Ashish Raj
Android & Backend Engineer
I build production-safe mobile systems with deterministic backend architecture. Kotlin · MERN · Supabase · PostgreSQL · Clean Architecture.
Technical Snapshot
Engineering with production intent
I'm an Android and backend engineer who treats every project like it will run in production unsupervised. My work centers on clean architecture, strict separation of concerns, and deterministic data flow. I apply dependency injection, repository pattern, and lifecycle-safe patterns because they prevent the failures I've designed against — not because they're buzzwords.
On the Android side, I built FieldTrack — a complete workforce tracking system with Kotlin, Supabase, and PostgreSQL featuring RLS enforcement, cancellation-proof sync, and coordinated two-phase checkout. On the web side, I've built full-stack applications with the MERN stack including authenticated e-commerce platforms with payment integration, role-based access, and RESTful API architecture.
Architecture-First Engineer
Every project starts with Clean Architecture, SOLID principles, and repository pattern. Decisions are evaluated against production failure modes before writing code.
B.Tech in Computer Science
Strong CS fundamentals — data structures, OOP, database design, and system design thinking. Applied in shipped, production-style projects.
Full-Stack Ownership
Comfortable across the stack: Android with lifecycle-aware components, MERN-based web apps, API error handling, production debugging, and data integrity enforcement.
Based in India
Available for immediate joining. Open to on-site, hybrid, and remote roles across India.
FieldTrack
Workforce Tracking & Attendance System
Role: Sole Developer · Stack: Kotlin, MVVM, Supabase, PostgreSQL, Room, RLS
View on GitHubProblem
Field workforce management demands real-time location awareness, tamper-proof attendance records, and zero data loss — all running on unreliable mobile networks where the app lifecycle is unpredictable and users operate across multiple roles.
Constraints
- Solo developer — no team to catch integration issues
- Unreliable mobile networks — sync must tolerate intermittent connectivity
- Multi-role access — admin and employee share the same APK
- Android lifecycle — background work can be killed at any time
Technical Challenges
- Preventing data loss when Android kills the process during sync
- Eliminating auth race conditions when tokens expire mid-checkout
- Enforcing data isolation across roles without building two separate apps
- Designing idempotent sync that is safe to retry indefinitely
Engineering Metrics
100–200
Field users supported
2,000+
GPS writes/day capacity
5-layer
Sync safety net
0
Data loss incidents by design
Solution Architecture
Android Client (Kotlin + MVVM)
- Single APK serving Admin + Employee via role-based access control
- Clean Architecture with strict separation of UI, domain, and data layers
- Repository pattern for all data operations with dependency injection
- Lifecycle-aware components preventing memory leaks and state corruption
- Foreground service for continuous GPS collection at 30-second intervals
Supabase Backend
- Email authentication abstracted through managed profiles table
- SECURITY DEFINER RPCs enforcing session state transitions server-side
- Typed SQLSTATE error codes for deterministic client-side error handling
- Server as single source of truth — no client-side session mutations
Row Level Security (RLS)
- Per-user data isolation enforced at the PostgreSQL policy layer
- Admin operations scoped through role-based policy checks
- No client-side trust — every read and write is RLS-gated
- Policies on attendance_sessions, locations, and profiles tables
Deterministic Sync Architecture
- GPS points batched in Room DB, synced to Supabase in controlled intervals
- Idempotent sync mechanism — duplicate writes are eliminated server-side
- SupervisorJob scope survives ViewModel destruction and activity recreation
- 5-layer safety net: lifecycle isolation → auth validation → dedup → retry → final-sync
Architecture Diagram
Client → Room DB → Batch Sync → Supabase → PostgreSQL (RLS)
Checkout Hardening
The checkout flow is the most critical path. If it fails silently, location data is lost and sessions become inconsistent.
SupervisorJob decouples sync from ViewModel. Activity destruction cannot interrupt checkout. How was this achieved? By isolating the sync scope from Android's component lifecycle entirely.
Auth token is validated pre-sync. On expiry, a locked refresh is attempted. If refresh fails, checkout halts with a recoverable error — data is never silently dropped.
Each location batch carries deterministic identifiers. The server deduplicates on insert. Result: idempotent sync that can be retried safely any number of times.
Two-phase checkout: final sync must complete before session-close RPC fires. If sync fails, session stays open. No partial closures. No data loss.
Key Engineering Decisions
Server as single source of truth
Client state is treated as a cache. All session and attendance state is resolved server-side, preventing split-brain issues.
Immutable attendance sessions
Once closed, a session cannot be mutated by any role. This guarantees audit-safe records and prevents retroactive tampering.
SECURITY DEFINER RPC usage
check_in, check_out, and get_open_session execute with elevated privileges, ensuring clients cannot bypass session integrity constraints.
Strict RLS enforcement
Every table query is gated by Row Level Security policies. No client — admin or employee — can access data outside their authorized scope.
Cancellation-proof sync scope
SupervisorJob isolates sync coroutines from ViewModel lifecycle. Activity destruction or process death cannot cancel an in-flight sync.
TokenAuthenticator locking
Concurrent token refresh requests are serialized. Prevents auth race conditions during parallel API calls after token expiry.
Security Decisions
- SecureLoggingInterceptor strips all sensitive fields — headers, tokens, request bodies — even in debug builds.
- No direct queries to auth.users. All user data flows through a managed profiles table with RLS.
- SECURITY DEFINER functions prevent clients from manipulating session state outside defined RPCs.
- Immutable sessions: once closed, no mutation is permitted by any role at any access level.
- Admin force-checkout is auditable — actor, action, and timestamp are persisted for compliance.
Database Structure
attendance_sessions
- id (UUID, PK)
- user_id (FK → profiles)
- check_in_time
- check_out_time
- status (open | closed)
- closed_by (self | admin)
locations
- id (UUID, PK)
- user_id (FK → profiles)
- latitude, longitude
- accuracy
- recorded_at
- synced_at
- session_id (planned FK)
profiles (users)
- id (UUID, PK)
- auth_user_id (FK → auth.users)
- full_name
- role (admin | employee)
- created_at
App Screenshots
Employee Check-in
Live Location Tracking
Admin Dashboard
Impact
- Architected a system capable of scaling to 100–200 field users with zero architectural changes
- Eliminated auth race conditions during checkout through TokenAuthenticator locking
- Reduced potential duplicate writes to zero via idempotent sync with server-side deduplication
- Built audit-safe attendance records — immutable, timestamped, role-attributed
- Demonstrated enterprise-grade thinking in a solo-built project — architecture, security, reliability
Lessons Learned
Background sync is an architectural discipline, not a feature. Without lifecycle isolation and cancellation safety, data loss is inevitable.
RLS is the last line of defense. Client-side checks are convenience; server-side policies are the requirement.
Idempotency isn't optional for sync systems. Without it, every retry is a potential data corruption vector.
Production code must assume failure at every boundary — network, auth, lifecycle, and user behavior.
Other Work
Full-stack projects demonstrating end-to-end ownership and clean architectural thinking.
MERN-Pay
Full-Stack E-Commerce Platform with Payment Integration
Role: Full-Stack Developer · Stack: MongoDB, Express, React, Node.js
Problem & System Design
Handcrafted-product sellers needed a structured marketplace with buyer/admin role separation, secure payment processing, and order lifecycle tracking — built as a complete MERN application with modular backend architecture.
Core Features
- User authentication with Buyer/Admin role separation
- Product listing CRUD with cart management
- Payment gateway integration with order placement
- Order status tracking and lifecycle management
Backend Architecture
- Normalized MongoDB schema with referential integrity
- RESTful API design with versioned endpoints
- Modular architecture: routes → controllers → services
- Role-based access enforcement and payment verification
Impact
- Designed schema supporting 1,000+ product records
- Structured backend for horizontal feature scalability
- Optimized queries via efficient data modeling
Technical Arsenal
Every skill listed here is backed by code I've written and systems I've shipped. No padding.
Mobile Development
Backend & Systems
Databases
Security
Architecture & Patterns
Languages
Why Hire Me
Built production-style systems independently — architecture, backend, Android, security — end to end.
Strong Android + backend integration capability with real sync, auth, and data integrity experience.
Comfortable debugging lifecycle issues, concurrency bugs, and API failures under production constraints.
Focused on reliability and data integrity — every decision is evaluated against failure modes.
Thinks in systems, not just UI features. Comfortable owning the full feature lifecycle from problem to deployment.
Currently Seeking
Android Developer roles
Backend Developer roles
Full-Stack Developer roles
Product-based companies
Early-stage startups & SaaS
Open to relocation or remote
Engineering Timeline
From learning fundamentals to building production-grade systems — a progression driven by curiosity and engineering discipline.
Production-Grade Engineering
Built FieldTrack — an enterprise workforce tracking system with deterministic sync, RLS enforcement, coordinated checkout, and production-safe auth handling. Designed for zero-trust multi-user environments.
Full-Stack Deepening
Developed full-stack applications combining React frontends with structured backend APIs. Focused on authentication patterns, database schema design, and clean separation of concerns across the stack.
Android & Architecture Focus
Shifted from writing features to designing systems. Adopted MVVM rigorously, learned lifecycle-safe patterns, background processing, and foreground services for location-aware applications.
Foundation & Exploration
Started with core computer science — data structures, algorithms, and OOP. Built foundational projects in Java and Python, exploring web development and database design fundamentals.
Currently Exploring
Building depth doesn't stop at shipping. These are the areas I'm actively investing in.
- Advanced System Design — service decomposition, load balancing, and message queue patterns
- Distributed Systems Fundamentals — consistency models, CAP tradeoffs, and fault tolerance
- Backend Scalability Patterns — horizontal scaling, connection pooling, and rate limiting
- Database Optimization — indexing strategies, query profiling, and partitioning
- Performance Profiling — latency analysis, memory optimization, and bottleneck identification
Let's Connect
Interested in collaboration, have a role to discuss, or want to talk architecture? Reach out.