Skip to content

romainsantoli-web/taskflow-pro

BranchesTags

Repository files navigation

TaskFlow Pro

Professional SaaS project management platform — Kanban boards, analytics & team collaboration.

⚠️ AI-generated content — human validation required before production use.

Features

  • Authentication — JWT + API keys with bcrypt hashing (12 rounds)
  • Projects — CRUD, team invites, color coding, activity logs
  • Tasks — Kanban board (5 columns), bulk moves, priorities, due dates, tags
  • Dashboard — Real-time analytics: velocity, pipeline, overdue alerts
  • Security — Helmet, CORS, rate limiting, RBAC (admin/member)
  • Frontend — React 18 + TailwindCSS with dark mode, glassmorphism design

Tech Stack

Layer Technology
Backend Express 4.21 + TypeScript 5.6 (ESM, strict)
Database SQLite (better-sqlite3) — WAL mode, 6 tables
Auth bcryptjs 2.4 + jsonwebtoken 9.0 + SHA-256 API keys
Validation Zod 3.23 (10+ schemas with type inference)
Frontend React 18.3 + Vite 5.4 + TailwindCSS 3.4
Testing Vitest 2.1 (unit) + curl E2E
CI/CD GitHub Actions (Node 18/20/22 matrix)
Container Docker multi-stage (alpine)

Quick Start

# Install dependencies
npm install
cd frontend && npm install && cd ..

# Seed demo data (3 users, 4 projects, ~35 tasks)
npm run db:seed

# Start development server
npm run dev
# → http://localhost:3000

Demo Accounts

Email Password Role
marie@taskflow.pro Admin1234 admin
thomas@taskflow.pro Dev12345 member
sophie@taskflow.pro Design12 member

API Reference

Base URL: http://localhost:3000/api

Auth

Method Endpoint Auth Description
POST /auth/register Create account
POST /auth/login Get JWT token
GET /auth/me Bearer Current user profile
PATCH /auth/me Bearer Update profile
GET /auth/api-keys Bearer List API keys
POST /auth/api-keys Bearer Generate API key
DELETE /auth/api-keys/:id Bearer Revoke API key

Projects

Method Endpoint Auth Description
GET /projects Bearer List user's projects
POST /projects Bearer Create project
GET /projects/:id Bearer Get project details
PATCH /projects/:id Bearer Update project
DELETE /projects/:id Bearer Delete project
POST /projects/:id/members Bearer Invite member

Tasks

Method Endpoint Auth Description
GET /tasks Bearer List tasks (with filters)
POST /tasks Bearer Create task
GET /tasks/:id Bearer Get task details
PATCH /tasks/:id Bearer Update task
DELETE /tasks/:id Bearer Delete task
POST /tasks/bulk-move Bearer Kanban bulk move

Task filters: ?status=todo&priority=high&project_id=xxx&assignee_id=xxx&search=text&page=1&limit=20

Analytics

Method Endpoint Auth Description
GET /analytics/dashboard Bearer Global dashboard
GET /analytics/projects/:id Bearer Project analytics

Auth Modes

# JWT Bearer token
curl -H "Authorization: Bearer <token>" http://localhost:3000/api/projects

# API Key
curl -H "Authorization: ApiKey tfp_abc123..." http://localhost:3000/api/projects

Docker

# Build & run
docker compose up -d

# Check health
curl http://localhost:3000/api/health

The Docker image uses a multi-stage build (builder → production) with Node 20 Alpine. SQLite data is persisted in a named volume taskflow-data.

Testing

# Unit tests (Vitest)
npm test

# TypeScript check
npx tsc --noEmit

# Build
npm run build

Project Structure

src/
├── server.ts              # Express entry point
├── middleware/
│   ├── auth.ts            # JWT/API key authentication + RBAC
│   └── validate.ts        # Zod validation middleware
├── models/
│   └── schemas.ts         # Zod schemas (10+)
├── routes/
│   ├── auth.ts            # /api/auth/*
│   ├── projects.ts        # /api/projects/*
│   ├── tasks.ts           # /api/tasks/*
│   └── analytics.ts       # /api/analytics/*
├── services/
│   ├── auth.ts            # Password, JWT, API key utilities
│   └── database.ts        # SQLite with lazy Proxy init
└── utils/
    └── seed.ts            # Demo data seeder

frontend/
├── src/
│   ├── App.tsx            # Router configuration
│   ├── hooks/useAuth.tsx  # Auth context & token management
│   ├── utils/api.ts       # Typed API client
│   ├── components/
│   │   └── Layout.tsx     # Sidebar navigation
│   └── pages/
│       ├── LoginPage.tsx
│       ├── RegisterPage.tsx
│       ├── DashboardPage.tsx
│       ├── ProjectsPage.tsx
│       └── TasksPage.tsx  # Kanban board

Database Schema

6 tables: users, projects, project_members, tasks, api_keys, activity_log

Key features: WAL mode, foreign keys, indexes on all lookup columns, UUID primary keys.

Security

  • Passwords: bcrypt with 12 salt rounds
  • Tokens: JWT (HS256) with 7-day expiry
  • API keys: SHA-256 hashed, tfp_ prefix
  • Headers: Helmet (CSP, HSTS, X-Frame)
  • Rate limiting: 100 req/15min (general), 20 req/15min (auth)
  • RBAC: admin/member roles with middleware enforcement

License

MIT

About

TaskFlow Pro — Professional SaaS project management platform built with Firm CEO orchestration

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages