Stack
- •Next.js 16 (App Router) with secure BFF
- •FastAPI + async PostgreSQL
- •S3 / R2 for photos and documents
- •Render / cloud with HTTPS and per-tenant subdomains
Technology
Modern stack, documented cloud deployment and architecture built for demanding IT teams.
BFF architecture
The browser never calls the FastAPI backend directly. Next.js acts as Backend-for-Frontend, opaquely forwarding JWT and reducing attack surface.
Security
- ✓JWT authentication with httpOnly cookies
- ✓RBAC: 13 roles, 35 permissions, branch scopes
- ✓Action traceability per VIN and user