Application Code

TypeScript

C++

Emscripten

PHP

Python

WordPress

Node.js Data Transfer Agent

Course and Job Vacancy Data

A backend service application built using the LoopBack 4 framework. It is designed to manage educational courses and job vacancy data for Gateshead Council Learning and Skills department. It serves as an integration layer between different external systems and a custom CMS application:

Tribal ebs - Learning management system
GOV.UK Apprenticeships - UK government's apprenticeship vacancy service API
HubSpot - Employer info managed via the CRM
GetMyFirstJob - Apprenticeship agency
GetTheData Publishing Limited - Postcode lookup service

It stores comprehensive course and job vacancy information in a MySQL database. The CMS uses this data to regularly and automatically create and update content that is topographically and geographically relevant. Content can be automatically published on the live website via a built-in templating engine or CMS content managers can moderate and edit the content before it is published.

Learner Data

A backend service application built using the LoopBack 4 framework. It serves as a data integration and transfer tool for Gateshead Council Learning and Skills department. It facilitates regular, secure and automated exchange of learner data between various external systems:

Tribal ebs - Learning management system
MyConcern - Student safeguarding platform
SmartAssessor - ePortfolio platform
Gmail - Email notifications and communication

The application implements increased security measures because it handles personal and sensitive data:

Transient data only. Data is passed directly between external services, no data is stored in the application
External credentials are encrypted at-rest using AES-256-CBC
Security by design: encryption keys are intrinsically tied to the host machine's hard disk drive UUID, established during deployment. The keys are never stored in the application or in environment variables, they are generated at runtime using the relevant disk drive UUID
Hardware-binding protection: if the hard disk changes (either virtual or physical), the connection details cannot be decrypted, preventing unauthorized access in case of disk theft or virtual machine cloning. Eradicates the vulnerabilities of storing keys in environment variables.
OAuth2 authentication for Google services
Uses SFTP (SSH File Transfer Protocol) rather than FTP/FTPS where HTTPS is unavailable.

Exploring tRPC, ZAP and Zod Output Schemas

tRPC is a framework that simplifies API development by providing end-to-end type safety between client and server, effectively eliminating the need for traditional REST or GraphQL boilerplate and potentially offering a superior developer experience.

ZAP (OWASP Zed Attack Proxy) is an open-source web application security scanner, primarily used for dynamic application security testing.

Zod is a TypeScript-first schema declaration and validation library, allowing developers to define data shapes with strong type inference.

ZAP can automatically identify security vulnerabilities in REST APIs. However, its ability to do so effectively is significantly boosted when it has a highly detailed schema to reference expected responses. The schema detail required goes well beyond the scope provided by a standard OpenAPI specification.

This is where Zod becomes incredibly powerful. While servers commonly use Zod for validating input schemas, implementing Zod for output schemas provides a precise, type-safe definition of the data that should be returned by the API. This provides better synergy with ZAP, as it can then rigorously validate API responses against an exact specification, catching unexpected data, missing fields, or potential data leakage.

To tie these two together, tRPC was chosen due to it's potential to transparently provide a single interface for both server and client, inherently verified and validated with comprehensive end-to-end type safety. This creates a robust, end-to-end development approach with security intrinsically embedded throughout the pipeline.

While the proof of concept successfully demonstrated the power of this integrated approach, the broader adoption and widespread support of both tRPC and automated output schemas (especially those generated directly from TypeScript definitions) in popular frameworks remain limited.

3D Digitization & Modeling

A personal project exploring 3D scanning and object reconstruction:

Realsense D415 3D Camera: Personally acquired and utilized this hardware for hands-on 3D data capture.
Realsense SDK: Employed for seamless camera control and efficient acquisition of raw 3D data.
Custom Automated Turntable: Designed and integrated a motor-driven electronic turntable for systematic, multi-view object acquisition, controlled via code.
Point Cloud Library (PCL) C++: Utilized extensively to develop a robust 3D object scanning and processing pipeline.
6-Degree-of-Freedom (6D) ICP: Implemented for precise and robust (L*a*b* colour space + x,y,z spatial dimension) iterative closest point registration of multiple scans.
Surface Mesh Reconstruction: Applied to transform acquired point clouds into detailed and manifold 3D surface models.
MeshLab: Used for comprehensive visualization, inspection, and analysis of the resulting 3D models.

WordPress Plugins

Created custom plugins for school websites:

Enhanced User Management: Implements custom user roles (e.g., teacher, office staff) with specific permissions, alongside configurable login redirects to provide a seamless user experience, either role-based or directly to the homepage.
Streamlined Admin Interface: Simplifies the WordPress admin bar for specific users by removing unnecessary elements like the "Edit Page" button, creating a cleaner and more focused interface.
Customized Content Display & Navigation: Provides advanced control over category pages, including custom URL slugs, the ability to display only top-level posts, and filtering out child category content. Also sets default behaviours for media, such as gallery images linking to files and PDF files not showing as inline embeds.
Divi Theme Performance & Compatibility: Includes automated daily and on-save purging of Divi theme's static CSS to ensure design updates are always reflected and prevent caching issues. Addresses compatibility for third-party plugins (e.g., Embed Any Document, External Media) within the Divi theme environment.

Chrome Extensions

Created a Chrome extension that acts as a custom user layer on top of the fixed third-party, eSchools platform administrative dashboard.

It enables me to automate repetitive tasks and implement custom logic without requiring provider-side changes. It significantly enhances productivity for platform administrators, offering features like bulk file and folder uploads with smart duplication checks, and streamlined CSV-based user imports. Built with AngularJS and integrating directly with the platform via content scripts, it transforms inefficient manual processes into swift, automated operations, saving considerable administrative time.

MEANr Stack

Mysql Express Angular Node relational

Created an alternative to mean.io and meanjs that's a bit MEANr.

It is a full stack framework for building web and hybrid mobile applications with MySQL, Express.js, AngularJS, and Node.js.

JSON Web Tokens - expiring and persistent refresh tokens
Social logins
Email account confirmation/password reset
Admin dashboard
Strict JSON Schema, ACL, Socket.io, IDS, audit logging and more

It is split into three repositories:

Express API server (MEANr-api)
AngularJS Web App (MEANr-ng)
Ionic Mobile App (MEANr-ion)