mizan.dev
All work

Canadian Client · EdTech / LMS

East West College — Learning Management System

A full-featured LMS built for a Canadian college: 4-role RBAC, real-time live classes over WebSockets, Firebase push notifications, PIPEDA/GDPR compliance, and third-party integrations with Zoom, Turnitin, and Pearson MyLab.

LaravelReactWebSocketsFirebaseMySQLREST APIRBAC

Concurrent sessions

10K

RBAC roles

4

Integrations

Zoom · Turnitin · Pearson

Compliance

PIPEDA / GDPR

Overview

East West College of Business and Technology (Vancouver, Canada) needed a purpose-built Learning Management System to replace a patchwork of third-party tools. The platform serves students, instructors, college administrators, and a super-admin tier — each with distinct permissions, workflows, and dashboards — while meeting Canadian PIPEDA and GDPR data privacy requirements for international students.

4-Role RBAC Architecture

Access control is the spine of the system. Four roles are enforced at both the API middleware and UI layers:

  • Super Admin — full platform control: institution settings, user management, system-wide reporting, billing configuration.
  • Admin — manages course catalogue, enrolment, timetables, faculty assignments, and college-level analytics.
  • Instructor — creates and manages course content, assignments, grading rubrics, live sessions, and student progress tracking within their assigned courses.
  • Learner — enrols in courses, accesses content, submits assignments, joins live sessions, and views grades and certificates.

Every API endpoint is guarded by role-scoped middleware. The React frontend dynamically renders navigation and actions based on the authenticated user's role — no client-side data leakage from higher-privilege endpoints.

Real-Time Live Classes via WebSockets

Live class sessions are coordinated through a persistent WebSocket layer. Instructors broadcast session state (start, pause, end, screen-share status, hand-raise queue) to all enrolled learners in real time. Chat, Q&A, and polls run over the same channel to keep latency consistent and avoid juggling multiple connection types per session.

The system is designed to handle 10,000 concurrent sessions — load distributed across multiple application nodes with Redis pub-sub routing WebSocket messages across instances. Zoom is integrated for full video conferencing when needed; the WebSocket layer handles coordination and supplementary real-time features.

Firebase Push Notifications

All time-sensitive notifications — assignment deadlines, grade releases, live session reminders, system announcements — are delivered via Firebase Cloud Messaging. The backend queues notification jobs through Laravel's queue system, fan-out is handled by FCM, and device tokens are managed per-user with support for multiple devices. This keeps delivery reliable even when users are not logged into the web app.

Third-Party Integrations

The platform integrates with three external academic services that the college already relies on:

  • Zoom — instructors schedule and launch video sessions directly from the LMS dashboard; meeting links and recordings are surfaced to enrolled learners automatically.
  • Turnitin — assignment submissions are forwarded to Turnitin's similarity-check API; originality reports are retrieved asynchronously and surfaced in the instructor's grading view.
  • Pearson MyLab — course-linked MyLab activities are embedded via deep-link SSO; completion and grade data sync back to the LMS gradebook through the Pearson API.

PIPEDA & GDPR Compliance

The college serves domestic Canadian students (PIPEDA) and international students from the EU and UK (GDPR). Compliance requirements shaped several technical decisions: data residency controls, explicit consent flows on enrolment, right-to-erasure endpoints, audit-logged access to student PII, and encrypted storage for sensitive academic records. Privacy notices are versioned; the system tracks acceptance per user.

Course & Content Management

Instructors build courses using a structured content editor supporting video lectures, reading materials, embedded quizzes, and downloadable resources. Course content is organised into modules and lessons with configurable unlock conditions (e.g. must complete Lesson 2 before accessing Lesson 3). Assignment submission supports file upload, text entry, and external URL; all submissions are timestamped and immutable post-submission.

Tech Stack

  • Backend: Laravel, PHP 8.2, MySQL
  • Frontend: React, TailwindCSS, REST API
  • Real-time: WebSockets (Laravel Reverb), Redis pub-sub
  • Push notifications: Firebase Cloud Messaging
  • Integrations: Zoom API, Turnitin API, Pearson MyLab API
  • Compliance: PIPEDA, GDPR — consent management, audit logging, data erasure
  • Auth: JWT, role-based middleware (4 roles)