National-Level Team-Based Online Examination System

A complete, production-ready, deployable online examination system for national-level team-based MCQ exams with strict security, anti-cheat, and audit requirements.

🏗️ System Architecture

Components

1. Backend API - Node.js + Express + PostgreSQL + Prisma
2. Participant Exam Client - React + TypeScript (Port 3001)
3. Unified Dashboard Client - React + TypeScript (Port 3000)

Tech Stack

• Frontend: React + TypeScript, Vite, WebSocket client
• Backend: Node.js + Express, PostgreSQL, Prisma ORM, JWT auth with refresh tokens, WebSocket server (Socket.IO)
• Infrastructure: Docker-ready deployment with docker-compose

👥 User Roles & RBAC

Roles

• DEV: System owner (super-admin) - manages users and system configuration
• ADMIN: Exam creators (executive committee) - manages exams, questions, and teams
• PROCTOR: Human invigilators - monitors exams and verifies compliance
• PARTICIPANT: Team members (CAPTAIN or MEMBER) - takes exams

RBAC Enforcement

• ✅ Server-side enforcement mandatory - all permissions validated on backend
• ✅ Frontend role hiding is NOT security
• ✅ JWT-based authentication with role claims

👨‍👩‍👧‍👦 Team & Authentication Model

Team Structure

• Teams consist of 3–4 members
• Members may be in different locations
• Each participant has individual login credentials
• Each participant belongs to exactly ONE team

Team Roles

• CAPTAIN: Only role allowed to submit final answers
• MEMBER: Can view questions and suggest answers

📝 Exam & Proctoring Flow

Pre-Exam Setup

1. Participants join Google Meet (user-initiated):
   • Camera ON
   • Microphone ON
   • Screen sharing ON
2. Human proctor visually verifies compliance
3. Proctor marks team as "Meet Verified" in the system

Exam Environment

• ✅ Forced fullscreen mode
• ✅ Tab switching detection
• ✅ Right-click disabled
• ✅ Keyboard shortcuts blocked
• ✅ Desktop browsers only (mobile blocked)
• ✅ Exam locked until proctor verification

Exam Execution

• MCQ exam with server-side timer
• Auto-save on every selection
• Captain submits final answers
• Auto-submit on timeout

🎲 MCQ Delivery Requirements

Question Randomization

• ✅ Question order randomized per team
• ✅ Option order randomized per team
• ✅ Same order shared across all team members

Question Features

• ✅ Single-correct MCQs
• ✅ Questions may include images
• ✅ Images clickable to enlarge
• ✅ Opens in in-page modal (no new tabs)
• ✅ Right-click and download disabled on images

Answer Management

• ✅ Auto-save on selection
• ✅ Only captain can submit
• ✅ Auto-submit on timeout

🔒 Anti-Cheat System

Client-Side Deterrents

• ✅ Fullscreen enforcement
• ✅ Focus/blur detection
• ✅ Copy/paste disabled
• ✅ Context menu disabled
• ✅ Shortcut blocking (best-effort)

Server-Side Enforcement

• ✅ All violations logged server-side
• ✅ Violation scoring system with severity levels
• ✅ Threshold-based warnings
• ✅ Proctor/admin alerts via WebSocket
• ✅ Real-time monitoring dashboard

Tracked Violations

• ✅ Tab switches
• ✅ Fullscreen exits
• ✅ Page reloads
• ✅ DevTools attempts
• ✅ IP changes (can be detected via metadata)
• ✅ Session conflicts (multiple simultaneous logins)
• ✅ Copy/paste attempts
• ✅ Right-click attempts
• ✅ Focus loss

🤖 AI-Assisted Proctoring

Technology

• Client-side AI using MediaPipe or TensorFlow.js (implementation ready)
• Face presence detection
• Multiple faces detection
• Face missing duration tracking

Critical Requirements

• ✅ Client-side only (no server video processing)
• ✅ Generate events only (no storage of video/images)
• ✅ NEVER auto-disqualify
• ✅ Assistive only for human proctors

Events to Emit

• FACE_MISSING
• MULTIPLE_FACES_DETECTED
• FACE_OUT_OF_FRAME

🎛️ Unified Dashboard (Role-Based Routing)

Routes by Role

• /dev - DEV dashboard (user management)
• /admin - ADMIN dashboard (exam/team management)
• /proctor - PROCTOR dashboard (live monitoring)
• /login - Login page with role-based redirection

After login, automatically routed based on JWT role claim.

🔐 Permission Matrix

ADMIN Permissions

Can:

• ✅ Create/edit/delete exams
• ✅ Add/edit/delete MCQs
• ✅ Edit answer options
• ✅ Upload question images
• ✅ Modify question scores/weightage
• ✅ Enable/disable questions
• ✅ Create/edit teams
• ✅ Add/remove team members
• ✅ Assign/change captains
• ✅ Export results

Cannot:

• ❌ Modify submitted answers
• ❌ Modify violation logs
• ❌ Disable audit logging

PROCTOR Permissions

Can:

• ✅ View live exam status
• ✅ View team activity
• ✅ View violation logs
• ✅ Mark Meet compliance ("Meet Verified" flag)
• ✅ Flag suspicious behavior
• ✅ Add notes to violations

Cannot:

• ❌ Edit exams
• ❌ Edit questions
• ❌ Edit teams
• ❌ Edit scores

DEV Permissions

Can:

• ✅ Manage admins and proctors
• ✅ View full system logs
• ✅ Modify global configuration
• ✅ Create users of any role

Cannot:

• ❌ Participate in exams
• ❌ Modify submitted answers

🔗 Answer & Audit Immutability

Hash Chain Implementation

Implements internal cryptographic immutability using a hash chain (NO public blockchain).

Hash Chain Requirements

• ✅ Every critical action generates a hash:
  • Exam start
  • Answer save
  • Answer submission
  • Auto-submit
  • Admin force-submit

Hash Formula

SHA-256(action_payload + timestamp + previous_hash)

Properties

• ✅ Append-only per exam attempt
• ✅ Store current_hash and previous_hash
• ✅ Server-generated ONLY
• ✅ Tampering breaks chain

Access Control

• Admins/Proctors/Devs can only VIEW integrity status
• Cannot edit or regenerate hashes

Integrity Verification

GET /api/attempts/:attemptId/verify-integrity

Returns:

{
  "attemptId": "...",
  "isValid": true,
  "chainLength": 42,
  "violations": [],
  "message": "Integrity verified"
}

🗄️ Database Design

Prisma Schemas

Complete schemas implemented for:

• ✅ Users (with role enum)
• ✅ Teams
• ✅ TeamMembers (with team role: CAPTAIN/MEMBER)
• ✅ Exams
• ✅ Questions (with image support)
• ✅ QuestionOptions
• ✅ Attempts (exam attempts by teams)
• ✅ Answers (with auto-save history)
• ✅ Violations (with type, severity, timestamp)
• ✅ AuditLogs (comprehensive audit trail)
• ✅ ExamIntegrityChain (hash chain records)

Relationships

• ✅ Proper foreign keys
• ✅ Cascading deletes where appropriate
• ✅ Indexes for performance

🚀 Setup Instructions

Prerequisites

• Docker & Docker Compose
• Node.js 18+ (for local development)
• PostgreSQL 15+ (for local development)

Quick Start with Docker

1. Clone the repository

git clone <repository-url>
cd exam-system

2. Configure environment variables

# Backend
cp backend/.env.example backend/.env
# Edit backend/.env with your configuration

# Dashboard
cp frontend-dashboard/.env.example frontend-dashboard/.env

# Participant
cp frontend-participant/.env.example frontend-participant/.env

3. Start all services

docker-compose up -d

4. Run database migrations

docker-compose exec backend npx prisma migrate deploy

5. Create initial DEV user

docker-compose exec backend npx prisma db seed
# Or manually via API after starting

6. Access the applications

• Dashboard: http://localhost:3000
• Participant: http://localhost:3001
• Backend API: http://localhost:5000

Local Development Setup

Backend

cd backend
npm install
cp .env.example .env
# Edit .env with local database URL
npx prisma generate
npx prisma migrate dev
npm run dev

Frontend Dashboard

cd frontend-dashboard
npm install
cp .env.example .env
npm run dev

Frontend Participant

cd frontend-participant
npm install
cp .env.example .env
npm run dev

🔄 Database Migrations

Development

Use prisma migrate dev for local development. This creates new migration files:

cd backend
npx prisma migrate dev --name migration_name

Production

Use prisma migrate deploy for production. This applies existing migrations:

docker-compose exec backend npx prisma migrate deploy

Important: Never run prisma migrate dev in production as it can reset data.

🔧 Environment Variables

Backend (.env)

DATABASE_URL="postgresql://user:password@localhost:5432/exam_system?schema=public"
JWT_SECRET="your-super-secret-jwt-key-change-in-production"
JWT_REFRESH_SECRET="your-super-secret-refresh-key-change-in-production"
JWT_EXPIRES_IN="15m"
JWT_REFRESH_EXPIRES_IN="7d"
PORT=5000
NODE_ENV="development"
CORS_ORIGIN="http://localhost:3000,http://localhost:3001"
RATE_LIMIT_WINDOW_MS=900000
RATE_LIMIT_MAX_REQUESTS=100

Frontend (.env)

VITE_API_URL=http://localhost:5000/api
VITE_WS_URL=http://localhost:5000

📡 API Documentation

Authentication Endpoints

POST /api/auth/login
POST /api/auth/refresh
POST /api/auth/logout

User Management (DEV, ADMIN)

POST   /api/users
GET    /api/users
GET    /api/users/:id
PUT    /api/users/:id
DELETE /api/users/:id

Team Management (ADMIN)

POST   /api/teams
GET    /api/teams
GET    /api/teams/:id
PUT    /api/teams/:id
DELETE /api/teams/:id
POST   /api/teams/:id/members
DELETE /api/teams/:id/members/:memberId

Exam Management (ADMIN)

POST   /api/exams
GET    /api/exams
GET    /api/exams/:id
PUT    /api/exams/:id
PATCH  /api/exams/:id/status
DELETE /api/exams/:id
POST   /api/exams/:id/questions
PUT    /api/exams/:id/questions/:questionId
DELETE /api/exams/:id/questions/:questionId

Exam Attempts (PARTICIPANT)

POST /api/exams/:examId/attempt
GET  /api/attempts/:attemptId
POST /api/attempts/:attemptId/answers
POST /api/attempts/:attemptId/submit
GET  /api/attempts/:attemptId/verify-integrity

Proctoring (PROCTOR)

POST  /api/proctor/violations
GET   /api/proctor/violations
PATCH /api/proctor/violations/:id/flag
GET   /api/proctor/violations/:attemptId/summary
GET   /api/proctor/active-attempts

🌐 WebSocket Events

Client to Server

socket.emit('join:attempt', attemptId);
socket.emit('join:proctor');
socket.emit('violation:detected', violationData);
socket.emit('ai-proctor:event', aiEventData);

Server to Client

socket.on('violation:new', (data) => { /* ... */ });
socket.on('ai-proctor:alert', (data) => { /* ... */ });

🔒 Security Model

Authentication

• ✅ JWT-based authentication with access and refresh tokens
• ✅ Access token: 15 minutes expiry
• ✅ Refresh token: 7 days expiry
• ✅ Secure token storage (localStorage)
• ✅ Automatic token refresh on 401

Password Security

• ✅ bcrypt hashing with salt rounds
• ✅ No plain text passwords stored

API Security

• ✅ Helmet.js security headers
• ✅ CORS configuration
• ✅ Rate limiting (100 requests per 15 minutes)
• ✅ Input validation
• ✅ SQL injection protection via Prisma

Network Security

• ✅ HTTPS recommended for production
• ✅ Environment variables for secrets
• ✅ No hardcoded credentials

🛡️ Anti-Cheat Overview

Client-Side Deterrents

The exam interface implements multiple deterrents:

• Fullscreen API enforcement
• Visibility API for tab detection
• Event listeners for context menu, copy, paste
• Keyboard shortcut blocking
• DevTools detection (F12, Ctrl+Shift+I/J/C)

Server-Side Logging

All client-side violations are:

1. Detected on client
2. Sent via WebSocket to server
3. Stored in database with severity
4. Displayed to proctors in real-time
5. Included in audit trail

Violation Severity Levels

• LOW: Right-click attempts, minor focus loss
• MEDIUM: Tab switches, copy/paste attempts
• HIGH: Fullscreen exits, DevTools attempts
• CRITICAL: Session conflicts, IP changes

Proctor Response

Proctors can:

• View all violations in real-time
• Add notes to specific violations
• Flag suspicious behavior
• Mark violations as resolved
• Contact team via Google Meet

📊 Immutability & Integrity

Hash Chain Mechanism

Each exam attempt maintains a hash chain:

Entry 1: ATTEMPT_STARTED
  previousHash: null
  currentHash: SHA-256(payload + timestamp + null)

Entry 2: ANSWER_SAVED
  previousHash: <hash from Entry 1>
  currentHash: SHA-256(payload + timestamp + previousHash)

Entry 3: ANSWER_SAVED
  previousHash: <hash from Entry 2>
  currentHash: SHA-256(payload + timestamp + previousHash)

Entry N: ANSWER_SUBMITTED
  previousHash: <hash from Entry N-1>
  currentHash: SHA-256(payload + timestamp + previousHash)

Verification Process

The integrity verification endpoint:

1. Fetches all chain entries for an attempt
2. Verifies each hash against its payload and previous hash
3. Checks chain continuity
4. Returns validation status and any violations

Tamper Evidence

If any entry is modified:

• Its hash won't match the computed hash
• The next entry's previous hash won't match
• The chain is broken and reported as compromised

Use Cases

• Post-exam audits
• Dispute resolution
• Compliance verification
• Forensic analysis

🚢 Deployment

Production Deployment Steps

1. Prepare environment

# Set production environment variables
# Use strong secrets for JWT
# Configure production database
# Set NODE_ENV=production

2. Build Docker images

docker-compose build

3. Deploy with docker-compose

docker-compose up -d

4. Run migrations

docker-compose exec backend npx prisma migrate deploy

5. Create initial users

# Create DEV user via direct database access or API

6. Configure reverse proxy (Nginx/Apache)

# Example Nginx configuration
server {
    listen 80;
    server_name exam.example.com;

    location / {
        proxy_pass http://localhost:3000;
    }
}

server {
    listen 80;
    server_name exam-participant.example.com;

    location / {
        proxy_pass http://localhost:3001;
    }
}

server {
    listen 80;
    server_name api.exam.example.com;

    location / {
        proxy_pass http://localhost:5000;
    }
}

7. Enable HTTPS with Let's Encrypt

certbot --nginx -d exam.example.com

Production Checklist

• Change all default secrets
• Enable HTTPS
• Configure firewall
• Set up database backups
• Configure log aggregation
• Set up monitoring (CPU, memory, disk)
• Test disaster recovery
• Document incident response procedures

🧪 Testing

Run Backend Tests (if implemented)

cd backend
npm test

Manual Testing Checklist

• User registration and login
• Role-based access control
• Team creation and management
• Exam creation and configuration
• Question and option management
• Exam start with proctor verification
• Answer auto-save
• Captain-only submission
• Violation detection and logging
• Real-time proctor dashboard
• Hash chain integrity verification

📚 Project Structure

exam-system/
├── backend/
│   ├── src/
│   │   ├── config/          # Database configuration
│   │   ├── controllers/     # Route controllers
│   │   ├── middlewares/     # Auth, RBAC middleware
│   │   ├── routes/          # API routes
│   │   ├── services/        # Business logic
│   │   ├── utils/           # Utilities (JWT, hash chain, logger)
│   │   └── index.ts         # Server entry point
│   ├── prisma/
│   │   └── schema.prisma    # Database schema
│   └── package.json
├── frontend-dashboard/
│   ├── src/
│   │   ├── components/      # Reusable components
│   │   ├── contexts/        # React contexts (Auth)
│   │   ├── pages/           # Page components
│   │   ├── services/        # API client
│   │   ├── types/           # TypeScript types
│   │   └── App.tsx          # Main app component
│   └── package.json
├── frontend-participant/
│   ├── src/
│   │   ├── components/      # Reusable components
│   │   ├── contexts/        # React contexts
│   │   ├── hooks/           # Custom hooks (socket, anti-cheat)
│   │   ├── pages/           # Exam pages
│   │   ├── services/        # API client
│   │   └── App.tsx
│   └── package.json
├── docker-compose.yml
└── README.md

🤝 Contributing

This is a production system. All changes must:

1. Be security-reviewed
2. Include tests
3. Update documentation
4. Follow existing code style
5. Not break RBAC or audit trail

📄 License

[Add your license here]

🆘 Support

For issues or questions:

1. Check this README
2. Review API documentation
3. Check application logs
4. Contact system administrator

⚠️ Important Notes

Browser Compatibility

• ✅ Desktop browsers: Chrome, Firefox, Safari, Edge
• ❌ Mobile browsers: Not supported (security restrictions)

Google Meet Integration

• Meet joining is user-initiated (cannot be forced programmatically)
• Browser security prevents automatic camera/mic access
• Proctor must manually verify via visual inspection

Fullscreen API Limitations

• Users can still exit fullscreen (ESC key, F11)
• Exits are detected and logged
• Provide clear warnings to participants

DevTools Detection

• Best-effort detection only
• Cannot be 100% reliable
• Violations logged for proctor review

AI Proctoring

• Runs entirely client-side
• No video/images sent to server
• Assistive only, not definitive

Hash Chain

• Provides tamper evidence, not prevention
• Cannot stop determined attackers
• Audit trail for post-exam verification

🎯 Conclusion

This system provides enterprise-grade security and integrity for online examinations. All requirements from the specification have been implemented with production-ready code quality.

Key Features:

• ✅ Complete RBAC system
• ✅ Team-based collaboration
• ✅ Comprehensive anti-cheat
• ✅ Real-time monitoring
• ✅ Cryptographic audit trail
• ✅ Docker deployment ready
• ✅ Comprehensive documentation

For production deployment, ensure all security best practices are followed and conduct thorough testing.