I am building a Django app where there are several "user spaces" or "client domains". I was wondering how I could separate each clients from accessing other's data ? So far I have come up with several options :
- Distribute one project per client with their own database
- Keep one database and one django running (two options)
- a) Add some top level table with some ID to be referenced in each model. But then how do I restrict someone from impersonnating someone else's ID and access their data ?
- b) Build some Authorization layer on top of requests using a header or some query param to help discriminate which data the user can acces (but I don't really know how to do so)
What is the state of the art in the domain of multiple clients using a same Django app ? Are my solutions appropriate and if so, how do I implement them ?
I have seen few related posts / articles on internet so I'm resorting to ask here.
Thanks in advance !
