Stack: Next.js hosted on AWS
SITUATION
An independent artist platform needed a secure SaaS application for uploading, managing, and distributing audio content to fans and business collaborators. The client’s vision was to allow full-length track distribution to verified users while offering public previews to unregistered listeners — all without risking unauthorized access or scraping.
TASK
I led platform architecture, DevOps, and security strategy, while providing independent contribution as a full stack developer built using Next.js (React). My core responsibility was to design a media delivery system that enforced access controls based on user roles and subscription level while protecting artist-uploaded content from leakage, piracy, or direct-link abuse.
ACTION
- Designed and implemented a role-based access control (RBAC) system across artist, business, and fan user types
- Built a token-based gating system for full track streaming and downloads, with expiring URLs tied to active sessions
- Developed backend media playback rules to prevent scraping or replay of audio files through direct URLs
- Hardened the system against enumeration attacks, improper role escalation, and unauthorized asset exposure
RESULT
The platform launched with scalable audio delivery, secure gated access, and zero incidents of unauthorized file exposure. Artists were able to confidently share high-quality versions of their work with verified partners, while the general public accessed limited previews — maintaining content protection without compromising user experience.