Stores REST API

A client team needed a way to manage inventory data without giving any application direct database access, and without re-implementing auth and role checks in every consumer.

Built a Flask + Flask-RESTful API with SQLAlchemy for persistence and Flask-JWT for auth. Authentication is enforced on every endpoint; certain routes are gated by role. The endpoint contract is small and obvious, which made integrating new consumers a matter of hours rather than days.

• ·JWT auth required on every endpoint
• ·Role-based access for write operations
• ·Full CRUD over the inventory model
• ·Small, intentional endpoint contract

Replaced direct database access with a well-defined HTTP boundary. Authorized clients can now read, create, update, and delete inventory records through a single contract, and the database surface area is no longer exposed to client code.