diff --git a/README.md b/README.md
index 1055951..0f69a1f 100644
--- a/README.md
+++ b/README.md
@@ -20,13 +20,13 @@
 </p>
 
 ## Key Features:
-- **Task Management**: Create, assign, and track tasks with due dates, priorities, and progress statuses.
-- **Kanban Board**: Visualize and manage tasks across different stages (To Do, In Progress, Done).
-- **Project Organization**: Organize tasks within specific projects for better clarity and tracking.
-- **User Roles**: Assign roles (Admin/User) with different access permissions.
-- **Comments and Collaboration**: Leave comments on tasks for better communication between team members.
-- **Activity Log**: Track task updates and project changes in real time.
-- **Visualization**: Easily create charts (E.g. burndown chart) to visualize your project.
+- [x] **Task Management**: Create, assign, and track tasks with due dates, priorities, and progress statuses.
+- [x] **Kanban Board**: Visualize and manage tasks across different stages (To Do, In Progress, Done).
+- [x] **Project Organization**: Organize tasks within specific projects for better clarity and tracking.
+- [x] **User Roles**: Assign roles (Admin/User) with different access permissions.
+- [x] **Comments and Collaboration**: Leave comments on tasks for better communication between team members.
+- [x] **Activity Log**: Track task updates and project changes in real time.
+- [ ] **Visualization**: Easily create charts (E.g. burndown chart) to visualize your project.
 
 ## Tech Stack:
 - **Backend**: Flask (Python)
@@ -75,6 +75,20 @@ poetry run invoke dev
 
 ## Weekly Report
 
+### Loppupalautus - 2024-10-15
+
+The project is now finished. The project has a good code structure and clean code. All features except the visualization feature have been implemented. After adding some unittests for tasks and projects, the test coverage has risen to around 60%.
+
+Addressing some of the feedback in labtool:
+- The CSRF vulnerability has been fixed
+- After a thorough code review, I believe there are no SQL injection vulnerabilities present. While I am formatting some queries, all user inputs are sanitized and passed as parameters. The formatting applied to table and field names does not involve any user input.
+- I added a COUNT query to the dashboard, but I am not sure if that is enough. I couldn't think of any other aggregates that would be useful.
+- I removed all HTML5 client-side validation so all the errors are displayed at once. However, I don't think disabling client-side validation is a good idea, since it will add more load to the server.
+
+The project is available in production on [protaskinate-page.host.ender.fi](https://protaskinate-page.host.ender.fi/).
+
+More info about updates in the [changelog](docs/changelog.md).
+
 ### Välipalautus 3 - 2024-10-1
 
 The project is almost finished. The project still has good code structure and clean code. Many more features have been implemented, but some are still left. Test coverage is still very poor.
diff --git a/docs/changelog.md b/docs/changelog.md
index ca30744..e02ca5b 100644
--- a/docs/changelog.md
+++ b/docs/changelog.md
@@ -4,6 +4,33 @@ ProTaskinate changelog
 
 This format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## [v1.0.0] - 2024-10-15
+
+### Added
+
+- User can now have one of the following roles for each project: `reader`, `writer`, `admin`
+    - `reader` can view tasks, view project and comment to a task
+    - `writer` can also create tasks and update/delete user's own tasks
+    - `admin` can also update/delete all tasks and delete/update the project
+- User can now view updated_at for all tasks user has access to
+- User can now update the deadline of a task user has access to
+- User can now addditionally view description, creator, role, updated_at and created_at for all projects user has access to 
+- User can now assign and de-assign roles for projects user has admin access to
+- User can now create a project
+- User can now view all tasks of project user has access to in a kanban board
+- User can now view a project activity log if he has admin access to the project
+    - Activity log shows task creation, task update, task deletion, task creation and project update
+- User can view the amount of tasks assigned to the user in the dashboard
+
+### Fixed
+
+- Important buttons are now purple to fit the color scheme
+- Page content has been divided into logical sections
+- When a project is selected, the navbar shows navigations for that project
+- Forms now show errors all at once instead of one by one
+- Added length restrictions to most fields
+- Datetimes are now displayed according to the user's timezone
+
 ## [v0.2.0-beta] - 2024-10-01
 
 ### Added
diff --git a/poetry.lock b/poetry.lock
index 56a46fd..8272201 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -811,4 +811,4 @@ email = ["email-validator"]
 [metadata]
 lock-version = "2.0"
 python-versions = "^3.10"
-content-hash = "b64b5fef417f799718d49bcddbbc685644d0d080b3de0a03e556cf51ccc7cc0d"
+content-hash = "8e21a453d273ccfd623e743da2d7589cbdd68002242ba7cb3c4487b592a46365"
diff --git a/protaskinate/app.py b/protaskinate/app.py
index d8deeee..2966fd6 100644
--- a/protaskinate/app.py
+++ b/protaskinate/app.py
@@ -10,6 +10,7 @@
 from werkzeug.security import generate_password_hash
 
 from protaskinate.routes import dashboard, login, logout, project, register
+from protaskinate.utils.csrf import csrf
 from protaskinate.utils.database import db
 from protaskinate.utils.login_manager import lm
 
@@ -18,15 +19,19 @@
 
 
 def create_app():
-    """ Create the Flask app """
+    """Create the Flask app"""
     app = Flask(__name__)
 
     # If DATABASE_URL or SECRET_KEY not set throw error
     if not os.environ.get("DATABASE_URL"):
         raise ValueError("DATABASE_URL environment variable is not set")
     if not os.environ.get("SECRET_KEY"):
-        raise ValueError(("Please generate a secret_key with "
-                          "`poetry run invoke generate-secret-key`"))
+        raise ValueError(
+            (
+                "Please generate a secret_key with "
+                "`poetry run invoke generate-secret-key`"
+            )
+        )
     app.config["SQLALCHEMY_DATABASE_URI"] = os.environ.get("DATABASE_URL")
     app.config["SQLALCHEMY_ENGINE_OPTIONS"] = {
         "pool_pre_ping": True,
@@ -40,6 +45,7 @@ def create_app():
 
     db.init_app(app)
     lm.init_app(app)
+    csrf.init_app(app)
 
     app.cli.add_command(create_schema)
     app.cli.add_command(populate_db)
@@ -61,7 +67,7 @@ def ping():
 @click.command("create_schema")
 @with_appcontext
 def create_schema():
-    """ Create the database schema """
+    """Create the database schema"""
     logging.info("Creating schema")
     with open("schema.sql", "r", encoding="utf-8") as fp:
         sql = fp.read()
@@ -75,34 +81,56 @@ def create_schema():
 @click.command("populate_db")
 @with_appcontext
 def populate_db():
-    """ Populate the database with sample data """
+    """Populate the database with sample data"""
     logging.info("Populating database")
     sql_users = """
-    INSERT INTO users (username, password) VALUES (:username, :password);
+    INSERT INTO users (username, password) VALUES
+    ('admin', :admin_password),
+    ('user', :user_password);
     """
     sql_projects = """
-    INSERT INTO projects (name, creator_id) VALUES
-    ('Project 1', 1),
-    ('Project 2', 1),
-    ('Project 3', 1);
+    INSERT INTO projects (name, creator_id, created_at, updated_at, description) VALUES
+    ('Project 1', 1, '2021-01-01', '2021-01-03', 'Project 1 description'),
+    ('Project 2', 1, '2021-01-02', '2021-01-03', 'Project 2 description'),
+    ('Project 3', 1, '2021-01-03', '2021-01-03', 'Project 3 description');
     """
     sql_tasks = """
-    INSERT INTO tasks (title, status, creator_id, created_at, priority, project_id, description) VALUES
-    ('Task 1', 'open', 1, '2021-01-01', 'low', 1, 'Task 1 description'),
-    ('Task 2', 'in_progress', 1, '2021-01-02', 'high', 1, 'Task 2 description'),
-    ('Task 3', 'done', 1, '2021-01-03', 'very_high', 1, 'Task 3 description');
+    INSERT INTO tasks (title, status, creator_id, created_at, updated_at, priority, project_id, description) VALUES
+    ('Project 1 Task 1', 'open', 1, '2021-01-01', '2021-01-01', 'low', 1, 'Task 1 description'),
+    ('Project 1 Task 2', 'in_progress', 1, '2021-01-02', '2021-01-02', 'high', 1, 'Task 2 description'),
+    ('Project 1 Task 3', 'done', 2, '2021-01-03', '2021-01-03', 'very_high', 1, 'Task 3 description'),
+
+    ('Project 2 Task 1', 'open', 1, '2021-01-01', '2021-01-01', 'low', 2, 'Task 1 description'),
+    ('Project 2 Task 2', 'in_progress', 1, '2021-01-02', '2021-01-02', 'high', 2, 'Task 2 description'),
+    ('Project 2 Task 3', 'done', 2, '2021-01-03', '2021-01-03', 'very_high', 2, 'Task 3 description'),
+
+    ('Project 3 Task 1', 'open', 1, '2021-01-01', '2021-01-01', 'low', 3, 'Task 1 description'),
+    ('Project 3 Task 2', 'in_progress', 1, '2021-01-02', '2021-01-02', 'high', 3, 'Task 2 description'),
+    ('Project 3 Task 3', 'done', 2, '2021-01-03', '2021-01-03', 'very_high', 3, 'Task 3 description');
     """
     sql_comments = """
     INSERT INTO comments (task_id, creator_id, created_at, content) VALUES
     (1, 1, '2021-01-01', 'Comment 1'),
-    (1, 1, '2021-01-02', 'Comment 2'),
-    (2, 1, '2021-01-03', 'Comment 3');
+    (1, 2, '2021-01-02', 'Comment 2'),
+    (1, 1, '2021-01-03', 'Comment 4'),
+    (2, 1, '2021-01-04', 'Comment 3');
+    """
+    sql_user_projects = """
+    INSERT INTO user_projects (user_id, project_id, role) VALUES
+    (2, 2, 'reader'),
+    (2, 3, 'writer');
     """
 
     with db.engine.connect() as conn:
-        conn.execute(text(sql_users),
-                     {"username": "admin", "password": generate_password_hash("admin")})
+        conn.execute(
+            text(sql_users),
+            {
+                "admin_password": generate_password_hash("admin"),
+                "user_password": generate_password_hash("user"),
+            },
+        )
         conn.execute(text(sql_projects))
         conn.execute(text(sql_tasks))
         conn.execute(text(sql_comments))
+        conn.execute(text(sql_user_projects))
         conn.commit()
diff --git a/protaskinate/entities/__init__.py b/protaskinate/entities/__init__.py
index fad0559..9f9ee53 100644
--- a/protaskinate/entities/__init__.py
+++ b/protaskinate/entities/__init__.py
@@ -2,3 +2,4 @@
 from .task import Task
 from .project import Project
 from .comment import Comment
+from .activity_log import ActivityLog
diff --git a/protaskinate/entities/activity_log.py b/protaskinate/entities/activity_log.py
new file mode 100644
index 0000000..b426dc4
--- /dev/null
+++ b/protaskinate/entities/activity_log.py
@@ -0,0 +1,42 @@
+"""protaskinate/entities/activity_log.py"""
+
+from dataclasses import dataclass
+from datetime import datetime
+from enum import Enum
+from typing import TypedDict
+
+from protaskinate.utils.validation import validate_enum, validate_type
+
+
+class ActivityLogAction(Enum):
+    """Enumeration representing the action of an activity log"""
+
+    CREATE_TASK = "create_task"
+    UPDATE_TASK = "update_task"
+    DELETE_TASK = "delete_task"
+    UPDATE_PROJECT = "update_project"
+
+class NewActivityLog(TypedDict):
+    """Type representing the data required to create a new activity log"""
+
+    user_id: int
+    project_id: int
+    created_at: datetime
+    action: ActivityLogAction
+
+@dataclass
+class ActivityLog:
+    """Class representing an activity log"""
+
+    id: int
+    user_id: int
+    project_id: int
+    created_at: datetime
+    action: ActivityLogAction
+
+    def __post_init__(self):
+        validate_type(self.id, int, "id")
+        validate_type(self.user_id, int, "user_id")
+        validate_type(self.project_id, int, "project_id")
+        validate_type(self.created_at, datetime, "created_at")
+        self.action = validate_enum(self.action, ActivityLogAction, "action")
diff --git a/protaskinate/entities/comment.py b/protaskinate/entities/comment.py
index a7eaecb..1323c7f 100644
--- a/protaskinate/entities/comment.py
+++ b/protaskinate/entities/comment.py
@@ -7,6 +7,7 @@
 @dataclass
 class Comment:
     """Class representing a comment"""
+
     id: int
     task_id: int
     creator_id: int
diff --git a/protaskinate/entities/project.py b/protaskinate/entities/project.py
index 1c9ec1f..b5f1fb0 100644
--- a/protaskinate/entities/project.py
+++ b/protaskinate/entities/project.py
@@ -1,21 +1,61 @@
 """protaskinate/entities/project.py"""
 
 from dataclasses import dataclass
+from datetime import datetime
+from enum import Enum
+from typing import Optional
+
+from protaskinate.entities.user import User
+from protaskinate.utils.validation import validate_enum, validate_type
+
+
+class ProjectRole(Enum):
+    """Enumeration representing the role of a user in a project"""
+
+    READER = "reader"
+    WRITER = "writer"
+    ADMIN = "admin"
 
 
 @dataclass
 class Project:
     """Class representing a project"""
+
     id: int
     name: str
     creator_id: int
+    created_at: datetime
+    updated_at: datetime
+    description: Optional[str] = None
 
     def __post_init__(self):
-        if not isinstance(self.id, int):
-            raise ValueError(f"Invalid id: {self.id}")
+        validate_type(self.id, int, "id")
+        validate_type(self.name, str, "name")
+        validate_type(self.creator_id, int, "creator_id")
+        validate_type(self.created_at, datetime, "created_at")
+        validate_type(self.updated_at, datetime, "updated_at")
+        validate_type(self.description, str, "description", allow_none=True)
+
+
+@dataclass
+class ProjectWithRole:
+    """Class representing a project with the current user's role"""
 
-        if not isinstance(self.name, str):
-            raise ValueError(f"Invalid name: {self.name}")
+    project: Project
+    role: ProjectRole
 
-        if not isinstance(self.creator_id, int):
-            raise ValueError(f"Invalid creator_id: {self.creator_id}")
+    def __post_init__(self):
+        validate_type(self.project, Project, "project")
+        self.role = validate_enum(self.role, ProjectRole, "role")
+
+
+@dataclass
+class ProjectUser:
+    """Class representing a user in a project"""
+
+    user: User
+    role: ProjectRole
+
+    def __post_init__(self):
+        validate_type(self.user, User, "user")
+        self.role = validate_enum(self.role, ProjectRole, "role")
diff --git a/protaskinate/entities/task.py b/protaskinate/entities/task.py
index 25a5aca..a84f048 100644
--- a/protaskinate/entities/task.py
+++ b/protaskinate/entities/task.py
@@ -3,20 +3,22 @@
 from dataclasses import dataclass
 from datetime import datetime
 from enum import Enum
-from typing import List, Optional
+from typing import Optional
 
-from protaskinate.entities.comment import Comment
 from protaskinate.utils.validation import validate_enum, validate_type
 
 
 class TaskStatus(Enum):
     """Enumeration representing the status of a task"""
+
     OPEN = "open"
     IN_PROGRESS = "in_progress"
     DONE = "done"
 
+
 class TaskPriority(Enum):
     """Enumeration representing the priority of a task"""
+
     LOW = "low"
     MEDIUM = "medium"
     HIGH = "high"
@@ -44,9 +46,11 @@ def __gt__(self, other):
     def __ge__(self, other):
         return self.as_int() >= other.as_int()
 
+
 @dataclass
 class Task:
     """Class representing a task"""
+
     id: int
     project_id: int
     creator_id: int
@@ -54,10 +58,10 @@ class Task:
     status: TaskStatus
     priority: TaskPriority
     created_at: datetime
+    updated_at: datetime
     assignee_id: Optional[int] = None
     deadline: Optional[datetime] = None
     description: Optional[str] = None
-    comments: Optional[List[Comment]] = None
 
     def __post_init__(self):
         validate_type(self.id, int, "id")
@@ -67,10 +71,7 @@ def __post_init__(self):
         self.status = validate_enum(self.status, TaskStatus, "status")
         self.priority = validate_enum(self.priority, TaskPriority, "priority")
         validate_type(self.created_at, datetime, "created_at")
+        validate_type(self.updated_at, datetime, "updated_at")
         validate_type(self.assignee_id, int, "assignee_id", allow_none=True)
         validate_type(self.deadline, datetime, "deadline", allow_none=True)
         validate_type(self.description, str, "description", allow_none=True)
-        validate_type(self.comments, list, "comments", allow_none=True)
-        if self.comments:
-            for comment in self.comments:
-                validate_type(comment, Comment, "comment")
diff --git a/protaskinate/entities/user.py b/protaskinate/entities/user.py
index 550defa..9127c07 100644
--- a/protaskinate/entities/user.py
+++ b/protaskinate/entities/user.py
@@ -1,6 +1,5 @@
 """protaskinate/entities/user.py"""
 
-
 from dataclasses import dataclass
 
 from flask_login import UserMixin
@@ -9,6 +8,7 @@
 @dataclass
 class User(UserMixin):
     """Class representing a user"""
+
     id: int
     username: str
 
diff --git a/protaskinate/repositories/__init__.py b/protaskinate/repositories/__init__.py
index 735a99d..501f536 100644
--- a/protaskinate/repositories/__init__.py
+++ b/protaskinate/repositories/__init__.py
@@ -2,3 +2,4 @@
 from .task_repository import task_repository
 from .project_repository import project_repository
 from .comment_repository import comment_repository
+from .activity_log_repository import activity_log_repository
diff --git a/protaskinate/repositories/activity_log_repository.py b/protaskinate/repositories/activity_log_repository.py
new file mode 100644
index 0000000..8e64da9
--- /dev/null
+++ b/protaskinate/repositories/activity_log_repository.py
@@ -0,0 +1,30 @@
+"""protaskinate/repositories/activity_log_repository.py"""
+
+from protaskinate.entities.activity_log import ActivityLog
+from protaskinate.repositories.repository import Repository
+
+
+AllFields = ["id", "user_id", "project_id", "created_at", "action"]
+RequiredFields = ["user_id", "project_id", "created_at", "action"]
+
+
+def create_activity_log_from_row(row) -> ActivityLog:
+    """Helper function to create an ActivityLog entity from a database row"""
+    return ActivityLog(
+        id=row[0], user_id=row[1], project_id=row[2], created_at=row[3], action=row[4]
+    )
+
+
+class ActivityLogRepository(Repository[ActivityLog]):
+    """ActivityLog repository for managing activity logs"""
+
+    def __init__(self):
+        super().__init__(
+            table_name="activity_logs",
+            fields=AllFields,
+            required_fields=RequiredFields,
+            entity_creator=create_activity_log_from_row,
+        )
+
+
+activity_log_repository = ActivityLogRepository()
diff --git a/protaskinate/repositories/comment_repository.py b/protaskinate/repositories/comment_repository.py
index cf365cd..8e4b0c2 100644
--- a/protaskinate/repositories/comment_repository.py
+++ b/protaskinate/repositories/comment_repository.py
@@ -1,25 +1,29 @@
 """protaskinate/repositories/comment_repository.py"""
+
 from protaskinate.entities import Comment
 from protaskinate.repositories.repository import Repository
 
 AllFields = ["id", "task_id", "creator_id", "created_at", "content"]
 RequiredFields = ["task_id", "creator_id", "created_at", "content"]
 
+
 def create_comment_from_row(row) -> Comment:
     """Helper function to create a Comment entity from a database row"""
-    return Comment(id=row[0],
-                   task_id=row[1],
-                   creator_id=row[2],
-                   created_at=row[3],
-                   content=row[4])
+    return Comment(
+        id=row[0], task_id=row[1], creator_id=row[2], created_at=row[3], content=row[4]
+    )
+
 
 class CommentRepository(Repository[Comment]):
     """Comment repository for managing tasks"""
 
     def __init__(self):
-        super().__init__(table_name="comments",
-                         fields=AllFields,
-                         required_fields=RequiredFields,
-                         entity_creator=create_comment_from_row)
+        super().__init__(
+            table_name="comments",
+            fields=AllFields,
+            required_fields=RequiredFields,
+            entity_creator=create_comment_from_row,
+        )
+
 
 comment_repository = CommentRepository()
diff --git a/protaskinate/repositories/project_repository.py b/protaskinate/repositories/project_repository.py
index 493c76e..35de725 100644
--- a/protaskinate/repositories/project_repository.py
+++ b/protaskinate/repositories/project_repository.py
@@ -1,21 +1,149 @@
 """protaskinate/repositories/project_repository.py"""
-from protaskinate.entities import Project
+
+from typing import Any, List, Optional
+
+from sqlalchemy import Row, text
+
+from protaskinate.entities.project import (
+    Project,
+    ProjectRole,
+    ProjectUser,
+    ProjectWithRole,
+)
 from protaskinate.repositories.repository import Repository
+from protaskinate.repositories.user_repository import AllFields as AllUserFields
+from protaskinate.repositories.user_repository import create_user_from_row
+from protaskinate.utils.database import db
+
+AllFields = ["id", "name", "creator_id", "created_at", "updated_at", "description"]
+RequiredFields = ["name", "creator_id", "created_at", "updated_at"]
 
-AllFields = ["id", "name", "creator_id"]
-RequiredFields = ["name", "creator_id"]
 
-def create_project_from_row(row) -> Project:
+def create_project_from_row(row: Row[Any]) -> Project:
     """Helper function to create a Project entity from a database row"""
-    return Project(id=row[0], name=row[1], creator_id=row[2])
+    return Project(
+        id=row[0],
+        name=row[1],
+        creator_id=row[2],
+        created_at=row[3],
+        updated_at=row[4],
+        description=row[5],
+    )
+
+
+def create_project_with_role_from_row(row: Row[Any]) -> ProjectWithRole:
+    """Helper function to create a ProjectWithRole entity from a database row"""
+    return ProjectWithRole(
+        project=create_project_from_row(row), role=ProjectRole(row[len(AllFields)])
+    )
+
+
+def create_project_user_from_row(row: Row[Any]) -> ProjectUser:
+    """Helper function to create a ProjectUser entity from a database row"""
+    return ProjectUser(
+        user=create_user_from_row(row), role=ProjectRole(row[len(AllUserFields)])
+    )
+
 
 class ProjectRepository(Repository[Project]):
     """Task repository for managing projects"""
 
     def __init__(self):
-        super().__init__(table_name="projects",
-                         fields=AllFields,
-                         required_fields=RequiredFields,
-                         entity_creator=create_project_from_row)
+        super().__init__(
+            table_name="projects",
+            fields=AllFields,
+            required_fields=RequiredFields,
+            entity_creator=create_project_from_row,
+        )
+
+    def get_all_by_user_and_roles_with_role(
+        self, user_id: int, roles: List[ProjectRole]
+    ) -> List[ProjectWithRole]:
+        """Get all projects and roles of a single user filtered by roles"""
+        fields = ", ".join(f"project.{field}" for field in self._fields)
+        roles_tuple = tuple(role.value for role in roles)
+
+        sql = f"""SELECT {fields}, up.role
+                  FROM {self._table_name} project
+                  JOIN user_projects up ON project.id = up.project_id
+                  WHERE up.user_id = :user_id AND up.role IN :roles"""
+
+        result = db.session.execute(
+            text(sql), {"user_id": user_id, "roles": roles_tuple}
+        )
+        rows = result.fetchall()
+
+        return [create_project_with_role_from_row(row) for row in rows]
+
+    def get_user_role(self, user_id: int, project_id: int) -> Optional[ProjectRole]:
+        """Get the role of a user in a project"""
+
+        sql = f"""SELECT up.role
+                  FROM {self._table_name} project
+                  JOIN user_projects up ON project.id = up.project_id
+                  WHERE up.user_id = :user_id AND project.id = :project_id"""
+
+        result = db.session.execute(
+            text(sql), {"user_id": user_id, "project_id": project_id}
+        )
+        row = result.fetchone()
+
+        if row is None:
+            return None
+        return ProjectRole(row[0])
+
+    def get_all_users_by_project(self, project_id: int) -> List[ProjectUser]:
+        """Get all users and roles in a project"""
+        user_fields = ", ".join(f"u.{field}" for field in AllUserFields)
+        sql = f"""SELECT {user_fields}, up.role
+                 FROM users u
+                 JOIN user_projects up ON u.id = up.user_id
+                 WHERE up.project_id = :project_id"""
+
+        result = db.session.execute(text(sql), {"project_id": project_id})
+        rows = result.fetchall()
+
+        return [create_project_user_from_row(row) for row in rows]
+
+    def update_user_role(
+        self, project_id: int, user_id: int, role: ProjectRole
+    ) -> None:
+        """Update the role of a user in a project"""
+        sql = """UPDATE user_projects
+                  SET role = :role
+                  WHERE project_id = :project_id AND user_id = :user_id"""
+
+        db.session.execute(
+            text(sql),
+            {"role": role.value, "project_id": project_id, "user_id": user_id},
+        )
+        db.session.commit()
+
+    def create_project_user(
+        self, project_id: int, user_id: int, role: ProjectRole
+    ) -> Optional[ProjectUser]:
+        """Add a user to a project"""
+        user_fields = ", ".join(f"u.{field}" for field in AllUserFields)
+
+        sql = f"""WITH new AS (
+                    INSERT INTO user_projects (project_id, user_id, role)
+                    VALUES (:project_id, :user_id, :role)
+                    RETURNING user_id, project_id, role
+                 )
+                 SELECT {user_fields}, new.role
+                 FROM new new
+                 JOIN users u ON u.id = new.user_id"""
+
+        result = db.session.execute(
+            text(sql),
+            {"project_id": project_id, "user_id": user_id, "role": role.value},
+        )
+        row = result.fetchone()
+        db.session.commit()
+        if row is None:
+            return None
+
+        return create_project_user_from_row(row)
+
 
 project_repository = ProjectRepository()
diff --git a/protaskinate/repositories/repository.py b/protaskinate/repositories/repository.py
index 6f777b1..4cb8f6a 100644
--- a/protaskinate/repositories/repository.py
+++ b/protaskinate/repositories/repository.py
@@ -1,4 +1,5 @@
 """protaskinate/repositories/repository.py"""
+
 from typing import Any, Callable, Dict, Generic, List, Optional, TypeVar, Union
 
 from sqlalchemy import Row, text
@@ -7,19 +8,28 @@
 
 T = TypeVar("T")
 
+
 class Repository(Generic[T]):
     """Generic base repository class for common CRUD operations"""
 
-    def __init__(self, table_name: str, fields: List[str],
-                 required_fields: List[str], entity_creator: Callable[[Row[Any]], T]):
+    def __init__(
+        self,
+        table_name: str,
+        fields: List[str],
+        required_fields: List[str],
+        entity_creator: Callable[[Row[Any]], T],
+    ):
         self._table_name = table_name
         self._fields = fields
         self._required_fields = required_fields
         self._entity_creator = entity_creator
 
-    def get_all(self, by_fields: Optional[Dict[str, Union[int, str]]] = None,
-                order_by_fields: Optional[List[str]] = None,
-                reverse: Optional[List[bool]] = None) -> List[T]:
+    def get_all(
+        self,
+        by_fields: Optional[Dict[str, Union[int, str]]] = None,
+        order_by_fields: Optional[List[str]] = None,
+        reverse: Optional[List[bool]] = None,
+    ) -> List[T]:
         """Get all entities from the repository by some fields"""
         if by_fields is not None:
             if any(key not in self._fields for key in by_fields):
@@ -39,9 +49,13 @@ def get_all(self, by_fields: Optional[Dict[str, Union[int, str]]] = None,
                 for field, rev in zip(order_by_fields, reverse)
             )
         if by_fields is not None:
-            where_clause = "WHERE " + " AND ".join(f"{key} = :{key}" for key in by_fields)
+            where_clause = "WHERE " + " AND ".join(
+                f"{key} = :{key}" for key in by_fields
+            )
 
-        sql = f"SELECT {all_fields} FROM {self._table_name} {where_clause} {order_clause}"
+        sql = (
+            f"SELECT {all_fields} FROM {self._table_name} {where_clause} {order_clause}"
+        )
         result = db.session.execute(text(sql), by_fields)
         rows = result.fetchall()
 
@@ -62,6 +76,20 @@ def get(self, by_fields: Dict[str, Union[int, str]]) -> Optional[T]:
 
         return self._entity_creator(row) if row else None
 
+    def count(self, by_fields: Dict[str, Union[int, str]]) -> int:
+        """Get the count of entities from the repository by some fields"""
+        if any(key not in self._fields for key in by_fields):
+            raise ValueError("Invalid by_fields")
+
+        where_clause = "WHERE " + " AND ".join(f"{key} = :{key}" for key in by_fields)
+
+        sql = f"SELECT count(*) FROM {self._table_name} {where_clause}"
+
+        result = db.session.execute(text(sql), by_fields)
+        row = result.fetchone()
+
+        return int(row[0]) if row else 0
+
     def create(self, field_values: Dict[str, Union[int, str]]) -> Optional[T]:
         """Create a new entity in the repository"""
         if any(key not in self._fields for key in field_values):
@@ -70,10 +98,11 @@ def create(self, field_values: Dict[str, Union[int, str]]) -> Optional[T]:
             raise ValueError("Missing required fields")
 
         fields = ", ".join(field_values.keys())
-        values = ", ".join(f":{key}" for key in field_values)
+        placeholders = ", ".join(f":{key}" for key in field_values)
         all_fields = ", ".join(self._fields)
 
-        sql = f"INSERT INTO {self._table_name} ({fields}) VALUES ({values}) RETURNING {all_fields}"
+        sql = f"""INSERT INTO {self._table_name} ({fields})
+                  VALUES ({placeholders}) RETURNING {all_fields}"""
 
         result = db.session.execute(text(sql), field_values)
         row = result.fetchone()
@@ -81,8 +110,9 @@ def create(self, field_values: Dict[str, Union[int, str]]) -> Optional[T]:
 
         return self._entity_creator(row) if row else None
 
-    def update(self, by_fields: Dict[str, Union[int, str]],
-               updates: Dict[str, Union[int, str]]) -> Optional[T]:
+    def update(
+        self, by_fields: Dict[str, Union[int, str]], updates: Dict[str, Union[int, str]]
+    ) -> Optional[T]:
         """Update an entity in the repository"""
         if not by_fields or any(key not in self._fields for key in by_fields):
             raise ValueError("Invalid by_fields")
diff --git a/protaskinate/repositories/task_repository.py b/protaskinate/repositories/task_repository.py
index 6268535..bd2b5d9 100644
--- a/protaskinate/repositories/task_repository.py
+++ b/protaskinate/repositories/task_repository.py
@@ -1,69 +1,80 @@
 """protaskinate/repositories/task_repository.py"""
-from typing import Dict, Optional, Union
 
+import logging
+from typing import Dict
 from sqlalchemy import text
-
 from protaskinate.entities import Task
-from protaskinate.repositories.comment_repository import \
-    create_comment_from_row, AllFields as CommentAllFields
+from protaskinate.entities.task import TaskStatus
 from protaskinate.repositories.repository import Repository
 from protaskinate.utils.database import db
 
-AllFields = ["id", "project_id", "creator_id", "title", "status", "priority", "created_at",
-             "assignee_id", "deadline", "description"]
-RequiredFields = ["project_id", "creator_id", "title", "status", "priority", "created_at"]
+AllFields = [
+    "id",
+    "project_id",
+    "creator_id",
+    "title",
+    "status",
+    "priority",
+    "created_at",
+    "updated_at",
+    "assignee_id",
+    "deadline",
+    "description",
+]
+RequiredFields = [
+    "project_id",
+    "creator_id",
+    "title",
+    "status",
+    "priority",
+    "created_at",
+    "updated_at",
+]
+
 
 def create_task_from_row(row) -> Task:
     """Helper function to create a Task entity from a database row"""
-    return Task(id=row[0],
-                project_id=row[1],
-                creator_id=row[2],
-                title=row[3],
-                status=row[4],
-                priority=row[5],
-                created_at=row[6],
-                assignee_id=row[7],
-                deadline=row[8],
-                description=row[9])
+    return Task(
+        id=row[0],
+        project_id=row[1],
+        creator_id=row[2],
+        title=row[3],
+        status=row[4],
+        priority=row[5],
+        created_at=row[6],
+        updated_at=row[7],
+        assignee_id=row[8],
+        deadline=row[9],
+        description=row[10],
+    )
+
 
 class TaskRepository(Repository[Task]):
     """Task repository for managing tasks"""
 
     def __init__(self):
-        super().__init__(table_name="tasks",
-                         fields=AllFields,
-                         required_fields=RequiredFields,
-                         entity_creator=create_task_from_row)
+        super().__init__(
+            table_name="tasks",
+            fields=AllFields,
+            required_fields=RequiredFields,
+            entity_creator=create_task_from_row,
+        )
 
-    def get_join_comments(self, by_fields: Dict[str, Union[int, str]]) -> Optional[Task]:
-        """Get a task by fields and join comments"""
-        if not by_fields or any(key not in self._fields for key in by_fields):
-            raise ValueError("Invalid by_fields")
+    def count_by_assignee_grouped_by_status(
+        self, assignee_id: int
+    ) -> Dict[TaskStatus, int]:
+        """Get all tasks assigned to a user grouped by status"""
+        sql = """SELECT ts::text,  COALESCE(COUNT(task.id), 0)
+                  FROM unnest(enum_range(NULL::task_status)) AS ts
+                  LEFT JOIN tasks task ON task.status = ts AND task.assignee_id = :assignee_id
+                  GROUP BY ts"""
 
-        where_clause = " AND ".join(f"task.{key} = :{key}" for key in by_fields)
-        fields = ", ".join(f"task.{field}" for field in self._fields)
-        fields += ", "+", ".join(f"comment.{field}" for field in CommentAllFields)
-
-        sql = f"""SELECT {fields}
-                 FROM {self._table_name} task
-                 LEFT JOIN comments comment ON task.id = comment.task_id
-                 WHERE {where_clause}
-                 ORDER BY comment.created_at"""
-
-        result = db.session.execute(text(sql), by_fields)
+        result = db.session.execute(text(sql), {"assignee_id": assignee_id})
         rows = result.fetchall()
 
-        if not rows:
-            return None
-
-        task = self._entity_creator(rows[0])
-        task.comments = []
-        for row in rows:
-            if row[len(self._fields)] and row[0] == task.id:
-                comment = create_comment_from_row(row[len(self._fields):])
-                task.comments.append(comment)
+        logging.info(rows)
 
-        return task
+        return {TaskStatus(row[0]): int(row[1]) for row in rows}
 
 
 task_repository = TaskRepository()
diff --git a/protaskinate/repositories/user_repository.py b/protaskinate/repositories/user_repository.py
index 94c2f7b..9c4ceb8 100644
--- a/protaskinate/repositories/user_repository.py
+++ b/protaskinate/repositories/user_repository.py
@@ -1,6 +1,8 @@
 """protaskinate/repositories/user_repository.py"""
+
 from sqlalchemy import text
 from werkzeug.security import check_password_hash
+
 from protaskinate.entities import User
 from protaskinate.repositories.repository import Repository
 from protaskinate.utils.database import db
@@ -8,29 +10,33 @@
 AllFields = ["id", "username", "password"]
 RequiredFields = ["username", "password"]
 
+
 def create_user_from_row(row) -> User:
     """Helper function to create a User entity from a database row"""
     return User(id=row[0], username=row[1])
 
+
 class UserRepository(Repository[User]):
     """User repository for managing users"""
 
     def __init__(self):
-        super().__init__(table_name="users",
-                         fields=AllFields,
-                         required_fields=RequiredFields,
-                         entity_creator=create_user_from_row)
+        super().__init__(
+            table_name="users",
+            fields=AllFields,
+            required_fields=RequiredFields,
+            entity_creator=create_user_from_row,
+        )
 
     def verify_password(self, username: str, password: str) -> bool:
         """Verify a password against a password hash"""
         sql = f"""SELECT password
                  FROM {self._table_name} WHERE username = :username"""
-        result = db.session.execute(text(sql),
-                                    {"username": username})
+        result = db.session.execute(text(sql), {"username": username})
         row = result.fetchone()
 
         if row is None:
             return False
         return check_password_hash(row[0], password)
 
+
 user_repository = UserRepository()
diff --git a/protaskinate/routes/dashboard.py b/protaskinate/routes/dashboard.py
index 2f60d39..78f5495 100644
--- a/protaskinate/routes/dashboard.py
+++ b/protaskinate/routes/dashboard.py
@@ -1,18 +1,27 @@
 """protaskinate/routes/dashboard.py"""
 
 from flask import Blueprint, redirect, render_template, url_for
-from flask_login import login_required
+from flask_login import current_user, login_required
+
+from protaskinate.services import task_service
 
 blueprint = Blueprint("dashboard", __name__)
 
+
 @blueprint.route("/", methods=["GET"])
 @login_required
 def index_route():
     """Redirect to the dashboard"""
     return redirect(url_for("dashboard.dashboard_route"))
 
+
 @blueprint.route("/dashboard", methods=["GET"])
 @login_required
 def dashboard_route():
     """Render the dashboard page"""
-    return render_template("dashboard.html")
+    task_counts_by_status = task_service.count_by_assignee_grouped_by_status(
+        current_user.id
+    )
+    return render_template(
+        "dashboard.html", task_counts_by_status=task_counts_by_status
+    )
diff --git a/protaskinate/routes/forms/login_forms.py b/protaskinate/routes/forms/login_forms.py
new file mode 100644
index 0000000..a81f88f
--- /dev/null
+++ b/protaskinate/routes/forms/login_forms.py
@@ -0,0 +1,13 @@
+""" protaskinate/routes/forms/project_forms.py """
+
+from flask_wtf import FlaskForm
+from wtforms import PasswordField, StringField, SubmitField
+from wtforms.validators import DataRequired
+
+
+class LoginForm(FlaskForm):
+    """Form for login"""
+
+    username = StringField("Username", validators=[DataRequired()])
+    password = PasswordField("Password", validators=[DataRequired()])
+    submit = SubmitField("Login")
diff --git a/protaskinate/routes/forms/project_forms.py b/protaskinate/routes/forms/project_forms.py
new file mode 100644
index 0000000..e46b534
--- /dev/null
+++ b/protaskinate/routes/forms/project_forms.py
@@ -0,0 +1,71 @@
+""" protaskinate/routes/forms/project_forms.py """
+
+from flask_wtf import FlaskForm
+from wtforms import DateField, SelectField, StringField, SubmitField, TextAreaField
+from wtforms.validators import DataRequired, Length, Optional
+
+from protaskinate.entities.project import ProjectRole
+from protaskinate.entities.task import TaskPriority, TaskStatus
+from protaskinate.services import user_service
+
+
+class CreateTaskForm(FlaskForm):
+    """Form for creating a task"""
+
+    title = StringField("Title", validators=[DataRequired(), Length(min=3, max=50)])
+    description = TextAreaField("Description", validators=[Optional(), Length(max=500)])
+    status = SelectField(
+        "Status",
+        choices=[
+            (status.value, status.name.lower().replace("_", " ").title())
+            for status in TaskStatus
+        ],
+    )
+    priority = SelectField(
+        "Priority",
+        choices=[
+            (priority.value, priority.name.lower().replace("_", " ").title())
+            for priority in TaskPriority
+        ],
+    )
+    assignee_id = SelectField("Assignee", coerce=int)
+    deadline = DateField("Deadline", format="%Y-%m-%d", validators=[Optional()])
+    submit = SubmitField("Create Task")
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.assignee_id.choices = [(0, "Not Assigned")] + [
+            (user.id, user.username) for user in user_service.get_all()
+        ]  # type: ignore
+
+
+class CreateCommentForm(FlaskForm):
+    """Form for creating a comment"""
+
+    content = TextAreaField("Content", validators=[DataRequired(), Length(max=500)])
+    submit = SubmitField("Send")
+
+
+class CreateProjectForm(FlaskForm):
+    """Form for creating a project"""
+
+    name = StringField("Name", validators=[DataRequired(), Length(min=3, max=50)])
+    description = TextAreaField("Description", validators=[Optional(), Length(max=500)])
+    submit = SubmitField("Create Project")
+
+
+class CreateProjectUserForm(FlaskForm):
+    """Form for adding a user to a project"""
+
+    user_id = SelectField("User", coerce=int)
+    role = SelectField(
+        "Role",
+        choices=[(role.value, role.name.lower().title()) for role in ProjectRole],
+    )
+    submit = SubmitField("Add User")
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.user_id.choices = [
+            (user.id, user.username) for user in user_service.get_all()
+        ]
diff --git a/protaskinate/routes/forms/register_forms.py b/protaskinate/routes/forms/register_forms.py
new file mode 100644
index 0000000..de0aba5
--- /dev/null
+++ b/protaskinate/routes/forms/register_forms.py
@@ -0,0 +1,20 @@
+"""protaskinate/routes/forms/register_forms.py"""
+
+from flask_wtf import FlaskForm
+from wtforms import PasswordField, StringField, SubmitField
+from wtforms.validators import DataRequired, EqualTo, Length
+
+
+class RegisterForm(FlaskForm):
+    """Form for registering a user"""
+
+    username = StringField(
+        "Username", validators=[DataRequired(), Length(min=3, max=20)]
+    )
+    password = PasswordField(
+        "Password", validators=[DataRequired(), Length(min=6, max=20)]
+    )
+    confirm_password = PasswordField(
+        "Confirm Password", validators=[DataRequired(), EqualTo("password")]
+    )
+    submit = SubmitField("Register")
diff --git a/protaskinate/routes/handlers/login_handlers.py b/protaskinate/routes/handlers/login_handlers.py
new file mode 100644
index 0000000..082f124
--- /dev/null
+++ b/protaskinate/routes/handlers/login_handlers.py
@@ -0,0 +1,26 @@
+"""protaskinate/routes/handlers/login_handlers.py"""
+
+from flask import flash
+from flask_login import login_user
+
+from protaskinate.routes.forms.login_forms import LoginForm
+from protaskinate.services import user_service
+
+
+def handle_login(form: LoginForm) -> bool:
+    """Handle the login of a user"""
+    username = form.username.data
+    password = form.password.data
+
+    if not username or not password:
+        flash("Invalid username or password", "error")
+        return False
+
+    user = user_service.login(username, password)
+    if not user:
+        flash("Invalid username or password", "error")
+        return False
+
+    login_user(user)
+    flash("You have been logged in", "success")
+    return True
diff --git a/protaskinate/routes/handlers/project_handlers.py b/protaskinate/routes/handlers/project_handlers.py
new file mode 100644
index 0000000..91fec5e
--- /dev/null
+++ b/protaskinate/routes/handlers/project_handlers.py
@@ -0,0 +1,199 @@
+"""protaskinate/routes/handlers/project_handlers.py"""
+
+from datetime import datetime
+from typing import Dict
+import logging
+
+from flask import flash
+from flask_login import current_user
+
+from protaskinate.entities.activity_log import ActivityLogAction
+from protaskinate.entities.project import ProjectRole
+from protaskinate.routes.forms.project_forms import (
+    CreateCommentForm,
+    CreateProjectForm,
+    CreateProjectUserForm,
+    CreateTaskForm,
+)
+from protaskinate.services import (
+    activity_log_service,
+    comment_service,
+    project_service,
+    task_service,
+)
+
+
+def handle_create_project(form: CreateProjectForm):
+    """Handle the creation of a project"""
+    data = {
+        "name": form.name.data,
+        "description": form.description.data if form.description.data else None,
+    }
+
+    project_service.create(
+        name=data["name"],
+        creator_id=current_user.id,
+        created_at=datetime.now().isoformat(),
+        updated_at=datetime.now().isoformat(),
+        description=data["description"],
+    )
+
+    form.name.data = ""
+    form.description.data = ""
+    flash("Project created successfully", "success")
+
+
+def handle_create_task(project_id: int, form: CreateTaskForm):
+    """Handle the creation of a task"""
+    data = {
+        "title": form.title.data,
+        "status": form.status.data,
+        "priority": form.priority.data,
+        "assignee_id": form.assignee_id.data if form.assignee_id.data != 0 else None,
+        "deadline": form.deadline.data.isoformat() if form.deadline.data else None,
+        "description": form.description.data if form.description.data else None,
+    }
+
+    if not project_service.check_user_write_access(current_user.id, project_id):
+        flash("You do not have write-access to this project", "error")
+        return
+
+    new_task = task_service.create(
+        title=data["title"],
+        status=data["status"],
+        priority=data["priority"],
+        creator_id=current_user.id,
+        created_at=datetime.now().isoformat(),
+        updated_at=datetime.now().isoformat(),
+        assignee_id=data["assignee_id"],
+        deadline=data["deadline"],
+        project_id=project_id,
+        description=data["description"],
+    )
+    if not new_task:
+        flash("Failed to create task", "error")
+        return
+
+    new_log = activity_log_service.create_log(
+        user_id=current_user.id,
+        project_id=project_id,
+        action=ActivityLogAction.CREATE_TASK,
+    )
+    if not new_log:
+        logging.error("Failed to create activity log for task creation")
+
+    form.title.data = ""
+    form.assignee_id.data = 0
+    form.deadline.data = None
+    form.description.data = ""
+    flash("Task created successfully", "success")
+
+
+def handle_create_project_user(project_id: int, form: CreateProjectUserForm):
+    """Handle the creation of a project user"""
+    data = {"user_id": form.user_id.data}
+
+    if not project_service.check_user_update_access(current_user.id, project_id):
+        flash("You do not have update-access to this project", "error")
+        return
+
+    try:
+        data["role"] = ProjectRole(form.role.data)
+    except ValueError:
+        flash("Invalid role", "error")
+        return
+
+    if project_service.get_user_role(data["user_id"], project_id) is not None:
+        flash("User already in project", "error")
+        return
+
+    new_project_user = project_service.add_user(project_id, data["user_id"], data["role"])
+    if not new_project_user:
+        flash("Failed to add user to project", "error")
+        return
+
+    new_log = activity_log_service.create_log(
+        user_id=current_user.id,
+        project_id=project_id,
+        action=ActivityLogAction.UPDATE_PROJECT,
+    )
+    if not new_log:
+        logging.error("Failed to create activity log for project user addition")
+
+    flash("User added to project", "success")
+
+
+def handle_update_user_role(project_id: int, user_id: int, form: Dict):
+    """Handle the update of a user's role in a project"""
+    try:
+        role = ProjectRole(form["role"])
+    except ValueError:
+        flash("Invalid role", "error")
+        return
+
+    project_service.update_user_role(project_id, user_id, role)
+
+    new_log = activity_log_service.create_log(
+        user_id=current_user.id,
+        project_id=project_id,
+        action=ActivityLogAction.UPDATE_PROJECT,
+    )
+    if not new_log:
+        logging.error("Failed to create activity log for user role update")
+
+
+def handle_create_comment(task_id: int, form: CreateCommentForm):
+    """Handle the creation of a comment"""
+    content = form.content.data
+
+    new_comment = comment_service.create(
+        task_id=task_id,
+        creator_id=current_user.id,
+        created_at=datetime.now().isoformat(),
+        content=content,
+    )
+
+    if not new_comment:
+        flash("Failed to create comment", "error")
+        return
+
+    form.content.data = ""
+
+
+def handle_update_task(task_id: int, project_id: int, form: Dict):
+    """Handle the update of a task"""
+    update_data = {}
+    if "status" in form:
+        update_data["status"] = form["status"]
+    if "priority" in form:
+        update_data["priority"] = form["priority"]
+    if "assignee_id" in form:
+        update_data["assignee_id"] = int(form["assignee_id"])
+        if update_data["assignee_id"] == 0:
+            update_data["assignee_id"] = None
+    if "deadline" in form:
+        update_data["deadline"] = form["deadline"]
+
+    updated_task = task_service.update(task_id, project_id, **update_data)
+    if not updated_task:
+        flash("Failed to update task", "error")
+        return
+
+    new_log = activity_log_service.create_log(
+        user_id=current_user.id,
+        project_id=project_id,
+        action=ActivityLogAction.UPDATE_TASK,
+    )
+    if not new_log:
+        logging.error("Failed to create activity log for task update")
+
+def handle_delete_task(project_id: int, task_id: int):
+    """Handle the deletion of a task"""
+    task_service.delete(task_id, project_id)
+    new_log = activity_log_service.create_log(
+        user_id=current_user.id,
+        project_id=project_id,
+        action=ActivityLogAction.DELETE_TASK,
+    )
+    if not new_log:
+        logging.error("Failed to create activity log for task deletion")
diff --git a/protaskinate/routes/handlers/register_handlers.py b/protaskinate/routes/handlers/register_handlers.py
new file mode 100644
index 0000000..0bbe734
--- /dev/null
+++ b/protaskinate/routes/handlers/register_handlers.py
@@ -0,0 +1,29 @@
+"""protaskinate/routes/handlers/register_handlers.py"""
+
+from flask import flash
+from flask_login import login_user
+from protaskinate.routes.forms.register_forms import RegisterForm
+from protaskinate.services import user_service
+
+
+def handle_register(form: RegisterForm) -> bool:
+    """Handle the registration of a user"""
+    username = form.username.data
+    password = form.password.data
+
+    if not username or not password:
+        flash("Missing username or password", "error")
+        return False
+
+    if user_service.get_by_username(username):
+        flash("Username already exists", "error")
+        return False
+
+    registered_user = user_service.register(username, password)
+    if not registered_user:
+        flash("Failed to register user", "error")
+        return False
+
+    login_user(registered_user)
+    flash("You have been registered", "success")
+    return True
diff --git a/protaskinate/routes/login.py b/protaskinate/routes/login.py
index 2f21676..e622d46 100644
--- a/protaskinate/routes/login.py
+++ b/protaskinate/routes/login.py
@@ -1,22 +1,13 @@
 """protaskinate/routes/login.py"""
 
-from flask import Blueprint, flash, redirect, render_template, request, url_for
-from flask_login import login_user
-from flask_wtf import FlaskForm
-from wtforms import PasswordField, StringField, SubmitField
-from wtforms.validators import DataRequired
+from flask import Blueprint, redirect, render_template, request, url_for
 
-from protaskinate.services import user_service
-from protaskinate.utils.login_manager import lm, login_redirect
+from protaskinate.routes.forms.login_forms import LoginForm
+from protaskinate.routes.handlers.login_handlers import handle_login
+from protaskinate.utils.login_manager import login_redirect
 
 blueprint = Blueprint("login", __name__)
 
-class LoginForm(FlaskForm):
-    """Form for login"""
-    username = StringField("Username", validators=[DataRequired()])
-
-    password = PasswordField("Password", validators=[DataRequired()])
-    submit = SubmitField("Login")
 
 @blueprint.route("/login", methods=["GET", "POST"])
 @login_redirect
@@ -25,19 +16,7 @@ def login_route():
     form = LoginForm(request.form)
 
     if request.method == "POST" and form.validate_on_submit():
-        username = form.username.data
-        password = form.password.data
-
-        user = user_service.login(username, password)
-        if user:
-            login_user(user)
-            flash("You have been logged in", "success")
+        if handle_login(form):
             return redirect(url_for("dashboard.dashboard_route"))
-        flash("Invalid username or password", "error")
 
     return render_template("login.html", form=form)
-
-@lm.user_loader
-def load_user(user_id):
-    """Load the user"""
-    return user_service.get_by_id(user_id)
diff --git a/protaskinate/routes/logout.py b/protaskinate/routes/logout.py
index d7ab328..24928b3 100644
--- a/protaskinate/routes/logout.py
+++ b/protaskinate/routes/logout.py
@@ -5,6 +5,7 @@
 
 blueprint = Blueprint("logout", __name__)
 
+
 @blueprint.route("/logout", methods=["GET"])
 def logout_route():
     """Render the logout page"""
diff --git a/protaskinate/routes/project.py b/protaskinate/routes/project.py
index cf73115..d027336 100644
--- a/protaskinate/routes/project.py
+++ b/protaskinate/routes/project.py
@@ -1,111 +1,148 @@
 """protaskinate/routes/project.py"""
 
-from datetime import datetime
-
-from flask import Blueprint, flash, redirect, render_template, request, url_for
+from flask import Blueprint, redirect, render_template, request, url_for
 from flask_login import current_user, login_required
-from flask_wtf import FlaskForm
-from wtforms import (DateField, SelectField, StringField, SubmitField,
-                     TextAreaField)
-from wtforms.validators import DataRequired, Optional
 
-from protaskinate.entities.task import TaskPriority, TaskStatus
-from protaskinate.services import (comment_service, project_service,
-                                   task_service, user_service)
+from protaskinate.routes.forms.project_forms import (
+    CreateCommentForm,
+    CreateProjectForm,
+    CreateProjectUserForm,
+    CreateTaskForm,
+)
+from protaskinate.routes.handlers.project_handlers import (
+    handle_create_comment,
+    handle_create_project,
+    handle_create_project_user,
+    handle_create_task,
+    handle_delete_task,
+    handle_update_task,
+    handle_update_user_role,
+)
+from protaskinate.services import (
+    activity_log_service,
+    comment_service,
+    project_service,
+    task_service,
+    user_service,
+)
+from protaskinate.utils.project import (
+    project_read_access_required,
+    project_update_access_required,
+    task_update_access_required,
+)
 
 blueprint = Blueprint("project", __name__)
 
 
-class CreateTaskForm(FlaskForm):
-    """Form for creating a task"""
-    title = StringField("Title", validators=[DataRequired()])
-    description = TextAreaField("Description", validators=[Optional()])
-    status = SelectField("Status",
-                         choices=[
-                             (status.value, status.name.lower().replace("_"," ").title())
-                              for status in TaskStatus])
-    priority = SelectField("Priority",
-                           choices=[
-                               (priority.value, priority.name.lower().replace("_"," ").title())
-                                for priority in TaskPriority])
-    assignee_id = SelectField("Assignee", coerce=int)
-    deadline = DateField("Deadline", format="%Y-%m-%d", validators=[Optional()])
-    submit = SubmitField("Create Task")
-
-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        self.assignee_id.choices = [(0, "Not Assigned")] + [
-                (user.id, user.username) for user in user_service.get_all()] # type: ignore
-
-class CreateCommentForm(FlaskForm):
-    """Form for creating a comment"""
-    content = TextAreaField("Content", validators=[DataRequired()])
-    submit = SubmitField("Send")
-
-@blueprint.route("/projects", methods=["GET"])
+@blueprint.route("/projects", methods=["GET", "POST"])
 @login_required
 def project_list_route():
     """Render the projects page"""
-    projects = project_service.get_all()
-    return render_template("project_list.html", projects=projects)
+    form = CreateProjectForm(request.form)
+    if request.method == "POST" and form.validate_on_submit():
+        handle_create_project(form)
+
+    projects_with_roles = project_service.get_all_by_user_with_role(current_user.id)
+    return render_template(
+        "project_list.html", form=form, projects_with_roles=projects_with_roles
+    )
+
 
 @blueprint.route("/projects/<int:project_id>", methods=["GET", "POST"])
 @login_required
+@project_read_access_required
 def project_view_route(project_id: int):
     """Render the single project view page"""
-    form = CreateTaskForm(request.form)
-    if request.method == "POST" and form.validate_on_submit():
-        title = form.title.data
-        status = form.status.data
-        priority = form.priority.data
-        assignee_id = form.assignee_id.data if form.assignee_id.data != 0 else None
-        deadline = form.deadline.data.isoformat() if form.deadline.data else None
-        description = form.description.data if form.description.data else None
-        task_service.create(title=title,
-                            status=status,
-                            priority=priority,
-                            creator_id=current_user.id,
-                            created_at=datetime.now().isoformat(),
-                            assignee_id=assignee_id,
-                            deadline=deadline,
-                            project_id=project_id,
-                            description=description)
-        return redirect(request.url)
+    create_task_form = CreateTaskForm(request.form, prefix="create_task")
+    create_project_user_form = CreateProjectUserForm(
+        request.form, prefix="create_project_user"
+    )
 
+    if create_task_form.submit.data and create_task_form.validate_on_submit():
+        handle_create_task(project_id, create_task_form)
+
+    if (
+        create_project_user_form.submit.data
+        and create_project_user_form.validate_on_submit()
+    ):
+        handle_create_project_user(project_id, create_project_user_form)
+
+    project = project_service.get_by_id(project_id)
+    tasks = task_service.get_all_by_project(
+        project_id, order_by_fields=["priority", "created_at"], reverse=[True, False]
+    )
+    project_users = project_service.get_all_users_in_project(project_id)
+    user_project_role = project_service.get_user_role(current_user.id, project_id)
+    users_dict = {user.id: user for user in user_service.get_all()}
+    activity_logs = activity_log_service.get_all_by_project(project_id)
+
+    return render_template(
+        "project_view.html",
+        create_task_form=create_task_form,
+        create_project_user_form=create_project_user_form,
+        project=project,
+        user_project_role=user_project_role,
+        tasks=tasks,
+        project_users=project_users,
+        users_dict=users_dict,
+        activity_logs=activity_logs,
+    )
+
+
+@blueprint.route("/projects/<int:project_id>/board", methods=["GET"])
+@login_required
+@project_read_access_required
+def project_board_route(project_id: int):
+    """Render the project board view page"""
     project = project_service.get_by_id(project_id)
-    tasks = task_service.get_all_by_project(project_id,
-                                            order_by_fields=["priority", "created_at"],
-                                            reverse=[True, False])
+    tasks = task_service.get_all_by_project(project_id)
+    user_project_role = project_service.get_user_role(current_user.id, project_id)
     users_dict = {user.id: user for user in user_service.get_all()}
+    return render_template(
+        "project_board.html",
+        project=project,
+        tasks=tasks,
+        user_project_role=user_project_role,
+        users_dict=users_dict,
+    )
 
-    return render_template("project_view.html",
-                           form=form,
-                           project=project,
-                           tasks=tasks,
-                           users_dict=users_dict)
 
 @blueprint.route("/projects/<int:project_id>/delete", methods=["POST"])
 @login_required
+@project_update_access_required
 def project_delete_route(project_id: int):
     """Delete a project"""
     project_service.delete(project_id)
     return redirect(url_for("project.project_list_route"))
 
-@blueprint.route("/projects/<int:project_id>/tasks/<int:task_id>", methods=["GET", "POST"])
+
+@blueprint.route(
+    "/projects/<int:project_id>/users/<int:user_id>/edit", methods=["POST"]
+)
 @login_required
+@project_update_access_required
+def project_user_edit_route(project_id: int, user_id: int):
+    """Edit the role of a user in a project"""
+    if request.form:
+        handle_update_user_role(project_id, user_id, request.form)
+    return redirect(request.referrer)
+
+
+@blueprint.route(
+    "/projects/<int:project_id>/tasks/<int:task_id>", methods=["GET", "POST"]
+)
+@login_required
+@project_read_access_required
 def project_task_view_route(project_id: int, task_id: int):
     """View of a single task in a project"""
     form = CreateCommentForm(request.form)
     if request.method == "POST" and form.validate_on_submit():
-        content = form.content.data
-        new_comment = comment_service.create(task_id=task_id, creator_id=current_user.id,
-                               created_at=datetime.now().isoformat(), content=content)
-        if not new_comment:
-            flash("Failed to create comment", "error")
-        form.content.data = ""
-
-    task = task_service.get_by_id_and_project_with_comments(task_id, project_id)
+        handle_create_comment(task_id, form)
+
+    task = task_service.get_by_id_and_project(task_id, project_id)
+    comments = comment_service.get_all_by_task(task_id)
     project = project_service.get_by_id(project_id)
+    user_project_role = project_service.get_user_role(current_user.id, project_id)
     users_dict = {user.id: user for user in user_service.get_all()}
 
     if not project:
@@ -113,32 +150,36 @@ def project_task_view_route(project_id: int, task_id: int):
     if not task:
         return redirect(url_for("project.project_view_route", project_id=project_id))
 
-    return render_template("project_task_view.html", project=project,
-                           task=task, users_dict=users_dict, form=form)
+    return render_template(
+        "project_task_view.html",
+        project=project,
+        task=task,
+        comments=comments,
+        users_dict=users_dict,
+        user_project_role=user_project_role,
+        form=form,
+    )
 
-@blueprint.route("/projects/<int:project_id>/tasks/<int:task_id>/edit", methods=["POST"])
+
+@blueprint.route(
+    "/projects/<int:project_id>/tasks/<int:task_id>/edit", methods=["POST"]
+)
 @login_required
+@task_update_access_required
 def project_task_edit_route(project_id: int, task_id: int):
     """Edit a task in a project"""
-    data = request.form
-    if data:
-        update_data = {}
-        if "status" in data:
-            update_data["status"] = data["status"]
-        if "priority" in data:
-            update_data["priority"] = data["priority"]
-        if "assignee_id" in data:
-            update_data["assignee_id"] = int(data["assignee_id"])
-            if update_data["assignee_id"] == 0:
-                update_data["assignee_id"] = None
-
-        task_service.update(task_id, project_id, **update_data)
+    if request.form:
+        handle_update_task(task_id, project_id, request.form)
 
     return redirect(request.referrer)
 
-@blueprint.route("/projects/<int:project_id>/tasks/<int:task_id>/delete", methods=["POST"])
+
+@blueprint.route(
+    "/projects/<int:project_id>/tasks/<int:task_id>/delete", methods=["POST"]
+)
 @login_required
+@task_update_access_required
 def project_task_delete_route(project_id: int, task_id: int):
     """Delete a task from a project"""
-    task_service.delete(task_id, project_id)
+    handle_delete_task(project_id, task_id)
     return redirect(url_for("project.project_view_route", project_id=project_id))
diff --git a/protaskinate/routes/register.py b/protaskinate/routes/register.py
index 970d68b..f62e404 100644
--- a/protaskinate/routes/register.py
+++ b/protaskinate/routes/register.py
@@ -1,23 +1,13 @@
 """protaskinate/routes/register.py"""
 
-from flask import Blueprint, redirect, render_template, request
-from flask_login import login_user
-from flask_wtf import FlaskForm
-from wtforms import PasswordField, StringField, SubmitField
-from wtforms.validators import DataRequired, EqualTo
+from flask import Blueprint, redirect, render_template, request, url_for
 
-from protaskinate.services import user_service
+from protaskinate.routes.forms.register_forms import RegisterForm
+from protaskinate.routes.handlers.register_handlers import handle_register
 from protaskinate.utils.login_manager import login_redirect
 
 blueprint = Blueprint("register", __name__)
 
-class RegisterForm(FlaskForm):
-    """Form for registering a user"""
-    username = StringField("Username", validators=[DataRequired()])
-    password = PasswordField("Password", validators=[DataRequired()])
-    confirm_password = PasswordField("Confirm Password", validators=[DataRequired(),
-                                                                     EqualTo("password")])
-    submit = SubmitField("Register")
 
 @blueprint.route("/register", methods=["GET", "POST"])
 @login_redirect
@@ -25,17 +15,8 @@ def register_route():
     """Render the register page"""
     form = RegisterForm(request.form)
 
-    if request.method == "POST" and form.validate_on_submit():
-        username = form.username.data
-        password = form.password.data
+    if form.validate_on_submit():
+        if handle_register(form):
+            return redirect(url_for("dashboard.dashboard_route"))
 
-        if user_service.get_by_username(username):
-            return render_template("register.html", form=form, error="Username already exists")
-
-        registered_user = user_service.register(username, password)
-        if registered_user:
-            login_user(registered_user)
-            return redirect("/")
-
-        return render_template("register.html", form=form, error="Something went wrong")
     return render_template("register.html", form=form)
diff --git a/protaskinate/services/__init__.py b/protaskinate/services/__init__.py
index e24b9d8..fec7b28 100644
--- a/protaskinate/services/__init__.py
+++ b/protaskinate/services/__init__.py
@@ -2,3 +2,4 @@
 from .task_service import task_service
 from .project_service import project_service
 from .comment_service import comment_service
+from .activity_log_service import activity_log_service
diff --git a/protaskinate/services/activity_log_service.py b/protaskinate/services/activity_log_service.py
new file mode 100644
index 0000000..f6607ff
--- /dev/null
+++ b/protaskinate/services/activity_log_service.py
@@ -0,0 +1,43 @@
+"""protaskinate/services/activity_log_service.py"""
+
+from datetime import datetime
+from typing import List, Optional, TypedDict
+from typing_extensions import Unpack, NotRequired
+
+from protaskinate.entities.activity_log import ActivityLog, ActivityLogAction
+from protaskinate.repositories import activity_log_repository
+
+
+class NewActivityLog(TypedDict):
+    """Type representing the data required to create a new activity log"""
+
+    user_id: int
+    project_id: int
+    action: ActivityLogAction
+    created_at: NotRequired[datetime]
+
+
+class ActivityLogService:
+    """Activity log service"""
+
+    def get_all_by_project(self, project_id: int) -> List[ActivityLog]:
+        """Get all activity logs by project"""
+        return activity_log_repository.get_all({"project_id": project_id}, ["created_at"], [True])
+
+
+    def create_log(self, **kwargs: Unpack[NewActivityLog]) -> Optional[ActivityLog]:
+        """Create a new activity log"""
+        return activity_log_repository.create(
+            {
+                "user_id": kwargs["user_id"],
+                "project_id": kwargs["project_id"],
+                "created_at": (
+                    kwargs["created_at"].isoformat()
+                    if "created_at" in kwargs
+                    else datetime.now().isoformat()
+                ),
+                "action": kwargs["action"].value,
+            }
+        )
+
+activity_log_service = ActivityLogService()
diff --git a/protaskinate/services/comment_service.py b/protaskinate/services/comment_service.py
index 190d03f..4ef0f4b 100644
--- a/protaskinate/services/comment_service.py
+++ b/protaskinate/services/comment_service.py
@@ -1,6 +1,6 @@
 """protaskinate/services/comment_service.py"""
 
-from typing import Optional
+from typing import List, Optional
 
 from protaskinate.entities import Comment
 from protaskinate.repositories import comment_repository
@@ -8,6 +8,11 @@
 
 class CommentService:
     """Comment service that interacts with the repository"""
+
+    def get_all_by_task(self, task_id: int) -> List[Comment]:
+        """Get all comments by task"""
+        return comment_repository.get_all({"task_id": task_id})
+
     def create(self, **kwargs) -> Optional[Comment]:
         """Create a comment"""
         return comment_repository.create(kwargs)
@@ -16,4 +21,5 @@ def delete(self, comment_id: int, task_id: int) -> None:
         """Delete a comment"""
         return comment_repository.delete({"id": comment_id, "task_id": task_id})
 
+
 comment_service = CommentService()
diff --git a/protaskinate/services/project_service.py b/protaskinate/services/project_service.py
index 53a8ab6..821c073 100644
--- a/protaskinate/services/project_service.py
+++ b/protaskinate/services/project_service.py
@@ -1,8 +1,15 @@
 """protaskinate/services/project_service.py"""
 
 from typing import List, Optional
-from protaskinate.entities.project import Project
+
+from protaskinate.entities.project import (
+    Project,
+    ProjectRole,
+    ProjectUser,
+    ProjectWithRole,
+)
 from protaskinate.repositories import project_repository
+from protaskinate.services import task_service
 
 
 class ProjectService:
@@ -12,12 +19,81 @@ def get_all(self) -> List[Project]:
         """Get all projects"""
         return project_repository.get_all()
 
+    def get_all_by_user_with_role(self, user_id: int) -> List[ProjectWithRole]:
+        """Get all user projects with their roles"""
+        return project_repository.get_all_by_user_and_roles_with_role(
+            user_id, [ProjectRole.READER, ProjectRole.WRITER, ProjectRole.ADMIN]
+        )
+
+    def get_all_users_in_project(self, project_id: int) -> List[ProjectUser]:
+        """Get all users in a project"""
+        return project_repository.get_all_users_by_project(project_id)
+
     def get_by_id(self, project_id: int) -> Optional[Project]:
         """Get project by id"""
         return project_repository.get({"id": project_id})
 
+    def get_user_role(self, user_id: int, project_id: int) -> Optional[ProjectRole]:
+        """Get the role of a user in a project"""
+        return project_repository.get_user_role(user_id, project_id)
+
     def delete(self, project_id: int) -> None:
         """Delete a project"""
         return project_repository.delete({"id": project_id})
 
+    def create(self, **kwargs) -> Optional[Project]:
+        """Create a project"""
+        return project_repository.create(kwargs)
+
+    def add_user(
+        self, project_id: int, user_id: int, role: ProjectRole
+    ) -> Optional[ProjectUser]:
+        """Add a user to a project"""
+        return project_repository.create_project_user(project_id, user_id, role)
+
+    def update_user_role(
+        self, project_id: int, user_id: int, role: ProjectRole
+    ) -> None:
+        """Update the role of a user in a project"""
+        return project_repository.update_user_role(project_id, user_id, role)
+
+    def check_user_read_access(self, user_id: int, project_id: int) -> bool:
+        """Check if a user has read-access to a project"""
+        return project_repository.get_user_role(user_id, project_id) in [
+            ProjectRole.READER,
+            ProjectRole.WRITER,
+            ProjectRole.ADMIN,
+        ]
+
+    def check_user_write_access(self, user_id: int, project_id: int) -> bool:
+        """Check if a user has write-access to a project"""
+        return project_repository.get_user_role(user_id, project_id) in [
+            ProjectRole.WRITER,
+            ProjectRole.ADMIN,
+        ]
+
+    def check_user_update_access(self, user_id: int, project_id: int) -> bool:
+        """Check if a user has update-access to a project"""
+        return (
+            project_repository.get_user_role(user_id, project_id) == ProjectRole.ADMIN
+        )
+
+    def check_user_task_update_access(
+        self, user_id: int, project_id: int, task_id: int
+    ) -> bool:
+        """Check if a user has update-access to a task"""
+        user_project_role = project_repository.get_user_role(user_id, project_id)
+        if user_project_role == ProjectRole.ADMIN:
+            return True
+
+        task = task_service.get_by_id_and_project(task_id, project_id)
+        if not task or task.project_id != project_id:
+            return False
+
+        if user_project_role == ProjectRole.WRITER and task.creator_id == user_id:
+            return True
+
+        return False
+
+
 project_service = ProjectService()
diff --git a/protaskinate/services/task_service.py b/protaskinate/services/task_service.py
index d2b2c93..4bbbe94 100644
--- a/protaskinate/services/task_service.py
+++ b/protaskinate/services/task_service.py
@@ -1,27 +1,39 @@
 """protaskinate/services/task_service.py"""
 
-from typing import List, Optional
+from typing import Dict, List, Optional
 
 from protaskinate.entities import Task
+from protaskinate.entities.task import TaskStatus
 from protaskinate.repositories import task_repository
 
 
 class TaskService:
     """Class representing a service for tasks"""
-    def get_all_by_project(self,
-                project_id: int,
-                order_by_fields: Optional[List[str]],
-                reverse: Optional[List[bool]]) -> List[Task]:
+
+    def get_all_by_project(
+        self,
+        project_id: int,
+        order_by_fields: Optional[List[str]] = None,
+        reverse: Optional[List[bool]] = None,
+    ) -> List[Task]:
         """Get all tasks by project"""
-        return task_repository.get_all({"project_id": project_id}, order_by_fields, reverse)
+        return task_repository.get_all(
+            {"project_id": project_id}, order_by_fields, reverse
+        )
+
+    def get_by_id_and_project(self, task_id: int, project_id: int) -> Optional[Task]:
+        """Get task by ID and project"""
+        return task_repository.get({"id": task_id, "project_id": project_id})
 
-    def get_by_id_and_project_with_comments(self, task_id: int, project_id: int) -> Optional[Task]:
-        """Get task by ID and project with comments"""
-        return task_repository.get_join_comments({"id": task_id, "project_id": project_id})
+    def count_by_assignee_grouped_by_status(
+        self, assignee_id: int
+    ) -> Dict[TaskStatus, int]:
+        """Get all tasks assigned to a user grouped by status"""
+        return task_repository.count_by_assignee_grouped_by_status(assignee_id)
 
     def update(self, task_id: int, project_id: int, **kwargs) -> Optional[Task]:
         """Update the task"""
-        return task_repository.update({"id":task_id, "project_id": project_id}, kwargs)
+        return task_repository.update({"id": task_id, "project_id": project_id}, kwargs)
 
     def create(self, **kwargs) -> Optional[Task]:
         """Create a task"""
@@ -31,4 +43,5 @@ def delete(self, task_id: int, project_id: int) -> None:
         """Delete a task"""
         return task_repository.delete({"id": task_id, "project_id": project_id})
 
+
 task_service = TaskService()
diff --git a/protaskinate/services/user_service.py b/protaskinate/services/user_service.py
index fd79002..05c2c70 100644
--- a/protaskinate/services/user_service.py
+++ b/protaskinate/services/user_service.py
@@ -10,11 +10,6 @@
 
 class UserService:
     """Class representing a service for users"""
-    def login(self, username: str, password: str) -> Optional[User]:
-        """Login a user"""
-        if user_repository.verify_password(username, password):
-            return user_repository.get({"username": username})
-        return None
 
     def get_all(self) -> List[User]:
         """Get all users"""
@@ -28,9 +23,17 @@ def get_by_username(self, username: str) -> Optional[User]:
         """Get a user by username"""
         return user_repository.get({"username": username})
 
+    def login(self, username: str, password: str) -> Optional[User]:
+        """Login a user"""
+        if user_repository.verify_password(username, password):
+            return user_repository.get({"username": username})
+        return None
+
     def register(self, username: str, password: str) -> Optional[User]:
         """Register a user"""
-        return user_repository.create({"username": username,
-                                       "password": generate_password_hash(password)})
+        return user_repository.create(
+            {"username": username, "password": generate_password_hash(password)}
+        )
+
 
 user_service = UserService()
diff --git a/protaskinate/templates/base.html b/protaskinate/templates/base.html
index 338f45b..140832e 100644
--- a/protaskinate/templates/base.html
+++ b/protaskinate/templates/base.html
@@ -1,3 +1,4 @@
+{% from "macros.html" import nav_link %}
 <!DOCTYPE html>
 <html>
 	<head>
@@ -33,8 +34,29 @@ <h1 class="title is-1">ProTaskinate</h1>
                 {% if current_user.is_authenticated %}
                     <p class="menu-label">General</p>
                     <ul class="menu-list">
-                        <li><a href="{{ url_for("dashboard.dashboard_route") }}" class="{% if url_for("dashboard.dashboard_route") in request.path %}is-active{% endif %}">Dashboard</a></li>
-                        <li><a href="{{ url_for("project.project_list_route") }}" class="{% if url_for("project.project_list_route") in request.path %}is-active{% endif %}">Projects</a></li>
+                        <li>
+                            {{ nav_link(url_for("dashboard.dashboard_route"), "Dashboard") }}
+                        </li>
+                        <li>
+                            {{ nav_link(url_for("project.project_list_route"), "Projects") }}
+                            {% if project %}
+                            <ul class="menu-list">
+                                <li>
+                                    {{ nav_link(url_for("project.project_view_route", project_id=project.id), "View") }}
+                                    {% if task %}
+                                        <ul class="menu-list">
+                                            <li>
+                                                {{ nav_link(url_for("project.project_task_view_route", project_id=project.id, task_id=task.id), task.title) }}
+                                            </li>
+                                        </ul>
+                                    {% endif %}
+                                </li>
+                                <li>
+                                    {{ nav_link(url_for("project.project_board_route", project_id=project.id), "Board") }}
+                                </li>
+                            </ul>
+                            {% endif %}
+                        </li>
                     </ul>
                     <p class="menu-label">User ({{ current_user.username }})</p>
                     <ul class="menu-list">
@@ -49,35 +71,43 @@ <h1 class="title is-1">ProTaskinate</h1>
                 {% endif %}
             </aside>
             <div style="margin-left: 350px">
-                <section class="section column">
-                    <div class="container">
-                        <div class="mb-4 is-flex is-flex-direction-column" style="gap: 8px">
-                            {% with messages = get_flashed_messages(with_categories=true) %}
-                                {% if messages %}
-                                        {% for category, message in messages %}
-                                            <div class="notification is-{% if category == "error" %}danger{% elif category == "success"%}success{% else %}info{% endif %}">
-                                                <button class="delete"></button>
-                                                {{ message }}
-                                            </div>
-                                        {% endfor %}
-                                {% endif %}
-                            {% endwith %}
-                        </div>
-                        {% block content %}{% endblock %}
+                <div class="container">
+                    <div class="is-flex is-flex-direction-column mt-4" style="gap: 8px; position: fixed; z-index: 10; width: 75%;">
+                        {% with messages = get_flashed_messages(with_categories=true) %}
+                            {% if messages %}
+                                    {% for category, message in messages %}
+                                        <div class="notification is-{% if category == "error" %}danger{% elif category == "success"%}success{% else %}info{% endif %}">
+                                            <button class="delete"></button>
+                                            {{ message }}
+                                        </div>
+                                    {% endfor %}
+                            {% endif %}
+                        {% endwith %}
                     </div>
-                </section>
+                    <section class="hero">
+                        <div class="hero-body">
+                            <h1 class="title is-2">{% block hero_title %}{% endblock %}</h1>
+                            <h2 class="subtitle">{% block hero_description %}{% endblock %}</h2>
+                        </div>
+                    </section>
+                    {% block content %}{% endblock %}
+                </div>
             </div>
         </div>
 	</body>
     <script>
         document.addEventListener('DOMContentLoaded', () => {
-          (document.querySelectorAll('.notification .delete') || []).forEach(($delete) => {
-            const $notification = $delete.parentNode;
+            (document.querySelectorAll('.notification .delete') || []).forEach(($delete) => {
+                const $notification = $delete.parentNode;
 
-            $delete.addEventListener('click', () => {
-              $notification.parentNode.removeChild($notification);
+                $delete.addEventListener('click', () => {
+                $notification.parentNode.removeChild($notification);
+                });
+            });
+            document.querySelectorAll('time').forEach($e => {
+                const date = new Date($e.dateTime);
+                $e.innerHTML = date.toLocaleString();
             });
-          });
         });
     </script>
 </html>
diff --git a/protaskinate/templates/dashboard.html b/protaskinate/templates/dashboard.html
index ee241bd..f4504b6 100644
--- a/protaskinate/templates/dashboard.html
+++ b/protaskinate/templates/dashboard.html
@@ -1,6 +1,19 @@
 {% extends "base.html" %}
 {% block title %}Dashboard{% endblock %}
+{% block hero_title %}Dashboard{% endblock %}
+{% block hero_description %}Hello {{current_user.username}}, welcome to the dashboard!{% endblock %}
 {% block content %}
-<h2 class="title is-2">Dashboard</h2>
-<p>Hello {{current_user.username}}, welcome to the dashboard!</p>
+<section class="section">
+    <h3 class="title is-4">Tasks assigned to you:</h3>
+    <nav class="level">
+        {% for status in task_counts_by_status %}
+        <div class="level-item has-text-centered">
+            <div>
+                <p class="heading">{{status.value.replace("_","").title()}}</p>
+                <p class="title">{{task_counts_by_status[status]}}</p>
+            </div>
+        </div>
+        {% endfor %}
+    </nav>
+</section>
 {% endblock %}
diff --git a/protaskinate/templates/login.html b/protaskinate/templates/login.html
index 62f763d..2dfa3ab 100644
--- a/protaskinate/templates/login.html
+++ b/protaskinate/templates/login.html
@@ -11,7 +11,7 @@ <h2 class="card-header-title is-centered">Login</h2>
             {{ error }}
         </div>
         {% endif %}
-        <form method="POST">
+        <form method="POST" novalidate="true">
             {{  form.hidden_tag() }}
             <div class="field">
                 {{ form.username.label(class="label") }}
@@ -29,7 +29,7 @@ <h2 class="card-header-title is-centered">Login</h2>
             </div>
             <div class="field">
                 <div class="control">
-                    {{  form.submit(class="button") }}
+                    {{  form.submit(class="button is-link") }}
                 </div>
             </div>
         </form>
diff --git a/protaskinate/templates/macros.html b/protaskinate/templates/macros.html
new file mode 100644
index 0000000..f3e7447
--- /dev/null
+++ b/protaskinate/templates/macros.html
@@ -0,0 +1,128 @@
+{% macro disable_form_if_no_task_update_access(user_project_role, task, current_user) %}
+    {% if user_project_role.value != "admin" and (user_project_role.value != "writer" or task.creator_id != current_user.id) %}
+        <fieldset disabled>
+    {% endif %}
+{% endmacro %}
+
+{% macro disable_form_if_no_write_access(user_project_role) %}
+    {% if user_project_role.value not in ("admin", "writer") %}
+        <fieldset disabled>
+    {% endif %}
+{% endmacro %}
+
+{% macro disable_form_if_no_update_access(user_project_role) %}
+    {% if user_project_role.value != "admin" %}
+        <fieldset disabled>
+    {% endif %}
+{% endmacro %}
+
+{% macro csrf_token_input() %}
+    <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
+{% endmacro %}
+
+{% macro delete_project_form(project_with_role) %}
+    <form method="POST" action="{{ url_for("project.project_delete_route", project_id=project_with_role.project.id) }}" class="card-footer-item project-delete-form p-0">
+        {{ disable_form_if_no_update_access(project_with_role.role) }}
+        {{ csrf_token_input() }}
+        <button type="submit" class="{% if project_with_role.role.value != "admin" %}has-text-dark{% else %}has-text-link{% endif %}" style="width: 100%; height: 100%; {% if project_with_role.role.value != "admin" %}cursor: not-allowed{% endif %}">
+            Delete
+        </button>
+    </form>
+{% endmacro %}
+
+{% macro update_project_user_role_form(project, project_user) %}
+    <form method="POST" action="{{url_for("project.project_user_edit_route", project_id=project.id, user_id=project_user.user.id)}}">
+        {{ csrf_token_input() }}
+        <div class="control">
+            <div class="select">
+                <select name="role" class="project-user-role-select">
+                    <option value="admin" {% if project_user.role.value == "admin" %}selected{% endif %}>Admin</option>
+                    <option value="writer" {% if project_user.role.value == "writer" %}selected{% endif %}>Writer</option>
+                    <option value="reader" {% if project_user.role.value == "reader" %}selected{% endif %}>Reader</option>
+                </select>
+            </div>
+        </div>
+    </form>
+{% endmacro %}
+
+{% macro update_task_status_form(project, task, user_project_role, current_user) %}
+    <form method="POST" action="{{url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id)}}">
+        {{ disable_form_if_no_task_update_access(user_project_role, task, current_user) }}
+        {{ csrf_token_input() }}
+        <div class="control">
+            <div class="select">
+                <select name="status" class="task-status-select">
+                    <option value="open" {% if task.status.value == "open" %}selected{% endif %}>Open</option>
+                    <option value="in_progress" {% if task.status.value == "in_progress" %}selected{% endif %}>In Progress</option>
+                    <option value="done" {% if task.status.value == "done" %}selected{% endif %}>Done</option>
+                </select>
+            </div>
+        </div>
+    </form>
+{% endmacro %}
+
+{% macro update_task_priority_form(project, task, user_project_role, current_user) %}
+    <form method="POST" action={{ url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id) }}>
+        {{ disable_form_if_no_task_update_access(user_project_role, task, current_user) }}
+        {{ csrf_token_input() }}
+        <div class="control">
+            <div class="select">
+                <select class="task-priority-select" data-task-id="{{ task.id }}" name="priority">
+                    <option value="low" {% if task.priority.value == 'low' %}selected{% endif %}>Low</option>
+                    <option value="medium" {% if task.priority.value == 'medium' %}selected{% endif %}>Medium</option>
+                    <option value="high" {% if task.priority.value == 'high' %}selected{% endif %}>High</option>
+                    <option value="very_high" {% if task.priority.value == 'very_high' %}selected{% endif %}>Very High</option>
+                </select>
+            </div>
+        </div>
+    </form>
+{% endmacro %}
+
+{% macro update_task_assignee_form(project, task, user_project_role, current_user, users_dict) %}
+    <form method="POST" action={{ url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id) }}>
+        {{ disable_form_if_no_task_update_access(user_project_role, task, current_user) }}
+        {{ csrf_token_input() }}
+        <div class="control">
+            <div class="select">
+                <select class="task-assignee-select" data-task-id="{{ task.id }}" name="assignee_id">
+                    <option value="0" {% if task.assignee_id is none %}selected{% endif %}>Unassigned</option>
+                    {% for user in users_dict.values() %}
+                        <option value="{{ user.id }}" {% if task.assignee_id == user.id %}selected{% endif %}>{{ user.username }}</option>
+                    {% endfor %}
+                </select>
+            </div>
+        </div>
+    </form>
+{% endmacro %}
+
+{% macro update_task_deadline_form(project, task, user_project_role, current_user) %}
+    <form method="POST" action="{{url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id)}}">
+        {{ disable_form_if_no_task_update_access(user_project_role, task, current_user) }}
+        {{ csrf_token_input() }}
+        <div class="control">
+            <input name="deadline" type="date" class="task-deadline-date input" value="{% if task.deadline != None %}{{ task.deadline.strftime("%Y-%m-%d") }}{% endif %}"/>
+        </div>
+    </form>
+{% endmacro %}
+
+{% macro format_datetime(datetime) %}
+    <time datetime="{{ datetime.isoformat() }}+00:00">{{ datetime.strftime("%Y-%m-%d") }}</time>
+{% endmacro %}
+
+{% macro nav_link(href, text) %}
+    <a href="{{ href }}" class="{% if href == request.path %}is-active{% endif %}">
+        {{ text }}
+    </a>
+{% endmacro %}
+
+{% macro task_priority_icon(priority) %}
+    {% if priority.value == "low" %}
+    <i class="fas fa-arrow-down has-text-success"></i>
+    {% elif priority.value == "medium" %}
+    <i class="fas fa-arrow-down has-text-info"></i>
+    {% elif priority.value == "high" %}
+    <i class="fas fa-arrow-up has-text-warning"></i>
+    {% elif priority.value == "very_high" %}
+    <i class="fas fa-arrow-up has-text-danger"></i>
+    {% endif %}
+{% endmacro %}
diff --git a/protaskinate/templates/project_board.html b/protaskinate/templates/project_board.html
new file mode 100644
index 0000000..238ca37
--- /dev/null
+++ b/protaskinate/templates/project_board.html
@@ -0,0 +1,147 @@
+{% from "macros.html" import task_priority_icon, csrf_token_input %}
+
+{% macro status_task_cards(project, task, status) %}
+{% for task in tasks %}
+{% if task.status.value == status %}
+<div draggable="true" class="card task">
+    <header class="card-header">
+        <p class="card-header-title" draggable="false">{{task.title}}</p>
+        <form action="{{url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id)}}" method="POST">
+            {{csrf_token_input()}}
+            <input type="hidden" name="status" value="{{status}}">
+        </form>
+        <a class="card-header-icon" draggable="false" href="{{ url_for("project.project_task_view_route", project_id=project.id, task_id=task.id) }}">
+            <span class="icon">
+                <i class="fas fa-eye"></i>
+            </span>
+        </a>
+    </header>
+    <footer class="card-footer">
+        <div class="card-footer-item is-flex" style="gap: 8px" draggable="false">
+            {{ task_priority_icon(task.priority) }}
+            {{ task.priority.value.title().replace("_", " ") }}
+        </div>
+        <div class="card-footer-item is-flex" style="gap: 8px" draggable="false">
+            <i class="fas fa-user"></i>
+            {% if task.assignee_id %}
+            {{ users_dict[task.assignee_id].username }}
+            {% else %}
+            Unassigned
+            {% endif %}
+        </div>
+    </footer>
+</div>
+{% endif %}
+{% endfor %}
+{% endmacro %}
+
+{% extends "base.html" %}
+{% block title %}{{project.name}}{% endblock %}
+{% block hero_title %}{{project.name}} - Board{% endblock %}
+{% block hero_description %}Kanban board for all project tasks{% endblock %}
+{% block content %}
+<div class="columns">
+    <div class="column" data-status="open">
+        <div>
+            <h3 class="title is-4">Open</h3>
+        </div>
+        <hr />
+        <div class="tasks" style="min-height: 100%">
+            {{ status_task_cards(project, tasks, "open") }}
+        </div>
+    </div>
+    <div class="column" data-status="in_progress">
+        <div>
+            <h3 class="title is-4">In Progress</h3>
+        </div>
+        <hr />
+        <div class="tasks" style="min-height: 100%;">
+            {{ status_task_cards(project, tasks, "in_progress") }}
+        </div>
+    </div>
+    <div class="column" data-status="done">
+        <div>
+            <h3 class="title is-4">Done</h3>
+        </div>
+        <hr />
+        <div class="tasks" style="min-height: 100%">
+            {{ status_task_cards(project, tasks, "done") }}
+        </div>
+    </div>
+</div>
+<script>
+    document.addEventListener("DOMContentLoaded", () => {
+        document.querySelectorAll(".task").forEach((task) => {
+            task.addEventListener("dragstart", (event) => {
+                if (!event.target.classList || !event.target.classList.contains("task")) return;
+                console.log(event.target);
+                event.dataTransfer.effectsAllowed = "move";
+                event.dataTransfer.setData("text/plain", "");
+                requestAnimationFrame(() => event.target.classList.add("dragging"));
+            });
+
+            task.addEventListener("dragend", (event) => {
+                if (!event.target.classList || !event.target.classList.contains("task")) return;
+                dragging = document.querySelector(".dragging");
+                statusColumn = dragging.closest(".column");
+                statusInput = dragging.querySelector("input[name='status']");
+
+                if (statusInput.value !== statusColumn.dataset.status) {
+                    statusInput.value = statusColumn.dataset.status;
+                    dragging.querySelector("form").submit();
+                }
+
+                requestAnimationFrame(() => event.target.classList.remove("dragging"));
+            });
+        });
+
+        document.querySelectorAll(".tasks").forEach((tasks) => {
+            tasks.addEventListener("drop", (event) => {
+                event.preventDefault();
+            });
+
+            tasks.addEventListener("dragover", (event) => {
+                const dragging = document.querySelector(".dragging");
+                const closest = event.target.closest(".task, .tasks");
+
+                if (!dragging) return;
+
+                event.preventDefault();
+
+                if (!closest || closest === dragging) return;
+
+                if (closest.classList.contains("tasks")) {
+                    const lastTask = closest.lastElementChild;
+                    if (!lastTask) {
+                        closest.appendChild(dragging);
+                    } else {
+                        const {bottom} = lastTask.getBoundingClientRect();
+                        if (event.clientY > bottom) {
+                            closest.appendChild(dragging);
+                        }
+                    }
+                } else {
+                    const {top, height} = closest.getBoundingClientRect();
+                    const distance = top + height / 2;
+
+                    if (event.clientY < distance) {
+                        closest.before(dragging);
+                    } else {
+                        closest.after(dragging);
+                    }
+                }
+            });
+        });
+    });
+</script>
+<style>
+    .task {
+        cursor: move;
+    }
+    .task.dragging {
+        cursor: default;
+        box-shadow: none;
+        opacity: 0.5;
+    }
+</style>
+{% endblock %}
diff --git a/protaskinate/templates/project_list.html b/protaskinate/templates/project_list.html
index 99c4d83..b102e41 100644
--- a/protaskinate/templates/project_list.html
+++ b/protaskinate/templates/project_list.html
@@ -1,39 +1,73 @@
+{% from "macros.html" import delete_project_form, format_datetime %}
 {% extends "base.html" %}
 {% block title %}Projects{% endblock %}
+{% block hero_title %}Projects{% endblock %}
+{% block hero_description%}View all projects{% endblock %}
 {% block content %}
-<h2 class="title is-2">Projects</h2>
-<div class="fixed-grid has-3-cols">
-    <div class="grid">
-        {% for project in projects %}
-            <div class="cell">
-                <div class="card">
-                    <header class="card-header">
-                        <p class="card-header-title">{{ project.name }}</p>
-                    </header>
-                    <div class="card-content">
-                        <div class="content">
+    <section class="section">
+        <div class="container">
+            <div class="fixed-grid has-3-cols">
+                <div class="grid">
+                    {% for pwr in projects_with_roles %}
+                        <div class="cell">
+                            <div class="card">
+                                <div class="card-content">
+                                    <div class="content">
+                                        <h2 class="title">{{ pwr.project.name }}</h2>
+                                        <p>{% if pwr.project.description %}{{ pwr.project.description }}{% endif %}</p>
+                                    </div>
+                                </div>
+                                <footer class="card-footer">
+                                    <a href="{{ url_for("project.project_view_route", project_id=pwr.project.id) }}" class="card-footer-item">View</a>
+                                    {{ delete_project_form(pwr) }}
+                                </footer>
+                            </div>
                         </div>
+                    {% endfor %}
+                </div>
+            <div>
+        </div>
+    </section>
+    <section class="section">
+        <div class="container">
+            <h3 class="title is-4">Create Project</h3>
+            <form method="POST" novalidate="true">
+                {{ form.hidden_tag() }}
+                <div class="field">
+                    <label class="label">Name</label>
+                    <div class="control">
+                        {{ form.name(class="input") }}
+                    </div>
+                    {% for error in form.name.errors %}
+                        <p class="help is-danger">{{ error }}</p>
+                    {% endfor %}
+                </div>
+                <div class="field">
+                    <label class="label">Description</label>
+                    <div class="control">
+                        {{ form.description(class="textarea") }}
+                    </div>
+                    {% for error in form.description.errors %}
+                        <p class="help is-danger">{{ error }}</p>
+                    {% endfor %}
+                </div>
+                <div class="field">
+                    <div class="control">
+                        {{ form.submit(class="button is-link") }}
                     </div>
-                    <footer class="card-footer">
-                        <a href="{{ url_for("project.project_view_route", project_id=project.id) }}" class="card-footer-item">View</a>
-                        <form method="POST" action="{{ url_for("project.project_delete_route", project_id=project.id) }}" class="card-footer-item project-delete-form p-0">
-                            <button type="submit" class="has-text-link" style="width: 100%; height: 100%">Delete</button>
-                        </form>
-                    </footer>
                 </div>
-            </div>
-        {% endfor %}
-    </div>
-<div>
-<script>
-    document.addEventListener("DOMContentLoaded", () => {
-        document.querySelectorAll(".project-delete-form").forEach(form => {
-            form.addEventListener("submit", event => {
-                if (!confirm("Are you sure you want to delete this project and all of its contents?")) {
-                    event.preventDefault();
-                }
+            </form>
+        </div>
+    </section>
+    <script>
+        document.addEventListener("DOMContentLoaded", () => {
+            document.querySelectorAll(".project-delete-form").forEach(form => {
+                form.addEventListener("submit", event => {
+                    if (!confirm("Are you sure you want to delete this project and all of its contents?")) {
+                        event.preventDefault();
+                    }
+                });
             });
         });
-    });
-</script>
+    </script>
 {% endblock %}
diff --git a/protaskinate/templates/project_task_view.html b/protaskinate/templates/project_task_view.html
index 58e29c0..65bd225 100644
--- a/protaskinate/templates/project_task_view.html
+++ b/protaskinate/templates/project_task_view.html
@@ -1,29 +1,43 @@
+{% from "macros.html" import update_task_status_form, update_task_priority_form, update_task_assignee_form, update_task_deadline_form, disable_form_if_no_task_update_access, format_datetime, csrf_token_input %}
 {% extends "base.html" %}
 {% block title %}{{task.title}}{% endblock %}
 {% block content %}
-<div>
+<div class="p-4">
     <div class="card">
         <header class="card-header">
-            <p class="card-header-title">task-{{ task.id }}</p>
-            <form method="POST" action="{{url_for("project.project_task_delete_route", project_id=project.id, task_id=task.id)}}" class="task-delete-form">
-                <button class="card-header-icon" type="submit">
+            <p class="card-header-title"><span>{{project.name}}</span><span class="mx-2">/</span><span>task-{{ task.id }}</span></p>
+            <div>
+                <form method="POST" action="{{url_for("project.project_task_delete_route", project_id=project.id, task_id=task.id)}}" class="task-delete-form">
+                    {{ disable_form_if_no_task_update_access(user_project_role, task, current_user) }}
+                    {{ csrf_token_input() }}
+                    <div class="control">
+                        <button class="button card-header-icon" type="submit">
+                            <span class="icon">
+                                <i class="fas fa-trash"></i>
+                            </span>
+                        </button>
+                    </div>
+                </form>
+            </div>
+            <div>
+                <a href="{{url_for("project.project_view_route", project_id=project.id)}}" class="card-header-icon">
                     <span class="icon">
-                        <i class="fas fa-trash"></i>
+                        <i class="fas fa-x"></i>
                     </span>
-                </button>
-            </form>
-            <a href="{{url_for("project.project_view_route", project_id=project.id)}}" class="card-header-icon">
-                <span class="icon">
-                    <i class="fas fa-x"></i>
-                </span>
-            </a>
+                </a>
+            </div>
         </header>
         <div class="card-content">
             <div class="content is-flex" style="gap: 16px">
-                <div style="flex-basis: 75%">
-                    <div class="mb-4">
-                        <h3 class="title is-3">{{ task.title }}</h3>
-                        <p>{% if task.description != None %}{{ task.description }}{% endif %}</p>
+                <div class="container is-flex is-flex-direction-column" style="flex-basis: 75%; gap: 2em;">
+                    <div>
+                        <h2 class="title is-3">{{ task.title }}</h2>
+                    </div>
+                    <div>
+                        <h3>Description</h3>
+                        <div class="content py-2">
+                            <p>{{ task.description }}</p>
+                        </div>
                     </div>
                     <div>
                         <h3>Comments</h3>
@@ -43,14 +57,14 @@ <h3>Comments</h3>
                                     </div>
                                     <div class="field">
                                         <div class="control">
-                                            {{ form.submit(class="button") }}
+                                            {{ form.submit(class="button is-link") }}
                                         </div>
                                     </div>
                                 </form>
                             </div>
                         </div>
                         <div class="is-flex is-flex-direction-column" style="gap: 8px">
-                            {% for comment in task.comments %}
+                            {% for comment in comments %}
                                 <div class="is-flex">
                                     <div>
                                          <span class="icon is-large">
@@ -74,41 +88,15 @@ <h3>Comments</h3>
                 <div>
                     <div class="field">
                         <label class="label">Status</label>
-                        <div class="select">
-                            <form method="POST" action="{{url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id)}}">
-                                <select name="status" class="task-status-select">
-                                    <option value="open" {% if task.status.value == "open" %}selected{% endif %}>Open</option>
-                                    <option value="in_progress" {% if task.status.value == "in_progress" %}selected{% endif %}>In Progress</option>
-                                    <option value="done" {% if task.status.value == "done" %}selected{% endif %}>Done</option>
-                                </select>
-                            </form>
-                        </div>
+                        {{ update_task_status_form(project, task, user_project_role, current_user) }}
                     </div>
                     <div class="field">
                         <label class="label">Priority</label>
-                        <div class="select">
-                            <form method="POST" action="{{url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id)}}">
-                                <select name="priority" class="task-priority-select">
-                                    <option value="low" {% if task.priority.value == "low" %}selected{% endif %}>Low</option>
-                                    <option value="medium" {% if task.priority.value == "medium" %}selected{% endif %}>Medium</option>
-                                    <option value="high" {% if task.priority.value == "high" %}selected{% endif %}>High</option>
-                                    <option value="very_high" {% if task.priority.value == "very_high" %}selected{% endif %}>Very High</option>
-                                </select>
-                            </form>
-                        </div>
+                        {{ update_task_priority_form(project, task, user_project_role, current_user) }}
                     </div>
                     <div class="field">
                         <label class="label">Assignee</label>
-                        <div class="select">
-                            <form method="POST" action="{{url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id)}}">
-                                <select name="assignee_id" class="task-assignee-select">
-                                    <option value="0" {% if task.assignee_id is none %}selected{% endif %}>Unassigned</option>
-                                    {% for user in users_dict.values() %}
-                                        <option value="{{ user.id }}" {% if task.assignee_id == user.id %}selected{% endif %}>{{ user.username }}</option>
-                                    {% endfor %}
-                                </select>
-                            </form>
-                        </div>
+                        {{ update_task_assignee_form(project, task, user_project_role, current_user, users_dict) }}
                     </div>
                     <div class="field">
                         <p class="label">Creator</p>
@@ -118,15 +106,12 @@ <h3>Comments</h3>
                     </div>
                     <div class="field">
                         <p class="label">Deadline</p>
-                        <form method="POST" action="{{url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id)}}">
-                            <div class="control">
-                                <input type="date" class="task-deadline-date input" value="{% if task.deadline != None %}{{ task.deadline.strftime("%Y-%m-%d") }}{% endif %}"/>
-                            </div>
-                        </form>
+                        {{ update_task_deadline_form(project, task, user_project_role, current_user) }}
                     </div>
                     <hr>
                     <div>
-                        <p>Created At: {{ task.created_at.strftime("%d/%m/%Y") }}</p>
+                        <p>Created At: {{ format_datetime(task.created_at) }}</p>
+                        <p>Updated At: {{ format_datetime(task.updated_at) }}</p>
                     </div>
                 </div>
             </div>
@@ -150,6 +135,11 @@ <h3>Comments</h3>
             this.form.submit();
         });
     });
+    document.querySelectorAll(".task-deadline-date").forEach(function(dateElement) {
+        dateElement.addEventListener("change", function() {
+            this.form.submit();
+        });
+    });
     document.querySelectorAll(".task-delete-form").forEach(function(formElement) {
         formElement.addEventListener("submit", function() {
             if (!confirm("Are you sure you want to delete this task?")) {
diff --git a/protaskinate/templates/project_view.html b/protaskinate/templates/project_view.html
index 84850c9..90271a6 100644
--- a/protaskinate/templates/project_view.html
+++ b/protaskinate/templates/project_view.html
@@ -1,171 +1,260 @@
+{% from "macros.html" import update_task_status_form, update_task_priority_form, update_task_assignee_form, update_task_deadline_form, disable_form_if_no_task_update_access, disable_form_if_no_write_access, format_datetime, update_project_user_role_form, csrf_token_input %}
 {% extends "base.html" %}
 {% block title %}{{project.name}}{% endblock %}
+{% block hero_title %}{{project.name}}{% endblock %}
+{% block hero_description %}{% if project.description %}{{project.description}}{% endif %}{% endblock %}
 {% block content %}
-<h2 class="title is-2">{{project.name}}</h2>
-<div>
-    <div class="container mb-5">
-        <table class="table">
-            <thead>
-                <tr>
-                    <th>Title</th>
-                    <th>Status</th>
-                    <th>Priority</th>
-                    <th>Assignee</th>
-                    <th>Deadline</th>
-                    <th>Created At</th>
-                    <th>Created By</th>
-                </tr>
-            </thead>
-            <tbody>
-            {% for task in tasks %}
-                <tr data-task-id="{{task.id}}">
-                    <td class="is-align-content-center">{{ task.title }}</td>
-                    <td>
-                        <form method="POST" action={{ url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id) }}>
-                            <div class="select">
-                                <select class="task-status-select" data-task-id="{{ task.id }}" name="status">
-                                    <option value="open" {% if task.status.value == 'open' %}selected{% endif %}>Open</option>
-                                    <option value="in_progress" {% if task.status.value == 'in_progress' %}selected{% endif %}>In Progress</option>
-                                    <option value="done" {% if task.status.value == 'done' %}selected{% endif %}>Done</option>
-                                </select>
-                            </div>
-                        </form>
-                    </td>
-                    <td>
-                        <form method="POST" action={{ url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id) }}>
-                            <div class="select">
-                                <select class="task-priority-select" data-task-id="{{ task.id }}" name="priority">
-                                    <option value="low" {% if task.priority.value == 'low' %}selected{% endif %}>Low</option>
-                                    <option value="medium" {% if task.priority.value == 'medium' %}selected{% endif %}>Medium</option>
-                                    <option value="high" {% if task.priority.value == 'high' %}selected{% endif %}>High</option>
-                                    <option value="very_high" {% if task.priority.value == 'very_high' %}selected{% endif %}>Very High</option>
-                                </select>
-                            </div>
-                        </form>
-                    </td>
-                    <td>
-                        <form method="POST" action={{ url_for("project.project_task_edit_route", project_id=project.id, task_id=task.id) }}>
-                            <div class="select">
-                                <select class="task-assignee-select" data-task-id="{{ task.id }}" name="assignee_id">
-                                    <option value="0" {% if task.assignee_id is none %}selected{% endif %}>Unassigned</option>
-                                    {% for user in users_dict.values() %}
-                                        <option value="{{ user.id }}" {% if task.assignee_id == user.id %}selected{% endif %}>{{ user.username }}</option>
-                                    {% endfor %}
-                                </select>
-                            </div>
-                        </form>
-                    </td>
-                    <td class="is-align-content-center">
-                        {% if task.deadline != None %}
-                            {{ task.deadline.strftime("%d/%m/%Y") }}
-                        {% else %}
-                            None
-                        {% endif %}
-                    </td>
-                    <td class="is-align-content-center">
-                        {% if task.created_at != None %}
-                            {{ task.created_at.strftime("%d/%m/%Y") }}
-                        {% else %}
-                            None
-                        {% endif %}
-                    </td>
-                    <td class="is-align-content-center">{{ users_dict[task.creator_id].username }}</td>
-                    <td class="is-align-content-center">
-                        <a href="{{ url_for("project.project_task_view_route", project_id=project.id, task_id=task.id) }}" class="button">
-                            <span class="icon is-small">
-                                <i class="fas fa-eye"></i>
-                            </span>
-                        </a>
-                    </td>
-                    <td class="is-align-content-center">
-                        <form method="POST" class="task-delete-form" action={{ url_for("project.project_task_delete_route", project_id=project.id, task_id=task.id) }}>
-                            <button type="submit" class="button">
+    <section class="section">
+        <div class="container">
+            <h3 class="title is-4">Project Details</h3>
+            <nav class="level">
+                <div class="level-item has-text-centered">
+                    <div>
+                        <p class="heading">Created By</p>
+                        <p class="title">{{ users_dict[project.creator_id].username }}</p>
+                    </div>
+                </div>
+                <div class="level-item has-text-centered">
+                    <div>
+                        <p class="heading">Your Role</p>
+                        <p class="title">{{ user_project_role.value.title() }}</p>
+                    </div>
+                </div>
+                <div class="level-item has-text-centered">
+                    <div>
+                        <p class="heading">Created At</p>
+                        <p class="title">{{ format_datetime(project.created_at) }}</p>
+                    </div>
+                </div>
+                <div class="level-item has-text-centered">
+                    <div>
+                        <p class="heading">Updated At</p>
+                        <p class="title">{{ format_datetime(project.updated_at) }}</p>
+                    </div>
+                </div>
+            </nav>
+        </div>
+    </section>
+    <section class="section">
+        <div class="container">
+            <h3 class="title is-4">Tasks</h3>
+            <table class="table">
+                <thead>
+                    <tr>
+                        <th style="width: 100%">Title</th>
+                        <th>Status</th>
+                        <th>Priority</th>
+                        <th>Assignee</th>
+                        <th>Deadline</th>
+                        <th>Created By</th>
+                    </tr>
+                </thead>
+                <tbody>
+                {% for task in tasks %}
+                    <tr data-task-id="{{task.id}}">
+                        <td class="is-align-content-center">{{ task.title }}</td>
+                        <td>
+                            {{ update_task_status_form(project, task, user_project_role, current_user) }}
+                        </td>
+                        <td>
+                            {{ update_task_priority_form(project, task, user_project_role, current_user) }}
+                        </td>
+                        <td>
+                            {{ update_task_assignee_form(project, task, user_project_role, current_user, users_dict) }}
+                        </td>
+                        <td>
+                            {{ update_task_deadline_form(project, task, user_project_role, current_user) }}
+                        </td>
+                        <td class="is-align-content-center">{{ users_dict[task.creator_id].username }}</td>
+                        <td class="is-align-content-center">
+                            <a href="{{ url_for("project.project_task_view_route", project_id=project.id, task_id=task.id) }}" class="button">
                                 <span class="icon is-small">
-                                    <i class="fas fa-trash"></i>
+                                    <i class="fas fa-eye"></i>
                                 </span>
-                            </button>
-                        </form>
-                    </td>
-                </tr>
-            {% endfor %}
-            </tbody>
-        </table>
-    </div>
-    <div class="container">
-        <h3 class="title is-3">Create Task</h3>
-        <form method="POST">
-            {{ form.hidden_tag() }}
-            <div class="field">
-                {{ form.title.label(class="label") }}
-                {{ form.title(class="input") }}
-                {% for error in form.title.errors %}
-                    <p class="help is-danger">{{ error }}</p>
-                {% endfor %}
-            </div>
-            <div class="field">
-                {{ form.description.label(class="label") }}
-                {{ form.description(class="textarea") }}
-                {% for error in form.description.errors %}
-                    <p class="help is-danger">{{ error }}</p>
+                            </a>
+                        </td>
+                        <td class="is-align-content-center">
+                            <form method="POST" class="task-delete-form" action={{ url_for("project.project_task_delete_route", project_id=project.id, task_id=task.id) }}>
+                                {{ disable_form_if_no_task_update_access(user_project_role, task, current_user) }}
+                                {{ csrf_token_input() }}
+                                <button type="submit" class="button">
+                                    <span class="icon is-small">
+                                        <i class="fas fa-trash"></i>
+                                    </span>
+                                </button>
+                            </form>
+                        </td>
+                    </tr>
                 {% endfor %}
-            </div>
-            <div class="field">
-                {{ form.status.label(class="label") }}
-                <div class="select">
-                    {{ form.status(class="input") }}
+                </tbody>
+            </table>
+        </div>
+    </section>
+    <section class="section">
+        <div class="container">
+            <h3 class="title is-4">Create Task</h3>
+            <form method="POST" novalidate="true">
+                {{ disable_form_if_no_write_access(user_project_role) }}
+                {{ create_task_form.hidden_tag() }}
+                <div class="field">
+                    {{ create_task_form.title.label(class="label") }}
+                    <div class="control">
+                        {{ create_task_form.title(class="input") }}
+                    </div>
+                    {% for error in create_task_form.title.errors %}
+                        <p class="help is-danger">{{ error }}</p>
+                    {% endfor %}
                 </div>
-            </div>
-            <div class="field">
-                {{ form.priority.label(class="label") }}
-                <div class="select">
-                    {{ form.priority(class="input") }}
+                <div class="field">
+                    {{ create_task_form.description.label(class="label") }}
+                    <div class="control">
+                        {{ create_task_form.description(class="textarea") }}
+                    </div>
+                    {% for error in create_task_form.description.errors %}
+                        <p class="help is-danger">{{ error }}</p>
+                    {% endfor %}
                 </div>
-            </div>
-            <div class="field">
-                {{ form.assignee_id.label(class="label") }}
-                <div class="select">
-                    {{ form.assignee_id(class="input") }}
+                <div class="field">
+                    {{ create_task_form.status.label(class="label") }}
+                    <div class="control">
+                        <div class="select">
+                            {{ create_task_form.status(class="input") }}
+                        </div>
+                    </div>
                 </div>
-            </div>
-            <div class="field">
-                {{ form.deadline.label(class="label") }}
-                {{ form.deadline(class="input") }}
-                {% for error in form.deadline.errors %}
-                    <p class="help is-danger">{{ error }}</p>
-                {% endfor %}
-            </div>
-            <div class="field">
-                <div class="control">
-                    {{ form.submit(class="button") }}
+                <div class="field">
+                    {{ create_task_form.priority.label(class="label") }}
+                    <div class="control">
+                        <div class="select">
+                            {{ create_task_form.priority(class="input") }}
+                        </div>
+                    </div>
+                </div>
+                <div class="field">
+                    {{ create_task_form.assignee_id.label(class="label") }}
+                    <div class="control">
+                        <div class="select">
+                            {{ create_task_form.assignee_id(class="input") }}
+                        </div>
+                    </div>
+                </div>
+                <div class="field">
+                    {{ create_task_form.deadline.label(class="label") }}
+                    <div class="control">
+                        {{ create_task_form.deadline(class="input") }}
+                    </div>
+                    {% for error in create_task_form.deadline.errors %}
+                        <p class="help is-danger">{{ error }}</p>
+                    {% endfor %}
                 </div>
+                <div class="field">
+                    <div class="control">
+                        {{ create_task_form.submit(class="button is-link") }}
+                    </div>
+                </div>
+            </form>
+        </div>
+    </section>
+    {% if user_project_role.value == "admin" %}
+        <section class="section" id="update-project-users">
+            <div class="container">
+                <h3 class="title is-4">Update Project Users</h3>
+                <table class="table">
+                    <thead>
+                        <tr>
+                            <th>Username</th>
+                            <th>Role</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        {% for project_user in project_users %}
+                            <tr>
+                                <td>{{ project_user.user.username }}</td>
+                                <td>
+                                    {{ update_project_user_role_form(project, project_user) }}
+                                </td>
+                            </tr>
+                        {% endfor %}
+                    </tbody>
+                </table>
+                <form method="POST">
+                    {{ create_project_user_form.hidden_tag() }}
+                    <div class="field is-grouped">
+                        <div class="control">
+                            <div class="select">
+                                {{ create_project_user_form.user_id(class="input") }}
+                            </div>
+                        </div>
+                        <div class="control">
+                            <div class="select">
+                                {{ create_project_user_form.role(class="input") }}
+                            </div>
+                        </div>
+                        <div class="control">
+                            {{ create_project_user_form.submit(class="button is-link") }}
+                        </div>
+                    </div>
+                </form>
+            </div>
+        </section>
+        <section class="section">
+            <div class="container">
+                <h3 class="title is-4">Activity Logs</h3>
+                <table class="table">
+                    <thead>
+                        <tr>
+                            <th>Username</th>
+                            <th>Action</th>
+                            <th>Timestamp</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        {% for activity_log in activity_logs %}
+                            <tr>
+                                <td>{{ users_dict[activity_log.user_id].username }}</td>
+                                <td>{{ activity_log.action.value.replace("_"," ").title() }}</td>
+                                <td>{{ format_datetime(activity_log.created_at) }}</td>
+                            </tr>
+                        {% endfor %}
+                    </tbody>
+                </table>
             </div>
-        </form>
-    </div>
-</div>
-<script>
-document.addEventListener("DOMContentLoaded", function() {
-    document.querySelectorAll(".task-status-select").forEach(function(selectElement) {
-        selectElement.addEventListener("change", function() {
-            this.form.submit();
+        </section>
+    {% endif %}
+    <script>
+    document.addEventListener("DOMContentLoaded", function() {
+        document.querySelectorAll(".task-status-select").forEach(function(selectElement) {
+            selectElement.addEventListener("change", function() {
+                this.form.submit();
+            });
         });
-    });
-    document.querySelectorAll(".task-priority-select").forEach(function(selectElement) {
-        selectElement.addEventListener("change", function() {
-            this.form.submit();
+        document.querySelectorAll(".task-priority-select").forEach(function(selectElement) {
+            selectElement.addEventListener("change", function() {
+                this.form.submit();
+            });
         });
-    });
-    document.querySelectorAll(".task-assignee-select").forEach(function(selectElement) {
-        selectElement.addEventListener("change", function() {
-            this.form.submit();
+        document.querySelectorAll(".task-assignee-select").forEach(function(selectElement) {
+            selectElement.addEventListener("change", function() {
+                this.form.submit();
+            });
         });
-    });
-    document.querySelectorAll(".task-delete-form").forEach(function(formElement) {
-        formElement.addEventListener("submit", function() {
-            if (!confirm("Are you sure you want to delete this task?")) {
-                event.preventDefault();
-            }
+        document.querySelectorAll(".task-deadline-date").forEach(function(dateElement) {
+            dateElement.addEventListener("change", function() {
+                this.form.submit();
+            });
+        });
+        document.querySelectorAll(".task-delete-form").forEach(function(formElement) {
+            formElement.addEventListener("submit", function() {
+                if (!confirm("Are you sure you want to delete this task?")) {
+                    event.preventDefault();
+                }
+            });
+        });
+        document.querySelectorAll(".project-user-role-select").forEach(function(selectElement) {
+            selectElement.addEventListener("change", function() {
+                this.form.submit();
+            });
         });
     });
-});
-</script>
+    </script>
 {% endblock %}
diff --git a/protaskinate/templates/register.html b/protaskinate/templates/register.html
index 13b2d45..0bb7529 100644
--- a/protaskinate/templates/register.html
+++ b/protaskinate/templates/register.html
@@ -11,7 +11,7 @@ <h2 class="card-header-title is-centered">Register</h2>
             {{ error }}
         </div>
         {% endif %}
-        <form method="POST">
+        <form method="POST" novalidate="true">
             {{ form.hidden_tag() }}
             <div class="field">
                 {{ form.username.label(class="label") }}
@@ -36,7 +36,7 @@ <h2 class="card-header-title is-centered">Register</h2>
             </div>
             <div class="field">
                 <div class="control">
-                    {{ form.submit(class="button") }}
+                    {{ form.submit(class="button is-link") }}
                 </div>
             </div>
       </form>
diff --git a/protaskinate/utils/csrf.py b/protaskinate/utils/csrf.py
new file mode 100644
index 0000000..e71bec0
--- /dev/null
+++ b/protaskinate/utils/csrf.py
@@ -0,0 +1,6 @@
+""" protaskinate/utils/csrf.py """
+
+from flask_wtf import CSRFProtect
+
+
+csrf = CSRFProtect()
diff --git a/protaskinate/utils/dummy.py b/protaskinate/utils/dummy.py
deleted file mode 100644
index dcbda10..0000000
--- a/protaskinate/utils/dummy.py
+++ /dev/null
@@ -1,5 +0,0 @@
-"""protaskinate/utils/dummy.py"""
-
-def dummy():
-    """Dummy function"""
-    return True
diff --git a/protaskinate/utils/login_manager.py b/protaskinate/utils/login_manager.py
index 9c14596..d835105 100644
--- a/protaskinate/utils/login_manager.py
+++ b/protaskinate/utils/login_manager.py
@@ -1,16 +1,28 @@
 """ protaskinate/utils/login_manager.py """
+
 from functools import wraps
 from flask import redirect, url_for
 from flask_login import LoginManager, current_user
 
+from protaskinate.services import user_service
+
 lm = LoginManager()
-lm.login_view = "login.login_route" #type: ignore
+lm.login_view = "login.login_route"  # type: ignore
+
 
 def login_redirect(f):
     """Decorator to redirect to dashboard if user is authenticated."""
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if current_user.is_authenticated:
             return redirect(url_for("dashboard.dashboard_route"))
         return f(*args, **kwargs)
+
     return decorated_function
+
+
+@lm.user_loader
+def load_user(user_id):
+    """Load the user"""
+    return user_service.get_by_id(user_id)
diff --git a/protaskinate/utils/project.py b/protaskinate/utils/project.py
new file mode 100644
index 0000000..e154c0e
--- /dev/null
+++ b/protaskinate/utils/project.py
@@ -0,0 +1,77 @@
+"""protaskinate/utils/project.py"""
+
+from functools import wraps
+
+from flask import flash, request, redirect
+from flask_login import current_user
+
+from protaskinate.services import project_service
+
+
+def project_read_access_required(f):
+    """Decorator to check if user has read-access to a project"""
+
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        project_id = kwargs.get("project_id")
+        if not project_id or not project_service.check_user_read_access(
+            current_user.id, project_id
+        ):
+            flash("You do not have read-access to this project", "error")
+            return redirect(request.referrer)
+        return f(*args, **kwargs)
+
+    return decorated_function
+
+
+def project_write_access_required(f):
+    """decorator to check if user has read-access to a project"""
+
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        project_id = kwargs.get("project_id")
+        if not project_id or not project_service.check_user_read_access(
+            current_user.id, project_id
+        ):
+            flash("You do not have read-access to this project", "error")
+            return redirect(request.referrer)
+        return f(*args, **kwargs)
+
+    return decorated_function
+
+
+def project_update_access_required(f):
+    """Decorator to check if user has update-access to a project"""
+
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        project_id = kwargs.get("project_id")
+        if not project_id or not project_service.check_user_update_access(
+            current_user.id, project_id
+        ):
+            flash("You do not have update-access to this project", "error")
+            return redirect(request.referrer)
+        return f(*args, **kwargs)
+
+    return decorated_function
+
+
+def task_update_access_required(f):
+    """Decorator to check if user has update-access to a task"""
+
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        project_id = kwargs.get("project_id")
+        task_id = kwargs.get("task_id")
+        if (
+            not project_id
+            or not task_id
+            or not project_service.check_user_task_update_access(
+                current_user.id, project_id, task_id
+            )
+        ):
+            flash("You do not have update-access to this task", "error")
+            return redirect(request.referrer)
+        return f(*args, **kwargs)
+
+    return decorated_function
diff --git a/protaskinate/utils/validation.py b/protaskinate/utils/validation.py
index daf74c9..deb1b13 100644
--- a/protaskinate/utils/validation.py
+++ b/protaskinate/utils/validation.py
@@ -1,5 +1,6 @@
 """protaskinate/utils/validation.py"""
 
+
 def validate_enum(value, enum_class, field_name):
     """Validate that a value is a member of an enumeration."""
     try:
@@ -7,6 +8,7 @@ def validate_enum(value, enum_class, field_name):
     except ValueError as exc:
         raise ValueError(f"Invalid {field_name}: {value}") from exc
 
+
 def validate_type(value, expected_type, field_name, allow_none=False):
     """Validate that a value is of the expected type."""
     if not isinstance(value, expected_type) and not (allow_none and value is None):
diff --git a/pyproject.toml b/pyproject.toml
index cec4b0f..34320c3 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -16,6 +16,7 @@ click = "^8.1.7"
 gunicorn = "^23.0.0"
 flask-wtf = "^1.2.1"
 flask-login = "^0.6.3"
+typing-extensions = "^4.12.2"
 
 
 [tool.poetry.group.dev.dependencies]
diff --git a/schema.sql b/schema.sql
index 585f9e0..a299e3c 100644
--- a/schema.sql
+++ b/schema.sql
@@ -2,11 +2,18 @@ DROP TABLE IF EXISTS users CASCADE;
 DROP TABLE IF EXISTS projects CASCADE;
 DROP TABLE IF EXISTS tasks CASCADE;
 DROP TABLE IF EXISTS comments CASCADE;
+DROP TABLE IF EXISTS user_projects CASCADE;
+DROP TABLE IF EXISTS activity_logs CASCADE;
+
 DROP TYPE IF EXISTS task_status;
 DROP TYPE IF EXISTS task_priority;
+DROP TYPE IF EXISTS project_role;
+DROP TYPE IF EXISTS activity_log_action;
 
 CREATE TYPE task_status AS ENUM ('open', 'in_progress', 'done');
 CREATE TYPE task_priority AS ENUM ('low', 'medium', 'high', 'very_high');
+CREATE TYPE project_role AS ENUM ('reader', 'writer', 'admin');
+CREATE TYPE activity_log_action AS ENUM ('create_task', 'update_task', 'delete_task', 'update_project');
 
 CREATE TABLE users (
     id SERIAL PRIMARY KEY,
@@ -17,7 +24,10 @@ CREATE TABLE users (
 CREATE TABLE projects (
     id SERIAL PRIMARY KEY,
     name TEXT NOT NULL,
-    creator_id INT NOT NULL REFERENCES users(id) ON DELETE CASCADE
+    creator_id INT NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+    created_at TIMESTAMP NOT NULL,
+    updated_at TIMESTAMP NOT NULL,
+    description TEXT
 );
 
 CREATE TABLE tasks (
@@ -28,6 +38,7 @@ CREATE TABLE tasks (
     status task_status NOT NULL,
     priority task_priority NOT NULL,
     created_at TIMESTAMP NOT NULL,
+    updated_at TIMESTAMP NOT NULL,
     assignee_id INT REFERENCES users(id) ON DELETE SET NULL,
     deadline TIMESTAMP,
     description TEXT
@@ -40,3 +51,71 @@ CREATE TABLE comments (
     created_at TIMESTAMP NOT NULL,
     content TEXT NOT NULL
 );
+
+CREATE TABLE user_projects (
+    user_id INT NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+    project_id INT NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+    role project_role NOT NULL,
+    PRIMARY KEY (user_id, project_id) 
+);
+
+CREATE TABLE activity_logs (
+    id SERIAL PRIMARY KEY,
+    user_id INT NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+    project_id INT NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+    created_at TIMESTAMP NOT NULL,
+    action activity_log_action NOT NULL
+);
+
+CREATE OR REPLACE FUNCTION update_updated_at()
+RETURNS TRIGGER AS $$
+BEGIN
+   NEW.updated_at = NOW();
+   RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+
+CREATE OR REPLACE FUNCTION update_project_updated_at()
+RETURNS TRIGGER AS $$
+BEGIN
+    UPDATE projects
+    SET updated_at = NOW()
+    WHERE id = NEW.project_id;
+    RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+
+CREATE OR REPLACE FUNCTION assign_admin_role()
+RETURNS TRIGGER AS $$
+BEGIN
+    INSERT INTO user_projects (user_id, project_id, role)
+    VALUES (NEW.creator_id, NEW.id, 'admin')
+    ON CONFLICT DO NOTHING;
+    RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+
+CREATE TRIGGER tasks_update_updated_at_trigger
+BEFORE UPDATE ON tasks
+FOR EACH ROW
+EXECUTE FUNCTION update_updated_at();
+
+CREATE TRIGGER projects_update_updated_at_trigger
+BEFORE UPDATE ON projects
+FOR EACH ROW
+EXECUTE FUNCTION update_updated_at();
+
+CREATE TRIGGER tasks_update_project_updated_at_trigger
+AFTER INSERT OR UPDATE OR DELETE ON tasks
+FOR EACH ROW
+EXECUTE FUNCTION update_project_updated_at();
+
+CREATE TRIGGER user_projects_update_project_updated_at_trigger
+AFTER INSERT OR UPDATE OR DELETE ON user_projects
+FOR EACH ROW
+EXECUTE FUNCTION update_project_updated_at();
+
+CREATE TRIGGER projects_assign_admin_role_to_creator_trigger
+AFTER INSERT ON projects
+FOR EACH ROW
+EXECUTE FUNCTION assign_admin_role();
diff --git a/tasks.py b/tasks.py
index 59c32dd..a0a5610 100644
--- a/tasks.py
+++ b/tasks.py
@@ -32,9 +32,10 @@ def generate_secret_key(ctx):
         print("File already exists - skipping generation")
     else:
         secret_key = os.urandom(12).hex()
-        ctx.run("echo 'SECRET_KEY="+secret_key+"' > .secret_key.env")
+        ctx.run("echo 'SECRET_KEY=" + secret_key + "' > .secret_key.env")
         print("Secret key generated")
 
+
 @task
 def lint(ctx):
     """Run pylint on the project."""
@@ -43,7 +44,7 @@ def lint(ctx):
 
 
 @task
-def unit_test(ctx):
+def test(ctx):
     """Run unit tests"""
     print("Running unit tests")
     ctx.run("pytest tests/unit")
diff --git a/tests/unit/dummy_test.py b/tests/unit/dummy_test.py
deleted file mode 100644
index aba3d7e..0000000
--- a/tests/unit/dummy_test.py
+++ /dev/null
@@ -1,12 +0,0 @@
-"""tests/unit/dummy_test.py"""
-import unittest
-
-from protaskinate.utils.dummy import dummy
-
-
-class TestDummy(unittest.TestCase):
-    """Dummy test class"""
-
-    def test_dummy(self):
-        """Dummy test method"""
-        self.assertTrue(dummy())
diff --git a/tests/unit/project_test.py b/tests/unit/project_test.py
new file mode 100644
index 0000000..ffb4149
--- /dev/null
+++ b/tests/unit/project_test.py
@@ -0,0 +1,158 @@
+"""tests/unit/project_test.py"""
+
+import unittest
+from datetime import datetime
+from unittest.mock import patch
+
+from protaskinate.entities.project import (
+    Project,
+    ProjectRole,
+    ProjectUser,
+    ProjectWithRole,
+)
+from protaskinate.entities.user import User
+from protaskinate.services.project_service import ProjectService
+
+
+class TestProjectEntity(unittest.TestCase):
+    """Test Project entity"""
+
+    def test_project_initialization(self):
+        """Test correct initialization of Project dataclass."""
+        project = Project(
+            id=1,
+            name="Test Project",
+            description="A test project",
+            creator_id=1,
+            created_at=datetime.now(),
+            updated_at=datetime.now(),
+        )
+        self.assertIsInstance(project, Project)
+        self.assertEqual(project.id, 1)
+        self.assertEqual(project.name, "Test Project")
+        self.assertEqual(project.description, "A test project")
+        self.assertEqual(project.creator_id, 1)
+
+    def test_project_with_invalid_types(self):
+        """Test initialization with invalid types should raise TypeError."""
+        with self.assertRaises(ValueError):
+            Project(
+                id="one",  # type: ignore
+                name="Test Project",
+                creator_id=1,
+                created_at=datetime.now(),
+                updated_at=datetime.now(),
+            )
+
+
+class TestProjectWithRoleEntity(unittest.TestCase):
+    """Test ProjectWithRole entity"""
+
+    def test_project_with_role_initialization(self):
+        """Test correct initialization of ProjectWithRole dataclass."""
+        project = Project(
+            id=1,
+            name="Test Project",
+            creator_id=1,
+            created_at=datetime.now(),
+            updated_at=datetime.now(),
+        )
+        project_with_role = ProjectWithRole(project=project, role=ProjectRole.ADMIN)
+        self.assertIsInstance(project_with_role, ProjectWithRole)
+        self.assertEqual(project_with_role.role, ProjectRole.ADMIN)
+
+
+class TestProjectService(unittest.TestCase):
+    """Test ProjectService class"""
+
+    def setUp(self):
+        self.project_service = ProjectService()
+        self.project = Project(
+            id=1,
+            name="Test Project",
+            creator_id=1,
+            created_at=datetime.now(),
+            updated_at=datetime.now(),
+        )
+        self.project_with_role = ProjectWithRole(
+            project=self.project, role=ProjectRole.ADMIN
+        )
+        self.project_user = ProjectUser(
+            user=User(id=1, username="test_user"), role=ProjectRole.ADMIN
+        )
+
+    @patch("protaskinate.repositories.project_repository.get_all")
+    def test_get_all_projects(self, mock_get_all):
+        """Test get all projects method."""
+        mock_get_all.return_value = [self.project]
+        projects = self.project_service.get_all()
+
+        self.assertIsInstance(projects, list)
+        self.assertEqual(len(projects), 1)
+        self.assertEqual(projects[0], self.project)
+
+    @patch(
+        "protaskinate.repositories.project_repository.get_all_by_user_and_roles_with_role"
+    )
+    def test_get_all_by_user_with_role(self, mock_get_all_by_user):
+        """Test fetching projects by user with specific roles."""
+        user_id = 1
+        mock_get_all_by_user.return_value = [self.project_with_role]
+        projects = self.project_service.get_all_by_user_with_role(user_id)
+
+        self.assertIsInstance(projects, list)
+        self.assertEqual(len(projects), 1)
+        self.assertEqual(projects[0], self.project_with_role)
+        mock_get_all_by_user.assert_called_with(
+            user_id, [ProjectRole.READER, ProjectRole.WRITER, ProjectRole.ADMIN]
+        )
+
+    @patch("protaskinate.repositories.project_repository.get")
+    def test_get_project_by_id(self, mock_get):
+        """Test get project by ID."""
+        project_id = 1
+        mock_get.return_value = self.project
+        project = self.project_service.get_by_id(project_id)
+
+        self.assertIsInstance(project, Project)
+        self.assertEqual(project, self.project)
+        mock_get.assert_called_with({"id": project_id})
+
+    @patch("protaskinate.repositories.project_repository.delete")
+    def test_delete_project(self, mock_delete):
+        """Test delete project."""
+        project_id = 1
+        self.project_service.delete(project_id)
+        mock_delete.assert_called_with({"id": project_id})
+
+    @patch("protaskinate.repositories.project_repository.create")
+    def test_create_project(self, mock_create):
+        """Test creating a project."""
+        project_data = {
+            "id": 1,
+            "name": "New Project",
+            "creator_id": 1,
+            "created_at": datetime.now(),
+            "updated_at": datetime.now(),
+        }
+        mock_create.return_value = Project(**project_data)
+        project = self.project_service.create(**project_data)
+
+        self.assertIsInstance(project, Project)
+        self.assertEqual(project, Project(**project_data))
+        mock_create.assert_called_with(project_data)
+
+    @patch("protaskinate.repositories.project_repository.create_project_user")
+    def test_add_user_to_project(self, mock_create_user):
+        """Test adding user to project."""
+        project_id, user_id, role = 1, 1, ProjectRole.ADMIN
+        mock_create_user.return_value = self.project_user
+        project_user = self.project_service.add_user(project_id, user_id, role)
+
+        self.assertIsInstance(project_user, ProjectUser)
+        self.assertEqual(project_user, self.project_user)
+        mock_create_user.assert_called_with(project_id, user_id, role)
+
+
+if __name__ == "__main__":
+    unittest.main()
diff --git a/tests/unit/task_test.py b/tests/unit/task_test.py
new file mode 100644
index 0000000..d3129ce
--- /dev/null
+++ b/tests/unit/task_test.py
@@ -0,0 +1,213 @@
+"""tests/unit/task_test.py"""
+
+import unittest
+from datetime import datetime
+from unittest.mock import patch
+
+from protaskinate.entities.task import Task, TaskPriority, TaskStatus
+from protaskinate.services.task_service import TaskService
+
+
+class TestTask(unittest.TestCase):
+    """Test the Task class"""
+
+    def setUp(self):
+        self.base_time = datetime.now()
+
+        self.valid_task = Task(
+            id=1,
+            project_id=1,
+            creator_id=1,
+            title="Task Title",
+            status=TaskStatus.OPEN,
+            priority=TaskPriority.LOW,
+            created_at=self.base_time,
+            updated_at=self.base_time,
+        )
+
+    def test_task_creation_success(self):
+        """Test the creation of a task"""
+        task = Task(
+            id=1,
+            project_id=1,
+            creator_id=1,
+            title="Test Task",
+            status=TaskStatus.OPEN,
+            priority=TaskPriority.MEDIUM,
+            created_at=self.base_time,
+            updated_at=self.base_time,
+        )
+        self.assertEqual(task.title, "Test Task")
+
+    def test_task_with_optional_fields(self):
+        """Test the creation of a task with optional fields"""
+        task = Task(
+            id=2,
+            project_id=1,
+            creator_id=1,
+            title="Optional Fields Task",
+            status=TaskStatus.DONE,
+            priority=TaskPriority.HIGH,
+            created_at=self.base_time,
+            updated_at=self.base_time,
+            assignee_id=2,
+            deadline=datetime.now(),
+            description="A detailed description",
+        )
+        self.assertIsNotNone(task.assignee_id)
+        self.assertIsNotNone(task.deadline)
+        self.assertIsNotNone(task.description)
+
+    def test_invalid_id_type(self):
+        """Test that an error is raised when an invalid ID type is provided"""
+        with self.assertRaises(ValueError):
+            Task(
+                id="1",  # type: ignore
+                project_id=1,
+                creator_id=1,
+                title="Test Task",
+                status=TaskStatus.OPEN,
+                priority=TaskPriority.MEDIUM,
+                created_at=self.base_time,
+                updated_at=self.base_time,
+            )
+
+    def test_invalid_priority_value(self):
+        """Test that an error is raised when an invalid TaskPriority value is provided"""
+        with self.assertRaises(ValueError):
+            Task(
+                id=2,
+                project_id=1,
+                creator_id=1,
+                title="Test Task",
+                status=TaskStatus.OPEN,
+                priority="Medium", # type: ignore
+                created_at=self.base_time,
+                updated_at=self.base_time,
+            )
+
+    def test_priority_order(self):
+        """Test the order of TaskPriority values"""
+        low_priority_task = Task(
+            id=3,
+            project_id=1,
+            creator_id=1,
+            title="Low Priority",
+            status=TaskStatus.DONE,
+            priority=TaskPriority.LOW,
+            created_at=self.base_time,
+            updated_at=self.base_time,
+        )
+        high_priority_task = Task(
+            id=4,
+            project_id=1,
+            creator_id=1,
+            title="High Priority",
+            status=TaskStatus.DONE,
+            priority=TaskPriority.HIGH,
+            created_at=self.base_time,
+            updated_at=self.base_time,
+        )
+        self.assertTrue(low_priority_task.priority < high_priority_task.priority)
+        self.assertFalse(high_priority_task.priority < low_priority_task.priority)
+
+    def test_failure_on_incorrect_datetime(self):
+        """Test that an error is raised when an incorrect datetime is provided"""
+        with self.assertRaises(ValueError):
+            Task(
+                id=5,
+                project_id=1,
+                creator_id=1,
+                title="Date Type Test",
+                status=TaskStatus.IN_PROGRESS,
+                priority=TaskPriority.HIGH,
+                created_at="2023-01-01T12:00:00",  # type: ignore
+                updated_at=self.base_time,
+            )
+
+    def test_default_none_description(self):
+        """Test that the description field is None by default"""
+        self.assertIsNone(self.valid_task.description)
+
+    def test_comparisons_between_priorities(self):
+        """Test the comparison operators between TaskPriority values"""
+        self.assertTrue(TaskPriority.LOW < TaskPriority.MEDIUM)
+        self.assertTrue(TaskPriority.MEDIUM > TaskPriority.LOW)
+        self.assertTrue(TaskPriority.HIGH >= TaskPriority.MEDIUM)
+        self.assertTrue(TaskPriority.VERY_HIGH > TaskPriority.HIGH)
+        self.assertTrue(TaskPriority.LOW <= TaskPriority.LOW)
+        self.assertTrue(TaskPriority.LOW <= TaskPriority.MEDIUM)
+
+
+class TestTaskService(unittest.TestCase):
+    """Test the TaskService class"""
+
+    def setUp(self):
+        self.task_service = TaskService()
+        self.task = Task(
+            id=1,
+            project_id=1,
+            creator_id=1,
+            title="Sample Task",
+            status=TaskStatus.OPEN,
+            priority=TaskPriority.LOW,
+            created_at=datetime.now(),
+            updated_at=datetime.now(),
+        )
+
+    @patch("protaskinate.repositories.task_repository.get_all")
+    def test_get_all_by_project(self, mock_get_all):
+        """Test the get_all_by_project method"""
+        mock_get_all.return_value = [self.task]
+        tasks = self.task_service.get_all_by_project(project_id=1)
+        self.assertEqual(len(tasks), 1)
+        self.assertEqual(tasks[0].title, "Sample Task")
+
+    @patch("protaskinate.repositories.task_repository.get")
+    def test_get_by_id_and_project(self, mock_get):
+        """Test the get_by_id_and_project method"""
+        mock_get.return_value = self.task
+        task = self.task_service.get_by_id_and_project(task_id=1, project_id=1)
+        self.assertIsNotNone(task)
+        if task is not None:
+            self.assertEqual(task.id, 1)
+            self.assertEqual(task.title, "Sample Task")
+
+    @patch("protaskinate.repositories.task_repository.update")
+    def test_update(self, mock_update):
+        """Test the update method"""
+        new_title = "Updated Task"
+        mock_update.return_value = self.task
+
+        self.task_service.update(task_id=1, project_id=1, title=new_title)
+
+        mock_update.assert_called_with({"id": 1, "project_id": 1}, {"title": new_title})
+
+    @patch("protaskinate.repositories.task_repository.create")
+    def test_create(self, mock_create):
+        """Test the create method"""
+        mock_create.return_value = self.task
+        created_task = self.task_service.create(
+            title="New Task", priority=TaskPriority.HIGH
+        )
+        mock_create.assert_called_with(
+            {"title": "New Task", "priority": TaskPriority.HIGH}
+        )
+        self.assertEqual(created_task, self.task)
+
+    @patch("protaskinate.repositories.task_repository.delete")
+    def test_delete(self, mock_delete):
+        """Test the delete method"""
+        self.task_service.delete(task_id=1, project_id=1)
+        mock_delete.assert_called_with({"id": 1, "project_id": 1})
+
+    @patch(
+        "protaskinate.repositories.task_repository.count_by_assignee_grouped_by_status"
+    )
+    def test_count_by_assignee_grouped_by_status(
+        self, mock_count_by_assignee_grouped_by_status
+    ):
+        """Test the count_by_assignee_grouped_by_status method"""
+        mock_count_by_assignee_grouped_by_status.return_value = {TaskStatus.OPEN: 1}
+        counts = self.task_service.count_by_assignee_grouped_by_status(assignee_id=1)
+        self.assertEqual(counts[TaskStatus.OPEN], 1)