Deploy FastAPI backend with MongoDB integration - Added app.py, requirements.txt, and updated Dockerfile for HF Spaces deployment

Dockerfile

@@ -0,0 +1,20 @@
+FROM python:3.9-slim
+
+WORKDIR /app
+
+# Copy requirements first for better caching
+COPY server/requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy the rest of the application
+COPY server/ .
+
+# Expose the port that FastAPI will run on
+EXPOSE 8000
+
+# Set environment variables
+ENV PORT=8000
+ENV CORS_ORIGIN=https://ali2206-checklist.hf.space
+
+# Run the FastAPI application
+CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"]

README.md

@@ -1,10 +1,85 @@
 ---
-title: Checklist
-emoji: 🚀
+title: Audit Checklist API
+emoji: 📋
 colorFrom: blue
-colorTo: yellow
+colorTo: green
 sdk: docker
 pinned: false
+license: mit
+app_port: 8000
 ---
 
-Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
+# Audit Checklist FastAPI Backend
+
+This is the backend API for the Audit Checklist React Native application.
+
+## Features
+- MongoDB Atlas integration
+- REST API endpoints for audit checklists
+- CORS support for mobile apps
+- Health check endpoint
+- User session management
+- Comprehensive error handling
+
+## API Endpoints
+
+### Health Check
+- `GET /` - Basic health check
+- `GET /health` - Detailed health information
+
+### Checklist Management
+- `GET /api/checklist/{user_id}` - Get checklist for user
+- `PUT /api/checklist/{user_id}` - Save/update checklist
+- `GET /api/checklists` - Get all checklists (admin)
+- `GET /api/checklists/by-user/{user_name}` - Get checklists by user name
+
+### Server Information
+- `GET /api/server-info` - Get server information
+
+## Environment Variables
+
+Set these in your Hugging Face Space settings:
+
+- `MONGODB_URI`: Your MongoDB Atlas connection string
+- `CORS_ORIGIN`: Frontend URL (optional, defaults to allow all)
+
+## Data Structure
+
+The API manages audit checklists with the following structure:
+
+```json
+{
+  "userId": "user-1234567890",
+  "title": "Checklist di Audit Operativo (38 Controlli)",
+  "sections": [...],
+  "metadata": {
+    "userName": "John Doe",
+    "savedAt": "2024-01-15T14:30:25.123Z",
+    "savedAtFormatted": "15/01/2024, 14:30:25",
+    "userId": "user-1234567890",
+    "version": "1.0"
+  }
+}
+```
+
+## Usage
+
+This API is designed to work with the Audit Checklist React Native mobile application. The mobile app sends audit data to this backend, which stores it in MongoDB Atlas with user information and timestamps.
+
+## Deployment
+
+This FastAPI application is deployed on Hugging Face Spaces using Docker. The application runs on port 8000 and is accessible at:
+
+`https://ali2206-checklist.hf.space`
+
+## Development
+
+To run locally:
+
+```bash
+cd server
+pip install -r requirements.txt
+python start_server.py
+```
+
+The API will be available at `http://localhost:5000`

app.py

@@ -0,0 +1,735 @@
+"""
+FastAPI Server for Audit Checklist Application
+=============================================
+
+This server provides a REST API for managing audit checklists with MongoDB integration.
+It supports CRUD operations for checklist data and user management.
+
+Features:
+- MongoDB Atlas integration with async Motor driver
+- CORS support for React frontend
+- Comprehensive error handling
+- Health check endpoint
+- Environment-based configuration
+
+Author: Audit Checklist Team
+Version: 1.0.0
+"""
+
+import os
+import sys
+from datetime import datetime
+from typing import Optional, List, Dict, Any, Union
+import logging
+
+# FastAPI imports
+from fastapi import FastAPI, HTTPException, status
+from fastapi.middleware.cors import CORSMiddleware
+from fastapi.responses import JSONResponse
+
+# Pydantic for data validation
+from pydantic import BaseModel, Field
+
+# MongoDB async driver
+import motor.motor_asyncio
+from bson import ObjectId
+
+# Environment variables
+from dotenv import load_dotenv
+
+# Load environment variables from .env file (if available)
+# For Hugging Face Spaces, environment variables are set in the Space settings
+try:
+    load_dotenv('mongodb.env')
+except:
+    pass  # Continue without .env file if not found
+
+# Configure logging
+logging.basicConfig(
+    level=logging.INFO,
+    format='%(asctime)s - %(name)s - %(levelname)s - %(message)s'
+)
+logger = logging.getLogger(__name__)
+
+# =============================================================================
+# CONFIGURATION AND INITIALIZATION
+# =============================================================================
+
+# Environment variables with fallback defaults
+MONGODB_URI = os.getenv('MONGODB_URI', 'mongodb://localhost:27017/audit_checklist')
+PORT = int(os.getenv('PORT', 8000))  # Hugging Face Spaces uses port 8000
+CORS_ORIGIN = os.getenv('CORS_ORIGIN', '*')  # Allow all origins by default for mobile apps
+
+# Initialize FastAPI application
+app = FastAPI(
+    title="Audit Checklist API",
+    description="REST API for managing audit checklists with MongoDB integration",
+    version="1.0.0",
+    docs_url="/docs",  # Swagger UI documentation
+    redoc_url="/redoc"  # ReDoc documentation
+)
+
+# Configure CORS middleware
+# Allow all origins for Hugging Face Spaces deployment
+cors_origins = [CORS_ORIGIN] if CORS_ORIGIN != "*" else ["*"]
+
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=cors_origins,
+    allow_credentials=True,
+    allow_methods=["GET", "POST", "PUT", "DELETE", "OPTIONS"],
+    allow_headers=["*"],
+)
+
+# MongoDB connection setup
+client = None
+db = None
+
+async def connect_to_mongodb():
+    """
+    Establish connection to MongoDB Atlas
+    
+    This function creates an async connection to MongoDB using the Motor driver.
+    It handles connection errors gracefully and logs the status.
+    """
+    global client, db
+    try:
+        client = motor.motor_asyncio.AsyncIOMotorClient(MONGODB_URI)
+        db = client.audit_checklist
+        
+        # Test the connection
+        await client.admin.command('ping')
+        logger.info("Successfully connected to MongoDB Atlas")
+        
+        # Create indexes for better performance
+        await create_database_indexes()
+        
+    except Exception as e:
+        logger.error(f"Failed to connect to MongoDB: {e}")
+        raise e
+
+async def create_database_indexes():
+    """
+    Create database indexes for optimal query performance
+    
+    This function creates indexes on frequently queried fields to improve
+    database performance and query speed.
+    """
+    try:
+        # Index on userId for faster user-specific queries
+        await db.checklists.create_index("userId", unique=False)
+        
+        # Index on createdAt for time-based queries
+        await db.checklists.create_index("createdAt", unique=False)
+        
+        logger.info("Database indexes created successfully")
+        
+    except Exception as e:
+        logger.warning(f"Could not create indexes: {e}")
+
+async def close_mongodb_connection():
+    """Close MongoDB connection gracefully"""
+    global client
+    if client:
+        client.close()
+        logger.info("MongoDB connection closed")
+
+# =============================================================================
+# PYDANTIC MODELS FOR DATA VALIDATION
+# =============================================================================
+
+class ChecklistItem(BaseModel):
+    """
+    Model for individual checklist items
+    
+    Attributes:
+        id: Unique identifier for the item
+        requirement: Description of the requirement to be checked
+        compliance: Compliance status (N/A, Compliant, Non-Compliant)
+        deviation: Description of any deviation found
+        action: Action taken to address the issue
+        checkedAt: Timestamp when the item was checked
+        checkedBy: Name of the person who checked the item
+    """
+    id: str = Field(..., description="Unique identifier for the checklist item")
+    requirement: str = Field(..., description="Description of the requirement")
+    compliance: str = Field(default="N/A", description="Compliance status: N/A, Compliant, or Non-Compliant")
+    deviation: str = Field(default="", description="Description of any deviation found")
+    action: str = Field(default="", description="Action taken to address the issue")
+    checkedAt: Optional[datetime] = Field(default=None, description="Timestamp when item was checked")
+    checkedBy: str = Field(default="", description="Name of the person who checked the item")
+
+class ChecklistSection(BaseModel):
+    """
+    Model for checklist sections containing multiple items
+    
+    Attributes:
+        id: Unique identifier for the section
+        title: Display title of the section
+        icon: Icon identifier for UI display
+        items: List of checklist items in this section
+    """
+    id: str = Field(..., description="Unique identifier for the section")
+    title: str = Field(..., description="Display title of the section")
+    icon: str = Field(..., description="Icon identifier for UI display")
+    items: List[ChecklistItem] = Field(default=[], description="List of checklist items")
+
+class Metadata(BaseModel):
+    """
+    Metadata model for checklist information
+    """
+    userName: Optional[str] = Field(default=None, description="Name of the user who saved the checklist")
+    savedAt: Optional[str] = Field(default=None, description="ISO timestamp when saved")
+    savedAtFormatted: Optional[str] = Field(default=None, description="Formatted timestamp when saved")
+    userId: Optional[str] = Field(default=None, description="User ID")
+    version: Optional[str] = Field(default="1.0", description="Version of the checklist")
+
+class ChecklistData(BaseModel):
+    """
+    Complete checklist data model
+    
+    Attributes:
+        userId: Unique identifier for the user
+        title: Title of the checklist
+        sections: List of sections in the checklist
+        totalItems: Total number of items across all sections
+        completedItems: Number of completed items
+        nonCompliantItems: Number of non-compliant items
+        complianceScore: Calculated compliance percentage
+        verificationDate: Date when the checklist was verified
+        createdAt: Timestamp when the checklist was created
+        updatedAt: Timestamp when the checklist was last updated
+    """
+    userId: str = Field(..., description="Unique identifier for the user")
+    title: str = Field(..., description="Title of the checklist")
+    sections: List[ChecklistSection] = Field(default=[], description="List of checklist sections")
+    totalItems: Optional[int] = Field(default=0, description="Total number of items")
+    completedItems: Optional[int] = Field(default=0, description="Number of completed items")
+    nonCompliantItems: Optional[int] = Field(default=0, description="Number of non-compliant items")
+    complianceScore: Optional[float] = Field(default=0.0, description="Compliance percentage score")
+    verificationDate: Optional[datetime] = Field(default=None, description="Date of verification")
+    createdAt: Optional[datetime] = Field(default=None, description="Creation timestamp")
+    updatedAt: Optional[datetime] = Field(default=None, description="Last update timestamp")
+    metadata: Optional[Metadata] = Field(default=None, description="Additional metadata including user information")
+    
+    class Config:
+        # Allow extra fields that might be sent from frontend
+        extra = "allow"
+
+class ChecklistResponse(BaseModel):
+    """
+    Standard API response model for checklist operations
+    
+    Attributes:
+        success: Boolean indicating if the operation was successful
+        data: The checklist data (if successful)
+        message: Optional message describing the result
+        error: Error message (if unsuccessful)
+    """
+    success: bool = Field(..., description="Whether the operation was successful")
+    data: Optional[Union[ChecklistData, Dict[str, Any]]] = Field(default=None, description="Checklist data")
+    message: Optional[str] = Field(default=None, description="Success message")
+    error: Optional[str] = Field(default=None, description="Error message")
+
+class HealthResponse(BaseModel):
+    """Health check response model"""
+    status: str = Field(..., description="Health status")
+    timestamp: datetime = Field(..., description="Current timestamp")
+    database: str = Field(..., description="Database connection status")
+    version: str = Field(default="1.0.0", description="API version")
+
+# =============================================================================
+# UTILITY FUNCTIONS
+# =============================================================================
+
+def calculate_checklist_metrics(checklist_data: Dict[str, Any]) -> Dict[str, Any]:
+    """
+    Calculate compliance metrics for a checklist
+    
+    Args:
+        checklist_data: Dictionary containing checklist data
+        
+    Returns:
+        Dictionary with calculated metrics (totalItems, completedItems, nonCompliantItems, complianceScore)
+    """
+    total_items = 0
+    completed_items = 0
+    non_compliant_items = 0
+    
+    # Iterate through all sections and items
+    for section in checklist_data.get('sections', []):
+        for item in section.get('items', []):
+            total_items += 1
+            
+            # Count completed items (those that are not N/A)
+            if item.get('compliance') != 'N/A':
+                completed_items += 1
+                
+                # Count non-compliant items
+                if item.get('compliance') == 'Non-Compliant':
+                    non_compliant_items += 1
+    
+    # Calculate compliance score
+    compliance_score = (completed_items / total_items * 100) if total_items > 0 else 0
+    
+    return {
+        'totalItems': total_items,
+        'completedItems': completed_items,
+        'nonCompliantItems': non_compliant_items,
+        'complianceScore': round(compliance_score, 2)
+    }
+
+def serialize_checklist(checklist_doc: Dict[str, Any]) -> Dict[str, Any]:
+    """
+    Serialize MongoDB document to JSON-serializable format
+    
+    Args:
+        checklist_doc: MongoDB document
+        
+    Returns:
+        Dictionary with ObjectId converted to string
+    """
+    if checklist_doc and '_id' in checklist_doc:
+        checklist_doc['_id'] = str(checklist_doc['_id'])
+    
+    # Convert datetime objects to ISO strings
+    for field in ['createdAt', 'updatedAt', 'verificationDate']:
+        if field in checklist_doc and checklist_doc[field]:
+            # Only convert if it's a datetime object, not a string
+            if hasattr(checklist_doc[field], 'isoformat'):
+                checklist_doc[field] = checklist_doc[field].isoformat()
+    
+    # Convert datetime objects in items
+    for section in checklist_doc.get('sections', []):
+        for item in section.get('items', []):
+            if 'checkedAt' in item and item['checkedAt']:
+                # Only convert if it's a datetime object, not a string
+                if hasattr(item['checkedAt'], 'isoformat'):
+                    item['checkedAt'] = item['checkedAt'].isoformat()
+    
+    return checklist_doc
+
+# =============================================================================
+# API ENDPOINTS
+# =============================================================================
+
+@app.on_event("startup")
+async def startup_event():
+    """
+    Application startup event handler
+    
+    This function is called when the FastAPI application starts up.
+    It initializes the MongoDB connection and sets up the database.
+    """
+    logger.info("Starting Audit Checklist API server...")
+    await connect_to_mongodb()
+    logger.info(f"Server ready on port {PORT}")
+
+@app.on_event("shutdown")
+async def shutdown_event():
+    """
+    Application shutdown event handler
+    
+    This function is called when the FastAPI application shuts down.
+    It gracefully closes the MongoDB connection.
+    """
+    logger.info("Shutting down Audit Checklist API server...")
+    await close_mongodb_connection()
+
+@app.get("/", response_model=Dict[str, str])
+async def root():
+    """
+    Root endpoint providing basic API information
+    
+    Returns:
+        Dictionary with API name and version
+    """
+    return {
+        "message": "Audit Checklist API",
+        "version": "1.0.0",
+        "docs": "/docs",
+        "health": "/health"
+    }
+
+@app.get("/health", response_model=HealthResponse)
+async def health_check():
+    """
+    Health check endpoint for monitoring and load balancers
+    
+    This endpoint checks the status of the API server and database connection.
+    It's useful for health monitoring, load balancers, and DevOps automation.
+    
+    Returns:
+        HealthResponse with current status information
+    """
+    try:
+        # Test database connection
+        await client.admin.command('ping')
+        db_status = "connected"
+    except Exception as e:
+        logger.error(f"Database health check failed: {e}")
+        db_status = "disconnected"
+    
+    return HealthResponse(
+        status="healthy" if db_status == "connected" else "unhealthy",
+        timestamp=datetime.utcnow(),
+        database=db_status,
+        version="1.0.0"
+    )
+
+@app.get("/api/checklist/{user_id}", response_model=ChecklistResponse)
+async def get_checklist(user_id: str):
+    """
+    Retrieve checklist data for a specific user
+    
+    This endpoint fetches the checklist data for a given user ID. If no checklist
+    exists for the user, it creates a new one with the default structure.
+    
+    Args:
+        user_id: Unique identifier for the user
+        
+    Returns:
+        ChecklistResponse containing the checklist data
+        
+    Raises:
+        HTTPException: If database operation fails
+    """
+    try:
+        logger.info(f"Fetching checklist for user: {user_id}")
+        
+        # Query the database for the user's checklist
+        # Find the most recent checklist for the user
+        checklist_doc = await db.checklists.find_one(
+            {"userId": user_id},
+            sort=[("createdAt", -1)]  # Get the most recent one
+        )
+        
+        if not checklist_doc:
+            # Create new checklist if none exists
+            logger.info(f"No checklist found for user {user_id}, creating new one")
+            
+            # Default checklist structure - Complete 38-item audit checklist
+            default_checklist = {
+                "userId": user_id,
+                "title": "Checklist di Audit Operativo (38 Controlli)",
+                "sections": [
+                    {
+                        "id": "S1",
+                        "title": "1. PERSONALE E IGIENE (6 Controlli)",
+                        "icon": "Users",
+                        "items": [
+                            {"id": "I1.1", "requirement": "Indumenti da lavoro puliti (divisa, grembiule).", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I1.2", "requirement": "Scarpe antinfortunistiche / Calzature pulite.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I1.3", "requirement": "Cuffie e/o Retine per capelli indossate correttamente.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I1.4", "requirement": "Assenza di gioielli, piercing visibili, unghie lunghe.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I1.5", "requirement": "Lavaggio mani documentato all'ingresso/reingresso.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I1.6", "requirement": "Assenza di cibo/bevande non autorizzate nelle aree produttive.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""}
+                        ]
+                    },
+                    {
+                        "id": "S2",
+                        "title": "2. STRUTTURE E IMPIANTI (6 Controlli)",
+                        "icon": "Building",
+                        "items": [
+                            {"id": "I2.1", "requirement": "Illuminazione adeguata e funzionante in tutte le aree.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I2.2", "requirement": "Porte esterne/interne in buone condizioni e chiuse correttamente (sigillatura).", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I2.3", "requirement": "Integrità di pavimenti, pareti e soffitti (assenza di crepe/danni).", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I2.4", "requirement": "Controllo vetri / lampade protette o anti-frantumazione.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I2.5", "requirement": "Condizioni igieniche dei servizi igienici e spogliatoi (pulizia e dotazioni).", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I2.6", "requirement": "Ventilazione e aspirazione funzionanti, pulite e non ostruite.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""}
+                        ]
+                    },
+                    {
+                        "id": "S3",
+                        "title": "3. GESTIONE E IGIENE AMBIENTALE (4 Controlli)",
+                        "icon": "Package",
+                        "items": [
+                            {"id": "I3.1", "requirement": "Contenitori dei rifiuti puliti, chiusi e identificati.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I3.2", "requirement": "Separazione corretta dei rifiuti (es. umido, secco, plastica).", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I3.3", "requirement": "Area di stoccaggio rifiuti (interna ed esterna) ordinata e sanificata.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I3.4", "requirement": "Frequenza di rimozione dei rifiuti adeguata a prevenire accumuli.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""}
+                        ]
+                    },
+                    {
+                        "id": "S4",
+                        "title": "4. CONTROLLO PROCESSO E QUALITÀ (6 Controlli)",
+                        "icon": "Settings",
+                        "items": [
+                            {"id": "I4.1", "requirement": "Monitoraggio e registrazione dei Punti Critici di Controllo (CCP).", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I4.2", "requirement": "Procedure di Buona Fabbricazione (GMP) rispettate (es. pulizia prima dell'avvio).", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I4.3", "requirement": "Verifica e calibrazione del Metal Detector eseguita e registrata.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I4.4", "requirement": "Corretta identificazione dei lotti di materie prime e semilavorati.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I4.5", "requirement": "Rispettate le temperature di stoccaggio dei prodotti finiti e intermedi.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I4.6", "requirement": "Corretta gestione, etichettatura e isolamento dei prodotti non conformi.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""}
+                        ]
+                    },
+                    {
+                        "id": "S5",
+                        "title": "5. CONTROLLO INFESTANTI (5 Controlli)",
+                        "icon": "Shield",
+                        "items": [
+                            {"id": "I5.1", "requirement": "Assenza di tracce visibili di roditori, insetti o uccelli.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I5.2", "requirement": "Stazioni di monitoraggio/trappole numerate, integre e registrate.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I5.3", "requirement": "Mappe e registri delle trappole aggiornati e disponibili.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I5.4", "requirement": "Barriere fisiche (es. reti, spazzole) anti-intrusione in buone condizioni.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I5.5", "requirement": "Prodotti chimici di controllo infestanti stoccati in modo sicuro e separato.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""}
+                        ]
+                    },
+                    {
+                        "id": "S6",
+                        "title": "6. MANUTENZIONE E VETRI (6 Controlli)",
+                        "icon": "Settings",
+                        "items": [
+                            {"id": "I6.1", "requirement": "Piano di manutenzione preventiva e correttiva rispettato e registrato.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I6.2", "requirement": "Lubrificanti e oli utilizzati autorizzati per uso alimentare (se richiesto).", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I6.3", "requirement": "Registri di calibrazione/verifica degli strumenti di misura critici aggiornati.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I6.4", "requirement": "Gestione dei vetri rotti (registri rotture) aggiornata e conforme alla procedura.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I6.5", "requirement": "Assenza di perdite, gocciolamenti o cavi scoperti da impianti/macchinari.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I6.6", "requirement": "Area di deposito utensili e pezzi di ricambio ordinata e pulita.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""}
+                        ]
+                    },
+                    {
+                        "id": "S7",
+                        "title": "7. DOCUMENTAZIONE E FORMAZIONE (5 Controlli)",
+                        "icon": "FileText",
+                        "items": [
+                            {"id": "I7.1", "requirement": "Documentazione di processo (procedure, istruzioni) aggiornata e disponibile.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I7.2", "requirement": "Registri di formazione del personale aggiornati e verificabili.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I7.3", "requirement": "Certificazioni e attestati del personale validi e aggiornati.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I7.4", "requirement": "Controllo documenti (versioni, distribuzione, obsolescenza) conforme.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""},
+                            {"id": "I7.5", "requirement": "Archiviazione e conservazione documenti secondo i requisiti normativi.", "compliance": "N/A", "deviation": "", "action": "", "checkedAt": None, "checkedBy": ""}
+                        ]
+                    }
+                ],
+                "totalItems": 38,
+                "completedItems": 0,
+                "nonCompliantItems": 0,
+                "complianceScore": 0.0,
+                "verificationDate": None,
+                "createdAt": datetime.utcnow(),
+                "updatedAt": datetime.utcnow()
+            }
+            
+            # Insert the new checklist
+            result = await db.checklists.insert_one(default_checklist)
+            checklist_doc = await db.checklists.find_one({"_id": result.inserted_id})
+            logger.info(f"Created new checklist for user {user_id}")
+        
+        # Serialize the document
+        serialized_checklist = serialize_checklist(checklist_doc)
+        
+        return ChecklistResponse(
+            success=True,
+            data=ChecklistData(**serialized_checklist),
+            message="Checklist retrieved successfully"
+        )
+        
+    except Exception as e:
+        logger.error(f"Error retrieving checklist for user {user_id}: {e}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Failed to retrieve checklist: {str(e)}"
+        )
+
+@app.put("/api/checklist/{user_id}", response_model=ChecklistResponse)
+async def save_checklist(user_id: str, checklist_data: dict):
+    """
+    Save or update checklist data for a specific user
+    
+    This endpoint saves the checklist data to the database. It calculates
+    compliance metrics and updates the timestamp.
+    
+    Args:
+        user_id: Unique identifier for the user
+        checklist_data: The checklist data to save
+        
+    Returns:
+        ChecklistResponse confirming the save operation
+        
+    Raises:
+        HTTPException: If database operation fails
+    """
+    try:
+        logger.info(f"Saving checklist for user: {user_id}")
+        
+        # Use the dictionary directly (already converted from JSON)
+        checklist_dict = checklist_data.copy()
+        
+        # Calculate compliance metrics
+        metrics = calculate_checklist_metrics(checklist_dict)
+        checklist_dict.update(metrics)
+        
+        # Update timestamps
+        checklist_dict['updatedAt'] = datetime.utcnow()
+        
+        # Always create a new checklist session (don't update existing)
+        # Add a unique session ID to make each save unique
+        session_id = f"{user_id}-{datetime.utcnow().strftime('%Y%m%d-%H%M%S')}"
+        checklist_dict['sessionId'] = session_id
+        
+        # Remove _id if it exists to let MongoDB generate a new one
+        if '_id' in checklist_dict:
+            del checklist_dict['_id']
+        
+        # Insert as a new document (always create new session)
+        result = await db.checklists.insert_one(checklist_dict)
+        
+        if result.inserted_id:
+            logger.info(f"Created new checklist session for user {user_id}")
+            message = "Checklist session created successfully"
+        else:
+            logger.error(f"Failed to create checklist for user {user_id}")
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="Failed to save checklist"
+            )
+        
+        # Retrieve the newly created checklist
+        created_checklist = await db.checklists.find_one({"_id": result.inserted_id})
+        serialized_checklist = serialize_checklist(created_checklist)
+        
+        return ChecklistResponse(
+            success=True,
+            data=serialized_checklist,  # Return as dict instead of Pydantic model
+            message=message
+        )
+        
+    except Exception as e:
+        logger.error(f"Error saving checklist for user {user_id}: {e}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Failed to save checklist: {str(e)}"
+        )
+
+@app.get("/api/checklists/by-user/{user_name}", response_model=Dict[str, Any])
+async def get_checklists_by_user_name(user_name: str):
+    """
+    Retrieve all checklists for a specific user name
+    
+    Args:
+        user_name: The name of the user to retrieve checklists for
+        
+    Returns:
+        Dictionary containing list of checklists for the user
+        
+    Raises:
+        HTTPException: If database operation fails
+    """
+    try:
+        logger.info(f"Retrieving checklists for user: {user_name}")
+        
+        # Find all checklists where metadata.userName matches
+        cursor = db.checklists.find({"metadata.userName": user_name})
+        checklists = []
+        
+        async for checklist_doc in cursor:
+            serialized_checklist = serialize_checklist(checklist_doc)
+            checklists.append(serialized_checklist)
+        
+        return {
+            "success": True,
+            "data": checklists,
+            "count": len(checklists),
+            "user_name": user_name
+        }
+        
+    except Exception as e:
+        logger.error(f"Error retrieving checklists for user {user_name}: {e}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Failed to retrieve checklists for user: {str(e)}"
+        )
+
+@app.get("/api/checklists", response_model=Dict[str, Any])
+async def get_all_checklists():
+    """
+    Retrieve all checklists (admin endpoint)
+    
+    This endpoint returns all checklists in the database. It's intended for
+    administrative purposes and should be protected with proper authentication
+    in a production environment.
+    
+    Returns:
+        Dictionary containing list of all checklists
+        
+    Raises:
+        HTTPException: If database operation fails
+    """
+    try:
+        logger.info("Retrieving all checklists")
+        
+        # Find all checklists
+        cursor = db.checklists.find({})
+        checklists = []
+        
+        async for checklist_doc in cursor:
+            serialized_checklist = serialize_checklist(checklist_doc)
+            checklists.append(serialized_checklist)
+        
+        return {
+            "success": True,
+            "data": checklists,
+            "count": len(checklists),
+            "message": f"Retrieved {len(checklists)} checklists"
+        }
+        
+    except Exception as e:
+        logger.error(f"Error retrieving all checklists: {e}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Failed to retrieve checklists: {str(e)}"
+        )
+
+# =============================================================================
+# ERROR HANDLERS
+# =============================================================================
+
+@app.exception_handler(HTTPException)
+async def http_exception_handler(request, exc):
+    """Handle HTTP exceptions with consistent error format"""
+    logger.error(f"HTTP Exception: {exc.detail}")
+    return JSONResponse(
+        status_code=exc.status_code,
+        content={
+            "success": False,
+            "error": exc.detail,
+            "status_code": exc.status_code
+        }
+    )
+
+@app.exception_handler(Exception)
+async def general_exception_handler(request, exc):
+    """Handle general exceptions with logging"""
+    logger.error(f"Unhandled exception: {exc}", exc_info=True)
+    return JSONResponse(
+        status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+        content={
+            "success": False,
+            "error": "Internal server error",
+            "detail": str(exc) if os.getenv("DEBUG", "false").lower() == "true" else "An unexpected error occurred"
+        }
+    )
+
+# =============================================================================
+# MAIN EXECUTION
+# =============================================================================
+
+if __name__ == "__main__":
+    """
+    Main execution block for running the server
+    
+    This block is executed when the script is run directly (not imported).
+    It starts the Uvicorn ASGI server with the configured settings.
+    """
+    import uvicorn
+    
+    logger.info("Starting FastAPI server...")
+    
+    # Run the server
+    uvicorn.run(
+        "app:app",  # Changed from "main:app" to "app:app" for HF Spaces
+        host="0.0.0.0",
+        port=PORT,
+        reload=False,  # Disable auto-reload for production deployment
+        log_level="info"
+    )

requirements.txt

@@ -0,0 +1,20 @@
+# FastAPI and related dependencies
+fastapi==0.104.1
+uvicorn[standard]==0.24.0
+pydantic==2.5.0
+
+# MongoDB integration
+motor==3.3.2  # Async MongoDB driver
+pymongo==4.6.0  # MongoDB driver
+
+# Environment variables
+python-dotenv==1.0.0
+
+# CORS middleware
+python-multipart==0.0.6
+
+# Date/time handling
+python-dateutil==2.8.2
+
+# Additional utilities
+httpx==0.25.2  # For making HTTP requests if needed