Architecture¶
This chapter explains how the Python Tool Manager works under the hood.
Overview¶
The following picture should give you a brief overview on the data flow and the participants of the Python Tool Manager in action.
The user interacts with the exercise on the LMS platform. The exercise communicates with the Python Tool Manager over the LTI protocol, which handles access control and guarantees the authenticity of the data. LMS and Python Tool Manager can run on different servers. Only server to server communication using HTTP or HTTPS (which is strongly recommended) is mandatory.
The Python code of the exercises managed by the Python Tool Manager is stored in a database and runs inside a Docker container. This provides an additional security layer and gives maximum flexibility to the programmer of the exercise. The pytm library handles the communication between the exercise and the Python Tool Manager backend.
Communication¶
Exercise classes are stateless. Any stateful information has to be serialized and transferred to the client and back to the server. Besides the serialized data, a corresponding hash-based message authentication code is transmitted. This prevents client side manipulation of the data. Furthermore, input and output information is transferred between client and backend.
