I help B2B SaaS startups rescue a backend that's slowing them down — using .NET Core and Azure — so the team keeps shipping without breaking everything.

The problem

Philippine overtime is among the most combinatorially complex in Southeast Asian labor law. DOLE RA 6727 defines distinct multipliers that stack — regular overtime, rest-day work, special non-working holidays, regular holidays, and night differential can all apply simultaneously. In most payroll codebases this logic ends up diffused across service classes and controllers, tightly coupled to HTTP routing and database calls. When DOLE issues an amendment, engineers must trace changes across layers under deadline pressure during a payroll run — resulting in mis-computed wages, compliance exposure, and eroded trust from HR teams.

The approach

Designed spec-first using the BMAD methodology — all domain rules and use cases were committed to written artifacts before any code was written. Structured as four strictly-layered projects: Domain (RA 6727 overtime rules, zero external dependencies), Application (CQRS commands & queries via MediatR), Infrastructure (EF Core + PostgreSQL 16, RSA JWT), and API (thin ASP.NET Core transport). JWT authentication uses asymmetric RSA key pairs mountable via Docker volumes. Three dedicated test projects mirror the architecture tiers: Domain, Application (in-memory fakes), and Integration (live database).

The outcome

A labor law amendment now has a bounded, auditable change surface: overtime multipliers live exclusively in the Domain project, making them findable, testable, and independently deployable. The three-tier test suite lets engineers confirm a rule change is correct at the domain level before it reaches a running database.

The problem

Real-time social apps usually gate every feature behind account creation, adding friction before a user sees any value. They also tend to require a bespoke WebSocket backend to handle live presence, private messaging, and randomized matching — a lot of stateful server infrastructure to build, secure, and operate before the first message is ever sent.

The approach

Built on Next.js (App Router) with Supabase as the entire backend, so there is no custom server to run. Anonymous auth powers a zero-signup onboarding flow — pick a username, gender, age, and location and start chatting immediately, with an optional email login to return later. Postgres Row-Level Security enforces who can read each conversation, Supabase Realtime drives live presence and 1-on-1 direct messages, and a SQL matching function pairs waiting users for an Omegle-style random match filtered by gender, age range, and location.

The outcome

A fully real-time social app — live presence, private DMs, and filtered random matching — running entirely on managed Postgres, Realtime, and Auth with zero custom backend code, deployed to Vercel over HTTPS. The whole experience is reachable without ever creating an account.

The problem

Turning a feeling into the right playlist is slow and breaks the moment. You have to translate a vague mood into search terms, dig through tracks one at a time, and manually assemble a playlist — by the time it's built, the feeling that prompted it has passed.

The approach

Built on Next.js 14 (App Router): the user describes a mood in one sentence and picks a language (Mixed / English / OPM), then Google Gemini curates 8–10 songs and writes a cinematic narrative about the set. A real playlist is created in the user's own Spotify account via the Authorization Code flow, with the token exchange handled server-side so the client secret never reaches the browser. Every credential is read from environment variables — nothing is hardcoded.

The outcome

One sentence in, a real saved Spotify playlist out — paired with an AI-written narrative — in a single flow, with OAuth handled securely server-side. Deployed on Vercel.