I build systems, not just features.
Authentication that’s airtight. Interfaces that feel seamless.
I'm a second-year CSE undergrad at GBPIET who builds things that actually work in production.
Two live projects. Real users. Real payments. Real-time everything.
I care about what happens after you deploy — token rotation, cache invalidation, CSP , CSRF edge cases. The stuff most people skip.
|
day-to-day |
in the toolbox |
security layer — CSRF · XSS Prevention · Helmet · Rate Limiting · Refresh Token Rotation
concepts I've shipped — Cursor Pagination · MongoDB Transactions · Redis Caching · SSR/SSG/ISR · Debouncing · Skeleton Loading · Indexing
An e-commerce platform built the way it should be built.
Separate portals for customers and sellers. Real Razorpay payments. Refresh token rotation so sessions don't just... expire mid-checkout.
Next.js·TypeScript·RTK Query·Express.js·MongoDB·Redis·Zod·Tailwind CSS·Razorpay
what's under the hood
- JWT access + refresh token rotation — tokens rotate silently, users never get kicked out unexpectedly
- RTK Query — cache-first data fetching, no manual loading states, no
useEffectsoup - Optimistic wishlist updates — UI responds instantly, server catches up in the background
- Google OAuth 2.0 + 2FA — because passwords alone aren't enough
- RBAC — buyers and sellers see completely different surfaces
- Razorpay — full payment flow, not just the button
- MongoDB transactions — atomic writes across collections, no partial saves
- Redis caching — hot paths don't hit the database every time
- CSRF + XSS + Helmet + rate limiting — security is not an afterthought
- Cursor-based pagination + debounced search — scales, doesn't offset-scan 10k rows
- SSR/SSG/ISR + skeleton loading + lazy loading — fast first paint, no layout shift
- Cloudinary + Multer — image uploads that actually work
A messaging app with 6+ real-time features — none of them bolted on.
Live typing indicators. Presence tracking. Delivered/read receipts. Emoji reactions. Media sharing. All of it over a single persistent Socket.IO connection.
React.js·Socket.IO·Zustand·Node.js·MongoDB·Cloudinary·Tailwind CSS·Yup·React Hook Form
what's under the hood
- Socket.IO — live typing, online presence, unread counts — all event-driven, no polling
- Delivered / read receipts — per-message status, tracked and synced across sessions
- Zustand — global state without the Redux ceremony
- React Hook Form + Yup — validation that doesn't re-render everything on every keystroke
- Media sharing — images, PDFs, text files via Cloudinary
- Emoji reactions + message actions — the UX details that make it feel real
- JWT auth + CORS — locked down properly from day one
Govind Ballabh Pant Institute of Engineering & Technology — Pauri, Uttarakhand
B.Tech · Computer Science Engineering (AI & ML) · 2024 – 2028 · CGPA 7.73
Reliance Foundation Scholar — merit-based scholarship for academic excellence
| kamaljoshi13524@gmail.com | |
| github | github.com/KamalJoshi-ai |
| portfolio | kamaljoshi-ai.xyz |
| phone | +91 79061 97202 |