This is an enterprise-grade Learning Management System with:
- Advanced RBAC (Role-Based Access Control) with hierarchical permissions
- JWT Authentication with session management
- MCP (Model Context Protocol) integration for AI-powered tools
- Intelligent UI with React
- Audit logging and security features
- Analytics dashboard with insights
βββββββββββββββββββ
β React Frontend β β Modern UI with role-based views
ββββββββββ¬βββββββββ
β HTTP/REST
ββββββββββΌβββββββββ
β FastAPI β β Authentication, RBAC, Business Logic
β Backend β
ββββββββββ¬βββββββββ
β
ββββββ΄βββββ
β β
βββββΌβββββ βββΌβββββββ
β SQLite β β MCP β β AI-powered tools
β DB β β Server β
ββββββββββ ββββββββββ
- Python 3.9+
- Node.js 16+
- npm or yarn
cd database
# Create database and run migrations
python3 << EOF
import sqlite3
conn = sqlite3.connect('../db/lms.db')
# Read and execute schema
with open('schema.sql', 'r') as f:
conn.executescript(f.read())
# Read and execute seed data
with open('seed_data.sql', 'r') as f:
conn.executescript(f.read())
conn.close()
print("Database initialized successfully!")
EOFcd backend
# Create virtual environment
python3 -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
# Install dependencies
pip install -r requirements.txt
# Create .env file
cat > .env << EOF
DATABASE_URL=../db/lms.db
JWT_SECRET_KEY=your-super-secret-key-change-this-in-production
ENVIRONMENT=development
EOF
# Run backend
python main.py
# Backend will run on http://localhost:8000cd mcp_server
# Copy your lms_mcp_server.py file here
# Ensure it's executable
chmod +x lms_mcp_server.py
# Test MCP server
python lms_mcp_server.py add_course << EOF
{
"course_id": "test_course",
"title": "Test Course",
"duration_weeks": 4,
"level": "Beginner"
}
EOFcd frontend
# Initialize React app (if not already done)
npm create vite@latest . -- --template react
# Install dependencies
npm install react-router-dom
# Copy App.jsx and App.css to src/
# Run development server
npm run dev
# Frontend will run on http://localhost:5173| Username | Password | Role | Permissions |
|---|---|---|---|
| admin | password123 | Super Admin | All permissions |
| instructor_john | password123 | Instructor | Course & student management |
| student_jane | password123 | Student | View courses, self-enrollment |
- Super Admin (Level 1) - Full system access
- Admin (Level 2) - User & course management
- Instructor (Level 3) - Course creation & teaching
- Student (Level 4) - Learning & enrollment
- Guest (Level 5) - Read-only access
Permissions follow the pattern: resource:action
Examples:
course:create- Create coursescourse:read- View coursesstudent:read_all- View all studentsanalytics:read- View analytics
- Hierarchical roles: Higher roles can manage lower roles
- Multi-role support: Users can have multiple roles
- Permission aggregation: Permissions from all roles are combined
- Resource-level ACL: Check ownership for specific resources
- Tool-permission mapping: MCP tools require specific permissions
POST /api/auth/login- Login with username/passwordPOST /api/auth/refresh- Refresh access tokenGET /api/auth/me- Get current user infoPOST /api/auth/logout- Logout
POST /api/courses- Create course (requirescourse:create)GET /api/courses- List courses (requirescourse:read)GET /api/courses/{id}- Get course details
POST /api/enrollments- Enroll student (requiresenrollment:create)GET /api/enrollments- List enrollments (filtered by role)
PUT /api/progress- Update progress (requiresprogress:update)
POST /api/users- Create user (requiresuser:create)GET /api/users- List users (requiresuser:read)POST /api/users/{id}/roles- Assign role (requiresuser:manage_roles)
GET /api/analytics/dashboard- Get dashboard stats (requiresanalytics:read)
GET /api/tools- List accessible toolsPOST /api/tools/{tool_name}- Execute tool (permission-checked)
- Total courses, students, enrollments
- Completion rates
- Recent activity tracking
- Enrollment trends
- Engagement scoring
- Risk prediction (dropout risk)
- Performance trends
- Time-to-completion estimates
- Course recommendations based on progress
- Learning path suggestions
- Intervention alerts for at-risk students
All actions are logged with:
- User ID
- Action type
- Resource affected
- Timestamp
- IP address
- Details
- JWT tokens with configurable expiration
- Refresh tokens for extended sessions
- Password hashing using bcrypt
- Session tracking with device info
- Fine-grained RBAC with permission checking
- Hierarchical role management
- Resource-level access control
- Tool-permission mapping
- Comprehensive audit logs for all actions
- Session management with tracking
- Failed login detection
- Permission denial logging
users- User accountsroles- Role definitionspermissions- Permission definitionsuser_roles- User-role assignments (many-to-many)role_permissions- Role-permission assignments (many-to-many)
courses- Course catalogcourse_modules- Course content structurestudents- Student profilesenrollments- Course enrollmentsmodule_progress- Detailed progress tracking
audit_logs- Action audit trailuser_sessions- Active sessionsstudent_analytics- AI-generated insightsrecommendations- Personalized recommendations
tool_registry- Available MCP toolstool_permissions- Tool-permission mapping
- Environment Variables
DATABASE_URL=postgresql://user:pass@host/db # Use PostgreSQL in production
JWT_SECRET_KEY=<strong-random-key>
ENVIRONMENT=production
ALLOWED_ORIGINS=https://yourdomain.com- Database Migration
- Switch from SQLite to PostgreSQL
- Set up connection pooling
- Enable WAL mode for better concurrency
- Security Hardening
- Enable HTTPS
- Configure CORS properly
- Set up rate limiting
- Enable SQL injection protection
- Implement CSRF protection
- Backend Deployment
# Using Docker
docker build -t lms-backend .
docker run -p 8000:8000 --env-file .env lms-backend
# Using systemd
sudo systemctl start lms-backend.service- Frontend Deployment
# Build production bundle
npm run build
# Serve with nginx or similar
cp -r dist/* /var/www/html/- Monitoring
- Set up error tracking (Sentry)
- Enable performance monitoring
- Configure log aggregation
- Set up health checks
cd backend
pytest tests/cd frontend
npm test# Test API endpoints
curl -X POST http://localhost:8000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"password123"}'- β Advanced RBAC
- β JWT Authentication
- β Basic analytics
- β Course management
- β Enrollment tracking
- AI-powered recommendations
- Student risk prediction
- Automated interventions
- Advanced analytics dashboard
- Email notifications
- Video integration
- Live classes
- Discussion forums
- Certificate generation
- Payment integration
- Mobile app
- Check Python version (3.9+)
- Verify all dependencies installed
- Check database file exists
- Review .env configuration
- Verify backend is running on port 8000
- Check CORS settings in main.py
- Ensure API_URL in App.jsx is correct
- Check user roles in database
- Verify role-permission mappings
- Review audit logs for details
- Ensure token is valid
- Check database file permissions
- Verify schema is initialized
- Run seed data script
- Check for locked database
For issues or questions:
- Check audit logs:
SELECT * FROM audit_logs ORDER BY timestamp DESC LIMIT 50; - Review user permissions: Run RBAC queries
- Check session status in
user_sessionstable - Review error logs in backend console
This is an enterprise LMS system built for educational purposes.
Built with:
- FastAPI (Backend framework)
- React (Frontend framework)
- SQLite/PostgreSQL (Database)
- MCP Protocol (AI integration)
- JWT (Authentication)