A minimal backend implementation of a CourseHub platform.
This project focuses on role-based access, course ownership, and enrollment logic using a clean and practical backend design.
- Node.js
- Express
- TypeScript
- Prisma ORM
- JWT Authentication
- bcrypt
- Users register as Instructor or Student
- Login returns a JWT token
- Protected routes use an auth middleware
/auth/mereturns the authenticated user
JWT is used for authentication only.
Authorization is handled using roles and database relationships.
- Create course drafts
- Publish courses (requires at least one lesson)
- Update and delete draft courses
- Manage lessons for draft courses
- View lessons of owned courses
Constraints
- Only course owners can manage their courses
- Published courses cannot be modified
- Enroll in published courses
- Access lessons of enrolled courses
- Mark lessons as completed
- Enrollment and progress actions are idempotent
Constraints
- Students can only access enrolled courses
- Instructor access to student routes is restricted
- JWT middleware attaches
req.user - No repeated user existence checks after authentication
- Access is validated via:
- role checks
- course ownership
- enrollment relationships
This keeps the system simple while avoiding unnecessary database queries.
- Backend MVP completed
- Core flows implemented for instructors and students
- Focused on correctness, access control, and clean API design