📍 Location
/apps/http-server/routes/api/v1/quizzes/:quizId/generate-access-code
Problem Description
The current implementation of the access code generation endpoint is vulnerable to a race condition when multiple users request a code simultaneously.
Scenario:
User A and User B send a request at the same time
Both requests execute generateCode()
Both receive the same generated code (e.g., AC123A)
The system assigns duplicate access codes
This leads to non-unique access codes, which breaks the assumption that each quiz session should have a unique join code.
Expected Behavior
- Each generated access code must be globally unique
- Concurrent requests should never result in duplicate codes
- The system should handle collisions gracefully (e.g., retry mechanism)
📍 Location
/apps/http-server/routes/api/v1/quizzes/:quizId/generate-access-code
Problem Description
The current implementation of the access code generation endpoint is vulnerable to a race condition when multiple users request a code simultaneously.
Scenario:
User A and User B send a request at the same time
Both requests execute generateCode()
Both receive the same generated code (e.g., AC123A)
The system assigns duplicate access codes
This leads to non-unique access codes, which breaks the assumption that each quiz session should have a unique join code.
Expected Behavior