A comprehensive Backend API for an online English learning platform, supporting learners to improve their language skills through interactive lessons, practice exercises, and progress tracking.
- Authentication and authorization (JWT with Access & Refresh Token)
- User profile management (students, instructors, administrators)
- Email verification
- Integrated wallet system
- Create and manage courses
- Lesson management and content delivery
- Rating and review system
- Analytics and learning progress tracking
- Create and manage flashcard decks
- Spaced Repetition System (SRS)
- Tag management and categorization
- Vocabulary learning progress tracking
- Practice session system
- Standardized English test types
- Automatic grading
- Answer and result storage
- Shopping cart and order management
- MoMo payment gateway integration
- Wallet top-up
- Transaction management
- Subscription plans for course sellers
- Subscription contract management
- Payment tracking
- In-app notifications
- Email notifications
- Event-driven notification system
- Content violation reporting
- Admin analytics dashboard
- User activity tracking
- Node.js 20 LTS - JavaScript runtime
- Express 5 - Web framework
- TypeScript - Type-safe development
- PostgreSQL - Relational database
- Prisma - Next-generation ORM
- Redis - Caching and session management
- JWT (jsonwebtoken) - Token-based authentication
- bcrypt - Password hashing
- cookie-parser - Cookie handling
- AWS S3 - Cloud file storage
- Multer - File upload middleware
- multer-s3 - S3 integration
- Zod - Schema validation
- tsx - TypeScript execution
- nodemon - Auto-restart development server
- esbuild - Fast bundler
- tsc-alias - TypeScript path alias resolver
- Nodemailer - Email sending
- Axios - HTTP client
- MoMo Payment Gateway - Payment integration
backend/
βββ src/
β βββ app.ts # Express app configuration
β βββ server.ts # Server entry point
β βββ middlewares/ # Custom middlewares
β β βββ auth.middleware.ts
β β βββ optionalAuth.middleware.ts
β β βββ enrollment.middleware.ts
β β βββ upload.ts
β β βββ validations.middleware.ts
β βββ modules/ # Feature modules
β β βββ auth/ # Authentication
β β βββ users/ # User management
β β βββ admin/ # Admin dashboard
β β βββ courses/ # Course management
β β βββ flashcards/ # Flashcard system
β β βββ tests/ # Testing system
β β βββ practice_sessions/ # Practice sessions
β β βββ cart/ # Shopping cart
β β βββ topupOrders/ # Wallet topup
β β βββ notifications/ # Notification system
β β βββ reports/ # Report management
β β βββ seller/ # Course seller features
β β βββ student-learning/ # Student features
β β βββ contract-management/ # Contract management
β β βββ course-management-by-admin/
β β βββ application-management-by-admin/
β βββ services/ # Core services
β βββ repositories/ # Data access layer
β βββ types/ # TypeScript types
β βββ utils/ # Utility functions
β βββ seed/ # Database seeders
βββ prisma/
β βββ schema.prisma # Prisma schema
β βββ migrations/ # Database migrations
βββ dist/ # Compiled output
βββ Dockerfile # Docker configuration
βββ package.json # Dependencies
βββ tsconfig.json # TypeScript configuration
Each module follows a layered architecture:
module/
βββ controllers/ # Request handlers
βββ services/ # Business logic
βββ repositories/ # Database operations
βββ dtos/ # Data Transfer Objects
βββ routes/ # Route definitions
- Node.js >= 20.x
- PostgreSQL >= 14.x
- Redis >= 6.x
- npm or yarn
git clone <repository-url>
cd capstone-project/backendnpm installCreate a .env file in the backend/ directory:
# Database
DATABASE_URL="postgresql://postgres:postgres@localhost:5432/capstone_dev"
# Server
PORT=3000
NODE_ENV=development
# JWT Secrets
ACCESS_TOKEN_SECRET="your-access-token-secret"
REFRESH_TOKEN_SECRET="your-refresh-token-secret"
# AWS S3 Configuration
AWS_REGION="ap-south-1"
AWS_ACCESS_KEY_ID="your-access-key-id"
AWS_SECRET_ACCESS_KEY="your-secret-access-key"
AWS_S3_BUCKET_NAME="your-bucket-name"
# Text-to-Speech Service (Optional)
TTS_API_ENDPOINT="https://your-tts-service.com/generate-tts"
TTS_FILE_BASE_URL="https://your-tts-service.com"
# Email Configuration (Optional)
SMTP_HOST="smtp.gmail.com"
SMTP_PORT=587
SMTP_USER="[email protected]"
SMTP_PASS="your-app-password"
# MoMo Payment (Optional)
MOMO_PARTNER_CODE="your-partner-code"
MOMO_ACCESS_KEY="your-access-key"
MOMO_SECRET_KEY="your-secret-key"npm run prisma:generatenpm run prisma:migratenpm run prisma:seednpm run prisma:studionpm run dev# Build project
npm run build
# Start server
npm startServer will run at: http://localhost:3000
docker build -t english-learning-backend .docker run -p 3000:3000 \
-e DATABASE_URL="postgresql://..." \
-e ACCESS_TOKEN_SECRET="..." \
-e REFRESH_TOKEN_SECRET="..." \
english-learning-backenddocker-compose up -dGET / # Server health check
POST /api/auth/register # Register account
POST /api/auth/login # Login
POST /api/auth/logout # Logout
POST /api/auth/refresh # Refresh access token
POST /api/auth/verify-email # Verify email
POST /api/auth/forgot-password
POST /api/auth/reset-password
GET /api/users # Get users list
GET /api/users/:id # Get user info
PUT /api/users/:id # Update user
DELETE /api/users/:id # Delete user
GET /api/courses # List courses
GET /api/courses/:id # Course details
POST /api/courses # Create course (Seller)
PUT /api/courses/:id # Update course
DELETE /api/courses/:id # Delete course
GET /api/courses/:id/lessons # List lessons
POST /api/courses/:id/enroll # Enroll in course
GET /api/ratings # List ratings
POST /api/ratings # Create rating
PUT /api/ratings/:id # Update rating
DELETE /api/ratings/:id # Delete rating
GET /api/flashcard-decks # List flashcard decks
POST /api/flashcard-decks # Create flashcard deck
GET /api/flashcards # List flashcards
POST /api/flashcards # Create flashcard
POST /api/flashcard-review # Review flashcard
GET /api/tags # List tags
GET /api/tests # List tests
GET /api/tests/:id # Test details
POST /api/practice-sessions # Create practice session
POST /api/practice-sessions/:id/submit # Submit answers
GET /api/carts # View cart
POST /api/carts/items # Add to cart
DELETE /api/carts/items/:id # Remove from cart
POST /api/carts/checkout # Checkout
GET /api/topup-orders # Topup history
POST /api/topup-orders # Create topup order
GET /api/notifications # List notifications
PUT /api/notifications/:id/read # Mark as read
DELETE /api/notifications/:id # Delete notification
GET /api/reports # List reports
POST /api/reports # Create report
PUT /api/reports/:id # Handle report (Admin)
GET /api/admin/dashboard # Dashboard analytics
GET /api/admin/users # Manage users
PUT /api/admin/users/:id # Update user
GET /api/admin/courses # Manage courses
PUT /api/admin/courses/:id/approve # Approve course
GET /api/seller/courses # Seller's courses
GET /api/seller/analytics # Seller analytics
POST /api/seller/application # Apply to become seller
GET /api/student/enrolled-courses # Enrolled courses
GET /api/student/progress # Learning progress
GET /api/student/achievements # Achievements
Note: Some endpoints require JWT token in header:
Authorization: Bearer <access_token>
The system uses PostgreSQL with Prisma ORM. Main models:
- User - Users (students, instructors, admin)
- Course - Courses
- Lesson - Lessons
- FlashcardDeck - Flashcard decks
- Flashcard - Vocabulary cards
- Test - Tests
- PracticeSession - Practice sessions
- Order - Orders
- Cart - Shopping cart
- Wallet - Digital wallet
- Notification - Notifications
- Rating - Ratings
- Report - Reports
See detailed schema at backend/prisma/schema.prisma
# Development
npm run dev # Run dev server with hot-reload
# Build
npm run build # Build TypeScript
npm run build:esbuild # Build with esbuild (faster)
# Production
npm start # Run production server
# Prisma
npm run prisma:generate # Generate Prisma Client
npm run prisma:migrate # Run migrations
npm run prisma:deploy # Deploy migrations (production)
npm run prisma:studio # Open Prisma Studio GUI
npm run prisma:seed # Seed notification types
# Testing data
npm run seed:test # Seed test dataThe project uses TypeScript path aliases for cleaner imports:
import { userService } from '@modules/users/services/user.service'
import { authMiddleware } from '@middlewares/auth.middleware'
import { prisma } from '@services/database.service'
import { hashPassword } from '@utils/password.util'Centralized error handling with custom error classes and error middleware.
Request validation using Zod schemas in DTOs.
- User logs in β Receives Access Token (15m) & Refresh Token (7d)
- Access Token stored in memory, Refresh Token in HTTP-only cookie
- When Access Token expires β Use Refresh Token to get new token
- Middleware
authMiddlewareverifies token before accessing protected routes
- Use TypeScript strict mode
- Follow ESLint and Prettier rules
- Adhere to naming conventions:
- Files:
kebab-case.ts - Classes:
PascalCase - Functions/Variables:
camelCase - Constants:
UPPER_SNAKE_CASE
- Files:
- Branch naming:
feature/,bugfix/,hotfix/ - Commit message format:
feat:,fix:,docs:,refactor:
# Create new migration
npx prisma migrate dev --name <migration-name>
# Reset database (development only)
npx prisma migrate reset
# Deploy migrations (production)
npx prisma migrate deploy- Passwords hashed using bcrypt (salt rounds: 10)
- JWT tokens with expiration time
- HTTP-only cookies for refresh tokens
- CORS configuration
- Input validation with Zod
- SQL injection protection via Prisma
- Rate limiting (recommended to add)
- Helmet middleware (recommended to add)
This project is licensed under the ISC License.
- Development Team - FPT University Capstone Project
If you encounter any issues, please create an issue on the GitHub repository.
Made with β€οΈ for English learners