DEV Community

sneh1117
sneh1117

Posted on

🧢 I Built a Production-Ready Blogging Platform with Django, DRF & Supabase

#django #python #webdev #backend

I wanted to go beyond a basic CRUD app.

So I built StitchTales β€” a full-stack blogging platform designed for creators to publish tutorials and stories, complete with authentication, REST APIs, image storage, and production deployment.

πŸ”— Live: https://stitchtales.up.railway.app
πŸ”— GitHub: https://github.com/sneh1117/stitchtales

πŸ— Tech Stack

  • Django 5.2
  • Django REST Framework
  • PostgreSQL (Railway)
  • Supabase Storage (custom backend)
  • HTMX
  • Whitenoise
  • Token + session authentication

✨ What It Supports

  • Full blog CRUD with draft β†’ publish workflow
  • Slug-based URLs + SEO fields
  • Categories, tags, view tracking
  • Comment moderation + like system (HTMX)
  • Profile system with avatars + social links
  • Public REST API with permission control
  • Production-ready deployment on Railway

πŸ”Œ API Design 

GET    /api/posts/
GET    /api/posts/<slug>/
POST   /api/posts/
PUT    /api/posts/<slug>/
DELETE /api/posts/<slug>/
POST   /api/auth/token/
Enter fullscreen mode Exit fullscreen mode

Design decisions:

  • Public read access
  • Authenticated write access
  • Author-only updates/deletes
  • Slug-based lookups instead of IDs
  • Pagination enabled

πŸ–Ό Why Supabase Instead of S3?

Instead of AWS, I built a custom Django storage backend for Supabase.

This required:

  • Understanding Django’s storage API
  • Handling server-side uploads securely
  • Generating public CDN URLs
  • Structuring bucket organization cleanly

It kept the stack simple while still being production-capable.

⚑ Why HTMX Instead of React?

I intentionally avoided a heavy frontend framework.

HTMX gave me:

  • Dynamic likes without reload
  • Cleaner backend focus
  • Simpler architecture
  • Faster development

Right tool for the project size.

🧠 Production Considerations

  • Environment-based configuration
  • SQLite locally, PostgreSQL in production
  • CSRF + trusted origins configured
  • DEBUG=False in production
  • Whitenoise for static files
  • Sitemap + robots.txt for SEO

I treated it like a real deployment β€” not just a localhost demo.

πŸš€ What I’d Add Next

  • Automated tests
  • CI/CD pipeline
  • Redis caching
  • Rate limiting
  • Social auth
  • Structured logging

🎯 Why This Project Matters

This wasn’t about crochet.

It was about demonstrating:

  • Clean backend architecture
  • Thoughtful API design
  • External storage integration
  • Production deployment awareness
  • Full-stack decision-making

If you're hiring for a backend or full-stack role, I’d love feedback.

β€” Sneha

Top comments (0)