app.py

from flask import Flask, render_template, request, redirect, url_for, flash, session, jsonify
from werkzeug.middleware.proxy_fix import ProxyFix
import os
import gc
import logging
import time
import uuid
import secrets
import pymongo
from pymongo import MongoClient
from bson.binary import Binary
import base64
from datetime import datetime, timezone, timedelta
from dotenv import load_dotenv
import numpy as np
import cv2
from typing import Optional, Dict, Tuple, Any
import tempfile
import atexit
import shutil

# Optimize memory usage and disable TensorFlow warnings
os.environ['TF_CPP_MIN_LOG_LEVEL'] = '3'
os.environ['CUDA_VISIBLE_DEVICES'] = '-1'
os.environ['OMP_NUM_THREADS'] = '1'

# Configure logging for production
logging.basicConfig(level=logging.WARNING)
logging.getLogger('tensorflow').setLevel(logging.ERROR)

# --- Evaluation Metrics Counters (legacy, kept for compatibility display) ---
total_attempts = 0
correct_recognitions = 0
false_accepts = 0
false_rejects = 0
unauthorized_attempts = 0
inference_times = []

# ---------------------------------------------------
# Load environment variables
load_dotenv()

# Initialize Flask app
app = Flask(__name__, static_folder='app/static', template_folder='app/templates')

# CRITICAL FIX: Enhanced secret key and session config for Hugging Face
app.secret_key = os.environ.get('SECRET_KEY', 'huggingface-face-recognition-super-secret-key-2025')

# CRITICAL FIX: Optimized session config for Hugging Face Spaces
app.config.update({
    'PERMANENT_SESSION_LIFETIME': timedelta(hours=2),
    'SESSION_COOKIE_NAME': 'face_app_session',
    'SESSION_COOKIE_HTTPONLY': True,
    'SESSION_COOKIE_SECURE': False,
    'SESSION_COOKIE_SAMESITE': None,
    'SESSION_REFRESH_EACH_REQUEST': False,
    'SESSION_COOKIE_DOMAIN': None,
    'SESSION_COOKIE_PATH': '/',
    'SEND_FILE_MAX_AGE_DEFAULT': 0
})

# Add ProxyFix middleware for Hugging Face reverse proxy
app.wsgi_app = ProxyFix(
    app.wsgi_app,
    x_for=1,
    x_proto=1,
    x_host=1,
    x_prefix=0
)

print("Flask app initialized with ProxyFix middleware and token-based sessions")

# Create temporary directory for image processing
TEMP_DIR = tempfile.mkdtemp()

def cleanup_temp_dir():
    """Clean up temporary directory on exit"""
    try:
        if os.path.exists(TEMP_DIR):
            shutil.rmtree(TEMP_DIR)
        gc.collect()
    except Exception as e:
        print(f"Error cleaning up temp directory: {e}")

atexit.register(cleanup_temp_dir)

# MongoDB Connection with connection pooling
try:
    mongo_uri = os.getenv('MONGO_URI', 'mongodb://localhost:27017/')
    client = MongoClient(
        mongo_uri,
        maxPoolSize=10,
        connectTimeoutMS=5000,
        socketTimeoutMS=5000,
        serverSelectionTimeoutMS=5000
    )
    db = client['face_attendance_system']
    students_collection = db['students']
    teachers_collection = db['teachers']
    attendance_collection = db['attendance']
    metrics_events = db['metrics_events']
    sessions_collection = db['user_sessions']

    # Create indexes for better performance
    students_collection.create_index([("student_id", pymongo.ASCENDING)], unique=True)
    teachers_collection.create_index([("teacher_id", pymongo.ASCENDING)], unique=True)
    attendance_collection.create_index([
        ("student_id", pymongo.ASCENDING),
        ("date", pymongo.ASCENDING),
        ("subject", pymongo.ASCENDING)
    ])
    metrics_events.create_index([("ts", pymongo.DESCENDING)])
    metrics_events.create_index([("event", pymongo.ASCENDING)])
    metrics_events.create_index([("attempt_type", pymongo.ASCENDING)])
    sessions_collection.create_index([("token", pymongo.ASCENDING)], unique=True)
    sessions_collection.create_index([("expires_at", pymongo.ASCENDING)], expireAfterSeconds=0)
    print("MongoDB connection successful")
except Exception as e:
    print(f"MongoDB connection error: {e}")

# Initialize face detection cascades
face_detector = None
try:
    face_detector = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_frontalface_default.xml')
    print("Haar cascade face detector initialized successfully")
except Exception as e:
    print(f"Error initializing face detector: {e}")

eye_cascade = None
try:
    eye_cascade = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_eye.xml')
    print("Eye cascade classifier initialized successfully")
except Exception as e:
    print(f"Error initializing eye cascade: {e}")

def get_unique_temp_path(prefix="temp", suffix=".jpg"):
    """Generate unique temporary file path"""
    unique_id = str(uuid.uuid4())
    filename = f"{prefix}_{unique_id}_{int(time.time())}{suffix}"
    return os.path.join(TEMP_DIR, filename)

def detect_faces_haar(image):
    """Detect faces using Haar cascade - memory efficient"""
    try:
        gray = cv2.cvtColor(image, cv2.COLOR_BGR2GRAY)
        faces = face_detector.detectMultiScale(
            gray,
            scaleFactor=1.1,
            minNeighbors=5,
            minSize=(30, 30)
        )
        
        detections = []
        for (x, y, w, h) in faces:
            detections.append({
                "bbox": [x, y, x + w, y + h],
                "score": 0.9
            })
        
        del gray
        gc.collect()
        return detections
    except Exception as e:
        print(f"Error in Haar cascade detection: {e}")
        return []

def detect_faces_yunet(image):
    """Unified face detection function - memory optimized"""
    if face_detector is not None:
        return detect_faces_haar(image)
    
    try:
        gray = cv2.cvtColor(image, cv2.COLOR_BGR2GRAY)
        face_cascade = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_frontalface_default.xml')
        faces = face_cascade.detectMultiScale(gray, 1.3, 5)
        
        detections = []
        for (x, y, w, h) in faces:
            detections.append({
                "bbox": [x, y, x + w, y + h],
                "score": 0.8
            })
        
        del gray
        gc.collect()
        return detections
    except Exception as e:
        print(f"Error in fallback detection: {e}")
        return []

def recognize_face_deepface(image, user_id, user_type='student'):
    """FIXED: Enhanced face recognition with robust error handling"""
    global total_attempts, correct_recognitions, unauthorized_attempts, inference_times
    
    temp_files = []
    
    try:
        from deepface import DeepFace
        
        start_time = time.time()
        
        # CRITICAL FIX: Ensure image is valid numpy array
        if not isinstance(image, np.ndarray):
            print("Invalid image type provided to recognition")
            return False, "Invalid image format"
        
        if image.size == 0:
            print("Empty image provided to recognition")
            return False, "Empty image provided"
        
        # Save current image temporarily with error handling
        temp_img_path = get_unique_temp_path(f"current_{user_id}")
        temp_files.append(temp_img_path)
        
        # FIXED: Add image validation before saving
        try:
            success = cv2.imwrite(temp_img_path, image)
            if not success:
                return False, "Failed to save input image"
        except Exception as e:
            print(f"Error saving input image: {e}")
            return False, f"Image save error: {str(e)}"
        
        # Get user's reference image
        if user_type == 'student':
            user = students_collection.find_one({'student_id': user_id})
        else:
            user = teachers_collection.find_one({'teacher_id': user_id})
        
        if not user or 'face_image' not in user:
            unauthorized_attempts += 1
            return False, f"No reference face found for {user_type} ID {user_id}"
        
        # Save reference image temporarily with validation
        ref_image_bytes = user['face_image']
        ref_image_array = np.frombuffer(ref_image_bytes, np.uint8)
        ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
        
        if ref_image is None:
            return False, "Failed to decode reference image"
        
        temp_ref_path = get_unique_temp_path(f"ref_{user_id}")
        temp_files.append(temp_ref_path)
        
        try:
            success = cv2.imwrite(temp_ref_path, ref_image)
            if not success:
                return False, "Failed to save reference image"
        except Exception as e:
            print(f"Error saving reference image: {e}")
            return False, f"Reference image save error: {str(e)}"
        
        # Clean up arrays immediately
        del ref_image_array, ref_image
        
        try:
            # FIXED: More robust DeepFace call with better error handling
            result = DeepFace.verify(
                img1_path=temp_img_path,
                img2_path=temp_ref_path,
                model_name="Facenet",
                detector_backend="opencv",  # Use opencv instead of retinaface for stability
                enforce_detection=False,
                align=True,
                distance_metric="cosine"
            )
            
            is_verified = result["verified"]
            distance = result["distance"]
            
            inference_time = time.time() - start_time
            inference_times.append(inference_time)
            total_attempts += 1
            
            # More lenient threshold for better usability
            custom_threshold = 0.55  # Increased threshold for better matching
            is_verified_custom = distance < custom_threshold
            
            if is_verified_custom:
                correct_recognitions += 1
                return True, f"Face recognized (distance={distance:.3f}, threshold={custom_threshold}, time={inference_time:.2f}s)"
            else:
                unauthorized_attempts += 1
                return False, f"Face not recognized (distance={distance:.3f}, required < {custom_threshold})"
                
        except Exception as e:
            print(f"DeepFace verification error: {e}")
            return False, f"DeepFace verification error: {str(e)}"
        
    except Exception as e:
        print(f"Error in face recognition: {e}")
        return False, f"Error in face recognition: {str(e)}"
    
    finally:
        # Clean up temporary files and memory
        for temp_file in temp_files:
            try:
                if os.path.exists(temp_file):
                    os.remove(temp_file)
            except Exception as e:
                print(f"Error cleaning up temp file {temp_file}: {e}")
        gc.collect()

def simple_liveness_check(image):
    """Improved liveness detection using multiple methods - memory optimized"""
    if eye_cascade is None:
        return 0.65  # Default score if cascade not available
    
    try:
        gray = cv2.cvtColor(image, cv2.COLOR_BGR2GRAY)
        eyes = eye_cascade.detectMultiScale(gray, 1.3, 5)
        
        # Enhanced liveness scoring with multiple factors
        liveness_score = 0.0
        
        # Factor 1: Eye detection (40% weight)
        if len(eyes) >= 2:
            liveness_score += 0.4  # Both eyes detected
        elif len(eyes) == 1:
            liveness_score += 0.25  # One eye detected
        else:
            liveness_score += 0.1  # No eyes detected but still some base score
        
        # Factor 2: Image quality assessment (30% weight)
        laplacian_var = cv2.Laplacian(gray, cv2.CV_64F).var()
        if laplacian_var > 100:
            liveness_score += 0.3
        elif laplacian_var > 50:
            liveness_score += 0.2
        else:
            liveness_score += 0.1
        
        # Factor 3: Face size and position (30% weight)
        face_area = image.shape[0] * image.shape[1]
        if face_area > 10000:
            liveness_score += 0.3
        elif face_area > 5000:
            liveness_score += 0.2
        else:
            liveness_score += 0.1
        
        # Ensure score is between 0 and 1
        liveness_score = min(1.0, max(0.0, liveness_score))
        
        del gray
        gc.collect()
        return liveness_score
        
    except Exception as e:
        print(f"Error in liveness check: {e}")
        return 0.6  # Return neutral score on error
    finally:
        gc.collect()

def expand_and_clip_box(bbox_xyxy, scale: float, w: int, h: int):
    x1, y1, x2, y2 = bbox_xyxy
    bw = x2 - x1
    bh = y2 - y1
    cx = x1 + bw / 2.0
    cy = y1 + bh / 2.0
    bw2 = bw * scale
    bh2 = bh * scale
    x1n = int(max(0, cx - bw2 / 2.0))
    y1n = int(max(0, cy - bh2 / 2.0))
    x2n = int(min(w - 1, cx + bw2 / 2.0))
    y2n = int(min(h - 1, cy + bh2 / 2.0))
    return x1n, y1n, x2n, y2n

def draw_live_overlay(img_bgr: np.ndarray, bbox, label: str, prob: float, color):
    x1, y1, x2, y2 = [int(v) for v in bbox]
    cv2.rectangle(img_bgr, (x1, y1), (x2, y2), color, 2)
    text = f"{label} {prob:.2f}"
    (tw, th), _ = cv2.getTextSize(text, cv2.FONT_HERSHEY_SIMPLEX, 0.7, 2)
    y_top = max(0, y1 - th - 8)
    cv2.rectangle(img_bgr, (x1, y_top), (x1 + tw + 6, y_top + th + 6), color, -1)
    cv2.putText(img_bgr, text, (x1 + 3, y_top + th), cv2.FONT_HERSHEY_SIMPLEX, 0.7, (0, 0, 0), 2, cv2.LINE_AA)

def image_to_data_uri(img_bgr: np.ndarray) -> Optional[str]:
    success, buf = cv2.imencode(".jpg", img_bgr, [int(cv2.IMWRITE_JPEG_QUALITY), 85])
    if not success:
        return None
    b64 = base64.b64encode(buf.tobytes()).decode("utf-8")
    return f"data:image/jpeg;base64,{b64}"

def decode_image(base64_image):
    if ',' in base64_image:
        base64_image = base64_image.split(',')[1]
    image_bytes = base64.b64decode(base64_image)
    np_array = np.frombuffer(image_bytes, np.uint8)
    image = cv2.imdecode(np_array, cv2.IMREAD_COLOR)
    
    del image_bytes, np_array
    gc.collect()
    return image

# Token-based session helpers
def validate_session_token(token):
    """Validate session token and return session data"""
    if not token:
        return None
    
    session_data = sessions_collection.find_one({'token': token})
    if not session_data:
        return None
    
    # Check if session expired
    if datetime.now() > session_data.get('expires_at', datetime.now()):
        sessions_collection.delete_one({'token': token})
        return None
    
    return session_data

def create_session_token(user_id, user_type):
    """Create new session token"""
    token = secrets.token_urlsafe(32)
    session_data = {
        'token': token,
        'user_id': user_id,
        'user_type': user_type,
        'created_at': datetime.now(),
        'expires_at': datetime.now() + timedelta(hours=2)
    }
    
    # Clear old sessions for this user
    if user_type == 'student':
        sessions_collection.delete_many({'student_id': user_id})
        session_data['student_id'] = user_id
    else:
        sessions_collection.delete_many({'teacher_id': user_id})
        session_data['teacher_id'] = user_id
    
    sessions_collection.insert_one(session_data)
    return token

# Legacy function for backward compatibility
def get_face_features(image):
    return None

def recognize_face(image, user_id, user_type='student'):
    return recognize_face_deepface(image, user_id, user_type)

# Metrics helpers (keeping existing implementation)
def log_metrics_event(event: dict):
    try:
        metrics_events.insert_one(event)
    except Exception as e:
        print("Failed to log metrics event:", e)

def log_metrics_event_normalized(*, event: str, attempt_type: str, claimed_id: Optional[str],
                                recognized_id: Optional[str], liveness_pass: bool, distance: Optional[float],
                                live_prob: Optional[float], latency_ms: Optional[float], client_ip: Optional[str],
                                reason: Optional[str] = None):
    if not liveness_pass:
        decision = "spoof_blocked"
    else:
        decision = "recognized" if event.startswith("accept") else "not_recognized"

    doc = {
        "ts": datetime.now(timezone.utc),
        "event": event,
        "attempt_type": attempt_type,
        "claimed_id": claimed_id,
        "recognized_id": recognized_id,
        "liveness_pass": bool(liveness_pass),
        "distance": distance,
        "live_prob": live_prob,
        "latency_ms": latency_ms,
        "client_ip": client_ip,
        "reason": reason,
        "decision": decision,
    }
    log_metrics_event(doc)

def classify_event(ev: Dict[str, Any]) -> Tuple[Optional[str], Optional[str]]:
    """Returns (event, attempt_type), robust to legacy documents."""
    if ev.get("event"):
        e = ev.get("event")
        at = ev.get("attempt_type")
        if not at:
            if e in ("accept_true", "reject_false"):
                at = "genuine"
            elif e in ("accept_false", "reject_true"):
                at = "impostor"
        return e, at

    decision = ev.get("decision")
    success = ev.get("success")
    reason = (ev.get("reason") or "") if isinstance(ev.get("reason"), str) else ev.get("reason")

    if decision == "recognized" and (success is True or success is None):
        return "accept_true", "genuine"

    if decision == "spoof_blocked":
        return "reject_true", "impostor"

    if decision == "not_recognized":
        if reason in ("false_reject",):
            return "reject_false", "genuine"
        if reason in ("unauthorized_attempt", "liveness_fail", "mismatch_claim", "no_face_detected", "failed_crop", "recognition_error"):
            return "reject_true", "impostor"
        return "reject_true", "impostor"

    return None, None

def compute_metrics(limit: int = 10000):
    """Robust metrics aggregation that tolerates legacy docs."""
    try:
        cursor = metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(limit)
        counts = {
            "trueAccepts": 0,
            "falseAccepts": 0,
            "trueRejects": 0,
            "falseRejects": 0,
            "genuineAttempts": 0,
            "impostorAttempts": 0,
            "unauthorizedRejected": 0,
            "unauthorizedAccepted": 0,
        }

        total_attempts_calc = 0

        for ev in cursor:
            e, at = classify_event(ev)
            if not e:
                continue
            total_attempts_calc += 1

            if e == "accept_true":
                counts["trueAccepts"] += 1
            elif e == "accept_false":
                counts["falseAccepts"] += 1
                counts["unauthorizedAccepted"] += 1
            elif e == "reject_true":
                counts["trueRejects"] += 1
                counts["unauthorizedRejected"] += 1
            elif e == "reject_false":
                counts["falseRejects"] += 1

            if at == "genuine":
                counts["genuineAttempts"] += 1
            elif at == "impostor":
                counts["impostorAttempts"] += 1

        genuine_attempts = max(counts["genuineAttempts"], 1)
        impostor_attempts = max(counts["impostorAttempts"], 1)
        total_attempts_final = max(total_attempts_calc, 1)

        FAR = counts["falseAccepts"] / impostor_attempts
        FRR = counts["falseRejects"] / genuine_attempts
        accuracy = (counts["trueAccepts"] + counts["trueRejects"]) / total_attempts_final

        return {
            "counts": counts,
            "rates": {
                "FAR": FAR,
                "FRR": FRR,
                "accuracy": accuracy
            },
            "totals": {
                "totalAttempts": total_attempts_calc
            }
        }
    except Exception as e:
        print(f"Error computing metrics: {e}")
        return {
            "counts": {"trueAccepts": 0, "falseAccepts": 0, "trueRejects": 0, "falseRejects": 0,
                      "genuineAttempts": 0, "impostorAttempts": 0, "unauthorizedRejected": 0, "unauthorizedAccepted": 0},
            "rates": {"FAR": 0, "FRR": 0, "accuracy": 0},
            "totals": {"totalAttempts": 0}
        }

def compute_latency_avg(limit: int = 300) -> Optional[float]:
    try:
        cursor = metrics_events.find({"latency_ms": {"$exists": True}}, {"latency_ms": 1, "_id": 0}).sort("ts", -1).limit(limit)
        vals = [float(d["latency_ms"]) for d in cursor if isinstance(d.get("latency_ms"), (int, float))]
        if not vals:
            return None
        return sum(vals) / len(vals)
    except Exception as e:
        print(f"Error computing latency average: {e}")
        return None

# --------- STUDENT ROUTES ---------
@app.route('/')
def home():
    return render_template('home.html')

@app.route('/login.html')
def login_page():
    return render_template('login.html')

@app.route('/register.html')
def register_page():
    return render_template('register.html')

@app.route('/metrics')
def metrics_dashboard():
    return render_template('metrics.html')

@app.route('/register', methods=['POST'])
def register():
    try:
        student_data = {
            'student_id': request.form.get('student_id'),
            'name': request.form.get('name'),
            'email': request.form.get('email'),
            'department': request.form.get('department'),
            'course': request.form.get('course'),
            'year': request.form.get('year'),
            'division': request.form.get('division'),
            'mobile': request.form.get('mobile'),
            'dob': request.form.get('dob'),
            'gender': request.form.get('gender'),
            'password': request.form.get('password'),
            'created_at': datetime.now()
        }
        face_image = request.form.get('face_image')
        if face_image and ',' in face_image:
            image_data = face_image.split(',')[1]
            student_data['face_image'] = Binary(base64.b64decode(image_data))
            student_data['face_image_type'] = face_image.split(',')[0].split(':')[1].split(';')[0]
        else:
            flash('Face image is required for registration.', 'danger')
            return redirect(url_for('register_page'))

        result = students_collection.insert_one(student_data)
        if result.inserted_id:
            flash('Registration successful! You can now login.', 'success')
            return redirect(url_for('login_page'))
        else:
            flash('Registration failed. Please try again.', 'danger')
            return redirect(url_for('register_page'))
    except pymongo.errors.DuplicateKeyError:
        flash('Student ID already exists. Please use a different ID.', 'danger')
        return redirect(url_for('register_page'))
    except Exception as e:
        flash(f'Registration failed: {str(e)}', 'danger')
        return redirect(url_for('register_page'))

@app.route('/login', methods=['POST'])
def login():
    try:
        student_id = request.form.get('student_id')
        password = request.form.get('password')
        
        print(f"=== TOKEN-BASED LOGIN DEBUG ===")
        print(f"Student ID: {student_id}")
        
        if not student_id or not password:
            flash('Student ID and password are required.', 'danger')
            return redirect(url_for('login_page'))
        
        student = students_collection.find_one({'student_id': student_id})
        print(f"Student found: {bool(student)}")
        
        if student and student.get('password') == password:
            # Create session token
            token = create_session_token(student_id, 'student')
            
            print(f"Session token created: {token[:10]}...")
            flash('Login successful!', 'success')
            
            # Redirect with token in URL
            return redirect(url_for('dashboard', token=token))
        else:
            print("Invalid credentials")
            flash('Invalid credentials. Please try again.', 'danger')
            return redirect(url_for('login_page'))
            
    except Exception as e:
        print(f"Login error: {e}")
        flash(f'Login failed: {str(e)}', 'danger')
        return redirect(url_for('login_page'))

@app.route('/face-login', methods=['POST'])
def face_login():
    try:
        face_image = request.form.get('face_image')
        face_role = request.form.get('face_role')

        print(f"Face login attempt for role: {face_role}")

        if not face_image or not face_role:
            flash('Face image and role are required for face login.', 'danger')
            return redirect(url_for('login_page'))

        image = decode_image(face_image)
        
        # FIXED: Add image validation
        if image is None:
            flash('Invalid image format received.', 'danger')
            return redirect(url_for('login_page'))

        if face_role == 'student':
            collection = students_collection
            id_field = 'student_id'
            dashboard_route = 'dashboard'
        elif face_role == 'teacher':
            collection = teachers_collection
            id_field = 'teacher_id'
            dashboard_route = 'teacher_dashboard'
        else:
            flash('Invalid role selected for face login.', 'danger')
            return redirect(url_for('login_page'))

        users = collection.find({'face_image': {'$exists': True, '$ne': None}})
        
        best_match = None
        best_distance = float('inf')
        
        # Use robust face matching
        temp_login_path = get_unique_temp_path("login_image")
        
        try:
            success = cv2.imwrite(temp_login_path, image)
            if not success:
                flash('Failed to process face image. Please try again.', 'danger')
                return redirect(url_for('login_page'))
        except Exception as e:
            print(f"Error saving login image: {e}")
            flash('Error processing face image. Please try again.', 'danger')
            return redirect(url_for('login_page'))
        
        try:
            from deepface import DeepFace
            
            for user in users:
                try:
                    ref_image_bytes = user['face_image']
                    ref_image_array = np.frombuffer(ref_image_bytes, np.uint8)
                    ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
                    
                    if ref_image is None:
                        continue
                    
                    temp_ref_path = get_unique_temp_path(f"ref_{user[id_field]}")
                    
                    success = cv2.imwrite(temp_ref_path, ref_image)
                    if not success:
                        continue
                    
                    # FIXED: Use stable opencv detector
                    result = DeepFace.verify(
                        img1_path=temp_login_path,
                        img2_path=temp_ref_path,
                        model_name="Facenet",
                        detector_backend="opencv",  # Use opencv instead of retinaface
                        enforce_detection=False,
                        align=True
                    )
                    
                    distance = result["distance"]
                    
                    # Keep track of best match
                    if distance < best_distance:
                        best_distance = distance
                        best_match = user
                    
                    # More lenient threshold for face login
                    if distance < 0.6:  # Increased threshold for better matching
                        # Create session token
                        token = create_session_token(user[id_field], face_role)
                        
                        print(f"Face login successful for {user.get('name')}, distance: {distance:.3f}")
                        flash('Face login successful!', 'success')
                        
                        # Cleanup
                        if os.path.exists(temp_ref_path):
                            os.remove(temp_ref_path)
                        if os.path.exists(temp_login_path):
                            os.remove(temp_login_path)
                        gc.collect()
                        
                        return redirect(url_for(dashboard_route, token=token))
                    
                    if os.path.exists(temp_ref_path):
                        os.remove(temp_ref_path)
                        
                except Exception as e:
                    print(f"Face verification error: {e}")
                    continue
            
            if os.path.exists(temp_login_path):
                os.remove(temp_login_path)
                
        except Exception as e:
            print(f"DeepFace import/processing error: {e}")
            if os.path.exists(temp_login_path):
                os.remove(temp_login_path)
        finally:
            gc.collect()

        # Provide better error message with best match info
        if best_match:
            print(f"Closest match was {best_match.get('name')} with distance {best_distance:.3f}")
            flash(f'Face recognition failed. Closest match distance: {best_distance:.3f}. Please try again with better lighting.', 'warning')
        else:
            flash('No face detected or face not found in database. Please try again.', 'danger')
        
        return redirect(url_for('login_page'))
        
    except Exception as e:
        print(f"Face login error: {e}")
        flash(f'Face login failed: {str(e)}', 'danger')
        return redirect(url_for('login_page'))

@app.route('/dashboard')
def dashboard():
    token = request.args.get('token')
    
    print(f"=== TOKEN-BASED DASHBOARD DEBUG ===")
    print(f"Token received: {token[:10] if token else 'None'}...")
    
    if not token:
        print("No token provided")
        flash('Please log in to access the dashboard.', 'info')
        return redirect(url_for('login_page'))
    
    try:
        # Validate session token
        session_data = validate_session_token(token)
        
        if not session_data:
            print("Invalid or expired token")
            flash('Session expired. Please log in again.', 'info')
            return redirect(url_for('login_page'))
        
        if session_data.get('user_type') != 'student':
            print("Invalid user type")
            flash('Please log in as a student.', 'info')
            return redirect(url_for('login_page'))
        
        student_id = session_data.get('student_id')
        print(f"Loading dashboard for student: {student_id}")
        
        student = students_collection.find_one({'student_id': student_id})
        if not student:
            print("Student not found in database")
            sessions_collection.delete_one({'token': token})
            flash('Student record not found. Please log in again.', 'danger')
            return redirect(url_for('login_page'))
        
        # Process face image if exists
        if student and 'face_image' in student and student['face_image']:
            face_image_base64 = base64.b64encode(student['face_image']).decode('utf-8')
            mime_type = student.get('face_image_type', 'image/jpeg')
            student['face_image_url'] = f"data:{mime_type};base64,{face_image_base64}"
        
        # Get attendance records
        attendance_records = list(attendance_collection.find({'student_id': student_id}).sort('date', -1))
        
        print(f"Dashboard loaded successfully for {student.get('name')}")
        
        # Pass token to template for subsequent requests
        return render_template('dashboard.html', 
                             student=student, 
                             attendance_records=attendance_records,
                             session_token=token)
        
    except Exception as e:
        print(f"Dashboard error: {e}")
        flash(f'Error loading dashboard: {str(e)}', 'danger')
        return redirect(url_for('login_page'))

@app.route('/mark-attendance', methods=['POST'])
def mark_attendance():
    data = request.json
    token = data.get('session_token')
    
    if not token:
        return jsonify({'success': False, 'message': 'Not authenticated'})
    
    # Validate token
    session_data = validate_session_token(token)
    
    if not session_data:
        return jsonify({'success': False, 'message': 'Session expired'})
    
    if session_data.get('user_type') != 'student':
        return jsonify({'success': False, 'message': 'Invalid user type'})
    
    logged_in_student_id = session_data.get('student_id')
    program = data.get('program')
    semester = data.get('semester')
    course = data.get('course')
    face_image = data.get('face_image')

    if not all([logged_in_student_id, program, semester, course, face_image]):
        return jsonify({'success': False, 'message': 'Missing required data'})

    client_ip = request.remote_addr
    t0 = time.time()

    # Decode image
    image = decode_image(face_image)
    if image is None or image.size == 0:
        return jsonify({'success': False, 'message': 'Invalid image data'})

    h, w = image.shape[:2]
    vis = image.copy()

    # 1) Face detection using reliable methods
    detections = detect_faces_yunet(image)
    if not detections:
        overlay = image_to_data_uri(vis)
        log_metrics_event_normalized(
            event="reject_true",
            attempt_type="impostor",
            claimed_id=logged_in_student_id,
            recognized_id=None,
            liveness_pass=False,
            distance=None,
            live_prob=None,
            latency_ms=round((time.time() - t0) * 1000.0, 2),
            client_ip=client_ip,
            reason="no_face_detected"
        )
        return jsonify({'success': False, 'message': 'No face detected', 'overlay': overlay})

    # Pick highest-score detection
    best = max(detections, key=lambda d: d["score"])
    x1, y1, x2, y2 = [int(v) for v in best["bbox"]]
    x1e, y1e, x2e, y2e = expand_and_clip_box((x1, y1, x2, y2), scale=1.2, w=w, h=h)
    face_crop = image[y1e:y2e, x1e:x2e]
    if face_crop.size == 0:
        overlay = image_to_data_uri(vis)
        log_metrics_event_normalized(
            event="reject_true",
            attempt_type="impostor",
            claimed_id=logged_in_student_id,
            recognized_id=None,
            liveness_pass=False,
            distance=None,
            live_prob=None,
            latency_ms=round((time.time() - t0) * 1000.0, 2),
            client_ip=client_ip,
            reason="failed_crop"
        )
        return jsonify({'success': False, 'message': 'Failed to crop face', 'overlay': overlay})

    # 2) Liveness check with lower threshold
    live_prob = simple_liveness_check(face_crop)
    
    liveness_threshold = 0.4  # More lenient threshold
    is_live = live_prob >= liveness_threshold
    
    label = "LIVE" if is_live else "SPOOF"
    color = (0, 200, 0) if is_live else (0, 0, 255)
    draw_live_overlay(vis, (x1e, y1e, x2e, y2e), label, live_prob, color)
    overlay_data = image_to_data_uri(vis)

    print(f"Liveness check - Score: {live_prob:.3f}, Threshold: {liveness_threshold}, Result: {label}")

    if not is_live:
        log_metrics_event_normalized(
            event="reject_true",
            attempt_type="impostor",
            claimed_id=logged_in_student_id,
            recognized_id=None,
            liveness_pass=False,
            distance=None,
            live_prob=float(live_prob),
            latency_ms=round((time.time() - t0) * 1000.0, 2),
            client_ip=client_ip,
            reason="liveness_fail"
        )
        return jsonify({
            'success': False, 
            'message': f'Liveness check failed (score={live_prob:.2f}, need>={liveness_threshold}). Ensure good lighting and face visibility.', 
            'overlay': overlay_data
        })

    # 3) CRITICAL SECURITY FIX: Verify face belongs to logged-in user
    success, message = recognize_face_deepface(image, logged_in_student_id, user_type='student')
    total_latency_ms = round((time.time() - t0) * 1000.0, 2)

    # Parse distance from message if available
    distance_val = None
    try:
        if "distance=" in message:
            part = message.split("distance=")[1]
            distance_val = float(part.split(",")[0].strip(") "))
    except Exception:
        pass

    # CRITICAL SECURITY CHECK: Only allow attendance if recognized face matches logged-in user
    if not success:
        reason = "face_mismatch_with_logged_user"
        log_metrics_event_normalized(
            event="reject_true",
            attempt_type="impostor",
            claimed_id=logged_in_student_id,
            recognized_id=None,
            liveness_pass=True,
            distance=distance_val,
            live_prob=float(live_prob),
            latency_ms=total_latency_ms,
            client_ip=client_ip,
            reason=reason
        )
        return jsonify({
            'success': False, 
            'message': f'SECURITY ALERT: Face does not match logged-in student {logged_in_student_id}. Please ensure you are the correct person marking attendance.', 
            'overlay': overlay_data
        })

    # Log successful verification
    log_metrics_event_normalized(
        event="accept_true",
        attempt_type="genuine",
        claimed_id=logged_in_student_id,
        recognized_id=logged_in_student_id,
        liveness_pass=True,
        distance=distance_val,
        live_prob=float(live_prob),
        latency_ms=total_latency_ms,
        client_ip=client_ip,
        reason=None
    )
    
    # Save attendance for the LOGGED-IN user (not whoever's face was recognized)
    attendance_data = {
        'student_id': logged_in_student_id,  # FIXED: Use logged-in user ID
        'program': program,
        'semester': semester,
        'subject': course,
        'date': datetime.now().date().isoformat(),
        'time': datetime.now().time().strftime('%H:%M:%S'),
        'status': 'present',
        'created_at': datetime.now()
    }
    
    try:
        existing_attendance = attendance_collection.find_one({
            'student_id': logged_in_student_id,
            'subject': course,
            'date': datetime.now().date().isoformat()
        })
        if existing_attendance:
            return jsonify({
                'success': False, 
                'message': 'Attendance already marked for this course today', 
                'overlay': overlay_data
            })
        
        attendance_collection.insert_one(attendance_data)
        gc.collect()
        
        return jsonify({
            'success': True, 
            'message': f'Attendance marked successfully for {logged_in_student_id}', 
            'overlay': overlay_data
        })
    except Exception as e:
        return jsonify({
            'success': False, 
            'message': f'Database error: {str(e)}', 
            'overlay': overlay_data
        })

@app.route('/liveness-preview', methods=['POST'])
def liveness_preview():
    data = request.json or {}
    token = data.get('session_token')
    
    if not token or not validate_session_token(token):
        return jsonify({'success': False, 'message': 'Not authenticated'})
    
    try:
        face_image = data.get('face_image')
        if not face_image:
            return jsonify({'success': False, 'message': 'No image received'})
        
        image = decode_image(face_image)
        if image is None or image.size == 0:
            return jsonify({'success': False, 'message': 'Invalid image data'})
        
        h, w = image.shape[:2]
        vis = image.copy()
        detections = detect_faces_yunet(image)
        
        if not detections:
            overlay_data = image_to_data_uri(vis)
            return jsonify({
                'success': True,
                'live': False,
                'live_prob': 0.0,
                'message': 'No face detected',
                'overlay': overlay_data
            })
        
        best = max(detections, key=lambda d: d["score"])
        x1, y1, x2, y2 = [int(v) for v in best["bbox"]]
        x1e, y1e, x2e, y2e = expand_and_clip_box((x1, y1, x2, y2), scale=1.2, w=w, h=h)
        face_crop = image[y1e:y2e, x1e:x2e]
        
        if face_crop.size == 0:
            overlay_data = image_to_data_uri(vis)
            return jsonify({
                'success': True,
                'live': False,
                'live_prob': 0.0,
                'message': 'Failed to crop face',
                'overlay': overlay_data
            })
        
        live_prob = simple_liveness_check(face_crop)
        threshold = 0.4  # Match attendance marking threshold
        label = "LIVE" if live_prob >= threshold else "SPOOF"
        color = (0, 200, 0) if label == "LIVE" else (0, 0, 255)
        
        draw_live_overlay(vis, (x1e, y1e, x2e, y2e), label, live_prob, color)
        overlay_data = image_to_data_uri(vis)
        
        del image, vis, face_crop
        gc.collect()
        
        return jsonify({
            'success': True,
            'live': bool(live_prob >= threshold),
            'live_prob': float(live_prob),
            'overlay': overlay_data
        })
    except Exception as e:
        print("liveness_preview error:", e)
        return jsonify({'success': False, 'message': 'Server error during preview'})

# --------- LOGOUT ROUTES ---------
@app.route('/logout')
def logout():
    token = request.args.get('token')
    if token:
        sessions_collection.delete_one({'token': token})
        print(f"Token {token[:10]}... invalidated")
    flash('You have been logged out', 'info')
    return redirect(url_for('login_page'))

# --------- DEBUG ROUTES ---------
@app.route('/health-check')
@app.route('/health')
def health_check():
    return jsonify({
        'status': 'healthy',
        'platform': 'hugging_face',
        'session_type': 'token_based',
        'proxy_fix': 'enabled',
        'liveness_threshold': 0.4,
        'face_detector': 'opencv_stable',
        'timestamp': datetime.now().isoformat()
    }), 200

@app.route('/debug-session')
def debug_session():
    token = request.args.get('token')
    session_data = validate_session_token(token) if token else None
    return jsonify({
        'token_provided': bool(token),
        'session_valid': bool(session_data),
        'session_data': session_data if session_data else None,
        'headers': dict(request.headers),
        'cookies': dict(request.cookies),
        'session_type': 'token_based',
        'proxy_fix': 'enabled'
    })

@app.route('/cleanup', methods=['POST'])
def manual_cleanup():
    """Manual cleanup endpoint for memory management"""
    try:
        gc.collect()
        return jsonify({'status': 'cleanup completed'}), 200
    except Exception as e:
        return jsonify({'status': 'cleanup failed', 'error': str(e)}), 500

# MAIN APPLICATION ENTRY POINT
if __name__ == '__main__':
    port = int(os.environ.get('PORT', 7860))
    print(f"Starting Flask app on port {port} with secure token-based authentication")
    app.run(host='0.0.0.0', port=port, debug=False)