The challenge
Renta Galicia manages rental properties in Galicia under two independent brands that share backend infrastructure but operate as separate businesses in the market. Both run on two different contract models — exploitation, where the company pays a fixed rent to the owner, and management, where it charges a commission on the property's income — and they needed a platform that reflected that logic without forcing the team to duplicate work across brands.
The brief was clear: one panel, two visible brands, three user types (admin, owner, tenant), and complete flows for property management, accounting, invoicing, recurring billing and support.
What we built
A multi-brand, multi-role panel that covers the full business operation:
- Brand detection by subdomain. The same codebase serves both brands with independent branding, colours, logos and invoice series. The admin can switch between brands with a selector in the top bar.
- Separate roles and portals. Owners see only their managed properties, their accounting and their settlements. Tenants see their contract, their payments and can save a card for automatic billing. Admins have cross-brand visibility.
- Full property management. Properties, rooms, owner contracts (exploitation or management), tenant contracts, a lead CRM for prospecting, collaborating agent registry and document uploads per owner.
- Real accounting. Income and expenses categorised by property, two invoice series (one for tenants, one for owners), PDF generation, bank statement import and reconciliation, and quarterly CSV export ready for the accountant.
- Recurring billing with Stripe. Card saved by the tenant, subscriptions, off-session manual charges and admin approval for bank transfers. A daily cron processes the day's payments and sends an email alert if anything fails.
- Automatic owner settlements. One click calculates income − expenses − commission, generates the corresponding invoice and records the payment to the owner.
- Integrated support. Incident tickets with image attachments, a badge in the menu for unanswered tickets, editable email templates and a full auditable activity feed.
- AI assistant. A side drawer with an assistant that can query and modify data — create invoices, mark payments, settle a month, delete entities — always with explicit admin confirmation for destructive actions. Token usage and estimated monthly cost are visible from Settings.
- Team support features. Light/dark/system mode synced across devices, user impersonation for support, two-factor authentication, a complete audit log, email templates for all system notifications and an internal help page.
Technical decisions
The stack is deliberately lean: PHP with PDO, MariaDB, nginx, Tailwind CDN and Alpine.js — no Laravel, no npm, no build step. Over 10,000 lines of PHP without a single heavy framework. That was a decision made with the client at the start, so any developer could open the project, read it and maintain it on their own VPS without external dependencies. Composer only for three strictly necessary libraries: dompdf for PDFs, stripe-php for the payment gateway and PHPMailer for SMTP.
Brand detection is resolved in the front controller by reading the HTTP host header. The router supports routes with the same path declared for different roles, which allows /incidencias to take a tenant to their portal and an admin to the back-office without duplicated code. Sessions cross subdomains via a shared session cookie domain, which is what allows an admin to impersonate a tenant and return to their own account in one click. Cloudflare in Flexible mode is handled from the start: the real IP and X-Forwarded-Proto are rewritten so cookies are marked secure and logs record the actual visitor IP, not the proxy's.
The AI layer uses function calling with 22 registered tools. Actions that modify data are blocked behind a confirmation flag: the assistant cannot execute anything without the admin explicitly saying yes, and deletions require double confirmation. Each call is logged in a usage table with tokens and estimated cost so the client always knows what they are spending.
Results
- Monthly invoices are issued automatically on the 1st, 5th or 10th depending on the contract, with card billing or email notification for bank transfers.
- Owner settlements go from a manual calculation with error risk to a single click that reconciles income, expenses and commission.
- The accountant receives a quarterly CSV with all transactions and tax IDs — no Excel required.
- Tenants open tickets from their portal with a photo; the admin sees a badge in the sidebar for any unanswered ones.
- The AI assistant handles queries like "who owes me money?" or "settle this month for a specific owner" in seconds.
Stack & Architecture
Backend PHP · no framework · modular architecture · MariaDB
Frontend Tailwind CDN · Alpine.js · no build step
Payments Stripe · subscriptions · daily cron · off-session charges · webhooks
AI Function calling · 22 tools · confirmation gates · token cost tracking
PDF dompdf
Email PHPMailer · own SMTP · editable template system
Security 2FA · audit log · user impersonation · cross-subdomain sessions
Infra nginx · Cloudflare · real IP rewriting · cron for daily billing
