Lumina Learning

A full-stack EdTech platform — vibe coded for learning, built with real-world architecture.

⚠️ Disclaimer: This is a personal learning & practice project, vibe coded to explore full-stack development. Not affiliated with, endorsed by, or connected to luminalearning.com in any way.

• Overview
• App-Overview
• Tech Stack
• Architecture
• Key Features
• Security
• Redis & Session Management
• Search & Discovery
• Getting Started
• Diagnostics & Inspection
• CI/CD Pipeline
• Observability
• AI Log Analyzer
• Contributing

Lumina Learning is a vibe-coded, full-stack EdTech platform built purely for learning purposes. The goal was simple — take a real-world project idea and build it properly, with production-grade patterns: Redis sessions, Docker containerization, secure auth, and a dynamic React frontend.

No shortcuts. No tutorials copy-pasted. Just vibes, curiosity, and a lot of debugging. 🚀

graph TD
    User((User Browser)) -->|HTTPS / JSON| App[Express + Vite Server]

    subgraph Application_Layer
        App --> Auth[Auth & Session Logic]
        App --> API[Course & Enrollment API]
        Auth -->|Sanitize| Env[Environment Utility]
    end

    subgraph Data_Persistence
        Auth -->|Custom Store| Redis[(Redis 7 - Sessions)]
        API -->|SQL| DB[(PostgreSQL - Data)]
    end

    subgraph Frontend_SPA
        Vite[Vite Dev Server] -->|HMR / Assets| User
        React[React 19 UI] -->|State Management| User
    end

Standard session libraries (e.g., connect-redis) fail to communicate correctly with Redis 7 in Docker environments, producing ERR syntax error at runtime.

Solution: A fully custom Redis Session Store was implemented directly in the backend, using native Redis commands (SET key value EX seconds) rather than library abstractions.

Result:

• ✅ 100% compatibility with Redis 7
• ✅ Zero session-save failures
• ✅ Full control over TTL and serialization

Docker environments can silently introduce bugs when .env files contain literal quote characters in connection strings, causing the app to fail on startup.

Solution: A cleanEnv utility automatically sanitizes all configuration strings — DATABASE_URL, REDIS_URL, etc. — before the application consumes them.

Result:

• ✅ Prevents malformed connection strings
• ✅ Works reliably across all host environments
• ✅ Zero manual debugging of quote-escaping issues

Instead of leaking a "User already exists" error (which enables account enumeration attacks), the auth layer intelligently detects an existing account and logs the user in silently.

Result:

• ✅ Improved security posture — no account enumeration
• ✅ Better UX — no confusing errors on duplicate registration

Security is baked into the core of the application, not added as an afterthought.

Note: Rotating SESSION_SECRET is a hard logout for all users. This is intentional behavior for incident response.

Redis serves as the short-term memory of the application — purpose-built for fast session lookups and stateless horizontal scaling.

1.  User submits credentials  →  POST /api/auth/login
2.  Server validates password against PostgreSQL (bcrypt compare)
3.  Server generates a unique Session ID (sid)
4.  Server stores { userId: 1 } in Redis  →  key: sess:<sid>
5.  Server sends sid to browser in a signed, HttpOnly cookie
6.  On every subsequent request:
        Browser sends cookie
          → Server reads sid
          → Server fetches userId from Redis  (sub-millisecond)
          → Request is authenticated ✓

The platform features a dynamic, real-time course search built entirely on the client — no page reloads, no server round-trips.

User types in search box
        ↓
Client-side filter executes on `courses` state (zero API calls)
        ↓
Algorithm scans: Title · Description · Category
        ↓
Results update instantly on every keystroke

• Real-time filtering — results appear as you type
• Multi-field matching — searches title, description, and category simultaneously
• Case-insensitive — React matches react, REACT, and ReAcT
• Zero-state handling — a dedicated "No results found" view renders when the query returns nothing

• Docker & Docker Compose
• Node.js v18+ (for local development without Docker)

git clone https://github.com/nafisrahman006/lumina-ed.git
cd lumina-ed

cp .env.example .env

Open .env and fill in your values: Generate a Secure Session Secret

node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"

Copy the output

⚠️ Do not wrap values in quotes inside .env files. The cleanEnv utility handles sanitization, but bare values are always preferred.

docker compose up --build

The platform will be available at http://localhost:3000

Use these commands to inspect the live state of the application at runtime.

docker exec -it edtech-platform-db psql -U edtech_user -d edtech_db \
  -c "SELECT id, email, name FROM users;"

docker exec -it edtech-platform-redis redis-cli keys "*"

docker exec -it edtech-platform-redis redis-cli get "sess:YOUR_SESSION_ID"

docker exec -it edtech-platform-db psql -U edtech_user -d edtech_db -c "
SELECT
    u.name    AS student_name,
    u.email,
    c.title   AS course_name,
    e.enrolled_at
FROM enrollments e
JOIN users u ON e.user_id = u.id
JOIN courses c ON e.course_id = c.id
ORDER BY e.enrolled_at DESC;"

# Wipe PostgreSQL
docker exec -it edtech-platform-db psql -U edtech_user -d edtech_db \
  -c "TRUNCATE users, courses, lessons, enrollments RESTART IDENTITY CASCADE;"

# Wipe Redis
docker exec -it edtech-platform-redis redis-cli FLUSHALL

⚠️ Irreversible. Use only in development or staging environments.

Built with GitHub Actions, Docker, and Trivy security scanning.

flowchart LR
    A[Push to dev] --> B[🔍 Lint]
    B --> C[🧪 Test]
    C --> D[🔀 Auto PR]
    D --> E[✅ Merge to main]

flowchart LR
    A[Push to docker] --> B[🐳 Docker Build]
    B --> C[🛡️ Trivy Scan]
    C --> D[🔀 Auto PR]
    D --> E[✅ Merge to main]

flowchart LR
    A[git tag v1.0.0] --> B[🐳 Docker Build]
    B --> C[📦 Push to Docker Hub]
    C --> D[✅ lumina-learning:v1.0.0]

The platform includes a comprehensive observability stack built with Prometheus, Grafana, and industry-standard exporters to monitor system health, metrics, and performance in real-time.

Exporters (cAdvisor, Redis, Node) 
        ↓
  Prometheus (Scrapes every 15s)
        ↓
  Grafana (Visualizes & Alerts)
        ↓
   Dashboards & Analytics

The platform comes pre-configured with Grafana dashboards for:

• System Health — CPU, memory, disk usage
• Container Metrics — Application container performance
• Redis Monitoring — Key counts, memory usage, command latency
• Application Uptime — Service availability and response times

Real-time monitoring dashboards showing system metrics, container performance, and application health powered by Prometheus.

Redis exporter providing detailed metrics including key counts, memory consumption, command latency, and eviction statistics.

1. Prometheus (raw metrics): http://localhost:9090
2. Grafana (dashboards): http://localhost:3001
   • Default credentials: admin / admin
   • Pre-configured datasource: Prometheus (http://prometheus:9090)

Prometheus scrapes metrics every 15 seconds from the following targets:

# Prometheus → Targets
- localhost:9090        # Prometheus itself
- edtech-cadvisor:8080  # Container metrics
- edtech-redis-exporter:9121   # Redis stats
- edtech-node-exporter:9100    # Host metrics

Configuration file: observability/prometheus.yml

The platform includes an AI-powered sidecar container that watches Docker logs in real time, detects errors, and sends an instant analysis to Slack — with zero changes to the application source code.

flowchart TD
    A[edtech-platform-app] -->|stdout/stderr| B[Docker Log Stream]
    B -->|watched by| C[ai-analyzer sidecar]
    C --> D{Is it an ERROR?}
    D -->|No| E[Ignored]
    D -->|Yes| F[🧹 Sanitize Log]
    F -->|remove emails, passwords, IPs, tokens| G[Clean Log]
    G -->|send to| H[Google Gemini 2.0 Flash]
    H -->|analysis| I[🔴 Root Cause + 🔧 Fix + 💡 Code]
    I --> J[📨 Slack Alert]
    I --> K[Docker Logs]

Docker Compose Stack
├── edtech-platform-app     ← app
├── edtech-platform-db      ← PostgreSQL
├── edtech-platform-redis   ← Redis
└── edtech-ai-analyzer      ← sidecar (reads app logs via docker.sock)
        │
        ├── Mounts: /var/run/docker.sock  (read-only access to Docker logs)
        ├── No ports exposed
        └── No changes to app container needed

Before any log is sent to Gemini, all sensitive data is automatically stripped:

Gemini only ever sees the error type and stack trace — never real credentials or user data.

Add to .env:

GEMINI_API_KEY=your_key_here        
SLACK_WEBHOOK_URL=your_webhook_here 

View analyzer logs:

docker logs edtech-ai-analyzer

This is a personal learning project, but PRs and suggestions are always welcome!

1. Fork the repository
2. Create your feature branch: git checkout -b feature/your-feature-name
3. Commit your changes: git commit -m 'feat: describe your change'
4. Push to the branch: git push origin feature/your-feature-name
5. Open a Pull Request

Please follow Conventional Commits for all commit messages.