Fix attendance marking issues and enhance session management

app.py

@@ -1,8 +1,14 @@
 import os
 import tempfile
 import secrets
+from datetime import timedelta, datetime, timezone
+import logging
 
-# FIX: Use system temp directory for DeepFace and models (guaranteed writable)
+# Setup logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+# Set up proper temp directories for HuggingFace Spaces
 deepface_cache = os.path.join(tempfile.gettempdir(), "deepface_cache")
 os.makedirs(deepface_cache, exist_ok=True)
 os.environ["DEEPFACE_HOME"] = deepface_cache
@@ -14,7 +20,6 @@ import pymongo
 from pymongo import MongoClient
 from bson.binary import Binary
 import base64
-from datetime import datetime, timezone
 from dotenv import load_dotenv
 import numpy as np
 import cv2
@@ -24,12 +29,32 @@ from deepface import DeepFace
 from sklearn.metrics.pairwise import cosine_similarity
 import tensorflow as tf
 
-# Optimize TensorFlow for HuggingFace Spaces
+# Optimize TensorFlow
 tf.config.threading.set_intra_op_parallelism_threads(1)
 tf.config.threading.set_inter_op_parallelism_threads(1)
 os.environ['TF_CPP_MIN_LOG_LEVEL'] = '2'
 
-# --- Evaluation Metrics Counters ---
+# Load environment variables
+load_dotenv()
+
+# Initialize Flask app with proper configuration
+app = Flask(__name__, static_folder='app/static', template_folder='app/templates')
+
+# FIXED: Proper session configuration for production
+app.secret_key = os.getenv('SECRET_KEY', secrets.token_hex(32))
+
+# Essential session settings for Hugging Face Spaces
+app.config.update(
+    SESSION_COOKIE_SECURE=False,  # Keep False for HTTP (Hugging Face handles HTTPS)
+    SESSION_COOKIE_HTTPONLY=True,
+    SESSION_COOKIE_SAMESITE='Lax',
+    SESSION_COOKIE_PATH='/',
+    PERMANENT_SESSION_LIFETIME=timedelta(hours=24),
+    SESSION_TYPE=None,
+    SESSION_REFRESH_EACH_REQUEST=False
+)
+
+# Global variables for tracking
 total_attempts = 0
 correct_recognitions = 0
 false_accepts = 0
@@ -37,144 +62,74 @@ false_rejects = 0
 unauthorized_attempts = 0
 inference_times = []
 
-# Load environment variables
-load_dotenv()
-
-# Initialize Flask app
-app = Flask(__name__, static_folder='app/static', template_folder='app/templates')
-
-# CRITICAL FIX: Proper session configuration for HuggingFace Spaces
-app.secret_key = 'fixed-secret-key-for-testing-change-in-production-' + str(hash('face-attendance-app'))
-
-# Essential session settings for containerized environment
-app.config['SESSION_COOKIE_SECURE'] = False  # MUST be False for HTTP
-app.config['SESSION_COOKIE_HTTPONLY'] = True
-app.config['SESSION_COOKIE_SAMESITE'] = 'Lax'  
-app.config['SESSION_COOKIE_PATH'] = '/'
-app.config['SESSION_COOKIE_DOMAIN'] = None  # Let Flask auto-detect
-app.config['PERMANENT_SESSION_LIFETIME'] = 3600  # 1 hour
-
-# Force session to work
-app.config['SESSION_TYPE'] = None  # Use Flask's default signed cookies
-
-# MongoDB Connection
-try:
-    mongo_uri = os.getenv('MONGO_URI', 'mongodb://localhost:27017/')
-    client = MongoClient(mongo_uri)
-    db = client['face_attendance_system']
-    students_collection = db['students']
-    teachers_collection = db['teachers']
-    attendance_collection = db['attendance']
-    metrics_events = db['metrics_events']
-
-    # Indexes
-    students_collection.create_index([("student_id", pymongo.ASCENDING)], unique=True)
-    teachers_collection.create_index([("teacher_id", pymongo.ASCENDING)], unique=True)
-    attendance_collection.create_index([
-        ("student_id", pymongo.ASCENDING),
-        ("date", pymongo.ASCENDING),
-        ("subject", pymongo.ASCENDING)
-    ])
-    metrics_events.create_index([("ts", pymongo.DESCENDING)])
-    metrics_events.create_index([("event", pymongo.ASCENDING)])
-    metrics_events.create_index([("attempt_type", pymongo.ASCENDING)])
-    print("MongoDB connection successful")
-except Exception as e:
-    print(f"MongoDB connection error: {e}")
-
-# ---------------- Model Download Functions (FIXED) ----------------
-
-def download_file_from_google_drive(file_id, destination):
-    """Download file from Google Drive - Fixed version"""
+# Model status tracking
+model_status = {
+    'yolo_loaded': False,
+    'antispoof_loaded': False,
+    'database_connected': False
+}
+
+# Database connection with error handling
+def initialize_database():
+    """Initialize MongoDB connection with proper error handling"""
+    global client, db, students_collection, teachers_collection, attendance_collection, metrics_events
+    
     try:
-        if not os.path.exists(destination):
-            print(f"Downloading {destination}...")
-            # FIXED URL format without HTML entities
-            url = f"https://drive.google.com/uc?export=download&id={file_id}"
-            
-            os.makedirs(os.path.dirname(destination), exist_ok=True)
-            
-            session_requests = requests.Session()
-            response = session_requests.get(url, stream=True)
-            
-            # Handle Google Drive's virus scan warning for large files
-            if 'download_warning' in response.text:
-                for line in response.text.split('\n'):
-                    if 'confirm=' in line:
-                        confirm_token = line.split('confirm=')[1].split('&')[0]
-                        url = f"https://drive.google.com/uc?export=download&confirm={confirm_token}&id={file_id}"
-                        response = session_requests.get(url, stream=True)
-                        break
+        mongo_uri = os.getenv('MONGO_URI', 'mongodb://localhost:27017/')
+        client = MongoClient(mongo_uri, serverSelectionTimeoutMS=5000)
+        
+        # Test connection
+        client.admin.command('ping')
+        
+        db = client['face_attendance_system']
+        students_collection = db['students']
+        teachers_collection = db['teachers']
+        attendance_collection = db['attendance']
+        metrics_events = db['metrics_events']
+
+        # Create indexes
+        try:
+            students_collection.create_index([("student_id", pymongo.ASCENDING)], unique=True)
+            teachers_collection.create_index([("teacher_id", pymongo.ASCENDING)], unique=True)
+            attendance_collection.create_index([
+                ("student_id", pymongo.ASCENDING),
+                ("date", pymongo.ASCENDING),
+                ("subject", pymongo.ASCENDING)
+            ])
+            metrics_events.create_index([("ts", pymongo.DESCENDING)])
+        except Exception as idx_error:
+            logger.warning(f"Index creation warning: {idx_error}")
             
-            if response.status_code == 200:
-                with open(destination, 'wb') as f:
-                    for chunk in response.iter_content(chunk_size=8192):
-                        if chunk:
-                            f.write(chunk)
-                print(f"Downloaded {destination}")
-                return True
-            else:
-                print(f"Failed to download {destination}: HTTP {response.status_code}")
-                return False
-        else:
-            print(f"{destination} already exists")
-            return True
+        model_status['database_connected'] = True
+        logger.info("MongoDB connection successful")
+        return True
+        
     except Exception as e:
-        print(f"Error downloading {destination}: {e}")
+        logger.error(f"MongoDB connection error: {e}")
+        model_status['database_connected'] = False
         return False
 
-def setup_models():
-    """Download and setup all required models - FIXED VERSION"""
-    # FIX: Use temp directory for models (guaranteed writable)
-    models_dir = os.path.join(tempfile.gettempdir(), 'models')
-    antispoof_dir = os.path.join(models_dir, 'anti-spoofing')
-    
-    os.makedirs(models_dir, exist_ok=True)
-    os.makedirs(antispoof_dir, exist_ok=True)
-    
-    # Model configurations with your Google Drive IDs
-    models_config = {
-        'yolov5s-face.onnx': {
-            'drive_id': '1sybYq9GGriXN6sY8YV1-RXMeVqYzhDrV',
-            'path': os.path.join(models_dir, 'yolov5s-face.onnx'),
-            'required': True
-        },
-        'AntiSpoofing_bin_1.5_128.onnx': {
-            'drive_id': '1nH5G7dAHFE2KlW_H65txc8GDKSB7Zpy4',
-            'path': os.path.join(antispoof_dir, 'AntiSpoofing_bin_1.5_128.onnx'),
-            'required': True
-        }
-    }
-    
-    print("Downloading models from Google Drive...")
-    
-    # Download YOLO model
-    yolo_downloaded = download_file_from_google_drive(
-        models_config['yolov5s-face.onnx']['drive_id'],
-        models_config['yolov5s-face.onnx']['path']
-    )
-    
-    # Download anti-spoofing model
-    antispoof_downloaded = download_file_from_google_drive(
-        models_config['AntiSpoofing_bin_1.5_128.onnx']['drive_id'],
-        models_config['AntiSpoofing_bin_1.5_128.onnx']['path']
-    )
-    
-    # Print final status
-    print("\n" + "="*50)
-    print("MODEL DOWNLOAD STATUS:")
-    print(f"YOLO Face Model: {'✅ Available' if yolo_downloaded else '❌ Failed'}")
-    print(f"Anti-Spoof Model: {'✅ Available' if antispoof_downloaded else '❌ Failed'}")
-    print("="*50 + "\n")
-    
-    return yolo_downloaded, antispoof_downloaded, models_config
+def check_db_connection():
+    """Check if database is connected"""
+    try:
+        if not model_status['database_connected']:
+            return initialize_database()
+        client.admin.command('ping')
+        return True
+    except Exception:
+        model_status['database_connected'] = False
+        return initialize_database()
 
-# Initialize models on startup
-print("Setting up models...")
-yolo_available, antispoof_available, model_paths = setup_models()
+# Initialize database
+initialize_database()
 
-# ---------------- YOLO Face Detection (FIXED) ----------------
+# Model file paths using local models directory
+BASE_DIR = os.path.dirname(os.path.abspath(__file__))
+MODELS_DIR = os.path.join(BASE_DIR, 'models')
+YOLO_FACE_MODEL_PATH = os.path.join(MODELS_DIR, 'yolov5s-face.onnx')
+ANTI_SPOOF_BIN_MODEL_PATH = os.path.join(MODELS_DIR, 'anti-spoofing', 'AntiSpoofing_bin_1.5_128.onnx')
 
+# YOLO Face Detection Helper Functions
 def _get_providers():
     available = ort.get_available_providers()
     if "CUDAExecutionProvider" in available:
@@ -232,6 +187,7 @@ def _nms(boxes: np.ndarray, scores: np.ndarray, iou_threshold: float):
         order = order[inds + 1]
     return keep
 
+# YOLO Face Detector Class
 class YoloV5FaceDetector:
     def __init__(self, model_path: str, input_size: int = 640, conf_threshold: float = 0.3, iou_threshold: float = 0.45):
         if not os.path.exists(model_path):
@@ -243,9 +199,6 @@ class YoloV5FaceDetector:
         self.session = ort.InferenceSession(model_path, providers=_get_providers())
         self.input_name = self.session.get_inputs()[0].name
         self.output_names = [o.name for o in self.session.get_outputs()]
-        shape = self.session.get_inputs()[0].shape
-        if isinstance(shape[2], int):
-            self.input_size = int(shape[2])
 
     @staticmethod
     def _xywh2xyxy(x: np.ndarray) -> np.ndarray:
@@ -263,14 +216,17 @@ class YoloV5FaceDetector:
         img = img.astype(np.float32) / 255.0
         img = np.transpose(img, (2, 0, 1))
         img = np.expand_dims(img, 0)
+        
         preds = self.session.run(self.output_names, {self.input_name: img})[0]
         if preds.ndim == 3 and preds.shape[0] == 1:
             preds = preds[0]
         if preds.ndim != 2:
             raise RuntimeError(f"Unexpected YOLO output shape: {preds.shape}")
+        
         num_attrs = preds.shape[1]
         has_landmarks = num_attrs >= 15
         boxes_xywh = preds[:, 0:4]
+        
         if has_landmarks:
             scores = preds[:, 4]
         else:
@@ -281,11 +237,14 @@ class YoloV5FaceDetector:
             else:
                 class_conf = cls_scores.max(axis=1, keepdims=True)
                 scores = (obj * class_conf).squeeze(-1)
+        
         keep = scores > self.conf_threshold
         boxes_xywh = boxes_xywh[keep]
         scores = scores[keep]
+        
         if boxes_xywh.shape[0] == 0:
             return []
+        
         boxes_xyxy = self._xywh2xyxy(boxes_xywh)
         boxes_xyxy[:, [0, 2]] -= dwdh[0]
         boxes_xyxy[:, [1, 3]] -= dwdh[1]
@@ -294,16 +253,17 @@ class YoloV5FaceDetector:
         boxes_xyxy[:, 1] = np.clip(boxes_xyxy[:, 1], 0, h0 - 1)
         boxes_xyxy[:, 2] = np.clip(boxes_xyxy[:, 2], 0, w0 - 1)
         boxes_xyxy[:, 3] = np.clip(boxes_xyxy[:, 3], 0, h0 - 1)
+        
         keep_inds = _nms(boxes_xyxy, scores, self.iou_threshold)
         if len(keep_inds) > max_det:
             keep_inds = keep_inds[:max_det]
+        
         dets = []
         for i in keep_inds:
             dets.append({"bbox": boxes_xyxy[i].tolist(), "score": float(scores[i])})
         return dets
 
-# ---------------- Anti-Spoof Model (FIXED) ----------------
-
+# Anti-Spoofing Model
 def _sigmoid(x: np.ndarray) -> np.ndarray:
     return 1.0 / (1.0 + np.exp(-x))
 
@@ -349,8 +309,7 @@ class AntiSpoofBinary:
             live_prob = float(_sigmoid(out.astype(np.float32)))
         return max(0.0, min(1.0, live_prob))
 
-# ---------------- Helper Functions ----------------
-
+# Helper Functions
 def expand_and_clip_box(bbox_xyxy, scale: float, w: int, h: int):
     x1, y1, x2, y2 = bbox_xyxy
     bw = x2 - x1
@@ -389,34 +348,40 @@ def decode_image(base64_image):
     image = cv2.imdecode(np_array, cv2.IMREAD_COLOR)
     return image
 
-# Model paths (using temp directory)
-YOLO_FACE_MODEL_PATH = model_paths['yolov5s-face.onnx']['path']
-ANTI_SPOOF_BIN_MODEL_PATH = model_paths['AntiSpoofing_bin_1.5_128.onnx']['path']
-
-# Initialize models with timeout protection
+# Initialize models with better error handling
 yolo_face = None
 anti_spoof_bin = None
 
-try:
-    if yolo_available:
-        yolo_face = YoloV5FaceDetector(YOLO_FACE_MODEL_PATH, input_size=640, conf_threshold=0.3, iou_threshold=0.45)
-        print("YOLO Face model loaded successfully")
-    else:
-        print("Warning: YOLO Face model not available")
-except Exception as e:
-    print(f"Error loading YOLO model: {e}")
-
-try:
-    if antispoof_available:
-        anti_spoof_bin = AntiSpoofBinary(ANTI_SPOOF_BIN_MODEL_PATH, input_size=128, rgb=True, normalize=True, live_index=1)
-        print("Anti-spoofing model loaded successfully")
-    else:
-        print("Warning: Anti-spoofing model not available")
-except Exception as e:
-    print(f"Error loading anti-spoofing model: {e}")
+def initialize_models():
+    """Initialize models with proper error handling"""
+    global yolo_face, anti_spoof_bin
+    
+    try:
+        if os.path.exists(YOLO_FACE_MODEL_PATH):
+            yolo_face = YoloV5FaceDetector(YOLO_FACE_MODEL_PATH, input_size=640, conf_threshold=0.3, iou_threshold=0.45)
+            model_status['yolo_loaded'] = True
+            logger.info("YOLO Face model loaded successfully")
+        else:
+            logger.warning(f"YOLO model not found at: {YOLO_FACE_MODEL_PATH}")
+    except Exception as e:
+        logger.error(f"Error loading YOLO model: {e}")
+        model_status['yolo_loaded'] = False
 
-# ----------------------------- DeepFace Recognition -----------------------------
+    try:
+        if os.path.exists(ANTI_SPOOF_BIN_MODEL_PATH):
+            anti_spoof_bin = AntiSpoofBinary(ANTI_SPOOF_BIN_MODEL_PATH, input_size=128, rgb=True, normalize=True, live_index=1)
+            model_status['antispoof_loaded'] = True
+            logger.info("Anti-spoofing model loaded successfully")
+        else:
+            logger.warning(f"Anti-spoof model not found at: {ANTI_SPOOF_BIN_MODEL_PATH}")
+    except Exception as e:
+        logger.error(f"Error loading anti-spoofing model: {e}")
+        model_status['antispoof_loaded'] = False
 
+# Initialize models
+initialize_models()
+
+# DeepFace Recognition Functions
 def get_face_features_deepface(image):
     """Extract face features using DeepFace with timeout protection"""
     try:
@@ -434,7 +399,7 @@ def get_face_features_deepface(image):
             return np.array(embedding['embedding']) if 'embedding' in embedding else None
             
     except Exception as e:
-        print(f"Error in DeepFace feature extraction: {e}")
+        logger.error(f"Error in DeepFace feature extraction: {e}")
         return None
 
 def recognize_face_deepface(image, user_id, user_type='student'):
@@ -487,27 +452,18 @@ def recognize_face_deepface(image, user_id, user_type='student'):
 def recognize_face(image, user_id, user_type='student'):
     return recognize_face_deepface(image, user_id, user_type)
 
-# ---------------------- Metrics helpers ----------------------
-
+# Metrics helpers
 def log_metrics_event(event: dict):
     try:
-        metrics_events.insert_one(event)
+        if check_db_connection():
+            metrics_events.insert_one(event)
     except Exception as e:
-        print("Failed to log metrics event:", e)
-
-def log_metrics_event_normalized(
-    *,
-    event: str,
-    attempt_type: str,
-    claimed_id: Optional[str],
-    recognized_id: Optional[str],
-    liveness_pass: bool,
-    distance: Optional[float],
-    live_prob: Optional[float],
-    latency_ms: Optional[float],
-    client_ip: Optional[str],
-    reason: Optional[str] = None
-):
+        logger.error(f"Failed to log metrics event: {e}")
+
+def log_metrics_event_normalized(*, event: str, attempt_type: str, claimed_id: Optional[str],
+                                recognized_id: Optional[str], liveness_pass: bool, distance: Optional[float],
+                                live_prob: Optional[float], latency_ms: Optional[float], client_ip: Optional[str],
+                                reason: Optional[str] = None):
     if not liveness_pass:
         decision = "spoof_blocked"
     else:
@@ -529,128 +485,28 @@ def log_metrics_event_normalized(
     }
     log_metrics_event(doc)
 
-def classify_event(ev: Dict[str, Any]) -> Tuple[Optional[str], Optional[str]]:
-    if ev.get("event"):
-        e = ev.get("event")
-        at = ev.get("attempt_type")
-        if not at:
-            if e in ("accept_true", "reject_false"):
-                at = "genuine"
-            elif e in ("accept_false", "reject_true"):
-                at = "impostor"
-        return e, at
-
-    decision = ev.get("decision")
-    success = ev.get("success")
-    reason = (ev.get("reason") or "") if isinstance(ev.get("reason"), str) else ev.get("reason")
-
-    if decision == "recognized" and (success is True or success is None):
-        return "accept_true", "genuine"
-    if decision == "spoof_blocked":
-        return "reject_true", "impostor"
-    if decision == "not_recognized":
-        if reason in ("false_reject",):
-            return "reject_false", "genuine"
-        if reason in ("unauthorized_attempt", "liveness_fail", "mismatch_claim", "no_face_detected", "failed_crop", "recognition_error"):
-            return "reject_true", "impostor"
-        return "reject_true", "impostor"
-
-    return None, None
-
-def compute_metrics(limit: int = 10000):
-    cursor = metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(limit)
-    counts = {
-        "trueAccepts": 0,
-        "falseAccepts": 0,
-        "trueRejects": 0,
-        "falseRejects": 0,
-        "genuineAttempts": 0,
-        "impostorAttempts": 0,
-        "unauthorizedRejected": 0,
-        "unauthorizedAccepted": 0,
-    }
-
-    total_attempts_calc = 0
-
-    for ev in cursor:
-        e, at = classify_event(ev)
-        if not e:
-            continue
-        total_attempts_calc += 1
-
-        if e == "accept_true":
-            counts["trueAccepts"] += 1
-        elif e == "accept_false":
-            counts["falseAccepts"] += 1
-            counts["unauthorizedAccepted"] += 1
-        elif e == "reject_true":
-            counts["trueRejects"] += 1
-            counts["unauthorizedRejected"] += 1
-        elif e == "reject_false":
-            counts["falseRejects"] += 1
-
-        if at == "genuine":
-            counts["genuineAttempts"] += 1
-        elif at == "impostor":
-            counts["impostorAttempts"] += 1
-
-    genuine_attempts = max(counts["genuineAttempts"], 1)
-    impostor_attempts = max(counts["impostorAttempts"], 1)
-    total_attempts_final = max(total_attempts_calc, 1)
-
-    FAR = counts["falseAccepts"] / impostor_attempts
-    FRR = counts["falseRejects"] / genuine_attempts
-    accuracy = (counts["trueAccepts"] + counts["trueRejects"]) / total_attempts_final
-
-    return {
-        "counts": counts,
-        "rates": {
-            "FAR": FAR,
-            "FRR": FRR,
-            "accuracy": accuracy
-        },
-        "totals": {
-            "totalAttempts": total_attempts_calc
-        }
-    }
-
-def compute_latency_avg(limit: int = 300) -> Optional[float]:
-    cursor = metrics_events.find({"latency_ms": {"$exists": True}}, {"latency_ms": 1, "_id": 0}).sort("ts", -1).limit(limit)
-    vals = [float(d["latency_ms"]) for d in cursor if isinstance(d.get("latency_ms"), (int, float))]
-    if not vals:
-        return None
-    return sum(vals) / len(vals)
-
-# --------- DEBUG ROUTES ---------
-
-@app.route('/debug-session')
-def debug_session():
-    """Enhanced debug route to check session and cookie state"""
-    import pprint
-    
-    debug_info = {
-        'session_data': dict(session),
-        'session_keys': list(session.keys()),
-        'session_permanent': session.permanent,
-        'session_modified': getattr(session, 'modified', 'unknown'),
-        'request_cookies': dict(request.cookies),
-        'flask_config': {
-            'SECRET_KEY': app.secret_key[:20] + '...' if app.secret_key else None,
-            'SESSION_COOKIE_SECURE': app.config.get('SESSION_COOKIE_SECURE'),
-            'SESSION_COOKIE_HTTPONLY': app.config.get('SESSION_COOKIE_HTTPONLY'),
-            'SESSION_COOKIE_SAMESITE': app.config.get('SESSION_COOKIE_SAMESITE'),
-            'SESSION_COOKIE_PATH': app.config.get('SESSION_COOKIE_PATH'),
-            'SESSION_COOKIE_DOMAIN': app.config.get('SESSION_COOKIE_DOMAIN'),
-        }
-    }
-    
-    print("[DEBUG] Session Debug Info:")
-    pprint.pprint(debug_info)
-    
-    return jsonify(debug_info)
-
-# --------- ALL ROUTES ---------
+# Session verification decorator
+def login_required(user_type=None):
+    def decorator(f):
+        def wrapper(*args, **kwargs):
+            if not session.get('logged_in'):
+                if request.is_json:
+                    return jsonify({'success': False, 'message': 'Not logged in', 'redirect': '/login.html'})
+                flash('Please log in to access this page.', 'warning')
+                return redirect(url_for('login_page'))
+            
+            if user_type and session.get('user_type') != user_type:
+                if request.is_json:
+                    return jsonify({'success': False, 'message': 'Unauthorized', 'redirect': '/login.html'})
+                flash('Unauthorized access.', 'danger')
+                return redirect(url_for('login_page'))
+            
+            return f(*args, **kwargs)
+        wrapper.__name__ = f.__name__
+        return wrapper
+    return decorator
 
+# Routes
 @app.route('/')
 def home():
     return render_template('home.html')
@@ -664,12 +520,26 @@ def register_page():
     return render_template('register.html')
 
 @app.route('/metrics')
+@login_required('teacher')
 def metrics_dashboard():
     return render_template('metrics.html')
 
+@app.route('/health-check')
+def health_check():
+    return jsonify({
+        'status': 'healthy',
+        'models': model_status,
+        'database_connected': check_db_connection(),
+        'timestamp': datetime.now().isoformat()
+    })
+
 @app.route('/register', methods=['POST'])
 def register():
     try:
+        if not check_db_connection():
+            flash('Database connection error. Please try again later.', 'danger')
+            return redirect(url_for('register_page'))
+            
         student_data = {
             'student_id': request.form.get('student_id'),
             'name': request.form.get('name'),
@@ -684,6 +554,7 @@ def register():
             'password': request.form.get('password'),
             'created_at': datetime.now()
         }
+        
         face_image = request.form.get('face_image')
         if face_image and ',' in face_image:
             image_data = face_image.split(',')[1]
@@ -700,67 +571,66 @@ def register():
         else:
             flash('Registration failed. Please try again.', 'danger')
             return redirect(url_for('register_page'))
+            
     except pymongo.errors.DuplicateKeyError:
         flash('Student ID already exists. Please use a different ID.', 'danger')
         return redirect(url_for('register_page'))
     except Exception as e:
+        logger.error(f"Registration error: {e}")
         flash(f'Registration failed: {str(e)}', 'danger')
         return redirect(url_for('register_page'))
 
 @app.route('/login', methods=['POST'])
 def login():
-    student_id = request.form.get('student_id')
-    password = request.form.get('password')
-    
-    print(f"[DEBUG] Login attempt for student_id: {student_id}")
-    
-    if not student_id or not password:
-        flash('Please enter both student ID and password.', 'danger')
-        return redirect(url_for('login_page'))
-    
-    student = students_collection.find_one({'student_id': student_id})
-
-    if student and student.get('password') == password:
-        # CRITICAL FIX: Clear session and set data, then create response manually
-        session.clear()
-        session['logged_in'] = True
-        session['user_type'] = 'student'
-        session['student_id'] = student_id
-        session['name'] = student.get('name')
-        session.permanent = True
-        
-        print(f"[DEBUG] Session set after login: {dict(session)}")
-        print(f"[DEBUG] Session modified: {session.modified}")
-        
-        # Create response manually to ensure cookie is set
-        response = redirect(url_for('dashboard'))
+    try:
+        if not check_db_connection():
+            flash('Database connection error. Please try again later.', 'danger')
+            return redirect(url_for('login_page'))
+            
+        student_id = request.form.get('student_id')
+        password = request.form.get('password')
         
-        # Force session cookie to be set
-        app.save_session(session, response)
+        if not student_id or not password:
+            flash('Please enter both student ID and password.', 'danger')
+            return redirect(url_for('login_page'))
         
-        flash('Login successful!', 'success')
-        return response
-    else:
-        print(f"[DEBUG] Login failed for student: {student_id}")
-        flash('Invalid credentials. Please try again.', 'danger')
+        student = students_collection.find_one({'student_id': student_id})
+
+        if student and student.get('password') == password:
+            session.permanent = True
+            session['logged_in'] = True
+            session['user_type'] = 'student'
+            session['student_id'] = student_id
+            session['name'] = student.get('name')
+            session.modified = True
+            
+            flash('Login successful!', 'success')
+            return redirect(url_for('dashboard'))
+        else:
+            flash('Invalid credentials. Please try again.', 'danger')
+            return redirect(url_for('login_page'))
+            
+    except Exception as e:
+        logger.error(f"Login error: {e}")
+        flash('Login failed due to server error. Please try again.', 'danger')
         return redirect(url_for('login_page'))
 
 @app.route('/face-login', methods=['POST'])
 def face_login():
-    print(f"[DEBUG] Face login attempt started")
-    
     try:
+        if not check_db_connection():
+            flash('Database connection error. Please try again later.', 'danger')
+            return redirect(url_for('login_page'))
+            
         face_image = request.form.get('face_image')
         face_role = request.form.get('face_role')
 
         if not face_image or not face_role:
-            print(f"[DEBUG] Missing face_image or face_role")
             flash('Face image and role are required for face login.', 'danger')
             return redirect(url_for('login_page'))
 
         image = decode_image(face_image)
         if image is None:
-            print(f"[DEBUG] Invalid image data")
             flash('Invalid image data.', 'danger')
             return redirect(url_for('login_page'))
 
@@ -773,7 +643,6 @@ def face_login():
             id_field = 'teacher_id'
             dashboard_route = 'teacher_dashboard'
         else:
-            print(f"[DEBUG] Invalid face_role: {face_role}")
             flash('Invalid role selected for face login.', 'danger')
             return redirect(url_for('login_page'))
 
@@ -781,12 +650,9 @@ def face_login():
         test_features = get_face_features_deepface(image)
         
         if test_features is None:
-            print(f"[DEBUG] No face features extracted")
             flash('No face detected or processing failed. Please try again.', 'danger')
             return redirect(url_for('login_page'))
 
-        print(f"[DEBUG] Checking against {collection.count_documents({'face_image': {'$exists': True, '$ne': None}})} users")
-
         for user in users:
             try:
                 ref_image_bytes = user['face_image']
@@ -800,52 +666,45 @@ def face_login():
                 similarity = cosine_similarity([test_features], [ref_features])[0][0]
                 distance = 1 - similarity
                 
-                print(f"[DEBUG] User {user[id_field]} - Distance: {distance:.3f}")
-                
                 if distance < 0.4:
-                    # CRITICAL FIX: Clear session, set data, create response manually
-                    session.clear()
+                    session.permanent = True
                     session['logged_in'] = True
                     session['user_type'] = face_role
                     session[id_field] = user[id_field]
                     session['name'] = user.get('name')
-                    session.permanent = True
-                    
-                    print(f"[DEBUG] Face login SUCCESS - Session set: {dict(session)}")
-                    print(f"[DEBUG] Session modified: {session.modified}")
-                    
-                    # Create response manually to ensure cookie is set
-                    response = redirect(url_for(dashboard_route))
-                    
-                    # Force session cookie to be set
-                    app.save_session(session, response)
+                    session.modified = True
                     
                     flash('Face login successful!', 'success')
-                    return response
+                    return redirect(url_for(dashboard_route))
                     
             except Exception as e:
-                print(f"[DEBUG] Error processing user {user.get(id_field)}: {e}")
+                logger.error(f"Error processing user {user.get(id_field)}: {e}")
                 continue
 
-        print("[DEBUG] Face login FAILED - no match found")
         flash('Face not recognized. Please try again or contact admin.', 'danger')
         return redirect(url_for('login_page'))
         
     except Exception as e:
-        print(f"[DEBUG] Face login ERROR: {e}")
+        logger.error(f"Face login error: {e}")
         flash('Login failed due to server error. Please try again.', 'danger')
         return redirect(url_for('login_page'))
 
 @app.route('/auto-face-login', methods=['POST'])
 def auto_face_login():
     try:
+        if not check_db_connection():
+            return jsonify({'success': False, 'message': 'Database connection error'})
+            
         data = request.json
         face_image = data.get('face_image')
         face_role = data.get('face_role', 'student')
+        
         if not face_image:
             return jsonify({'success': False, 'message': 'No image received'})
+            
         image = decode_image(face_image)
         test_features = get_face_features_deepface(image)
+        
         if test_features is None:
             return jsonify({'success': False, 'message': 'No face detected'})
 
@@ -859,11 +718,13 @@ def auto_face_login():
             dashboard_route = '/dashboard'
 
         users = collection.find({'face_image': {'$exists': True, '$ne': None}}).limit(20)
+        
         for user in users:
             try:
                 ref_image_array = np.frombuffer(user['face_image'], np.uint8)
                 ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
                 ref_features = get_face_features_deepface(ref_image)
+                
                 if ref_features is None:
                     continue
                 
@@ -871,13 +732,12 @@ def auto_face_login():
                 distance = 1 - similarity
                 
                 if distance < 0.4:
-                    # Clear existing session and set new session data
-                    session.clear()
+                    session.permanent = True
                     session['logged_in'] = True
                     session['user_type'] = face_role
                     session[id_field] = user[id_field]
                     session['name'] = user.get('name')
-                    session.permanent = True
+                    session.modified = True
                     
                     return jsonify({
                         'success': True,
@@ -885,262 +745,213 @@ def auto_face_login():
                         'redirect_url': dashboard_route,
                         'face_role': face_role
                     })
+                    
             except Exception as e:
-                print(f"Error processing user {user.get(id_field)}: {e}")
+                logger.error(f"Error processing user {user.get(id_field)}: {e}")
                 continue
 
         return jsonify({'success': False, 'message': f'Face not recognized in {face_role} database'})
+        
     except Exception as e:
-        print(f"Auto face login error: {e}")
+        logger.error(f"Auto face login error: {e}")
         return jsonify({'success': False, 'message': 'Login failed due to server error'})
 
 @app.route('/attendance.html')
+@login_required('student')
 def attendance_page():
-    if 'logged_in' not in session or session.get('user_type') != 'student':
-        return redirect(url_for('login_page'))
     student_id = session.get('student_id')
     student = students_collection.find_one({'student_id': student_id})
     return render_template('attendance.html', student=student)
 
 @app.route('/dashboard')
+@login_required('student')
 def dashboard():
-    print(f"[DEBUG] Dashboard accessed")
-    print(f"[DEBUG] Request cookies: {dict(request.cookies)}")
-    print(f"[DEBUG] Session before access: {dict(session)}")
-    print(f"[DEBUG] Session keys: {list(session.keys())}")
-    print(f"[DEBUG] Session logged_in: {session.get('logged_in')}")
-    print(f"[DEBUG] Session user_type: {session.get('user_type')}")
-    
-    # Check if user is logged in
-    if not session.get('logged_in') or session.get('user_type') != 'student':
-        print("[DEBUG] Dashboard access DENIED - session check failed")
-        print(f"[DEBUG] Session contents: {dict(session)}")
-        flash('Please log in to access the dashboard.', 'warning')
-        return redirect(url_for('login_page'))
-    
-    student_id = session.get('student_id')
-    if not student_id:
-        print("[DEBUG] Dashboard access DENIED - no student_id")
-        session.clear()
-        return redirect(url_for('login_page'))
-    
-    student = students_collection.find_one({'student_id': student_id})
-    if not student:
-        print(f"[DEBUG] Dashboard access DENIED - student not found: {student_id}")
-        session.clear()
+    try:
+        if not check_db_connection():
+            flash('Database connection error. Please try again later.', 'warning')
+            return redirect(url_for('login_page'))
+            
+        student_id = session.get('student_id')
+        student = students_collection.find_one({'student_id': student_id})
+        
+        if not student:
+            session.clear()
+            flash('Student record not found. Please login again.', 'warning')
+            return redirect(url_for('login_page'))
+        
+        # Process face image for display
+        if student and 'face_image' in student and student['face_image']:
+            face_image_base64 = base64.b64encode(student['face_image']).decode('utf-8')
+            mime_type = student.get('face_image_type', 'image/jpeg')
+            student['face_image_url'] = f"data:{mime_type};base64,{face_image_base64}"
+        
+        attendance_records = list(attendance_collection.find({'student_id': student_id}).sort('date', -1))
+        
+        return render_template('dashboard.html', student=student, attendance_records=attendance_records)
+        
+    except Exception as e:
+        logger.error(f"Dashboard error: {e}")
+        flash('Error loading dashboard. Please try again.', 'danger')
         return redirect(url_for('login_page'))
-    
-    # Process face image for display
-    if student and 'face_image' in student and student['face_image']:
-        face_image_base64 = base64.b64encode(student['face_image']).decode('utf-8')
-        mime_type = student.get('face_image_type', 'image/jpeg')
-        student['face_image_url'] = f"data:{mime_type};base64,{face_image_base64}"
-    
-    attendance_records = list(attendance_collection.find({'student_id': student_id}).sort('date', -1))
-    
-    print(f"[DEBUG] Dashboard SUCCESS - loaded for: {student_id}")
-    return render_template('dashboard.html', student=student, attendance_records=attendance_records)
 
 @app.route('/mark-attendance', methods=['POST'])
+@login_required('student')
 def mark_attendance():
-    if 'logged_in' not in session or session.get('user_type') != 'student':
-        return jsonify({'success': False, 'message': 'Not logged in'})
-
-    if not yolo_face:
-        return jsonify({'success': False, 'message': 'Face detection model not available. Please contact admin.'})
-
-    data = request.json
-    student_id = session.get('student_id') or data.get('student_id')
-    program = data.get('program')
-    semester = data.get('semester')
-    course = data.get('course')
-    face_image = data.get('face_image')
-
-    if not all([student_id, program, semester, course, face_image]):
-        return jsonify({'success': False, 'message': 'Missing required data'})
-
-    client_ip = request.remote_addr
-    t0 = time.time()
-
-    image = decode_image(face_image)
-    if image is None or image.size == 0:
-        return jsonify({'success': False, 'message': 'Invalid image data'})
-
-    h, w = image.shape[:2]
-    vis = image.copy()
-
-    detections = yolo_face.detect(image, max_det=20)
-    if not detections:
-        overlay = image_to_data_uri(vis)
-        log_metrics_event_normalized(
-            event="reject_true",
-            attempt_type="impostor",
-            claimed_id=student_id,
-            recognized_id=None,
-            liveness_pass=False,
-            distance=None,
-            live_prob=None,
-            latency_ms=round((time.time() - t0) * 1000.0, 2),
-            client_ip=client_ip,
-            reason="no_face_detected"
-        )
-        return jsonify({'success': False, 'message': 'No face detected for liveness', 'overlay': overlay})
-
-    best = max(detections, key=lambda d: d["score"])
-    x1, y1, x2, y2 = [int(v) for v in best["bbox"]]
-    x1e, y1e, x2e, y2e = expand_and_clip_box((x1, y1, x2, y2), scale=1.2, w=w, h=h)
-    face_crop = image[y1e:y2e, x1e:x2e]
-    if face_crop.size == 0:
-        overlay = image_to_data_uri(vis)
-        log_metrics_event_normalized(
-            event="reject_true",
-            attempt_type="impostor",
-            claimed_id=student_id,
-            recognized_id=None,
-            liveness_pass=False,
-            distance=None,
-            live_prob=None,
-            latency_ms=round((time.time() - t0) * 1000.0, 2),
-            client_ip=client_ip,
-            reason="failed_crop"
-        )
-        return jsonify({'success': False, 'message': 'Failed to crop face for liveness', 'overlay': overlay})
+    try:
+        if not check_db_connection():
+            return jsonify({'success': False, 'message': 'Database connection error. Please try again later.'})
 
-    # Anti-spoofing
-    live_prob = 1.0
-    is_live = True
-    
-    if anti_spoof_bin:
-        live_prob = anti_spoof_bin.predict_live_prob(face_crop)
-        is_live = live_prob >= 0.7
-    
-    label = "LIVE" if is_live else "SPOOF"
-    color = (0, 200, 0) if is_live else (0, 0, 255)
-    draw_live_overlay(vis, (x1e, y1e, x2e, y2e), label, live_prob, color)
-    overlay_data = image_to_data_uri(vis)
-
-    if not is_live:
-        log_metrics_event_normalized(
-            event="reject_true",
-            attempt_type="impostor",
-            claimed_id=student_id,
-            recognized_id=None,
-            liveness_pass=False,
-            distance=None,
-            live_prob=float(live_prob),
-            latency_ms=round((time.time() - t0) * 1000.0, 2),
-            client_ip=client_ip,
-            reason="liveness_fail"
-        )
-        return jsonify({'success': False, 'message': f'Spoof detected or face not live (p={live_prob:.2f}).', 'overlay': overlay_data})
+        if not model_status['yolo_loaded']:
+            return jsonify({'success': False, 'message': 'Face detection model not available. Please contact admin.'})
 
-    success, message = recognize_face(image, student_id, user_type='student')
-    total_latency_ms = round((time.time() - t0) * 1000.0, 2)
+        data = request.json
+        student_id = session.get('student_id') or data.get('student_id')
+        program = data.get('program')
+        semester = data.get('semester')
+        course = data.get('course')
+        face_image = data.get('face_image')
 
-    distance_val = None
-    try:
-        if "distance=" in message:
-            part = message.split("distance=")[1]
-            distance_val = float(part.split(",")[0].strip(") "))
-    except Exception:
-        pass
+        if not all([student_id, program, semester, course, face_image]):
+            return jsonify({'success': False, 'message': 'Missing required data'})
 
-    reason = None
-    if not success:
-        if message.startswith("Unauthorized attempt"):
-            reason = "unauthorized_attempt"
-        elif message.startswith("No face detected"):
-            reason = "no_face_detected"
-        elif message.startswith("False reject"):
-            reason = "false_reject"
-        elif message.startswith("Error in face recognition"):
-            reason = "recognition_error"
-        else:
-            reason = "not_recognized"
-
-    if success:
-        log_metrics_event_normalized(
-            event="accept_true",
-            attempt_type="genuine",
-            claimed_id=student_id,
-            recognized_id=student_id,
-            liveness_pass=True,
-            distance=distance_val,
-            live_prob=float(live_prob),
-            latency_ms=total_latency_ms,
-            client_ip=client_ip,
-            reason=None
-        )
-        attendance_data = {
-            'student_id': student_id,
-            'program': program,
-            'semester': semester,
-            'subject': course,
-            'date': datetime.now().date().isoformat(),
-            'time': datetime.now().time().strftime('%H:%M:%S'),
-            'status': 'present',
-            'created_at': datetime.now()
-        }
+        client_ip = request.remote_addr
+        t0 = time.time()
+
+        image = decode_image(face_image)
+        if image is None or image.size == 0:
+            return jsonify({'success': False, 'message': 'Invalid image data'})
+
+        h, w = image.shape[:2]
+        vis = image.copy()
+
+        detections = yolo_face.detect(image, max_det=20)
+        if not detections:
+            overlay = image_to_data_uri(vis)
+            log_metrics_event_normalized(
+                event="reject_true", attempt_type="impostor", claimed_id=student_id,
+                recognized_id=None, liveness_pass=False, distance=None, live_prob=None,
+                latency_ms=round((time.time() - t0) * 1000.0, 2), client_ip=client_ip,
+                reason="no_face_detected"
+            )
+            return jsonify({'success': False, 'message': 'No face detected for liveness', 'overlay': overlay})
+
+        best = max(detections, key=lambda d: d["score"])
+        x1, y1, x2, y2 = [int(v) for v in best["bbox"]]
+        x1e, y1e, x2e, y2e = expand_and_clip_box((x1, y1, x2, y2), scale=1.2, w=w, h=h)
+        face_crop = image[y1e:y2e, x1e:x2e]
+        
+        if face_crop.size == 0:
+            overlay = image_to_data_uri(vis)
+            log_metrics_event_normalized(
+                event="reject_true", attempt_type="impostor", claimed_id=student_id,
+                recognized_id=None, liveness_pass=False, distance=None, live_prob=None,
+                latency_ms=round((time.time() - t0) * 1000.0, 2), client_ip=client_ip,
+                reason="failed_crop"
+            )
+            return jsonify({'success': False, 'message': 'Failed to crop face for liveness', 'overlay': overlay})
+
+        # Anti-spoofing
+        live_prob = 1.0
+        is_live = True
+        
+        if model_status['antispoof_loaded'] and anti_spoof_bin:
+            live_prob = anti_spoof_bin.predict_live_prob(face_crop)
+            is_live = live_prob >= 0.7
+        
+        label = "LIVE" if is_live else "SPOOF"
+        color = (0, 200, 0) if is_live else (0, 0, 255)
+        draw_live_overlay(vis, (x1e, y1e, x2e, y2e), label, live_prob, color)
+        overlay_data = image_to_data_uri(vis)
+
+        if not is_live:
+            log_metrics_event_normalized(
+                event="reject_true", attempt_type="impostor", claimed_id=student_id,
+                recognized_id=None, liveness_pass=False, distance=None, live_prob=float(live_prob),
+                latency_ms=round((time.time() - t0) * 1000.0, 2), client_ip=client_ip,
+                reason="liveness_fail"
+            )
+            return jsonify({'success': False, 'message': f'Spoof detected or face not live (p={live_prob:.2f}).', 'overlay': overlay_data})
+
+        success, message = recognize_face(image, student_id, user_type='student')
+        total_latency_ms = round((time.time() - t0) * 1000.0, 2)
+
+        distance_val = None
         try:
+            if "distance=" in message:
+                part = message.split("distance=")[1]
+                distance_val = float(part.split(",")[0].strip(") "))
+        except Exception:
+            pass
+
+        if success:
+            log_metrics_event_normalized(
+                event="accept_true", attempt_type="genuine", claimed_id=student_id,
+                recognized_id=student_id, liveness_pass=True, distance=distance_val,
+                live_prob=float(live_prob), latency_ms=total_latency_ms, client_ip=client_ip, reason=None
+            )
+            
+            # Check if attendance already marked today
             existing_attendance = attendance_collection.find_one({
                 'student_id': student_id,
                 'subject': course,
                 'date': datetime.now().date().isoformat()
             })
+            
             if existing_attendance:
                 return jsonify({'success': False, 'message': 'Attendance already marked for this course today', 'overlay': overlay_data})
+            
+            attendance_data = {
+                'student_id': student_id,
+                'program': program,
+                'semester': semester,
+                'subject': course,
+                'date': datetime.now().date().isoformat(),
+                'time': datetime.now().time().strftime('%H:%M:%S'),
+                'status': 'present',
+                'created_at': datetime.now()
+            }
+            
             attendance_collection.insert_one(attendance_data)
             return jsonify({'success': True, 'message': 'Attendance marked successfully', 'overlay': overlay_data})
-        except Exception as e:
-            return jsonify({'success': False, 'message': f'Database error: {str(e)}', 'overlay': overlay_data})
-    else:
-        if reason == "false_reject":
-            log_metrics_event_normalized(
-                event="reject_false",
-                attempt_type="genuine",
-                claimed_id=student_id,
-                recognized_id=student_id,
-                liveness_pass=True,
-                distance=distance_val,
-                live_prob=float(live_prob),
-                latency_ms=total_latency_ms,
-                client_ip=client_ip,
-                reason=reason
-            )
         else:
+            # Determine reason for failure
+            reason = "unauthorized_attempt"
+            if "No face detected" in message:
+                reason = "no_face_detected"
+            elif "Error in face recognition" in message:
+                reason = "recognition_error"
+            
             log_metrics_event_normalized(
-                event="reject_true",
-                attempt_type="impostor",
-                claimed_id=student_id,
-                recognized_id=None,
-                liveness_pass=True,
-                distance=distance_val,
-                live_prob=float(live_prob),
-                latency_ms=total_latency_ms,
-                client_ip=client_ip,
-                reason=reason
+                event="reject_true", attempt_type="impostor", claimed_id=student_id,
+                recognized_id=None, liveness_pass=True, distance=distance_val,
+                live_prob=float(live_prob), latency_ms=total_latency_ms, client_ip=client_ip, reason=reason
             )
-        return jsonify({'success': False, 'message': message, 'overlay': overlay_data})
+            return jsonify({'success': False, 'message': message, 'overlay': overlay_data})
+            
+    except Exception as e:
+        logger.error(f"Mark attendance error: {e}")
+        return jsonify({'success': False, 'message': 'Server error occurred. Please try again.'})
 
 @app.route('/liveness-preview', methods=['POST'])
+@login_required('student')
 def liveness_preview():
-    if 'logged_in' not in session or session.get('user_type') != 'student':
-        return jsonify({'success': False, 'message': 'Not logged in'})
-    
-    if not yolo_face:
-        return jsonify({'success': False, 'message': 'Face detection model not available'})
-        
     try:
+        if not model_status['yolo_loaded']:
+            return jsonify({'success': False, 'message': 'Face detection model not available'})
+            
         data = request.json or {}
         face_image = data.get('face_image')
         if not face_image:
             return jsonify({'success': False, 'message': 'No image received'})
+            
         image = decode_image(face_image)
         if image is None or image.size == 0:
             return jsonify({'success': False, 'message': 'Invalid image data'})
+            
         h, w = image.shape[:2]
         vis = image.copy()
         detections = yolo_face.detect(image, max_det=10)
+        
         if not detections:
             overlay_data = image_to_data_uri(vis)
             return jsonify({
@@ -1150,10 +961,12 @@ def liveness_preview():
                 'message': 'No face detected',
                 'overlay': overlay_data
             })
+            
         best = max(detections, key=lambda d: d["score"])
         x1, y1, x2, y2 = [int(v) for v in best["bbox"]]
         x1e, y1e, x2e, y2e = expand_and_clip_box((x1, y1, x2, y2), scale=1.2, w=w, h=h)
         face_crop = image[y1e:y2e, x1e:x2e]
+        
         if face_crop.size == 0:
             overlay_data = image_to_data_uri(vis)
             return jsonify({
@@ -1165,7 +978,7 @@ def liveness_preview():
             })
         
         live_prob = 1.0
-        if anti_spoof_bin:
+        if model_status['antispoof_loaded'] and anti_spoof_bin:
             live_prob = anti_spoof_bin.predict_live_prob(face_crop)
         
         threshold = 0.7
@@ -1173,17 +986,19 @@ def liveness_preview():
         color = (0, 200, 0) if label == "LIVE" else (0, 0, 255)
         draw_live_overlay(vis, (x1e, y1e, x2e, y2e), label, live_prob, color)
         overlay_data = image_to_data_uri(vis)
+        
         return jsonify({
             'success': True,
             'live': bool(live_prob >= threshold),
             'live_prob': float(live_prob),
             'overlay': overlay_data
         })
+        
     except Exception as e:
-        print("liveness_preview error:", e)
+        logger.error(f"Liveness preview error: {e}")
         return jsonify({'success': False, 'message': 'Server error during preview'})
 
-# --------- TEACHER ROUTES ---------
+# Teacher routes
 @app.route('/teacher_register.html')
 def teacher_register_page():
     return render_template('teacher_register.html')
@@ -1195,6 +1010,10 @@ def teacher_login_page():
 @app.route('/teacher_register', methods=['POST'])
 def teacher_register():
     try:
+        if not check_db_connection():
+            flash('Database connection error. Please try again later.', 'danger')
+            return redirect(url_for('teacher_register_page'))
+            
         teacher_data = {
             'teacher_id': request.form.get('teacher_id'),
             'name': request.form.get('name'),
@@ -1207,6 +1026,7 @@ def teacher_register():
             'password': request.form.get('password'),
             'created_at': datetime.now()
         }
+        
         face_image = request.form.get('face_image')
         if face_image and ',' in face_image:
             image_data = face_image.split(',')[1]
@@ -1215,6 +1035,7 @@ def teacher_register():
         else:
             flash('Face image is required for registration.', 'danger')
             return redirect(url_for('teacher_register_page'))
+            
         result = teachers_collection.insert_one(teacher_data)
         if result.inserted_id:
             flash('Registration successful! You can now login.', 'success')
@@ -1222,75 +1043,76 @@ def teacher_register():
         else:
             flash('Registration failed. Please try again.', 'danger')
             return redirect(url_for('teacher_register_page'))
+            
     except pymongo.errors.DuplicateKeyError:
         flash('Teacher ID already exists. Please use a different ID.', 'danger')
         return redirect(url_for('teacher_register_page'))
     except Exception as e:
+        logger.error(f"Teacher registration error: {e}")
         flash(f'Registration failed: {str(e)}', 'danger')
         return redirect(url_for('teacher_register_page'))
 
 @app.route('/teacher_login', methods=['POST'])
 def teacher_login():
-    teacher_id = request.form.get('teacher_id')
-    password = request.form.get('password')
-    
-    print(f"[DEBUG] Teacher login attempt for teacher_id: {teacher_id}")
-    
-    if not teacher_id or not password:
-        flash('Please enter both teacher ID and password.', 'danger')
-        return redirect(url_for('teacher_login_page'))
-    
-    teacher = teachers_collection.find_one({'teacher_id': teacher_id})
-    if teacher and teacher.get('password') == password:
-        # Clear any existing session data first
-        session.clear()
-        
-        session['logged_in'] = True
-        session['user_type'] = 'teacher'
-        session['teacher_id'] = teacher_id
-        session['name'] = teacher.get('name')
-        session.permanent = True
-        
-        print(f"[DEBUG] Teacher session set after login: {dict(session)}")
+    try:
+        if not check_db_connection():
+            flash('Database connection error. Please try again later.', 'danger')
+            return redirect(url_for('teacher_login_page'))
+            
+        teacher_id = request.form.get('teacher_id')
+        password = request.form.get('password')
         
-        # Create response manually to ensure cookie is set
-        response = redirect(url_for('teacher_dashboard'))
-        app.save_session(session, response)
+        if not teacher_id or not password:
+            flash('Please enter both teacher ID and password.', 'danger')
+            return redirect(url_for('teacher_login_page'))
         
-        flash('Login successful!', 'success')
-        return response
-    else:
-        print(f"[DEBUG] Teacher login failed for: {teacher_id}")
-        flash('Invalid credentials. Please try again.', 'danger')
+        teacher = teachers_collection.find_one({'teacher_id': teacher_id})
+        if teacher and teacher.get('password') == password:
+            session.permanent = True
+            session['logged_in'] = True
+            session['user_type'] = 'teacher'
+            session['teacher_id'] = teacher_id
+            session['name'] = teacher.get('name')
+            session.modified = True
+            
+            flash('Login successful!', 'success')
+            return redirect(url_for('teacher_dashboard'))
+        else:
+            flash('Invalid credentials. Please try again.', 'danger')
+            return redirect(url_for('teacher_login_page'))
+            
+    except Exception as e:
+        logger.error(f"Teacher login error: {e}")
+        flash('Login failed due to server error. Please try again.', 'danger')
         return redirect(url_for('teacher_login_page'))
 
 @app.route('/teacher_dashboard')
+@login_required('teacher')
 def teacher_dashboard():
-    print(f"[DEBUG] Teacher Dashboard accessed - Session: {dict(session)}")
-    
-    if not session.get('logged_in') or session.get('user_type') != 'teacher':
-        print("[DEBUG] Teacher dashboard access denied - redirecting to login")
-        return redirect(url_for('teacher_login_page'))
-    
-    teacher_id = session.get('teacher_id')
-    if not teacher_id:
-        print("[DEBUG] Teacher dashboard access denied - no teacher_id in session")
-        session.clear()
-        return redirect(url_for('teacher_login_page'))
-    
-    teacher = teachers_collection.find_one({'teacher_id': teacher_id})
-    if not teacher:
-        print(f"[DEBUG] Teacher dashboard access denied - teacher not found: {teacher_id}")
-        session.clear()
+    try:
+        if not check_db_connection():
+            flash('Database connection error. Please try again later.', 'warning')
+            return redirect(url_for('teacher_login_page'))
+            
+        teacher_id = session.get('teacher_id')
+        teacher = teachers_collection.find_one({'teacher_id': teacher_id})
+        
+        if not teacher:
+            session.clear()
+            flash('Teacher record not found. Please login again.', 'warning')
+            return redirect(url_for('teacher_login_page'))
+        
+        if teacher and 'face_image' in teacher and teacher['face_image']:
+            face_image_base64 = base64.b64encode(teacher['face_image']).decode('utf-8')
+            mime_type = teacher.get('face_image_type', 'image/jpeg')
+            teacher['face_image_url'] = f"data:{mime_type};base64,{face_image_base64}"
+        
+        return render_template('teacher_dashboard.html', teacher=teacher)
+        
+    except Exception as e:
+        logger.error(f"Teacher dashboard error: {e}")
+        flash('Error loading dashboard. Please try again.', 'danger')
         return redirect(url_for('teacher_login_page'))
-    
-    if teacher and 'face_image' in teacher and teacher['face_image']:
-        face_image_base64 = base64.b64encode(teacher['face_image']).decode('utf-8')
-        mime_type = teacher.get('face_image_type', 'image/jpeg')
-        teacher['face_image_url'] = f"data:{mime_type};base64,{face_image_base64}"
-    
-    print(f"[DEBUG] Teacher dashboard loaded successfully for: {teacher_id}")
-    return render_template('teacher_dashboard.html', teacher=teacher)
 
 @app.route('/teacher_logout')
 def teacher_logout():
@@ -1304,80 +1126,115 @@ def logout():
     flash('You have been logged out', 'info')
     return redirect(url_for('login_page'))
 
-# --------- METRICS JSON ENDPOINTS ---------
+# Metrics endpoints
+def compute_metrics(limit: int = 10000):
+    if not check_db_connection():
+        return {"counts": {}, "rates": {}, "totals": {"totalAttempts": 0}}
+        
+    try:
+        cursor = metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(limit)
+        counts = {
+            "trueAccepts": 0, "falseAccepts": 0, "trueRejects": 0, "falseRejects": 0,
+            "genuineAttempts": 0, "impostorAttempts": 0, "unauthorizedRejected": 0, "unauthorizedAccepted": 0,
+        }
+
+        total_attempts_calc = 0
+        for ev in cursor:
+            event = ev.get("event", "")
+            attempt_type = ev.get("attempt_type", "")
+            
+            if not event:
+                continue
+                
+            total_attempts_calc += 1
+            
+            if event == "accept_true":
+                counts["trueAccepts"] += 1
+            elif event == "accept_false":
+                counts["falseAccepts"] += 1
+                counts["unauthorizedAccepted"] += 1
+            elif event == "reject_true":
+                counts["trueRejects"] += 1
+                counts["unauthorizedRejected"] += 1
+            elif event == "reject_false":
+                counts["falseRejects"] += 1
+
+            if attempt_type == "genuine":
+                counts["genuineAttempts"] += 1
+            elif attempt_type == "impostor":
+                counts["impostorAttempts"] += 1
+
+        genuine_attempts = max(counts["genuineAttempts"], 1)
+        impostor_attempts = max(counts["impostorAttempts"], 1)
+        total_attempts_final = max(total_attempts_calc, 1)
+
+        FAR = counts["falseAccepts"] / impostor_attempts
+        FRR = counts["falseRejects"] / genuine_attempts
+        accuracy = (counts["trueAccepts"] + counts["trueRejects"]) / total_attempts_final
+
+        return {
+            "counts": counts,
+            "rates": {"FAR": FAR, "FRR": FRR, "accuracy": accuracy},
+            "totals": {"totalAttempts": total_attempts_calc}
+        }
+    except Exception as e:
+        logger.error(f"Error computing metrics: {e}")
+        return {"counts": {}, "rates": {}, "totals": {"totalAttempts": 0}}
+
+def compute_latency_avg(limit: int = 300) -> Optional[float]:
+    if not check_db_connection():
+        return None
+        
+    try:
+        cursor = metrics_events.find({"latency_ms": {"$exists": True}}, {"latency_ms": 1, "_id": 0}).sort("ts", -1).limit(limit)
+        vals = [float(d["latency_ms"]) for d in cursor if isinstance(d.get("latency_ms"), (int, float))]
+        if not vals:
+            return None
+        return sum(vals) / len(vals)
+    except Exception as e:
+        logger.error(f"Error computing latency: {e}")
+        return None
+
 @app.route('/metrics-data', methods=['GET'])
+@login_required()
 def metrics_data():
     data = compute_metrics()
-    recent = list(metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(200))
-    normalized_recent = []
-    for r in recent:
-        if isinstance(r.get("ts"), datetime):
-            r["ts"] = r["ts"].isoformat()
-        event, attempt_type = classify_event(r)
-        if event and not r.get("event"):
-            r["event"] = event
-        if attempt_type and not r.get("attempt_type"):
-            r["attempt_type"] = attempt_type
-        if "liveness_pass" not in r:
-            if r.get("decision") == "spoof_blocked":
-                r["liveness_pass"] = False
-            elif isinstance(r.get("live_prob"), (int, float)):
-                r["liveness_pass"] = bool(r["live_prob"] >= 0.7)
-            else:
-                r["liveness_pass"] = None
-        normalized_recent.append(r)
-
-    data["recent"] = normalized_recent
+    try:
+        recent = list(metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(200))
+        for r in recent:
+            if isinstance(r.get("ts"), datetime):
+                r["ts"] = r["ts"].isoformat()
+        data["recent"] = recent
+    except Exception as e:
+        logger.error(f"Error fetching recent events: {e}")
+        data["recent"] = []
+    
     data["avg_latency_ms"] = compute_latency_avg()
     return jsonify(data)
 
 @app.route('/metrics-json')
+@login_required()
 def metrics_json():
     m = compute_metrics()
     counts = m["counts"]
     rates = m["rates"]
     totals = m["totals"]
     avg_latency = compute_latency_avg()
-    accuracy_pct = rates["accuracy"] * 100.0
-    far_pct = rates["FAR"] * 100.0
-    frr_pct = rates["FRR"] * 100.0
+    
+    accuracy_pct = rates.get("accuracy", 0) * 100.0
+    far_pct = rates.get("FAR", 0) * 100.0
+    frr_pct = rates.get("FRR", 0) * 100.0
 
     return jsonify({
         'Accuracy': f"{accuracy_pct:.2f}%" if totals["totalAttempts"] > 0 else "N/A",
-        'False Accepts (FAR)': f"{far_pct:.2f}%" if counts["impostorAttempts"] > 0 else "N/A",
-        'False Rejects (FRR)': f"{frr_pct:.2f}%" if counts["genuineAttempts"] > 0 else "N/A",
+        'False Accepts (FAR)': f"{far_pct:.2f}%" if counts.get("impostorAttempts", 0) > 0 else "N/A",
+        'False Rejects (FRR)': f"{frr_pct:.2f}%" if counts.get("genuineAttempts", 0) > 0 else "N/A",
         'Average Inference Time (s)': f"{(avg_latency/1000.0):.2f}" if isinstance(avg_latency, (int, float)) else "N/A",
-        'Correct Recognitions': counts["trueAccepts"],
+        'Correct Recognitions': counts.get("trueAccepts", 0),
         'Total Attempts': totals["totalAttempts"],
-        'Unauthorized Attempts': counts["unauthorizedRejected"],
-        'enhanced': {
-            'totals': {
-                'attempts': totals["totalAttempts"],
-                'trueAccepts': counts["trueAccepts"],
-                'falseAccepts': counts["falseAccepts"],
-                'trueRejects': counts["trueRejects"],
-                'falseRejects': counts["falseRejects"],
-                'genuineAttempts': counts["genuineAttempts"],
-                'impostorAttempts': counts["impostorAttempts"],
-                'unauthorizedRejected': counts["unauthorizedRejected"],
-                'unauthorizedAccepted': counts["unauthorizedAccepted"],
-            },
-            'accuracy_pct': round(accuracy_pct, 2),
-            'avg_latency_ms': round(avg_latency, 2) if isinstance(avg_latency, (int, float)) else None
-        }
+        'Unauthorized Attempts': counts.get("unauthorizedRejected", 0),
     })
 
-@app.route('/metrics-events')
-def metrics_events_api():
-    limit = int(request.args.get("limit", 200))
-    cursor = metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(limit)
-    events = list(cursor)
-    for ev in events:
-        if isinstance(ev.get("ts"), datetime):
-            ev["ts"] = ev["ts"].isoformat()
-    return jsonify(events)
-
-# FIXED: Port 7860 for HuggingFace Spaces
 if __name__ == '__main__':
-    port = int(os.environ.get('PORT', 7860))  # HuggingFace default port
+    port = int(os.environ.get('PORT', 7860))
     app.run(host='0.0.0.0', port=port, debug=False)

app/static/js/camera.js

@@ -1,37 +1,50 @@
 /*
-  camera.js - Updated for Render deployment
-
-  - Keeps your existing camera flows for:
-    - Student registration
-    - Teacher registration
-    - Face login
-
-  - NEW: Live liveness overlay during Attendance camera preview
-    - Streams frames at ~2-3 fps to /liveness-preview
-    - Renders server overlay (LIVE/SPOOF bbox) into <img id="attendanceOverlayImg">
-    - Stops preview when you capture the still photo
-    - Continues working with Mark Attendance (which already returns overlay too)
-    - Added error handling for network issues and model availability
-
-  Attendance page expected element IDs (ensure these exist in attendance.html):
-    - Buttons: startCameraAttendance, captureImageAttendance, retakeImageAttendance, markAttendanceBtn
-    - Media:   videoAttendance (video), canvasAttendance (canvas), attendanceOverlayImg (img)
-    - Status:  attendanceStatus (div/span for messages)
-    - Fields:  program, semester, course, student_id (optional, server may read from session)
+  camera.js - Enhanced for Hugging Face Spaces deployment
+  
+  Features:
+  - Robust session management and authentication handling
+  - Enhanced error handling for network timeouts and server errors
+  - Improved retry mechanisms for unreliable connections
+  - Better resource cleanup and camera management
+  - Live liveness detection preview for attendance
+  - Fallback handling when models are unavailable
+  - Progressive image quality for better performance on cloud platforms
 */
 
 document.addEventListener('DOMContentLoaded', function () {
-  // Enhanced error handling for network requests
-  async function makeRequest(url, options = {}) {
+  // Configuration
+  const CONFIG = {
+    REQUEST_TIMEOUT: 45000, // 45 seconds for cloud deployment
+    RETRY_ATTEMPTS: 3,
+    RETRY_DELAY: 1000,
+    PREVIEW_FPS: 1.5, // Reduced for cloud hosting stability
+    MAX_CONSECUTIVE_ERRORS: 3,
+    IMAGE_QUALITY: {
+      preview: 0.4,
+      capture: 0.8,
+      registration: 0.9
+    }
+  };
+
+  // Global state management
+  let globalState = {
+    sessionValid: true,
+    modelsAvailable: true,
+    networkOnline: navigator.onLine
+  };
+
+  // Enhanced request function with retry logic and session handling
+  async function makeRequest(url, options = {}, retries = CONFIG.RETRY_ATTEMPTS) {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), CONFIG.REQUEST_TIMEOUT);
+    
     try {
-      const controller = new AbortController();
-      const timeoutId = setTimeout(() => controller.abort(), 30000); // 30 second timeout
-      
       const response = await fetch(url, {
         ...options,
         signal: controller.signal,
         headers: {
           'Content-Type': 'application/json',
+          'Cache-Control': 'no-cache',
           ...options.headers
         }
       });
@@ -39,105 +52,217 @@ document.addEventListener('DOMContentLoaded', function () {
       clearTimeout(timeoutId);
       
       if (!response.ok) {
-        throw new Error(`HTTP ${response.status}: ${response.statusText}`);
+        // Handle specific HTTP status codes
+        if (response.status === 401 || response.status === 403) {
+          globalState.sessionValid = false;
+          throw new Error('Session expired. Please login again.');
+        } else if (response.status === 503) {
+          throw new Error('Service temporarily unavailable. Please try again later.');
+        } else {
+          throw new Error(`Server error (${response.status}). Please try again.`);
+        }
+      }
+      
+      const data = await response.json();
+      
+      // Handle application-level redirects and session issues
+      if (data.redirect || (data.message && data.message.includes('Not logged in'))) {
+        globalState.sessionValid = false;
+        throw new Error('Session expired. Redirecting to login...');
+      }
+      
+      // Check for model availability issues
+      if (data.message && data.message.includes('model not available')) {
+        globalState.modelsAvailable = false;
       }
       
-      return await response.json();
+      return data;
+      
     } catch (error) {
+      clearTimeout(timeoutId);
+      
+      // Handle session expiration
+      if (!globalState.sessionValid || error.message.includes('Session expired')) {
+        setTimeout(() => {
+          window.location.href = '/login.html';
+        }, 2000);
+        throw error;
+      }
+      
+      // Handle network errors with retry logic
+      if (retries > 0 && (
+        error.name === 'AbortError' || 
+        error.name === 'TypeError' || 
+        error.message.includes('fetch')
+      )) {
+        console.warn(`Request failed, retrying... (${CONFIG.RETRY_ATTEMPTS - retries + 1}/${CONFIG.RETRY_ATTEMPTS})`);
+        await new Promise(resolve => setTimeout(resolve, CONFIG.RETRY_DELAY));
+        return makeRequest(url, options, retries - 1);
+      }
+      
+      // Enhanced error messages for user
       if (error.name === 'AbortError') {
-        throw new Error('Request timed out. Please check your internet connection.');
+        throw new Error('Request timed out. Please check your internet connection and try again.');
+      } else if (error.name === 'TypeError') {
+        throw new Error('Network error. Please check your internet connection.');
       }
+      
       throw error;
     }
   }
 
-  // Show loading indicator
-  function showLoading(element, message = 'Processing...') {
-    if (element) {
-      element.innerHTML = `
-        <div class="d-flex align-items-center">
-          <div class="spinner-border spinner-border-sm me-2" role="status">
-            <span class="visually-hidden">Loading...</span>
-          </div>
-          ${message}
-        </div>
-      `;
-    }
+  // Enhanced loading indicator with progress
+  function showLoading(element, message = 'Processing...', showSpinner = true) {
+    if (!element) return;
+    
+    const spinner = showSpinner ? `
+      <div class="spinner-border spinner-border-sm me-2" role="status">
+        <span class="visually-hidden">Loading...</span>
+      </div>
+    ` : '';
+    
+    element.innerHTML = `
+      <div class="d-flex align-items-center justify-content-center">
+        ${spinner}
+        <span class="loading-text">${message}</span>
+      </div>
+    `;
+    element.disabled = true;
   }
 
-  // Hide loading indicator
-  function hideLoading(element, message = '') {
-    if (element) {
-      element.innerHTML = message;
+  function hideLoading(element, message = '', isError = false) {
+    if (!element) return;
+    
+    element.innerHTML = message;
+    element.disabled = false;
+    
+    if (isError) {
+      element.classList.add('btn-outline-danger');
+      setTimeout(() => {
+        element.classList.remove('btn-outline-danger');
+      }, 3000);
     }
   }
 
-  // Enhanced camera access with better error handling
+  // Enhanced camera access with progressive fallback
   async function getCameraStream(constraints = {}) {
-    const defaultConstraints = {
-      video: {
-        width: { ideal: 640, max: 1280 },
-        height: { ideal: 480, max: 720 },
-        facingMode: 'user',
-        frameRate: { ideal: 30, max: 60 }
+    const configurations = [
+      // High quality for registration/login
+      {
+        video: {
+          width: { ideal: 640, max: 1280 },
+          height: { ideal: 480, max: 720 },
+          facingMode: 'user',
+          frameRate: { ideal: 30, max: 60 }
+        }
+      },
+      // Medium quality fallback
+      {
+        video: {
+          width: { ideal: 480, max: 640 },
+          height: { ideal: 360, max: 480 },
+          facingMode: 'user',
+          frameRate: { ideal: 15, max: 30 }
+        }
+      },
+      // Basic fallback
+      {
+        video: { facingMode: 'user' }
+      },
+      // Last resort - any camera
+      {
+        video: true
       }
-    };
+    ];
 
-    const finalConstraints = {
-      ...defaultConstraints,
-      ...constraints
-    };
+    // Merge user constraints with defaults
+    if (Object.keys(constraints).length > 0) {
+      configurations.unshift(constraints);
+    }
 
-    try {
-      // Try with ideal constraints first
-      return await navigator.mediaDevices.getUserMedia(finalConstraints);
-    } catch (error) {
-      console.warn('Failed with ideal constraints, trying basic:', error);
+    for (let i = 0; i < configurations.length; i++) {
       try {
-        // Fallback to basic constraints
-        return await navigator.mediaDevices.getUserMedia({
-          video: { facingMode: 'user' }
-        });
-      } catch (fallbackError) {
-        console.error('Camera access failed completely:', fallbackError);
-        throw new Error('Unable to access camera. Please ensure camera permissions are granted and no other application is using the camera.');
+        console.log(`Trying camera configuration ${i + 1}/${configurations.length}`);
+        const stream = await navigator.mediaDevices.getUserMedia(configurations[i]);
+        console.log('Camera access successful with configuration:', configurations[i]);
+        return stream;
+      } catch (error) {
+        console.warn(`Camera configuration ${i + 1} failed:`, error);
+        if (i === configurations.length - 1) {
+          throw new Error('Unable to access camera. Please ensure camera permissions are granted and no other application is using the camera.');
+        }
       }
     }
   }
 
-  // Reusable section setup for Registration/Login
-  function setupCameraSection(config) {
-    const video = document.getElementById(config.videoId);
-    const canvas = document.getElementById(config.canvasId);
-    const startCameraBtn = document.getElementById(config.startCameraBtnId);
-    const captureImageBtn = document.getElementById(config.captureImageBtnId);
-    const retakeImageBtn = document.getElementById(config.retakeImageBtnId);
-    const cameraOverlay = document.getElementById(config.cameraOverlayId);
-    const faceImageInput = document.getElementById(config.faceImageInputId);
-    const actionBtn = document.getElementById(config.actionBtnId);
+  // Check system capabilities
+  async function checkSystemCapabilities() {
+    try {
+      // Check camera availability
+      const devices = await navigator.mediaDevices.enumerateDevices();
+      const hasCamera = devices.some(device => device.kind === 'videoinput');
+      
+      if (!hasCamera) {
+        throw new Error('No camera detected on this device.');
+      }
 
-    let stream = null;
+      // Check server health
+      const healthData = await makeRequest('/health-check');
+      globalState.modelsAvailable = healthData.models && 
+        (healthData.models.yolo_loaded || healthData.models.antispoof_loaded);
+      
+      return {
+        camera: hasCamera,
+        models: globalState.modelsAvailable,
+        database: healthData.database_connected
+      };
+    } catch (error) {
+      console.warn('System capability check failed:', error);
+      return { camera: true, models: false, database: false }; // Optimistic defaults
+    }
+  }
+
+  // Reusable camera section for Registration/Login with enhanced error handling
+  function setupCameraSection(config) {
+    const elements = {
+      video: document.getElementById(config.videoId),
+      canvas: document.getElementById(config.canvasId),
+      startBtn: document.getElementById(config.startCameraBtnId),
+      captureBtn: document.getElementById(config.captureImageBtnId),
+      retakeBtn: document.getElementById(config.retakeImageBtnId),
+      overlay: document.getElementById(config.cameraOverlayId),
+      imageInput: document.getElementById(config.faceImageInputId),
+      actionBtn: document.getElementById(config.actionBtnId)
+    };
 
-    if (
-      !video ||
-      !canvas ||
-      !startCameraBtn ||
-      !captureImageBtn ||
-      !retakeImageBtn ||
-      !cameraOverlay ||
-      !faceImageInput ||
-      !actionBtn
-    ) {
-      // Missing elements → skip this section gracefully
+    // Validate required elements
+    const requiredElements = ['video', 'canvas', 'startBtn', 'captureBtn', 'retakeBtn', 'imageInput'];
+    const missingElements = requiredElements.filter(key => !elements[key]);
+    
+    if (missingElements.length > 0) {
+      console.warn(`Skipping camera section - missing elements: ${missingElements.join(', ')}`);
       return;
     }
 
-    // Start camera with enhanced error handling
-    startCameraBtn.addEventListener('click', async function () {
+    let stream = null;
+    let isCapturing = false;
+
+    // Enhanced start camera with capability check
+    elements.startBtn.addEventListener('click', async function () {
+      if (isCapturing) return;
+      
       try {
-        startCameraBtn.disabled = true;
-        showLoading(startCameraBtn, 'Starting camera...');
+        isCapturing = true;
+        showLoading(elements.startBtn, 'Checking camera...');
 
+        // Quick capability check
+        const capabilities = await checkSystemCapabilities();
+        if (!capabilities.camera) {
+          throw new Error('No camera available on this device.');
+        }
+
+        showLoading(elements.startBtn, 'Starting camera...');
+        
         stream = await getCameraStream({
           video: {
             width: { ideal: 400, max: 640 },
@@ -146,63 +271,88 @@ document.addEventListener('DOMContentLoaded', function () {
           }
         });
 
-        video.srcObject = stream;
-        await video.play();
+        elements.video.srcObject = stream;
+        await elements.video.play();
+
+        // Update UI
+        elements.startBtn.classList.add('d-none');
+        elements.captureBtn.classList.remove('d-none');
+        elements.retakeBtn.classList.add('d-none');
+        
+        if (elements.overlay) elements.overlay.classList.add('d-none');
+        
+        elements.video.classList.remove('d-none');
+        elements.canvas.classList.add('d-none');
+        
+        if (elements.actionBtn) elements.actionBtn.disabled = true;
 
-        startCameraBtn.classList.add('d-none');
-        captureImageBtn.classList.remove('d-none');
-        retakeImageBtn.classList.add('d-none');
-        cameraOverlay.classList.add('d-none');
-        video.classList.remove('d-none');
-        canvas.classList.add('d-none');
-        actionBtn.disabled = true;
       } catch (err) {
-        console.error('Error accessing camera:', err);
-        alert(err.message || 'Could not access the camera. Please make sure it is connected and permissions are granted.');
+        console.error('Error starting camera:', err);
+        alert(err.message || 'Could not access the camera. Please check permissions.');
+        hideLoading(elements.startBtn, 'Start Camera', true);
       } finally {
-        startCameraBtn.disabled = false;
-        hideLoading(startCameraBtn, 'Start Camera');
+        isCapturing = false;
+        if (!stream) {
+          hideLoading(elements.startBtn, 'Start Camera');
+        } else {
+          hideLoading(elements.startBtn, 'Camera Active');
+        }
       }
     });
 
-    // Capture image
-    captureImageBtn.addEventListener('click', function () {
+    // Enhanced capture with quality options
+    elements.captureBtn.addEventListener('click', function () {
       try {
-        const context = canvas.getContext('2d');
-        canvas.width = video.videoWidth || 400;
-        canvas.height = video.videoHeight || 300;
-        context.drawImage(video, 0, 0, canvas.width, canvas.height);
+        if (!stream || elements.video.readyState < 2) {
+          alert('Camera not ready. Please wait a moment and try again.');
+          return;
+        }
+
+        const context = elements.canvas.getContext('2d');
+        elements.canvas.width = elements.video.videoWidth || 400;
+        elements.canvas.height = elements.video.videoHeight || 300;
+        
+        // Draw with better quality
+        context.drawImage(elements.video, 0, 0, elements.canvas.width, elements.canvas.height);
 
-        const imageDataURL = canvas.toDataURL('image/jpeg', 0.8);
-        faceImageInput.value = imageDataURL;
+        // Use appropriate quality based on use case
+        const quality = config.isRegistration ? CONFIG.IMAGE_QUALITY.registration : CONFIG.IMAGE_QUALITY.capture;
+        const imageDataURL = elements.canvas.toDataURL('image/jpeg', quality);
+        elements.imageInput.value = imageDataURL;
 
-        cameraOverlay.classList.remove('d-none');
-        captureImageBtn.classList.add('d-none');
-        retakeImageBtn.classList.remove('d-none');
-        video.classList.add('d-none');
-        canvas.classList.remove('d-none');
-        actionBtn.disabled = false;
+        // Update UI
+        if (elements.overlay) elements.overlay.classList.remove('d-none');
+        
+        elements.captureBtn.classList.add('d-none');
+        elements.retakeBtn.classList.remove('d-none');
+        elements.video.classList.add('d-none');
+        elements.canvas.classList.remove('d-none');
+        
+        if (elements.actionBtn) elements.actionBtn.disabled = false;
 
+        // Stop camera stream
         if (stream) {
-          stream.getTracks().forEach((track) => track.stop());
+          stream.getTracks().forEach(track => track.stop());
           stream = null;
         }
+
       } catch (err) {
         console.error('Error capturing image:', err);
         alert('Failed to capture image. Please try again.');
       }
     });
 
-    // Retake image
-    retakeImageBtn.addEventListener('click', async function () {
+    // Enhanced retake with cleanup
+    elements.retakeBtn.addEventListener('click', async function () {
       try {
-        retakeImageBtn.disabled = true;
-        showLoading(retakeImageBtn, 'Restarting...');
+        showLoading(elements.retakeBtn, 'Restarting...');
 
-        const context = canvas.getContext('2d');
-        context.clearRect(0, 0, canvas.width, canvas.height);
-        faceImageInput.value = '';
+        // Clear canvas and input
+        const context = elements.canvas.getContext('2d');
+        context.clearRect(0, 0, elements.canvas.width, elements.canvas.height);
+        elements.imageInput.value = '';
 
+        // Restart camera
         stream = await getCameraStream({
           video: {
             width: { ideal: 400, max: 640 },
@@ -211,82 +361,118 @@ document.addEventListener('DOMContentLoaded', function () {
           }
         });
 
-        video.srcObject = stream;
-        await video.play();
+        elements.video.srcObject = stream;
+        await elements.video.play();
+
+        // Update UI
+        if (elements.overlay) elements.overlay.classList.add('d-none');
+        
+        elements.captureBtn.classList.remove('d-none');
+        elements.retakeBtn.classList.add('d-none');
+        elements.video.classList.remove('d-none');
+        elements.canvas.classList.add('d-none');
+        
+        if (elements.actionBtn) elements.actionBtn.disabled = true;
 
-        cameraOverlay.classList.add('d-none');
-        captureImageBtn.classList.remove('d-none');
-        retakeImageBtn.classList.add('d-none');
-        video.classList.remove('d-none');
-        canvas.classList.add('d-none');
-        actionBtn.disabled = true;
       } catch (err) {
         console.error('Error restarting camera:', err);
         alert(err.message || 'Error restarting camera.');
       } finally {
-        retakeImageBtn.disabled = false;
-        hideLoading(retakeImageBtn, 'Retake');
+        hideLoading(elements.retakeBtn, 'Retake');
+      }
+    });
+
+    // Cleanup on page unload
+    window.addEventListener('beforeunload', () => {
+      if (stream) {
+        stream.getTracks().forEach(track => track.stop());
       }
     });
   }
 
-  // Attendance-specific section with LIVE overlay streaming
+  // Enhanced attendance section with robust liveness preview
   function setupAttendanceSection(config) {
-    const video = document.getElementById(config.videoId);
-    const canvas = document.getElementById(config.canvasId);
-    const startBtn = document.getElementById(config.startCameraBtnId);
-    const captureBtn = document.getElementById(config.captureImageBtnId);
-    const retakeBtn = document.getElementById(config.retakeImageBtnId);
-    const markBtn = document.getElementById(config.markBtnId);
-    const overlayImg = document.getElementById(config.overlayImgId);
-    const statusEl = document.getElementById(config.statusId);
-
-    // Optional fields (server may use session for student_id)
-    const programEl = document.getElementById(config.programId);
-    const semesterEl = document.getElementById(config.semesterId);
-    const courseEl = document.getElementById(config.courseId);
-    const studentIdEl = document.getElementById(config.studentIdInputId);
+    const elements = {
+      video: document.getElementById(config.videoId),
+      canvas: document.getElementById(config.canvasId),
+      startBtn: document.getElementById(config.startCameraBtnId),
+      captureBtn: document.getElementById(config.captureImageBtnId),
+      retakeBtn: document.getElementById(config.retakeImageBtnId),
+      markBtn: document.getElementById(config.markBtnId),
+      overlayImg: document.getElementById(config.overlayImgId),
+      statusEl: document.getElementById(config.statusId),
+      // Form fields
+      programEl: document.getElementById(config.programId),
+      semesterEl: document.getElementById(config.semesterId),
+      courseEl: document.getElementById(config.courseId),
+      studentIdEl: document.getElementById(config.studentIdInputId)
+    };
+
+    // Validate core elements
+    if (!elements.video || !elements.canvas || !elements.startBtn || !elements.captureBtn || 
+        !elements.retakeBtn || !elements.markBtn) {
+      console.warn('Skipping attendance section - missing core elements');
+      return;
+    }
 
     let stream = null;
     let capturedDataUrl = '';
+    let previewState = {
+      active: false,
+      busy: false,
+      timer: null,
+      consecutiveErrors: 0,
+      lastSuccessTime: 0
+    };
 
-    // Live preview control
-    let previewActive = false;
-    let previewBusy = false;
-    let previewTimer = null;
-    let consecutiveErrors = 0;
-    const maxConsecutiveErrors = 5;
+    // Preview canvas for efficiency
     const previewCanvas = document.createElement('canvas');
     const previewCtx = previewCanvas.getContext('2d');
 
-    if (!video || !canvas || !startBtn || !captureBtn || !retakeBtn || !markBtn) {
-      return;
-    }
-
-    function setStatus(msg, isError = false) {
-      if (!statusEl) return;
-      statusEl.textContent = msg || '';
-      statusEl.classList.remove('text-success', 'text-danger', 'text-warning');
-      if (isError) {
-        statusEl.classList.add('text-danger');
-      } else if (msg.includes('SPOOF')) {
-        statusEl.classList.add('text-warning');
-      } else {
-        statusEl.classList.add('text-success');
+    function setStatus(msg, type = 'info') {
+      if (!elements.statusEl) return;
+      
+      elements.statusEl.textContent = msg || '';
+      elements.statusEl.classList.remove('text-success', 'text-danger', 'text-warning', 'text-info');
+      
+      switch (type) {
+        case 'error':
+          elements.statusEl.classList.add('text-danger');
+          break;
+        case 'warning':
+          elements.statusEl.classList.add('text-warning');
+          break;
+        case 'success':
+          elements.statusEl.classList.add('text-success');
+          break;
+        default:
+          elements.statusEl.classList.add('text-info');
       }
     }
 
     function clearOverlay() {
-      if (overlayImg) {
-        overlayImg.src = '';
-        overlayImg.classList.add('d-none');
+      if (elements.overlayImg) {
+        elements.overlayImg.src = '';
+        elements.overlayImg.classList.add('d-none');
       }
     }
 
     async function startCamera() {
       try {
-        startBtn.disabled = true;
-        showLoading(startBtn, 'Starting camera...');
+        showLoading(elements.startBtn, 'Initializing camera...');
+        setStatus('Starting camera system...');
+
+        // Check system capabilities first
+        const capabilities = await checkSystemCapabilities();
+        if (!capabilities.camera) {
+          throw new Error('No camera detected. Please ensure a camera is connected.');
+        }
+
+        if (!capabilities.models) {
+          setStatus('Warning: Face recognition models may not be fully available', 'warning');
+        }
+
+        showLoading(elements.startBtn, 'Accessing camera...');
 
         stream = await getCameraStream({
           video: {
@@ -296,61 +482,63 @@ document.addEventListener('DOMContentLoaded', function () {
           }
         });
 
-        video.srcObject = stream;
-        await video.play();
-
-        startBtn.classList.add('d-none');
-        captureBtn.classList.remove('d-none');
-        retakeBtn.classList.add('d-none');
-        markBtn.disabled = true;
-
-        video.classList.remove('d-none');
-        canvas.classList.add('d-none');
-        setStatus('Camera started. Live preview will begin shortly...');
+        elements.video.srcObject = stream;
+        await elements.video.play();
+
+        // Configure preview canvas
+        previewCanvas.width = 480; // Reduced for better network performance
+        previewCanvas.height = Math.round(previewCanvas.width * 
+          (elements.video.videoHeight || 480) / (elements.video.videoWidth || 640));
+
+        // Update UI
+        elements.startBtn.classList.add('d-none');
+        elements.captureBtn.classList.remove('d-none');
+        elements.retakeBtn.classList.add('d-none');
+        elements.markBtn.disabled = true;
+        elements.video.classList.remove('d-none');
+        elements.canvas.classList.add('d-none');
+        
         clearOverlay();
+        setStatus('Camera active. Starting liveness detection...');
 
-        // Configure preview canvas size (lower res for network efficiency)
-        previewCanvas.width = 480;
-        previewCanvas.height = Math.round(previewCanvas.width * (video.videoHeight || 480) / (video.videoWidth || 640));
-
-        // Wait a moment for video to stabilize before starting preview
+        // Wait for video stabilization before starting preview
         setTimeout(() => {
-          if (stream && video.readyState >= 2) {
-            startPreview();
+          if (stream && elements.video.readyState >= 2) {
+            startLivenessPreview();
           }
-        }, 1000);
+        }, 1500);
 
       } catch (err) {
-        console.error('Error accessing camera:', err);
-        alert(err.message || 'Could not access the camera. Please ensure permissions are granted.');
+        console.error('Error starting camera:', err);
+        setStatus(`Camera error: ${err.message}`, 'error');
+        alert(err.message || 'Could not access camera. Please check permissions.');
       } finally {
-        startBtn.disabled = false;
-        hideLoading(startBtn, 'Start Camera');
+        hideLoading(elements.startBtn, 'Start Camera');
       }
     }
 
-    function stopCamera() {
-      if (stream) {
-        stream.getTracks().forEach((t) => t.stop());
-        stream = null;
-      }
-    }
-
-    function startPreview() {
-      if (previewActive) return;
-      previewActive = true;
-      consecutiveErrors = 0;
-
-      // Stream frames at ~2-3 fps to reduce server load and handle Render's limitations
-      const intervalMs = 500; // 2 fps for better stability on cloud hosting
-      previewTimer = setInterval(async () => {
-        if (!previewActive || previewBusy || !stream || video.readyState < 2) return;
+    function startLivenessPreview() {
+      if (previewState.active) return;
+      
+      previewState.active = true;
+      previewState.consecutiveErrors = 0;
+      previewState.lastSuccessTime = Date.now();
+      
+      // Reduced FPS for cloud hosting stability
+      const intervalMs = Math.round(1000 / CONFIG.PREVIEW_FPS);
+      
+      previewState.timer = setInterval(async () => {
+        if (!previewState.active || previewState.busy || !stream || 
+            elements.video.readyState < 2) {
+          return;
+        }
+        
+        previewState.busy = true;
         
-        previewBusy = true;
         try {
-          // Draw current frame to offscreen canvas
-          previewCtx.drawImage(video, 0, 0, previewCanvas.width, previewCanvas.height);
-          const frameDataUrl = previewCanvas.toDataURL('image/jpeg', 0.5); // Lower quality for faster transfer
+          // Capture frame at lower quality for preview
+          previewCtx.drawImage(elements.video, 0, 0, previewCanvas.width, previewCanvas.height);
+          const frameDataUrl = previewCanvas.toDataURL('image/jpeg', CONFIG.IMAGE_QUALITY.preview);
 
           const data = await makeRequest('/liveness-preview', {
             method: 'POST',
@@ -358,172 +546,223 @@ document.addEventListener('DOMContentLoaded', function () {
           });
 
           // Reset error counter on success
-          consecutiveErrors = 0;
+          previewState.consecutiveErrors = 0;
+          previewState.lastSuccessTime = Date.now();
 
-          if (overlayImg && data.overlay) {
-            overlayImg.src = data.overlay;
-            overlayImg.classList.remove('d-none');
+          // Update overlay
+          if (elements.overlayImg && data.overlay) {
+            elements.overlayImg.src = data.overlay;
+            elements.overlayImg.classList.remove('d-none');
           }
 
-          // Enhanced status feedback
+          // Enhanced status with confidence indicators
           if (typeof data.live === 'boolean' && typeof data.live_prob === 'number') {
-            const confidenceLevel = data.live_prob >= 0.9 ? 'High' : data.live_prob >= 0.7 ? 'Good' : 'Low';
-            setStatus(`${data.live ? 'LIVE' : 'SPOOF'} (${confidenceLevel}: ${data.live_prob.toFixed(2)})`, !data.live);
+            const confidence = data.live_prob;
+            let confidenceText = confidence >= 0.9 ? 'Excellent' : 
+                               confidence >= 0.8 ? 'Good' : 
+                               confidence >= 0.7 ? 'Fair' : 'Poor';
+            
+            const statusType = data.live ? (confidence >= 0.8 ? 'success' : 'warning') : 'error';
+            setStatus(
+              `${data.live ? 'LIVE' : 'SPOOF'} detected - Confidence: ${confidenceText} (${confidence.toFixed(2)})`, 
+              statusType
+            );
           } else if (data.message) {
-            setStatus(data.message, !data.success);
+            setStatus(data.message, data.success ? 'info' : 'warning');
           }
 
         } catch (error) {
-          consecutiveErrors++;
-          console.warn(`Preview failed (${consecutiveErrors}/${maxConsecutiveErrors}):`, error);
+          previewState.consecutiveErrors++;
+          const timeSinceLastSuccess = Date.now() - previewState.lastSuccessTime;
           
-          if (consecutiveErrors >= maxConsecutiveErrors) {
-            setStatus('Preview temporarily unavailable. You can still capture and mark attendance.', true);
-            stopPreview(); // Stop trying after too many failures
-          } else if (consecutiveErrors === 1) {
-            setStatus('Preview connection issue...', true);
+          console.warn(`Preview error ${previewState.consecutiveErrors}/${CONFIG.MAX_CONSECUTIVE_ERRORS}:`, error);
+          
+          if (previewState.consecutiveErrors >= CONFIG.MAX_CONSECUTIVE_ERRORS || 
+              timeSinceLastSuccess > 30000) {
+            setStatus('Liveness preview temporarily unavailable. You can still capture and mark attendance.', 'warning');
+            stopLivenessPreview();
+          } else if (previewState.consecutiveErrors === 1) {
+            setStatus('Connecting to liveness service...', 'warning');
           }
         } finally {
-          previewBusy = false;
+          previewState.busy = false;
         }
       }, intervalMs);
     }
 
-    function stopPreview() {
-      previewActive = false;
-      if (previewTimer) {
-        clearInterval(previewTimer);
-        previewTimer = null;
+    function stopLivenessPreview() {
+      previewState.active = false;
+      if (previewState.timer) {
+        clearInterval(previewState.timer);
+        previewState.timer = null;
       }
-      previewBusy = false;
-      consecutiveErrors = 0;
+      previewState.busy = false;
+      previewState.consecutiveErrors = 0;
     }
 
-    function captureFrame() {
-      // Stop live preview while capturing a still
-      stopPreview();
-      setStatus('Image captured. Ready to mark attendance.');
+    function captureAttendanceFrame() {
+      try {
+        if (!stream || elements.video.readyState < 2) {
+          setStatus('Camera not ready. Please wait and try again.', 'error');
+          return;
+        }
 
-      const ctx = canvas.getContext('2d');
-      canvas.width = video.videoWidth || 640;
-      canvas.height = video.videoHeight || 480;
-      ctx.drawImage(video, 0, 0, canvas.width, canvas.height);
-      capturedDataUrl = canvas.toDataURL('image/jpeg', 0.9);
+        // Stop preview during capture
+        stopLivenessPreview();
+        
+        const ctx = elements.canvas.getContext('2d');
+        elements.canvas.width = elements.video.videoWidth || 640;
+        elements.canvas.height = elements.video.videoHeight || 480;
+        ctx.drawImage(elements.video, 0, 0, elements.canvas.width, elements.canvas.height);
+        
+        capturedDataUrl = elements.canvas.toDataURL('image/jpeg', CONFIG.IMAGE_QUALITY.capture);
 
-      captureBtn.classList.add('d-none');
-      retakeBtn.classList.remove('d-none');
-      markBtn.disabled = false;
+        // Update UI
+        elements.captureBtn.classList.add('d-none');
+        elements.retakeBtn.classList.remove('d-none');
+        elements.markBtn.disabled = false;
+        elements.video.classList.add('d-none');
+        elements.canvas.classList.remove('d-none');
 
-      video.classList.add('d-none');
-      canvas.classList.remove('d-none');
+        setStatus('Image captured successfully. Ready to mark attendance.', 'success');
 
-      stopCamera();
+        // Stop camera
+        if (stream) {
+          stream.getTracks().forEach(track => track.stop());
+          stream = null;
+        }
+
+      } catch (err) {
+        console.error('Error capturing frame:', err);
+        setStatus('Failed to capture image. Please try again.', 'error');
+      }
     }
 
-    async function retake() {
+    async function retakeAttendanceFrame() {
       try {
-        retakeBtn.disabled = true;
-        showLoading(retakeBtn, 'Restarting...');
-
-        const ctx = canvas.getContext('2d');
-        ctx.clearRect(0, 0, canvas.width, canvas.height);
+        showLoading(elements.retakeBtn, 'Restarting camera...');
+        
+        // Clear previous capture
+        const ctx = elements.canvas.getContext('2d');
+        ctx.clearRect(0, 0, elements.canvas.width, elements.canvas.height);
         capturedDataUrl = '';
         clearOverlay();
+        
+        // Restart camera
         await startCamera();
+        
       } catch (err) {
         console.error('Error during retake:', err);
-        alert(err.message || 'Error restarting camera.');
+        setStatus('Error restarting camera. Please refresh the page.', 'error');
       } finally {
-        retakeBtn.disabled = false;
-        hideLoading(retakeBtn, 'Retake');
+        hideLoading(elements.retakeBtn, 'Retake');
       }
     }
 
     async function markAttendance() {
       try {
         if (!capturedDataUrl) {
-          setStatus('Please capture an image first.', true);
+          setStatus('Please capture an image first.', 'error');
           return;
         }
 
+        // Validate form fields
         const payload = {
-          student_id:
-            (studentIdEl && studentIdEl.value) ||
-            (markBtn && markBtn.dataset && markBtn.dataset.studentId) ||
-            null,
-          program: (programEl && programEl.value) || '',
-          semester: (semesterEl && semesterEl.value) || '',
-          course: (courseEl && courseEl.value) || '',
+          student_id: (elements.studentIdEl && elements.studentIdEl.value) || null,
+          program: (elements.programEl && elements.programEl.value) || '',
+          semester: (elements.semesterEl && elements.semesterEl.value) || '',
+          course: (elements.courseEl && elements.courseEl.value) || '',
           face_image: capturedDataUrl,
         };
 
         if (!payload.program || !payload.semester || !payload.course) {
-          setStatus('Program, Semester, and Course are required.', true);
+          setStatus('Please fill in Program, Semester, and Course fields.', 'error');
           return;
         }
 
-        markBtn.disabled = true;
-        showLoading(markBtn, 'Marking attendance...');
-        setStatus('Processing attendance... Please wait.');
+        showLoading(elements.markBtn, 'Processing attendance...');
+        setStatus('Analyzing face and marking attendance... This may take a moment.');
 
         const data = await makeRequest('/mark-attendance', {
           method: 'POST',
           body: JSON.stringify(payload)
         });
 
-        // Show final overlay image with LIVE/SPOOF bbox (from server)
-        if (overlayImg && data.overlay) {
-          overlayImg.src = data.overlay;
-          overlayImg.classList.remove('d-none');
+        // Show final overlay with detection results
+        if (elements.overlayImg && data.overlay) {
+          elements.overlayImg.src = data.overlay;
+          elements.overlayImg.classList.remove('d-none');
         }
 
         if (data.success) {
-          setStatus(data.message || 'Attendance marked successfully.', false);
+          setStatus('✅ ' + (data.message || 'Attendance marked successfully!'), 'success');
+          
           // Auto-refresh after successful attendance
           setTimeout(() => {
+            setStatus('Refreshing page...', 'info');
             window.location.reload();
           }, 3000);
         } else {
-          setStatus(data.message || 'Failed to mark attendance.', true);
+          const errorMessage = data.message || 'Failed to mark attendance.';
+          setStatus('❌ ' + errorMessage, 'error');
+          
+          // Provide helpful suggestions based on error type
+          if (errorMessage.includes('already marked')) {
+            setStatus('Attendance already marked for this course today.', 'warning');
+          } else if (errorMessage.includes('not recognized')) {
+            setStatus('Face not recognized. Please ensure good lighting and try again.', 'warning');
+          } else if (errorMessage.includes('SPOOF')) {
+            setStatus('Spoof detection activated. Please ensure you are physically present and try again.', 'warning');
+          }
         }
 
       } catch (err) {
         console.error('markAttendance error:', err);
-        const errorMsg = err.message.includes('timed out') 
-          ? 'Request timed out. Please check your connection and try again.'
-          : err.message.includes('models not available')
-          ? 'Face recognition service is temporarily unavailable. Please try again later.'
-          : 'An error occurred while marking attendance. Please try again.';
-        setStatus(errorMsg, true);
+        let errorMsg = 'An error occurred while marking attendance.';
+        
+        if (err.message.includes('Session expired')) {
+          errorMsg = 'Session expired. You will be redirected to login.';
+        } else if (err.message.includes('timed out')) {
+          errorMsg = 'Request timed out. Please check your connection and try again.';
+        } else if (err.message.includes('model not available')) {
+          errorMsg = 'Face recognition service is temporarily unavailable. Please try again later.';
+        }
+        
+        setStatus('❌ ' + errorMsg, 'error');
       } finally {
-        markBtn.disabled = false;
-        hideLoading(markBtn, 'Mark Attendance');
+        hideLoading(elements.markBtn, 'Mark Attendance');
       }
     }
 
-    // Wire events
-    startBtn.addEventListener('click', startCamera);
-    captureBtn.addEventListener('click', captureFrame);
-    retakeBtn.addEventListener('click', retake);
-    markBtn.addEventListener('click', markAttendance);
+    // Event listeners
+    elements.startBtn.addEventListener('click', startCamera);
+    elements.captureBtn.addEventListener('click', captureAttendanceFrame);
+    elements.retakeBtn.addEventListener('click', retakeAttendanceFrame);
+    elements.markBtn.addEventListener('click', markAttendance);
 
-    // Cleanup on page unload
+    // Cleanup handlers
     window.addEventListener('beforeunload', () => {
-      stopPreview();
-      stopCamera();
+      stopLivenessPreview();
+      if (stream) {
+        stream.getTracks().forEach(track => track.stop());
+      }
     });
 
-    // Handle visibility change (pause preview when tab not active)
+    // Handle page visibility changes
     document.addEventListener('visibilitychange', () => {
-      if (document.hidden && previewActive) {
-        stopPreview();
-      } else if (!document.hidden && stream && video.readyState >= 2 && !previewActive) {
-        setTimeout(startPreview, 500);
+      if (document.hidden) {
+        if (previewState.active) {
+          stopLivenessPreview();
+        }
+      } else if (!document.hidden && stream && elements.video.readyState >= 2 && !previewState.active) {
+        setTimeout(() => {
+          startLivenessPreview();
+        }, 1000);
       }
     });
   }
 
-  // Enhanced auto face login with better error handling
+  // Enhanced auto face login with progressive quality
   function setupAutoFaceLogin() {
     const autoLoginBtn = document.getElementById('autoFaceLoginBtn');
     const roleSelect = document.getElementById('faceRole');
@@ -533,10 +772,12 @@ document.addEventListener('DOMContentLoaded', function () {
     autoLoginBtn.addEventListener('click', async function() {
       try {
         autoLoginBtn.disabled = true;
-        showLoading(autoLoginBtn, 'Accessing camera...');
+        showLoading(autoLoginBtn, 'Initializing...');
 
         const role = roleSelect ? roleSelect.value : 'student';
         
+        showLoading(autoLoginBtn, 'Accessing camera...');
+        
         const stream = await getCameraStream({
           video: {
             width: { ideal: 640, max: 1280 },
@@ -545,25 +786,28 @@ document.addEventListener('DOMContentLoaded', function () {
           }
         });
 
-        // Create temporary video element for auto-login
+        // Create temporary elements
         const tempVideo = document.createElement('video');
         tempVideo.srcObject = stream;
         tempVideo.muted = true;
+        
+        showLoading(autoLoginBtn, 'Preparing camera...');
         await tempVideo.play();
 
-        // Wait for video to stabilize
-        await new Promise(resolve => setTimeout(resolve, 1000));
+        // Wait for stabilization
+        await new Promise(resolve => setTimeout(resolve, 2000));
 
-        // Capture frame
+        showLoading(autoLoginBtn, 'Capturing image...');
+        
         const tempCanvas = document.createElement('canvas');
         const ctx = tempCanvas.getContext('2d');
         tempCanvas.width = tempVideo.videoWidth || 640;
         tempCanvas.height = tempVideo.videoHeight || 480;
         ctx.drawImage(tempVideo, 0, 0, tempCanvas.width, tempCanvas.height);
         
-        const imageDataURL = tempCanvas.toDataURL('image/jpeg', 0.8);
+        const imageDataURL = tempCanvas.toDataURL('image/jpeg', CONFIG.IMAGE_QUALITY.capture);
 
-        // Clean up camera
+        // Cleanup camera
         stream.getTracks().forEach(track => track.stop());
 
         showLoading(autoLoginBtn, 'Recognizing face...');
@@ -577,25 +821,30 @@ document.addEventListener('DOMContentLoaded', function () {
         });
 
         if (data.success) {
-          setStatus && setStatus('Login successful! Redirecting...', false);
+          showLoading(autoLoginBtn, 'Login successful! Redirecting...', false);
           setTimeout(() => {
             window.location.href = data.redirect_url;
-          }, 1000);
+          }, 1500);
         } else {
-          alert(data.message || 'Face recognition failed. Please try again.');
+          throw new Error(data.message || 'Face recognition failed. Please try again.');
         }
 
       } catch (err) {
         console.error('Auto face login error:', err);
         alert(err.message || 'Auto face login failed. Please try manual login.');
+        hideLoading(autoLoginBtn, 'Auto Face Login', true);
       } finally {
-        autoLoginBtn.disabled = false;
-        hideLoading(autoLoginBtn, 'Auto Face Login');
+        if (autoLoginBtn.innerHTML === autoLoginBtn.textContent) {
+          autoLoginBtn.disabled = false;
+        }
       }
     });
   }
 
-  // Student Registration Camera
+  // Initialize all camera sections
+  console.log('Initializing camera systems...');
+
+  // Student Registration (enhanced quality)
   setupCameraSection({
     videoId: 'videoStudent',
     canvasId: 'canvasStudent',
@@ -605,9 +854,10 @@ document.addEventListener('DOMContentLoaded', function () {
     cameraOverlayId: 'cameraOverlayStudent',
     faceImageInputId: 'face_image_student',
     actionBtnId: 'registerBtnStudent',
+    isRegistration: true
   });
 
-  // Teacher Registration Camera
+  // Teacher Registration (enhanced quality)
   setupCameraSection({
     videoId: 'videoTeacher',
     canvasId: 'canvasTeacher',
@@ -617,9 +867,10 @@ document.addEventListener('DOMContentLoaded', function () {
     cameraOverlayId: 'cameraOverlayTeacher',
     faceImageInputId: 'face_image_teacher',
     actionBtnId: 'registerBtnTeacher',
+    isRegistration: true
   });
 
-  // Face Login Camera (if present)
+  // Face Login
   setupCameraSection({
     videoId: 'video',
     canvasId: 'canvas',
@@ -628,10 +879,10 @@ document.addEventListener('DOMContentLoaded', function () {
     retakeImageBtnId: 'retakeImage',
     cameraOverlayId: 'cameraOverlay',
     faceImageInputId: 'face_image',
-    actionBtnId: 'faceLoginBtn',
+    actionBtnId: 'faceLoginBtn'
   });
 
-  // Attendance Camera (with live liveness preview)
+  // Attendance (with liveness preview)
   setupAttendanceSection({
     videoId: 'videoAttendance',
     canvasId: 'canvasAttendance',
@@ -641,24 +892,54 @@ document.addEventListener('DOMContentLoaded', function () {
     markBtnId: 'markAttendanceBtn',
     overlayImgId: 'attendanceOverlayImg',
     statusId: 'attendanceStatus',
-    // Optional form fields
     programId: 'program',
     semesterId: 'semester',
     courseId: 'course',
-    studentIdInputId: 'student_id',
+    studentIdInputId: 'student_id'
   });
 
-  // Setup auto face login if available
+  // Auto face login
   setupAutoFaceLogin();
 
-  // Global error handling for network issues
+  // Network status monitoring
   window.addEventListener('online', () => {
-    console.log('Connection restored');
-    setStatus && setStatus('Connection restored', false);
+    globalState.networkOnline = true;
+    console.log('Network connection restored');
+    
+    const statusElements = document.querySelectorAll('[id*="Status"]');
+    statusElements.forEach(el => {
+      if (el.textContent.includes('connection')) {
+        el.textContent = 'Connection restored';
+        el.className = 'text-success';
+      }
+    });
   });
 
   window.addEventListener('offline', () => {
-    console.log('Connection lost');
-    setStatus && setStatus('No internet connection', true);
+    globalState.networkOnline = false;
+    console.log('Network connection lost');
+    
+    const statusElements = document.querySelectorAll('[id*="Status"]');
+    statusElements.forEach(el => {
+      el.textContent = 'No internet connection - Please check your network';
+      el.className = 'text-danger';
+    });
   });
-});
+
+  // System capability check on load
+  checkSystemCapabilities().then(capabilities => {
+    console.log('System capabilities:', capabilities);
+    
+    if (!capabilities.camera) {
+      console.warn('No camera detected');
+    }
+    
+    if (!capabilities.models) {
+      console.warn('Face recognition models may not be fully available');
+    }
+  }).catch(err => {
+    console.warn('Failed to check system capabilities:', err);
+  });
+
+  console.log('Camera system initialization complete');
+});

requirements.txt

@@ -1,11 +1,11 @@
-flask==2.3.3
-pymongo==4.3.3
+Flask==2.3.3
+pymongo==4.5.0
 python-dotenv==1.0.0
 opencv-python-headless==4.8.1.78
+tensorflow==2.13.0
+deepface==0.0.79
+scikit-learn==1.3.0
 numpy==1.24.3
-onnxruntime==1.19.2
+onnxruntime==1.15.1
 requests==2.31.0
-deepface==0.0.79
-tensorflow==2.13.0
-scikit-learn==1.2.2
-pillow==9.5.0
+Pillow==10.0.0