A Role-Based, Token-Secured Web Architecture for Digital Classroom Attendance Using the Java Full-Stack Paradigm

Abstract: Manual classroom attendance, whether recorded on paper or in spreadsheets, is slow, error-prone, and difficult to audit, and it scales poorly as enrolment grows. This paper presents a web-based attendance management system engineered with the Java full-stack paradigm to digitize and secure the entire capture-to-report cycle. The platform follows a clean three-tier separation in which a reactive single-page client communicates over a stateless application programming interface with a service layer built on a contemporary Java enterprise framework, while structured records are persisted through an object-relational mapping abstraction. Security is enforced through signed, role-bearing tokens that establish a stateless authentication context on every request; a dedicated filter validates the token, extracts the embedded role, and authorizes access so that administrative and teaching capabilities remain strictly partitioned. Attendance marking is designed to be idempotent: a uniqueness constraint on the session-student pair, combined with an upsert procedure, guarantees that repeated submissions converge to a single correct record rather than producing duplicates. Teachers may only operate on sessions they own, a rule enforced in the service layer. An administrative module aggregates institution-wide counts and recent activity for oversight. Experimental evaluation on a local deployment shows median application-programming-interface latencies between roughly seven and fifty-eight milliseconds and sustained mark-attendance throughput exceeding twenty thousand requests per second under load. The system offers a lightweight, secure, and maintainable foundation for institutional attendance tracking and demonstrates sound full-stack engineering practice.

Keywords: idempotent attendance management, Java full stack, Spring Boot, JSON Web Token, role-based access