Overview

Led the proof of concept for a Property Price Index system at Wing, using H3 geospatial indexing to power polygon-based performance analytics and price aggregation across geographic zones.

Highlights

• H3 geospatial indexing: used hexagonal cells for fast polygon aggregation, enabling dynamic zoom-level analytics without precomputing every boundary.
• Role-based access control: architected the Next.js app with RBAC and secure session management so different stakeholders saw only the data they were allowed to.
• Spatial analytics workflows: built visualization and aggregation flows that rendered property data dynamically by geographic zones, usable by analysts to compare regions.

Technologies

• Frontend: Next.js 15 (App Router), TypeScript
• Data layer: Drizzle ORM, PostgreSQL
• Auth: Better Auth with secure session management
• Maps & geospatial: Mapbox, MapLibre, H3-JS

Security & best practices

Sensitive financial data meant security was treated as a first-class concern, not an afterthought.

• Least-privilege RBAC: every page and API route gated by role; authorization enforced server-side, not just by hiding UI controls.
• Secure session management: sessions managed with standard secure cookie practices; no tokens exposed to client-side JavaScript.
• Parameterized queries: all database queries used parameterized inputs — no string interpolation into SQL.
• Input validation: all user-supplied parameters validated server-side before reaching the data layer.
• Secrets hygiene: credentials and API keys kept in environment variables, never committed to source control.
• Code review discipline: every change reviewed with focus on auth boundaries, query safety, and data handling before merging.

Outcome

A working POC demonstrating that H3-based spatial indexing could power a performant, zone-aware property price index, setting the foundation for a production rollout.