- Scaled API to handle 5,000+ concurrent users by offloading CPU-bound cryptography (bcrypt) to a Piscina-managed worker thread pool and implementing clustering, completely eliminating event loop blocking.
- Engineered a security-critical authentication system using JWTs, stateful UUID-tracked refresh token rotation to prevent concurrent login collisions, cascade session revocation, and SHA-256 IP hashing.
- Migrated the home feed from a legacy MongoDB push model to a pull-based PostgreSQL architecture, utilizing connection pooling to aggregate social graphs on demand and eliminate synchronization drift.
- Deployed Redis-backed BullMQ worker processes for scalable asynchronous execution and distributed rate limiting, isolating background workloads from request-response latency.
- Implemented CI/CD pipelines with GitHub Actions, enforcing build validation and deterministic E2E test suites that validate core APIs, security invariants, and multi-threaded worker stability.
TypeScriptNestJSPiscina (Workers)PostgreSQLMongoDBPrismaRedis + BullMQJWT SecurityGitHub Actions CI