A secure, scalable online coding platform with real-time code execution, competitive programming features, and classroom management.
- β Secure Code Execution: Docker-isolated execution for C++, Python, Java, JavaScript
- β 30+ LeetCode-style Problems: Comprehensive test cases for each problem
- β Real-time Leaderboards: Live competition tracking
- β Classroom Management: Teacher dashboards, student progress tracking
- β Battle Mode: 1v1 coding competitions
- β Competition System: Timed contests with rankings
- π Docker Isolation: Each submission runs in isolated container
- π Resource Limits: CPU, Memory, Time constraints enforced
- π Network Isolation: Containers have no network access
- π Seccomp Filtering: Syscall restrictions via seccomp profile
- π No Privilege Escalation: Security hardening enabled
- π Automatic Cleanup: Containers destroyed after execution
- β‘ Template Engine: Auto-generates input parsing for C++ signatures
- β‘ Validation Modes: Exact match, floating-point (epsilon), custom validators
- β‘ Async Execution: Bull queue for background job processing
- β‘ Real-time Updates: WebSocket support for live competitions
- β‘ Row Level Security: Supabase RLS for data protection
LETS_PREP_/
βββ Backend/ # Node.js + Express API
β βββ src/
β β βββ services/
β β β βββ execution/ # Code execution engine
β β β β βββ IsolationManager.ts
β β β β βββ TemplateEngine.ts
β β β β βββ Validator.ts
β β β βββ codeExecution.service.ts
β β βββ controllers/ # API controllers
β β βββ routes/ # API routes
β β βββ definitions/ # Language configs
β βββ scripts/ # Utility scripts
β βββ seccomp_profile.json # Security profile
βββ Frontend/ # Next.js 16 + React
β βββ app/ # App router pages
β βββ components/ # React components
β βββ lib/ # Utilities
β βββ supabase/ # Database migrations
βββ .github/
βββ workflows/ # CI/CD pipelines
- Runtime: Node.js 20+
- Framework: Express.js
- Database: Supabase (PostgreSQL)
- Queue: Bull (Redis)
- Execution: Docker + Dockerode
- Validation: Zod
- Auth: JWT + Supabase Auth
- Framework: Next.js 16 (App Router)
- UI: React 19 + Tailwind CSS
- Components: Radix UI + shadcn/ui
- Code Editor: Monaco Editor
- State: React Hooks
- Auth: Supabase Auth
- Containerization: Docker
- CI/CD: GitHub Actions
- Security: TruffleHog, Dependabot, CodeRabbit
- Monitoring: Vercel Analytics (optional)
- Node.js 20+
- Docker Desktop
- Git
- Supabase account
git clone https://github.com/YOUR_USERNAME/LETS_PREP_.git
cd LETS_PREP_cd Backend
# Install dependencies
npm install
# Copy environment template
cp .env.example .env
# Edit .env with your Supabase credentials
# Get from: https://app.supabase.com/project/_/settings/api
# Pull Docker images for code execution
npx ts-node pull_images.ts
# Start development server
npm run devBackend runs on http://localhost:3001
cd Frontend
# Install dependencies
npm install
# Copy environment template
cp .env.example .env.local
# Edit .env.local with your Supabase credentials
# Start development server
npm run devFrontend runs on http://localhost:3000
- Go to Supabase Dashboard β SQL Editor
- Run migrations in order:
Frontend/supabase/complete_setup.sqlFrontend/supabase/add_all_testcases.sql
cd Backend
npx ts-node verify_engine.tsShould output: β All tests passed
- π Setup Guide - Installation and configuration
- π Deployment Guide - Production deployment instructions
- π Security Policy - Security measures and reporting
- π‘οΈ Security Audit - Latest vulnerability assessment
- β push Checklist - Pre-commit verification
- π§ͺ Test Cases - Adding and managing test cases
- ποΈ Architecture - System design and data flow
- β¨ Features - Detailed feature documentation
This project implements industry-standard security practices:
- β No secrets in source code
- β Environment variables for all credentials
- β Docker isolation for untrusted code
- β Input validation and sanitization
- β SQL injection prevention
- β XSS protection
- β CSRF protection
- β Rate limiting
- β Automated security audits
Found a security vulnerability? Email: security@lets-prep.com
# Backend unit tests
cd Backend
npm test
# Frontend tests
cd Frontend
npm test
# E2E tests
npm run test:e2ecd Backend
npx ts-node test_find_k_closest.tscd Frontend
npx vercelcd Backend
railway init
railway updocker-compose up -dSee GITHUB_PUSH_GUIDE.md for detailed deployment instructions.
- Fork the repository
- Create feature branch:
git checkout -b feature/amazing-feature - Commit changes:
git commit -m 'feat: add amazing feature' - Push to branch:
git push origin feature/amazing-feature - Open Pull Request
Note: All PRs are automatically reviewed by CodeRabbit AI.
SUPABASE_URL=your_supabase_url
SUPABASE_SERVICE_ROLE_KEY=your_service_role_key
JWT_SECRET=your_jwt_secret
DOCKER_ENABLED=trueSee .env.example for complete list.
NEXT_PUBLIC_SUPABASE_URL=your_supabase_url
NEXT_PUBLIC_SUPABASE_ANON_KEY=your_anon_key
NEXT_PUBLIC_API_URL=http://localhost:3001User Code β API β Queue β Worker β IsolationManager β Docker Container
β
Expected Output β Validator β TemplateEngine β Container Output
- Input Validation: Zod schemas
- Template Injection: Safe code wrapping
- Docker Isolation: Container per execution
- Resource Limits: CPU/Memory/Time constraints
- Seccomp Profile: Syscall filtering
- Output Validation: Normalized comparison
- Execution Time: ~2-5s per submission (including Docker overhead)
- Concurrent Executions: Limited by Docker resources
- Scalability: Horizontal scaling via worker nodes
- Caching: Template compilation cached
- Nested vector types not fully supported in C++ parser
- Python async/await requires special handling
- Java class name must be "Solution"
See Issues for full list.
MIT License - see LICENSE file
- Developer: Kartik Pant
- Security: kartikpant.kp69@gmail.com
- Support: kartikpant.kp69@gmail.com
- LeetCode for problem inspiration
- Supabase for backend infrastructure
- Docker for secure execution environment
- shadcn/ui for beautiful components
β Star this repo if you find it useful!
π Report bugs: GitHub Issues
π¬ Discussions: GitHub Discussions