Moe Loubani
Contact
Back to projects
DealPortal
TypeScriptPrismaPostgreSQLAWS App RunnerDocuSignReact

DealPortal

Multi-Tenant Real Estate SaaS

Feb 2026

A multi-tenant real estate deal-management platform — led a live MongoDB → PostgreSQL + Prisma migration with row-level tenant isolation, while continuing to ship features on AWS App Runner.

Visit DealPortal

Overview

DealPortal is a multi-tenant SaaS for real estate deal management — buildings, units, floor plans, offers, DocuSign-signed documents, payment methods, and admin analytics — with subdomain-based tenant routing and a per-tenant PDF template designer.

The interesting story is the migration: the production stack was MongoDB + React 16, and the work documented here is the live cutover to PostgreSQL with Prisma and row-level security — without stopping feature development.

Technical Challenges

  • Live migration without downtime. Tenants are mid-deal every single day; a “stop the world” migration wasn’t an option.
  • Tenant isolation at the database level. Application-layer filtering is not enough for real estate financial records.
  • Sustained feature work during the migration. The business kept asking for admin analytics, onboarding flows, and per-building configuration regardless of what was happening underneath.
  • Idempotent deploys on AWS App Runner. Container cold-starts needed to safely re-run migrations.

Solution

  • Postgres + Prisma with Row-Level Security, accessed through withTenantRLS / withTenantTransaction helpers so tenant context is enforced at the session level, not in application code.
  • Idempotent deploy-time migrations — running on container startup, safe to re-run, with explicit prisma generate and one-off migration scripts for NSF, customers, unit/locker, floor-plan S3 paths, HIP commissions, and sales-status mappings.
  • Dual-stack backend — Node/Express/TypeScript talking to both Postgres (Prisma) and legacy MongoDB during cutover, with connect-redis sessions, Socket.IO, AWS SES + SSM Parameter Store, DocuSign (docusign-esign), HubSpot, and Google GenAI.
  • React + Redux-saga tenant frontend with role-based permissions, i18n (en/es), and DocuSign-integrated offer flows. 401 interceptor with automatic logout + toast on session expiry.
  • A dedicated PDF template designer (dealportal-editor) in React 18 + Redux + Ant Design 5 using @pdfme/generator, for authoring offer templates with DocuSign tag handling and field mapping.
  • Playwright E2E suite covering companies/buildings, floor plans, reports, sales flow, onboarding imports, and user management.

Key Features

  • Subdomain-based multi-tenant routing
  • Per-tenant PDF template design with DocuSign tags
  • Buildings / units / floor plans / sales transactions / offers
  • Role-based permissions, impersonation, password reset flows
  • Admin analytics dashboard with revenue and growth charts
  • Tenant-scoped S3 storage with “Bucket owner enforced” ACLs
  • Full Playwright E2E coverage of critical flows