Demo Guideline

1. Assignment 02 - Demo Marking Guideline

1.1 Primary Focus During Evaluation

• Emphasis on understanding both the code and the rationale behind development decisions.
• Evaluation of the originality and authenticity of the submitted work.
• Identifying portions of the code that lack justified reasoning or appear to be implemented without clear understanding.
• A fully functional implementation does not automatically result in full marks.
• Judging the submission based on the skills and proficiency expected for Web Application Frameworks.

1.2 Understanding of Terminology

• A solid understanding of relevant technical terms is crucial.

• Although English language skills are not being assessed, students are expected to accurately understand and use terminology related to web application frameworks.

• Be mindful of the key terms covered during the lecture and practical sessions, as these reflect the expected level of familiarity.

  IMPORTANT

  Understanding technical terminology is crucial for interpreting the questions asked during the demonstration. Make sure to pay close attention to the terms introduced in both lectures and practical sessions. The WAF-wiki is also a valuable resource for reviewing these concepts. A lack of familiarity with key terms may result in misunderstandings during the demo, potentially affecting your performance.

1.3 Importance of Practical Sessions

• Attendance at practical sessions is strongly recommended. These sessions include valuable discussions on technologies, frameworks, and key terminology.

• The content covered in practical sessions is directly relevant to your assignments and demo assessments.

• During the practical sessions, some helpful tips for preparing for the upcoming demonstration sessions are also provided.

• Students are also encouraged to ask questions about the assignment specification or their implementation if they are uncertain about any aspect.

• For example:

  • Topics like security enhancements (e.g., CSRF) are explained in detail during practicals. If you miss a session, refer to the prac tips videos available on the wiki for a recap.
  • Demo preparation tips are also shared during practicals to help students perform confidently and effectively in their assignment demos.

  VIDEO RECORDINGS

  The video recordings available on the wiki are not full recordings of the practical sessions. These videos are intended as supplementary tips to support your practical work. However, they do not capture all the in-depth discussions and explanations provided during the sessions, so important content may be missed if you do not attend in person.

1.4 Code Understanding & Justification

• Every student is expected to fully understand and explain the code they submit.

• Do not include third-party code that you cannot explain.

• If external code is used, ensure that you can justify its necessity and demonstrate comprehension with due reference.

  Third Party Sources

  “Third-party sources” refer to assistance obtained from the internet (e.g., Stack Overflow, generative AI like ChatGPT, or other online resources) or help received from another person.

  Academic Misconduct

  Including even a single line or part of a code line from third-party sources will be considered academic misconduct. What is recommended is, referring to online resources, study the code, understand it fully, and then write your own code for your submission with due reference (you may put the reference as a comment).

  This ensures that you have complete understanding of the code in case you are questioned.

1.5 Adherence to Assignment Specifications

• Submissions may strictly follow the provided specifications.

• Unspecified enhancements should be avoided unless there is a clear and justified reason for their inclusion.

• Be mindful of potential security loopholes and vulnerabilities that unspecified enhancements may introduce.

• Failure to recognize and address these issues will result in a lower score for your code understanding.

• Marks will be deducted if enhancements are included without a solid explanation.

• Simply adding enhancements does not guarantee extra marks.

  Unjustified Enhancements

  Unjustified enhancements may even lead to a reduction in marks, as using code from the internet without proper understanding and due reference is strictly against academic policies and, it is considered a academic misconduct! In certain cases, if we believe your code has parts you have borrowed from internet (including GenAI) your submission will be reported to the academic committe for further investigation.

---

2. Guidelines for Performing Well in the Demonstration

2.1 Explanation Guidelines

When explaining a specific line of code, you must:

• Explain what the code does.
• Explain the consequences of removing the code.
• Explain how the code works to achieve the intended functionality.
• Explain minimal changes required to slightly modify the behavior of the code.

2.2 Justifications

When asked for justifications,

• You must justify your code changes from different perspectives including:
  • Application perspective (why the change is necessary to meet the assignment’s functional requirements).
  • User perspective (usability, convenience, security, etc.).
• Consider scalability, maintainability, and long-term usability when justifying decisions.

2.3 Third-Party Sources

• Ensure you fully understand every line of code you include from third-party sources.

• Do not include any code you cannot explain, as it may result in your submission being reported to the academic committee for further investigation.

• Understand clearly what you can do and cannot do regarding third party sources.

• If you’re unsure about what you should do, consult your tutor. This is a sensitive issue that must be handled with great care.

  WARNING

  If you are found guilty of academic misconduct, it will not only impact your performance in this unit (WAF) but could also affect your entire degree. Please be cautious before using code from third-party sources.

  IMPORTANT

  This is a formal assessment. Once your demonstration is complete, you are strictly prohibited from speaking to other students or discussing any aspect of the demonstration question. You must leave the lab room immediately and are not allowed to wait outside or interact with others near the lab. Any breach of these instructions will be treated appropriately.

2.4 Preparation for the Demo

• Your marks will be based solely on the demonstration of your code, but not the the code you have written to implement the assignment. In other words, achieving 100% implementation of the assignment does not guarantee any marks unless you can successfully demonstrate your code!

• It is crucial that you thoroughly prepare for the demonstration before you attend the demonstration session.

• Be aware that each student is given a limited amount of time for the demonstration. (For Assignment 01, it is 15 minutes per student, but this may vary for other assignments).

• The allocated time must be used to assess the student on each criterion based on the marking guide. During the evaluation:

  • You will be asked 1 or 2 questions (depending on the available time) related to each criterion, and if you fail to answer, you will be marked accordingly as per the marking key.
  • If you take too long to answer a question due to lack of preparation, the assessor may move on to the next question, which will affect your score.
  • If you are late to your allocated session, the assessor may choose whether or not to proceed with the marking. It is important to understand that the assessor requires the full allocated time (e.g., 15 minutes for Assignment 01) to assess the student thoroughly. Therefore, late attendance may not be tolerated. In the worst case, you will need to contact UC to reschedule, or you may only be assessed on a limited number of criteria due to the reduced time available for late attendance.

• Typical Students Responses:

  • “I’m sorry, it’s been a while since I completed my assignment, and I barely remember the code to answer the question.”
  • “I’m sorry, I thought marks were mainly awarded for the code itself, and the demonstration was just to verify the code’s authenticity.”
  • “I’m Sorry, The code was working few hours ago, but it does not work now.”
  • “I’m Sorry, Im trying to setup the environment to get my webapp started.”

  NOT ACCEPTED

  Unfortunately, none of the above responses will be considered during marking. As a student, it is your responsibility to adequately prepare before the demonstration.

  Booking a Time

  • Do not remove the name once the booking is made!
  • If you are unable to attend, you must send an email to Dr. Sheik (UC) as soon as you can (preferably prior to the date your booking is made).
  • Please be responsible and professional when making bookings since there are a lot of students who wait to get a booking slot.
  • If you do not attend your booking slot nor inform Sheik prior to the booking date, you may not receive a booking time, and in the worse case you will receive a mark of 0 for your demonstration.

---

IMPORTANT

By adhering to guidelines above, students can ensure they meet assessment criteria while demonstrating a deep understanding of web application frameworks.

---

Common Issues

Updated on 19.05.2025

Unlock

3. Common Issues Identified in Assignment 02 Demo

1. User Authentication

• Login Screen Shown After Login

  • Once a user is logged in, requests made by the authenticated user must be routed appropriately.
  • Authenticated requests should not follow routes intended for non-authenticated users.
  • Use redirection wisely to properly handle authenticated user flows.

• Weak Understanding of Authentication

  • Students are required to use Passport.js for session-based authentication.
  • Passport.js supports various authentication strategies, including session-based authentication. It is essential to understand how to configure Passport.js specifically for session-based use—not for other strategies.
  • Poor understanding of how express-session integrates with Passport.js to store authenticated user information.
  • Limited grasp of the complete session-based authentication flow in Passport.js.
  • Inadequate understanding of the serializeUser and deserializeUser methods and their purpose.
  • Lack of clear explanation on configuring Passport.js properly and justifying each configuration step.

2. Blog Features

• Post Conflicts Across Tabs

  • If a post is open in multiple tabs and is deleted in one, an error should be shown in the other.
  • When updating a post, a proper error message should be displayed if the post ID does not exist.
  • Weak understanding of potential issues in post creation, updating, and deletion.

• Overall Understanding of Blog App Code

  • Poor understanding of third-party middleware such as connect-flash.
  • Inadequate grasp of authorization mechanisms; inability to explain or demonstrate relevant code when prompted.
  • Difficulty in understanding or explaining the overall structure and logic of the blog application code.

3. Frontend

• Insufficient Use of Bootstrap

  • Students are expected to use Bootstrap extensively for frontend development.
  • Bootstrap is not used effectively to create responsive layouts.
  • Weak understanding or use of Bootstrap’s grid system.
  • Inability to demonstrate layout responsiveness, particularly in elements like the navigation bar.

• Inelegant Frontend Design

  • The frontend layout lacks polish and requires design improvements.
  • Usability issues such as poor tag display on post snippets reduce user experience.
  • Avoid design choices that may confuse users.
  • Lack of well-reasoned explanations for design decisions made during development.

• Public View of Blog Posts

  • Posts should be publicly visible without requiring login (editing and deletion should be restricted to logged-in users).
  • Unnecessary restrictions—such as limiting search functionality to logged-in users—should be avoided.

• Miscellaneous Frontend Issues

  • Displaying empty flash message boxes without content.
  • Requiring users to manually type URLs in the address bar to access pages that should be linked in the navigation menu.

Tip

Please refer to the link below for an example of a well-designed frontend submitted by a student. Link to be updated soon

4. Search Functionality

• Weak Understanding of Search Features

  • Inability to explain or show correct code related to the search feature.
  • Limited understanding of how regular expressions (regex) are used in search functionality, including the available options.
  • Lack of clarity on the full capabilities of the search (e.g., searching by tag, title, or both).

• Poor Understanding of HTTP Requests in Search

  • Inability to justify which HTTP methods (GET vs POST) are suitable for search queries.
  • Weak understanding of URL query parameters.
  • Vague or unrelated answers when questioned about search-related logic.

5. Input Validations

• Failing to distinguish between client-side and server-side validation.
• Incorrect or poor use of Joi for validation schemas, especially when showing code examples for client-side validation.
• Struggling to demonstrate or explain specific validation logic when asked.

6. Admin Backend

• Lack of Proper Admin Dashboard

  • Merely having links is insufficient; an admin dashboard should be a dedicated page.
  • The dashboard should include links to view all users and posts, clearly organized.

• Dashboard Design Aspects

  • The admin dashboard should be visually appealing and look like a real dashboard, not just a simple web page.
  • Having the user to type the url in the address bar without having a link on the nav bar to access admin dashboard

Assessment Criteria

• According to the rubric marking keys, if explanations are incomplete or unclear, marks will be deducted and you will be given the mark-key relevant to incomplete or unclear regardless of whether the code works correctly or all parts are implemented.
• Your understanding of the code is the primary focus of the assessment. Ref Here

IMPORTANT

Some students have used third-party middleware in the assignment without fully understanding how they work. This method was not covered in the lectures or practical sessions or the wiki. If you choose to use third-party middleware in the assignment, you must ensure you have a thorough understanding of the method you’ve used. During the demonstration, many questions will likely arise if such approaches, which were not taught in the curriculum, are noticed. Failing to fully explain your code puts you at high risk of being categorized under academic misconduct.