Skip to content

BE_18 - Session QR Generation #44

New issue
New issue
Open
Open
BE_18 - Session QR Generation#44
Labels
backendbackend stuff
@notjackl3

Description

@notjackl3
notjackl3
opened on Feb 14, 2026

Summary

Implement QR code generation for session registration URLs to enable quick mobile registration.
[Estimated hours: 2-3]

Objectives

  • Create GET /api/sessions/[sessionId]/qr endpoint
  • Generate QR codes encoding session registration URL
  • Support multiple output formats (SVG, PNG, data URL)
  • Add customization options (size, colors)
  • Implement caching for generated QR codes

Description

Professors need to display QR codes in class (first day, syllabus, slides) for students to quickly register for the semester-long session on their mobile devices. Scanning the QR code opens the session registration page with the code pre-filled.

Technical Details

File Structure

src/app/api/sessions/[sessionId]/qr/
└── route.ts                      # GET QR code handler

src/lib/
├── qrCode.ts                     # QR code generation logic
│   Functions:
│   - generateQRCode(url, options)
│   - generateSessionJoinQR(sessionId, joinCode, options)
│   - getCachedQR(sessionId, options)
│   - cacheQR(sessionId, options, data)
└── qrCodeValidation.ts           # Validation for QR operations
    Functions:
    - validateQROptions(options)
    - validateSessionForQR(sessionId, userId)

Acceptance Criteria

  • QR code encodes full registration URL (e.g., https://app.example.com/join/ABC123)
  • SVG format returns valid SVG with correct Content-Type header
  • PNG format returns valid PNG with correct Content-Type header
  • Data URL format returns JSON with base64-encoded image
  • Size parameter works (64-1024 pixels, default 256)
  • Invalid size returns 400 (< 64 or > 1024)
  • Margin parameter works (0-10 modules, default 2)
  • Dark/light color parameters work (valid hex colors)
  • Invalid color format returns 400
  • Only session creator (professor) can generate QR codes (403 for others)
  • Non-existent session returns 404
  • Generated QR codes are cached in Redis (1 hour TTL)
  • Cache key includes options hash for different configurations
  • Same request returns cached result within TTL
  • Code regeneration invalidates cached QR codes
  • Rate limited to 20 requests per minute per user
  • QR code scannable by standard phone camera apps
  • Error correction level 'M' allows ~15% damage tolerance
  • Join URL uses NEXT_PUBLIC_APP_URL environment variable
  • Follow existing validation pattern (ValidationResult interface)
  • Error messages follow existing API error format

Metadata

Metadata

Assignees

No one assigned

    Labels

    backendbackend stuff

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions