Source Library

Organization
Playpower Labs
Role
Backend Developer
Team Size
2
Duration
6 Months
Tech Stack
React • TailwindCSS • FastAPI • MongoDB • AWS S3 • OpenAI • Google Gemini • Mistral

Source Library is a web platform that makes rare Hermetic and esoteric texts accessible through digitization, AI-assisted processing, and modern web technologies. The project focuses on preserving cultural heritage while enabling new forms of research, interpretation, and discovery.

Key Contributions

Full-Stack Ownership & Collaboration · System Evolution · Delivery

  • Initially contributed as a backend engineer alongside a frontend developer.

  • Took full ownership of frontend development after the frontend developer's contract ended, transitioning into a full-stack role.

  • Worked closely with CEO to continue delivery without disrupting timelines or system stability.

  • Ensured continuity of development while expanding system capabilities.

Multi-Tenant System Architecture · Scalability · Isolation

  • Designed and implemented a multi-tenant architecture to support multiple organizations/clients on a single platform.

  • Applied the Bulkhead design pattern to isolate tenants across different AWS and MongoDB regions and connections.

  • Implemented backend middleware to resolve tenant context from a request header (tenant slug) and route requests accordingly.

  • Added an LRU cache layer to optimize tenant resolution lookups and reduce database overhead.

Authentication & Authorization · Security · RBAC

  • Implemented secure authentication using Argon2 with salt and pepper for password hashing.

  • Designed a JWT-based authentication system with access and refresh tokens.

  • Refresh tokens:

    • Stored as HTTP-only cookies
    • Long TTL (20 days)
    • Revoked on logout and tracked in a dedicated revocation store

  • Access tokens:

    • Short TTL (20 minutes)
    • Managed in-memory on the frontend client

  • Implemented role-based access control (RBAC) across backend APIs and frontend UI.

  • Defined hierarchical roles: super admin, admin, editor, user, guest.

  • Enforced authorization on backend endpoints even if frontend checks are bypassed.

Frontend Infrastructure · Client Enforcement · Consistency

  • Implemented Axios interceptors to automatically attach:

    • Tenant slug headers
    • Authorization headers when access tokens are available

  • Controlled UI rendering and route access based on user roles and permissions.

  • Ensured frontend behavior remained consistent with backend authorization rules.

AI-Assisted Document Processing Pipeline · OCR · Language Models

  • Integrated multiple AI providers including Gemini, OpenAI, and Mistral.

  • Built an end-to-end processing flow where users upload scanned PDFs.

  • Used AI to:

    • Split double-page book scans into individual pages
    • Perform OCR on scanned pages
    • Translate extracted text

  • Implemented tooling to:

    • Re-split incorrectly processed pages
    • Reorder pages to restore correct reading sequence