TimeTrack is a comprehensive web-based time tracking application built with Flask that provides enterprise-level time management capabilities for teams and organizations. The application features multi-tenancy support, role-based access control, project management, team collaboration, billing/invoicing, and secure authentication with 2FA and password reset functionality. It includes a Progressive Web App (PWA) interface with mobile-optimized features.
- Real-time Time Tracking: Clock in/out with live timer functionality
- Project Time Logging: Track time spent on specific projects with project codes
- Break Management: Configurable mandatory and additional break tracking
- Time Entry Management: Edit, delete, and view time entries with complete history
- Automatic Calculations: Duration calculations for work hours and breaks
- Two-Factor Authentication (2FA): TOTP-based authentication with QR codes
- Password Reset: Secure email-based password recovery (1-hour token expiry)
- Role-Based Access Control: System Admin, Admin, Supervisor, Team Leader, and Team Member roles
- Multi-Tenancy: Complete data isolation between companies
- User Administration: Create, edit, block/unblock users with email verification
- Profile Management: Update email, password, avatar, and personal settings
- Company Invitations: Invite users to join your company via email
- Team Management: Create teams, assign members, and track team hours
- Project Management: Create projects with codes, categories, billing types (hourly/daily/fixed)
- Sprint Management: Agile sprint planning and tracking
- Task Management: Create and manage tasks with subtasks and dependencies
- Notes System: Create, organize, and share notes with folder structure
- Team Hours Tracking: View team member working hours with date filtering
- Project Assignment: Flexible project-team assignments and access control
- Multiple Export Formats: CSV, Excel, and PDF export capabilities
- Individual Time Export: Personal time entries with date range selection
- Team Hours Export: Export team member hours with filtering options
- Invoice Generation: Create and export invoices with tax configurations
- Analytics Dashboard: Visual analytics with charts and statistics
- Quick Export Options: Today, week, month, or all-time data exports
- Company Management: Multi-company support with separate settings
- Admin Dashboard: System overview with user, team, and activity statistics
- System Settings: Configure registration, email verification, tracking scripts
- Work Configuration: Set work hours, break rules, and rounding preferences
- Tax Configuration: Country-specific tax rates for invoicing
- Branding: Custom logos, colors, and application naming
- User Administration: Complete user lifecycle management
- Team & Project Administration: Full CRUD operations for teams and projects
- System Admin Tools: Multi-company oversight and system health monitoring
- Backend: Flask 2.0.1 with SQLAlchemy ORM
- Database: PostgreSQL (production)
- Migrations: Flask-Migrate (Alembic-based) with custom helpers
- Authentication: Session-based with 2FA and password reset via Flask-Mail
- Frontend: Server-side Jinja2 templates with vanilla JavaScript
- Mobile: Progressive Web App (PWA) with mobile-optimized UI
- Export: Pandas for CSV/Excel, ReportLab for PDF generation
- Containerization: Docker and Docker Compose for easy deployment
- Dependencies: See requirements.txt for complete dependency list
- Python 3.9+
- PostgreSQL 15+ (for production)
- Docker & Docker Compose (recommended)
# Clone the repository
git clone https://github.com/nullmedium/TimeTrack.git
cd TimeTrack
# Copy and configure environment variables
cp .env.example .env
# Edit .env with your settings
# Start the application
docker-compose up -d
# Access at http://localhost:5000# Create virtual environment
python -m venv .venv
source .venv/bin/activate # On Windows: .venv\Scripts\activate
# Install dependencies
pip install -r requirements.txt
# Set environment variables
export DATABASE_URL="postgresql://user:pass@localhost/timetrack"
export SECRET_KEY="your-secret-key"
export MAIL_SERVER="smtp.example.com"
# ... other environment variables
# Run migrations
python create_migration.py "Initial setup"
python apply_migration.py
# Run the application
python app.py- Start the Application: The database is automatically created and initialized on first startup
- Admin Account: An initial admin user is created automatically with username
adminand passwordadmin - Change Default Password: IMPORTANT: Change the default admin password immediately after first login
- System Configuration: Access Admin Dashboard to configure system settings
- Team Setup: Create teams and assign team leaders
- Project Creation: Set up projects with codes and team assignments
- User Management: Add users and assign appropriate roles
Flask-Migrate System: The application uses Flask-Migrate (Alembic-based) for database version control.
# Create a new migration
python create_migration.py "Description of changes"
# Apply migrations
python apply_migration.py
# Check migration status
python check_migration_state.py
# For Docker environments
docker exec timetrack-timetrack-1 python create_migration.py "Description"
docker exec timetrack-timetrack-1 python apply_migration.pyThe migration system handles:
- Automatic schema updates on container startup
- PostgreSQL-specific features (enums, constraints)
- Safe rollback capabilities
- Multi-tenancy data isolation
- Preservation of existing data during schema changes
# Database
DATABASE_URL=postgresql://user:password@host:5432/dbname
# Flask
SECRET_KEY=your-secret-key-here
FLASK_ENV=development # or production
# Email (required for invitations and password reset)
MAIL_SERVER=smtp.example.com
MAIL_PORT=587
MAIL_USE_TLS=true
MAIL_USERNAME=your-email@example.com
MAIL_PASSWORD=your-password
# Optional
FORCE_HTTPS=true # Force HTTPS in production
TRUST_PROXY_HEADERS=true # When behind reverse proxy- Company Settings: Work hours, break requirements, time rounding
- User Preferences: Date/time formats, timezone, UI preferences
- System Settings: Registration, email verification, tracking scripts
- Branding: Custom logos, colors, and naming
- Register/Login: Create account or log in with existing credentials
- Setup 2FA: Optionally enable two-factor authentication for enhanced security
- Clock In/Out: Use the timer interface to track work hours
- Manage Breaks: Record and track break periods
- View History: Access complete time entry history with filtering
- Export Data: Download time entries in CSV or Excel format
- Manage Team Members: View team member status and activity
- Track Team Hours: Monitor team working hours with date filtering
- Export Team Data: Generate team hour reports
- User Management: Create, edit, and manage user accounts
- Team Administration: Create teams and assign members
- Project Management: Set up projects and assign to teams
- System Configuration: Configure global settings and permissions
- Analytics: View system-wide statistics and activity
- Two-Factor Authentication: TOTP-based 2FA with QR code setup
- Password Reset: Secure email-based recovery with time-limited tokens
- Role-Based Access Control: Five distinct user roles with granular permissions
- Multi-Tenancy: Complete data isolation between companies
- Session Management: Secure sessions with configurable lifetime
- Email Verification: Optional email verification for new accounts
- Password Strength: Enforced password complexity requirements
- Security Headers: HSTS, CSP, X-Frame-Options, and more
- Input Validation: Comprehensive server-side validation
- CSRF Protection: Built-in Flask CSRF protection
- Progressive Web App: Install TimeTrack as an app on mobile devices
- Mobile Navigation: Bottom navigation bar and hamburger menu
- Touch Optimization: 44px minimum touch targets throughout
- Responsive Tables: Automatic card view on small screens
- Mobile Gestures: Swipe navigation and pull-to-refresh
- Date/Time Pickers: Mobile-friendly pickers respecting user preferences
- Offline Support: Basic offline functionality with service workers
- Performance: Lazy loading and optimized for mobile networks
TimeTrack/
├── app.py # Main Flask application
├── models/ # Database models organized by domain
│ ├── user.py # User, Role, UserPreferences
│ ├── company.py # Company, CompanySettings
│ ├── project.py # Project, ProjectCategory
│ ├── time_entry.py # TimeEntry model
│ └── ... # Other domain models
├── routes/ # Blueprint-based route handlers
│ ├── auth.py # Authentication routes
│ ├── projects.py # Project management
│ ├── teams.py # Team management
│ └── ... # Other route modules
├── templates/ # Jinja2 templates
├── static/ # CSS, JS, images
│ ├── css/ # Stylesheets including mobile
│ ├── js/ # JavaScript including PWA support
│ └── manifest.json # PWA manifest
├── migrations/ # Flask-Migrate/Alembic migrations
├── docker-compose.yml # Docker configuration
└── requirements.txt # Python dependencies
Key application routes organized by function:
/- Home dashboard/login,/logout,/register- Authentication/forgot_password,/reset_password/<token>- Password recovery/time-tracking- Main time tracking interface/projects/*- Project management/teams/*- Team management/tasks/*- Task and sprint management/notes/*- Notes system/invoices/*- Billing and invoicing/export/*- Data export functionality/admin/*- Administrative functions/system-admin/*- System administration (multi-company)
# Clone and configure
git clone https://github.com/nullmedium/TimeTrack.git
cd TimeTrack
cp .env.example .env
# Edit .env with production values
# Build and start
docker-compose -f docker-compose.yml up -d
# View logs
docker-compose logs -f
# Backup database
docker exec timetrack-db-1 pg_dump -U timetrack timetrack > backup.sqlserver {
listen 80;
server_name timetrack.example.com;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}-
Migration Errors
- Check current state:
python check_migration_state.py - View migration history:
flask db history - Fix revision conflicts in alembic_version table
- Check current state:
-
Docker Issues
- Container not starting:
docker logs timetrack-timetrack-1 - Database connection: Ensure PostgreSQL is healthy
- Permission errors: Check volume permissions
- Container not starting:
-
Email Not Sending
- Verify MAIL_* environment variables
- Check firewall rules for SMTP port
- Enable "less secure apps" if using Gmail
-
2FA Issues
- Ensure system time is synchronized
- QR code not scanning: Check for firewall blocking images
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow PEP 8 for Python code
- Write tests for new features
- Update documentation as needed
- Ensure migrations are reversible
- Test on both PostgreSQL and SQLite
This project is licensed under the MIT License - see the LICENSE file for details.
- Flask community for the excellent framework
- Contributors and testers
- Open source projects that made this possible
