A backend API for managing students, faculty, courses, enrollments, and grades in an educational institution.
Built with FastAPI, SQLAlchemy, and SQLite, featuring JWT-based authentication and role-based access control (RBAC).
- FastAPI – web framework for building high-performance APIs.
- SQLAlchemy ORM – database ORM and query abstraction.
- SQLite – development database (switchable via
DATABASE_URL). - Pydantic – request/response validation and settings.
- JWT – authentication using OAuth2 password flow.
- pytest – automated tests.
- Docker – containerization and deployment.
-
app/main.py- Creates the FastAPI app, initializes the database, registers routers and error handlers, configures CORS.
-
app/api/– Route modules:users.py– registration, login, role/admin operations, password changes, enable/disable user.students.py– CRUD for students, view of student grades.faculty.py– CRUD for faculty.courses.py– CRUD for courses, filtering by faculty and other criteria.enrollments.py– CRUD for enrollments, grade assignment, and course-grade reports.
-
app/models/– SQLAlchemy models:User,Student,Faculty,Course,Enrollment.
-
app/schemas/– Pydantic schemas:- Request/response models ensuring type-safe validation and clear API contracts.
-
app/db/database.py- Database engine,
SessionLocal,Base, andget_dbdependency.
- Database engine,
-
app/core/security.py- Password hashing, JWT creation/verification, and authentication dependencies.
-
app/core/config.py- Application settings loaded from
.envvia Pydantic settings.
- Application settings loaded from
-
app/core/error_handlers.py- Centralized custom exception and error handling.
-
tests/– pytest test suite:- Covers users, students, faculty, courses, and enrollments.
-
Dockerfile,.dockerignore- Container build and run setup.
git clone cd CourseEnrollement
text
python -m venv venv
Windows venv\Scripts\activate
Linux/Mac source venv/bin/activate
pip install --upgrade pip pip install -r requirements.txt
text
Create a .env file in the project root:
DATABASE_URL=sqlite:///./course_enrollment.db SECRET_KEY=your_secret_key_here ACCESS_TOKEN_EXPIRE_MINUTES=30
text
Start the server with:
uvicorn app.main:app --reload
text
Open the interactive API documentation (Swagger UI):
http://127.0.0.1:8000/docs
You can explore and test all endpoints directly from Swagger.
docker build -t course-enrollment-api .
text
docker run -d --name courseenroll -p 8000:8000 --env-file .env course-enrollment-api
text
The API will be available at:
http://localhost:8000/docs
The system uses JWT-based authentication with the OAuth2 password flow.
Each User has:
usernameemailpassword(stored as a hashed value)role– one of:adminfacultystudent
POST /users/– Register user (admin, faculty, student).POST /token– Login; returns a JWTaccess_token.
Use the token as:
Authorization: Bearer <access_token>
text
in protected endpoints.
Admin can:
- Manage (CRUD) students, faculty, courses, enrollments.
- Manage users: list, get details, change role, enable/disable.
- Cannot directly enroll as a student.
Faculty can:
- View enrollments for their courses.
- Assign/update grades for enrollments in their courses.
Student can:
- View list of available courses.
- Enroll in courses (via API/admin assistance, depending on flow).
- View their own grades via student-grade endpoints.
POST /users/– Register a new user.POST /token– Login and get JWT token.GET /users/– List all users (admin only).GET /users/{user_id}– Get user by ID (admin only).PATCH /users/{user_id}/role– Update user role (admin only).POST /users/{user_id}/disable– Disable a user account (admin only).POST /users/{user_id}/enable– Enable a disabled user (admin only, if implemented).POST /users/{user_id}/change-password– Change password (self; admin can override old password).
POST /students/– Create student profile.GET /students/– List students with pagination and filters.
Returns: { "total": , "items": [ ...students... ] }
text
GET /students/{student_id}– Get a specific student.PUT /students/{student_id}– Update student.DELETE /students/{student_id}– Delete student (admin only).GET /students/{student_id}/grades/– Get all courses + grades for this student.
POST /faculty/– Create faculty.GET /faculty/– List faculty.GET /faculty/{faculty_id}– Get specific faculty.PUT /faculty/{faculty_id}– Update faculty.DELETE /faculty/{faculty_id}– Delete faculty (admin only).
POST /courses/– Create course (requiresfaculty_id).GET /courses/– List courses (pagination and optional filters, e.g., byfaculty_id).GET /courses/{course_id}– Get course details.PUT /courses/{course_id}– Update course.DELETE /courses/{course_id}– Delete course (admin only).
POST /enrollments/– Enroll a student in a course (prevents duplicate enrollments).GET /enrollments/– List enrollments with pagination and filters.
Returns: { "total": , "items": [ ...enrollments... ] }
text
GET /enrollments/{enrollment_id}– Get specific enrollment.DELETE /enrollments/{enrollment_id}– Delete enrollment (admin only).PUT /enrollments/{enrollment_id}/grade– Assign or update grade (faculty/admin).GET /enrollments/filter/– Filter enrollments bystudent_idand/orcourse_id.GET /enrollments/reports/course/{course_id}/grades– Report of students + grades for a course (admin/faculty).
For list endpoints (students, courses, enrollments):
-
Response structure:
-
total: total number of matching records. -
items: list of records on the current page. -
Query parameters:
-
skip– offset (how many records to skip). -
limit– page size. -
Additional filters depending on resource (e.g.,
faculty_idfor courses,student_idfor enrollments, etc.).
Run all tests with:
pytest
text
The test suite covers:
- User registration, login, role checks, profile and password updates.
- CRUD operations for students, faculty, courses, enrollments.
- Enrollment uniqueness and grade assignment logic.
- Pagination structure (
total+items) and basic filtering behavior.
All current tests pass.
- PDF or downloadable grade reports.
- Advanced statistics and analytics (per course, per student, etc.).
- More detailed documentation with diagrams and screenshots.
- Additional roles or permissions (e.g., department head, parent view).