A robust, role-based REST API built with ASP.NET Core designed to manage online assessments securely. This system facilitates separate workflows for Teachers (administrators) and Students, secured by JWT (JSON Web Token) authentication.
This API solves the problem of secure, digital examination management. It enforces strict access controls: only teachers can manage content (courses, departments, questions) and view grades, while students are restricted to taking tests where answers are immutable once submitted to prevent malpractice.
-
Role-Based Login:
-
Teachers: Authenticate using
Staff ID+Password. -
Students: Authenticate using
Matriculation Number+Password. -
JWT Protection: All endpoints are secured with Bearer tokens to ensure only authorized users access specific resources.
-
Identity Management: Endpoints available to retrieve the currently logged-in user's profile.
- Content Management: Create, update, and delete Courses and Departments.
- Question Bank: Manage multiple-choice questions (Options A-D) linked to specific courses.
- Score Management: View student results and delete scores if necessary (by ID or Matriculation Number).
- Assessment: Access questions by course or department.
- Anti-Cheating: Answers are final upon submission; the API rejects attempts to modify submitted answers.
- Email Notifications: Integrated with SendGrid for alerts.
- Task Scheduling: Uses Hangfire for background jobs.
- Logging: Comprehensive error and activity logging via NLog.
- Framework: ASP.NET Core
- Database: SQL Server
- Security: JWT (JSON Web Tokens)
- Documentation: Swagger UI
- Utilities: SendGrid (Email), Hangfire (Jobs), NLog (Logging)
- .NET SDK
- SQL Server
- SendGrid API Key (optional for email features)
- Clone the repository:
git clone https://github.com/Otormin/QuizAPI.git
- Configure Database:
Update the
appsettings.jsonfile with your SQL Server connection string.
"ConnectionStrings": {
"DefaultConnection": "Server=YOUR_SERVER;Database=QuizDB;Trusted_Connection=True;"
}
- Apply Migrations:
dotnet ef database update
- Run the API:
dotnet run
- Explore:
Navigate to
https://localhost:5001/swaggerto view the API documentation and test endpoints.
| Feature | Method | Endpoint | Access |
|---|---|---|---|
| Auth | POST | /api/auth/login/teacher |
Public |
| Auth | POST | /api/auth/login/student |
Public |
| Courses | GET | /api/courses |
Authenticated |
| Courses | POST | /api/courses |
Teacher Only |
| Questions | POST | /api/questions |
Teacher Only |
| Answers | POST | /api/answers |
Student Only |
| Scores | GET | /api/scores/student/{matricNo} |
Teacher Only |