Skip to main content

Security

Tutor IDE was designed with the safety of young users in mind. The platform combines automatic content moderation, advanced technical safeguards, and teacher oversight to create a safe learning environment.

Automatic content moderation

The platform is equipped with an advanced scanner that automatically checks content created by students — both in code (file names, content) and in chat messages.

How does the scanner work?

  • Two languages — detects inappropriate words in both Polish and English
  • Resistant to tricks — recognizes attempts to bypass the filter, such as replacing letters with numbers or symbols (e.g., "@" instead of "a", "$" instead of "s"), separating letters with spaces, or repeating characters
  • Smart filtering — distinguishes context and does not block normal programming words (e.g., "class", "display", "password") that could be falsely detected
  • Two alert levels — serious violations and mild warnings, helping teachers prioritize their review

Teacher notifications

When the scanner detects inappropriate content:

  • An alert is created, visible in the teacher panel with information about the student, text excerpt, and severity level
  • The teacher receives an email notification — no need to constantly check the panel, the information comes to them
  • The teacher can review the context and mark the alert as resolved

Content moderation can be disabled in the organization settings if the teacher decides it is not needed.

Session security and authentication

Tutor IDE uses a multi-layered authentication system designed with security in mind:

  • Short-lived sessions — sessions expire after 30 minutes of inactivity (sliding session mechanism). Every interaction with the platform automatically renews the session time, but after 30 minutes of inactivity the student must log in again.
  • Refresh token — an 8-hour token stored as an httpOnly cookie in Redis. This allows seamless session renewal throughout the school day without requiring multiple logins.
  • CSRF protection — all data-modifying operations (creating, editing, deleting) are protected by a CSRF token that prevents attacks involving unauthorized actions.
  • Google OAuth login — secure integration with Google OAuth 2.0, enabling one-click login without needing to remember a separate password.

AI content control

The AI assistant only answers questions related to programming. It does not discuss topics unrelated to learning, does not generate inappropriate content, and does not engage in conversations beyond HTML, CSS, JavaScript, and Python.

Teachers can review all student conversations with the AI assistant to ensure that learning is proceeding properly. If needed, the teacher can also temporarily disable the AI assistant for the entire organization (e.g., during an exam).

Teacher data scoping

On the School plan, the platform enforces strict data separation between teachers:

  • Groups with assigned teachers — each student group is assigned to a specific teacher
  • Restricted view — teachers see only students in their own groups, never all students in the organization
  • Scope covers everything — the restriction applies to projects, AI conversations, moderation alerts, statistics, and challenge results
  • Owner sees everything — the organization owner has full access to all student and teacher data

This architecture ensures that a math teacher cannot see the students of a computer science teacher, even if both work in the same organization.

Two-tier material management

The platform uses a two-tier access system for educational materials (challenges and lesson plans):

  • Owner creates and assigns — the organization owner creates materials and assigns them to selected teachers
  • Teacher sees assigned only — each teacher sees only materials they created themselves or that were assigned to them
  • No unauthorized access — a teacher cannot view or modify another teacher's materials

Audit log

The platform maintains a detailed audit log recording 15 types of actions, including:

  • Student account creation and deletion
  • Role changes within the organization
  • Project creation and deletion
  • Group creation and deletion
  • Organization settings changes

The organization owner can review the audit log in the admin panel to monitor all significant operations.

Admin panel security

All admin panel endpoints enforce rigorous security measures:

  • Organization ownership validation — every request verifies that the resource (challenge, group, alert) belongs to the user's organization
  • No TOCTOU vulnerabilities — resource queries and modifications are performed atomically, eliminating time-of-check-to-time-of-use gaps
  • Organization-scoped filtering — superusers can bypass the filter, but all other users always see data restricted to their organization

Activity limits

The platform enforces limits that protect against misuse:

  • Login attempt limit — a maximum of 5 attempts per minute, protecting accounts from password guessing
  • Chat message limit — a maximum of 20 messages per minute to the AI assistant
  • Message length limit — messages have a restricted length
  • File limit — projects have a limited number of files and file size

Plan-based limits

Each organization plan has defined limits that ensure platform stability:

ResourceFreeHobbyTeacherSchool
Students111001,000
Teachers110
Projects per student5255050
Storage space25 MB100 MB100 MB100 MB
AI messages per day530unlimitedunlimited

Teacher oversight

Teachers have full visibility into student activity:

  • AI conversations — teachers can see the history of all chats, including those deleted by students
  • Projects — access to student projects and their content
  • Moderation alerts — review of detected inappropriate content
  • Activity log — history of logins, project creation, and other actions
  • Account management — ability to edit and control student accounts

On the School plan, the owner can assign teachers to groups — each teacher sees only students in their groups, ensuring appropriate data separation.

Data export and deletion (GDPR)

Tutor IDE ensures full compliance with GDPR requirements for personal data:

  • Data export — every student can download all their data (profile, projects, conversations, achievements) in JSON format with a single click
  • Admin export — the organization owner can export any student's data
  • Account deletion — students can delete their account in their profile settings. The process requires confirmation by typing the username, preventing accidental deletion

Student project protection

Projects displayed in the portfolio are protected by security headers that prevent common web threats. Student and visitor browsers are protected against malicious code.

Transaction security

All data operations (account creation, project saving, payment processing) are performed in a way that ensures data consistency — even in the event of a network failure, no data will be corrupted or partially saved.

Personal data protection

Tutor IDE protects students' personal data:

  • Data minimization — the platform only collects data necessary for operation (username, optional email address, projects)
  • No sharing — student data is not shared with third parties
  • Project privacy — unpublished projects are not visible to other students
  • Access control — students can only access their own projects and conversations
  • Payment security — payments are handled by the certified Stripe system — Tutor IDE does not store credit card data

The platform was designed in accordance with data protection principles, with particular attention to the safety of children's and young people's data.