At Studio, we rely on a well-established web development tech stack to guide our client engagements and our internal labs development, unless specific project requirements demand otherwise. Our focus is on rapid prototyping of Minimum Viable Products (MVPs), while ensuring the potential for seamless scalability. That speed to setup and growth potential is why we have adopted a Python and Django-centric approach for our backend development.
Languages
Python stands as our language of choice due to its dynamic typing system and high-level abstractions - an ideal choice as part of a web tech stack for swift development cycles while still providing some safety features. With recent advancements in implementations (We use the classic CPython), Python's performance is more than sufficient for projects of any size.
Frameworks
To develop our backend APIs, we rely on the powerful combination of Django and Django Rest Framework (DRF). Leveraging Django's Object-Relational Mapping (ORM) yields numerous benefits, especially when it comes to rapid prototyping and MVP development. The ORM abstracts away SQL queries, facilitating developers from diverse backgrounds to work with objects effortlessly. Although there may be a slight performance tradeoff for using these frameworks in a tech stack for web development, the advantages far outweigh it.
DRF complements Django by providing essential features for API-only projects, such as authentication policies and serialization on top of ORM objects, streamlining API development.
Storage
Databases
Across all our projects, we rely on PostgreSQL as our database of choice and primary tool in our web development tech stack. Given that many of our products deal with geographic data, we frequently employ the PostGIS extension on top of PostgreSQL, enhancing spatial querying capabilities.
Caching
For our standard caching layer, we rely on Redis. With recent versions of Django, a Redis driver comes integrated, allowing for easy and efficient caching. Our primary use of caching involves objects that are read-mostly in our database, are frequently requested, and/or are computationally expensive on the SQL server.
Searching
To address complex search requirements over database objects, we utilize ElasticSearch in our web tech stack. By leveraging django-elasticsearch-dsl, we maintain an ORM-style approach to ElasticSearch integration, making it seamless and user-friendly.
Cloud
As our primary cloud service provider, we rely on AWS (Amazon Web Services). Our typical setup involves using EC2 instances to run our APIs, and when the project necessitates, we opt for ECS (Elastic Container Service) for scaling purposes. Additionally, our PostgreSQL servers run on RDS (Relational Database Service) instances, ensuring robust database management.
Deployment
Ensuring a smooth and automated deployment process is essential for efficient project management. As such, our web development tech stack employs CircleCI as our primary CI/CD service, enabling automated deployment through Ansible upon any commits to relevant branches, including main, dev, and prod.
Security
Ensuring robust security measures is a top priority at Studio to safeguard sensitive data and user information within our applications. To achieve this, we rely on the Python-Knox library, which plays a central role in our authentication process.
Python-Knox
Python-Knox is a key tool in our tech stack for web development because it offers a highly effective token-based authentication solution for our APIs. When users successfully log in, they receive unique tokens that they must include in subsequent API requests to access protected resources. This eliminates the need to send sensitive credentials with every request, reducing the risk of potential security breaches.
Input validation
We prioritize input validation to safeguard against security vulnerabilities like SQL injection and cross-site scripting (XSS) attacks. Leveraging Django's powerful serialization capabilities, we enforce strict rules and constraints on incoming data through serializers, ensuring that only clean and permissible data is processed within our applications. This proactive approach strengthens the security of our software and protects our users from potential exploits.
If you’re architecting the web tech stack that will power your product, reach out. Our team at Studio can help guide these foundational decisions with speed and scalability in mind.