- Design and build REST APIs with clear contracts, layered service boundaries, and explicit error handling
- Apply correctness-first patterns β idempotency keys for deduplication, pessimistic locking for concurrent writes, and audit trails for observability
- Structure Spring Boot applications with separation of concerns: controller β service β repository, with profile-based config for dev/prod parity
- Decompose systems into cooperating services: Java backend + Python microservice + Helm-based Kubernetes deployment (see Briefly)
- Integrate security at the infrastructure layer β custom JWT filter chain, role-scoped endpoints, and admin registration gated by a shared secret header
Backend
Java 17 Β· Spring Boot 3.x Β· Spring Security Β· Spring Data JPA Β· Python 3 Β· FastAPI Β· Node.js Β· Express.js
Databases
PostgreSQL Β· MySQL Β· MongoDB Β· H2 (testing)
Infrastructure & Tools
Docker Β· Docker Compose Β· Helm Β· Kubernetes Β· Maven Β· Gradle Β· Git Β· Caffeine Cache
Production-grade e-commerce REST API β cart, checkout, order lifecycle, payments, returns, audit trail.
Engineering Highlights
| Area | Decision |
|---|---|
| API Design | Role-scoped endpoints (USER / ADMIN); admin registration protected by X-Admin-Secret header to prevent privilege escalation without a separate admin service |
| Authentication | Custom JwtAuthenticationFilter injects principal before the security chain; access + refresh token pair with configurable expiry; 401 / 403 handled by dedicated entry points |
| Database | PostgreSQL (prod) / H2 (test) via Spring profiles; findByIdForUpdate (pessimistic lock) on product rows during checkout prevents oversell under concurrent requests |
| Idempotency | Order creation checks for an existing idempotencyKey before inserting β a duplicate POST returns the original order, not a second charge |
| Async processing | Order confirmation dispatched to a dedicated notificationExecutor thread pool via @Async β API response is not blocked by downstream notification latency |
| Caching | Caffeine in-process cache with the Spring Cache abstraction; designed to swap to Redis by changing a single dependency |
| Audit logging | Batch audit upload with per-entry idempotency keys; successCount / duplicateCount / failureCount breakdown; filterable CSV export for admin review |
| Observability | AOP-based request/response logging; order and payment status history tables capture every state transition with timestamps |
| Ops | Multi-stage Docker build; Docker Compose starts app only after pg_isready healthcheck passes; environment secrets injected at runtime, not baked into the image |
Impact Full e-commerce lifecycle in a single deployable unit: auth β catalog β cart β checkout (with promo codes) β order tracking β return requests β audit export. Documented via Swagger UI.
Multi-service URL summarization app: Spring Boot API + FastAPI LLM microservice + React UI, deployable to Kubernetes via Helm.
Engineering Highlights
- Service decomposition: Spring Boot (Java/Gradle) owns API routing and summary persistence; FastAPI (Python) isolates LLM inference β two runtimes, each independently scalable and replaceable
- Deployment: Helm chart for Kubernetes; root-level Docker Compose for local parity; each service ships its own Dockerfile
- Separation of concerns: The Java backend treats the LLM service as an internal dependency β callers never talk to the model server directly
Impact Demonstrates polyglot service design and cloud-native deployment readiness beyond a single Spring Boot monolith.
Automated aircraft damage detection system β built for Airbus Aerothon 6.0.
Engineering Highlights
- Fine-tuned YOLOv5 on a custom aviation dataset (Roboflow) to detect and localize cracks, dents, and deformities on fuselage and wings
- Random Forest classifier trained on image-extracted features to flag faulty wiring within aircraft harnesses
- Streamlit backend integrates model inference with file upload, result visualization, and repair recommendation output
- End-to-end pipeline: image upload β preprocessing (OpenCV) β damage classification β repair suggestion
Impact Working prototype delivered under hackathon time constraints; covers the full detection-to-recommendation loop for three damage categories.
Blood donation matching platform connecting donors, recipients, and blood banks.
Engineering Highlights
- JWT + Google OAuth2 via Passport.js β local and social auth strategies, session-aware cookie handling
- MongoDB/Mongoose schema design for donor profiles, donation requests, and bank inventory
- Express middleware chain: CORS β cookie-parser β auth β route handlers
Impact Full-stack MERN application with dual auth strategies and geo-aware donor matching flow.
I start with correctness before optimizing for performance. That means: define the contract, handle the failure modes, make operations safe to retry, then add caching or async paths where the profiling justifies it. I prefer explicit over implicit β if a service has a side effect (audit log, notification, stock decrement), that effect is visible in code, not hidden in an interceptor with no obvious trigger.
- Distributed systems fundamentals: consensus, replication, and partition tolerance trade-offs
- High-level and low-level system design (rate limiters, notification fan-out, distributed queues)
- Deepening Spring ecosystem knowledge: reactive streams, Spring Batch, Spring Cloud patterns
| linkedin.com/in/soumikisonline | |
| Portfolio | www.soumik.co.in |
| sahasoumik1573@gmail.com | |
| GitHub | github.com/soumik-saha |
| LeetCode | leetcode.com/soumiksaha |
Profile Notes (for reviewers)
Repositories not worth your time:
DN3.0_Exercises (training coursework), CrackYourPlacement / 6-Companies-30-Days (DSA grind repos), Number-Guessing-Game, Rock-Paper-Scissor, Simon-Game, dice-challenge, drum-kit (toy/tutorial projects), tindog, Space-Tourism, EliteTask-Dynamics (HTML/CSS clones with no backend).
High-impact projects I'm building next:
- Rate Limiter Service β token bucket + sliding window, Redis-backed, exposed as a library and as a standalone gRPC endpoint
- Distributed Task Queue β delayed job scheduling, priority queue, at-least-once delivery with retry/backoff, worker pool management
- Real-time Notification System β SSE + WebSocket fan-out, subscription management, delivery guarantee with inbox persistence