I am a co-founder at an Indian startup and we are building a B2B app that allows our clients to use our app to do bookkeeping and other activities.
I am an experienced coder but most of my technical expertise lies in the C++/GPU coding area. I am a novice in Django, having picked it up 6 months ago along with other technologies like Docker, Vue etc (tldr: there are gaps in my understanding of Django).
I chose Django (initialized using Cookiecutter) as our backend for many reasons, primary among which is that it is the right tool for the job. Security is a big aspect of our app and Django helps out enormously in this. Many of the problems solved within our system have indeed been a breeze because of Django. But some aspects require advanced understanding of the Django framework, and it is in these aspects that I need some help. I have some problems that I have solved but require validation by an experienced Django user and some problems that I have not managed to solve yet.
Since I am very new to the Django world and come to this site frequently, and Python users are generally very nice people, I figured I would approach you folks to see if this is the right forum to be asking these kinds of questions, or is there a site more suitable for this (I would prefer not to do this on StackOverflow if I can help it, due to the exposure factor). With that in mind, given below is one of the issues I have run into. There are others as well, but if this is not the right forum, I don’t want to bore people with long posts (too late I know ) .
Below are two interrelated issues:
- Due to compliance reasons, each client has to have their own database (postgres). [Multi-tenant database is not an option]. Each database contains within itself all user-authentication tables required by our clients’ own user-bases as well as client-specific service apps. So, database management in our case is not the same as common Django use-cases.
- The services (apps) we provide are customized as per our clients needs. For example, say service A is being used by clients X, Y and Z. X & Z may use the Aa variant, while Y uses the Ab one. In our design, we have A as an abstract base where Aa and Ab are the apps that need to be hooked to their respective databases. Furthermore, there is also the scenario that while clients X & Y use services A & B, client Z uses services A & C (each service having a variant specific to the client). So, mass migrations are not a good fit for us. For now, migrate apps manually (and with great care) to specified databases only.
When it comes time to use this setup in runtime, I run into issues.
Our proposed pipeline is this:
As our client accesses our app page, we look up their IP address (static IP) to find which database (and credentials,) service apps and frontend modules they should be using. We would like to use these credentials to get to the client-specific login-page and then use further authentication to get into the DB services. I am currently stuck with how to send these DB credentials on the fly as opposed to the standard Django way of setting DB credentials in the settings.py (or equivalent) file.
Am I on the right path, and if so, what is the path forward? If I am not on the right path, which way should I go?
A constant thing I have to keep in mind is that I come from the Cpp world where coding concepts can be different from Django concepts. So, I am mindful of potential traps.
I would like to end by apologizing if I have wasted people’s time and thanking in advance those who can help out. Thank you.