2

i am building a MCQ module(online MCQ module) for students. so here i encountered a problem regarding that i have identified a one student as one device. simply thinkin a one student is having one device for the exam. but when it comes to a local network it doesnt work due to subnet and stuff.

please help me resolving this issue. what should i do to avoid this issue? i have provided my backend down here.

the Repo class

@Repository
public interface StudentExamRepository extends 
CrudRepository<StudentExam,Long>
{

@Query(value = "select * from student_exam where exam_link_id = ?1 and 
(student_id = ?2 or attempted_ip = ?3)", nativeQuery = true)
List<StudentExam> findByExamLinkIdStudentIdAndIp( long examId, long 
studentId, String ip );
}

service class

public Boolean hasStudentAttempted( long examLinkId, long studentId, String attemptedId )
{
  return studentExamRepository.findByExamLinkIdStudentIdAndIp( examLinkId, studentId, attemptedId ).size() != 0;
}

    @RequestMapping(method = RequestMethod.GET, value = "/allowed/hasStudentAttempted")
public ResponseEntity<Boolean> hasStudentAttempted( @RequestParam long examLinkId, @RequestParam long studentId, HttpServletRequest request )
{
    return new ResponseEntity<>( studentExamService.hasStudentAttempted( examLinkId, studentId, request.getRemoteAddr() ), HttpStatus.OK );
}

controller class

@RequestMapping(method = RequestMethod.GET, value = "/allowed/hasStudentAttempted")
public ResponseEntity<Boolean> hasStudentAttempted( @RequestParam long examLinkId, @RequestParam long studentId, HttpServletRequest request )
{
    return new ResponseEntity<>( studentExamService.hasStudentAttempted( examLinkId, studentId, request.getRemoteAddr() ), HttpStatus.OK );
}
Sachintha Hewawasam
  • 843
  • 11
  • 25
  • 2
    IP addresses are dynamically assigned by DHCP servers, and laptops will connect to different DHCP servers depending on where they are, so there is no fixed relation between an IP address and a student. DHCP servers may even re-assign and re-use IP addresses at arbitrary times, so an IP can suddenly be a different student. Your design is flawed, since is builds on the incorrect assumption that IP = Student. This is why people need **logins** to identify themselves. – Andreas Oct 23 '18 at 17:10
  • 2
    this is why you need JWT token to identify each user uniquely – sam Oct 23 '18 at 17:20
  • 1
    check these links for JWT implementation .. https://www.callicoder.com/spring-boot-spring-security-jwt-mysql-react-app-part-1/ – sam Oct 23 '18 at 17:25
  • https://www.baeldung.com/spring-security-oauth-jwt – sam Oct 23 '18 at 17:26
  • https://www.baeldung.com/java-json-web-tokens-jjwt – sam Oct 23 '18 at 17:26

0 Answers0