Application Programming Interface (API) Development for Student Attendance System Using QR Code

Designing an application that requires communication between platforms need an intermediary to do it. The implementation of Application Programming Interface (API) from a designed system was done so the developers are able to access programmatic functions between different platforms. In the era of the information technology development as it is today, there are still many applications that are not computerized, such as the attendance recording systems. This research aims to develop API well on an Android-based student attendance system that uses the Quick Response code (QR code). To do so, first of all the design of system architecture was created to understand the communication flow between the platform. After that, the software development is done along with the test of API web services. In the end, with the integration of the Android client and web server on Laravel and assisted by the RESTful based web service, made that designed student attendance system becomes a safe and reliable.

protocols that allow us to build an application.Basically, API services provide certain conditions for applications on how they communicate with one another and interact with one another.
In developing an application, the developer should think over that cases encountered in utilizing the application will continue to develop.Therefore we need a well-designed development concept, so every information technology can adapt according to its purpose.By separating the program algorithm in the database with the program algorithm in the interface (both web client and android client) in a system, then it has been considered as a good method for overcoming the problem.When the flow of the program process can be built separately, it is very possible in the future for the application to update or add functions to accommodate the evolving needs [1] .
Quick Response Code (QR code) is a 2-dimensional barcode that is displayed in a series of boxes inside the box.QR codes store information horizontally and vertically, which allows it to capture and convey more information. [2]Its presence is able to be a solution for problems related to global effectiveness and efficiency.
The rapid development of technology currently provides a large number of types of technology that can be utilized to solve the problems mentioned earlier.Apart from the use of QR code technology, the use of smartphones is one of them as the use of existing technology to be a solution to the problems that exist on this campus.With the help of an Androidbased client application and its supporting web server which are integrated with each other through the RESTful web service, the student attendance system will be carried out automatically and can guarantee the integrity and confidentiality of the data.

Literature Review
API or Application Programming Interface is a virtual interface technology that allows between systems to communicate with each other or exchange data [2] .The API allows our services to interact with other products without knowing how they are implemented.As a result, application development can be simplified and ultimately save money and time.When we design new tools and products, the API can provide flexibility; simplifying design, administration, and providing opportunities for innovation.Quick Response Code (QR code) is a 2-dimensional barcode that is displayed in a series of boxes in a box.QR codes store information horizontally and vertically, which allows it to capture and convey more information.The QR code can be scanned by the camera of every smartphone at the moment [3] .
QR Code functions like a physical hyperlink that can store addresses and URLs, telephone numbers, text and sms that can be used in magazines, daily letters, advertisements, on bus signs, business cards or other media.Or in other words as connecting quickly online content and offline content.The presence of this code allows users to interact effectively and efficiently with the media they attach to them.Users can also generate and print their own QR Code for others.As seen in Figure 2, the structure of the QR Code consists of: [4] a.  Google Form and attendance will be recorded.
The method used for student attendance system should be easy to apply and quick in recording attendance during a class session.But on the security issue must be considered a lot.With that QR code card there will be a lot of flaws in the system.First, the student must not lend the card to other person.And then student must keep the card by themselves.Both of these rules are needed to fulfill a succesful record of an attendance, because its system automatically record the attendance and if one of that rule violated then the attendance record is invalid.To avoid the problem we should make the system integrated more to the individual person object, for example mobile phone number.The integrated system with mobile phone number which had been developed right now would be better to prevent that case and make the system more safe and reliable.

Mobile Programming
Android is a mobile operating system based on a modified version of Linux.Initially, Android was developed by a startup with the same name, Android, Inc.In 2005, as a strategy to enter the mobile world, Google bought Android, Inc. and take over the development of his work (including the development team too).
The main advantage of adopting Android as an operating system is that it provides a unified approach into existing application development.Developers only need to develop Android in general, and their applications can run on a variety of different devices, as long as the device is powered by Android.In the smartphone world, applications are the most important part of the success of smartphones [7] .

Web Service
Web service is a service identified by URI (Uniform Resource Identifier) that exposes its features through the internet using internet standard protocols and languages and can be implemented using internet standards such as XML (Extensible Markup Language).Until now web service technology continues to develop.One technology that is popular applications, web, and desktop applications can call the desired method / function [8] .

Laravel
Laravel is a framework used for web development in PHP.Framework is a software to facilitate the developers in making applications or the web whose contents are various functions, plugins, and concepts so as to form a particular system.
Laravel in this case is one of the many PHP frameworks available to web developers out there.The use of the framework is very beneficial for PHP web application developers.Framework like Laravel, CodeIgniter, CakePHP, Yii, Symfony wrapped a collection of third-party components together with configuration files, service providers, directory structures and application bootstrapping.With these components wrapped, the various advantages of using frameworks when building web applications in general is the presence of other parties who help us about what components are suitable for us and also how these components are installed properly [9] .Laravel focuses on the end-user, which means it focuses on clarity and simplicity, both in writing and appearance, and in producing web application functionality that works as it should.This makes developers and companies use this framework to build anything, from small projects to upscale corporate scale.
Utilization of framework Laravel to build web applications very much.First, Laravel provides a very lightweight layout template, then supports the Model, View, Controller (MVC) structure.Then there are many object-oriented libraries in which the library module is independent.And the last, of course, support from the command line interface artisan.

Research Methodology Problem Identification
Implementation of recoding the student attendance process at Trisakti University, the Department of Informatics Engineering still has not seen any presence of effectiveness and efficiency in its application in the daily teaching and learning process.In practice, the use of attendance signatures is done manually on physical paper which is certainly not environmentally friendly, wasteful of paper and administrative costs as well as prone to manipulation or fraud conducted by college student participants.
Computerized administration system as well paperless which can minimize fraud must certainly be maximized to support administration integrity until finally the department is able to produce competent graduates.
Requirement Analysis Lecturers as well as the students expect an attendance administration system that is simple, fast and efficient but still has good security, integrity and good availability aspects.The presence of information technology is also needed at this time so that it can meet existing needs.
Current advances in technology have resulted in many types of technology that can be used to solve the problems mentioned earlier.Apart from the use of QR technology code, the use of smart mobile phones is a solution to the problems that exist on this college.Integrated through the API, the Android-based attendance client system is connected to the server at Laravel and ensures the confidentiality of the data.Besides that, a dedicated web is also designed intended for lecturers.The RESTful architecture in implementing the API ensures the applications that are designed to be lightweight and will be easy to develop in the future.

System Design
The software development model on the system will be designed using the iterative spiral type model.This model has a gradual application development flow.Starting from building the smallest program that is quite useful.Then it continues into a series of stages that add features to the program into prototypes that have minimal functionality until the whole program is finally completed [10] .
System Flow  In the flowchart on Figure 3 shows that the client consists of 2 platforms (web and Android) that communicate with each other using the API.The web service API is mainly used to access functions on the Server Controller that the client needs.
One of the implementation of web service is to request information on the validity of telephone numbers that entered by students.So non-student users cannot use the application because of the invalid return value.
In addition, the Android client also requests an API to Vonage, a third-party SMS service that provides services to send messages to students through a various customization.The sender number is customizable as well ass the contents of the message, in this case the verification code.This One Time Password (OTP) system is much safer than the Login system as usual, because the Login system is based on an account.This triggers a security issue where students can commit fraud in the form of lending and borrowing accounts.By lending his account, the attendance process that occurs will be invalid.To overcome this, OTP is needed by Vonage's services.

Results and Discussion
In this software development, the main focus is to apply the concept of PHP web service for Android applications.API requests are directed to the Server Controller before finally accessing the database.
Some request is done by sending certain URIs that are adjusted with the server controller as the recipient in Laravel.The API list is listed as in table 1.Based on the structure of the URI, it appears that the string thrown in the URI will be processed into the server controller and the results will be received again by the client, which in this case is the Android app.The two requests were made using the GET method due to the absence of credential information that being thrown out in, and also the condition of the URI which is not open (direct connection within Android) strengthen that reason.Meanwhile SMSApiRequest uses POST due to API key and API secret key in its URI.This is very credentials because those two things are like the keys that can open the access to services owned by Vonage.

Application Implementation
The first stage to record the student attendance starts from the lecturer who accesses his web client before continuing the next menu.
To get an account and do the log in, based on an existing security analysis, it was decided to exclude the Registration page.This is because the system designed right now is exclusive only for lecturers, or in other words, the system access is limited to the public.After access is granted, the welcome page that will be displayed is the Dashboard page.Here the lecturer is given preliminary information on how many courses they are teaching, as well as what the courses are complete with the day and teaching hours.In addition there is also self-information from the lecturer as a part that is displayed in the profile section.
To enter the main function of this web application (generate QR code), the lecturer must first choose the course for which the QR code is generated.By pressing the Absensi button, the lecturer will be taken to the next page to generate the QR code, called named attendance page.
On that attendance page the lecturer is given the option to generate a QR code based on the lecturer class meeting.
Usually there are 14 meetings in one semester.After the lecturer chooses to press Generate then the Status Pertemuan will change to 'Generated' and there is a pop-up that displays the generated QR code.
After the lecturer gets the desired QR code, this page can be displayed with a multimedia projector in the classroom.So The initial interface of the Android client application that students have as shown in Figure 5 shows that the interaction needed to gain access to the application is quite simple.Even so, of course, the security aspect is still considered in its development.
In the first EditText field, users are required to enter the telephone number used on their respective Android smart phones.In addition, the numbers used are only numbers that have been registered in the database so that it can be ensured that only registered students are verified to gain access of the application.It can also be certain that the typing on the EditText is accurate because the field has been set up in such a way so that only numeric input types can be processed and the addition of a special international telephone number code for Indonesia (+62) cannot removed too.In this section of verifying the OTP, the function is quite simple, there is no API involved in the process.When the user verifies by entering the OTP verification code in the page before this page, what really happens is the client will check whether the code entered is the same as the code generated before the process of sending web service requests for the one time password SMS.If it is verified perfectly then the system will store some additional information to be taken to the next page, which is the profile page.
After entering the profile page, the user will be given a display giving basic information from that user, such as phone number, name and the student year entry.In addition there is also a Scan Absen button which can bring the user to the next page, which is opening of the camera that ready to scan the QR code.
This profile page also contain information that is locked on the application, so if the user exits the application and re-enters again, then there is no need to re-verify the mobile number, instead it will go directly to this page.
If the student use this application for the first time, before opening this camera page, a prompt will appear that asks the user to allow access to the camera.This is to accommodate users who use Android with Marshmellow or newer versions, because the permission request process is done in runtime.After that, when the students press the OTP request button, the first thing the system does is verify whether the number written before is registered as a student or not.This process is carried out by Retrofit by sending a RESTful-based web service request to the server controller and accepting JSON as the return value.If it turns out that the result states the student is registered on the database then the system will continue to send a second request that is requesting an OTP code.This request was sent to Vonage as a third party provider for the outbound SMS API service.From here we can From this page the user can scan the QR code that the lecturer has given in the classroom.After that, the system will request a web service from the server and perform various re-verification based on the returned value as shown in table 2.
When everything is successfully verified, the next step is to create new data into a database stating that the attendance of the student has been successfully recorded and the student attendance process was successfully carried out.
As everything is successfully recorded properly into the database, the user can close the application and refocus into the lecture process in class.The whole process takes a very short time while still paying attention to aspects of the security and integrity of the existing data.

Conclusion
Based on the results of the work done, it is seen that the main design to build this application is not only focused on Android-based clients (applications used by students) or website-based clients (applications used by lecturers) but also on building web service systems that are able to link both applications with the server, in this case is the transaction with the database.With the web service concept, the principle of data confidentiality and data consistency can certainly be achieved which in the future this can guarantee the use of the applications in larger departments.

Figure 2 .
Figure 2. QR Code Structure Finding Pattern: Pattern to detect the position of the QR Code.b.Timing pattern: A pattern used to identify the central coordinates of a QR Code.

14 Figure 5 .
Figure 5.Home Screen of Android App Qeios, CC-BY 4.0 • Article, January 31, 2024 Qeios ID: 9OJFXV • https://doi.org/10.32388/9OJFXV12/14 send SMS based on what we have designed (random numbers for OTP, specified name of the SMS sender and messages that are customized according to the wishes of the developer).

Table 1 .
List of API

Table 2 .
List of Returned Value