Internware
Delhi, India
Engineered event registration system handling800+ registrationsand500+ paid transactionsper event, integratingCashfree
API with Express and MongoDB.
Identified and fixed a client-sidepayment vulnerability, redesigning flow with server-side validation andwebhook verification
to ensuretransaction integrity.
Implementedreservation-based registration with TTLto prevent seat hoarding and auto-expire inactive bookings.
Builtdynamic cart systemfor multi-day events, enabling tier modification and post-purchase session additions without
admin intervention.
Developedcoupon management systemallowing non-technical teams to manage discount codes with expiry controls.
Developedpermission-based admin dashboardwithreal-timeattendance tracking, ensuring a single source of truth.
Bachelor of Computer Application
GPA: 9.1/10.0
Offloaded file transfers from the server usingMinIO presigned URLs; enforced MIME type and size constraints at the storage
layer before files reach the application.
Implementedwebhook-based upload confirmationwith shared secret verification; usedMongoDB TTL indexto auto-expire
incomplete uploads after 24 hours.
Architected decoupledauthentication servicewith async email delivery viaAWS SNS/SQS/Lambda; addedDead Letter
Queuewith CloudWatch alarms and 3-retry strategy for failures.
BuiltJWT (RS256)auth with httpOnly cookies,Google OAuth 2.0, and rate limiting.
Implemented per-usermutex lockingto preventrace conditionsanddouble-spendingin concurrent transactions.
DesignedidempotentAPI layer ensuring duplicate requests do not result in duplicate financial operations.
Builtwrite-through balance caching, reducing redundant database aggregation queries.
Preventeduser enumerationattacks by equalizing authentication response timing using bcrypt fallback strategy.
ImplementedRBACwith scoped access control and enforcedsoft deletes(deletedAt) to maintainaudit trails.
Payment Architecture, OAuth 2.0, SSL Certificates, UPI Systems, Access & Refresh Tokens.