rotempasharel1
diff --git a/‎README.md‎
Lines changed: 82 additions & 53 deletions b/‎README.md‎
Lines changed: 82 additions & 53 deletions
diff --git a/‎docs/EX2-notes.md‎
Lines changed: 6 additions & 5 deletions b/‎docs/EX2-notes.md‎
Lines changed: 6 additions & 5 deletions
diff --git a/‎docs/EX3-notes.md‎
Lines changed: 59 additions & 55 deletions b/‎docs/EX3-notes.md‎
Lines changed: 59 additions & 55 deletions
@@ -1,58 +1,78 @@
-# EduBuilder — EX1 to EX3 Submission
+# EduBuilder - EX1 to EX3 Submission
 
-EduBuilder is a small, local-first product built around one consistent domain: **learning plans**.
+EduBuilder is a small, local-first product built around one consistent domain: **learning plans**. The same domain is reused through EX1, EX2, and EX3 so the repository can be graded as one incremental product.
 
-The repository is organized so you can present the project as three incremental exercises:
+## Quick setup
 
-- **EX1** — a clean FastAPI CRUD backend with in-memory storage
-- **EX2** — a lightweight Streamlit frontend that reuses the EX1 API as-is
-- **EX3** — a fuller local stack with SQLite/SQLModel persistence, JWT auth, Redis-backed rate limiting, a background worker, tests, Docker Compose, and runbooks
+### Create the `uv` environment
 
-> Older experimental files can remain as non-grading extras.  
-> For grading, use the files listed below.
+```bash
+uv venv
+source .venv/bin/activate
+uv pip install -r requirements.txt
+```
 
----
+On Windows PowerShell:
 
-## Assignment mapping
+```powershell
+uv venv
+.\.venv\Scripts\Activate.ps1
+uv pip install -r requirements.txt
+```
 
-### EX1 – FastAPI Foundations
-Use these files for the EX1 grading scope:
+## Exercise map
+
+### EX1 - FastAPI Foundations
+
+Main files:
 
 - `poseai_backend/main_ex1.py`
 - `tests/test_ex1_api.py`
 - `docs/EX1-notes.md`
 
-What EX1 includes:
+Run EX1:
+
+```bash
+uv run uvicorn poseai_backend.main_ex1:app --reload
+uv run pytest tests/test_ex1_api.py -q
+```
+
+EX1 delivers:
 
-- FastAPI backend
-- one core resource: `Plan`
+- FastAPI CRUD for one core resource: `Plan`
 - in-memory data layer
-- CRUD endpoints
 - Pydantic validation
-- pytest coverage using FastAPI `TestClient`
-- no authentication
-- local run instructions for the API and tests
+- pytest coverage with FastAPI `TestClient`
+- clear local run instructions
 
-EX1 scope does **not** include authentication, JWT protection, role checks, token-expiry handling, or scope validation. Those capabilities are introduced in EX3 as part of the final multi-service project.
+### EX2 - Friendly Interface
 
-### EX2 – Friendly Interface
-Use these files for the EX2 grading scope:
+Main files:
 
 - `frontend/app_ex2.py`
 - `poseai_backend/main_ex1.py`
 - `docs/EX2-notes.md`
+- `tests/test_ex2_ui.py`
 
-What EX2 includes:
+Run EX2:
 
-- Streamlit interface
-- talks to the EX1 backend as-is
-- lists existing plans immediately
-- allows adding a new plan in one screen
+```bash
+uv run uvicorn poseai_backend.main_ex1:app --reload
+uv run streamlit run frontend/app_ex2.py
+```
+
+EX2 delivers:
+
+- Streamlit interface over the EX1 `/plans` API
 - no authentication or security prompts
-- one small extra: summary metrics + CSV export
+- list existing entries immediately
+- add a new entry through a lightweight chat-style flow
+- one small extra: summary metrics and CSV export
+- automated EX2 coverage for the prompt-to-plan flow and CSV export
+
+### EX3 - Full-Stack Microservices Final Project
 
-### EX3 – Full-Stack Microservices Final Project
-Use these files for the EX3 grading scope:
+Main files:
 
 - `poseai_backend/main.py`
 - `poseai_backend/auth.py`
@@ -73,41 +93,50 @@ Use these files for the EX3 grading scope:
 - `tests/test_openapi.py`
 - `.github/workflows/ci.yml`
 
-What EX3 includes:
+Run EX3 locally:
+
+```bash
+uv run python -m scripts.migrate
+uv run python -m scripts.seed
+uv run uvicorn poseai_backend.main:app --reload
+uv run streamlit run frontend/app.py
+```
+
+Run EX3 with Docker Compose:
+
+```bash
+docker compose up --build
+```
+
+EX3 delivers:
 
 - FastAPI backend with SQLite persistence through SQLModel
 - Alembic migrations and seed script
-- Streamlit interface
+- Streamlit interface with chat-style course creation, My Courses, Shared Courses, and Admin Panel
 - Redis-backed rate limiting
-- async refresh worker with retries + idempotency
+- async refresh worker with retries and idempotency
 - JWT authentication and admin role checks
-- automated tests including worker and OpenAPI checks
-- Docker Compose orchestration for API + frontend + Redis + worker
-- a small enhancement: weekly learning-plan digest generation
-
-> Before the final submission, replace the placeholder trace block in `docs/EX3-notes.md` with a real excerpt captured locally.
-
----
+- automated tests including worker and OpenAPI coverage
+- Docker Compose orchestration for API, frontend, Redis, and worker
+- one enhancement: weekly learning-plan digest generation
 
 ## Domain model
 
-The core product resource is a **learning plan**.
+The core resource is a **learning plan**.
 
-A plan contains:
-- title
-- goal
-- cues
-- difficulty level
-- visibility (`is_public`)
+Core fields:
 
-In EX3 each plan also stores:
-- owner
-- optional weekly digest generated by the background worker
+- `title`
+- `goal`
+- `cues`
+- `level`
+- `is_public`
 
-This keeps the domain narrow and consistent through EX1–EX3.
+EX3 adds:
 
----
+- `owner`
+- `weekly_digest`
 
 ## AI Assistance
 
-AI tools were used as pair-programming aids for structure, tests, and documentation. All outputs were reviewed and verified locally before submission.
+AI tools were used as pair-programming aids for code structure, debugging, tests, and documentation. Outputs were reviewed, edited, and verified locally before submission.
@@ -1,9 +1,9 @@
-# EX2 Notes – EduBuilder Frontend
+# EX2 Notes - EduBuilder Frontend
 
 This file presents **EX2 separately** from the richer EX3 interface.
 
 ## Goal
-Show a lightweight Streamlit interface connected to the EX1 API as-is.
+Show a lightweight Streamlit interface connected to the EX1 API as-is, while keeping a chat-style creation flow.
 
 ## Files used for EX2
 - `frontend/app_ex2.py`
@@ -19,8 +19,9 @@ uv run streamlit run frontend/app_ex2.py
 ```
 
 ## What this version includes
+- reuses the EX1 `/plans` API as-is
 - lists existing plans immediately from the backend
-- allows adding a new plan in one screen
+- allows adding a new plan through a chat-style prompt in one screen
 - no authentication or security prompts
 - one small extra:
   - summary metrics for the current catalog
@@ -29,6 +30,6 @@ uv run streamlit run frontend/app_ex2.py
 ## Expected quick flow
 1. Start the FastAPI backend.
 2. Start the Streamlit frontend.
-3. Open the page and view the current catalog.
-4. Add a new plan from the form.
+3. Open the page and view the current catalog immediately.
+4. Add a new plan from the chat prompt.
 5. Optionally export the catalog to CSV.
@@ -1,66 +1,65 @@
-# EX3 Notes – EduBuilder
+# EX3 Notes - EduBuilder
 
 ## 1. Final EX3 shape
 
 EduBuilder is the final EX3 submission of a small, local-first learning-plan product.
 It keeps one narrow domain across the course exercises and combines:
 
-- a FastAPI backend,
-- SQLite persistence through SQLModel,
-- a Streamlit frontend,
-- optional Redis support for rate limiting and worker coordination,
-- and an async background worker for digest generation.
-
-The project is intentionally scoped to run on one laptop with local tools only.
+- a FastAPI backend
+- SQLite persistence through SQLModel
+- a Streamlit frontend
+- Redis support for rate limiting and worker coordination
+- an async background worker for digest generation
 
 ## 2. Services in the local architecture
 
-### 2.1 API service
+### API service
 
 Implemented in `poseai_backend/main.py`.
 
 Responsibilities:
 
-- register and login users,
-- issue JWT access tokens,
-- expose public plan browsing routes,
-- expose authenticated plan-management routes,
-- expose admin-only routes,
-- return health information,
-- include rate-limit headers when Redis is available.
+- register and login users
+- issue JWT access tokens
+- expose public plan browsing routes
+- expose authenticated plan-management routes
+- expose admin-only routes
+- return health information
+- include rate-limit headers when Redis is available
 
-### 2.2 Persistence layer
+### Persistence layer
 
 Implemented with SQLite + SQLModel + Alembic.
 
 Responsibilities:
 
-- persist users and plans locally,
-- keep the schema reproducible through migrations,
-- allow clean local setup without committing a database artifact.
+- persist users and plans locally
+- keep the schema reproducible through migrations
+- allow clean local setup without committing a database artifact
 
-### 2.3 Frontend service
+### Frontend service
 
 Implemented in `frontend/app.py`.
 
 Responsibilities:
 
-- browse shared plans quickly,
-- register and sign in,
-- create, edit, and delete personal plans through the backend,
-- keep the user flow simple enough for a short demo.
+- browse shared plans quickly
+- register and sign in
+- create, edit, and delete personal plans through the backend
+- keep the user flow simple enough for a short demo
+- preserve the chat-style course creation experience
 
-### 2.4 Worker service
+### Worker service
 
 Implemented in `scripts/refresh.py`.
 
 Responsibilities:
 
-- scan public plans,
-- generate a weekly digest,
-- retry transient failures,
-- prevent duplicate work with Redis-backed idempotency keys when Redis is enabled,
-- keep concurrency bounded.
+- scan public plans
+- generate a weekly digest
+- retry transient failures
+- prevent duplicate work with Redis-backed idempotency keys
+- keep concurrency bounded
 
 ## 3. Compose orchestration
 
@@ -71,31 +70,29 @@ The repository includes `compose.yaml` with these cooperating services:
 - `redis`
 - `worker`
 
-This satisfies the EX3 requirement for a local multi-service stack that can be launched with Docker Compose.
-
-For daily local development, the API can also run without Docker by setting `DISABLE_REDIS=1`.
+This satisfies the EX3 requirement for a local multi-service stack launched with Docker Compose.
 
 ## 4. Async refresher deliverable
 
 The async refresher is implemented in `scripts/refresh.py`.
 
 It includes:
 
-- bounded concurrency via `anyio.CapacityLimiter`,
-- retry handling for transient failures,
-- Redis-backed idempotency keys,
-- worker settings through environment variables,
-- automated coverage with a `pytest.mark.anyio` worker test.
+- bounded concurrency via `anyio.CapacityLimiter`
+- retry handling for transient failures
+- Redis-backed idempotency keys
+- worker settings through environment variables
+- automated coverage with a `pytest.mark.anyio` worker test
 
 ## 5. Security baseline
 
 The EX3 security baseline in this project includes:
 
-- hashed credentials,
-- JWT-protected create / update / delete plan flows,
-- role-aware authorization for admin-only endpoints,
-- tests that cover expired tokens,
-- tests that cover missing scope / missing permissions.
+- hashed credentials
+- JWT-protected create, update, and delete plan flows
+- role-aware authorization for admin-only endpoints
+- tests that cover expired tokens
+- tests that cover missing scope and missing permissions
 
 ### JWT secret rotation steps
 
@@ -131,21 +128,28 @@ uv run streamlit run frontend/app.py
 
 ## 9. Trace excerpt
 
-Paste the real local excerpt below after running:
-
-```bash
-uv run python scripts/capture_trace_excerpt.py
+The block below is intended to be refreshed locally with `uv run python scripts/capture_trace_excerpt.py`.
+It now records both the HTTP health checks and a small Redis trace tied to the worker/idempotency flow.
+
+<!-- TRACE_EXCERPT_START -->
+```text
+# local-redis-trace
+GET /health -> 200
+GET /plans -> 200
+GET /plans/shared -> 200
+REDIS PING -> True
+REDIS SETEX trace:edubuilder:demo -> OK
+REDIS GET trace:edubuilder:demo -> worker-idempotency-ok
 ```
-
-[PASTE LOCAL TRACE EXCERPT HERE]
+<!-- TRACE_EXCERPT_END -->
 
 ## 10. Notes for the grader
 
 EduBuilder is intentionally local-first and limited in scope.
 The goal is not production deployment, but a tidy demonstration of:
 
-- backend + persistence + frontend integration,
-- one additional background microservice,
-- basic local security controls,
-- automated tests,
-- and reproducible local setup.
+- backend + persistence + frontend integration
+- one additional background microservice
+- basic local security controls
+- automated tests
+- reproducible local setup