Multi-tenant Backend API
Django REST API that evolved from a single-tenant portfolio backend into a multi-tenant architecture with custom managers, tenant isolation, and AWS deployment.
What This Is
A Django REST API that began as a single-tenant portfolio backend and evolved into a multi-tenant system, designed to explore how data isolation, authorization, and system boundaries change when supporting multiple organizations.
Architecture
Tenant isolation at the ORM level. TenantAwareModel base class with automatic organization scoping. TenantAwareManager filters queries by organization context. Slug uniqueness validated per-organization.
Composable mixins. TimestampedModel, SoftDeleteModel, SlugMixin, PublishableMixin, ViewTrackingMixin. BaseContentModel combines them with proper MRO handling.
Custom managers with chainable QuerySets. Methods like published(), drafts(), featured(), trending(), with_deleted(). Each manager has its own QuerySet class.
Publication workflow. Draft → Published → Scheduled → Archived. Auto-publication at scheduled times.
Permission classes. TenantPermission for organization isolation, PublishedContentPermission for publication workflow, plus a few more for specific access patterns.
Infrastructure
AWS ECS Fargate, RDS PostgreSQL, ElastiCache Redis, S3, SQS. Full type hints with MyPy. pytest with 47 test classes.
What I Learned
How tenant isolation works at the ORM level. Why managers need custom QuerySets for method chaining. How MRO breaks if you're not careful with mixin order. The difference between code that works and code that works under concurrent load.