The patterns I reuse across builds.

NextAuth v5 JWT credentials with the security defaults that should be standard but usually aren't: lockout, breach-list password check, anti-enumeration, invite-only signup.

STAFF < TEAM_LEAD < MANAGER < ADMIN role ladder plus an isSuperAdmin tier, with requireAuth, requireRole, requireSuperAdmin, and target-guard helpers that make permission errors loud and uniform.

Two-tier retention (CONTRACT 7y / OPERATIONAL 1y) audit log with allowlist-gated one-click restore on UPDATE rows. Compliance teams stop arguing once the policy lives in code.

Sweeps the audit log nightly for anomalies (mass-signup spikes, DELETE bursts, lockout cascades, classifier blackouts, stuck inquiries) and emails admins when something trips. Quiet when nothing is wrong.

DRAFT → SUBMITTED_FOR_INTERNAL → INTERNAL_APPROVED → SUBMITTED_FOR_CLIENT → CLIENT_APPROVED with a CLIENT_REVISION_REQUESTED branch back into the loop. Every transition is a function with explicit preconditions and side-effects.

NPI / state license / DEA / board cert / CAQH / UK GMC / other, with 90/60/30/7-day expiry windows + already-expired bucket. AI-generated reminder copy via the HIPAA-aware wrapper. Dedup log prevents double-fires.

Annual / sick / unpaid / parental / bereavement leave with pro-rated entitlements for new joiners, manager approve/decline state machine, and balance updates that run inside a Prisma transaction so balances can't desync.

Auto-prompts on the first portal pageview each calendar day (timezone-locked, not UTC). Manager+ team view with a 4-pill summary. Unique constraint enforces one status per day per user, idempotent on resubmit.

Adaptive client intake using Claude. Asks 4-7 questions tuned to the prospect's stated context, fetches their public site, generates a brand brief the PM walks into the discovery call already holding.

Two independent defenses on every Claude call: a PHI sniffer regex that blocks free-text PHI pre-persistence, and a wrapper that prepends a stop-clause to every system prompt. Direct AI SDK imports outside the wrapper are bugs by convention.

Every monetary row stores native amount + native currency + an FxRateSnapshot foreign key. Reports compute against the snapshot, never live FX. A regenerated report from yesterday matches the original row-for-row.

Property-tested salary engine for Pakistan's FBR slabs and EOBI rates. Forward Gross→Net + bisection Net→Gross solver. 17 of 17 vitest property tests green, decimal.js precision throughout.