[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-mrm360-centralized-automation-backend-for-a-large-student-organization":3},{"id":4,"title":5,"slug":6,"excerpt":7,"contentType":8,"content":9,"metadata":10,"status":19,"createdAt":20,"updatedAt":21,"startDate":22,"endDate":18,"isOngoing":11,"featuredImage":23,"projectLinks":24,"contributors":26,"experienceCategory":18,"location":18,"locationType":18,"tags":27,"linkedSkills":46,"roles":77,"isPublished":11,"contentLinks":78,"body":-1,"markdown":-1,"html":-1},"42f0de66-8545-4ced-a373-74745cb253dd","MRM360: Centralized Automation Backend for a Large Student Organization","mrm360-centralized-automation-backend-for-a-large-student-organization","Engineered the core backend for the CCSO's management suite, featuring OIDC auth, role-based permissions, and an asynchronous task queue to automate organizational operations.","PROJECT","## Overview\n\nMRM360 is the centralized backend system architected to automate and unify operations for the Penn State Competitive Cyber Security Organization \\(CCSO\\)\\, a large and active student group\\. The project was born from the need to replace a fragmented collection of disparate tools with a single\\, cohesive platform\\. This system serves as the authoritative source of truth\\, managing everything from member and team data to event attendance\\. It deeply integrates with third\\-party services to automate the provisioning of resources for both competition teams and our custom cyber range platform\\, Wiretap\\.\n\nThe backend is built on a modern\\, scalable stack using Next\\.js and TypeScript\\, designed with a \\\"security\\-first\\\" principle\\. It provides a comprehensive REST API that handles all core organizational functions\\. By leveraging a robust authentication system with OpenID Connect \\(OIDC\\) and a fine\\-grained\\, role\\-based permission model\\, MRM360 ensures that data is both accessible and secure\\. Its asynchronous task processing architecture allows it to handle long\\-running operations like email notifications\\, group synchronization\\, and complex\\, multi\\-service provisioning jobs without compromising API responsiveness\\.\n\n## Key Features\n\n- **Unified Identity \\& Access Management\\:** Integrates with Authentik via OIDC for secure single sign\\-on \\(SSO\\)\\. A CASL\\-based authorization layer provides granular\\, role\\-based permissions \\(Admin\\, Exec\\-Board\\, Member\\)\\, ensuring users can only access and modify data appropriate to their role\\.\n\n- **Automated Team Environment Provisioning\\:** Eliminates significant manual overhead by automatically provisioning a complete digital ecosystem for teams\\. When a member is added to a team\\, MRM360 orchestrates actions across multiple platforms to create dedicated resources\\, including private Discord channels\\, Nextcloud group folders\\, calendars\\, and task boards\\, and team\\-specific documentation pages in Wiki\\.js\\.\n\n- **Asynchronous Job Processing\\:** Utilizes BullMQ and Redis to manage a powerful background task queue\\. This offloads time\\-consuming operations like sending bulk emails via ListMonk\\, provisioning team resources across multiple services\\, and syncing user groups\\, ensuring the API remains fast and responsive\\.\n\n- **Comprehensive API for Organization Management\\:** Exposes a full suite of RESTful endpoints for CRUD operations on all core entities\\, including users\\, teams\\, events\\, and groups\\. The entire API is automatically documented and interactive via a built\\-in Swagger UI\\.\n\n## Technologies \\& Implementation\n\nI architected the backend with a focus on type safety\\, scalability\\, and maintainability\\. The core principle was a strict separation of concerns\\, where API routes are thin controllers and all business logic resides in dedicated manager classes\\.\n\n- **Framework\\: Next\\.js 13\\+** with **TypeScript** was chosen for its robust API routing capabilities and the end\\-to\\-end type safety it provides\\.\n\n- **Database \\& ORM\\: PostgreSQL** provides a reliable\\, relational data store\\, while **Prisma ORM** accelerates development with auto\\-generated types and a fluent query API\\, ensuring database interactions are safe and efficient\\.\n\n- **Authentication \\& Authorization\\: Authentik OIDC** integration handles authentication\\, providing a secure SSO experience\\. **CASL** was selected for its declarative\\, ability\\-based authorization\\, allowing for complex permission rules that are easy to define and maintain\\.\n\n- **Background Tasks\\: BullMQ** and **Redis** were implemented to create a resilient background job processing system\\, essential for handling asynchronous tasks like third\\-party API integrations and notifications without blocking user requests\\.\n\n- **Validation \\& Documentation\\: Zod** is used for schema validation on all API inputs\\, preventing invalid data from entering the system\\. API endpoints are documented using **OpenAPI 3**\\, with a **Swagger UI** automatically generated for developers and consumers\\.\n\n```mermaid\ngraph TD\n    A[\"Client Request\"] --> B[\"Next.js API Route\"];\n    B --> C[\"Auth & Validation Middleware (Zod)\"];\n    C --> D{\"Business Logic Layer (Manager Classes)\"};\n    D --> E[\"Prisma ORM\"];\n    E --> F[\"PostgreSQL Database\"];\n    D --> G[\"BullMQ Queue\"];\n    G --> H[\"Redis\"];\n    I[\"Background Worker\"] --> H;\n    I --> D;\n\n```\n\n## Challenges \\& Solutions\n\nThe primary challenge was designing a system that could handle a wide variety of unrelated\\, long\\-running tasks—from sending Discord notifications to provisioning cloud infrastructure—without degrading the performance of the core user\\-facing API\\. A naive\\, synchronous approach would lead to slow response times and timeouts\\.\n\nTo solve this\\, I architected an asynchronous task processing system using BullMQ\\. When a user action triggers a long\\-running process \\(e\\.g\\.\\, \\\"provision team resources\\\"\\)\\, the API endpoint immediately enqueues a job with the necessary data and returns a success response to the user\\. A separate\\, dedicated worker process picks up jobs from the Redis queue and executes them independently\\. This decoupling ensures the API remains highly responsive and creates a resilient system where tasks can be retried automatically upon failure\\, providing a robust foundation for all organizational automation\\.\n\n## Results \\& Impact\n\nThe MRM360 backend successfully centralized the CCSO\\'s core operations\\, transforming administrative efficiency and member experience\\.\n\n- **Reduced Administrative Overhead\\:** Automated processes have saved the executive board an estimated 5\\-10 hours of manual work per week\\. The system completely eliminates the tedious process of manually creating team\\-specific Discord channels\\, Nextcloud folders\\, calendars\\, and Wiki\\.js pages\\, and managing their memberships\\.\n\n- **Single Source of Truth\\:** By consolidating member\\, team\\, and event data\\, the platform has eliminated data inconsistencies and provides reliable analytics for organizational leadership\\.\n\n- **Proven Scalability \\& Integration\\:** The asynchronous architecture provides a robust foundation for automation\\. The platform has successfully integrated with numerous third\\-party services\\, including Discord for community management\\, ListMonk for newsletters\\, Nextcloud for file sharing\\, and Wiki\\.js for knowledge management\\.\n\n- **Improved Developer Experience\\:** The auto\\-generated Swagger documentation and strict type\\-safety have made it simple for other members to contribute to the platform and build new features\\.\n\n\\{TODO\\: Add screenshot of the Swagger API documentation UI\\}\n\n## Links\n\n- View on GitHub",{"isOngoing":11,"startDate":12,"aiGenerated":11,"generatedAt":13,"contributors":14,"projectLinks":16},true,"2023-01-01","2025-11-16T23:55:59.589Z",[15],"Aiden Johnson",{"other":17,"github":18,"devpost":18},[],null,"PUBLISHED","2025-11-16T23:56:00.192Z","2026-01-23T23:41:39.600Z","2025-08-01T00:00:00.000Z","https:\u002F\u002Fapi.foligo.tech\u002Fapi\u002Fmedia\u002Fca9312f5-155e-4bed-b72a-f310c25ef089\u002Ffile",{"other":25,"github":18,"devpost":18},[],[15],[28,32,36,40,43],{"id":29,"name":30,"category":31},"d2bd1800-4b7e-462d-8a79-a4d79750852c","Backend Development","Domain",{"id":33,"name":34,"category":35},"dcc92d45-fe23-40bc-9fdb-9ff140db01f6","API Design","Technical",{"id":37,"name":38,"category":39},"3cae1234-cb3c-4e82-a41d-df0e7b6bd4de","Authentication","Feature",{"id":41,"name":42,"category":35},"ae65c730-401e-431f-808c-816534c41ecc","System Architecture",{"id":44,"name":45,"category":39},"e54586db-7c49-498e-869a-b1cff905f656","Automation",[47,51,55,59,63,66,70,74],{"id":48,"name":49,"category":50},"153dbaa9-b2f5-4f68-9046-0957dde01a10","Node.js","Backend Framework",{"id":52,"name":53,"category":54},"09cbedc8-f56c-4935-8b1e-428a0b467a18","Docker","DevOps Tool",{"id":56,"name":57,"category":58},"c2541394-7e2f-4326-96f3-89e895191e16","PostgreSQL","Database",{"id":60,"name":61,"category":62},"c378a443-be25-41f3-90e0-c33d9ed854f1","Next.js","Framework",{"id":64,"name":65,"category":58},"4e460fba-8add-4eba-96b5-3d3faae0941a","Redis",{"id":67,"name":68,"category":69},"0e94731b-b5b5-4492-b59a-ef1041370df0","TypeScript","Programming Language",{"id":71,"name":72,"category":73},"5d3bacda-f2ca-40ab-a6df-9540d4ff3c5e","REST API","API",{"id":75,"name":76,"category":54},"e743b04c-8101-463c-b207-5a99c2886065","Prisma",[],[79,89,98,108,113,118],{"id":80,"sourceId":4,"targetId":81,"sourceType":82,"targetType":8,"linkType":83,"createdAt":84,"updatedAt":84,"linkedContent":85},"acf76261-a89f-4754-ac86-2a14c5abc594","933b4796-dee8-432c-95d8-278d92dd5de9","content","related","2025-11-27T08:04:18.529Z",{"id":81,"title":86,"slug":87,"excerpt":88,"contentType":8},"TGM Auth API: Centralized Single-Sign-On (SSO) Solution","tgm-auth-api-centralized-single-sign-on-sso-solution","A robust SSO API built with Node.js and MySQL, providing centralized user authentication, token management, and granular access control for multiple applications.",{"id":90,"sourceId":4,"targetId":91,"sourceType":82,"targetType":8,"linkType":92,"createdAt":93,"updatedAt":93,"linkedContent":94},"f9cb3b1b-2668-4547-b81f-c90267cc99a0","875f8aca-f854-4576-84e8-4fd0e44cf327","complementary","2025-11-27T08:04:18.406Z",{"id":91,"title":95,"slug":96,"excerpt":97,"contentType":8},"CCSO Website: Full-Stack Revitalization with Nuxt 3 and Strapi","ccso-website-full-stack-revitalization-with-nuxt-3-and-strapi","Engineered the Penn State CCSO website into a modern, high-performance digital hub using a decoupled stack of Nuxt 3, Vue.js, and a Strapi headless CMS to manage content and drive member engagement.",{"id":99,"sourceId":4,"targetId":100,"sourceType":82,"targetType":101,"linkType":102,"createdAt":103,"updatedAt":103,"linkedContent":104},"6fe102b8-d0ad-4663-948b-0d83994a3335","971e083c-0619-42ee-9c72-4c4c611b02ff","EXPERIENCE","parent","2025-11-27T08:04:18.378Z",{"id":100,"title":105,"slug":106,"excerpt":107,"contentType":101},"Tech Director at Penn State Competitive Cyber Security Organization","tech-director-at-penn-state-competitive-cyber-security-organization","Leading the design, automation, and management of a high-availability Kubernetes and Docker infrastructure for large-scale cybersecurity competitions, enhancing reliability and operational efficiency.",{"id":109,"sourceId":4,"targetId":81,"sourceType":82,"targetType":8,"linkType":110,"createdAt":111,"updatedAt":111,"linkedContent":112},"26a24150-d135-436d-a7d6-be7cdae9c877","sequential","2025-11-17T03:58:50.145Z",{"id":81,"title":86,"slug":87,"excerpt":88,"contentType":8},{"id":114,"sourceId":4,"targetId":100,"sourceType":82,"targetType":101,"linkType":115,"createdAt":116,"updatedAt":116,"linkedContent":117},"45131757-2af9-471e-a503-e3375a7427a1","child","2025-11-17T03:58:50.027Z",{"id":100,"title":105,"slug":106,"excerpt":107,"contentType":101},{"id":119,"sourceId":4,"targetId":120,"sourceType":82,"targetType":8,"linkType":83,"createdAt":121,"updatedAt":121,"linkedContent":122},"7cfcdf12-9395-4ae3-afcd-8c207ffb6365","9e629a68-271e-4c15-95aa-cc6db9843a10","2025-11-17T03:58:50.012Z",{"id":120,"title":123,"slug":124,"excerpt":125,"contentType":8},"Wiretap: Automated Cyber Range & Workshop Platform","wiretap-automated-cyber-range-workshop-platform","A full-stack platform for Penn State's CCSO that automates the deployment and management of complex, multi-team cybersecurity training environments using a custom IaC engine and a Node.js\u002FVue.js web portal."]