English | 简体中文
TaskFlow is a full-stack internal task workflow system. This repository contains:
- a Go HTTP API with explicit task state transitions
- a React frontend under
web/ - Mongo-backed release, validation, and intranet rollout scripts
The current workflow is centered on a small-team delivery loop:
create -> assign -> start -> submit -> approve/reject -> close
- Password-based login, refresh-token rotation, password reset, account disable, and session revoke
- JWT auth for non-dev environments
- Health, readiness, liveness, metrics, structured logs, request IDs, and optional OTLP tracing
- Mongo migrations, soft delete with audit retention, rate limiting, and idempotency
- A browser UI for login, task list, task detail, task creation, and current-user profile
taskflow/
├── cmd/ # server and migration entrypoints
├── internal/
│ ├── bootstrap/ # app assembly
│ ├── config/ # environment config and strict production validation
│ ├── domain/ # aggregates, state machine, ports
│ ├── handler/ # HTTP handlers
│ ├── middleware/ # auth, logging, tracing, rate limit, idempotency
│ ├── repository/ # Mongo and memory adapters
│ ├── router/ # route wiring
│ └── service/ # task and identity use cases
├── web/ # React + Vite frontend
├── scripts/ # smoke tests, rollout helpers, audits
├── deploy/ # local observability config
├── reports/ # release, security, and performance notes
└── docs/ # project notes and local planning space
Requirements:
- Go
1.25.11
Run the API in dev mode with the in-memory repository:
go test ./...
DEV_MODE=true \
TASK_REPOSITORY_DRIVER=memory \
JWT_SECRET=change-me-change-me-change-me-123 \
go run ./cmd/serverDev mode seeds these users:
u_test_001/creator-pass-123u_test_002/assignee-pass-123u_agent_001/agent-pass-123
POST /users is available in dev mode unless ALLOW_PUBLIC_REGISTER is overridden.
Requirements:
- Node
22
Start the API first, then run the Vite app:
cd web
npm ci
VITE_API_PROXY_TARGET=http://localhost:8080 npm run devOpen http://127.0.0.1:5173.
Useful frontend commands:
cd web
npm run lint
npm run test
npm run build
npm run previewThe frontend uses /api by default and the Vite dev server proxies that path to VITE_API_PROXY_TARGET or http://localhost:8080.
Bring up the backend stack with Mongo and bootstrap data:
docker compose up -d --build
bash scripts/compose_smoke.shIf you also want the packaged same-origin web entry:
docker compose --profile full up -d --build web
bash scripts/nginx_smoke.shPublic routes:
POST /auth/loginPOST /auth/refreshPOST /auth/password-reset/requestPOST /auth/password-reset/confirmPOST /userswhen public registration is enabled
Authenticated routes:
GET /meGET /usersPOST /users/:id/disablePOST /users/:id/revoke-sessionsPOST /tasksGET /tasksGET /tasks/:idPATCH /tasks/:idDELETE /tasks/:idPOST /tasks/:id/{assign,start,submit,reject,approve,close,cancel,reactivate}GET /tasks/:id/recordsGET /tasks/:id/audit_logs
System routes:
GET /healthGET /livezGET /readyzGET /metrics
Backend:
go test ./...Frontend:
cd web
npm ci
npm run lint
npm run test
npm run buildRepo-level smoke and release helpers:
bash scripts/compose_smoke.shbash scripts/web_build_smoke.shbash scripts/web_acceptance_smoke.shbash scripts/nginx_smoke.shbash scripts/monitoring_smoke.shbash scripts/intranet_acceptance.shbash scripts/security_audit.sh
GitHub Actions runs both frontend and backend checks in .github/workflows/ci.yml.
- Deployment baseline:
DEPLOYMENT.md - Mongo migration discipline:
MIGRATIONS.md - Intranet release checklist:
INTRANET_RELEASE_CHECKLIST.md - First deployment runbook:
INTRANET_RUNBOOK.md - Day-2 operations:
INTRANET_OPS.md - Acceptance and smoke scripts:
ACCEPTANCE_TESTING.md
- Production deployments should use
DEV_MODE=false,STRICT_PRODUCTION_CONFIG=true, andTASK_REPOSITORY_DRIVER=mongo. - Strict production validation also requires
PASSWORD_RESET_WEBHOOK_URLso password reset tokens have a delivery path outsideDEV_MODE. - Mongo transaction-backed flows require a replica set member or
mongos, not a standalone Mongo server. - The packaged frontend and API can be served together through the compose
fullprofile.