Developer
Specialised in building operational platforms for freight & maritime businesses: real-time AIS integrations, voyage analytics over real sea-lane routing, role-based operations consoles, and customer-facing tracking experiences — delivered end-to-end from database schema to production deployment, with security and API-cost efficiency as first-class constraints.
Technologies integrated
A deliberately lean, self-contained stack — fast to deploy, cheap to run, zero client-side framework weight.
Challenges overcome
The problems that separate a template from a platform — each solved, verified live, and in production.
Ships don't sail in straight lines
Naïve point-to-point routing drew vessel corridors across Madrid and the Sahara. Integrated an offline shipping-lane graph with Dijkstra routing (searoute), snapped endpoints to exact ports, and rebuilt all voyage math — distances, progress %, ETAs — over real sea paths through Gibraltar and Suez.
Dirty AIS data on voyage playback
Weak Class-B transponders produced teleporting ships and tracks crossing Africa. Built a sanitization pipeline — impossible-speed rejection (>60 kn implied), null-island filtering, chronological repair — and rendered coverage gaps honestly as dashed "no data" segments instead of fake straight lines.
No global AIS feed on a startup budget
The API only allows 50 NM radius scans — a world feed is impossible. Engineered chained corridor scanning along computed sea lanes, destination-first scan ordering (dense Asian waters were exhausting the vessel cap before Europe was ever reached), and regional fan scans — global-feeling search at single-digit credit cost.
API credits as a hard constraint
Every provider call costs money. Layered caching so nothing is fetched twice: permanent port-geocode cache, once-per-vessel spec fetches, memoized route distances, TTL'd registry lookups — the live map polls the local database at zero cost between refreshes.
A contact form under bot attack
Production spam flood (hundreds of bot messages triggering email bounces). Countered with defense in depth: hidden honeypot, session fill-time analysis, per-IP rate windows, fuzzy content scoring and sender blocklists — spam quarantined silently, humans never see a CAPTCHA.
Security without friction
Multi-team console (shipping / billing / fleet) on a permission engine, TOTP two-factor, login lockouts, CSRF everywhere, rate-limited public tracking — and an admin entrance that cloaks itself as a 404 unless approached through a secret gate, so even the existence of an admin account leaks nothing.
Pixel-faithful design handoffs
Two complete visual systems shipped: a dual-theme (Day/Night) operations console, then a verbatim port of a designer prototype — 1,000+ lines of design DSL translated to server-rendered EJS + a single hand-written stylesheet, with animated SVG map illustrations and zero framework overhead.