v3.10.40 — 54 built-in features, zero dependencies.
- Routes return response() — always response(data) not response.json()
- GET routes are public, POST/PUT/PATCH/DELETE require auth by default
- Use @noauth() to make write routes public, @secured() to protect GET routes
- Decorator order: @noauth/@secured then @description/@tags then @get/@post (route innermost)
- Every template extends base.twig
- All schema changes via migrations — never create tables in route code
- Use built-in features — never install packages for things Tina4 already provides
from tina4_python.core.router import get, post, noauth, secured
@get("/api/users")
async def list_users(request, response):
return response({{"users": []}})
@post("/api/users")
@noauth()
async def create_user(request, response):
return response({{"created": request.body["name"]}}, 201)from tina4_python.orm import ORM, IntegerField, StringField
class User(ORM):
table_name = "users"
id = IntegerField(primary_key=True, auto_increment=True)
name = StringField(required=True)
email = StringField()src/routes/ — Route handlers (auto-discovered)
src/orm/ — ORM models
src/templates/ — Twig templates
src/app/ — Service classes
src/scss/ — SCSS (auto-compiled)
src/public/ — Static assets
src/seeds/ — Database seeders
migrations/ — SQL migration files
tests/ — pytest tests
Router, ORM, Database (SQLite/PostgreSQL/MySQL/MSSQL/Firebird), Frond templates (Twig-compatible), JWT auth, Sessions (File/Redis/Valkey/MongoDB/DB), GraphQL + GraphiQL, WebSocket + Redis backplane, WSDL/SOAP, Queue (File/RabbitMQ/Kafka/MongoDB), HTTP client, Messenger (SMTP/IMAP), FakeData/Seeder, Migrations, SCSS compiler, Swagger/OpenAPI, i18n, Events, Container/DI, HtmlElement, Inline testing, Error overlay, Dev dashboard, Rate limiter, Response cache, Logging, MCP server