I’m expanding my in-house clinical-trial project management platform and need a Django expert to harden and extend the backend. The current codebase already exposes a few endpoints but it lacks the depth and security required for production use. Your task is to design and implement REST APIs in Django + Django REST Framework that feel fast, predictable, and secure, then wire those APIs into the existing React interface so users can manage studies, sites, subjects, and documents without friction. Key deliverables • Robust authentication and authorization, preferably JWT-based, with refresh token support • Fine-grained role-based access control that ① limits access to sensitive features, ② grants distinct permissions by user role (e.g., CRA, data manager, sponsor), and ③ logs every change for full auditability • Custom endpoints and serializers for study setup, milestone tracking, document versioning, and real-time status dashboards • Centralised validation plus clear, consistent error messages so client apps can fail gracefully • Automated tests that cover happy paths and edge cases, wired into CI Acceptance criteria • All endpoints return <200 ms in local perf tests with 10k records • Permissions matrix passes unit tests across every role/action combination • Audit log entries appear in the admin panel within one second of any change • OpenAPI/Swagger docs generate without warnings and match implementation Tech stack keywords (for visibility): Django 3.x/4.x, DRF, PostgreSQL, Redis, Celery, GitHub Actions, Docker. Code must land via pull requests so I can review incrementally, and I’ll be available on Slack for quick feedback. Once these pieces are solid, we’ll move on to reporting and analytics modules, so clean, well-documented code is essential.