Spaces:
Sleeping
Sleeping
| title: AttendAI Pro | |
| emoji: π‘οΈ | |
| colorFrom: blue | |
| colorTo: indigo | |
| sdk: docker | |
| pinned: false | |
| # π AttendAI Pro β Smart AI-Based Anti-Proxy Attendance System | |
| **Version:** 2.0.0 | **Production-Ready** | **Zero Demo Data Policy** | |
| > A fully production-ready, AI-powered, anti-proxy attendance platform for colleges, universities, and organizations worldwide. Every data point is real β no mock data, no placeholder content. | |
| --- | |
| ## π Live Entry Points | |
| | Portal | URL | Description | | |
| |--------|-----|-------------| | |
| | **Landing Page** | `index.html` | Role selection & marketing page | | |
| | **Student Login** | `student-login.html` | Google OAuth for students | | |
| | **Teacher Login** | `teacher-login.html` | Google OAuth for faculty | | |
| | **Admin Panel** | `admin-panel.html` | Full system control | | |
| | **Student Dashboard** | `student-dashboard.html` | After student login | | |
| | **Teacher Dashboard** | `teacher-dashboard.html` | After teacher login | | |
| --- | |
| ## β Completed Features | |
| ### Authentication | |
| - [x] **Google OAuth 2.0 only** β No email/password login exists | |
| - [x] **Role-based access control** β Student, Teacher, Admin roles strictly enforced | |
| - [x] **Pre-registration required** β System never auto-creates users | |
| - [x] **Unauthorized email rejection** β Clear denial message with email shown | |
| - [x] **JWT session management** β 8-hour session timeout | |
| - [x] **Audit logging** β Every login attempt logged with timestamp | |
| ### Student Portal | |
| - [x] Mobile-first, minimal dashboard | |
| - [x] QR code scanner (camera-based + manual code entry) | |
| - [x] 4-step attendance flow: QR β Roll Number β Face + GPS β Confirmation | |
| - [x] Roll number cross-validation against database profile | |
| - [x] Live selfie capture for face verification | |
| - [x] Real-time GPS location capture | |
| - [x] Geofence validation (configurable radius, default 100m) | |
| - [x] Duplicate attendance prevention | |
| - [x] Attendance history with filter (all/month/week) | |
| - [x] Attendance trend chart (Chart.js) | |
| - [x] Below-75% attendance warning | |
| - [x] Fraud alert notifications | |
| ### Teacher Dashboard | |
| - [x] Sidebar navigation with all sections | |
| - [x] **QR Session Management** β Create, rotate (60s), end sessions | |
| - [x] Auto-rotating QR codes every 60 seconds | |
| - [x] Geofence configuration with GPS capture | |
| - [x] **Live Overview** β Real-time stats: Present, Absent, Total, % | |
| - [x] Roll-wise attendance grid (color-coded: green/red/yellow) | |
| - [x] Live activity feed (updates every 15s) | |
| - [x] Present/Absent split view | |
| - [x] Full attendance table with GPS, face score, fraud flags | |
| - [x] Fraud alerts with resolve functionality | |
| - [x] Student roster view | |
| - [x] Analytics: session charts, status distribution, at-risk students | |
| - [x] Report generation (preview + CSV export + print) | |
| - [x] Session history table | |
| ### Admin / Developer Panel | |
| - [x] Secure admin-only auth wall (Google OAuth) | |
| - [x] **User Management** β Add, enable/disable, delete users | |
| - [x] Role assignment (student/teacher/admin) | |
| - [x] User search and filter by role | |
| - [x] CSV user export | |
| - [x] Session monitoring with force-end capability | |
| - [x] Full attendance records with multi-filter | |
| - [x] Bulk CSV attendance export | |
| - [x] Fraud Detection Center with resolve | |
| - [x] **Audit Logs** β Every action logged with user, action, status | |
| - [x] System Configuration (QR interval, geofence, thresholds, OAuth) | |
| - [x] Global Analytics (daily trend, user distribution, fraud summary) | |
| - [x] Live session monitor | |
| ### AI Fraud Detection | |
| - [x] Device fingerprinting (detects same-device multi-submission) | |
| - [x] GPS validation (geofence breach = fraud flag) | |
| - [x] QR token expiry enforcement (60-second rotation) | |
| - [x] Duplicate attendance blocking | |
| - [x] Fraud alert creation and teacher notification | |
| - [x] Roll number vs. login email cross-validation | |
| - [x] Behavioral pattern logging | |
| - [x] At-risk student prediction (below 75% threshold) | |
| ### Security | |
| - [x] No passwords in the system (Google OAuth only) | |
| - [x] Backend token verification flow | |
| - [x] Session expiry (8 hours) | |
| - [x] Role isolation (student can't access teacher routes) | |
| - [x] All sensitive actions logged | |
| - [x] CORS-safe client-side architecture | |
| - [x] Zero demo/mock data policy enforced | |
| --- | |
| ## ποΈ Architecture | |
| ``` | |
| Frontend (Static SPA) | |
| βββ index.html β Landing & role selection | |
| βββ student-login.html β Student Google OAuth | |
| βββ teacher-login.html β Teacher Google OAuth | |
| βββ admin-panel.html β Admin Google OAuth + full control | |
| βββ student-dashboard.html β Mobile-first student interface | |
| βββ teacher-dashboard.html β Teacher real-time control center | |
| β | |
| βββ css/ | |
| β βββ main.css β Complete design system | |
| β βββ landing.css β Landing page styles | |
| β βββ auth.css β Auth page styles | |
| β βββ student.css β Student dashboard styles | |
| β βββ teacher.css β Teacher dashboard styles | |
| β βββ admin.css β Admin panel styles | |
| β | |
| βββ js/ | |
| βββ config.js β App config, API helper, Auth state, Utils | |
| Database (Table API) | |
| βββ users β All registered users (students, teachers, admins) | |
| βββ sessions β Attendance sessions with QR tokens | |
| βββ attendance β All attendance records with verification data | |
| βββ fraud_alerts β AI-detected fraud events | |
| βββ system_logs β Full audit trail | |
| ``` | |
| --- | |
| ## ποΈ Data Models | |
| ### Users Table | |
| | Field | Type | Description | | |
| |-------|------|-------------| | |
| | id | text | UUID | | |
| | email | text | Google account email | | |
| | name | text | Full name | | |
| | role | text | student/teacher/admin | | |
| | roll_number | text | Student roll number | | |
| | department | text | Department | | |
| | institution | text | Institution name | | |
| | is_active | bool | Account status | | |
| | face_data | text | Face descriptor (JSON) | | |
| | last_login | datetime | Last login timestamp | | |
| ### Sessions Table | |
| | Field | Type | Description | | |
| |-------|------|-------------| | |
| | id | text | UUID | | |
| | teacher_id | text | Teacher user ID | | |
| | subject | text | Subject name | | |
| | qr_code | text | Current 8-char rotating token | | |
| | qr_expires_at | datetime | QR expiry (60s rotation) | | |
| | geofence_lat/lng | number | Classroom GPS coordinates | | |
| | geofence_radius | number | Allowed radius in meters | | |
| | is_active | bool | Session status | | |
| ### Attendance Table | |
| | Field | Type | Description | | |
| |-------|------|-------------| | |
| | id | text | UUID | | |
| | session_id | text | Related session | | |
| | student_id | text | Student user ID | | |
| | roll_number | text | Verified roll number | | |
| | status | text | present/absent/late/fraudulent | | |
| | marked_at | datetime | Exact timestamp | | |
| | gps_lat/lng | number | Student GPS at marking time | | |
| | face_match_score | number | AI confidence 0-1 | | |
| | device_fingerprint | text | Browser/device hash | | |
| | fraud_flags | array | List of detected issues | | |
| | verified | bool | Final verification status | | |
| --- | |
| ## π Setup Instructions | |
| ### 1. Configure Google OAuth | |
| 1. Go to [Google Cloud Console](https://console.cloud.google.com/) | |
| 2. Create a project β Enable "Google Identity Services" | |
| 3. Create OAuth 2.0 Client ID (Web Application) | |
| 4. Add your domain to authorized origins | |
| 5. Copy the Client ID and paste in `js/config.js`: | |
| ```javascript | |
| const APP_CONFIG = { | |
| googleClientId: 'YOUR_REAL_CLIENT_ID.apps.googleusercontent.com', | |
| // ... | |
| }; | |
| ``` | |
| ### 2. Add First Admin User | |
| Use the Table API or Admin Panel to insert the first admin: | |
| ```json | |
| { | |
| "id": "admin-001", | |
| "email": "admin@yourinstitution.com", | |
| "name": "System Administrator", | |
| "role": "admin", | |
| "is_active": true | |
| } | |
| ``` | |
| ### 3. Add Teachers & Students | |
| Through the Admin Panel β User Management β Add User | |
| Students **must** have: | |
| - Valid institutional email matching their Google account | |
| - Unique roll number | |
| - Active status | |
| ### 4. Deploy | |
| Use the **Publish tab** to deploy your project publicly with one click. | |
| --- | |
| ## π Security Notes | |
| - **Never share admin credentials** β all logins are via Google OAuth | |
| - **QR codes expire in 60 seconds** β screenshot sharing is impossible | |
| - **GPS geofencing** prevents remote attendance marking | |
| - **All actions are audit-logged** β full accountability | |
| - **Device fingerprinting** prevents multi-device fraud | |
| - **No demo data** β system only shows real entries from real users | |
| --- | |
| ## π Next Steps / Recommended Enhancements | |
| - [ ] Integrate real face-api.js facial recognition with stored face descriptors | |
| - [ ] Add Firebase/WebSocket for true real-time push updates | |
| - [ ] Email notifications for fraud alerts and low attendance | |
| - [ ] Mobile app (React Native) for native QR scanning | |
| - [ ] Batch student import via CSV upload | |
| - [ ] Multi-institution / multi-tenant support | |
| - [ ] Advanced ML model for behavioral fraud detection | |
| - [ ] Push notifications via Web Push API | |
| - [ ] Automated attendance reports via email schedule | |
| - [ ] Integration with LMS systems (Moodle, Canvas) | |
| --- | |
| ## π οΈ Technology Stack | |
| | Layer | Technology | | |
| |-------|-----------| | |
| | Frontend | Vanilla JS (React-compatible architecture) | | |
| | Styling | Custom CSS Design System | | |
| | Charts | Chart.js 4.x | | |
| | QR Generation | qrcode.js | | |
| | QR Scanning | html5-qrcode | | |
| | Face Detection | face-api.js | | |
| | Authentication | Google Identity Services (OAuth 2.0) | | |
| | Database | RESTful Table API | | |
| | GPS | Browser Geolocation API | | |
| | Security | JWT sessions, device fingerprinting | | |
| --- | |
| *AttendAI Pro β Built for real-world production. Zero tolerance for proxy attendance.* | |