Skip to main content

DANIEL DOLATABADI

Senior Full-Stack Developer

available for hire

Code that ships. Architecture that scales.

type "help" to explore
SCROLL

ABOUT

MBA background meets engineering depth. I build systems that solve real business problems — not just working code. That means understanding the product goal before writing the first line, architecting for maintainability over cleverness, and shipping features that move metrics.

5+ years building production-grade full-stack applications with Node.js, React, Next.js, and TypeScript. Proven track record owning projects end-to-end — from backend API and database architecture through frontend delivery and production deployment. Security-conscious, having responded to critical CVEs in production.

Hands-on experience designing multi-provider AI/LLM integrations: provider abstraction layers, prompt engineering, memory-aware conversational systems, and structured output parsing. Also built complete auth systems, real-time SSE streaming, payment integrations, and a custom drag-and-drop CMS page builder.

Beyond integrating AI into existing stacks — also building systems designed from the ground up to be operated by AI agents. Zyberis is a production media platform where an autonomous agent owns the full editorial workflow: authoring posts, uploading images, enriching drafts, managing the publish lifecycle — all through a token-authenticated API with no database credentials ever exposed to the agent.

Available immediately for full-time remote or relocating positions.

0+
API Routes Built
0
MongoDB Models
0
CMS Section Types
0+
AI Models Supported
0%
Faster Load Times
46 → 0
PageSpeed Score

SKILLS

02
skills.json

Frontend

React.js (v18/v19)Next.js (v15/v16 + Turbopack)TypeScriptJavaScript (ES6+)HTML5CSS3

State Management

Redux ToolkitRedux PersistContext APIlocalStorage hydration

Rendering

SSRSSGISR

Styling & UI

Tailwind CSS (v3/v4)shadcn/uiCSS ModulesFramer MotionGSAPDark ModeRTL/LTR layouts

CMS / Page Builder

Custom drag-and-drop (@dnd-kit)37 section typesZod validationDynamic component registry

Real-time & Async

Server-Sent Events (SSE)Global connection registryPause/resume/cancel patternsnode-cron

AI/LLM Integration

Multi-provider abstraction (OpenRouter 200+ models)Google GeminiOllamaOpenAIAnthropic4-tier conversation memoryPrompt engineeringStructured JSON parsingCircuit breaker pattern

Web Automation

PlaywrightHeadless browser crawlingSEO data extraction

Forms & Validation

React Hook FormZodexpress-validator

UI Libraries

dnd-kitTipTapQuillRechartsSwiperReact DropzoneReact Hot ToastCrisp Chatwavesurfer.js

Auth & Security

JWT (access + refresh token rotation)jose (RS256 asymmetric signing)Google OAuthOTP verificationbcryptreCAPTCHA v3Device trackingRBACDOMPurify (XSS)

Backend

Node.jsTypeScriptExpress.js (v5)Next.js API routesMVC patternREST API (40-65+ endpoints)Rate limitingPaginationFull-text searchWebhooks

Database

MongoDBMongoose ODM (up to 44 models)Text indexesAggregation pipelinesTTL indexesCompound indexes

Payments

StripeSession checkoutWebhook automationTiered loyalty (6 tiers)Coupon system

File Uploads & Media

MulterSharpImage processingMedia library

Email

NodemailerReact Email templatesSMTP (Zoho, Gmail)Transactional emails

External APIs

Google Search Console APIGoogle PageSpeed Insights APIGoogle Drive APIGoogle Tag ManagerGoogle AnalyticsOpenRouter APIGoogle Gemini APIOllama API

SEO

Dynamic meta tagsXML sitemapschema.org (JSON-LD)Open GraphTwitter CardCanonical URLshreflang (multi-locale)

Data Export

ExcelJSPapaParse

Logging

WinstonDaily file rotation

Performance

Code splittingReact.lazySuspenseTurbopackBundle analysisMemory optimizationDatabase indexing

Testing

JestReact Testing Library

DevOps & Infrastructure

PM2NginxFail2BanAppArmorLet's Encrypt SSLUbuntu VPSCI/CDSecurity Incident Response

Containerization

DockerDocker ComposeMulti-container environments

Design Tools

Figma

Tools

GitAgile/ScrumCode ReviewTechnical Documentation

EXPERIENCE

03
May 2026

Freelance Full-Stack Developer

Robin / Freelance

  • Built a bilingual Next.js 16 App Router application with automatic RTL/LTR layout switching (Persian default, English), Jalaali calendar support, locale-aware routing, and self-hosted variable fonts (Urbanist + Peyda)
  • Implemented Framer Motion scroll-triggered animations — viewport-based FadeIn (direction, delay, reduced-motion support) and CountUp animated number counters with automatic Persian numeral conversion (۰–۹)
  • Built custom JWT authentication (HMAC-SHA256, no third-party library) with PBKDF2 password hashing (310,000 iterations + random salt), HttpOnly Secure SameSite=Strict cookies, 7-day session management, admin route protection via middleware proxy
  • Built TipTap v3 rich text editor with image, link, text-alignment, heading, list, and blockquote extensions; media picker modal; HTML sanitization via sanitize-html for safe rendering
  • Designed 8 MongoDB collections (articles, projects, contact_messages, team, categories, media, backups, backup_config) with Zod validation schemas across the full stack
  • Built admin CMS panel with full CRUD for articles, projects, team members, categories, and media library — file uploads (images, documents, videos) with UUID filenames, MIME validation, and MongoDB-tracked metadata
  • Implemented automated daily backups via node-cron (2 AM UTC) with manual backup/restore API endpoints
  • Applied strict security headers: Content Security Policy, HSTS (63-year max-age), X-Frame-Options=DENY, X-Content-Type-Options, Referrer-Policy, Permissions-Policy
  • Implemented Winston structured logging with dual output (file + console), daily rotation, 14-day retention, 20MB per-file cap
  • Production deployment: PM2 + Nginx + Cloudflare Full Strict SSL (Origin Certificate) on Ubuntu VPS
May 2026

Freelance Full-Stack Developer

Signal Before Noise / Freelance

  • Designed and shipped a production publishing platform from zero to deployment in 9 days, then iterated to v1.61 — adding an analytics dashboard, tiered backup/restore with Google Drive offsite sync, subscriber management, article series system, per-locale analytics, Umami self-hosted analytics, and a featured article hero system post-launch
  • Built multilingual Next.js 16 App Router application supporting 4 locales (Persian, English, Arabic, Turkish) with automatic RTL/LTR layout switching and per-locale hreflang alternate tags
  • Implemented custom JWT auth with RS256 asymmetric keys via jose — httpOnly Secure SameSite=Strict cookies, bcrypt (cost 12), rate-limited login (5 attempts / 15 minutes), credentials in environment variables (no user table)
  • Built TipTap v3 rich text editor with per-locale translation tabs, text alignment, table support (insert/edit contextual controls), image and link extensions; Notes (short-form content) alongside full articles
  • Designed 9 MongoDB models (Article, Note, Media, Subscriber, SitePage, BackupConfig, ViewLog, ViewSnapshot, Series) with nested per-locale translation slot schema; React.cache() for query deduplication
  • Built subscriber system with email signup, rate limiting (5 req/10 min per IP), duplicate email detection (409), HTML-tag stripping for XSS prevention, and a paginated dashboard with delete
  • Built article series system — Series Mongoose model (multilingual slug, per-locale title and description), per-article series membership with ordered part numbers (duplicate-order protection via 409 and atomic index), SeriesPanel public component with Framer Motion animated accordion and reduced-motion support, dashboard editor auto-fills next available part number on series selection
  • Built analytics dashboard — Recharts area and bar charts (30-day cumulative trend, 24h hourly breakdown in Tehran timezone), per-locale view tracking across all 4 locales with locale breakdown dashboard and locale-filtered chart views, top content ranking; layered bot suppression (client-side JS gate, User-Agent regex, atomic IP+slug+locale dedup via ViewLog TTL collection — race condition fixed with duplicate-key error pattern); integrated Umami self-hosted analytics for public pageviews (disabled for logged-in dashboard users via localStorage flag)
  • Implemented tiered backup and restore system with Google Drive offsite sync — mongodump + .tar.gz archives, three retention tiers (daily last 3 / weekly / monthly), app-internal cron via Next.js instrumentation.ts; Google Drive (OAuth2, auto-upload toggle, two-way sync with local/cloud/synced status badges, push/pull/Drive-delete per row); .backup.lock for concurrency prevention
  • Built media library handling images, audio, and PDFs — UUID filename generation, MIME-type + extension validation, 10MB limit; audio playback via wavesurfer.js waveform player
  • Built featured article hero system for editorial highlighting on the homepage
  • Full SEO stack: JSON-LD structured data, canonical URLs, XML sitemap (ISR-cached), Open Graph, hreflang alternate links, robots.txt
  • Implemented Winston structured logging with MongoDB transport (30-day TTL index)
  • Full production deployment: PM2 + Nginx + Cloudflare Full Strict SSL on Ubuntu VPS, hardened with UFW, Fail2ban (4 jails), auditd, rkhunter, kernel sysctl rules, and dedicated unprivileged app user
July 2024 - November 2025

Senior Full-Stack Developer

Ecom Edge Innovators LLC / Full-time

  • Designed custom drag-and-drop CMS page builder (37 section types, @dnd-kit, Zod validation, lazy-loaded editors)
  • Designed and maintained REST APIs (30-44 endpoints per project) covering authentication, product catalog, search, and business logic
  • Built complete auth systems: JWT refresh token rotation, Google OAuth, OTP, reCAPTCHA v3, device tracking, RBAC
  • Implemented Redux Toolkit multi-slice state (cart, auth, consent, config) with Redux Persist and localStorage hydration
  • Built real-time SSE streaming (global connection registry, pause/resume/cancel, heartbeat mechanism)
  • Designed 21-44 MongoDB models per project with text indexes, aggregation pipelines, TTL indexes, compound indexes
  • Integrated Stripe payments: session checkout, webhook-driven order status, tiered loyalty (6 tiers), coupon system
  • Managed PM2 + Nginx + Fail2Ban + AppArmor + Let's Encrypt SSL on Ubuntu VPS
  • Reduced page load times by 30% through code splitting, lazy loading, Turbopack migration, and caching
  • Responded to critical CVEs (CVE-2025-55182, CVE-2025-14847) - assessed exposure, patched production, implemented hardening
  • Wrote 20+ pages technical documentation per project covering API patterns, auth system, deployment, backup system
March 2020 - September 20244 years 7 months

Front-End Developer

Hybevo / Full-time

  • Improved Google PageSpeed score from 46 to 97 through systematic performance optimization
  • Built scalable UI component architecture emphasizing reusability and maintainability
  • Integrated REST APIs and implemented Context API for shared application state
  • Collaborated closely with designers and backend developers to implement features accurately
  • Enhanced cross-browser compatibility and responsive design across devices
December 2017 - March 20202 years 4 months

Computational Design Instructor (Grasshopper)

Pars University of Art and Architecture / Full-time

  • Taught Grasshopper (parametric/computational design) to architecture students
  • Developed curriculum for visual programming and algorithmic thinking in architectural design

AI / LLM INTEGRATION

05

Built a unified AI abstraction layer from scratch — one interface across 5 providers and 200+ models with automatic failover, persistent memory, and real-time streaming.

multi-provider abstraction
OpenRouter200+ modelsauto-fallback
Google Geminimultimodalhealth monitoring
Ollamalocal LLMszero API cost
OpenAIGPT seriesstructured output
AnthropicClaudereasoning tasks

4-tier memory

/ history

/ preferences

/ context

/ knowledge

reliability patterns

/ circuit breaker

/ rate limit fallback

/ health monitoring

/ per-model usage tracking

200+ AI models4-tier memorySSE streamingcircuit breakerstructured JSON outputmulti-format fallbackPlaywright web crawlingGoogle Search Console API

PROJECTS

04
// delivery timeline
[Jun 2025]Green Leaf Printing HouseLIVE
[Aug 2025]Athena TelecomLIVE
[May 2026]ZyberisLIVE
[May 2026]Signal Before NoiseLIVE
[May 2026]RobinLIVE
[ongoing]AI SEO & Marketing AssistantIN DEV
01
Next.js 16TypeScriptMongoDBnext-mdx-remoteFuse.jsjose (JWT)Framer Motion 12Cloudflare

Zyberis — AI-Operated Media Platform

Production media platform built around an autonomous AI agent (Hermes) that runs most editorial workflows — authoring posts, uploading images, enriching drafts, managing the publish lifecycle, and posting Telegram channel announcements — through a token-authenticated API with no database credentials exposed. Content lives in MongoDB (migrated from static export + separate content repo when Hermes required instant publish access). Five CLI wrappers, four-stage pipeline, AGENTS.md + HERMES.md, self-describing manifest endpoint, link injection API, orphan detection, and multi-signal related-article scoring make the system fully AI-operable.

// the hard part

Designing an API surface that lets an autonomous AI agent own the full editorial workflow — publishing, enriching, image uploads, backdating — without ever being handed database credentials or direct data access.

  • Autonomous AI agent (Hermes) runs editorial workflows end-to-end via token-authenticated API — no database credentials exposed
  • Self-describing manifest endpoint + link injection API + orphan detection + multi-signal related-article scoring (tag overlap, Fuse.js, category bonus)
  • Admin panel: media audit & cleanup tool (cross-references article image refs vs disk, bulk-delete orphans), redirect manager (MongoDB 301/302, 60s in-memory cache), link audit panel with auto-fix (HEAD-checks externals, slug Set lookup, nightly link_audit_cache)
  • Cookieless analytics: SHA-256 daily-rotating session fingerprint, sendBeacon engagement (scroll depth + dwell), live SSE snapshots every 5s, nightly rollup to events_daily_* with self-healing rollup_meta boundary, CF-IPCountry country tracking, search analytics, 404/outbound tracking, period comparison, Jalali calendar, isbot v5
  • Internal link graph (nightly link_graph_cache, orphan filter pill); IndexNow + Telegram photo-card on every go-live
  • Tiered backup/restore with AES-256-GCM Google Drive encryption (local plain, Drive encrypted), streaming NDJSON progress, restore version gate
  • GIF→MP4 via ffmpeg + AnimatedMedia MDX component; image lightbox (Framer Motion, body scroll-lock); dual shiki light/dark syntax themes
  • Full SEO: JSON-LD (BlogPosting, FAQPage, HowTo, BreadcrumbList, Organization), ISR sitemap with image extension, hreflang, Open Graph
  • Fuse.js search with Persian/Arabic letter normalization (ي→ی, ك→ک); RSS feed; Persian-first RTL, Vazir Matn variable font, dark/light theme
02
Next.js 15Node.jsTypeScriptMongoDBPlaywrightOpenRouterGeminiOllama

AI-Powered SEO & Marketing Assistant

Full-stack AI platform with 63 API routes, 18 MongoDB models, and 11 dashboard sections. Built multi-provider AI abstraction layer from scratch — unified interface across OpenRouter (200+ models), Google Gemini, Ollama, OpenAI, and Anthropic with auto-fallback, provider health monitoring, and 4-tier persistent conversation memory (history, preferences, context, knowledge).

// the hard part

Unifying 5 providers with incompatible APIs and different failure modes into one abstraction layer that auto-falls back across 200+ models — without the app ever knowing which provider actually responded.

  • Multi-provider AI abstraction (200+ models)
  • 4-tier conversation memory system
  • Real-time SSE web crawling with Playwright
  • Google Search Console API integration
  • Structured JSON parsing + circuit breaker
  • Winston logging with daily rotation
03
Next.js 16TypeScriptMongoDBRedux Toolkit@dnd-kitGoogle OAuth

Athena Telecom

Enterprise Next.js 16 application for satellite communications company (Dubai, UAE). Features custom drag-and-drop CMS (37 section types, @dnd-kit), Redux Toolkit multi-slice state, full blog engine with Quill, unified full-text search, quote cart system, JWT auth with refresh token rotation, Google Drive backup integration, and Google Tag Manager consent mode v2.

// the hard part

Keeping Redux state, optimistic UI updates, and MongoDB in sync across a CMS where any of 37 section types can be freely reordered and reconfigured — without state drift during complex nested operations.

  • Custom drag-and-drop CMS (37 sections)
  • Redux Toolkit multi-slice state
  • JWT auth + Google OAuth + OTP
  • Google Drive backup system
  • Full-text search across content
04
MongoDBExpress.js v5React 18Node.jsStripeRedux Toolkit

Green Leaf Printing House

Production e-commerce platform (MERN stack, monorepo) for Canadian printing company. Backend: Express.js v5 with 27 route files, 38 controllers, 44 MongoDB models. Features Stripe checkout with webhook-driven order automation, tiered loyalty program (6 tiers, spend-based calculation), Multer + Sharp file uploads, advanced popup manager with analytics, and XML sitemap with caching.

// the hard part

Making the tiered loyalty program consistent when Stripe webhooks, spend recalculation, and tier upgrades all write to the same record — a failed or out-of-order webhook can't silently corrupt a customer's status.

  • 44 MongoDB models with indexes
  • Stripe webhook-driven orders
  • Tiered loyalty program (6 tiers)
  • Multer + Sharp media handling
  • Recharts analytics dashboards
05
Next.js 16TypeScriptMongoDBTipTap v3Rechartsjose (RS256)wavesurfer.jsCloudflare

Signal Before Noise

Multilingual publishing platform built from zero to production in 9 days, then iterated to v1.61 post-launch. Persian-primary with optional English, Arabic, and Turkish translations per article. Single-document 4-locale content model in MongoDB, Next.js App Router [lang] routing with automatic RTL/LTR switching, TipTap v3 editor with per-locale tabs and table support, Recharts analytics dashboard with per-locale view tracking and layered bot suppression, tiered mongodump backup/restore with Google Drive offsite sync, subscriber management, article series system, Umami self-hosted analytics, featured article hero system, audio playback via wavesurfer.js, and RS256 asymmetric JWT auth behind Cloudflare Full Strict SSL.

// the hard part

Storing a 4-locale article atomically in a single MongoDB document so no locale can publish independently — and ensuring RTL/LTR direction switches correctly at both the layout and editor level per locale.

  • 4-locale content model in one MongoDB document (9 Mongoose models)
  • Article series system — Series model, ordered part numbers, animated SeriesPanel, dashboard auto-fill
  • Automatic RTL/LTR per locale with TipTap v3 editor per-locale tabs
  • RS256 asymmetric JWT auth via jose (no user table)
  • Recharts analytics: per-locale view tracking, locale breakdown dashboard, locale-filtered charts, layered bot suppression with duplicate-key error dedup
  • Umami self-hosted analytics for public pageviews (disabled for dashboard users via localStorage flag)
  • Tiered backup/restore with Google Drive offsite sync (OAuth2, two-way sync, local/cloud/synced status badges)
  • Featured article hero system for editorial highlighting
  • Subscriber system with rate limiting, dedup detection, and paginated dashboard
  • Audio articles with wavesurfer.js waveform playback
  • Cloudflare Full Strict SSL + hardened VPS (4 Fail2ban jails)
06
Next.js 16React 19TypeScriptMongoDBTipTap v3Framer Motion 12

Robin

Bilingual corporate website with full admin CMS panel built for a client — public-facing site in Persian and English with animated services showcase, and a complete content management backend.

// the hard part

Implementing correct RTL/LTR layout switching at the CSS level while keeping a shared component tree — and ensuring the TipTap editor itself respects per-locale direction without re-mounting.

  • Bilingual RTL/LTR layout switching (Persian default, English) + Jalaali calendar
  • CountUp animated counters with automatic Persian numeral conversion (۰–۹)
  • Custom JWT auth (HMAC-SHA256 + PBKDF2, 310k iterations) — no third-party library
  • TipTap v3 editor with media picker and sanitize-html XSS protection
  • 8 MongoDB collections with Zod-validated schemas across full stack
  • Admin CMS: CRUD for articles, projects, team, categories, and media library
  • Automated daily backups via node-cron + manual backup/restore API
  • Cloudflare Full Strict SSL + strict security headers (HSTS 63-year, CSP, X-Frame-Options=DENY)

CONTACT

05

Have a project in mind or want to discuss opportunities? Send me a message.