A comprehensive backend API for an online learning platform similar to Unacademy, built with Node.js, Express.js, and SQLite. This platform supports course management, live classes, video lectures, tests, educator profiles, subscriptions, and detailed progress tracking.
- User Authentication & Authorization - JWT-based authentication with role-based access (learner/educator)
- Course Management - Complete CRUD operations for courses with enrollment tracking
- Video Learning - Lesson management with progress tracking and watch history
- Live Classes - Scheduled live sessions with attendance tracking
- Test Engine - Comprehensive testing system with analytics and performance tracking
- Educator Profiles - Detailed educator management with ratings and reviews
- Subscription System - Tiered subscription plans with access control
- Doubt Resolution - Q&A system for student-teacher interaction
- Study Materials - Resource management with download tracking
- Progress Analytics - Detailed learning analytics and performance insights
- Search & Discovery - Global search across courses, educators, and lessons
- Review System - Course and educator rating system
- Real-time Progress Tracking - Video watch progress with timestamp tracking
- Performance Analytics - Detailed test analysis with subject-wise breakdown
- Subscription Tiers - Plus and Iconic plans with different access levels
- Content Access Control - Enrollment and subscription-based access verification
- Error Handling - Comprehensive error handling with appropriate HTTP status codes
- Input Validation - Robust validation for all API endpoints
- Security Features - Password hashing, rate limiting, and input sanitization
- Runtime: Node.js
- Framework: Express.js
- Database: SQLite (with Knex.js ORM)
- Authentication: JWT (JSON Web Tokens)
- Password Hashing: bcryptjs
- Validation: express-validator
- Security: Helmet, CORS, Rate Limiting
- Logging: Morgan
- Environment: dotenv
- Node.js (v14 or higher)
- npm or yarn
- Git
git clone <repository-url>
cd onlineLearningPlatformnpm install# Copy the environment example file
cp env.example .env
# Edit .env file with your configuration# Run database migrations
npm run migrate
# Seed the database with sample data
npm run seed# Development mode with auto-reload
npm run dev
# Production mode
npm startThe API will be available at http://localhost:3000
onlineLearningPlatform/
βββ src/
β βββ config/
β β βββ database.js # Database configuration and connection
β β βββ migrate.js # Database migration script
β β βββ seed.js # Database seeding script
β βββ controllers/
β β βββ authController.js # Authentication logic
β β βββ courseController.js # Course management
β β βββ lessonController.js # Lesson and video management
β β βββ testController.js # Test and quiz management
β βββ middleware/
β β βββ auth.js # JWT authentication middleware
β β βββ enrollment.js # Enrollment verification
β β βββ subscription.js # Subscription access control
β β βββ validation.js # Input validation
β β βββ errorHandler.js # Error handling middleware
β βββ models/
β β βββ user.js # User model
β β βββ course.js # Course model
β β βββ lesson.js # Lesson model
β β βββ educator.js # Educator model
β βββ routes/
β β βββ authRoutes.js # Authentication routes
β β βββ courseRoutes.js # Course routes
β β βββ lessonRoutes.js # Lesson routes
β β βββ testRoutes.js # Test routes
β βββ utils/
β β βββ constants.js # Application constants
β β βββ helpers.js # Utility functions
β βββ app.js # Main application file
βββ database/
β βββ schema.sql # Database schema
β βββ seeds.sql # Sample data
β βββ online_learning.db # SQLite database file
βββ .env # Environment variables
βββ package.json # Dependencies and scripts
βββ README.md # This file
- Profile information (name, email, phone)
- Target exam (UPSC, NEET, JEE, etc.)
- Preferred language
- Learning preferences
- Professional profile and credentials
- Subject expertise (comma-separated)
- Years of experience and qualifications
- Rating and student count
- Course details and structure
- Target exam and subject
- Pricing and discount information
- Course type (live/recorded/hybrid)
- Features and syllabus
- Individual video lessons
- Duration and order tracking
- Free/premium access control
- Video URLs and thumbnails
- Scheduled live sessions
- Capacity management
- Attendance tracking
- Recording availability
- User course enrollments
- Video watch progress
- Completion tracking
- Last accessed timestamps
- Practice tests and mock exams
- Question banks with explanations
- Performance analytics
- Subject-wise analysis
- Tiered subscription plans
- Payment tracking
- Access control
- Feature benefits
- One-to-Many: Educator β Courses, Course β Lessons
- Many-to-Many: Users β Courses (via Enrollments)
- One-to-Many: Course β Tests, User β Test Attempts
- One-to-Many: User β Doubts, Educator β Doubt Answers
http://localhost:3000
All protected endpoints require a JWT token in the Authorization header:
Authorization: Bearer <jwt_token>
POST /api/auth/register
Content-Type: application/json
{
"email": "learner@example.com",
"password": "SecurePass123",
"firstName": "John",
"lastName": "Doe",
"targetExam": "JEE Main",
"preferredLanguage": "English",
"phone": "+91-9876543210"
}POST /api/auth/educator/register
Content-Type: application/json
{
"email": "educator@example.com",
"password": "SecurePass123",
"firstName": "Dr. Sarah",
"lastName": "Kumar",
"bio": "Experienced educator with 10+ years of teaching",
"subjects": "Mathematics,Physics",
"experience": 10,
"qualification": "Ph.D. Mathematics, IIT Delhi"
}POST /api/auth/login
Content-Type: application/json
{
"email": "learner@example.com",
"password": "SecurePass123"
}GET /api/courses?exam=JEE Main&subject=Mathematics&type=recorded&page=1&limit=10GET /api/courses/1POST /api/courses/1/enroll
Authorization: Bearer <token>GET /api/courses/1/progress
Authorization: Bearer <token>GET /api/lessons/1
Authorization: Bearer <token>POST /api/lessons/1/progress
Authorization: Bearer <token>
Content-Type: application/json
{
"watchedDuration": 1800,
"totalDuration": 2700,
"completionStatus": "in_progress"
}POST /api/lessons/1/notes
Authorization: Bearer <token>
Content-Type: application/json
{
"note": "Important concept about algebra",
"timestamp": 120
}GET /api/tests?courseId=1&type=mock_test
Authorization: Bearer <token>POST /api/tests/1/start
Authorization: Bearer <token>POST /api/tests/session_001/submit
Authorization: Bearer <token>
Content-Type: application/json
{
"answers": [
{ "questionId": 1, "selectedOption": "4" },
{ "questionId": 2, "selectedOption": "wrong" }
],
"timeSpent": 180
}GET /api/live-classes/schedule?courseId=1
Authorization: Bearer <token>POST /api/live-classes/1/join
Authorization: Bearer <token>POST /api/doubts
Authorization: Bearer <token>
Content-Type: application/json
{
"courseId": 1,
"lessonId": 1,
"question": "Why is acceleration constant in free fall?",
"attachments": ["http://example.com/image.jpg"]
}POST /api/doubts/1/answer
Authorization: Bearer <educator_token>
Content-Type: application/json
{
"answer": "Acceleration is constant in free fall because gravity is constant near the Earth's surface."
}GET /api/subscriptions/plansPOST /api/subscriptions/purchase
Authorization: Bearer <token>
Content-Type: application/json
{
"planId": 1,
"paymentMethod": "credit_card",
"couponCode": "DISCOUNT10"
}GET /api/search?q=physics
Authorization: Bearer <token>GET /api/educators?subject=Physics&rating=4.5
Authorization: Bearer <token>POST /api/reviews/courses/1/review
Authorization: Bearer <token>
Content-Type: application/json
{
"rating": 5,
"title": "Excellent course!",
"comment": "The explanations are very clear and the practice questions are helpful."
}- JWT-based authentication with configurable expiration
- Role-based access control (learner/educator)
- Password hashing using bcryptjs
- Token refresh mechanism
- Comprehensive input validation using express-validator
- SQL injection prevention through parameterized queries
- XSS protection with Helmet middleware
- Rate limiting to prevent abuse
- Enrollment verification for course content
- Subscription-based access control
- Video URL security (signed URLs recommended for production)
- Download tracking for study materials
The API implements comprehensive error handling with appropriate HTTP status codes:
- 200 - Success
- 201 - Created
- 400 - Bad Request (validation errors)
- 401 - Unauthorized (missing/invalid token)
- 403 - Forbidden (insufficient permissions)
- 404 - Not Found (resource not found)
- 409 - Conflict (already enrolled, duplicate resource)
- 422 - Unprocessable Entity (validation errors)
- 429 - Too Many Requests (rate limit exceeded)
- 500 - Internal Server Error
{
"success": false,
"message": "Error description",
"errors": [
{
"field": "email",
"message": "Invalid email format"
}
]
}app.http- Complete HTTP test suite for VS Codetest-*.js- Various test scripts for different functionalitiescomprehensive-test.js- End-to-end API testing
# Test all APIs using the HTTP file
# Open app.http in VS Code and use the REST Client extension
# Or run individual test scripts
node test-auth.js
node test-courses.js
node test-comprehensive.jsThe database is seeded with:
- 10 sample users (learners)
- 5 educators with profiles
- 15 courses across different exams
- 50+ lessons with video content
- 20+ test questions
- Sample enrollments and progress data
Create a .env file with the following variables:
# Server Configuration
PORT=3000
NODE_ENV=development
# Database Configuration
DB_PATH=./database/online_learning.db
# JWT Configuration
JWT_SECRET=your_jwt_secret_here
JWT_EXPIRES_IN=7d
# Security
RATE_LIMIT_WINDOW_MS=900000
RATE_LIMIT_MAX_REQUESTS=1000
# CORS
ALLOWED_ORIGINS=http://localhost:3000,http://localhost:3001- Set
NODE_ENV=production - Configure proper CORS origins
- Use a production database (PostgreSQL/MySQL)
- Set up proper logging and monitoring
- Configure SSL/TLS certificates
- Set up rate limiting and security headers
- Video watch progress tracking
- Test performance analytics
- Subject-wise performance breakdown
- Learning streak tracking
- Course completion rates
- Database indexing on frequently queried fields
- Efficient query optimization
- Response caching for static content
- Pagination for large datasets
npm start # Start production server
npm run dev # Start development server with nodemon
npm run migrate # Run database migrations
npm run seed # Seed database with sample data- Consistent error handling patterns
- Input validation on all endpoints
- Proper HTTP status codes
- Comprehensive logging
- Security best practices
- Content Delivery: Video URLs are assumed to be external (YouTube, Vimeo, etc.)
- File Storage: Study materials are stored externally with download URLs
- Payment Processing: Payment gateway integration is not implemented (mock responses)
- Real-time Features: Live class streaming uses external services
- Email Notifications: Email service integration not implemented
- Mobile App: API designed to work with mobile applications
- Scalability: Database designed to handle thousands of concurrent users
- Comprehensive Progress Tracking: Detailed video watch progress with timestamps
- Advanced Test Analytics: Subject-wise performance analysis with percentiles
- Subscription Tiers: Plus and Iconic plans with different access levels
- Doubt Resolution System: Complete Q&A system for student-teacher interaction
- Study Material Management: Resource tracking with download analytics
- Global Search: Cross-entity search functionality
- Review System: Course and educator rating system
- Live Class Management: Scheduling and attendance tracking
- Performance Analytics: Detailed learning insights and progress tracking
This project demonstrates:
- Database design with proper relationships and constraints
- Authentication & authorization with JWT tokens
- Input validation and error handling
- Security best practices implementation
- Performance optimization techniques
- Comprehensive testing strategies
- API documentation and developer experience