.png)
๐ง Backend Project
Healthcare Membership REST API Platform
Layered SPA + modular monolith Django REST API with JWT authentication, payment verification, automated receipt generation, and VPS deployment for healthcare membership management.
Project Overview
BrightLife Health Services (Bangladesh)
Healthcare / Insurance / SaaS
3 months (Nov 2024 - Feb 2025)
Lead Backend Developer
BrightLife Backend is a production-grade Django REST API designed for the Bangladesh healthcare market. It powers a decoupled React/Vite SPA via an HTTPS edge (Nginx โ Gunicorn โ Django) while PostgreSQL and dedicated media storage manage transactional data. The modular monolith handles the complete membership lifecycle: JWT-based authentication, multi-step application processing with nested serializers, nominee/share validation, payment verification with screenshot uploads, and auto-generated receipts with QR codes, all deployed on VPS with SSL/TLS.
Development Process
This workflow documents the end-to-end steps expected from engineers when delivering changes to the BrightLife Django backend, ensuring work stays consistent and auditable.
Discovery & Requirements
Capture the problem statement, business rules, and success metrics. Identify affected domains (users, membership, payment) and validate data needs.
Design & Planning
Choose the approach (serializer/viewset updates), plan authentication impact, and estimate non-functional needs like rate limits.
Implementation
Create/modify models, serializers, and viewsets following app boundaries. Update settings/env toggles and ensure PEP 8 compliance.
Testing & Validation
Write unit and API tests (DRF APITestCase). Run full suite and exercise manual flows for critical UX.
Documentation & Change Log
Update README, API tables, and setup docs. Record user-facing changes in CHANGELOG.md.
Code Review & Merge
Open PR with summary and testing evidence. Address reviewer comments and ensure branch is up to date.
Deployment
Confirm .env changes, pull code on VPS, migrate DB, collectstatic, and restart services.
Post-Deployment Verification
Smoke test key endpoints, check logs (Gunicorn/Nginx), and validate SSL/HTTPS health.
The Challenge
BrightLife Health Services needed a robust backend API to power their digital membership platform. Their existing system had no proper API layer:
No REST API - Frontend had to rely on form submissions and page reloads
No authentication system - Shared admin passwords with no token-based auth
No payment verification API - Confirmations via WhatsApp with no audit trail
No receipt generation endpoint - Receipts created manually without unique numbers
No nominee validation - Share percentages calculated manually without backend validation
No file upload handling - Documents stored locally without proper media management
No API documentation - Developers had no reference for endpoint integration
They needed a modern REST API with JWT authentication, proper data validation, file handling, auto-generated receipts, and comprehensive API documentation.
My Solution
I formalized architecture patterns that keep the platform production-ready, independently deployable, and future-proof:
.png)
Layered SPA Deployment
React/Vite SPA communicates exclusively via HTTPS with Nginx terminating SSL, proxying to Gunicorn and Django, while PostgreSQL and dedicated media storage manage persistence for clear presentation โ edge โ application โ data separation.
Modular Monolith
Package-by-feature Django modules (users, membership, payments, core services) own their models/serializers/viewsets, with shared authentication, permissions, and utilities centralized to keep the codebase cohesive without microservice overhead.
Resource-Oriented REST API
Versioned /api/v1 endpoints built with DRF are stateless, JWT-secured, and organized around resources, following a schema-first approach with auto-generated Swagger and ReDoc documentation for backward-compatible integrations.
Operational Readiness
AlmaLinux VPS hardened with Nginx SSL termination, Gunicorn workers, PostgreSQL 15, and systemd services to support independent frontend/backend releases and straightforward scaling paths.
Key Features
JWT Authentication
Secure token-based auth with access + refresh rotation, token blacklisting, and role-based permissions.
Nested Serializers
Complex form handling with nested data structures for nominees, addresses, and medical history.
Share Validation
Custom validator ensuring nominee share percentages equal exactly 100% with detailed error messages.
Payment API
Screenshot upload endpoint with transaction ID tracking, bKash/Nagad/Bank support, and admin verification workflow.
Receipt Generation
Auto-generated unique receipt numbers with QR code generation and PDF-ready response data.
API Documentation
Swagger UI + ReDoc with complete endpoint documentation, authentication flows, and request/response samples.
Tech Stack
Framework
Authentication
Database
File Handling
Documentation
DevOps
Screenshots
Django Admin - Site Administration with Membership & Payment Management
OpenAPI Swagger UI - REST API Documentation with Auth & Membership Endpoints
.png)
ReDoc Documentation - Detailed API Schema with Request/Response Samples
.png)
API Endpoint Structure - Authentication, Membership, and Payment Routes
.png)
Nested Serializer Schema - Complex Form Data Handling
.png)
Django Admin Dashboard - Application & Payment Verification Workflow
Results & Impact
95%
Reduction
in Manual Processing
10x
Faster
Application Processing
3hrsโ5min
Admin Time
Per Application
5,000+
Members
Capacity
99.9%
Uptime
Achieved
A+
SSL Rating
Security
Key Achievements
Automated 95% of previously manual application processing
Reduced data entry errors from ~15% to <1% with validation
100% audit trail for all payment verifications
Generated 1,000+ PDF-ready receipts automatically with QR codes
Zero security incidents since launch with JWT + HTTPS
Mobile-friendly design increased application submissions by 40%
Admin workload reduced by 80%
API response time < 200ms average
Documented layered SPA โ edge โ application โ data model for dev + ops alignment
Modular monolith guidelines keep feature teams shipping without microservice overhead
Client Testimonial
โThe BrightLife platform transformed our membership management completely. What used to take our team 3+ hours of manual processing is now done automatically in minutes. The payment verification system with auto-receipts saved us countless hours and eliminated disputes. Highly recommended for any healthcare organization looking to modernize their membership management!โ
Mohammad Rahman
Operations Director, BrightLife Health Services
Interested in Something Similar?
I help businesses build robust backend systems, membership platforms, and automation tools.
.png)
.png)