Skip to content

README.md

Latest commit

 

History

History
90 lines (75 loc) · 2.64 KB

README.md

File metadata and controls

90 lines (75 loc) · 2.64 KB

Fullstack Course Platform (RBAC + Admin + Payments)

Ready-to-publish GitHub monorepo project for portfolio and interviews: an online course platform with user roles, access control, admin moderation, and payment business logic.

Stack

  • backend: Node.js + Express + TypeScript + Prisma + PostgreSQL + JWT
  • frontend: React + TypeScript + Vite + React Router
  • Roles: ADMIN, TEACHER, STUDENT

Main Business Flow

  1. Teacher creates a course.
  2. Teacher submits it for moderation.
  3. Admin approves or rejects the course.
  4. Student buys published courses.

Business Rules Implemented

  • Role-based access control.
  • Course workflow: DRAFT -> REVIEW -> PUBLISHED/REJECTED.
  • Only published courses can be purchased.
  • Students cannot buy their own courses.
  • Duplicate purchase is blocked.
  • Transactional purchase logic:
    • Student balance is debited.
    • Teacher receives payout after platform fee.
    • Enrollment and wallet transactions are created atomically.

Backend Architecture

  • src/modules/auth: register, login, me.
  • src/modules/courses: create/edit/submit/retrieve courses.
  • src/modules/payments: course purchase and transaction history.
  • src/modules/admin: moderation queue, role management, stats.
  • src/middlewares/auth.ts: JWT auth + role guards.
  • src/middlewares/error-handler.ts: centralized error handling.

Quick Start

1. Start PostgreSQL

docker compose up -d

2. Configure environment

cp backend/.env.example backend/.env
cp frontend/.env.example frontend/.env

3. Install dependencies

npm install

4. Prepare database

npm run db:generate
npm run db:migrate
npm run db:seed

5. Run backend + frontend

npm run dev
  • Frontend: http://localhost:5173
  • Backend: http://localhost:4000/api

Seed Accounts

  • Admin: admin@platform.dev / Password123!
  • Teacher: teacher@platform.dev / Password123!
  • Student: student@platform.dev / Password123!

Key API Endpoints

  • POST /api/auth/register
  • POST /api/auth/login
  • GET /api/auth/me
  • GET /api/courses/public
  • POST /api/courses (TEACHER)
  • POST /api/courses/:courseId/submit (TEACHER)
  • POST /api/payments/courses/:courseId/purchase (STUDENT)
  • GET /api/admin/review-courses (ADMIN)
  • POST /api/admin/courses/:courseId/approve (ADMIN)
  • POST /api/admin/courses/:courseId/reject (ADMIN)

What This Project Demonstrates

  • Non-trivial business logic instead of simple CRUD.
  • Permission boundaries with RBAC.
  • Transactional data integrity for payments.
  • Modular production-like backend architecture.
  • End-to-end fullstack implementation from DB to UI.