AbdulBarr
Book An Appointment

Code Craft

How I implement features, handle edge cases, and write production-ready code — compare my implementation to typical approaches.

Book a Service / Learn More

Explore my web dev and consulting services. First consultancy is free!

Dual-Strategy Authentication

A flexible middleware that secures routes by checking httpOnly cookies first, then falling back to Bearer headers. This supports both browser sessions and mobile/API clients seamlessly.

module.exports = async function (req, res, next) {
  // 1. Prioritize secure, httpOnly cookie
  let token = req.cookies.token;

  // 2. Fallback to Authorization Header for API clients
  if (!token && req.headers.authorization?.startsWith('Bearer ')) {
Need help implementing?

Constraint-Based Team Formation

Implementing strict hackathon business rules (e.g., gender diversity requirements) directly into the API logic to ensure compliance before database commits.

// Helper: Enforce Diversity Rule
function violatesFemaleRule(teamMembers, newUser) {
  if (teamMembers.length === 5) {
    const hasFemale = teamMembers.some(m => m.gender === 'Female');
    // If team is full (5->6) and no female yet, new user MUST be female
    if (!hasFemale && newUser.gender !== 'Female') {
Need help implementing?

Defensive Data Integrity

Handling edge cases where referenced data (like a Team) might be deleted by a leader while an Invitation is still pending for a user.

router.post('/:id/accept', requireAuth, async (req, res) => {
  const invitation = await Invitation.findById(req.params.id);
  
  // Check if the referenced team still exists
  const team = await Team.findById(invitation.teamId).populate('members');
Need help implementing?

Enterprise Data Export

Advanced Admin feature allowing dynamic filtering and streaming of database records into downloadable Excel files using Streams.

router.get('/users/export', adminAuth, async (req, res) => {
  const { verified, role, q } = req.query;
  
  // Dynamic Filtering
  const filters = {};
  if (q) filters.$or = [{ name: new RegExp(q, 'i') }, { email: new RegExp(q, 'i') }];
Need help implementing?

Atomic Asset Swapping

Handling file uploads cleanly by wrapping stream-based cloud APIs in Promises and ensuring old assets are garbage-collected (deleted) before new ones are linked.

// 1. Promisify the stream upload for clean async/await usage
const uploadToCloudinary = (fileBuffer) => {
  return new Promise((resolve, reject) => {
    const stream = cloudinary.uploader.upload_stream(
      { resource_type: 'auto' }, 
      (err, result) => (err ? reject(err) : resolve(result))
Need help implementing?

Security Audit Trails

A dedicated logging system that silently tracks critical administrative actions (like deleting users or changing roles) to ensure accountability and traceability.

// Route: Delete User (Admin Only)
router.delete('/users/:id', adminAuth, async (req, res) => {
  const user = await User.findById(req.params.id);

  // 1. Perform the critical action
  await User.findByIdAndDelete(req.params.id);
Need help implementing?

Multi-Field Regex Search

A powerful, unified search API that allows admins to find users by Name, Email, or Roll Number simultaneously using regex patterns and logical OR operators.

router.get('/users', adminAuth, async (req, res) => {
  const { q } = req.query;
  const filters = {};

  // Dynamic Search Logic
  if (q) {
Need help implementing?