Skip to content

Implement Certificates feature#67

Open
Ananya44444 wants to merge 2 commits into
alphaonelabs:mainfrom
Ananya44444:cert
Open

Implement Certificates feature#67
Ananya44444 wants to merge 2 commits into
alphaonelabs:mainfrom
Ananya44444:cert

Conversation

@Ananya44444

@Ananya44444 Ananya44444 commented Jun 9, 2026

Copy link
Copy Markdown
Contributor

Summary

This PR implements the Certificates feature. Students who complete an activity can generate a shareable, printable certificate of completion.

Changes

Database Schema

  • Added certificates table with id (UUID PK), enrollment_id (UNIQUE FK → enrollments), issued_at, created_at
  • Added idx_certificates_enrollment index for fast lookup by enrollment
  • Added corresponding DDL to _DDL list in worker.py for /api/init bootstrap
  • Added migration migrations/0005_add_certificates.sql

API Endpoints (src/worker.py)

  • POST /api/certificates/generate/:enrollment_id : authenticated; owner or activity host can generate; validates status == 'completed'; idempotent (returns 409 with existing UUID if already issued); sends certificate_issued notification on success
  • GET /api/certificates/:uuid : public endpoint; returns student_name, activity_title, issued_at, enrollment_id; decrypts student name via AES-256-GCM
  • Exposed enrollment.id in GET /api/activities/:id response to support certificate generation from the frontend

Certificate Page (public/certificate.html)

  • Displays student name, activity title, issue date, and certificate ID
  • QR code (via qrcodejs) links to the certificate URL for verification
  • Share buttons for LinkedIn (pre-filled caption via /shareArticle) and Twitter/X
  • Download as PDF available

Activity Page (public/activity.html)

  • Added Certificate section in the About card (sidebar)
  • Shows green "Generate Certificate" button when enrollment.status === 'completed'
  • Shows disabled grey button with unlock message when enrollment is not yet completed
  • Handles 200 (new certificate), 409 (existing certificate), and error states; opens certificate page in a new tab on success

Notes

  • Certificate generation is idempotent : calling the endpoint multiple times for the same enrollment always returns the same UUID
  • The GET /api/certificates/:uuid endpoint is intentionally public so anyone with the link can verify a certificate without logging in
  • All existing tests pass (291 passed, 0 failures)

Certificates Feature Implementation

This PR introduces a complete certificates feature enabling students to generate, view, and share printable completion certificates for finished activities.

Key Changes

Database & API Backend (src/worker.py, schema.sql)

  • New certificates table with unique enrollment-based records and automatic cleanup on enrollment deletion
  • POST /api/certificates/generate/:enrollment_id: Authenticated endpoint to issue certificates with idempotent behavior (returns 409 if already issued); validates enrollment completion and permission checks
  • GET /api/certificates/:uuid: Public endpoint returning decrypted student name, activity title, and issue date for verification
  • Activity detail response now includes enrollment.id to support frontend certificate generation

Frontend Certificate Display (public/certificate.html)

  • Standalone certificate page displaying student name, activity title, issue date, and unique certificate ID
  • Generates QR code for certificate verification and social sharing buttons (LinkedIn, Twitter/X)
  • PDF download functionality via print dialog with print-optimized layout
  • Error handling for missing or invalid certificates

Activity Integration (public/activity.html)

  • New "Certificate" section in activity sidebar showing status-based UI:
    • Green "Generate Certificate" button for completed enrollments
    • Disabled button with unlock message for in-progress enrollments
  • Handles certificate generation workflow: validates authentication, calls API, opens new tab on success
  • Proper error messaging and state management during generation

Impact

  • User Experience: Students can now generate official certificates upon activity completion, shareable via QR code and social platforms with printable/PDF output
  • Functionality: Idempotent certificate generation prevents duplicates; public verification endpoint enables certificate validation without authentication
  • Code Quality: All tests pass (291 passed)

Copilot AI review requested due to automatic review settings June 9, 2026 19:17
@coderabbitai

coderabbitai Bot commented Jun 9, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@Ananya44444, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 43 minutes and 59 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository: alphaonelabs/coderabbit/.coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 216eb4d1-f77f-425d-8711-c4f1fb9c151d

📥 Commits

Reviewing files that changed from the base of the PR and between 8d78df6 and 56599d5.

📒 Files selected for processing (3)
  • public/activity.html
  • public/certificate.html
  • src/worker.py

Walkthrough

This PR implements end-to-end certificate support: a database table for persistence, backend endpoints for generation (with auth and enrollment validation) and retrieval (with decryption), activity page UI to trigger generation, and a standalone certificate display page with QR codes, sharing, and print-to-PDF.

Changes

Certificate Issuance and Display

Layer / File(s) Summary
Database schema and models
schema.sql, src/worker.py
New certificates table stores per-enrollment certificate records with unique enrollment_id foreign key and cascade deletion. DDL definitions include matching table and index for enrollment lookups.
Certificate API endpoints
src/worker.py
POST /api/certificates/generate/{enrollmentId} validates enrollment completion and auth, prevents duplicate certificates, persists record, and sends notification; GET /api/certificates/{uuid} retrieves certificate metadata with decrypted student name. Activity detail response includes enrollment ID.
Activity page certificate integration
public/activity.html
Certificate UI section added to activity sidebar. Client maintains currentEnrollment state during activity load and calls generateCertificate() to POST to generation endpoint, handling success by opening certificate view and errors by displaying messages.
Certificate display page
public/certificate.html
Standalone page loads certificate by UUID query parameter, renders both screen and print layouts, generates QR code for verification, constructs LinkedIn/Twitter share links, and supports print-to-PDF via window.print(). Dark mode and error handling included.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and concisely summarizes the main change: implementing a complete certificates feature across frontend, API, and database.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Adds certificate issuance and verification support for completed activity enrollments, including persistence, API endpoints, and UI for generating/downloading certificates.

Changes:

  • Adds certificates table + related index via schema + migration + runtime bootstrap.
  • Adds API endpoints to generate a certificate for an enrollment and to fetch certificate details by UUID.
  • Adds UI in activity details to generate certificates and a new certificate page with print/PDF and share features.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
src/worker.py Creates certificates table/index at startup and adds certificate generate/fetch APIs + routing.
schema.sql Adds certificates table and index to the base schema.
migrations/0005_add_certificates.sql Introduces migration to create certificates table and index.
public/activity.html Adds certificate section in activity UI and calls certificate generation endpoint.
public/certificate.html Adds certificate viewer/print page that fetches certificate details and renders QR/share links.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/worker.py
Comment thread src/worker.py
Comment thread src/worker.py Outdated
Comment thread schema.sql
Comment thread public/certificate.html

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@public/certificate.html`:
- Around line 101-103: The <button id="download-btn"> currently lacks an
explicit type which can cause unintended form submission; update the button
element with type="button" (i.e., add the type attribute to the element with id
"download-btn") so it’s explicitly a non-submit button and defensive against
future wrapping in a <form>.
- Around line 197-200: The showError function currently assigns HTML into
document.getElementById('status').innerHTML which risks XSS; change it to set
the element's textContent to the message and apply the styling classes directly
(e.g., set element.className or use classList.add with "text-red-600
dark:text-red-400 font-semibold") so the visible styling is preserved without
injecting HTML; update the showError function to get the status element, set
statusEl.textContent = message, and then set statusEl.className (or classList)
accordingly.

In `@src/worker.py`:
- Around line 1556-1607: Replace the direct use of uuid.uuid4() in
api_generate_certificate with the project's helper new_id() for consistent ID
generation: change the creation of cert_uuid (currently cert_uuid =
str(uuid.uuid4())) to call new_id() so the rest of the insertion and response
logic (INSERT INTO certificates and returned cert_uuid) continue to work
unchanged; ensure you import or reference new_id() the same way other modules do
if not already available in this file.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository: alphaonelabs/coderabbit/.coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 50d78876-72e2-47f4-a2a7-9a7127d96a83

📥 Commits

Reviewing files that changed from the base of the PR and between 997b01e and 8d78df6.

⛔ Files ignored due to path filters (1)
  • migrations/0005_add_certificates.sql is excluded by !**/migrations/**
📒 Files selected for processing (4)
  • public/activity.html
  • public/certificate.html
  • schema.sql
  • src/worker.py

Comment thread public/certificate.html Outdated
Comment thread public/certificate.html
Comment thread src/worker.py
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants