Skip to content
View M3ssaf900's full-sized avatar
πŸ’­
First, solve the problem. Then, write the code
πŸ’­
First, solve the problem. Then, write the code
1 follower · 8 following
  • Riyadh

Highlights

  • Pro

Block or report M3ssaf900

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
M3ssaf900/README.md

Mohammad Khaled Assaf

Senior Software Developer Β· Full-Stack Architect Β· Integration Engineer

Enterprise Systems Β· Multi-Tenant SaaS Platforms Β· Cross-Platform Apps Β· Clean Architecture Β· GS1 & Supply-Chain Integration





πŸ§‘β€πŸ’» About

I design and build enterprise-grade, multi-tenant platforms β€” from backend APIs and business logic layers down to cross-platform native & web clients β€” with a strong emphasis on scalability, security, and long-term maintainability.

My work spans complex, regulated domains β€” from pharmaceutical supply-chain compliance (GS1 EPCIS track-and-trace, government API integration) to emergency management platforms, IoT device orchestration, and multi-tenant SaaS products.

I focus on solving real infrastructure problems:

  • End-to-end platform delivery β€” backend APIs, admin portals, and cross-platform mobile/desktop/web clients from a single codebase
  • Multi-tenant isolation β€” database-per-tenant architectures with subdomain routing, automatic provisioning, quota enforcement, and subscription lifecycle management
  • Security-first design β€” JWT + refresh token flows with auto-renewal, biometric authentication, SHA-256 certificate pinning, and granular role-permission matrices
  • Compliance & integration β€” standards-compliant GS1 EPCIS XML generation, OAuth2-secured third-party API integration, and full audit trails
  • Production reliability β€” offline-first resilience with queued operations, health check endpoints, structured logging with correlation IDs, and feature flags for zero-downtime rollouts

βš™οΈ Tech Stack

πŸ”§ Backend C# 13 Β· .NET 10 Β· ASP.NET Core Β· REST APIs Β· SOAP Β· SignalR Β· MediatR (CQRS) Β· Windows Services
πŸ–₯️ Frontend & Cross-Platform Blazor Server Β· Blazor Hybrid Β· .NET MAUI Β· Razor Components Β· JavaScript Β· HTML/CSS Β· Bootstrap
πŸ—„οΈ Databases & ORM SQL Server Β· PostgreSQL Β· EF Core 10 Β· Dapper Β· Database-per-Tenant
πŸ” Security & Identity Duende IdentityServer Β· JWT Bearer + Refresh Tokens Β· Biometric Auth Β· Certificate Pinning Β· Role & Permission-Based Access
πŸš€ DevOps & Infra Docker Β· Docker Compose Β· CI/CD Pipelines Β· Git Β· IIS Β· Serilog Β· Health Checks
πŸ”— Integration GS1 EPCIS XML Β· Track-and-Trace APIs Β· REST Β· SOAP Β· Firebase Cloud Messaging Β· Government & Enterprise APIs
πŸ›‘οΈ Resilience Polly (Retry, Timeout, Circuit Breaker) Β· Offline Queue Β· Auto-Drain Β· Feature Flags

πŸ”§ Key Expertise

Domain Description
System Architecture Designing scalable, maintainable systems using Clean Architecture, DDD, and layered patterns
Multi-Tenant SaaS Database-per-tenant isolation, subdomain-based routing, quota enforcement, and automatic tenant provisioning
Cross-Platform Development Single-codebase apps shipping to Android, iOS, macOS, Windows, and Web via .NET MAUI Blazor Hybrid
Enterprise Integration Building integration layers for GS1 EPCIS, track-and-trace APIs, REST, SOAP, and custom government protocols
Security Engineering JWT + refresh token flows, biometric auth, certificate pinning, granular permission systems (12 Γ— 8 matrix)
Real-Time Systems SignalR hubs, push notifications (FCM/APNs), deep linking, and live connectivity indicators
Emergency & Crisis Systems Siren networks, IoT device orchestration, and real-time alerting platforms
API Design Structured, versioned, well-documented REST APIs with Swagger/OpenAPI

πŸ—οΈ Architecture & Engineering Principles

βœ” Clean Layered Architecture with strict top-down dependency flow
βœ” Domain-Driven Design (DDD) β€” bounded contexts, aggregate roots, value objects
βœ” Modular Monoliths & Microservices β€” chosen by context, not trend
βœ” Database-per-Tenant isolation with automatic provisioning & migration
βœ” Cross-Platform shared codebase β€” one Razor Class Library, every platform
βœ” Centralized DI with composable registration (AddCore β†’ AddUI β†’ AddWeb)
βœ” Repository pattern β€” EF Core (type-safe) + Dapper (high-performance) hybrid
βœ” Integration patterns: adapters, anti-corruption layers, GS1 EPCIS XML builders
βœ” Resilience-first: Polly retry/timeout/circuit-breaker, offline queues, auto-reconnect
βœ” Entity inheritance chains with auditable base classes & soft-delete filters
βœ” CI/CD automation with Docker Compose & predictable deployments
βœ” Structured logging (Serilog) with dual sinks, correlation IDs & rolling retention
βœ” Health check endpoints (liveness + readiness) for production observability
βœ” Data seeding pipelines β€” roles, permissions, admin users, service features

πŸ† What I Build

🏭 Enterprise Multi-Tenant Backend Platforms

Comprehensive backend systems with GS1 EPCIS compliance and third-party track-and-trace integration, built for regulated supply chains.

Architecture & Data

  • Clean layered architecture β€” Presentation (API + Admin Portal) β†’ Business Logic β†’ Data Access, with strict top-down dependency
  • Dual presentation layer β€” REST API with JWT Bearer auth + MVC Admin Portal with cookie auth, each with independent middleware pipelines
  • EF Core dual contexts β€” Master database (13 DbSets: tenants, subscriptions, permissions, templates…) and per-Tenant database (7 DbSets + Identity: operations, requests, message tracking…)
  • Dapper integration β€” High-performance raw SQL queries alongside EF Core for reporting and analytics
  • Repository pattern β€” Generic IGenericRepository<T> with specialized implementations per context (Master, Tenant, Dapper)
  • Entity inheritance chain β€” IAUDITABLE β†’ AUDITABLE β†’ BASE β†’ Domain Entity with auto-timestamping, soft deletes, and global query filters
  • MediatR (CQRS) β€” Command/query separation for clean business logic orchestration

Multi-Tenancy & Operations

  • Database-per-tenant isolation β€” Subdomain-based tenant resolution, automatic DB provisioning, and cross-tenant EF Core migration runner
  • Quota enforcement β€” Per-tenant API usage tracking, remaining quota decrement on every operation, subscription lifecycle with renewal & history audit trail
  • Warehouse operations β€” Receiving, Packing, Shipping, Unpacking, Dispensing (SSCC & SGTIN) β€” each generating standards-compliant GS1 EPCIS XML documents
  • GS1 XML builder β€” ObjectEvent (OBSERVE), AggregationEvent (ADD/DELETE) generation with EPC URI, SGLN URN, and SSCC URN conversion utilities
  • Third-party integration β€” OAuth2-secured track-and-trace API calls with message status tracking and full audit logging
  • Permission system β€” 12 permission categories Γ— 8 actions, seeded at startup, with role-claim management and role-to-service feature mapping

Security & Identity

  • Duende IdentityServer β€” OAuth2 / OIDC with in-memory clients, scopes, and API resources
  • JWT Bearer auth (API) β€” Symmetric key signing, zero clock skew, event logging
  • Cookie auth (Admin Portal) β€” 30-min sliding expiration, HttpOnly, SameSite
  • Refresh token store β€” Persisted tokens with expiry, revocation, and token-chain tracking (ReplacedByToken)
  • ASP.NET Core Identity β€” Custom ApplicationUser (FullName, Phone, IsDeleted) and ApplicationRole with role claims
  • Shared identity config β€” Reusable extension methods for Identity, IdentityServer, JWT, and cookie setup across projects

Infrastructure & Observability

  • Serilog β€” Dual file sinks: error logs (14-day retention) + application logs (30-day retention), rolling daily with 10 MB size limit
  • Health checks β€” /health/live (liveness) and /health/ready (readiness) endpoints
  • Data seeding β€” Startup seeders for default roles (SuperAdmin, Admin, User), admin user, 12 permission categories, 8 actions per category, and 4 core service features
  • Swagger / OpenAPI β€” Versioned API documentation with configurable route prefix
  • Docker & Docker Compose β€” Containerized deployment with environment-based configuration
  • SignalR WebSocket hub β€” Real-time in-app notification delivery
  • Firebase Cloud Messaging β€” Background push via FCM (Android) / APNs (iOS) with device registration
  • Stack: .NET 10 Β· C# 13 Β· SQL Server 2019+ Β· EF Core 10 Β· Dapper Β· Duende IS Β· Docker

πŸ“± Cross-Platform Enterprise Clients

One Codebase. Every Platform. A single shared Blazor UI shipping to Android, iOS, macOS, Windows, and the Web β€” powered by .NET MAUI Blazor Hybrid and Blazor Server Interactive SSR.

Architecture & Shared Codebase

  • 4-project solution β€” Shared (class library: services, DTOs, core logic, DI), UI (Razor Class Library: pages, components, layouts), Maui (native host), Web (Blazor Server host)
  • Centralized DI β€” Three composable extension methods: AddCore() registers HTTP clients, business services, feature flags, and validators; AddUI() adds auth state & sound; AddWeb() auto-registers web/no-op implementations for all platform services
  • Zero duplication β€” Every Blazor page, component, and layout lives in the shared Razor Class Library, referenced by both MAUI and Web hosts
  • Platform abstraction β€” Interfaces for secure storage, biometrics, logging, crash reporting, offline queue, deep links, push notifications β€” each with native (MAUI) and no-op (web) implementations
  • i18n β€” Arabic / English localization with persisted language preference
  • Virtualized rendering β€” Virtualize<T> for smooth scrolling on large data collections

Security & Authentication

  • JWT + refresh tokens β€” Auto-refresh with 30-second monitoring timer, triggers renewal 5 minutes before expiry
  • Biometric auth β€” Fingerprint / Face ID via platform APIs, with audit logging and configurable fallback PIN
  • Secure storage β€” iOS Keychain Β· Android Keystore Β· Windows DPAPI β€” abstracted behind ISecureStorageService
  • Certificate pinning β€” SHA-256 thumbprint validation against pinned set, with rotation support (add new pin β†’ deploy β†’ rotate cert β†’ remove old pin)
  • Inactivity lock β€” Configurable idle timeout triggers biometric re-verification
  • Session management β€” Singleton session with token persistence, session restore on app relaunch, and POST /revoke on logout

Resilience & Offline

  • HTTP resilience β€” Polly pipelines with 3 retries, exponential backoff, and 30-second timeout
  • Offline queue β€” File-persisted JSON request queue in app data directory, monitors device connectivity via platform APIs
  • Auto-drain β€” Automatically replays all queued requests when connectivity is restored
  • Connectivity UI β€” Real-time offline banner + pending request count badge + manual "Sync Now" button
  • IHttpClientFactory β€” Named HTTP client with certificate pinning handler and resilience pipeline
  • Deep linking β€” Custom URI scheme registered on Android (intent filter) and iOS (CFBundleURLSchemes), with sub-path and query string preservation

Observability & Features

  • Structured logging β€” Property bags with AsyncLocal correlation IDs, rolling file logger (MAUI) / ASP.NET Core ILogger wrapper (web)
  • Crash reporting β€” File-persisted crash reports (MAUI) / in-memory (web) via ICrashReportingService
  • Startup health validator β€” Boot-time diagnostics: API URL check, demo mode detection, local environment warning, auth status verification
  • Feature flags β€” 8 runtime toggles (offline queue, deep linking, biometrics, crash reporting, structured logging, push notifications, certificate pinning, demo mode) β€” no redeployment required
  • Push notifications β€” FCM (Android) / APNs (iOS) with server registration + local notification tray
  • SignalR real-time β€” Hub connection with auto-reconnect and long-polling fallback
  • Demo mode β€” Full simulated data for every operation, no backend required
  • Stack: .NET 10 Β· MAUI Β· Blazor Β· SignalR Β· Polly Β· ApexCharts

🎯 Current Focus

  • πŸ—οΈ Building cross-platform enterprise apps with a single .NET codebase across mobile, desktop & web
  • πŸ”„ Scaling multi-tenant SaaS platforms with database-per-tenant isolation
  • πŸ”’ Hardening security architectures β€” biometrics, certificate pinning, and granular permissions
  • 🧩 Refining system design patterns for integration-heavy, compliance-driven architectures
  • πŸ›‘οΈ Engineering offline-first resilience with queued operations and auto-synchronization
  • πŸ“‘ Improving observability and reliability with structured logging, health checks, and feature flags

πŸ“Š GitHub Activity


🀝 Open For

  • πŸ›οΈ Architecture & system design consulting
  • βš™οΈ Backend engineering, cross-platform development & integration projects
  • 🌍 Multi-tenant SaaS platform design & implementation
  • 🀝 Long-term collaboration on complex, high-impact enterprise systems

πŸ“§ mohammad.khaled.assaf@outlook.com Β Β Β·Β Β  πŸ”— LinkedIn

Built with clarity, not noise.

Popular repositories Loading

  1. Bakery Bakery Public

  2. job-website job-website Public

  3. personal personal Public

  4. Netflix Netflix Public

  5. foxpro foxpro Public

  6. resto resto Public