Professional full-stack web application for managing a company's internal structure, reporting hierarchy, departments, and workforce directory. OrgFlow was built as a university assignment project for Theme 17: Corporate Organizational Chart / Company Structure Management System, with a portfolio-ready SaaS dashboard presentation and practical CRUD-driven architecture.
OrgFlow helps organizations model their internal structure in a clean and accessible way. It combines role-based access control, employee and department management, dashboard analytics, and a visual organizational chart into a modern responsive interface.
The project is designed to be:
- Student-project ready for assignment submission
- Easy to run locally with PostgreSQL
- Structured like a real-world full-stack product
- Presentable for GitHub portfolios and recruiter review
-
Login page screenshot
-
Dashboard overview screenshot
-
Employees management screenshot
-
Departments management screenshot
-
Organizational chart screenshot
-
- JWT-based authentication with login and registration
- Role-based access control with
AdminandViewerroles - Department CRUD with name, description, and location
- Department open positions tracking
- Employee CRUD with manager relationships and department assignment
- Organizational hierarchy with top-level employees and nested reporting lines
- Expand/collapse organizational chart view
- Dashboard metrics for workforce and departments
- CSV export for employees and departments
- Admin CSV import for employee bulk creation
- Manager visibility with direct report counts and subordinate lists
- Employee search by name, email, and job title
- Filters by department and employee status
- Protected frontend routes
- Responsive dark corporate dashboard UI
- Loading states, empty states, error handling, and toast notifications
- Seed command for demo data and quick local testing
- Django 5
- Django REST Framework
- Simple JWT
- PostgreSQL
psycopgpython-dotenv
- React 18
- TypeScript
- Vite
- Axios
- React Router
- React Hot Toast
- Lucide React
OrgFlow follows a decoupled client-server architecture:
- The Django backend exposes a REST API for authentication, departments, employees, dashboard metrics, and organizational hierarchy.
- PostgreSQL stores persistent business data including users, departments, employees, and reporting relationships.
- The React frontend consumes the API through Axios and manages routing, protected pages, forms, tables, filters, and tree rendering.
- JWT access and refresh tokens are used for stateless API authentication.
- A user logs in from the React client.
- The Django API issues JWT access and refresh tokens.
- Protected frontend pages send authenticated requests to the REST API.
- The backend enforces permissions based on user role.
- Data is rendered in tables, cards, profile views, and the organizational chart.
- Authentication and authorization
- REST API endpoints
- Business rules for departments and employees
- Role permissions
- Dashboard summary data
- Organizational tree data
- CSV import and export workflows
- Demo data seeding
- Authentication flow and token persistence
- Route protection
- Dashboard presentation
- CRUD forms and modal interactions
- Employee search and filtering
- Organizational chart rendering
- Responsive UI and user feedback states
The database is centered around three main entities:
User- Stores authentication details and role (
adminorviewer)
- Stores authentication details and role (
Department- Stores department metadata such as name, description, and location
Employee- Stores employee profile data and links to a department and optional manager
- One department can have many employees
- One employee belongs to one department
- One employee can have one manager
- One manager can supervise many employees
- One department can define a lightweight
open_positionscount for vacant roles
This manager relationship enables a recursive organizational tree structure for chart visualization.
OrgFlow uses JWT authentication with access and refresh tokens.
Admin- Created only through Django admin,
createsuperuser, or the demo seed command - Can create, update, and delete departments and employees
- Can access all read endpoints
- Created only through Django admin,
Viewer- Default role for all public registrations
- Can read data
- Cannot create, edit, or delete records
POST /api/auth/register/POST /api/auth/login/POST /api/auth/refresh/GET /api/auth/me/
- Public registration always creates a
vieweraccount - The register endpoint does not allow clients to choose
admin - Administrative users must be created through Django admin,
python manage.py createsuperuser, orpython manage.py seed_demo_data
The frontend is designed with a responsive dark corporate theme optimized for:
- Desktop dashboards
- Tablet layouts
- Mobile-friendly stacked content sections
The interface includes responsive navigation, adaptable grids, and components that remain usable across different screen sizes.
git clone <your-repository-url>
cd orgManagementcd backend
copy .env.example .env
python -m venv .venv
.venv\Scripts\activate
pip install -r requirements.txt
python manage.py makemigrations
python manage.py migrate
python manage.py seed_demo_data
python manage.py runserverBackend runs on:
http://127.0.0.1:8000/
API base URL:
http://127.0.0.1:8000/api/
Open a second terminal:
cd frontend
copy .env.example .env
npm install
npm run devFrontend runs on:
http://localhost:5173/
DEBUG=True
SECRET_KEY=change-me
ALLOWED_HOSTS=127.0.0.1,localhost
DB_NAME=org_management_db
DB_USER=org_user
DB_PASSWORD=1252
DB_HOST=localhost
DB_PORT=5432
CORS_ALLOWED_ORIGINS=http://localhost:5173VITE_API_BASE_URL=http://127.0.0.1:8000/apiPOST /api/auth/register/POST /api/auth/login/POST /api/auth/refresh/GET /api/auth/me/
GET /api/dashboard/
GET /api/org-chart/
GET /api/departments/POST /api/departments/GET /api/departments/export/GET /api/departments/{id}/PUT /api/departments/{id}/DELETE /api/departments/{id}/
GET /api/employees/POST /api/employees/GET /api/employees/export/POST /api/employees/import-csv/GET /api/employees/{id}/PUT /api/employees/{id}/DELETE /api/employees/{id}/
The employee list supports query parameters such as:
searchdepartmentstatus
Example:
/api/employees/?search=manager&department=2&status=active
- Employees can be exported from the Employees page using the
Export CSVbutton - Departments can be exported from the Departments page using the
Export CSVbutton - Employee export respects the currently selected search and filter values
- Admin users can bulk import employees from the Employees page using the
Import CSVbutton - The uploaded CSV must include these required columns:
first_namelast_nameemailjob_titledepartmenthire_date
- Optional columns:
phonemanager_emailstatusprofile_image_url
hire_datemust useYYYY-MM-DDdepartmentmust match an existing department namemanager_emailmust match an existing employee email if provided
Example employee import header:
first_name,last_name,email,phone,job_title,department,manager_email,hire_date,status,profile_image_urlVacant roles are tracked through the open_positions field on each department.
- Departments can define how many open roles currently exist
- The value appears on the Departments page
- The dashboard shows total open positions across the organization
- Department metrics show both employee count and open positions
After running:
python manage.py seed_demo_dataUse these accounts:
- Admin account
- Username:
admin - Password:
Admin12345!
- Username:
- Viewer account
- Username:
viewer - Password:
Viewer12345!
- Username:
orgManagement/
|-- backend/
| |-- apps/
| | |-- accounts/
| | `-- organization/
| |-- config/
| |-- manage.py
| |-- requirements.txt
| `-- .env.example
|-- frontend/
| |-- public/
| |-- src/
| | |-- api/
| | |-- app/
| | |-- components/
| | |-- features/
| | |-- pages/
| | `-- styles/
| |-- package.json
| `-- .env.example
`-- README.md
- Sensitive configuration is stored in environment variables
- JWT is used instead of session-based frontend authentication
- Protected routes prevent unauthorized frontend access
- Role-based permissions restrict write operations to admins
- CSV import validates required fields, department existence, duplicate emails, and manager references
- Passwords are stored using Django's secure hashing system
- No database credentials are hardcoded directly inside application logic
For production use, additional improvements would include:
- HTTPS-only deployment
- Rotating secrets and stronger environment separation
- Stricter CORS configuration
- Rate limiting for authentication endpoints
- Audit logging for administrative actions
- Drag-and-drop org chart editing
- Employee profile image upload support
- Pagination for large employee datasets
- Department-level analytics visualizations
- Export to PDF
- Activity logs and audit history
- Password reset workflow
- Unit and integration test coverage expansion
- Docker-based deployment workflow
- CI/CD pipeline integration
This project is provided for educational and portfolio purposes.
- Developed as a university assignment project
- Built with Django, Django REST Framework, PostgreSQL, React, TypeScript, and Vite
- UI direction inspired by modern corporate SaaS dashboard design patterns