Dr. Shahidur Rahman Khan's Professional Platform
Team project (2 developers) — I built the multi-channel notification system and parts of the unified backend for a practicing orthopedic surgeon.

Overview
Dr. Shahidur's Platform is a real client deliverable built by a team of 2 developers for Dr. Md. Shahidur Rahman Khan, an Associate Professor of Orthopedic & Trauma Surgery at the National Institute of Traumatology and Orthopaedic Rehabilitation (NITOR) in Dhaka. The system powers his professional online presence with a public-facing Next.js website and an admin dashboard.
My contributions focused on the multi-channel notification system — when a visitor submits the contact form or books an appointment, the doctor is notified via Email (Nodemailer/Brevo), WhatsApp (whatsapp-web.js → his phone), and Telegram (node-telegram-bot-api → contact channel). I also implemented magic-link authentication (one-click login), forgot-password via OTP + magic-link email, and the decoupled file upload strategy where the frontend pre-uploads to /api/v1/upload and attaches {url, fileId} as JSON to keep entity payloads strictly JSON.
The backend uses a single unified API to feed two frontends (public site + admin dashboard), following a strict MVC architecture. The public frontend uses Next.js 16 with a desktop-only three.js 3D hero (skipped on mobile for performance), Biome for linting/formatting, and React Compiler (babel-plugin-react-compiler) for bleeding-edge React 19 optimization.
Highlights
- 01Team project — 2 developers. I owned the multi-channel notification system (Email via Nodemailer/Brevo, WhatsApp via whatsapp-web.js, Telegram via node-telegram-bot-api).
- 02Implemented magic-link authentication (one-click login), OTP-based forgot-password flow, and the decoupled file upload strategy ({url, fileId} attach pattern keeps entity endpoints strictly JSON).
- 03Backend serves 2 frontends from a single API (Next.js public site + Vite admin dashboard) with strict CORS whitelist per origin and Redis JTI blacklist for refresh-token invalidation.
- 04Real client deliverable for Dr. Md. Shahidur Rahman Khan, Associate Professor at NITOR, Dhaka — production-deployed with 6 custom email templates and activity-log middleware on every protected route.
Key Features
- Multi-frontend architecture: single API serves public Next.js site + Vite/React admin dashboard
- Multi-channel notifications: Email (Nodemailer/Brevo), WhatsApp (whatsapp-web.js), Telegram (node-telegram-bot-api)
- Magic-link authentication (one-click login via email)
- Forgot password via OTP + magic-link email
- Appointment booking with reCAPTCHA v3 + chart data (daily/monthly/all-time)
- Articles with TipTap HTML content, categories CRUD, slug-based routing
- Research publications with PDF upload or DOI link
- Testimonials with video support (Cloudinary)
- Universal search across articles, research, and testimonials
- Decoupled file upload strategy — pre-upload to /api/v1/upload returns {url, fileId}
- Activity log middleware on every protected route
- Redis JTI blacklist for refresh token invalidation on logout
- Light/dark/system theme with persisted preference
- Desktop-only three.js 3D hero (mobile skips for performance)
- Cookie consent + analytics tracking
- 6 custom email templates (otp, magic-login, moderator-invite, appointment-confirmation, contact-confirmation, password-changed)
Challenges Faced
Future Improvements & Plans
- Migrate from nodemon/ts-node-dev to Bun for parity with newer projects.
- Add a public-facing admin dashboard route with React Admin instead of the separate Vite app.
- Replace whatsapp-web.js with the official WhatsApp Business API for production reliability.
- Add real-time appointment status updates via Socket.io (dependency already present but not fully wired).
- Implement multi-language support (Bangla + English) using i18next.
- Add a patient portal with secure medical record access.
Interested in this project?
Check out the code, try the live demo, or get in touch to discuss similar work.