"Progress" is a pairing between worksheets and learners.
Get information about a user.
update a user
Log in as the given user. Password is sent in the Authorization: Basic header. Responds by returning a token in the body containing a
JWT.
Log in as the given user. Password is sent in the Authorization: Basic header. Responds by setting a cookie containing a JWT.
Retrieve or record progress on this worksheet.
Fetch page state for the given worksheet and user; this establishes a diffsync shadow, tied to the given uuid.
(The storage event fires when other tabs makes changes to localStorage. This is quite handy for communication purposes.)
The server stores page state in mongo, but the shadows are stored in redis.
Fetch the global page state for the given worksheet.
Submit a jsondiffpatch, and receive a jsondiffpatch to apply.
The request body consists of the output of jsondiffpatch.diff, with
a header Doenet-Shadow-Checksum which is the shadow's object-hash.
By sending empty PATCHes, a client can poll the server for changes to page state. (These also serve as heartbeats.)
Submit a jsondiffpatch for the global page state for the given worksheet, and receive a jsondiffpatch to apply.
Record a learner event (meaning an xAPI statement) for the given worksheet.
Get a specific learner event.
Get (an unspecified number of) recent events for the given learner.
Create or delete a course; the current user becomes an "instructor" when creating a course.
Get a list of instructors in a course.
Add an instructor in a course; only an instructor is permitted to add other instructors.
Remove an instructor from a course.
Get a list of learners enrolled in a course.
Get a list of all courses a learner is enrolled in.
Get a list of all courses an instructor is teaching.
Disenroll a student from the course.
Enroll a student in a course; students can enroll themselves in a course.
Get a list of scores for all the learners and worksheets.
Create a new worksheet
view all the assignments for the course
add or update or delete a worksheet to a course
assignments have deadlines (and exceptions)
A "worksheet" is identified by the base64-encoded sha-256 hash of
window.location.href encoded as a utf-8 string. (Why use hashes?
Eventually, a worksheet would be the hash of the content itself -- as
loaded from say IPFS.)
A learner is a user, and it could be me meaning the current user
(i.e., from the cookie), could be an email address (meaning a string
containing @) which must be globally unique, or a base64 (mongo) id.
When POSTing to /learners/me/worksheets/:worksheet/progress, it is
possible that there is no JWT cookie. In this case, we manufacture a
"guest" user (with no password...) and set the cookie.
A guest user has no ability to log in (e.g., a guest has no password!) and depends entirely on the JWT token as proof-of-identity.