educationELLy Server is the backend API for the educationELLy application - a comprehensive platform designed to support English Language Learning (ELL) students and their teachers. This Express.js server provides secure authentication, RESTful API endpoints, and data persistence for managing ELL student information.
π― Mission: Bridging the gap between ELL specialists and mainstream classroom teachers through technology.
β¨ Key Benefits:
- Centralized access to student language proficiency data
- Enhanced collaboration between ELL specialists and teachers
- Streamlined student data management
- Real-time access to critical learning information
- π Secure Authentication - JWT-based authentication with Passport.js
- π Student Management - Full CRUD operations for ELL student profiles
- π Protected Routes - Role-based access control for sensitive data
- π± RESTful API - Clean, intuitive API design following REST principles
- π Production Ready - Deployed on Heroku with MongoDB Atlas
- β Validation - Input validation and error handling
βΉοΈ Info: To explore the application, you can use the following demo credentials:
# Demo Credentials
Email: demo@example.com
Password: demopassword
β οΈ Note: These are demo credentials for testing purposes only.
- Node.js (v10.11.0 or higher)
- npm or yarn
- MongoDB (local or Atlas)
- Git
-
Clone the repository:
git clone https://github.com/maxjeffwell/full-stack-capstone-server.git cd full-stack-capstone-server -
Install dependencies:
npm install
-
Create a
.envfile in the root directory:MONGODB_URI=mongodb://localhost/educationelly JWT_SECRET=your_jwt_secret_here NODE_ENV=development PORT=8080
-
Start the development server:
npm start
The server will start on http://localhost:8080 with automatic reloading via nodemon.
β Success: Your server is now running and ready for development!
| Method | Endpoint | Description | Auth Required |
|---|---|---|---|
| POST | /signup |
Register a new user | β No |
| POST | /signin |
Login user (returns JWT) | β No |
| GET | /logout |
Logout current user | β Yes |
| GET | /whoami |
Get current user info | β Yes |
| Method | Endpoint | Description | Auth Required |
|---|---|---|---|
| GET | /students |
Get all students | β Yes |
| GET | /students/:id |
Get student by ID | β Yes |
| POST | /students |
Create new student | β Yes |
| PUT | /students/:id |
Update student | β Yes |
| DELETE | /students/:id |
Delete student | β Yes |
POST /signup
Content-Type: application/json
{
"email": "teacher@school.edu",
"password": "securepassword123"
}
Response:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}POST /students
Authorization: Bearer <token>
Content-Type: application/json
{
"fullName": "John Doe",
"school": "Lincoln Elementary",
"teacher": "Ms. Smith",
"gradeLevel": 5,
"nativeLanguage": "Spanish",
"ellStatus": "Intermediate",
"designation": "ELL"
}educationELLy-server/
βββ controllers/
β βββ authentication.js # Auth logic (signup/signin)
βββ models/
β βββ student.js # Student schema
β βββ user.js # User schema with password hashing
βββ services/
β βββ passport.js # JWT & Local strategies
βββ test/
β βββ server.test.js # Server tests
β βββ user.test.js # Auth tests
βββ index.js # Express server setup
βββ router.js # Route definitions
βββ .env # Environment variables
βββ .babelrc # Babel configuration
βββ .eslintrc.js # ESLint rules
βββ package.json # Dependencies & scripts
βββ Procfile # Heroku deployment
The server implements a stateless JWT (JSON Web Token) authentication system using Passport.js:
- Token Generation: JWTs are created upon successful login/signup containing user ID and timestamp
- Token Expiration: Tokens expire after 7 days for security
- Token Validation: Every protected route validates the JWT from the Authorization header
- Stateless Design: No server-side session storage - tokens contain all necessary auth information
- Bearer Token Format: Clients must send tokens as
Authorization: Bearer <token>
The JWT strategy extracts tokens from request headers, verifies signatures using the JWT_SECRET, and validates token expiration. Invalid or expired tokens are automatically rejected.
- Express.js - Web application framework
- MongoDB - NoSQL database
- Mongoose - MongoDB object modeling
- Passport.js - Authentication middleware
- JWT - Secure token-based auth
- bcryptjs - Password hashing
- CORS - Cross-origin resource sharing
- dotenv - Environment variable management
- Nodemon - Auto-restart on file changes
- Babel - ES6+ transpilation
- ESLint - Code linting
- Mocha/Chai - Testing framework
Run the test suite:
npm run test2π§ͺ Test Coverage:
- β Server connection tests
- β Authentication flow tests
- β API endpoint tests
- β Error handling tests
-
Create a Heroku app:
heroku create your-app-name
-
Set environment variables:
heroku config:set MONGODB_URI=your_mongodb_atlas_uri heroku config:set JWT_SECRET=your_production_secret
-
Deploy:
git push heroku master
| Variable | Description | Default |
|---|---|---|
MONGODB_URI |
MongoDB connection string | mongodb://localhost/local |
JWT_SECRET |
Secret for JWT signing | Required |
NODE_ENV |
Environment (production/development) | development |
PORT |
Server port | 8080 |
- Add Comprehensive Testing - Expand test coverage to include all endpoints and edge cases
- Implement Rate Limiting - Add protection against API abuse and brute force attacks
- Add Request Validation - Implement robust input validation using Joi or express-validator
- Enhanced Error Handling - Create custom error classes and centralized error handling middleware
- Role-Based Access Control - Implement teacher/admin/student roles with different permissions
- Progress Tracking API - Add endpoints for tracking student language learning progress over time
- Bulk Operations - Support bulk student imports via CSV/Excel
- Real-time Updates - Implement WebSocket support for real-time notifications
- File Upload - Add support for student document/assessment uploads
- API Versioning - Implement versioned endpoints (e.g., /api/v1/students)
- Database Indexing - Add MongoDB indexes for frequently queried fields
- Caching Layer - Implement Redis for caching frequently accessed data
- Pagination - Add pagination support for student list endpoints
- Query Optimization - Implement field selection and populate optimization
- API Documentation - Generate interactive API docs using Swagger/OpenAPI
- Postman Collection - Create and maintain a Postman collection for easy API testing
- Docker Support - Add Dockerfile and docker-compose for containerized development
- CI/CD Pipeline - Set up GitHub Actions for automated testing and deployment
- Refresh Tokens - Implement JWT refresh token mechanism
- Password Reset - Add forgot password functionality with email verification
- Two-Factor Authentication - Optional 2FA for enhanced security
- Audit Logging - Track all data modifications for compliance
- Email Notifications - Send updates about student progress
- Export Functionality - Generate PDF/Excel reports of student data
- Third-party Integrations - Connect with school management systems
- Backup Strategy - Implement automated database backups
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details.
Jeff Maxwell
- Email: jeff@el-jefe.me
- GitHub: @maxjeffwell
- Portfolio: https://www.el-jefe.me
- Thanks to all contributors who have helped shape educationELLy
- Special recognition to ELL teachers and specialists who provided valuable feedback
- Built with β€οΈ for the education community
π **Star this repository if it helped you!** π