T

Take Your Quiz

A simple and easy to use customizable quiz platform where you can create a quiz by uploading the pdf of the questions. You can save your performance so that you can review it later.

37
T

Take Your Quiz

A simple and easy to use customizable quiz platform where you can create a quiz by uploading the pdf of the questions. You can save your performance so that you can review it later.


The problem Take Your Quiz solves

  • This website can be used to generate a quiz by uploading a pdf which would contain the questions for the quiz.
  • The correct answers for the quiz need to be manually entered by the person generating the quiz.
  • The same quiz can be tested and the results will be saved.
  • It allows the user to quickly generate a quiz which saves time and is completely customizable which means the user will decide the no. of questions he wants to attend and the time they want to spend on each question.
  • It is especially useful for students preparing for exams who want to improve their speed and accuracy in a time constrained environment.
  • To use this website user will have to create their account which will be password protected ensuring security to the user data.
  • Saved result can be viewed later and the data can also be erased if user wishes to re-attempt the quiz.
  • More features like grouping of quizes and competing with friends are in production.

Challenges I ran into

  • One specific problem for this application was the storage of JWT tokens on the frontend. JWT tokens are generated on the backend. Cookies or session storage are vulnerable to fisching attacks on the frontend.
  • Thus, to safely use a jwt token, I created a read-only cookie and saved my token there. I called it access token.
  • The problem with a read-only token is that it also cannot be accessed by the user.
  • So another jwt token is created called refresh token every 15 minutes upon verifying the access token which is then used for all the api calls.
  • The benefit of using it is that even if a hacker gets hold of refresh token, he can only access the account for 15 minutes. The access token is safe as it is a read-only cookie.
  • This increases the security of the code.

Discussion