This repository contains the backend API for a Learning Management System (LMS) Admin Panel, designed to handle users, courses, enrollments, modules, and lessons with role-based access control.
Built using Node.js, Express, and MongoDB (Mongoose), the project follows clean architecture principles, centralized error handling, and secure authentication using JWT.
🎥 Demo Preview
The current preview showcases core functionality of the project.
A refreshed walkthrough highlighting recent UI improvements will be added soon.
Watch Demo: View Here
- Role-based Authentication & Authorization
- Real-time dashboard updates with Server-Sent Events (SSE)
- Secure JWT-based login system
- Modular, scalable project structure
- Consistent API response & error format
- Designed for real-world LMS workflows
The system supports three user roles, each with clearly defined permissions:
| Role | Permissions |
|---|---|
| ADMIN | Full access to users, courses, modules, lessons, and enrollments |
| INSTRUCTOR | Create & manage own courses, modules, and lessons |
| STUDENT | Enroll in courses and track learning progress |
- Only verified users can access protected routes
- Blocked users are prevented from logging in
- Role checks are enforced via middleware
-
Create, update, and view courses
-
Assign instructors to courses
-
Supports free & paid courses
-
Course lifecycle management:
DRAFTPUBLISHEDUNPUBLISHED
Courses are structured for better learning flow:
- Belong to a specific course
- Ordered sequence for learning paths
-
Belong to modules
-
Include:
- Video URL
- Duration
-
Strict ordering inside modules
-
Students can enroll in published courses
-
One enrollment per student per course
-
Tracks:
- Enrollment status
- Learning progress
- Completion state
- Password hashing using bcrypt
- Email verification for new users
- Secure password reset flow
- Authentication via JWT (Access + Refresh tokens)
- Secure cookies (
httpOnly,sameSite,secure) - Centralized authentication middleware
- Clean controller-service separation
- Reusable
asyncHandlerfor async safety - Unified response format using
ApiResponse - Centralized error handling using
ApiError
- Node.js – Runtime
- Express.js – API framework
- MongoDB + Mongoose – Database & ODM
- JWT – Authentication
- bcrypt – Password hashing
- dotenv – Environment variables
- cookie-parser – Cookie handling
- CORS – Cross-origin support
backend/
│
├── controllers/ # Request handling & business logic
│
├── models/ # Mongoose schemas
│ ├── user.model.js
│ ├── course.model.js
│ ├── module.model.js
│ ├── lesson.model.js
│ └── enrollment.model.js
│
├── middlewares/ # Custom Express middlewares
│ ├── auth.middleware.js
│ └── error.middleware.js
│
├── utils/ # Utility helpers
│ ├── ApiError.js
│ ├── ApiResponse.js
│ └── asyncHandler.js
│
├── routes/ # API route definitions
├── db/ # MongoDB connection
├── server.js # Express app configuration
└── index.js # Server bootstrap-
Uses simple, human-readable error messages for frontend display
-
All errors pass through a global error middleware
-
Designed for easy future upgrade to:
- Error codes
- Localization
- Structured error logging
This project is intentionally designed to scale:
-
Easy to add:
- New roles
- New LMS features (quizzes, certificates, payments)
- New APIs
-
Clean separation of concerns
-
Consistent patterns across controllers, models, and routes
✅ User Management
✅ Course Management
✅ Modules & Lessons
✅ Enrollment System
✅ Role-Based Access Control
Made by Rajendra Behera
Email: rajendrabehera8116@gmail.com
LinkedIn: /behera-rajendra
GitHub: /BRajendra10
Frontend: EdTech-Frontend
Backend: EdTech-Backend