Setup

.gitignore

@@ -0,0 +1,46 @@
+# Environment variables
+.env
+
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+env/
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+*.egg-info/
+.installed.cfg
+*.egg
+
+# Virtual Environment
+venv/
+ENV/
+
+# IDE specific files
+.idea/
+.vscode/
+*.swp
+*.swo
+
+# Logs
+logs/
+*.log
+
+# OS specific
+.DS_Store
+Thumbs.db
+
+# Uploaded files and temporary files
+uploads/
+tmp/ 

Dockerfile

@@ -0,0 +1,34 @@
+FROM python:3.10-slim
+
+WORKDIR /app
+
+# Install system dependencies including Tesseract
+RUN apt-get update && apt-get install -y \
+    tesseract-ocr \
+    libmagic1 \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Copy requirements file and install Python dependencies
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy application code
+COPY . .
+
+# Create a .env file if not mounted externally (using env vars from compose)
+RUN if [ ! -f .env ]; then \
+    echo "Creating default .env file" \
+    && touch .env; \
+    fi
+
+# Set environment variables
+ENV FLASK_APP=app.py
+ENV FLASK_ENV=production
+ENV PYTHONUNBUFFERED=1
+
+# Expose port for Flask
+EXPOSE 5000
+
+# Run the application
+CMD ["gunicorn", "--bind", "0.0.0.0:5000", "app:app"] 

README.md

@@ -8,3 +8,90 @@ pinned: false
 ---
 
 Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
+
+# Enflow Backend API
+
+Enflow (Enforcement Workflow) Backend API that allows law enforcement agencies to build, maintain, and use workflows that automate tasks based on officers' daily logs.
+
+## Setup Instructions
+
+### Prerequisites
+
+- Python 3.10 or newer
+- Docker and Docker Compose (optional, for containerized deployment)
+- MongoDB (we're using MongoDB Atlas in the current setup)
+
+### Environment Setup
+
+1. Clone the repository
+2. Create a `.env` file in the backend directory with the following variables:
+   ```
+   MONGO_URI=your_mongodb_connection_string
+   JWT_SECRET=your_jwt_secret
+   CLOUDINARY_CLOUD_NAME=your_cloudinary_cloud_name
+   CLOUDINARY_API_KEY=your_cloudinary_api_key
+   CLOUDINARY_API_SECRET=your_cloudinary_api_secret
+   OPENAI_API_KEY=your_openai_api_key
+   FLASK_ENV=development
+   ```
+
+### Local Development
+
+1. Create and activate a virtual environment:
+   ```
+   python -m venv venv
+   source venv/bin/activate  # On Windows: venv\Scripts\activate
+   ```
+
+2. Install dependencies:
+   ```
+   pip install -r requirements.txt
+   ```
+
+3. Run the application:
+   ```
+   python app.py
+   ```
+
+4. The API will be available at http://localhost:5000
+
+### Docker Deployment
+
+1. Build and start the containers:
+   ```
+   docker-compose up -d
+   ```
+
+2. The API will be available at http://localhost:5000
+
+## API Documentation
+
+### Department Endpoints
+
+- `POST /api/departments` - Create a new department with its first admin user
+- `GET /api/departments` - Get all departments (requires authentication)
+- `GET /api/departments/{department_id}` - Get department by ID (requires authentication)
+- `PUT /api/departments/{department_id}` - Update department details (requires admin)
+- `DELETE /api/departments/{department_id}` - Delete a department (requires admin)
+- `GET /api/departments/{department_id}/members` - Get all members of a department (requires authentication)
+- `POST /api/departments/{department_id}/members` - Add a member to a department (requires admin)
+- `POST /api/departments/{department_id}/members/csv` - Add multiple members via CSV upload (requires admin)
+- `DELETE /api/departments/{department_id}/members/{user_id}` - Remove a member from a department (requires admin)
+- `PUT /api/departments/{department_id}/members/{user_id}/permissions` - Update a member's permissions (requires admin)
+
+### Testing
+
+To test the department creation functionality, run:
+
+```
+python test_department.py
+```
+
+## Project Structure
+
+- `app.py` - Main Flask application
+- `db.py` - Database connection and utilities
+- `models/` - Data models
+- `controllers/` - Controller functions
+- `routes/` - API route definitions
+- `utils/` - Utility functions and middleware

app.py

@@ -0,0 +1,88 @@
+import os
+from flask import Flask, jsonify, request
+from flask_cors import CORS
+from dotenv import load_dotenv
+import logging
+from logging.handlers import RotatingFileHandler
+import pymongo
+import cloudinary
+import cloudinary.uploader
+
+# Import routes
+from routes.department_routes import department_bp
+
+# Load environment variables
+load_dotenv()
+
+# Create Flask app
+app = Flask(__name__)
+app.config['SECRET_KEY'] = os.environ.get('JWT_SECRET')
+app.config['MONGO_URI'] = os.environ.get('MONGO_URI')
+
+# Configure Cloudinary
+cloudinary.config(
+    cloud_name=os.environ.get('CLOUDINARY_CLOUD_NAME'),
+    api_key=os.environ.get('CLOUDINARY_API_KEY'),
+    api_secret=os.environ.get('CLOUDINARY_API_SECRET')
+)
+
+# Enable CORS
+CORS(app)
+
+# Register blueprints
+app.register_blueprint(department_bp, url_prefix='/api/departments')
+# Other blueprints will be registered later
+
+# Create uploads directory if it doesn't exist
+if not os.path.exists('uploads'):
+    os.makedirs('uploads')
+app.config['UPLOAD_FOLDER'] = 'uploads'
+
+# Error handler
+@app.errorhandler(Exception)
+def handle_exception(e):
+    app.logger.error(f"Unhandled exception: {str(e)}")
+    return jsonify({"error": "An unexpected error occurred"}), 500
+
+# Root route
+@app.route('/')
+def index():
+    return jsonify({
+        "message": "Enflow API is running",
+        "version": "1.0.0"
+    })
+
+# Health check route
+@app.route('/health')
+def health_check():
+    try:
+        # Check MongoDB connection
+        from db import Database
+        db = Database.get_instance().get_db()
+        db.command('ping')
+        
+        # All checks passed
+        return jsonify({
+            "status": "healthy",
+            "mongo": "connected"
+        }), 200
+    except Exception as e:
+        app.logger.error(f"Health check failed: {str(e)}")
+        return jsonify({
+            "status": "unhealthy",
+            "error": str(e)
+        }), 500
+
+# Setup logging
+if not os.path.exists('logs'):
+    os.makedirs('logs')
+
+handler = RotatingFileHandler('logs/app.log', maxBytes=10000, backupCount=3)
+handler.setLevel(logging.INFO)
+formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
+handler.setFormatter(formatter)
+app.logger.addHandler(handler)
+app.logger.setLevel(logging.INFO)
+
+if __name__ == '__main__':
+    app.run(host='0.0.0.0', port=5000, debug=os.environ.get('FLASK_ENV') == 'development') 

controllers/__init__.py

@@ -0,0 +1 @@
+# Controllers package initialization 

controllers/department_controller.py

@@ -0,0 +1,321 @@
+from flask import jsonify, request
+from models.department import Department
+from models.user import User
+import csv
+import io
+import bcrypt
+import random
+import string
+import logging
+
+# Configure logging
+logger = logging.getLogger(__name__)
+
+def generate_random_password(length=12):
+    """Generate a random password"""
+    characters = string.ascii_letters + string.digits
+    return ''.join(random.choice(characters) for _ in range(length))
+
+def create_department():
+    """Create a new department with its first admin user"""
+    data = request.get_json()
+    
+    # Check if required fields are present
+    required_fields = ['name', 'address', 'website', 'admin_email', 'admin_name', 'admin_password']
+    for field in required_fields:
+        if field not in data:
+            return jsonify({'message': f'Missing required field: {field}'}), 400
+    
+    # Check if department with this name already exists
+    existing_department = Department.find_by_name(data['name'])
+    if existing_department:
+        return jsonify({'message': 'Department with this name already exists'}), 400
+    
+    # Check if user with this email already exists
+    existing_user = User.find_by_email(data['admin_email'])
+    if existing_user:
+        return jsonify({'message': 'User with this email already exists'}), 400
+    
+    try:
+        # Create department
+        department = Department(
+            name=data['name'],
+            address=data['address'],
+            website=data['website']
+        )
+        department.save()
+        
+        # Create admin user
+        hashed_password = User.hash_password(data['admin_password'])
+        admin_user = User(
+            email=data['admin_email'],
+            name=data['admin_name'],
+            password=hashed_password,
+            permissions='Admin',
+            position=data.get('admin_position', 'Administrator'),
+            department_id=department._id
+        )
+        admin_user.save()
+        
+        # Add admin to department members
+        department.add_member(admin_user._id)
+        
+        # Return success response
+        return jsonify({
+            'message': 'Department and admin user created successfully',
+            'department': department.to_dict(),
+            'admin_user': admin_user.to_dict()
+        }), 201
+        
+    except Exception as e:
+        logger.error(f"Error creating department: {str(e)}")
+        return jsonify({'message': f'Error creating department: {str(e)}'}), 500
+
+def get_department(department_id):
+    """Get department by ID"""
+    department = Department.find_by_id(department_id)
+    if not department:
+        return jsonify({'message': 'Department not found'}), 404
+    
+    return jsonify({'department': department.to_dict()}), 200
+
+def update_department(department_id):
+    """Update department details"""
+    department = Department.find_by_id(department_id)
+    if not department:
+        return jsonify({'message': 'Department not found'}), 404
+    
+    data = request.get_json()
+    
+    # Update fields if provided
+    if 'name' in data:
+        department.name = data['name']
+    if 'address' in data:
+        department.address = data['address']
+    if 'website' in data:
+        department.website = data['website']
+    
+    # Save changes
+    if department.save():
+        return jsonify({'message': 'Department updated successfully', 'department': department.to_dict()}), 200
+    else:
+        return jsonify({'message': 'Failed to update department'}), 500
+
+def delete_department(department_id):
+    """Delete a department"""
+    department = Department.find_by_id(department_id)
+    if not department:
+        return jsonify({'message': 'Department not found'}), 404
+    
+    # Delete all users in the department
+    users = User.find_by_department(department_id)
+    for user in users:
+        user.delete()
+    
+    # Delete the department
+    if department.delete():
+        return jsonify({'message': 'Department and all its users deleted successfully'}), 200
+    else:
+        return jsonify({'message': 'Failed to delete department'}), 500
+
+def get_all_departments():
+    """Get all departments"""
+    departments = Department.get_all()
+    return jsonify({'departments': [department.to_dict() for department in departments]}), 200
+
+def add_members_csv(department_id):
+    """Add multiple members to a department using CSV upload"""
+    department = Department.find_by_id(department_id)
+    if not department:
+        return jsonify({'message': 'Department not found'}), 404
+    
+    if 'file' not in request.files:
+        return jsonify({'message': 'No file part'}), 400
+    
+    file = request.files['file']
+    if file.filename == '':
+        return jsonify({'message': 'No selected file'}), 400
+    
+    if file and file.filename.endswith('.csv'):
+        try:
+            # Read CSV data
+            csv_data = file.read().decode('utf-8')
+            csv_reader = csv.DictReader(io.StringIO(csv_data))
+            
+            # Process each row
+            new_users = []
+            errors = []
+            
+            required_fields = ['email', 'name', 'position', 'permissions']
+            
+            for row_index, row in enumerate(csv_reader, start=1):
+                # Check if all required fields are present
+                missing_fields = [field for field in required_fields if field not in row or not row[field]]
+                
+                if missing_fields:
+                    errors.append(f"Row {row_index}: Missing required fields: {', '.join(missing_fields)}")
+                    continue
+                
+                # Check if user already exists
+                if User.find_by_email(row['email']):
+                    errors.append(f"Row {row_index}: User with email {row['email']} already exists")
+                    continue
+                
+                # Check if permissions are valid
+                if row['permissions'] not in ['Admin', 'User']:
+                    row['permissions'] = 'User'  # Default to User if invalid
+                
+                # Generate random password
+                password = generate_random_password()
+                hashed_password = User.hash_password(password)
+                
+                # Create new user
+                user = User(
+                    email=row['email'],
+                    name=row['name'],
+                    password=hashed_password,
+                    permissions=row['permissions'],
+                    position=row['position'],
+                    department_id=department._id
+                )
+                
+                if user.save():
+                    # Add user to department
+                    department.add_member(user._id)
+                    
+                    # Store for response (including the raw password)
+                    user_dict = user.to_dict()
+                    user_dict['raw_password'] = password
+                    new_users.append(user_dict)
+                else:
+                    errors.append(f"Row {row_index}: Failed to save user {row['email']}")
+            
+            # Return results
+            return jsonify({
+                'message': f"Processed {len(new_users)} new users with {len(errors)} errors",
+                'new_users': new_users,
+                'errors': errors
+            }), 200
+            
+        except Exception as e:
+            logger.error(f"Error processing CSV: {str(e)}")
+            return jsonify({'message': f'Error processing CSV: {str(e)}'}), 500
+    else:
+        return jsonify({'message': 'File must be a CSV'}), 400
+
+def add_member(department_id):
+    """Add a single member to a department"""
+    department = Department.find_by_id(department_id)
+    if not department:
+        return jsonify({'message': 'Department not found'}), 404
+    
+    data = request.get_json()
+    
+    # Check if required fields are present
+    required_fields = ['email', 'name', 'position', 'permissions']
+    for field in required_fields:
+        if field not in data:
+            return jsonify({'message': f'Missing required field: {field}'}), 400
+    
+    # Check if user already exists
+    if User.find_by_email(data['email']):
+        return jsonify({'message': 'User with this email already exists'}), 400
+    
+    # Check if permissions are valid
+    if data['permissions'] not in ['Admin', 'User']:
+        data['permissions'] = 'User'  # Default to User if invalid
+    
+    try:
+        # Generate random password if not provided
+        password = data.get('password', generate_random_password())
+        hashed_password = User.hash_password(password)
+        
+        # Create new user
+        user = User(
+            email=data['email'],
+            name=data['name'],
+            password=hashed_password,
+            permissions=data['permissions'],
+            position=data['position'],
+            department_id=department._id
+        )
+        
+        if user.save():
+            # Add user to department
+            department.add_member(user._id)
+            
+            # Return the raw password in the response
+            user_dict = user.to_dict()
+            user_dict['raw_password'] = password
+            
+            return jsonify({
+                'message': 'User added successfully',
+                'user': user_dict
+            }), 201
+        else:
+            return jsonify({'message': 'Failed to save user'}), 500
+            
+    except Exception as e:
+        logger.error(f"Error adding member: {str(e)}")
+        return jsonify({'message': f'Error adding member: {str(e)}'}), 500
+
+def get_department_members(department_id):
+    """Get all members of a department"""
+    department = Department.find_by_id(department_id)
+    if not department:
+        return jsonify({'message': 'Department not found'}), 404
+    
+    users = User.find_by_department(department_id)
+    return jsonify({'members': [user.to_dict() for user in users]}), 200
+
+def remove_member(department_id, user_id):
+    """Remove a member from a department"""
+    department = Department.find_by_id(department_id)
+    if not department:
+        return jsonify({'message': 'Department not found'}), 404
+    
+    user = User.find_by_id(user_id)
+    if not user:
+        return jsonify({'message': 'User not found'}), 404
+    
+    # Check if user belongs to the department
+    if str(user.department_id) != str(department._id):
+        return jsonify({'message': 'User does not belong to this department'}), 400
+    
+    # Remove user from department
+    if department.remove_member(user_id) and user.delete():
+        return jsonify({'message': 'User removed successfully'}), 200
+    else:
+        return jsonify({'message': 'Failed to remove user'}), 500
+
+def update_member_permissions(department_id, user_id):
+    """Update a member's permissions"""
+    department = Department.find_by_id(department_id)
+    if not department:
+        return jsonify({'message': 'Department not found'}), 404
+    
+    user = User.find_by_id(user_id)
+    if not user:
+        return jsonify({'message': 'User not found'}), 404
+    
+    # Check if user belongs to the department
+    if str(user.department_id) != str(department._id):
+        return jsonify({'message': 'User does not belong to this department'}), 400
+    
+    data = request.get_json()
+    
+    # Check if permissions are provided
+    if 'permissions' not in data:
+        return jsonify({'message': 'Permissions not provided'}), 400
+    
+    # Check if permissions are valid
+    if data['permissions'] not in ['Admin', 'User']:
+        return jsonify({'message': 'Invalid permissions. Must be "Admin" or "User"'}), 400
+    
+    # Update permissions
+    user.permissions = data['permissions']
+    
+    if user.save():
+        return jsonify({'message': 'User permissions updated successfully', 'user': user.to_dict()}), 200
+    else:
+        return jsonify({'message': 'Failed to update user permissions'}), 500 

db.py

@@ -0,0 +1,64 @@
+import os
+import logging
+from pymongo import MongoClient
+from dotenv import load_dotenv
+
+# Load environment variables
+load_dotenv()
+
+# Set up logging
+logger = logging.getLogger(__name__)
+
+class Database:
+    _instance = None
+    
+    @classmethod
+    def get_instance(cls):
+        if cls._instance is None:
+            cls._instance = cls()
+        return cls._instance
+    
+    def __init__(self):
+        if Database._instance is not None:
+            raise Exception("This class is a singleton!")
+        
+        self.mongo_uri = os.environ.get('MONGO_URI')
+        if not self.mongo_uri:
+            logger.error("MONGO_URI environment variable not set")
+            raise ValueError("MONGO_URI environment variable not set")
+        
+        try:
+            self.client = MongoClient(self.mongo_uri)
+            self.db = self.client['enflow']
+            logger.info("Connected to MongoDB successfully")
+        except Exception as e:
+            logger.error(f"Error connecting to MongoDB: {str(e)}")
+            raise
+    
+    def get_db(self):
+        return self.db
+    
+    def close(self):
+        if hasattr(self, 'client'):
+            self.client.close()
+            logger.info("MongoDB connection closed")
+
+# Helper functions to get collections
+def get_collection(collection_name):
+    db = Database.get_instance().get_db()
+    return db[collection_name]
+
+def get_users_collection():
+    return get_collection('users')
+
+def get_departments_collection():
+    return get_collection('departments')
+
+def get_workflows_collection():
+    return get_collection('workflows')
+
+def get_logs_collection():
+    return get_collection('logs')
+
+def get_incidents_collection():
+    return get_collection('incidents') 

docker-compose.yml

@@ -0,0 +1,25 @@
+version: '3.8'
+
+services:
+  app:
+    build: .
+    ports:
+      - "5000:5000"
+    volumes:
+      - .:/app
+    env_file:
+      - .env
+    depends_on:
+      - redis
+    restart: unless-stopped
+
+  redis:
+    image: redis:7-alpine
+    ports:
+      - "6379:6379"
+    volumes:
+      - redis_data:/data
+    restart: unless-stopped
+
+volumes:
+  redis_data: 

models/__init__.py

@@ -0,0 +1,7 @@
+from models.user import User
+from models.department import Department
+from models.workflow import Workflow
+from models.log import Log
+from models.incident import Incident
+
+__all__ = ['User', 'Department', 'Workflow', 'Log', 'Incident'] 

models/department.py

@@ -0,0 +1,127 @@
+from bson import ObjectId
+from datetime import datetime
+from db import get_departments_collection
+
+class Department:
+    def __init__(self, name, address, website, members=None, workflows=None, _id=None, created_at=None, updated_at=None):
+        self.name = name
+        self.address = address
+        self.website = website
+        self.members = members or []
+        self.workflows = workflows or []
+        self._id = _id
+        self.created_at = created_at or datetime.now()
+        self.updated_at = updated_at or datetime.now()
+    
+    def to_dict(self):
+        """Convert instance to dictionary"""
+        department_dict = {
+            "name": self.name,
+            "address": self.address,
+            "website": self.website,
+            "members": [str(member_id) for member_id in self.members],
+            "workflows": [str(workflow_id) for workflow_id in self.workflows],
+            "created_at": self.created_at,
+            "updated_at": self.updated_at
+        }
+        if self._id:
+            department_dict["_id"] = str(self._id)
+        return department_dict
+    
+    @classmethod
+    def from_dict(cls, department_dict):
+        """Create instance from dictionary"""
+        if "_id" in department_dict and department_dict["_id"]:
+            department_dict["_id"] = ObjectId(department_dict["_id"]) if isinstance(department_dict["_id"], str) else department_dict["_id"]
+        
+        # Convert string IDs to ObjectIds for members and workflows
+        if "members" in department_dict and department_dict["members"]:
+            department_dict["members"] = [ObjectId(member_id) if isinstance(member_id, str) else member_id for member_id in department_dict["members"]]
+        
+        if "workflows" in department_dict and department_dict["workflows"]:
+            department_dict["workflows"] = [ObjectId(workflow_id) if isinstance(workflow_id, str) else workflow_id for workflow_id in department_dict["workflows"]]
+        
+        return cls(**department_dict)
+    
+    def save(self):
+        """Save department to database"""
+        departments_collection = get_departments_collection()
+        department_dict = self.to_dict()
+        
+        if self._id:
+            # Update existing department
+            department_dict["updated_at"] = datetime.now()
+            result = departments_collection.update_one(
+                {"_id": ObjectId(self._id)},
+                {"$set": department_dict}
+            )
+            return result.modified_count > 0
+        else:
+            # Insert new department
+            department_dict["created_at"] = datetime.now()
+            department_dict["updated_at"] = datetime.now()
+            result = departments_collection.insert_one(department_dict)
+            self._id = result.inserted_id
+            return result.acknowledged
+    
+    @classmethod
+    def find_by_id(cls, department_id):
+        """Find department by ID"""
+        departments_collection = get_departments_collection()
+        department_data = departments_collection.find_one({"_id": ObjectId(department_id)})
+        if department_data:
+            return cls.from_dict(department_data)
+        return None
+    
+    @classmethod
+    def find_by_name(cls, name):
+        """Find department by name"""
+        departments_collection = get_departments_collection()
+        department_data = departments_collection.find_one({"name": name})
+        if department_data:
+            return cls.from_dict(department_data)
+        return None
+    
+    @classmethod
+    def get_all(cls):
+        """Get all departments"""
+        departments_collection = get_departments_collection()
+        departments_data = departments_collection.find()
+        return [cls.from_dict(department_data) for department_data in departments_data]
+    
+    def delete(self):
+        """Delete department from database"""
+        if not self._id:
+            return False
+        
+        departments_collection = get_departments_collection()
+        result = departments_collection.delete_one({"_id": ObjectId(self._id)})
+        return result.deleted_count > 0
+    
+    def add_member(self, user_id):
+        """Add a member to department"""
+        if user_id not in self.members:
+            self.members.append(ObjectId(user_id))
+            return self.save()
+        return True
+    
+    def remove_member(self, user_id):
+        """Remove a member from department"""
+        if ObjectId(user_id) in self.members:
+            self.members.remove(ObjectId(user_id))
+            return self.save()
+        return True
+    
+    def add_workflow(self, workflow_id):
+        """Add a workflow to department"""
+        if workflow_id not in self.workflows:
+            self.workflows.append(ObjectId(workflow_id))
+            return self.save()
+        return True
+    
+    def remove_workflow(self, workflow_id):
+        """Remove a workflow from department"""
+        if ObjectId(workflow_id) in self.workflows:
+            self.workflows.remove(ObjectId(workflow_id))
+            return self.save()
+        return True 

models/incident.py

@@ -0,0 +1,168 @@
+from bson import ObjectId
+from datetime import datetime
+from db import get_incidents_collection
+
+class Incident:
+    def __init__(self, department_id, user_id, workflow_id, description, incident_date, 
+                 filled_forms=None, log_id=None, activity_text=None, form_data=None, _id=None, 
+                 created_at=None, updated_at=None, processing_status="pending"):
+        self.department_id = department_id
+        self.user_id = user_id
+        self.workflow_id = workflow_id
+        self.description = description
+        self.incident_date = incident_date
+        self.filled_forms = filled_forms or []  # List of file paths to filled forms
+        self.log_id = log_id  # Source log
+        self.activity_text = activity_text  # Original text from the log that triggered this incident
+        self.form_data = form_data or {}  # Extracted data to fill forms
+        self._id = _id
+        self.created_at = created_at or datetime.now()
+        self.updated_at = updated_at or datetime.now()
+        self.processing_status = processing_status  # "pending", "processing", "completed", "failed"
+    
+    def to_dict(self):
+        """Convert instance to dictionary"""
+        incident_dict = {
+            "department_id": str(self.department_id) if self.department_id else None,
+            "user_id": str(self.user_id) if self.user_id else None,
+            "workflow_id": str(self.workflow_id) if self.workflow_id else None,
+            "description": self.description,
+            "incident_date": self.incident_date,
+            "filled_forms": self.filled_forms,
+            "log_id": str(self.log_id) if self.log_id else None,
+            "activity_text": self.activity_text,
+            "form_data": self.form_data,
+            "created_at": self.created_at,
+            "updated_at": self.updated_at,
+            "processing_status": self.processing_status
+        }
+        if self._id:
+            incident_dict["_id"] = str(self._id)
+        return incident_dict
+    
+    @classmethod
+    def from_dict(cls, incident_dict):
+        """Create instance from dictionary"""
+        if "_id" in incident_dict and incident_dict["_id"]:
+            incident_dict["_id"] = ObjectId(incident_dict["_id"]) if isinstance(incident_dict["_id"], str) else incident_dict["_id"]
+        
+        if "department_id" in incident_dict and incident_dict["department_id"]:
+            incident_dict["department_id"] = ObjectId(incident_dict["department_id"]) if isinstance(incident_dict["department_id"], str) else incident_dict["department_id"]
+        
+        if "user_id" in incident_dict and incident_dict["user_id"]:
+            incident_dict["user_id"] = ObjectId(incident_dict["user_id"]) if isinstance(incident_dict["user_id"], str) else incident_dict["user_id"]
+        
+        if "workflow_id" in incident_dict and incident_dict["workflow_id"]:
+            incident_dict["workflow_id"] = ObjectId(incident_dict["workflow_id"]) if isinstance(incident_dict["workflow_id"], str) else incident_dict["workflow_id"]
+        
+        if "log_id" in incident_dict and incident_dict["log_id"]:
+            incident_dict["log_id"] = ObjectId(incident_dict["log_id"]) if isinstance(incident_dict["log_id"], str) else incident_dict["log_id"]
+        
+        return cls(**incident_dict)
+    
+    def save(self):
+        """Save incident to database"""
+        incidents_collection = get_incidents_collection()
+        incident_dict = self.to_dict()
+        
+        if self._id:
+            # Update existing incident
+            incident_dict["updated_at"] = datetime.now()
+            result = incidents_collection.update_one(
+                {"_id": ObjectId(self._id)},
+                {"$set": incident_dict}
+            )
+            return result.modified_count > 0
+        else:
+            # Insert new incident
+            incident_dict["created_at"] = datetime.now()
+            incident_dict["updated_at"] = datetime.now()
+            result = incidents_collection.insert_one(incident_dict)
+            self._id = result.inserted_id
+            return result.acknowledged
+    
+    @classmethod
+    def find_by_id(cls, incident_id):
+        """Find incident by ID"""
+        incidents_collection = get_incidents_collection()
+        incident_data = incidents_collection.find_one({"_id": ObjectId(incident_id)})
+        if incident_data:
+            return cls.from_dict(incident_data)
+        return None
+    
+    @classmethod
+    def find_by_user(cls, user_id):
+        """Find all incidents for a user"""
+        incidents_collection = get_incidents_collection()
+        incidents_data = incidents_collection.find({"user_id": ObjectId(user_id)})
+        return [cls.from_dict(incident_data) for incident_data in incidents_data]
+    
+    @classmethod
+    def find_by_department(cls, department_id):
+        """Find all incidents for a department"""
+        incidents_collection = get_incidents_collection()
+        incidents_data = incidents_collection.find({"department_id": ObjectId(department_id)})
+        return [cls.from_dict(incident_data) for incident_data in incidents_data]
+    
+    @classmethod
+    def find_by_workflow(cls, workflow_id):
+        """Find all incidents for a workflow"""
+        incidents_collection = get_incidents_collection()
+        incidents_data = incidents_collection.find({"workflow_id": ObjectId(workflow_id)})
+        return [cls.from_dict(incident_data) for incident_data in incidents_data]
+    
+    @classmethod
+    def find_by_date_range(cls, start_date, end_date, department_id=None, user_id=None, workflow_id=None):
+        """Find incidents by date range, optionally filtered by department, user, and/or workflow"""
+        incidents_collection = get_incidents_collection()
+        query = {
+            "incident_date": {
+                "$gte": start_date,
+                "$lte": end_date
+            }
+        }
+        
+        if department_id:
+            query["department_id"] = ObjectId(department_id)
+        
+        if user_id:
+            query["user_id"] = ObjectId(user_id)
+        
+        if workflow_id:
+            query["workflow_id"] = ObjectId(workflow_id)
+        
+        incidents_data = incidents_collection.find(query)
+        return [cls.from_dict(incident_data) for incident_data in incidents_data]
+    
+    @classmethod
+    def find_by_log(cls, log_id):
+        """Find all incidents for a log"""
+        incidents_collection = get_incidents_collection()
+        incidents_data = incidents_collection.find({"log_id": ObjectId(log_id)})
+        return [cls.from_dict(incident_data) for incident_data in incidents_data]
+    
+    def delete(self):
+        """Delete incident from database"""
+        if not self._id:
+            return False
+        
+        incidents_collection = get_incidents_collection()
+        result = incidents_collection.delete_one({"_id": ObjectId(self._id)})
+        return result.deleted_count > 0
+    
+    def update_processing_status(self, status):
+        """Update incident processing status"""
+        self.processing_status = status
+        return self.save()
+    
+    def add_filled_form(self, form_path):
+        """Add a filled form to incident"""
+        if form_path not in self.filled_forms:
+            self.filled_forms.append(form_path)
+            return self.save()
+        return True
+    
+    def update_form_data(self, form_data):
+        """Update form data"""
+        self.form_data = form_data
+        return self.save() 

models/log.py

@@ -0,0 +1,150 @@
+from bson import ObjectId
+from datetime import datetime
+from db import get_logs_collection
+
+class Log:
+    def __init__(self, user_id, department_id, log_date, log_file_path, incidents=None, 
+                 _id=None, created_at=None, updated_at=None, processing_status="pending", 
+                 extracted_text=None, extracted_activities=None):
+        self.user_id = user_id
+        self.department_id = department_id
+        self.log_date = log_date
+        self.log_file_path = log_file_path
+        self.incidents = incidents or []
+        self._id = _id
+        self.created_at = created_at or datetime.now()
+        self.updated_at = updated_at or datetime.now()
+        self.processing_status = processing_status  # "pending", "processing", "completed", "failed"
+        self.extracted_text = extracted_text  # OCR extracted text from PDF
+        self.extracted_activities = extracted_activities or []  # Activities extracted by LLM
+    
+    def to_dict(self):
+        """Convert instance to dictionary"""
+        log_dict = {
+            "user_id": str(self.user_id) if self.user_id else None,
+            "department_id": str(self.department_id) if self.department_id else None,
+            "log_date": self.log_date,
+            "log_file_path": self.log_file_path,
+            "incidents": [str(incident_id) for incident_id in self.incidents],
+            "created_at": self.created_at,
+            "updated_at": self.updated_at,
+            "processing_status": self.processing_status,
+            "extracted_text": self.extracted_text,
+            "extracted_activities": self.extracted_activities
+        }
+        if self._id:
+            log_dict["_id"] = str(self._id)
+        return log_dict
+    
+    @classmethod
+    def from_dict(cls, log_dict):
+        """Create instance from dictionary"""
+        if "_id" in log_dict and log_dict["_id"]:
+            log_dict["_id"] = ObjectId(log_dict["_id"]) if isinstance(log_dict["_id"], str) else log_dict["_id"]
+        
+        if "user_id" in log_dict and log_dict["user_id"]:
+            log_dict["user_id"] = ObjectId(log_dict["user_id"]) if isinstance(log_dict["user_id"], str) else log_dict["user_id"]
+        
+        if "department_id" in log_dict and log_dict["department_id"]:
+            log_dict["department_id"] = ObjectId(log_dict["department_id"]) if isinstance(log_dict["department_id"], str) else log_dict["department_id"]
+        
+        # Convert string IDs to ObjectIds for incidents
+        if "incidents" in log_dict and log_dict["incidents"]:
+            log_dict["incidents"] = [ObjectId(incident_id) if isinstance(incident_id, str) else incident_id for incident_id in log_dict["incidents"]]
+        
+        return cls(**log_dict)
+    
+    def save(self):
+        """Save log to database"""
+        logs_collection = get_logs_collection()
+        log_dict = self.to_dict()
+        
+        if self._id:
+            # Update existing log
+            log_dict["updated_at"] = datetime.now()
+            result = logs_collection.update_one(
+                {"_id": ObjectId(self._id)},
+                {"$set": log_dict}
+            )
+            return result.modified_count > 0
+        else:
+            # Insert new log
+            log_dict["created_at"] = datetime.now()
+            log_dict["updated_at"] = datetime.now()
+            result = logs_collection.insert_one(log_dict)
+            self._id = result.inserted_id
+            return result.acknowledged
+    
+    @classmethod
+    def find_by_id(cls, log_id):
+        """Find log by ID"""
+        logs_collection = get_logs_collection()
+        log_data = logs_collection.find_one({"_id": ObjectId(log_id)})
+        if log_data:
+            return cls.from_dict(log_data)
+        return None
+    
+    @classmethod
+    def find_by_user(cls, user_id):
+        """Find all logs for a user"""
+        logs_collection = get_logs_collection()
+        logs_data = logs_collection.find({"user_id": ObjectId(user_id)})
+        return [cls.from_dict(log_data) for log_data in logs_data]
+    
+    @classmethod
+    def find_by_department(cls, department_id):
+        """Find all logs for a department"""
+        logs_collection = get_logs_collection()
+        logs_data = logs_collection.find({"department_id": ObjectId(department_id)})
+        return [cls.from_dict(log_data) for log_data in logs_data]
+    
+    @classmethod
+    def find_by_date_range(cls, start_date, end_date, department_id=None, user_id=None):
+        """Find logs by date range, optionally filtered by department and/or user"""
+        logs_collection = get_logs_collection()
+        query = {
+            "log_date": {
+                "$gte": start_date,
+                "$lte": end_date
+            }
+        }
+        
+        if department_id:
+            query["department_id"] = ObjectId(department_id)
+        
+        if user_id:
+            query["user_id"] = ObjectId(user_id)
+        
+        logs_data = logs_collection.find(query)
+        return [cls.from_dict(log_data) for log_data in logs_data]
+    
+    def delete(self):
+        """Delete log from database"""
+        if not self._id:
+            return False
+        
+        logs_collection = get_logs_collection()
+        result = logs_collection.delete_one({"_id": ObjectId(self._id)})
+        return result.deleted_count > 0
+    
+    def update_processing_status(self, status):
+        """Update log processing status"""
+        self.processing_status = status
+        return self.save()
+    
+    def set_extracted_text(self, text):
+        """Set extracted text from OCR"""
+        self.extracted_text = text
+        return self.save()
+    
+    def set_extracted_activities(self, activities):
+        """Set extracted activities from LLM"""
+        self.extracted_activities = activities
+        return self.save()
+    
+    def add_incident(self, incident_id):
+        """Add an incident to log"""
+        if incident_id not in self.incidents:
+            self.incidents.append(ObjectId(incident_id))
+            return self.save()
+        return True 

models/user.py

@@ -0,0 +1,137 @@
+import bcrypt
+from bson import ObjectId
+from datetime import datetime
+from db import get_users_collection
+
+class User:
+    def __init__(self, email, name, password=None, permissions="User", position="Officer", 
+                 department_id=None, logs=None, incidents=None, _id=None, created_at=None, updated_at=None):
+        self.email = email
+        self.name = name
+        self.password = password
+        self.permissions = permissions  # "Admin" or "User"
+        self.position = position
+        self.department_id = department_id
+        self.logs = logs or []
+        self.incidents = incidents or []
+        self._id = _id
+        self.created_at = created_at or datetime.now()
+        self.updated_at = updated_at or datetime.now()
+
+    @staticmethod
+    def hash_password(password):
+        """Hash a password for storing."""
+        return bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()).decode('utf-8')
+
+    @staticmethod
+    def verify_password(stored_password, provided_password):
+        """Verify a stored password against one provided by user"""
+        return bcrypt.checkpw(provided_password.encode('utf-8'), stored_password.encode('utf-8'))
+
+    def to_dict(self):
+        """Convert instance to dictionary (excluding password)"""
+        user_dict = {
+            "email": self.email,
+            "name": self.name,
+            "permissions": self.permissions,
+            "position": self.position,
+            "department_id": str(self.department_id) if self.department_id else None,
+            "logs": [str(log_id) for log_id in self.logs],
+            "incidents": [str(incident_id) for incident_id in self.incidents],
+            "created_at": self.created_at,
+            "updated_at": self.updated_at
+        }
+        if self._id:
+            user_dict["_id"] = str(self._id)
+        return user_dict
+
+    @classmethod
+    def from_dict(cls, user_dict):
+        """Create instance from dictionary"""
+        if "_id" in user_dict and user_dict["_id"]:
+            user_dict["_id"] = ObjectId(user_dict["_id"]) if isinstance(user_dict["_id"], str) else user_dict["_id"]
+        
+        if "department_id" in user_dict and user_dict["department_id"]:
+            user_dict["department_id"] = ObjectId(user_dict["department_id"]) if isinstance(user_dict["department_id"], str) else user_dict["department_id"]
+        
+        # Convert string IDs to ObjectIds for logs and incidents
+        if "logs" in user_dict and user_dict["logs"]:
+            user_dict["logs"] = [ObjectId(log_id) if isinstance(log_id, str) else log_id for log_id in user_dict["logs"]]
+        
+        if "incidents" in user_dict and user_dict["incidents"]:
+            user_dict["incidents"] = [ObjectId(incident_id) if isinstance(incident_id, str) else incident_id for incident_id in user_dict["incidents"]]
+        
+        return cls(**user_dict)
+
+    def save(self):
+        """Save user to database"""
+        users_collection = get_users_collection()
+        user_dict = self.to_dict()
+        
+        # Add password for database storage
+        if self.password:
+            user_dict["password"] = self.password
+        
+        if self._id:
+            # Update existing user
+            user_dict["updated_at"] = datetime.now()
+            result = users_collection.update_one(
+                {"_id": ObjectId(self._id)},
+                {"$set": user_dict}
+            )
+            return result.modified_count > 0
+        else:
+            # Insert new user
+            user_dict["created_at"] = datetime.now()
+            user_dict["updated_at"] = datetime.now()
+            result = users_collection.insert_one(user_dict)
+            self._id = result.inserted_id
+            return result.acknowledged
+
+    @classmethod
+    def find_by_id(cls, user_id):
+        """Find user by ID"""
+        users_collection = get_users_collection()
+        user_data = users_collection.find_one({"_id": ObjectId(user_id)})
+        if user_data:
+            return cls.from_dict(user_data)
+        return None
+
+    @classmethod
+    def find_by_email(cls, email):
+        """Find user by email"""
+        users_collection = get_users_collection()
+        user_data = users_collection.find_one({"email": email})
+        if user_data:
+            return cls.from_dict(user_data)
+        return None
+
+    @classmethod
+    def find_by_department(cls, department_id):
+        """Find all users in a department"""
+        users_collection = get_users_collection()
+        users_data = users_collection.find({"department_id": ObjectId(department_id)})
+        return [cls.from_dict(user_data) for user_data in users_data]
+
+    def delete(self):
+        """Delete user from database"""
+        if not self._id:
+            return False
+        
+        users_collection = get_users_collection()
+        result = users_collection.delete_one({"_id": ObjectId(self._id)})
+        return result.deleted_count > 0
+
+    def add_log(self, log_id):
+        """Add a log to user's logs"""
+        if log_id not in self.logs:
+            self.logs.append(ObjectId(log_id))
+            return self.save()
+        return True
+
+    def add_incident(self, incident_id):
+        """Add an incident to user's incidents"""
+        if incident_id not in self.incidents:
+            self.incidents.append(ObjectId(incident_id))
+            return self.save()
+        return True 

models/workflow.py

@@ -0,0 +1,139 @@
+from bson import ObjectId
+from datetime import datetime
+from db import get_workflows_collection
+
+class Workflow:
+    def __init__(self, title, description, data_requirements=None, raw_forms=None, form_fields=None, 
+                 department_id=None, _id=None, created_at=None, updated_at=None):
+        self.title = title
+        self.description = description
+        self.data_requirements = data_requirements or []  # List of (String, String) for fields and descriptions
+        self.raw_forms = raw_forms or []  # List of file paths
+        self.form_fields = form_fields or []  # List of (Number, String) for positions and fields
+        self.department_id = department_id
+        self._id = _id
+        self.created_at = created_at or datetime.now()
+        self.updated_at = updated_at or datetime.now()
+    
+    def to_dict(self):
+        """Convert instance to dictionary"""
+        workflow_dict = {
+            "title": self.title,
+            "description": self.description,
+            "data_requirements": self.data_requirements,
+            "raw_forms": self.raw_forms,
+            "form_fields": self.form_fields,
+            "department_id": str(self.department_id) if self.department_id else None,
+            "created_at": self.created_at,
+            "updated_at": self.updated_at
+        }
+        if self._id:
+            workflow_dict["_id"] = str(self._id)
+        return workflow_dict
+    
+    @classmethod
+    def from_dict(cls, workflow_dict):
+        """Create instance from dictionary"""
+        if "_id" in workflow_dict and workflow_dict["_id"]:
+            workflow_dict["_id"] = ObjectId(workflow_dict["_id"]) if isinstance(workflow_dict["_id"], str) else workflow_dict["_id"]
+        
+        if "department_id" in workflow_dict and workflow_dict["department_id"]:
+            workflow_dict["department_id"] = ObjectId(workflow_dict["department_id"]) if isinstance(workflow_dict["department_id"], str) else workflow_dict["department_id"]
+        
+        return cls(**workflow_dict)
+    
+    def save(self):
+        """Save workflow to database"""
+        workflows_collection = get_workflows_collection()
+        workflow_dict = self.to_dict()
+        
+        if self._id:
+            # Update existing workflow
+            workflow_dict["updated_at"] = datetime.now()
+            result = workflows_collection.update_one(
+                {"_id": ObjectId(self._id)},
+                {"$set": workflow_dict}
+            )
+            return result.modified_count > 0
+        else:
+            # Insert new workflow
+            workflow_dict["created_at"] = datetime.now()
+            workflow_dict["updated_at"] = datetime.now()
+            result = workflows_collection.insert_one(workflow_dict)
+            self._id = result.inserted_id
+            return result.acknowledged
+    
+    @classmethod
+    def find_by_id(cls, workflow_id):
+        """Find workflow by ID"""
+        workflows_collection = get_workflows_collection()
+        workflow_data = workflows_collection.find_one({"_id": ObjectId(workflow_id)})
+        if workflow_data:
+            return cls.from_dict(workflow_data)
+        return None
+    
+    @classmethod
+    def find_by_title(cls, title, department_id=None):
+        """Find workflow by title, optionally filtered by department"""
+        workflows_collection = get_workflows_collection()
+        query = {"title": title}
+        if department_id:
+            query["department_id"] = ObjectId(department_id)
+        
+        workflow_data = workflows_collection.find_one(query)
+        if workflow_data:
+            return cls.from_dict(workflow_data)
+        return None
+    
+    @classmethod
+    def find_by_department(cls, department_id):
+        """Find all workflows for a department"""
+        workflows_collection = get_workflows_collection()
+        workflows_data = workflows_collection.find({"department_id": ObjectId(department_id)})
+        return [cls.from_dict(workflow_data) for workflow_data in workflows_data]
+    
+    @classmethod
+    def get_all(cls):
+        """Get all workflows"""
+        workflows_collection = get_workflows_collection()
+        workflows_data = workflows_collection.find()
+        return [cls.from_dict(workflow_data) for workflow_data in workflows_data]
+    
+    def delete(self):
+        """Delete workflow from database"""
+        if not self._id:
+            return False
+        
+        workflows_collection = get_workflows_collection()
+        result = workflows_collection.delete_one({"_id": ObjectId(self._id)})
+        return result.deleted_count > 0
+    
+    def add_form(self, form_path):
+        """Add a form to workflow"""
+        if form_path not in self.raw_forms:
+            self.raw_forms.append(form_path)
+            return self.save()
+        return True
+    
+    def remove_form(self, form_path):
+        """Remove a form from workflow"""
+        if form_path in self.raw_forms:
+            self.raw_forms.remove(form_path)
+            return self.save()
+        return True
+    
+    def add_data_requirement(self, field, description):
+        """Add a data requirement (field and description)"""
+        requirement = (field, description)
+        if requirement not in self.data_requirements:
+            self.data_requirements.append(requirement)
+            return self.save()
+        return True
+    
+    def add_form_field(self, position, field_name):
+        """Add a form field (position and field name)"""
+        form_field = (position, field_name)
+        if form_field not in self.form_fields:
+            self.form_fields.append(form_field)
+            return self.save()
+        return True 

requirements.txt

@@ -0,0 +1,16 @@
+Flask==2.2.3
+python-dotenv==1.0.0
+pymongo==4.5.0
+flask-cors==4.0.0
+bcrypt==4.0.1
+PyJWT==2.8.0
+gunicorn==21.2.0
+cloudinary==1.35.0
+openai==1.6.1
+pytesseract==0.3.10
+Pillow==10.1.0
+python-magic==0.4.27
+Flask-RESTful==0.3.10
+Werkzeug==2.2.3
+celery==5.3.4
+redis==5.0.1 

routes/__init__.py

@@ -0,0 +1 @@
+# Routes package initialization 

routes/department_routes.py

@@ -0,0 +1,28 @@
+from flask import Blueprint
+from controllers.department_controller import (
+    create_department, get_department, update_department,
+    delete_department, get_all_departments, add_members_csv,
+    add_member, get_department_members, remove_member, update_member_permissions
+)
+from utils.auth import token_required, admin_required
+
+# Create blueprint
+department_bp = Blueprint('departments', __name__)
+
+# Public route for creating a new department with first admin
+department_bp.route('/', methods=['POST'])(create_department)
+
+# Routes that require authentication
+department_bp.route('/', methods=['GET'])(token_required(get_all_departments))
+department_bp.route('/<department_id>', methods=['GET'])(token_required(get_department))
+
+# Routes that require admin permissions
+department_bp.route('/<department_id>', methods=['PUT'])(admin_required(update_department))
+department_bp.route('/<department_id>', methods=['DELETE'])(admin_required(delete_department))
+
+# Member management routes (admin only)
+department_bp.route('/<department_id>/members', methods=['GET'])(token_required(get_department_members))
+department_bp.route('/<department_id>/members', methods=['POST'])(admin_required(add_member))
+department_bp.route('/<department_id>/members/csv', methods=['POST'])(admin_required(add_members_csv))
+department_bp.route('/<department_id>/members/<user_id>', methods=['DELETE'])(admin_required(remove_member))
+department_bp.route('/<department_id>/members/<user_id>/permissions', methods=['PUT'])(admin_required(update_member_permissions)) 

setup_env.py

@@ -0,0 +1,41 @@
+"""
+Setup environment variables for local development.
+This script creates a .env file with the required environment variables.
+"""
+
+import os
+import sys
+
+def create_env_file():
+    """Create a .env file with required environment variables."""
+    # Define environment variables
+    env_vars = {
+        "MONGO_URI": "mongodb+srv://dg:123@enflow.9w95qq5.mongodb.net/?retryWrites=true&w=majority&appName=enflow",
+        "JWT_SECRET": "fde5be3fca2f594bb39592a9d3781f5dabd1226bfea2d6fc1a51d65fdf031d23b05d4c8e46feb01531c9be214411bbec1523f735139db8f6d15320974e2d5ef3503db53ca1502a0f9489d310f55100baabcf6ebb3b10e975f3b445f70dee4c8c2bced6618ecf0f13ec4029914e05935bc02e7849a55348899fbba06bf6882ef1fcf67e33ce15b8afc08fc81d60868792f69f2a407301bb2f421655dfd8bbfe3481b86fe5ff01f02b30de35df5a35ec3c58a9b7a93b0baddded92c453a06fc5a2bd72ae739ee4ddc785fce6399dfe97f74945ef06023a64cb173800dbd85f10ba8847f9f8391422683d365bfdcabf7949d70a54f919c304463d1448820d6aa1dc",
+        "CLOUDINARY_CLOUD_NAME": "djt4gxy9s",
+        "CLOUDINARY_API_KEY": "551626585336911",
+        "CLOUDINARY_API_SECRET": "d6HCnsoaDBypM1dXCReFoJqkZDA",
+        "OPENAI_API_KEY": "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",
+        "FLASK_ENV": "development"
+    }
+    
+    # Check if .env file already exists
+    if os.path.exists('.env'):
+        print("Warning: .env file already exists.")
+        response = input("Do you want to overwrite it? (y/n): ")
+        if response.lower() != 'y':
+            print("Operation canceled.")
+            return
+    
+    # Write environment variables to .env file
+    with open('.env', 'w') as f:
+        for key, value in env_vars.items():
+            f.write(f"{key}={value}\n")
+    
+    print(".env file created successfully.")
+
+if __name__ == "__main__":
+    print("Setting up environment variables for Enflow Backend...")
+    create_env_file()
+    print("Setup complete. You can now run the application.")
+    print("To start the application, run: python app.py") 

test_department.py

@@ -0,0 +1,47 @@
+import os
+import requests
+import json
+from dotenv import load_dotenv
+
+# Load environment variables
+load_dotenv()
+
+# Base URL for API
+BASE_URL = "http://localhost:5000/api"
+
+def test_create_department():
+    """Test creating a new department with an admin user"""
+    # Department data
+    department_data = {
+        "name": "Test Police Department",
+        "address": "123 Test Street, Test City, TS 12345",
+        "website": "https://test-pd.example.com",
+        "admin_email": "admin@test-pd.example.com",
+        "admin_name": "Admin User",
+        "admin_password": "SecurePassword123"
+    }
+    
+    # Make POST request to create department
+    response = requests.post(f"{BASE_URL}/departments", json=department_data)
+    
+    # Print response details
+    print(f"Status Code: {response.status_code}")
+    print("Response:")
+    print(json.dumps(response.json(), indent=2))
+    
+    return response.json()
+
+def main():
+    """Run test functions"""
+    print("=== Testing Department Creation ===")
+    result = test_create_department()
+    
+    # If department was created successfully, store admin details
+    if result.get('department') and result.get('admin_user'):
+        print("\n=== Department Created Successfully ===")
+        print(f"Department Name: {result['department']['name']}")
+        print(f"Admin Email: {result['admin_user']['email']}")
+        print("You can now use these details to test the auth endpoints")
+
+if __name__ == "__main__":
+    main() 

utils/__init__.py

@@ -0,0 +1 @@
+# Utils package initialization 

utils/auth.py

@@ -0,0 +1,82 @@
+import os
+import jwt
+from datetime import datetime, timedelta
+from functools import wraps
+from flask import request, jsonify
+from models.user import User
+
+# Secret key for JWT
+SECRET_KEY = os.environ.get('JWT_SECRET')
+
+def generate_token(user_id, permissions, expiration_hours=24*30):  # 30-day token by default
+    """Generate JWT token for authentication"""
+    payload = {
+        'user_id': str(user_id),
+        'permissions': permissions,
+        'exp': datetime.utcnow() + timedelta(hours=expiration_hours)
+    }
+    return jwt.encode(payload, SECRET_KEY, algorithm='HS256')
+
+def decode_token(token):
+    """Decode and validate JWT token"""
+    try:
+        return jwt.decode(token, SECRET_KEY, algorithms=['HS256'])
+    except jwt.ExpiredSignatureError:
+        return None
+    except jwt.InvalidTokenError:
+        return None
+
+def token_required(f):
+    """Decorator for routes that require a valid token"""
+    @wraps(f)
+    def decorated(*args, **kwargs):
+        token = None
+        auth_header = request.headers.get('Authorization')
+        
+        if auth_header:
+            if auth_header.startswith('Bearer '):
+                token = auth_header.split(" ")[1]
+        
+        if not token:
+            return jsonify({'message': 'Token is missing'}), 401
+        
+        data = decode_token(token)
+        if not data:
+            return jsonify({'message': 'Token is invalid or expired'}), 401
+        
+        current_user = User.find_by_id(data['user_id'])
+        if not current_user:
+            return jsonify({'message': 'User not found'}), 401
+        
+        return f(current_user, *args, **kwargs)
+    
+    return decorated
+
+def admin_required(f):
+    """Decorator for routes that require admin permissions"""
+    @wraps(f)
+    def decorated(*args, **kwargs):
+        token = None
+        auth_header = request.headers.get('Authorization')
+        
+        if auth_header:
+            if auth_header.startswith('Bearer '):
+                token = auth_header.split(" ")[1]
+        
+        if not token:
+            return jsonify({'message': 'Token is missing'}), 401
+        
+        data = decode_token(token)
+        if not data:
+            return jsonify({'message': 'Token is invalid or expired'}), 401
+        
+        if data['permissions'] != 'Admin':
+            return jsonify({'message': 'Admin permissions required'}), 403
+        
+        current_user = User.find_by_id(data['user_id'])
+        if not current_user:
+            return jsonify({'message': 'User not found'}), 401
+        
+        return f(current_user, *args, **kwargs)
+    
+    return decorated