Back to Projects
AI/SaaSPrivate

Sellavie.ai — AI Social Sales Agent

Multi-tenant FastAPI backend that automates Instagram, Facebook, and WhatsApp conversations and connects them to order, invoice, and payment workflows.

Python 3.11FastAPISQLite (runtime)React 18 + ViteMeta Graph APIsOpenAI / Anthropic / GroqPaystack / Flutterwave / StripeNginxJWT + refresh rotation + TOTP 2FAFernet encryption
Live siteTechnical case study
This project is private because it is an actively deployed commercial SaaS platform.

Tenancy

business_id isolation

Rate limit

100 req/min per IP

Auth

60m access / 30d refresh

Payload caps

2MB default, 10MB uploads

Project Overview

Sellavie.ai is a backend-first AI social sales platform. The system maps each inbound social event to the correct tenant, generates context-aware responses, and executes order/invoice/payment actions with verified webhooks and controlled side effects.

Challenge

Businesses lose revenue when social DMs are answered late, handoffs are inconsistent, and order/payment follow-through is handled manually across channels.

Solution

Built a multi-tenant backend that ingests webhooks, resolves tenant context, generates AI replies with provider failover, and executes commerce actions (orders, invoices, payment status updates) using server-side action parsing.

Results

Deployed a live system used by real businesses with webhook-based messaging, multi-provider AI orchestration, payment callback reconciliation, and analytics endpoints for conversation and transaction monitoring.

Architecture

  • FastAPI monolith handles auth, tenant management, webhook ingestion, AI orchestration, and commerce APIs.
  • Tenant isolation is enforced with business-scoped records (`business_id`) and owner/team access checks.
  • Meta webhooks are signature-verified, dispatched by platform type, and mapped to tenant integration IDs.
  • AI provider chain runs preferred-first failover (OpenAI -> Anthropic/Groq) with safe fallback replies.
  • Internal action tags drive server-side side effects for handoff, checkout, invoice, and payment states.
  • React SPA is served behind Nginx, which proxies `/api` to FastAPI.

Key Engineering Highlights

  • Designed owner + team-member tenant access model with JWT access/refresh rotation and optional TOTP 2FA.
  • Built webhook ingestion for Instagram, Facebook, and WhatsApp with deterministic tenant routing from integration IDs.
  • Implemented state-machine-style AI routing by parsing internal control tags and separating text from actions.
  • Added background task execution for notification and invoice side work using async tasks and worker threads.
  • Built payment and transaction synchronization via verified webhooks across Paystack, Flutterwave, and Stripe.
  • Added reliability controls: duplicate order guardrails, provider failover, payload caps, and defensive error handling.

Security & Privacy

  • HMAC webhook verification for Meta and payment providers before processing side effects.
  • Bcrypt password hashing, signed JWT access/refresh tokens, refresh-token rotation, and optional TOTP 2FA.
  • Fernet encryption plus response masking for sensitive payment configuration fields.
  • Request hardening with rate limits, scanner path blocking, and payload size limits.
  • Audit-oriented activity logs and generic client error responses to reduce data leakage.
  • Consent withdrawal, data export, account deletion, and Meta deauthorize/data-deletion callback endpoints.
Sellavie.ai — Multi-tenant AI Sales Agent (FastAPI) | Nasir Nasir-Ameen