Base URLs
| Environment | URL |
|---|---|
| Production | https://task-forge-gbd6h8gtg8hchve9.chilecentral-01.azurewebsites.net |
| Local development | http://localhost:5000 |
/api/docs on either base URL.
Key features
- JWT authentication — Access tokens (1 hour) and refresh tokens (30 days) with database-backed revocation.
- Role-based access control —
adminanduserroles with per-endpoint permission enforcement. - Task CRUD — Create, read, update, and delete tasks with title, description, priority, status, and due date.
- Tag system — Organize tasks with custom tags that support hex color codes.
- Filtering and pagination — Filter by status, priority, user, tags, and date range. Server-side pagination with configurable page size and sort order.
- Data export — Export tasks to CSV or JSON via
GET /api/tasks/export. - Rate limiting — Request throttling on all endpoints via Flask-Limiter. Auth endpoints carry stricter per-route limits.
- CORS support — Configurable allowed origins for cross-origin requests.
- Interactive docs — Swagger UI powered by Flasgger, available at
/api/docs.
Technology stack
| Component | Library / Service | Version |
|---|---|---|
| Web framework | Flask | 3.1.2 |
| ORM | SQLAlchemy | 2.0.44 |
| JWT authentication | Flask-JWT-Extended | 4.7.1 |
| Rate limiting | Flask-Limiter | 4.0.0 |
| API documentation | Flasgger | 0.9.7.1 |
| CORS | Flask-CORS | 6.0.1 |
| WSGI server | Gunicorn | 21.2.0 |
| Production database | Azure SQL Database | — |
| Development database | SQLite | — |
| Testing | pytest | 9.0.1 |
| Test coverage | pytest-cov | 7.0.0 |
Where to go next
Quickstart
Run the API locally and make your first request in under 5 minutes.
Authentication
Learn how JWT access and refresh tokens work, and how to manage sessions.
API reference
Explore all endpoints interactively in the Swagger UI.