https://github.com/bmmunga/task-tracker-api

The repository task-tracker-api provides a RESTful API for managing tasks. It includes features such as creating, reading, updating, and deleting tasks, as well as user authn and authz with different user roles. It is built using FastAPI and supports JWT authentication, SQLAlchemy for DB interactions, and PostgreSQL for data storage.
https://github.com/bmmunga/task-tracker-api

alembic fastapi jwt oauth2 pydantic pytest restful-api swagger-ui

Last synced: 2 months ago
JSON representation

The repository task-tracker-api provides a RESTful API for managing tasks. It includes features such as creating, reading, updating, and deleting tasks, as well as user authn and authz with different user roles. It is built using FastAPI and supports JWT authentication, SQLAlchemy for DB interactions, and PostgreSQL for data storage.

• Host: GitHub
• URL: https://github.com/bmmunga/task-tracker-api
• Owner: bmmunga
• Created: 2024-10-28T13:48:40.000Z (7 months ago)
• Default Branch: main
• Last Pushed: 2025-03-22T09:26:45.000Z (2 months ago)
• Last Synced: 2025-03-22T09:27:35.276Z (2 months ago)
• Topics: alembic, fastapi, jwt, oauth2, pydantic, pytest, restful-api, swagger-ui
• Homepage:
• Size: 70.3 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Authors: AUTHORS

Awesome Lists containing this project

README

        
# Task Tracker API

## Overview

This API provides endpoints to manage to-do items, including creating, reading, updating, and deleting tasks. It also supports user authentication and authorization with different user roles (such as "admin") to control access to certain endpoints.

## Table of Contents

- [Features](#features)

- [Tech Stack](#tech-stack)

- [Getting Started](#getting-started)

  - [Prerequisites](#prerequisites)

  - [Installation](#installation)

- [API Endpoints](#api-endpoints)

  - [Authentication](#authentication)

  - [Admin Endpoints](#admin-endpoints-protected)

  - [Todos (User-Specific)](#todos-user-specific)

  - [User Profile](#user-profile)

- [Error Handling](#error-handling)

- [Security](#security)

## Features

- **User Authentication**: Token-based authentication to secure endpoints.

- **Admin Control**: Only users with admin roles can access certain admin endpoints.

- **CRUD Operations for Todos**: Create, read, update, and delete tasks.

- **User Management**: Endpoints for user registration, password changes, and updating phone numbers.

## Tech Stack

- **FastAPI**: Framework for building the API.

- **JWT Authentication**: For secure token-based authentication.

- **SQLAlchemy**: ORM for database interactions.

- **PostgreSQL**: Database for data storage.

- **Pydantic**: Data validation and settings management.

- **Pytest**: Testing framework.

## Getting Started

### Prerequisites

- Python 3.9+

- PostgreSQL

### Installation

1. **Clone the repository**:

   ```bash

   git clone https://github.com/bmmunga/task-tracker-api.git

   cd todos_api

   ```

2. **Install dependencies**:

   ```bash

   pip install -r requirements.txt

   ```

3. **Environment Setup**:

   - Create a `.env` file to set environment variables such as `SECRET_KEY`, `DATABASE_URL`, and `ALGORITHM`.

4. **Run Migrations**:

   - Initialise and migrate the database (e.g., using Alembic if configured).

5. **Run the Application**:

   ```bash

   uvicorn main:app --reload

   ```

## API Endpoints

### Authentication

- **Create a User**

  - `POST /auth/`

  - Registers a new user.

- **Login**

  - `POST /auth/token`

  - Logs in a user and returns a JWT token.

### Admin Endpoints (Protected)

- **Get All Todos**

  - `GET /admin/todo`

  - Returns all todos. Requires an admin role.

- **Delete a Todo by ID**

  - `DELETE /admin/todo/{todo_id}`

  - Deletes a todo item by ID. Requires an admin role.

### Todos (User-Specific)

- **Get All Todos for User**

  - `GET /todos/`

  - Returns all todos associated with the authenticated user.

- **Get Todo by ID**

  - `GET /todos/todo/{todo_id}`

  - Returns a specific todo item for the authenticated user.

- **Create a Todo**

  - `POST /todos/todo`

  - Creates a new todo item for the authenticated user.

- **Update a Todo by ID**

  - `PUT /todos/todo/{todo_id}`

  - Updates a todo item for the authenticated user.

- **Delete a Todo by ID**

  - `DELETE /todos/todo/{todo_id}`

  - Deletes a todo item for the authenticated user.

### User Profile

- **Get User Profile**

  - `GET /user/`

  - Retrieves the profile of the authenticated user.

- **Change Password**

  - `PUT /user/password`

  - Updates the user's password.

- **Update Phone Number**

  - `PUT /user/phonenumber/{phone_number}`

  - Updates the phone number of the authenticated user.

## Error Handling

- **401 Unauthorized**: Returned when a user fails authentication or lacks permission.

- **404 Not Found**: Returned when a resource is not found (e.g., a todo item).

- **500 Internal Server Error**: Returned when there’s a server-side error.

## Security

This API uses JWT tokens for authentication, with role-based access control for administrative routes.

## AUTHORS

Boniface Munga [LinkedIn](https://www.linkedin.com/in/bmunga-software-engineer/)