boot
@portfolio

ΛOMI Editorial

2 min read
Venkat Nithin
Next.jsExpress.jsTypeScriptMongoDBZustandReact QueryPlaywright

Executive Summary

ΛOMI Editorial is a domain-driven marketplace architected to solve a critical two-sided market problem: empowering freelance photographers with dynamic, shareable bento-grid portfolios while providing clients with a hyper-filtered discovery engine based on location, budget, and specialty.

The Architecture

To handle the heavy I/O of image processing without blocking the UI thread, I intentionally decoupled the architecture.

  • Frontend: A highly-responsive, SSR-optimized interface built with Next.js App Router and TailwindCSS. I utilized React Query for server-state caching (eliminating UI flicker) and Zustand for localized global state.
  • Backend: A dedicated, stateless Node.js/Express REST API that handles secure media uploads, complex aggregation pipelines, and custom authentication.

Hard Engineering Problems Solved

1. Enterprise-Grade Custom Authentication

Rather than relying on expensive managed providers (like Auth0 or Clerk), I engineered a secure, dual-token (Access + Refresh) JWT authentication system from scratch.

  • XSS Prevention: Tokens are securely transmitted and stored exclusively in httpOnly, secure, and sameSite cookies.
  • CSRF Defense: Implemented a strict double-submit cookie strategy with custom Axios interceptors automatically fetching and rotating x-csrf-token headers on all unsafe mutating requests.
  • Brute Force Protection: Developed specialized Express Rate Limiters (e.g., max 10 login attempts per 15 mins) that intelligently skip successful requests to punish bots without impacting legitimate users.

2. High-Performance Media Pipeline

Photographers upload massive raw image files, which traditionally cripple web performance.

  • Integrated the Cloudinary CDN to handle on-the-fly image compression and WebP conversion.
  • Database Refactoring: Consolidated scattered image references into a centralized polymorphic Portfolio collection. I applied compound MongoDB indexes (photographerId + purpose) to reduce complex joins into a single, lightning-fast database query that returns all profile assets simultaneously.

Quality Assurance

To ensure unbreakable production deployments, I built a robust End-to-End (E2E) testing suite using Playwright. The suite aggressively tests critical user flows—including the auth lifecycle and bento-grid drag-and-drop mechanics—preventing regressions before they reach the main branch. Strict TypeScript schemas and Zod API validations enforce end-to-end type safety across the network boundary.

Interested in working together?

I'm always open to discussing new projects and opportunities.