Case Study
Kenya School Management System (KSMS)
A secure, multi-tenant Django school administrative platform engineered to manage students, staff, finance, and attendance — featuring real-time M-Pesa ledger reconciliation and KNEC-compliant CBC grading modules.
Challenge
Consolidating administrative chaos while protecting data privacy.
School administrators struggle with fragmented systems for managing fee collections, attendance rosters, academic reports, and parent communication. Transitioning to Kenya's Competency-Based Curriculum (CBC) added another layer of complexity, requiring teachers to grade individual strands and sub-strands rather than raw percentages. Furthermore, integrating parents, teachers, and students into a single portal demanded a strict role-based access control (RBAC) architecture to prevent sensitive academic or financial data leakage.
Solution
A secure-by-default, background-orchestrated web application.
I engineered KSMS using Django 5.x and PostgreSQL hosted on Supabase. To ensure strict data privacy, I implemented a custom user model partitioning access among four roles (Admin, Teacher, Student, Parent). Every single route, view, and API endpoint was hardened with role-aware security decorators and explicit permission checks. For the UI, I used server-rendered Django templates combined with HTMX to deliver smooth, spa-like reactive updates without the overhead of heavy JavaScript frameworks.
To solve the grading bottleneck, I built an assessment module supporting strand-level scoring. The engine automatically translates ratings into KNEC levels (Below Expectation, Approaching Expectation, Meeting Expectation, Exceeding Expectation), captures real-time attendance, and compiles official PDF report cards.
For the financial flow, I integrated Safaricom's M-Pesa STK push API. Once a parent makes a payment via the portal, a callback handler processes the transaction payload, instantly updates the student's ledger, and sends transactional email alerts. Heavy operations—such as report card generation, email delivery via Resend SMTP, and automated invoice reminders—are delegated to Celery workers backed by a Render Redis broker, guaranteeing zero latency on the main thread.
Outcome
Hardened, production-ready school infrastructure.
BE, AE, ME, EE
KNEC-style competency scoring system auto-calculates ratings and generates PDF report cards.
Automated
M-Pesa API STK pushes trigger instant ledger reconciliation and real-time payment notifications.
Looking for a secure custom system?
I partner with organizations to architect and engineer high-trust, secure, and performant web applications that solve operational bottlenecks. If you need a systems engineer who values data integrity and robust testing, let's talk.