A high-performance, production-ready backend for a ToDo application built with FastAPI.
This project follows modern Python best practices, includes JWT-based authentication, role-based authorization, and supports versioned database migrations using Alembic. Unit tests ensure endpoint reliability and correctness.
-
Authentication & Authorization
- Login with JWT access & refresh tokens
- Role-based access control (via
rolefield in user model)
-
User Management
- Secure user registration with hashed passwords
- Support for multiple user roles with customized data access
-
TODO CRUD
- Create, read, update, and delete TODO items
- TODOs linked to specific user accounts
-
Testing
- Comprehensive unit tests for all routes using pytest
- Covers both success and failure cases
-
Database
- SQLAlchemy ORM
- Alembic for database migrations (version upgrades & downgrades)
-
Production Standards
- Dependency injection using
Depends - Modular routing
- Environment variable support via
.env - Clean directory structure
- Dependency injection using
-
Users login with username & password
-
Receive:
- access_token (short-lived)
- refresh_token (long-lived)
-
Access protected routes using Bearer token
-
Roles determine what data users can access
- FastAPI
- SQLAlchemy
- Alembic
- PostgreSQL / SQLite
- JWT (via python-jose)
- Passlib (password hashing)
- Pytest
- Jinja2 (for optional HTML pages)
MIT License