Production-ready Employee Task Management System built with Flutter, FastAPI, MySQL, and a premium React admin dashboard.
NexTask is a full-stack employee task management platform designed to feel closer to a polished startup product than a typical internship assignment. It includes:
- a Flutter task management app for employees
- a FastAPI backend with JWT authentication and protected task APIs
- a MySQL production database
- a premium React admin dashboard for operational oversight
- live deployment on Render with a production database hosted on Railway MySQL
The project is structured for real-world handoff quality: clean API boundaries, consistent state management, documented deployment flow, and recruiter-friendly presentation.
- Backend API: https://nextask-api-0fol.onrender.com
- Swagger Docs: https://nextask-api-0fol.onrender.com/docs
- Admin Dashboard: https://nextask-api-0fol.onrender.com/admin/
- Health Check: https://nextask-api-0fol.onrender.com/health
- JWT-based authentication
- Register and login flows
- Secure token storage with
flutter_secure_storage - Auto-login from stored token
- Task listing for the logged-in employee
- Search tasks
- Filter by task status
- Pull-to-refresh
- Add task
- Edit task
- Delete task
- Task details view
- Material 3 UI with reusable widgets and polished interactions
- Admin-only login
- View all users
- View all tasks
- Update task status across the system
- Delete users
- Delete tasks
- Premium SaaS-style responsive UI
- KPI cards, toasts, skeletons, micro-interactions, and polished filtering UX
- FastAPI application with clear route/service separation
- SQLAlchemy models and session handling
- JWT token generation and verification
- Protected employee task routes
- Protected admin routes
- Search and status filtering
- Production
/healthendpoint with database connectivity validation
flowchart LR
A[Flutter Employee App] -->|JWT / REST| B[FastAPI API]
C[React Admin Dashboard] -->|JWT / REST| B
B --> D[(Railway MySQL)]
E[Render Web Service] --> B
| Layer | Technology |
|---|---|
| Frontend App | Flutter, Riverpod, Dio, go_router |
| Admin Dashboard | React, Vite, Framer Motion |
| Backend | FastAPI, SQLAlchemy, PyMySQL, python-jose, bcrypt |
| Database | MySQL |
| Production Hosting | Render |
| Production Database | Railway MySQL |
NexTask/
├── admin/ # React admin dashboard
├── backend/ # FastAPI backend
│ ├── app/
│ │ ├── models/
│ │ ├── routes/
│ │ ├── schemas/
│ │ ├── services/
│ │ └── utils/
│ ├── .env.example
│ ├── .env.render.example
│ └── requirements.txt
├── docs/
│ └── screenshots/
├── lib/ # Flutter app source
│ ├── core/
│ ├── models/
│ ├── providers/
│ ├── routes/
│ ├── screens/
│ ├── services/
│ └── widgets/
├── render.yaml
├── RENDER_DEPLOYMENT.md
└── README.md
- User registers with name, email, and password.
- Backend hashes the password using
bcrypt. - User logs in and receives a JWT access token.
- Flutter stores the token securely with
flutter_secure_storage. - Flutter restores the session on app startup by calling
/auth/me. - Protected employee routes use
Authorization: Bearer <token>. - Admin dashboard uses the same JWT flow and backend role checks through
is_admin.
- Admin-only route protection via backend authorization
- System-wide task visibility
- System-wide user visibility
- Task status updates without leaving the dashboard
- Delete actions for tasks and users
- Responsive premium UI optimized for live demos and recruiter reviews
Interactive docs are available at:
POST /auth/registerPOST /auth/loginGET /auth/me
GET /tasksPOST /tasksPUT /tasks/{task_id}DELETE /tasks/{task_id}
GET /admin-api/summaryGET /admin-api/usersDELETE /admin-api/users/{user_id}GET /admin-api/tasksPATCH /admin-api/tasks/{task_id}/statusDELETE /admin-api/tasks/{task_id}
- Hosted on Render
- URL: https://nextask-api-0fol.onrender.com
- Hosted on Railway MySQL
- Connected to the FastAPI service through
DATABASE_URL - Verified through the live
/healthendpoint
- Email:
[email protected] - Password:
Admin@12345
- Email:
[email protected] - Password:
Employee@12345
Notes:
- The employee demo account was created and verified against the live deployment.
- The employee account currently has seeded demo tasks for dashboard validation.
| Variable | Purpose |
|---|---|
DATABASE_URL |
Full SQLAlchemy connection string for MySQL. In production this points to Railway MySQL. |
SECRET_KEY |
Secret used to sign and verify JWT tokens. Must be long and random in production. |
ALGORITHM |
JWT signing algorithm, currently HS256. |
ACCESS_TOKEN_EXPIRE_MINUTES |
JWT validity period in minutes. Production guidance uses a longer value because the mobile app currently uses access tokens without refresh tokens. |
ADMIN_NAME |
Display name for the seeded admin account created during backend startup. |
ADMIN_EMAIL |
Email for the production admin user that the backend seeds or updates automatically. |
ADMIN_PASSWORD |
Password for the production admin user that the backend seeds or updates automatically. |
CORS_ORIGINS |
Comma-separated list of allowed frontend origins for browser requests. |
See:
backend/.env.example
See:
backend/.env.render.example
git clone https://github.com/Samanyu-dev/NexTask.git
cd NexTaskcd backend
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
cp .env.example .env
python3 -m uvicorn app.main:app --reload --host 127.0.0.1 --port 8000Backend URLs:
- API:
http://127.0.0.1:8000 - Swagger:
http://127.0.0.1:8000/docs - Admin Dashboard:
http://127.0.0.1:8000/admin/
flutter pub get
flutter runFor Android emulator:
flutter run --dart-define=API_BASE_URL=http://10.0.2.2:8000For iOS simulator:
flutter run --dart-define=API_BASE_URL=http://127.0.0.1:8000For the live deployed API:
flutter run --dart-define=API_BASE_URL=https://nextask-api-0fol.onrender.com- Push the repository to GitHub.
- Create the Render web service from this repository.
- Use the included
render.yaml. - Configure the required environment variables.
- Confirm the
/healthendpoint returns200. - Verify
/docsand/admin/after deployment.
Reference guide:
RENDER_DEPLOYMENT.md
- Create a new MySQL service in Railway.
- Copy the generated MySQL variables from Railway.
- Build
DATABASE_URLusing either the provided connection URL or these Railway values:MYSQLHOSTMYSQLPORTMYSQLDATABASEMYSQLUSERMYSQLPASSWORD
- Set the final Render
DATABASE_URLas:
mysql+pymysql://MYSQLUSER:MYSQLPASSWORD@MYSQLHOST:MYSQLPORT/MYSQLDATABASE
- Add that value to the Render environment settings.
- Redeploy the Render service and verify
/health.
If Railway provides a direct MySQL connection string such as MYSQL_URL, you can use it directly after converting it into SQLAlchemy-compatible format if needed.
Use the live Render backend URL when building the final release APK:
flutter clean
flutter pub get
flutter build apk --release --dart-define=API_BASE_URL=https://nextask-api-0fol.onrender.comFinal APK output path:
build/app/outputs/flutter-apk/app-release.apk
Verified in this final pass:
- Release APK built successfully against
https://nextask-api-0fol.onrender.com
Screenshots were intentionally omitted in this final repository pass by request.
Planned location when added later:
docs/screenshots/
- Login works
- Registration works
- JWT authentication works
- Employee task CRUD works
- Search works
- Status filtering works
- Admin dashboard loads
- Admin task status updates work
- Admin delete actions work
- Swagger docs are available
- Render backend is live
- Railway-backed database connectivity is healthy through
/health
- Backend root:
200 - Health endpoint:
200 - Swagger docs:
200 - Admin summary endpoint:
200 - Admin users endpoint:
200 - Admin tasks endpoint:
200 - Employee task create:
201 - Employee task update:
200 - Employee task delete:
200
- Deployed backend is live on Render
- Deployed admin dashboard is live
- Production database is connected
- Final APK generated locally with live backend URL
- Documentation is production-ready
- Screenshots added
- Swagger API docs are working
- Authentication is working
- Admin dashboard operations are working
Notes:
- The APK was built successfully in this final pass at
build/app/outputs/flutter-apk/app-release.apk. - The screenshots checklist item is intentionally left incomplete because screenshots were explicitly skipped in this pass.
Completed in this finalization pass:
- local
.envis ignored for public presentation - tracked local
backend/.envwas removed from git index so secrets are not published - unneeded local screenshot generation files were removed
- documentation structure was cleaned up
- production env templates are separated from local secrets
- public-facing README was rewritten for recruiter readability
- Refresh-token based session management
- Pagination for admin task and user lists
- Role-based permissions beyond a single admin flag
- Task attachments and comments
- Push notifications and reminder scheduling
- CI/CD pipeline for automated lint, test, and deploy checks
- Manual or scripted screenshot automation for portfolio presentation
This project is licensed under the MIT License.
See LICENSE.