This is a django application that enables instructors to prepare AI policies from templates made by instructional technologists and publish said policies for students to view. It is an LTI tool that is embedded into and launched from the Canvas LMS.
Follow the Canvas Admin Guide on How do I configure an external app for an account using XML?. This can be done at either the sub-account level or in a specific canvas course by visiting that course's settings.
The key details you will need include:
- Consumer key: obtain this from
academic_integrity_tool_v2/settings/.env.example - Shared secret: obtain this from
academic_integrity_tool_v2/settings/.env.example - XML configuration: obtain this from http://localhost:8000/lti/config. Or with ngrok, https://.ngrok-free.app/lti/config
Once installed, the tool should be displayed in the left-hand course navigation as AI Policy. Note that it may be disabled in the navigation by default, so you may need to manually enable it in the course settings navigation (drag and drop to move to the desired position).
The instructions below assume you have Docker installed on your machine.
Configure django settings:
$ cp academic_integrity_tool_v2/.env.example academic_integrity_tool_v2/settings/.env
Run the application:
$ docker compose up
Open the tool in your web browser to verify it is up and running:
open http://localhost:8000
$ docker compose run web python manage.py test
When this tool is launched from Canvas, it is embedded in an iframe from a secure (https- based) site. For the cross-domain session and CSRF cookies to function correctly, our Django settings are configured with SESSION_COOKIE_SECURE = True and CSRF_COOKIE_SECURE = True. These settings command the browser to only send cookies over a secure HTTPS connection.
While local development on http://localhost:8000 may appear to work for basic views, this is because modern browsers often treat localhost as a "secure context" and relax this policy. However, this does not accurately simulate the production LTI environment and will fail when trying to establish a valid cross-domain session.
To properly test the LTI flow locally, you must expose your local development server on a public HTTPS URL. NGROK is a tool that provides this functionality.
-
Install NGROK: Follow the official instructions
-
Start the Django Server: Run the local development server as usual.
docker-compose up
-
Start NGROK: In a separate terminal, run the following command to expose your local port 8000 on a public HTTPS URL.
ngrok http --scheme=https 8000
- This command tells
ngrokto forward traffic to your localhttp://localhost:8000but to set the forwarding scheme in the HTTP headers tohttps. This ensures Django recognizes the connection as secure, which is necessary for the secure cookie flags.
- This command tells
-
Update Environment Variables: NGROK will provide a public URL (ex.,
https://<random-string>.ngrok-free.app). -
Update Canvas: In your Canvas course settings, add the LTI tool (see Original demos section below) using your new public NGROK URL XML page (ex.,
https://<random-string>.ngrok-free.app/lti/config). You can now launch the tool from Canvas to fully test the LTI flow against your local development server with behavior similar to production.
$ coverage run --source='.' manage.py test
$ coverage-badge -f -o coverage.svg
- Then commit and push the changes!
These are demos of the original academic integrity tool and are slightly out of date, but preserved for reference.