Computer Science student at HΓΆgskolan Kristianstad (HKR), Sweden, with a focus on backend engineering. I build typed REST APIs, design relational data models, and ship full-stack web applications, always in TypeScript, always with production habits in mind.
Recently I've shipped a sports activity platform with RBAC on Express and PostgreSQL, a personal finance tracker with Stripe billing on Supabase, and an AI study assistant on Cloudflare Workers.
Currently seeking a software engineering internship where backend architecture, data modelling, and code quality matter.
| Project | Stack | Links |
|---|---|---|
| HKIF Sports Platform | Built the backend for a university sports union: 4-tier RBAC, JWT auth, Prisma + PostgreSQL, and Vitest + Supertest integration tests. Express 5 Β· TypeScript Β· Prisma ORM Β· PostgreSQL Β· JWT Β· bcryptjs Β· Railway | Live Β· Repo |
| FinanceTracker | Built a multi-currency personal finance PWA with Stripe billing, Supabase RLS policies, and Groq AI spending insights. React Β· TypeScript Β· Supabase (PostgreSQL + Auth + Edge Functions) Β· Stripe Β· Groq AI Β· Zod | Live Β· Repo |
| AI Study Assistant | Built an edge AI chat system with real-time WebSocket, Durable Objects, and persistent sessions per user. Cloudflare Workers Β· Durable Objects Β· Llama 3.3 Β· Workers AI Β· SQLite | Live Β· Repo |
| Personal Portfolio | Built a motion-first SPA with a server-validated contact form, per-IP rate limiting, and GitHub Actions CI. React Β· TypeScript Β· Framer Motion Β· Vercel Functions Β· Resend Β· Zod Β· Vitest + Playwright | Live Β· Repo |
- Adding Redis caching and BullMQ job queues to Node backends
- Exploring multi-tenant SaaS patterns with Prisma middleware and row-level isolation
- Writing deeper integration test suites: auth middleware, role guards, and error boundary coverage
- REST API design: Router to Controller to Service layering with consistent
ApiResponse<T>contracts and a typedApiErrorclass with static factory methods (unauthorized,forbidden,notFound,conflict) - JWT authentication: Bearer token verification with a live DB lookup on every request, ensuring tokens for deleted or suspended accounts are invalidated within the token window
- Role-Based Access Control (RBAC): 4-tier privilege hierarchy (
MEMBER < LEADER < BOARD_MEMBER < ADMIN) with both exact-role (restrictTo) and hierarchical (restrictToMinRole) Express middleware guards - Password security: bcryptjs hashing with appropriate salt rounds; passwords never stored or returned in plain text
- Input validation: Zod schemas enforced on both client and server (double-validation pattern), with a dedicated
validators/layer in Express apps - Typed error handling: Custom
asyncHandlerwrapper eliminates try/catch boilerplate across all route controllers; globalerrorHandlermiddleware formats every error response consistently - Structured logging: Per-request correlation IDs and clear error categories surfaced in service logs for faster debugging
- ORM and migrations: Prisma with PostgreSQL: typed schema, enum-driven models, explicit relation definitions,
@@uniqueconstraints,@@indexannotations for query performance, and versioned migration history - Supabase auth and RLS: Row-Level Security policies for user-scoped data isolation, enforced at the database layer independent of application logic
- Integration testing: Protected routes, role-restricted actions, and JWT expiry flows covered with Vitest + Supertest; shared setup/teardown helpers keep test suites maintainable
Languages
Backend and APIs
Frontend
Databases and ORMs
Testing
Cloud and DevOps