PitPro.ai AI SaaS Transformation
Atul L Ranjan
Verified
Like this project
What the client had to say
I really liked working with Atul and I would gladly work again with him in the future. He was extremely quick and responsive, while delivering a project of a superior quality.
Federico Gandini
Jan 13, 2026, Client
Posted Jan 13, 2026
Transformed PitPro.ai from a fragile MVP into a secure, scalable enterprise platform for professional automotive diagnostics.
Likes
0
Views
1
Timeline
Dec 17, 2025 - Jan 13, 2026
Case Study: PitPro.ai — From AI Prototype to Enterprise Platform
Role: Lead Full-Stack Engineer & Architect Timeline: 3 Weeks (Accelerated Delivery) Status: Production Ready
🚀 Executive Summary
PitPro.ai is an intelligent SaaS platform designed for professional automotive workshops. It utilizes Google Gemini AI to act as a "second brain" for mechanics, offering instant fault code (DTC) analysis, repair procedure generation, and manufacturer-grade maintenance data.
I was brought on to take a Proof of Concept (PoC)—generated rapidly using "Vibe Coding" tools—and transform it into a secure, scalable, and commercially viable application. My role involved a complete architectural rewrite, security hardening, database normalization, and the implementation of advanced AI features.
⚠️ The Challenge: The "Vibe Coding" Trap
The initial MVP of PitPro was created using AI-assisted generation tools (Lovable.dev). While these tools are incredible for visualizing ideas ("Vibe Coding"), they often produce code that is fundamentally unsafe for production environments.
The State of the MVP before my intervention:
Security Void: Database policies (RLS) were non-existent, allowing any user to modify any data.
Exposed APIs: AI Edge Functions were unauthenticated, allowing anyone with the URL to drain the API usage quota.
Flat Architecture: The database lacked relational integrity (no distinction between Vehicles, Users, and Service History).
Client-Side Trust: Critical business logic was executed in the browser, making it easily manipulatable.
The Goal: Migrate from a fragile prototype to a robust Next.js 14 architecture with enterprise-grade security, proper state management, and a normalized database schema.
🛠️ Technology Stack
Framework: Next.js 14 (App Router, Server Actions)
Language: TypeScript
Database: Supabase (PostgreSQL) with Row Level Security (RLS)
AI Engine: Google Gemini 1.5 Flash (via Server-Side API Routes)
Infrastructure: Vercel (Hosting), Upstash Redis (Rate Limiting)
UI/UX: Tailwind CSS, Shadcn/ui, Lucide Icons
Validation: Zod (Schema Validation)
đź’ˇ Key Contributions & Deliverables
1. Database Architecture & Normalization
The original data structure was flat and unscalable. I designed and migrated to a fully relational schema to support a multi-tenant SaaS model.
Centralized Vehicle Entity: Created a
vehicles table as the source of truth, linked to users via UUID.Event-Based History: Implemented a
vehicle_interventions (Parent) and intervention_items (Child) structure to track every interaction—whether it’s a diagnostic scan, a repair order, or routine maintenance.Context Retention: Created
technical_conversations to store chat history, allowing the AI to "remember" previous context about a specific car.Cost Optimization: Designed a
plate_cache table to store license plate lookups, significantly reducing external API costs by serving cached technical data for repeat queries.2. Security Hardening & Middleware
I implemented a "Zero Trust" security model to ensure tenant isolation.
Row Level Security (RLS): Wrote complex PostgreSQL policies ensuring users can only read/write data linked to their specific
auth.uid.Admin Middleware: Built a custom
middleware.ts using secure, HTTP-only cookies to protect the Admin Dashboard, completely separating it from standard user authentication flows.Rate Limiting: Integrated Redis to implement sliding-window rate limiting on AI endpoints, protecting the platform from DDoS attacks and API cost abuse.
Server-Side Validation: Moved all critical logic from the client to Next.js API routes, validating every input with Zod schemas before processing.
3. Advanced AI Implementation
Beyond simple text generation, I engineered specific AI workflows.
Context-Aware Technical Assistant: Built a chat interface (
/api/technical-assistant) that dynamically injects the vehicle's specific diagnostic logs into the System Prompt. This allows mechanics to ask specific questions like "Where is this sensor located on this specific Audi?" without re-explaining the context.Structured Output Enforcement: Forced the LLM to return strict JSON for diagnostics, ensuring the UI can render interactive elements (checkboxes for parts, accordions for repair steps) rather than unstructured text.
"Scissor Logic" Algorithm: Wrote a TypeScript utility to normalize AI-generated labor time estimates (converting vague ranges like "1-2 hours" into precise formats "1h 30m - 2h") for consistent quoting.
4. User Experience (UX) & State Management
Session Persistence: Implemented
sessionStorage logic to prevent data loss. If a mechanic refreshes the page during a complex diagnostic entry, their form data is preserved.Vehicle Lifecycle UI: Developed a "My Vehicles" dashboard that aggregates diagnostic history, maintenance records, and repair orders into a timeline view for every car in the shop.
Admin Dashboard: Created a comprehensive backend panel for administrators to view analytics, manage user feedback, and monitor system health.
📸 Core Features Built
🔍 AI Diagnostics Engine
Input a DTC code (e.g., P0420) or a symptom description. The system returns 3 ranked causes, a technical explanation, estimated labor times, and a list of suggested parts with checkboxes for ordering.
🔧 Maintenance Data Hub
Select a service category (e.g., "Braking System"). The system retrieves manufacturer specs—torque settings, oil types, fluid capacities—and generates step-by-step electronic reset procedures (e.g., how to reset the Service Light).
🤖 The Technical Assistant
A context-aware chatbot living in the sidebar. It knows exactly which car allows mechanics to troubleshoot interactively while looking at the car.
🏆 Conclusion
PitPro.ai stands as a prime example of how to bridge the gap between AI potential and production reality. By moving away from the "Vibe Coded" prototype and enforcing strict engineering principles—Type Safety, RLS, Normalization, and Rate Limiting—I delivered a platform that is not only impressive to look at but secure enough to run a business on.
Pircutres:
