Yensie Core API
An enterprise-grade, multi-tenant work management backend featuring polymorphic data modeling, atomic transactions, and a FIDO2 WebAuthn identity provider.
Role
Lead Product Engineer
Timeline
8 Weeks
Core Stack
Accelerated by
antigravity
The Context
The Problem
Enterprise work management often suffers from fragmented identity provisioning and rigid relational schemas. Disparate tables for Projects, Epics, and Tasks create brittle, non-performant queries and severe scaling bottlenecks when dynamically shifting assignee states or logging activity.
The Solution
I engineered a domain-driven NestJS backend utilizing a centralized, polymorphic state machine via Prisma ORM, drastically reducing query overhead while natively supporting strict referential integrity. This was coupled with a custom-built authentication layer offering JWT, SAML SSO, and Passwordless Passkeys (WebAuthn).
System Architecture
A highly resilient, domain-driven architecture focused on security, data integrity, and cross-platform authentication.
- →Relational Multi-Tenancy Engine: Utilizing PostgreSQL with Prisma, enforcing strict isolation via composite unique constraints and cascading hierarchical deletes.
- →Authentication Matrix: Multi-vector identity provider using Passport-JWT with rotated refresh tokens and biometric FIDO2 authentication.
- →Atomic Transaction Pipelines: Critical data mutations wrapped entirely in Prisma $transaction blocks to ensure ACID compliance and zero orphan records.
- →Cloud Integration Infrastructure: Asynchronous transactional email via Resend and distributed artifact storage through AWS S3.
Feature Deep-Dives
Polymorphic Work Item State Machine
A centralized model that collapses Projects, Features, Stories, Tasks, and Bugs into a singular polymorphic database entity managed by a strict state machine.
Technical Hurdles Overcome
- ▪Prevented circular dependencies and orphaned states by hardcoding nested hierarchy validation directly into the creation pipeline.
- ▪Engineered an async side-effect matrix where updating a phase triggers parallel writes to Activity Logs and fan-out notification queues.
Passwordless WebAuthn & Enterprise SSO Pipeline
A secure authentication system allowing biometric passkeys and deep-linking enterprise tokens directly into a desktop Electron client.
Technical Hurdles Overcome
- ▪Architected an SSO Callback controller that bridges the web-to-desktop gap by intercepting auth tokens and executing dynamic deep-link payloads.
- ▪Hardened the security layer by silently succeeding on invalid credential requests and leveraging OTP hashing before storage to eliminate intercept risks.
The AI Multiplier
I heavily leveraged LLM tooling to accelerate boilerplate NestJS module generation, rapidly scaffold complex DTO validations (class-validator), and execute mundane Prisma migrations. By outsourcing the repetitive architectural scaffolding to AI, I redirected my engineering bandwidth strictly into refining concurrency logic and hardening cryptography.
Analytics & Outcomes
A forensic-level auditing and data restoration layer built into the core API.
- //Relational Activity Logs: Tracks granular state drifts with JSON metadata, providing immediate forensic accountability for all user actions.
- //Self-Compiling Documentation: Integrated @nestjs/swagger to auto-compile interactive API docs with defined JWT Bearer flows for zero-friction frontend integration.
- //Polymorphic Trash Staging: A unified recovery model with expiresAt timestamps, allowing for point-in-time API resource restoration and safe deletions.
Discover More
Explore other high-performance technical case studies.