Senior Full Stack
Developer
20+ years building scalable web applications, e-commerce platforms, and HIPAA-compliant telehealth systems. I deliver production-ready systems end-to-end-from architecture and development through deployment and optimization.
skills - Technical skills
experience - Work history
projects - Featured work
contact - Get in touch
hire - Why hire me
clear - Clear terminal
secret - ???
Professional Summary
Jeff Hamlin · South Florida, USA
Senior Full Stack Developer with 20+ years building scalable web applications and e-commerce platforms. I specialize in PHP, Laravel 11, and Magento 2, with a recent focus on HIPAA-compliant telehealth and patient portal systems.
I have a strong track record of designing SaaS architecture, building secure API-driven workflows, optimizing performance, and delivering production systems end-to-end from concept through deployment. I'm known for building custom Magento modules and Laravel packages that automate workflows, integrate third-party systems, and improve performance and maintainability.
I independently design and build full production systems from the ground up.
Featured Projects
End-to-end systems I've designed and built from concept through production deployment.
Custom Telehealth E-Commerce Platform
Full-stack platform enabling both standard product sales and prescription medication fulfillment with HIPAA-compliant consultation workflows. Built from scratch with zero external JavaScript dependencies.
Telehealth SaaS
Multi-tenant telemedicine platform with containerized isolation, complete HIPAA compliance infrastructure, and automated tenant provisioning.
Medical Equipment Store
High-performance Magento 2 store with custom B2B workflows, automated dropshipper routing, and full FDA/ADA compliance for AED sales.
Profit and Loss Dashboard
Custom Magento admin module with order-level profitability tracking, real-time dashboards, and comprehensive reporting.
Dynamic Profit Margin System
Automated pricing engine that maintains profitability by calculating true costs and dynamically adjusting prices across the catalog.
Training School Platform
All-in-one training school management system for daily operations including class scheduling, online enrollment, and automated communications.
Why Work With Me
Full System Ownership
I independently design and build complete production systems from architecture through deployment. No hand-holding required - 400K+ products managed, $50M+ processed.
Performance Obsessed
I don't just build features - I optimize them. 95+ PageSpeed scores, 99.9% uptime, and sub-second load times are the standard, not the exception.
Security First
OWASP-aligned development practices, HIPAA compliance experience, and a track record of hardening production systems handling sensitive data.
Technical Leadership
20+ years of mentoring junior developers, leading projects end-to-end, making architectural decisions, and communicating with stakeholders at all levels.
Business Understanding
As a business owner myself, I understand ROI, margins, and operational efficiency. I build solutions that drive revenue, not just check boxes.
AI-Enhanced Development
Leveraging AI tools for faster development, code review, and intelligent automation. Staying current with modern development practices.
Skills & Technologies
Comprehensive full-stack capabilities across modern web technologies, with deep specialization in PHP ecosystems, healthcare, and e-commerce domains.
Languages & Core
Core programming languages for full-stack development, automation, and data processing.
Frameworks & Libraries
Modern frameworks for rapid, maintainable application development.
E-Commerce Platforms
Deep expertise in enterprise e-commerce systems and customization.
Databases & Caching
Database design, optimization, and high-performance caching strategies.
DevOps & Infrastructure
Infrastructure, deployment pipelines, and production environment management.
APIs & Integrations
Integration development for third-party services, payments, and AI.
Security & Compliance
Enterprise security practices and healthcare/medical compliance.
Testing & Quality
Testing frameworks and code quality assurance practices.
SEO & Analytics
Search optimization, performance monitoring, and business intelligence.
AI Systems & Integrations
Hands-on experience integrating AI APIs and building intelligent automation systems for real-world business applications.
🤖 AI Platforms & APIs
OpenAI / GPT API
Production API integrations for content generation, SEO optimization, and automated product descriptions at scale. Built Python tooling with progressive output and error handling.
Anthropic / Claude API
API integration for advanced reasoning tasks, code generation, document analysis, and complex workflow automation with conversation management.
AI Image Generation
Integration with image generation APIs for product imagery, marketing assets, and automated visual content creation.
⚡ Production AI Applications
SEO Content Generator
Custom Python application using GPT API to generate Magento-ready product descriptions. Processes supplier data, applies SEO best practices, outputs formatted CSV with progressive writes for reliability.
Intelligent Web Scraping
AI-enhanced scraping systems that extract, clean, and transform product data from supplier websites. Uses GPT for data normalization and content enhancement.
Email Parsing Automation
Automated systems that parse supplier emails, extract tracking numbers, match orders, and update fulfillment status in Magento without manual intervention.
Competitive Price Intelligence
Automated monitoring of competitor pricing with AI-assisted analysis for pricing strategy recommendations and margin optimization.
Graphic Design & Video Production
Beyond code, I bring visual design and multimedia production capabilities to every project.
Graphic Design
Creating visual assets, UI mockups, marketing materials, and brand elements with professional design tools.
Video Production
Full video production pipeline from editing to motion graphics and visual effects for marketing and product content.
Digital Assets
Creating and optimizing digital assets for web, social media, and e-commerce platforms.
Industries Served
Deep experience across regulated industries requiring compliance, security, and reliability.
Healthcare & Telehealth
HIPAA-compliant platforms, patient portals, provider dashboards, video consultations, and medical practice management.
Pharmacy & Medical Supply
FDA/ADA compliance, prescription workflows, controlled substance handling, and medical equipment sales (AEDs).
E-Commerce & Retail
B2B/B2C storefronts, marketplace integrations, inventory management, and multi-channel fulfillment.
Training & Education
Learning management systems, course scheduling, student portals, certification tracking, and instructor tools.
Automotive
Dealership websites, inventory systems, lead management, and customer portals.
Luxury & Specialty Retail
High-end product catalogs, custom ordering systems, and premium brand experiences.
Work Experience
A track record of delivering complex systems across healthcare, e-commerce, and enterprise applications.
Lead Full Stack Developer
Building a full production telehealth platform from zero to launch, end-to-end. Engagement scheduled to conclude upon production launch and handoff.
- Architected and developed a complete SaaS platform for providers, clinics, and patients-combining storefront, patient portal, and provider dashboard in one system
- Built real-time video and audio consultation capabilities with scheduling, reminders, secure messaging, and consultation workflows
- Developed flexible intake and onboarding system with dynamic forms, program enrollment, and automated patient routing
- Implemented role-based access for platform administrators, clinics, providers, staff, and patients with audit-ready activity logging
- Built billing and payments including subscriptions, one-time purchases, and platform fees with multi-party payment flows
- Created admin tools to manage tenants, users, programs, pricing, content, and operational workflows across multiple clients
- Designed secure API and webhook integrations to automate workflows and support future partner connections
- Achieved 95+ Google PageSpeed scores on both mobile and desktop
Senior Developer
Led the full Magento platform build for a medical equipment e-commerce operation with complex B2B and B2C requirements.
- Led installation, configuration, and setup of the Magento platform with solid foundation tailored to business requirements
- Designed and developed custom Magento modules and fully customized theme for industry-specific needs
- Customized B2B and B2C functionality including customer segmentation, pricing rules, and order management
- Optimized SQL database for high-performance querying with data integrity and security
- Integrated payment gateways, shipping carriers, and analytics tools
- Performance tuning through database optimization, caching (Redis, Varnish), and front-end improvements
- Implemented security best practices including patch management, vulnerability scans, and 2FA
- Ensured compliance with ADA and FDA regulations for AED sales
Senior Developer & Security Specialist
Hired to stabilize and rebuild a failing Magento e-commerce system. Built two interconnected platforms: MintRx (pharmacy storefront) and TruleeHealth (telehealth consultation platform for prescription products requiring MIF, voice, or video consultations).
- Designed and developed custom Magento theme and many custom modules for pharmacy and clinic operations
- Built TruleeHealth telehealth platform enabling doctor-to-patient consultations for prescription products via MIF forms, voice calls, and video appointments
- Integrated telehealth workflows connecting patient intake to e-commerce checkout with prescription verification
- Led full lifecycle web development from planning and architecture through deployment and maintenance
- Implemented third-party integrations for payments, shipping, analytics using APIs and extensions
- Improved site speed and reliability through performance tuning and database optimization
- Established security-first practices: patch management, vulnerability reviews, access controls, security audits
- Delivered technical SEO improvements including metadata, site structure, and content optimization
- Contributed to telehealth platform development prior to acquisition by Sedona Group
E-Commerce / Senior Developer
Built and operated an e-commerce business selling automated external defibrillators. Developed extensive custom Magento modules and automation systems.
- Built custom Magento 2 modules and themes to extend core functionality and improve admin workflows
- Developed Dropshipper Email Automation module for supplier-specific routing with CSV attachments
- Built Shipment Tracking Automation connecting to email inboxes, parsing tracking numbers, and updating Magento
- Developed Profit/Loss reporting tooling with admin grids, dashboards, and CSV/PDF exports
- Created pricing automation systems with sitemap-driven extraction, configurable product handling, and progressive loading
- Built Python-based GPT-assisted tooling for SEO-optimized product content generation at scale
- Implemented security hardening patterns for production environments
Senior E-Commerce Developer
Built and maintained Magento 2 and WooCommerce e-commerce platforms for B2B and B2C medical equipment sales with multi-language storefronts.
- Built Magento 2 storefronts with multi-language support for international B2B/B2C sales
- Developed WooCommerce platform with matching functionality for alternate sales channels
- Created custom B2B workflows: distributor portals, account-specific pricing, dropshipping
- Built customer/distributor account features: order tracking, fast reordering, expiration notifications
- Developed database-backed tracing and reporting for Florida AED sales compliance
- Built sales rep portal for events with promotional pricing and on-site ordering
- Created all-in-one training school platform: scheduling, enrollment, payments, communications
Senior Web Designer & Developer
Full-stack development for B2C e-commerce websites on OpenCart with responsive front-end experiences.
- Developed and maintained B2C e-commerce websites built on OpenCart
- Built responsive front-end experiences using HTML, CSS, JavaScript, Bootstrap, JSON, XML
- Designed and launched multiple websites for multi-company business across different brands
- Led projects from prototypes through production: requirements, UI design, development, testing, deployment
- Created prototype and production Progressive Web Applications (PWA)
Web Design & Development
Full lifecycle web development for B2B and B2C websites across automotive, equestrian, and luxury retail industries.
- Delivered full lifecycle web development for B2B and B2C websites
- Built and maintained e-commerce websites including setup, customization, and long-term maintenance
- Developed responsive, database-driven websites using HTML, CSS, JavaScript, ASP.NET, SQL
- Designed websites for automotive dealerships, equestrian services, and luxury retail brands
- Created marketing assets and site graphics for brand consistency
- Produced corporate videos and promotional content using Adobe Premiere Pro and After Effects
Custom Modules & Extensions
Production-ready custom modules I've built across various platforms to solve real business problems and automate complex workflows.
Custom Admin Dashboards
Built comprehensive admin dashboards with real-time analytics, KPI widgets, sales metrics, and interactive charts. Custom reporting interfaces for business intelligence and decision-making.
Custom Checkout Module
Modified checkout processes to handle specialized business requirements including custom validation, conditional shipping rules, special payment workflows, and prescription/compliance data collection.
API Customer Sync
Customer account module that syncs and reflects data from external systems through API integration. Real-time data population from third-party databases and ERP systems.
Dropshipper Automation
Supplier email routing with vendor mapping and CSV attachment support. Automatically routes order emails to supplier-specific recipients with order data.
Shipment Tracking
IMAP-driven tracking extraction and automated shipment updates. Parses tracking numbers from supplier emails and updates orders with carrier information.
Profit Margin & Dynamic Pricing
Profit management system calculating true profitability with payment fees, shipping costs, tax, and product cost. Auto-adjusts prices to maintain margins and alerts on low-profit items.
Competitive Price Scraper
Automated competitor price monitoring with sitemap-driven URL extraction, SKU matching, and progressive UI loading for large product catalogs.
Detailed Reports Suite
Profit and loss reporting with admin dashboards, chart widgets, and exports. Tracks order-level profitability and flags negative profit orders.
Security Suite
Endpoint protection, file scanning, and malicious upload prevention. Comprehensive security hardening toolkit for web applications.
GPT Content Generator
AI-powered tooling for SEO-optimized product descriptions. Batch processing with progressive CSV output for reliability at scale.
Architecture & Problem Solving
System design patterns and real-world problem-solving approaches from production systems.
🏗️ System Architecture Example
Dynamic Pricing & Profit Margin Management System
🧩 Problem-Solving Case Studies
Real challenges from production systems, demonstrating analytical thinking and practical solutions.
Multi-Tenant HIPAA-Compliant SaaS
Healthcare SaaS platform requiring complete data isolation between tenants, 7 different user types with separate authentication, and full HIPAA compliance with audit logging.
- Containerized single-tenant architecture with Docker for complete isolation
- 7 separate authentication guards (patient, provider, staff, tenant admin, platform admin, API)
- AES-256 encryption with configurable data retention policies
- Automated tenant provisioning deploying isolated instances in under 3 minutes
Production-ready platform supporting 100+ isolated tenants with full HIPAA compliance
Automated Profit Margin Management
Dropshipping business with 400K+ products losing money due to hidden costs: payment gateway fees, manufacturer shipping charges, tax variations, and fluctuating supplier costs.
- Multi-factor cost aggregation: gateway fees, shipping, tax, COGS
- Automated email/PDF parsing to extract supplier invoice costs
- Dynamic price adjustment to maintain target margin thresholds
- Auto-disable unprofitable SKUs with admin notifications
Eliminated hidden losses, real-time profitability visibility on every order
Multi-Supplier Order & Cost Automation
9+ dropship suppliers each with different email formats, PDF invoice structures, and tracking notification styles. Manual processing taking hours daily with frequent errors.
- IMAP integration with supplier-specific pattern matching
- PDF parsing engine for invoice line items and costs
- Carrier-specific regex for tracking number extraction
- Fuzzy matching algorithm for order-to-invoice correlation
Fully automated, 5-minute sync cycles, eliminated 3+ hours daily manual work
DTC Telehealth E-Commerce Platform
Building a Hims/Ro competitor requiring quiz-driven product recommendations, subscription billing, integrated medical consultations, and high-risk payment processing.
- Quiz engine with branching logic for personalized treatment recommendations
- Delayed payment capture - charge only after provider approval
- Stripe Connect for multi-merchant high-risk processing
- Achieved 95+ PageSpeed by eliminating Bootstrap dependencies
Production storefront with 75% smaller frontend payload, compliant checkout flow
Automated Competitive Price Monitoring
Need to monitor competitor pricing across multiple suppliers with 400K+ SKUs, handle rate limiting, detect site structure changes, and integrate with Magento pricing.
- Sitemap-driven URL discovery with product page detection
- Circuit breaker pattern with exponential backoff for resilience
- Hybrid GraphQL/DOM scraping with fallback strategies
- SKU matching using perceptual hashing and Jaro-Winkler similarity
Automated daily price intelligence with 95%+ SKU match rate
Geolocation-Based Seasonal Content
Ammunition retailer needed location-aware seasonal pages showing relevant hunting seasons, shooting events, and promotions based on customer's state/region with interactive US map.
- IP geolocation detection with state/region mapping
- Interactive SVG map with clickable state regions
- Dynamic content engine pulling seasonal events database
- Personalized landing pages based on detected location
Personalized shopping experience with location-relevant seasonal promotions
Academic Background
Bachelor's Degree in Computer Science
Associate's Degree in Computer Science
FAA VFR Private Pilot License (Helicopter)
FAA VFR Private Pilot License (Airplane)
What People Say
Feedback from colleagues and clients I've worked with.
Jeff built our entire telehealth e-commerce platform from scratch. His understanding of healthcare compliance and pharmacy workflows was impressive-he anticipated requirements we hadn't even considered yet. The system he delivered handles complex Rx checkout flows flawlessly.
Jeff transformed how we manage our product catalog and pricing. His profit margin automation system eliminated hours of manual spreadsheet work and gave us real-time visibility into our margins. He doesn't just build what you ask for-he builds what you actually need.
The telehealth platform Jeff built for us handles video consultations, scheduling, and secure messaging seamlessly. He understood HIPAA requirements inside and out, and delivered a system that passed our compliance audit on the first try. Couldn't ask for more.
Jeff took our outdated e-commerce setup and turned it into a modern, high-performing platform. His Magento expertise saved us from a complete rebuild-he optimized what we had and added the features we needed. Our training equipment sales are up significantly since the improvements went live.
Working with Jeff at AGI was a pleasure. He consistently delivered clean, maintainable code and wasn't afraid to push back when requirements didn't make sense. His pharmacy system integrations were rock solid and his documentation was always thorough.
What I'm Looking For
Ideal Opportunities
- Senior/Lead Full Stack roles with ownership
- E-commerce platform development (Magento, custom)
- Healthcare/Telehealth applications (HIPAA)
- SaaS product development
- Technical architecture & system design
- Remote-first or hybrid (South Florida)
- Contract or full-time positions
What I Bring
- Self-sufficient, I ship end-to-end
- 20+ years of production experience
- Business acumen, I understand ROI and margins
- Clear technical communication
- Proactive problem identification
- Documentation and knowledge transfer
- Mentorship for junior developers
How I Write Code
Real patterns from production systems. Clean, documented, maintainable code built for scale.
/**
* Sophisticated bot detection with pattern matching and adaptive security
*/
namespace App\Http\Middleware;
class BotProtection
{
protected array $badBots = [
'semrush', 'ahref', 'mj12bot', 'sqlmap', 'nessus', 'nmap', /* 17 more */
];
protected array $suspiciousPatterns = [
// SQL injection attempts
'/(\bunion\b.*\bselect\b|\bselect\b.*\bfrom\b)/i',
// XSS attempts
'/]*>.*<\/script>/is' ,
// Path traversal
'/\.\.\/|\.\.\\\\/',
];
public function handle(Request $request, Closure $next): Response
{
// Smart exemptions - never block auth endpoints
if ($this->shouldExempt($request)) {
return $next($request);
}
$ip = $request->ip();
$userAgent = strtolower($request->userAgent() ?? '');
// Check for bad bots
if ($this->isBadBot($userAgent)) {
$this->logSuspiciousActivity($request, 'bad_bot');
abort(403);
}
// Pattern-based injection detection
$suspiciousReason = $this->checkSuspiciousPatterns($request);
if ($suspiciousReason) {
$this->incrementSuspicionScore($ip, 20);
$this->blockIp($ip, 60); // 60 minute block
abort(403, 'Malicious request detected');
}
// Adaptive security - block if suspicion score > threshold
if ($this->getSuspicionScore($ip) > 50) {
$this->blockIp($ip, 30);
abort(403, 'Access blocked due to suspicious activity');
}
return $next($request);
}
}/**
* HIPAA-compliant audit logging service for tracking all PHI access
* @see MEDCONNECT_PRO_COMPLIANCE_SPECIFICATION.md Section 9
*/
namespace App\Services;
class AuditService
{
public static function log(
string $action,
string $resourceType,
?int $resourceId = null,
?array $oldValues = null,
?array $newValues = null,
?array $metadata = null
): AuditLog {
$user = self::getCurrentUser();
return AuditLog::create([
'uuid' => (string) Str::uuid(),
'tenant_id' => self::getCurrentTenantId(),
'user_id' => $user?->id,
'user_type' => self::getUserType($user),
'action' => $action,
'resource_type' => $resourceType,
'resource_id' => $resourceId,
'old_values' => self::sanitizeValues($oldValues),
'new_values' => self::sanitizeValues($newValues),
'metadata' => $metadata,
'ip_address' => Request::ip(),
'user_agent' => substr(Request::userAgent() ?? '', 0, 500),
'session_id' => session()->getId(),
]);
}
// Sanitize values for logging (remove sensitive data)
private static function sanitizeValues(?array $values): ?array
{
if (!$values) return null;
$sensitiveFields = [
'password', 'remember_token', 'two_factor_secret',
'api_key', 'ssn', 'credit_card', 'cvv',
];
foreach ($sensitiveFields as $field) {
if (isset($values[$field])) {
$values[$field] = '[REDACTED]';
}
}
return $values;
}
}/**
* API Rate Limiting Middleware - Dual Window Approach
*/
namespace App\Http\Middleware;
class ApiRateLimit
{
public function handle(Request $request, Closure $next): Response
{
$apiKey = $request->attributes->get('api_key');
// Check per-minute rate limit
$minuteKey = "api_rate:{$apiKey->id}:minute:" . now()->format('Y-m-d-H-i');
$minuteCount = (int) Cache::get($minuteKey, 0);
if ($minuteCount >= $apiKey->rate_limit_per_minute) {
return $this->rateLimitedResponse(
$request, $apiKey, 'minute',
$apiKey->rate_limit_per_minute,
60 - now()->second // Retry-After
);
}
// Check per-day rate limit
$dayKey = "api_rate:{$apiKey->id}:day:" . now()->format('Y-m-d');
$dayCount = (int) Cache::get($dayKey, 0);
if ($dayCount >= $apiKey->rate_limit_per_day) {
$secondsUntilMidnight = now()->endOfDay()->diffInSeconds(now());
return $this->rateLimitedResponse(
$request, $apiKey, 'day',
$apiKey->rate_limit_per_day, $secondsUntilMidnight
);
}
// Increment counters with appropriate TTL
Cache::put($minuteKey, $minuteCount + 1, 120);
Cache::put($dayKey, $dayCount + 1, 86400 + 3600);
// Add standard rate limit headers
return $next($request)->withHeaders([
'X-RateLimit-Limit-Minute' => $apiKey->rate_limit_per_minute,
'X-RateLimit-Remaining-Minute' => max(0, $apiKey->rate_limit_per_minute - $minuteCount - 1),
'X-RateLimit-Limit-Day' => $apiKey->rate_limit_per_day,
'X-RateLimit-Remaining-Day' => max(0, $apiKey->rate_limit_per_day - $dayCount - 1),
]);
}
}/**
* Two-Factor Authentication with TOTP and Recovery Codes
*/
namespace App\Http\Controllers\Auth;
class TwoFactorController extends Controller
{
public function enable(Request $request, TwoFactorService $twoFactor, string $guard)
{
$user = Auth::guard($guard)->user();
$request->validate(['code' => ['required', 'string']]);
// Verify TOTP code
if (!$twoFactor->verifyCode($user->two_factor_secret, $request->code)) {
return back()->withErrors(['code' => 'Invalid code.']);
}
// Generate recovery codes
$recoveryCodes = $twoFactor->generateRecoveryCodes(10);
$user->two_factor_recovery_codes = $twoFactor->hashRecoveryCodes($recoveryCodes);
$user->two_factor_enabled = true;
$user->save();
// Audit logging
AuditService::log(
'two_factor_enabled', get_class($user), $user->id,
'Two-factor authentication enabled',
null, null,
['guard' => $guard, 'recovery_codes_generated' => count($recoveryCodes)]
);
session(["2fa_passed_{$guard}" => true]);
return redirect()->intended($this->defaultRedirectForGuard($guard))
->with('status', '2FA enabled. Save your recovery codes.');
}
public function verifyChallenge(Request $request, TwoFactorService $twoFactor, string $guard)
{
$user = Auth::guard($guard)->user();
$code = trim($request->code);
// Try TOTP first, then recovery code
if ($twoFactor->verifyCode($user->two_factor_secret, $code)) {
$method = 'totp';
} else {
[$ok, $remaining] = $twoFactor->consumeRecoveryCode($user->recovery_codes, $code);
if (!$ok) return back()->withErrors(['code' => 'Invalid code.']);
$user->two_factor_recovery_codes = $remaining;
$user->save();
$method = 'recovery_code';
}
session(["2fa_passed_{$guard}" => true]);
return redirect()->intended($this->defaultRedirectForGuard($guard));
}
}/**
* Tenant Lifecycle Service - Multi-Tenant SaaS Architecture
* Automated state transitions: trial → active → suspended → cancelled → archived → purged
*/
namespace App\Services;
class TenantLifecycleService
{
public function process(bool $dryRun = true): array
{
$results = [
'trial_to_active' => 0,
'cancelled_to_archived' => 0,
'archived_to_purged' => 0,
];
$tenants = Tenant::all();
foreach ($tenants as $tenant) {
// Trial → Active (when trial period ends)
if ($tenant->status === 'trial' && $tenant->trial_ends_at->isPast()) {
if (!$dryRun) {
$this->transition($tenant, 'active', 'Trial ended - auto activation');
}
$results['trial_to_active']++;
}
// Cancelled → Archived (after export window + grace period)
if ($tenant->status === 'cancelled') {
$exportDeadline = $tenant->cancelled_at->addDays(PlatformConfig::tenantExportDays());
$archiveAt = $exportDeadline->addDays(PlatformConfig::tenantGraceDays());
if ($archiveAt->isPast()) {
if (!$dryRun) {
// HIPAA: Anchor retention to last medical encounter
$lastEncounter = $this->latestTenantEncounterAt($tenant->id);
$retentionYears = PlatformConfig::dataRetentionYears();
$tenant->purge_eligible_at = $lastEncounter->addYears($retentionYears);
$tenant->save();
$this->transition($tenant, 'archived', 'Export window elapsed');
}
$results['cancelled_to_archived']++;
}
}
// Archived → Purged (after HIPAA retention period)
if ($tenant->status === 'archived' && $tenant->purge_eligible_at->isPast()) {
if (!$dryRun) {
$this->transition($tenant, 'purged', 'Retention window elapsed');
}
$results['archived_to_purged']++;
}
}
return $results;
}
}# Enterprise Product Scraper with GPT-5-mini Integration
class RateLimitTracker:
"""Track API usage and enforce rate limits"""
def __init__(self):
self.daily_tokens_used = 0
self.minute_requests = 0
self.rate_limit_hits = 0
self.last_minute_reset = time.time()
self.load_state() # Resume capability
def check_and_wait(self, estimated_tokens: int):
"""Enforce rate limits with exponential backoff"""
# Reset minute counter if needed
if time.time() - self.last_minute_reset >= 60:
self.minute_requests = 0
self.last_minute_reset = time.time()
# Check daily token limit
if self.daily_tokens_used + estimated_tokens > TOKENS_PER_DAY:
logger.warning("Daily token limit reached. Pausing until tomorrow.")
time.sleep(3600) # Wait 1 hour
# Check requests per minute
if self.minute_requests >= REQUESTS_PER_MINUTE:
wait_time = 60 - (time.time() - self.last_minute_reset)
if wait_time > 0:
logger.info(f"Rate limit: waiting {wait_time:.1f}s")
time.sleep(wait_time)
class ProductScraper:
"""GraphQL scraper with circuit breaker pattern"""
def __init__(self):
self.rate_limiter = RateLimitTracker()
self.circuit_breaker_failures = 0
self.circuit_breaker_threshold = 5
def generate_seo_content(self, product_data: dict) -> str:
"""Generate unique SEO content using GPT-5-mini"""
self.rate_limiter.check_and_wait(5000)
try:
response = openai.chat.completions.create(
model="gpt-5-mini",
messages=[{
"role": "system",
"content": "SEO expert writing unique product descriptions"
}, {
"role": "user",
"content": f"Write SEO description for: {product_data['name']}"
}],
max_tokens=500,
temperature=0.7
)
self.rate_limiter.record_success(response.usage.total_tokens)
return response.choices[0].message.content
except Exception as e:
self.circuit_breaker_failures += 1
if self.circuit_breaker_failures >= self.circuit_breaker_threshold:
logger.error("Circuit breaker opened - too many failures")
raise
return ""/**
* Patient Portal Widget
* Usage: <script src="https://platform.com/widget/embed.js" data-tenant="slug"></script>
*/
(function() {
'use strict';
// Get script configuration
const currentScript = document.currentScript || (function() {
const scripts = document.getElementsByTagName('script');
return scripts[scripts.length - 1];
})();
const config = {
tenant: currentScript.getAttribute('data-tenant'),
mode: currentScript.getAttribute('data-mode') || 'inline',
theme: currentScript.getAttribute('data-theme') || 'light',
};
// Validate required config
if (!config.tenant) {
console.error('MedConnect Widget: data-tenant is required');
return;
}
// Determine base URL from script src
const scriptSrc = currentScript.src;
const baseUrl = scriptSrc.replace('/widget/embed.js', '');
const portalUrl = `${baseUrl}/portal/${config.tenant}/login`;
// Create modal portal
function createModalPortal(container) {
// Create button
const button = document.createElement('button');
button.className = 'mcpro-portal-button';
button.textContent = 'Patient Portal';
// Create modal with iframe
const overlay = document.createElement('div');
overlay.className = 'mcpro-modal-overlay';
overlay.innerHTML = `
<div class="mcpro-modal">
<button class="mcpro-modal-close">×</button>
<iframe src="${portalUrl}" class="mcpro-modal-iframe"></iframe>
</div>
`;
container.appendChild(button);
document.body.appendChild(overlay);
// Event handlers
button.addEventListener('click', () => {
overlay.classList.add('open');
document.body.style.overflow = 'hidden';
});
// Close on overlay click or Escape key
function closeModal() {
overlay.classList.remove('open');
document.body.style.overflow = '';
}
overlay.querySelector('.mcpro-modal-close').addEventListener('click', closeModal);
// PostMessage API - listen for login success from iframe
window.addEventListener('message', function(event) {
if (event.data?.type === 'mcpro-login-success') {
closeModal();
if (event.data.redirect) {
window.location.href = event.data.redirect;
}
}
});
}
// Expose global API
window.MedConnectPortal = {
config: config,
open: () => document.querySelector('.mcpro-modal-overlay')?.classList.add('open'),
close: () => document.querySelector('.mcpro-modal-overlay')?.classList.remove('open')
};
})();-- Order Profitability Dashboard with Completion Status
-- Combines order data, item counts, and parsed PDF costs
SELECT
o.increment_id AS 'Order ID',
o.base_grand_total AS 'Revenue',
-- Cost data from parsed PDFs
COALESCE(costs.total_product_cost, 0) AS 'PDF Product Cost',
COALESCE(costs.total_shipping_cost, 0) AS 'PDF Shipping Cost',
-- Completion tracking
CONCAT(
COALESCE(costs.items_with_cost, 0),
'/',
items.total_items
) AS 'Items Costed',
-- Dynamic status indicator
CASE
WHEN costs.items_with_cost IS NULL THEN '❌ No PDF Data'
WHEN costs.items_with_cost >= items.total_items THEN '✅ Complete'
ELSE CONCAT(
'⚠️ Partial (',
ROUND(costs.items_with_cost / items.total_items * 100),
'%)'
)
END AS 'Status',
-- Profit calculation (only if complete cost data)
CASE
WHEN costs.total_product_cost IS NOT NULL THEN
ROUND(
o.base_grand_total -
costs.total_product_cost -
costs.total_shipping_cost,
2
)
ELSE NULL
END AS 'Profit',
costs.suppliers AS 'Suppliers'
FROM sales_order o
-- Subquery: Get item count per order
LEFT JOIN (
SELECT
order_id,
COUNT(*) AS total_items
FROM sales_order_item
WHERE parent_item_id IS NULL
GROUP BY order_id
) items ON o.entity_id = items.order_id
-- Subquery: Aggregate PDF parsed costs
LEFT JOIN (
SELECT
order_increment_id,
SUM(total_product_cost) AS total_product_cost,
SUM(shipping_cost) AS total_shipping_cost,
COUNT(DISTINCT product_sku) AS items_with_cost,
GROUP_CONCAT(DISTINCT supplier) AS suppliers
FROM detailed_reports_line_item_costs
GROUP BY order_increment_id
) costs ON o.increment_id = costs.order_increment_id
WHERE o.created_at >= DATE_SUB(NOW(), INTERVAL 30 DAY)
ORDER BY o.created_at DESC
LIMIT 20;/**
* Automated Tenant Provisioning with Docker
* Deploys isolated containerized instances with SSL and domain routing
*/
namespace App\Services;
class TenantProvisioner
{
public function provision(Tenant $tenant): array
{
$slug = $tenant->slug;
$domain = $tenant->custom_domain ?? "{$slug}.medconnect.app";
// 1. Create isolated database
$dbName = "tenant_{$slug}";
$dbPassword = Str::random(32);
DB::statement("CREATE DATABASE IF NOT EXISTS `{$dbName}`");
DB::statement("CREATE USER '{$dbName}'@'%' IDENTIFIED BY '{$dbPassword}'");
DB::statement("GRANT ALL ON `{$dbName}`.* TO '{$dbName}'@'%'");
// 2. Generate docker-compose configuration
$dockerCompose = self::generateDockerCompose($tenant, $dbName, $dbPassword);
File::put("/tenants/{$slug}/docker-compose.yml", $dockerCompose);
// 3. Deploy container via Docker API
$result = Process::run("docker-compose -f /tenants/{$slug}/docker-compose.yml up -d");
// 4. Configure Traefik reverse proxy labels
self::configureTraefik($tenant, $domain);
// 5. Request SSL certificate from Let's Encrypt
$sslResult = self::provisionSSL($domain);
// 6. Run database migrations in container
Process::run("docker exec tenant-{$slug} php artisan migrate --force");
return [
'status' => 'success',
'domain' => $domain,
'database' => $dbName,
'container_id' => self::getContainerId($slug),
'ssl_status' => $sslResult ? 'active' : 'pending',
];
}
private static function configureTraefik(Tenant $tenant, string $domain): void
{
// Dynamic Traefik labels for routing and SSL
$labels = [
"traefik.http.routers.{$tenant->slug}.rule=Host(`{$domain}`)",
"traefik.http.routers.{$tenant->slug}.tls=true",
"traefik.http.routers.{$tenant->slug}.tls.certresolver=letsencrypt",
];
// Apply labels to running container
foreach ($labels as $label) {
Process::run("docker update --label-add '{$label}' tenant-{$tenant->slug}");
}
}
}Production Sites
Real systems I've built that are live in production today. Note: Sites may have evolved since I designed and developed them.
MyAED.com
Medical equipment e-commerce I built from the ground up. Custom Magento 2 with 400K+ products, automated dropshipping, profit tracking, and B2B workflows.
Visit Live Site →MintRx.com
Telehealth pharmacy platform with prescription checkout flows, HIPAA-compliant patient data handling, and integrated provider consultations.
Visit Live Site →Galilee Lighting
E-commerce platform for lighting products with custom product configurators, B2B pricing, and integrated inventory management.
Visit Live Site →OneBeat Medical
Medical training equipment e-commerce with multi-language support, B2B distributor portals, and integrated training school platform.
Visit Live Site →Let's Build Something Together
Looking for a senior developer who can take ownership of complex projects and deliver production-ready systems? I'd love to discuss your needs.