

Cloud Storage Platform project preview
Case Study 01
Storage2024Full Stack

Cloud Storage Platform

A scalable cloud storage platform inspired by modern file management systems — designed to handle file uploads, directory structures, sharing, authentication, and storage management at scale. Built with a strong focus on security, performance, and maintainability.

Node.jsExpress.jsMongoDBJWTZodReactTailwind CSSGoogle OAuthGitHub OAuth
Overview

The platform enables users to organize, share, and manage digital assets through a seamless web experience. The system was designed from the ground up to support a rich set of user-facing features while maintaining clean backend architecture, security best practices, and data integrity.

Unlike traditional storage solutions, this platform supports both personal and shared workspaces with fine-grained access control — enabling users to create public sharing links with configurable permissions while keeping private data fully isolated.

Security was treated as a first-class concern throughout development — not an afterthought. Every route, token, and data access path was evaluated for injection, traversal, and privilege escalation risks.

Key Metrics
99.9%Uptime design target
<50msQuery response target
6+Auth flows supported
RBACAccess control model
Key Features

Multi-Provider Authentication

Secure login via Google OAuth, GitHub OAuth, and email OTP verification — all backed by JWT-based session management.

Hierarchical File System

Parent-child folder relationships with recursive traversal, mirroring a real OS file system at the database layer.

Access-Controlled Sharing

Generate secure, token-scoped public links for files or folders with configurable visibility and expiry.

Advanced Search & Filtering

Real-time search across file names, types, and metadata — powered by indexed MongoDB queries.

Trash & Recovery System

Soft-delete mechanism with a recoverable trash bin — ensuring no accidental permanent data loss.

Starred & Recent Tracking

User activity tracking for recently accessed and starred files — improving navigation efficiency.

Technical Challenges & Solutions

One of the major challenges was designing a scalable file and folder hierarchy while maintaining fast retrieval and navigation. Below are the critical problems identified and the solutions implemented.

Scalable Hierarchical Data Model

Designed a parent-child MongoDB schema where each file and folder stores a reference to its parent ID. This allows O(1) lookups per level, and efficient recursive traversal for operations like folder size calculation or bulk deletion — without expensive recursive joins.

Secure Public File Sharing

Implemented token-based public sharing where each shareable link contains a signed, time-scoped token. Access to shared resources is isolated from private user sessions — even if a private file ID is guessed, it cannot be accessed without the valid share token.

NoSQL Injection & XSS Prevention

All user inputs are sanitized before reaching the MongoDB query layer. Mongoose schema validation combined with Zod boundary validation ensures no malformed operators can manipulate queries. Helmet.js and Content-Security-Policy headers protect against XSS vectors.

Performance-Optimized Queries

Strategic MongoDB indexing on parent IDs, user IDs, and file names reduces query time for folder listing from O(n) table scans to near-constant lookups. Lean queries strip Mongoose overhead for read-heavy operations.

Architecture & Security

The backend follows an API-first architecture with a clean separation between controllers, services, and data access layers. The authentication system is stateless — all session state lives inside signed JWTs — making horizontal scaling straightforward.

Auth StrategyJWT stateless + OAuth provider delegation
Data ModelMongoDB parent-child with compound indexing
API StyleRESTful with resource-based routing
ValidationZod schemas at every request boundary
Rate LimitingReady architecture with middleware hooks
Security Measures
NoSQL injection prevention via schema enforcement
Cross-site scripting (XSS) protection with Helmet.js
Request sanitization on all user-controlled inputs
Secure authentication workflows with short-lived tokens
Protected API endpoints with JWT middleware
Access-controlled shared resources via signed tokens
Secure token validation with signature verification
Rate-limiting ready architecture
What I Learned
Backend architecture design
Secure authentication systems
Data modeling for hierarchical structures
API design best practices
Scalable file management systems
Role-based access control patterns
NoSQL query optimization
OAuth integration flows
Interested in building something similar?

Some of the best products start with a simple conversation.

Whether you're building a scalable backend, a distributed system, or a data-driven application — I'd love to discuss your project and explore how I can help turn your ideas into reliable software.

Scalable backendsDistributed systemsAI integrationsAPI architectureSecurity engineering
Start Chat