Update all changes

Dockerfile

@@ -1,26 +1,49 @@
 FROM python:3.11-slim
 
+# Create user (required for Hugging Face security)
+RUN useradd -m -u 1000 user
+USER user
+ENV PATH="/home/user/.local/bin:$PATH"
+
+# Set working directory
 WORKDIR /app
 
-# Install system dependencies
+# Set environment variables
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+ENV TF_CPP_MIN_LOG_LEVEL=3
+ENV CUDA_VISIBLE_DEVICES=-1
+
+# Install system dependencies (switch to root temporarily)
+USER root
 RUN apt-get update && apt-get install -y \
     libglib2.0-0 \
     libsm6 \
     libxext6 \
-    libxrender-dev \
     libgomp1 \
     libgtk-3-0 \
-    libgl1 \
+    libjpeg-dev \
+    libpng-dev \
+    ffmpeg \
+    curl \
     && rm -rf /var/lib/apt/lists/*
 
-COPY requirements.txt .
-RUN pip install --no-cache-dir -r requirements.txt
+# Switch back to user
+USER user
+
+# Copy requirements and install Python dependencies
+COPY --chown=user:user requirements.txt .
+RUN pip install --no-cache-dir --upgrade pip && \
+    pip install --no-cache-dir -r requirements.txt
 
-# FIX: Create DeepFace directory with proper permissions
-RUN mkdir -p /app/.deepface && chmod 755 /app/.deepface
+# Copy application code
+COPY --chown=user:user . /app
 
-COPY . .
+# Create necessary directories
+RUN mkdir -p app/static app/templates
 
+# Expose Hugging Face port
 EXPOSE 7860
 
+# Run the application
 CMD ["python", "app.py"]

README.md

@@ -5,13 +5,42 @@ colorFrom: blue
 colorTo: green
 sdk: docker
 pinned: false
+license: mit
 ---
 
 # Face Recognition Attendance System
 
-A comprehensive face recognition-based attendance system with:
-- Face detection using YOLOv5-face
-- Anti-spoofing detection
-- Face recognition using DeepFace
-- Student and teacher management
-- Real-time attendance marking
+An advanced face recognition system for attendance management using DeepFace and OpenCV.
+
+## Features
+
+- **Student & Teacher Registration** with face capture
+- **Face Recognition Login** 
+- **Attendance Marking** with liveness detection
+- **Real-time Analytics** and metrics dashboard
+- **MongoDB Integration** for data storage
+
+## Usage
+
+1. Register as a student/teacher with face capture
+2. Login using face recognition or credentials
+3. Mark attendance with live face verification
+4. View attendance records and analytics
+
+## Technology Stack
+
+- **Backend**: Flask, Python
+- **Face Recognition**: DeepFace, OpenCV
+- **Database**: MongoDB Atlas
+- **Frontend**: HTML, CSS, JavaScript
+- **Deployment**: Hugging Face Spaces (Docker)
+
+## Environment Variables
+
+Set these in your Hugging Face Space settings:
+- `SECRET_KEY`: Your secret key
+- `MONGO_URI`: MongoDB Atlas connection string
+- `PORT`: 7860 (default)
+
+## Local Development
+

app.py

@@ -1,60 +1,32 @@
+from flask import Flask, render_template, request, redirect, url_for, flash, session, jsonify
 import os
-import tempfile
-import secrets
-from datetime import timedelta, datetime, timezone
+import gc
 import logging
-
-# Setup logging
-logging.basicConfig(level=logging.INFO)
-logger = logging.getLogger(__name__)
-
-# Set up proper temp directories for HuggingFace Spaces
-deepface_cache = os.path.join(tempfile.gettempdir(), "deepface_cache")
-os.makedirs(deepface_cache, exist_ok=True)
-os.environ["DEEPFACE_HOME"] = deepface_cache
-
-from flask import Flask, render_template, request, redirect, url_for, flash, session, jsonify
-import onnxruntime as ort
 import time
+import uuid
 import pymongo
 from pymongo import MongoClient
 from bson.binary import Binary
 import base64
+from datetime import datetime, timezone
 from dotenv import load_dotenv
 import numpy as np
 import cv2
-import requests
 from typing import Optional, Dict, Tuple, Any
-from deepface import DeepFace
-from sklearn.metrics.pairwise import cosine_similarity
-import tensorflow as tf
-
-# Optimize TensorFlow
-tf.config.threading.set_intra_op_parallelism_threads(1)
-tf.config.threading.set_inter_op_parallelism_threads(1)
-os.environ['TF_CPP_MIN_LOG_LEVEL'] = '2'
+import tempfile
+import atexit
+import shutil
 
-# Load environment variables
-load_dotenv()
+# Optimize memory usage and disable TensorFlow warnings
+os.environ['TF_CPP_MIN_LOG_LEVEL'] = '3'
+os.environ['CUDA_VISIBLE_DEVICES'] = '-1'
+os.environ['OMP_NUM_THREADS'] = '1'
 
-# Initialize Flask app with proper configuration
-app = Flask(__name__, static_folder='app/static', template_folder='app/templates')
+# Configure logging for production
+logging.basicConfig(level=logging.WARNING)
+logging.getLogger('tensorflow').setLevel(logging.ERROR)
 
-# FIXED: Proper session configuration for production
-app.secret_key = os.getenv('SECRET_KEY', secrets.token_hex(32))
-
-# Essential session settings for Hugging Face Spaces
-app.config.update(
-    SESSION_COOKIE_SECURE=False,  # Keep False for HTTP (Hugging Face handles HTTPS)
-    SESSION_COOKIE_HTTPONLY=True,
-    SESSION_COOKIE_SAMESITE='Lax',
-    SESSION_COOKIE_PATH='/',
-    PERMANENT_SESSION_LIFETIME=timedelta(hours=24),
-    SESSION_TYPE=None,
-    SESSION_REFRESH_EACH_REQUEST=False
-)
-
-# Global variables for tracking
+# --- Evaluation Metrics Counters (legacy, kept for compatibility display) ---
 total_attempts = 0
 correct_recognitions = 0
 false_accepts = 0
@@ -62,254 +34,240 @@ false_rejects = 0
 unauthorized_attempts = 0
 inference_times = []
 
-# Model status tracking
-model_status = {
-    'yolo_loaded': False,
-    'antispoof_loaded': False,
-    'database_connected': False
-}
-
-# Database connection with error handling
-def initialize_database():
-    """Initialize MongoDB connection with proper error handling"""
-    global client, db, students_collection, teachers_collection, attendance_collection, metrics_events
-    
+# ---------------------------------------------------
+# Load environment variables
+load_dotenv()
+
+# Initialize Flask app
+app = Flask(__name__, static_folder='app/static', template_folder='app/templates')
+app.secret_key = os.environ.get('SECRET_KEY', os.urandom(24))
+
+# Create temporary directory for image processing
+TEMP_DIR = tempfile.mkdtemp()
+
+def cleanup_temp_dir():
+    """Clean up temporary directory on exit"""
     try:
-        mongo_uri = os.getenv('MONGO_URI', 'mongodb://localhost:27017/')
-        client = MongoClient(mongo_uri, serverSelectionTimeoutMS=5000)
+        if os.path.exists(TEMP_DIR):
+            shutil.rmtree(TEMP_DIR)
+        gc.collect()  # Force garbage collection
+    except Exception as e:
+        print(f"Error cleaning up temp directory: {e}")
+
+# Register cleanup function
+atexit.register(cleanup_temp_dir)
+
+# MongoDB Connection with connection pooling
+try:
+    mongo_uri = os.getenv('MONGO_URI', 'mongodb://localhost:27017/')
+    client = MongoClient(
+        mongo_uri,
+        maxPoolSize=10,
+        connectTimeoutMS=5000,
+        socketTimeoutMS=5000,
+        serverSelectionTimeoutMS=5000
+    )
+    db = client['face_attendance_system']
+    students_collection = db['students']
+    teachers_collection = db['teachers']
+    attendance_collection = db['attendance']
+    metrics_events = db['metrics_events']
+
+    # Create indexes for better performance
+    students_collection.create_index([("student_id", pymongo.ASCENDING)], unique=True)
+    teachers_collection.create_index([("teacher_id", pymongo.ASCENDING)], unique=True)
+    attendance_collection.create_index([
+        ("student_id", pymongo.ASCENDING),
+        ("date", pymongo.ASCENDING),
+        ("subject", pymongo.ASCENDING)
+    ])
+    metrics_events.create_index([("ts", pymongo.DESCENDING)])
+    metrics_events.create_index([("event", pymongo.ASCENDING)])
+    metrics_events.create_index([("attempt_type", pymongo.ASCENDING)])
+    print("MongoDB connection successful")
+except Exception as e:
+    print(f"MongoDB connection error: {e}")
+
+# ---------------- Memory-Optimized Face Detection ----------------
+
+# Initialize Haar Cascade Face Detector (lightweight and reliable)
+face_detector = None
+try:
+    face_detector = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_frontalface_default.xml')
+    print("Haar cascade face detector initialized successfully")
+except Exception as e:
+    print(f"Error initializing face detector: {e}")
+
+# Initialize eye cascade for liveness detection
+eye_cascade = None
+try:
+    eye_cascade = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_eye.xml')
+    print("Eye cascade classifier initialized successfully")
+except Exception as e:
+    print(f"Error initializing eye cascade: {e}")
+
+def get_unique_temp_path(prefix="temp", suffix=".jpg"):
+    """Generate unique temporary file path"""
+    unique_id = str(uuid.uuid4())
+    filename = f"{prefix}_{unique_id}_{int(time.time())}{suffix}"
+    return os.path.join(TEMP_DIR, filename)
+
+def detect_faces_haar(image):
+    """Detect faces using Haar cascade - memory efficient"""
+    try:
+        gray = cv2.cvtColor(image, cv2.COLOR_BGR2GRAY)
+        faces = face_detector.detectMultiScale(
+            gray,
+            scaleFactor=1.1,
+            minNeighbors=5,
+            minSize=(30, 30)
+        )
         
-        # Test connection
-        client.admin.command('ping')
+        detections = []
+        for (x, y, w, h) in faces:
+            detections.append({
+                "bbox": [x, y, x + w, y + h],
+                "score": 0.9
+            })
         
-        db = client['face_attendance_system']
-        students_collection = db['students']
-        teachers_collection = db['teachers']
-        attendance_collection = db['attendance']
-        metrics_events = db['metrics_events']
+        # Clean up memory
+        del gray
+        gc.collect()
+        return detections
+    except Exception as e:
+        print(f"Error in Haar cascade detection: {e}")
+        return []
 
-        # Create indexes
-        try:
-            students_collection.create_index([("student_id", pymongo.ASCENDING)], unique=True)
-            teachers_collection.create_index([("teacher_id", pymongo.ASCENDING)], unique=True)
-            attendance_collection.create_index([
-                ("student_id", pymongo.ASCENDING),
-                ("date", pymongo.ASCENDING),
-                ("subject", pymongo.ASCENDING)
-            ])
-            metrics_events.create_index([("ts", pymongo.DESCENDING)])
-        except Exception as idx_error:
-            logger.warning(f"Index creation warning: {idx_error}")
-            
-        model_status['database_connected'] = True
-        logger.info("MongoDB connection successful")
-        return True
+def detect_faces_yunet(image):
+    """Unified face detection function - memory optimized"""
+    if face_detector is not None:
+        return detect_faces_haar(image)
+    
+    # Final fallback
+    try:
+        gray = cv2.cvtColor(image, cv2.COLOR_BGR2GRAY)
+        face_cascade = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_frontalface_default.xml')
+        faces = face_cascade.detectMultiScale(gray, 1.3, 5)
+        
+        detections = []
+        for (x, y, w, h) in faces:
+            detections.append({
+                "bbox": [x, y, x + w, y + h],
+                "score": 0.8
+            })
         
+        del gray
+        gc.collect()
+        return detections
     except Exception as e:
-        logger.error(f"MongoDB connection error: {e}")
-        model_status['database_connected'] = False
-        return False
+        print(f"Error in fallback detection: {e}")
+        return []
 
-def check_db_connection():
-    """Check if database is connected"""
+def recognize_face_deepface(image, user_id, user_type='student'):
+    """Memory-optimized face recognition using DeepFace"""
+    global total_attempts, correct_recognitions, unauthorized_attempts, inference_times
+    
+    temp_files = []
+    
     try:
-        if not model_status['database_connected']:
-            return initialize_database()
-        client.admin.command('ping')
-        return True
-    except Exception:
-        model_status['database_connected'] = False
-        return initialize_database()
-
-# Initialize database
-initialize_database()
-
-# Model file paths using local models directory
-BASE_DIR = os.path.dirname(os.path.abspath(__file__))
-MODELS_DIR = os.path.join(BASE_DIR, 'models')
-YOLO_FACE_MODEL_PATH = os.path.join(MODELS_DIR, 'yolov5s-face.onnx')
-ANTI_SPOOF_BIN_MODEL_PATH = os.path.join(MODELS_DIR, 'anti-spoofing', 'AntiSpoofing_bin_1.5_128.onnx')
-
-# YOLO Face Detection Helper Functions
-def _get_providers():
-    available = ort.get_available_providers()
-    if "CUDAExecutionProvider" in available:
-        return ["CUDAExecutionProvider", "CPUExecutionProvider"]
-    return ["CPUExecutionProvider"]
-
-def _letterbox(image, new_shape=(640, 640), color=(114, 114, 114), auto=False, scaleFill=False, scaleup=True):
-    shape = image.shape[:2]
-    if isinstance(new_shape, int):
-        new_shape = (new_shape, new_shape)
-    r = min(new_shape[0] / shape[0], new_shape[1] / shape[1])
-    if not scaleup:
-        r = min(r, 1.0)
-    new_unpad = (int(round(shape[1] * r)), int(round(shape[0] * r)))
-    dw, dh = new_shape[1] - new_unpad[0], new_shape[0] - new_unpad[1]
-    if auto:
-        dw, dh = np.mod(dw, 32), np.mod(dh, 32)
-    elif scaleFill:
-        dw, dh = 0.0, 0.0
-        new_unpad = (new_shape[1], new_shape[0])
-        r = new_shape[1] / shape[1], new_shape[0] / shape[0]
-    dw /= 2
-    dh /= 2
-    if shape[::-1] != new_unpad:
-        image = cv2.resize(image, new_unpad, interpolation=cv2.INTER_LINEAR)
-    top, bottom = int(round(dh - 0.1)), int(round(dh + 0.1))
-    left, right = int(round(dw - 0.1)), int(round(dw + 0.1))
-    image = cv2.copyMakeBorder(image, top, bottom, left, right, cv2.BORDER_CONSTANT, value=color)
-    return image, r, (left, top)
-
-def _nms(boxes: np.ndarray, scores: np.ndarray, iou_threshold: float):
-    if len(boxes) == 0:
-        return []
-    x1 = boxes[:, 0]
-    y1 = boxes[:, 1]
-    x2 = boxes[:, 2]
-    y2 = boxes[:, 3]
-    areas = (x2 - x1) * (y2 - y1)
-    order = scores.argsort()[::-1]
-    keep = []
-    while order.size > 0:
-        i = int(order[0])
-        keep.append(i)
-        if order.size == 1:
-            break
-        xx1 = np.maximum(x1[i], x1[order[1:]])
-        yy1 = np.maximum(y1[i], y1[order[1:]])
-        xx2 = np.minimum(x2[i], x2[order[1:]])
-        yy2 = np.minimum(y2[i], y2[order[1:]])
-        w = np.maximum(0.0, xx2 - xx1)
-        h = np.maximum(0.0, yy2 - yy1)
-        inter = w * h
-        iou = inter / (areas[i] + areas[order[1:]] - inter + 1e-6)
-        inds = np.where(iou <= iou_threshold)[0]
-        order = order[inds + 1]
-    return keep
-
-# YOLO Face Detector Class
-class YoloV5FaceDetector:
-    def __init__(self, model_path: str, input_size: int = 640, conf_threshold: float = 0.3, iou_threshold: float = 0.45):
-        if not os.path.exists(model_path):
-            raise FileNotFoundError(f"Model file not found: {model_path}")
+        # Lazy import DeepFace to save memory at startup
+        from deepface import DeepFace
         
-        self.input_size = int(input_size)
-        self.conf_threshold = float(conf_threshold)
-        self.iou_threshold = float(iou_threshold)
-        self.session = ort.InferenceSession(model_path, providers=_get_providers())
-        self.input_name = self.session.get_inputs()[0].name
-        self.output_names = [o.name for o in self.session.get_outputs()]
-
-    @staticmethod
-    def _xywh2xyxy(x: np.ndarray) -> np.ndarray:
-        y = np.zeros_like(x)
-        y[:, 0] = x[:, 0] - x[:, 2] / 2
-        y[:, 1] = x[:, 1] - x[:, 3] / 2
-        y[:, 2] = x[:, 0] + x[:, 2] / 2
-        y[:, 3] = x[:, 1] + x[:, 3] / 2
-        return y
-
-    def detect(self, image_bgr: np.ndarray, max_det: int = 20):
-        h0, w0 = image_bgr.shape[:2]
-        img, ratio, dwdh = _letterbox(image_bgr, new_shape=(self.input_size, self.input_size))
-        img = cv2.cvtColor(img, cv2.COLOR_BGR2RGB)
-        img = img.astype(np.float32) / 255.0
-        img = np.transpose(img, (2, 0, 1))
-        img = np.expand_dims(img, 0)
-        
-        preds = self.session.run(self.output_names, {self.input_name: img})[0]
-        if preds.ndim == 3 and preds.shape[0] == 1:
-            preds = preds[0]
-        if preds.ndim != 2:
-            raise RuntimeError(f"Unexpected YOLO output shape: {preds.shape}")
+        start_time = time.time()
         
-        num_attrs = preds.shape[1]
-        has_landmarks = num_attrs >= 15
-        boxes_xywh = preds[:, 0:4]
+        # Save current image temporarily
+        temp_img_path = get_unique_temp_path(f"current_{user_id}")
+        temp_files.append(temp_img_path)
+        cv2.imwrite(temp_img_path, image)
         
-        if has_landmarks:
-            scores = preds[:, 4]
+        # Get user's reference image
+        if user_type == 'student':
+            user = students_collection.find_one({'student_id': user_id})
         else:
-            obj = preds[:, 4:5]
-            cls_scores = preds[:, 5:]
-            if cls_scores.size == 0:
-                scores = obj.squeeze(-1)
-            else:
-                class_conf = cls_scores.max(axis=1, keepdims=True)
-                scores = (obj * class_conf).squeeze(-1)
-        
-        keep = scores > self.conf_threshold
-        boxes_xywh = boxes_xywh[keep]
-        scores = scores[keep]
+            user = teachers_collection.find_one({'teacher_id': user_id})
         
-        if boxes_xywh.shape[0] == 0:
-            return []
+        if not user or 'face_image' not in user:
+            unauthorized_attempts += 1
+            return False, f"No reference face found for {user_type} ID {user_id}"
         
-        boxes_xyxy = self._xywh2xyxy(boxes_xywh)
-        boxes_xyxy[:, [0, 2]] -= dwdh[0]
-        boxes_xyxy[:, [1, 3]] -= dwdh[1]
-        boxes_xyxy /= ratio
-        boxes_xyxy[:, 0] = np.clip(boxes_xyxy[:, 0], 0, w0 - 1)
-        boxes_xyxy[:, 1] = np.clip(boxes_xyxy[:, 1], 0, h0 - 1)
-        boxes_xyxy[:, 2] = np.clip(boxes_xyxy[:, 2], 0, w0 - 1)
-        boxes_xyxy[:, 3] = np.clip(boxes_xyxy[:, 3], 0, h0 - 1)
+        # Save reference image temporarily
+        ref_image_bytes = user['face_image']
+        ref_image_array = np.frombuffer(ref_image_bytes, np.uint8)
+        ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
+        temp_ref_path = get_unique_temp_path(f"ref_{user_id}")
+        temp_files.append(temp_ref_path)
+        cv2.imwrite(temp_ref_path, ref_image)
         
-        keep_inds = _nms(boxes_xyxy, scores, self.iou_threshold)
-        if len(keep_inds) > max_det:
-            keep_inds = keep_inds[:max_det]
+        # Clean up arrays immediately
+        del ref_image_array, ref_image
         
-        dets = []
-        for i in keep_inds:
-            dets.append({"bbox": boxes_xyxy[i].tolist(), "score": float(scores[i])})
-        return dets
-
-# Anti-Spoofing Model
-def _sigmoid(x: np.ndarray) -> np.ndarray:
-    return 1.0 / (1.0 + np.exp(-x))
-
-class AntiSpoofBinary:
-    def __init__(self, model_path: str, input_size: int = 128, rgb: bool = True, normalize: bool = True,
-                 mean=(0.5, 0.5, 0.5), std=(0.5, 0.5, 0.5), live_index: int = 1):
-        if not os.path.exists(model_path):
-            raise FileNotFoundError(f"Model file not found: {model_path}")
+        try:
+            # Use lighter DeepFace model for memory efficiency
+            result = DeepFace.verify(
+                img1_path=temp_img_path,
+                img2_path=temp_ref_path,
+                model_name="Facenet",  # Lighter than Facenet512
+                enforce_detection=False
+            )
             
-        self.input_size = int(input_size)
-        self.rgb = bool(rgb)
-        self.normalize = bool(normalize)
-        self.mean = np.array(mean, dtype=np.float32).reshape(1, 1, 3)
-        self.std = np.array(std, dtype=np.float32).reshape(1, 1, 3)
-        self.live_index = int(live_index)
-        self.session = ort.InferenceSession(model_path, providers=_get_providers())
-        self.input_name = self.session.get_inputs()[0].name
-        self.output_names = [o.name for o in self.session.get_outputs()]
-
-    def _preprocess(self, face_bgr: np.ndarray) -> np.ndarray:
-        img = cv2.resize(face_bgr, (self.input_size, self.input_size), interpolation=cv2.INTER_LINEAR)
-        if self.rgb:
-            img = cv2.cvtColor(img, cv2.COLOR_BGR2RGB)
-        img = img.astype(np.float32) / 255.0
-        if self.normalize:
-            img = (img - self.mean) / self.std
-        img = np.transpose(img, (2, 0, 1))
-        img = np.expand_dims(img, 0).astype(np.float32)
-        return img
-
-    def predict_live_prob(self, face_bgr: np.ndarray) -> float:
-        inp = self._preprocess(face_bgr)
-        outs = self.session.run(self.output_names, {self.input_name: inp})
-        out = outs[0]
-        if out.ndim > 1:
-            out = np.squeeze(out, axis=0)
-        if out.size == 2:
-            vec = out.astype(np.float32)
-            probs = np.exp(vec - np.max(vec))
-            probs = probs / (np.sum(probs) + 1e-9)
-            live_prob = float(probs[self.live_index])
+            is_verified = result["verified"]
+            distance = result["distance"]
+            
+            inference_time = time.time() - start_time
+            inference_times.append(inference_time)
+            total_attempts += 1
+            
+            if is_verified:
+                correct_recognitions += 1
+                return True, f"Face recognized (distance={distance:.3f}, time={inference_time:.2f}s)"
+            else:
+                unauthorized_attempts += 1
+                return False, f"Unauthorized attempt detected (distance={distance:.3f})"
+                
+        except Exception as e:
+            return False, f"DeepFace verification error: {str(e)}"
+        
+    except Exception as e:
+        return False, f"Error in face recognition: {str(e)}"
+    
+    finally:
+        # Clean up temporary files and memory
+        for temp_file in temp_files:
+            try:
+                if os.path.exists(temp_file):
+                    os.remove(temp_file)
+            except Exception as e:
+                print(f"Error cleaning up temp file {temp_file}: {e}")
+        gc.collect()
+
+def simple_liveness_check(image):
+    """Simple liveness detection using eye detection - memory optimized"""
+    if eye_cascade is None:
+        return 0.7  # Default score if cascade not available
+    
+    try:
+        gray = cv2.cvtColor(image, cv2.COLOR_BGR2GRAY)
+        eyes = eye_cascade.detectMultiScale(gray, 1.3, 5)
+        
+        # Simple liveness scoring based on eye detection
+        if len(eyes) >= 2:
+            score = 0.8  # High confidence if both eyes detected
+        elif len(eyes) == 1:
+            score = 0.6  # Medium confidence if one eye detected
         else:
-            live_prob = float(_sigmoid(out.astype(np.float32)))
-        return max(0.0, min(1.0, live_prob))
+            score = 0.4  # Low confidence if no eyes detected
+        
+        # Clean up memory
+        del gray
+        gc.collect()
+        return score
+        
+    except Exception as e:
+        print(f"Error in liveness check: {e}")
+        return 0.5
+    finally:
+        gc.collect()
 
-# Helper Functions
 def expand_and_clip_box(bbox_xyxy, scale: float, w: int, h: int):
     x1, y1, x2, y2 = bbox_xyxy
     bw = x2 - x1
@@ -346,124 +304,41 @@ def decode_image(base64_image):
     image_bytes = base64.b64decode(base64_image)
     np_array = np.frombuffer(image_bytes, np.uint8)
     image = cv2.imdecode(np_array, cv2.IMREAD_COLOR)
-    return image
-
-# Initialize models with better error handling
-yolo_face = None
-anti_spoof_bin = None
-
-def initialize_models():
-    """Initialize models with proper error handling"""
-    global yolo_face, anti_spoof_bin
     
-    try:
-        if os.path.exists(YOLO_FACE_MODEL_PATH):
-            yolo_face = YoloV5FaceDetector(YOLO_FACE_MODEL_PATH, input_size=640, conf_threshold=0.3, iou_threshold=0.45)
-            model_status['yolo_loaded'] = True
-            logger.info("YOLO Face model loaded successfully")
-        else:
-            logger.warning(f"YOLO model not found at: {YOLO_FACE_MODEL_PATH}")
-    except Exception as e:
-        logger.error(f"Error loading YOLO model: {e}")
-        model_status['yolo_loaded'] = False
-
-    try:
-        if os.path.exists(ANTI_SPOOF_BIN_MODEL_PATH):
-            anti_spoof_bin = AntiSpoofBinary(ANTI_SPOOF_BIN_MODEL_PATH, input_size=128, rgb=True, normalize=True, live_index=1)
-            model_status['antispoof_loaded'] = True
-            logger.info("Anti-spoofing model loaded successfully")
-        else:
-            logger.warning(f"Anti-spoof model not found at: {ANTI_SPOOF_BIN_MODEL_PATH}")
-    except Exception as e:
-        logger.error(f"Error loading anti-spoofing model: {e}")
-        model_status['antispoof_loaded'] = False
-
-# Initialize models
-initialize_models()
-
-# DeepFace Recognition Functions
-def get_face_features_deepface(image):
-    """Extract face features using DeepFace with timeout protection"""
-    try:
-        rgb_image = cv2.cvtColor(image, cv2.COLOR_BGR2RGB)
-        embedding = DeepFace.represent(
-            img_path=rgb_image, 
-            model_name='VGG-Face',
-            detector_backend='opencv',
-            enforce_detection=False
-        )
-        
-        if isinstance(embedding, list) and len(embedding) > 0:
-            return np.array(embedding[0]['embedding'])
-        else:
-            return np.array(embedding['embedding']) if 'embedding' in embedding else None
-            
-    except Exception as e:
-        logger.error(f"Error in DeepFace feature extraction: {e}")
-        return None
-
-def recognize_face_deepface(image, user_id, user_type='student'):
-    """Face recognition using DeepFace with timeout protection"""
-    global total_attempts, correct_recognitions, false_accepts, false_rejects, inference_times, unauthorized_attempts
-    
-    try:
-        start_time = time.time()
-        features = get_face_features_deepface(image)
-        
-        if features is None:
-            return False, "No face detected"
-
-        if user_type == 'student':
-            user = students_collection.find_one({'student_id': user_id})
-        else:
-            user = teachers_collection.find_one({'teacher_id': user_id})
-
-        if not user or 'face_image' not in user:
-            unauthorized_attempts += 1
-            return False, f"No reference face found for {user_type} ID {user_id}"
-
-        ref_image_bytes = user['face_image']
-        ref_image_array = np.frombuffer(ref_image_bytes, np.uint8)
-        ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
-        ref_features = get_face_features_deepface(ref_image)
-        
-        if ref_features is None:
-            return False, "No face detected in reference image"
-
-        # Calculate cosine similarity
-        similarity = cosine_similarity([features], [ref_features])[0][0]
-        distance = 1 - similarity
-        threshold = 0.4
-        
-        inference_time = time.time() - start_time
-        inference_times.append(inference_time)
-        total_attempts += 1
+    # Clean up memory
+    del image_bytes, np_array
+    gc.collect()
+    return image
 
-        if distance < threshold:
-            correct_recognitions += 1
-            return True, f"Face recognized (distance={distance:.3f}, similarity={similarity:.3f}, time={inference_time:.2f}s)"
-        else:
-            unauthorized_attempts += 1
-            return False, f"Unauthorized attempt detected (distance={distance:.3f}, similarity={similarity:.3f})"
-            
-    except Exception as e:
-        return False, f"Error in face recognition: {str(e)}"
+# Legacy function for backward compatibility
+def get_face_features(image):
+    """Legacy wrapper - now uses DeepFace internally"""
+    return None
 
 def recognize_face(image, user_id, user_type='student'):
+    """Legacy wrapper for the new DeepFace recognition"""
     return recognize_face_deepface(image, user_id, user_type)
 
-# Metrics helpers
+# ---------------------- Metrics helpers ----------------------
 def log_metrics_event(event: dict):
     try:
-        if check_db_connection():
-            metrics_events.insert_one(event)
+        metrics_events.insert_one(event)
     except Exception as e:
-        logger.error(f"Failed to log metrics event: {e}")
-
-def log_metrics_event_normalized(*, event: str, attempt_type: str, claimed_id: Optional[str],
-                                recognized_id: Optional[str], liveness_pass: bool, distance: Optional[float],
-                                live_prob: Optional[float], latency_ms: Optional[float], client_ip: Optional[str],
-                                reason: Optional[str] = None):
+        print("Failed to log metrics event:", e)
+
+def log_metrics_event_normalized(
+    *,
+    event: str,
+    attempt_type: str,
+    claimed_id: Optional[str],
+    recognized_id: Optional[str],
+    liveness_pass: bool,
+    distance: Optional[float],
+    live_prob: Optional[float],
+    latency_ms: Optional[float],
+    client_ip: Optional[str],
+    reason: Optional[str] = None
+):
     if not liveness_pass:
         decision = "spoof_blocked"
     else:
@@ -485,28 +360,116 @@ def log_metrics_event_normalized(*, event: str, attempt_type: str, claimed_id: O
     }
     log_metrics_event(doc)
 
-# Session verification decorator
-def login_required(user_type=None):
-    def decorator(f):
-        def wrapper(*args, **kwargs):
-            if not session.get('logged_in'):
-                if request.is_json:
-                    return jsonify({'success': False, 'message': 'Not logged in', 'redirect': '/login.html'})
-                flash('Please log in to access this page.', 'warning')
-                return redirect(url_for('login_page'))
-            
-            if user_type and session.get('user_type') != user_type:
-                if request.is_json:
-                    return jsonify({'success': False, 'message': 'Unauthorized', 'redirect': '/login.html'})
-                flash('Unauthorized access.', 'danger')
-                return redirect(url_for('login_page'))
-            
-            return f(*args, **kwargs)
-        wrapper.__name__ = f.__name__
-        return wrapper
-    return decorator
+def classify_event(ev: Dict[str, Any]) -> Tuple[Optional[str], Optional[str]]:
+    """Returns (event, attempt_type), robust to legacy documents."""
+    if ev.get("event"):
+        e = ev.get("event")
+        at = ev.get("attempt_type")
+        if not at:
+            if e in ("accept_true", "reject_false"):
+                at = "genuine"
+            elif e in ("accept_false", "reject_true"):
+                at = "impostor"
+        return e, at
+
+    decision = ev.get("decision")
+    success = ev.get("success")
+    reason = (ev.get("reason") or "") if isinstance(ev.get("reason"), str) else ev.get("reason")
+
+    if decision == "recognized" and (success is True or success is None):
+        return "accept_true", "genuine"
+
+    if decision == "spoof_blocked":
+        return "reject_true", "impostor"
+
+    if decision == "not_recognized":
+        if reason in ("false_reject",):
+            return "reject_false", "genuine"
+        if reason in ("unauthorized_attempt", "liveness_fail", "mismatch_claim", "no_face_detected", "failed_crop", "recognition_error"):
+            return "reject_true", "impostor"
+        return "reject_true", "impostor"
+
+    return None, None
+
+def compute_metrics(limit: int = 10000):
+    """Robust metrics aggregation that tolerates legacy docs."""
+    try:
+        cursor = metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(limit)
+        counts = {
+            "trueAccepts": 0,
+            "falseAccepts": 0,
+            "trueRejects": 0,
+            "falseRejects": 0,
+            "genuineAttempts": 0,
+            "impostorAttempts": 0,
+            "unauthorizedRejected": 0,
+            "unauthorizedAccepted": 0,
+        }
+
+        total_attempts_calc = 0
+
+        for ev in cursor:
+            e, at = classify_event(ev)
+            if not e:
+                continue
+            total_attempts_calc += 1
+
+            if e == "accept_true":
+                counts["trueAccepts"] += 1
+            elif e == "accept_false":
+                counts["falseAccepts"] += 1
+                counts["unauthorizedAccepted"] += 1
+            elif e == "reject_true":
+                counts["trueRejects"] += 1
+                counts["unauthorizedRejected"] += 1
+            elif e == "reject_false":
+                counts["falseRejects"] += 1
+
+            if at == "genuine":
+                counts["genuineAttempts"] += 1
+            elif at == "impostor":
+                counts["impostorAttempts"] += 1
+
+        genuine_attempts = max(counts["genuineAttempts"], 1)
+        impostor_attempts = max(counts["impostorAttempts"], 1)
+        total_attempts_final = max(total_attempts_calc, 1)
+
+        FAR = counts["falseAccepts"] / impostor_attempts
+        FRR = counts["falseRejects"] / genuine_attempts
+        accuracy = (counts["trueAccepts"] + counts["trueRejects"]) / total_attempts_final
+
+        return {
+            "counts": counts,
+            "rates": {
+                "FAR": FAR,
+                "FRR": FRR,
+                "accuracy": accuracy
+            },
+            "totals": {
+                "totalAttempts": total_attempts_calc
+            }
+        }
+    except Exception as e:
+        print(f"Error computing metrics: {e}")
+        return {
+            "counts": {"trueAccepts": 0, "falseAccepts": 0, "trueRejects": 0, "falseRejects": 0,
+                      "genuineAttempts": 0, "impostorAttempts": 0, "unauthorizedRejected": 0, "unauthorizedAccepted": 0},
+            "rates": {"FAR": 0, "FRR": 0, "accuracy": 0},
+            "totals": {"totalAttempts": 0}
+        }
+
+def compute_latency_avg(limit: int = 300) -> Optional[float]:
+    try:
+        cursor = metrics_events.find({"latency_ms": {"$exists": True}}, {"latency_ms": 1, "_id": 0}).sort("ts", -1).limit(limit)
+        vals = [float(d["latency_ms"]) for d in cursor if isinstance(d.get("latency_ms"), (int, float))]
+        if not vals:
+            return None
+        return sum(vals) / len(vals)
+    except Exception as e:
+        print(f"Error computing latency average: {e}")
+        return None
 
-# Routes
+# --------- STUDENT ROUTES ---------
 @app.route('/')
 def home():
     return render_template('home.html')
@@ -520,26 +483,12 @@ def register_page():
     return render_template('register.html')
 
 @app.route('/metrics')
-@login_required('teacher')
 def metrics_dashboard():
     return render_template('metrics.html')
 
-@app.route('/health-check')
-def health_check():
-    return jsonify({
-        'status': 'healthy',
-        'models': model_status,
-        'database_connected': check_db_connection(),
-        'timestamp': datetime.now().isoformat()
-    })
-
 @app.route('/register', methods=['POST'])
 def register():
     try:
-        if not check_db_connection():
-            flash('Database connection error. Please try again later.', 'danger')
-            return redirect(url_for('register_page'))
-            
         student_data = {
             'student_id': request.form.get('student_id'),
             'name': request.form.get('name'),
@@ -554,7 +503,6 @@ def register():
             'password': request.form.get('password'),
             'created_at': datetime.now()
         }
-        
         face_image = request.form.get('face_image')
         if face_image and ',' in face_image:
             image_data = face_image.split(',')[1]
@@ -571,143 +519,123 @@ def register():
         else:
             flash('Registration failed. Please try again.', 'danger')
             return redirect(url_for('register_page'))
-            
     except pymongo.errors.DuplicateKeyError:
         flash('Student ID already exists. Please use a different ID.', 'danger')
         return redirect(url_for('register_page'))
     except Exception as e:
-        logger.error(f"Registration error: {e}")
         flash(f'Registration failed: {str(e)}', 'danger')
         return redirect(url_for('register_page'))
 
 @app.route('/login', methods=['POST'])
 def login():
-    try:
-        if not check_db_connection():
-            flash('Database connection error. Please try again later.', 'danger')
-            return redirect(url_for('login_page'))
-            
-        student_id = request.form.get('student_id')
-        password = request.form.get('password')
-        
-        if not student_id or not password:
-            flash('Please enter both student ID and password.', 'danger')
-            return redirect(url_for('login_page'))
-        
-        student = students_collection.find_one({'student_id': student_id})
-
-        if student and student.get('password') == password:
-            session.permanent = True
-            session['logged_in'] = True
-            session['user_type'] = 'student'
-            session['student_id'] = student_id
-            session['name'] = student.get('name')
-            session.modified = True
-            
-            flash('Login successful!', 'success')
-            return redirect(url_for('dashboard'))
-        else:
-            flash('Invalid credentials. Please try again.', 'danger')
-            return redirect(url_for('login_page'))
-            
-    except Exception as e:
-        logger.error(f"Login error: {e}")
-        flash('Login failed due to server error. Please try again.', 'danger')
+    student_id = request.form.get('student_id')
+    password = request.form.get('password')
+    student = students_collection.find_one({'student_id': student_id})
+
+    if student and student['password'] == password:
+        session['logged_in'] = True
+        session['user_type'] = 'student'
+        session['student_id'] = student_id
+        session['name'] = student.get('name')
+        flash('Login successful!', 'success')
+        return redirect(url_for('dashboard'))
+    else:
+        flash('Invalid credentials. Please try again.', 'danger')
         return redirect(url_for('login_page'))
 
 @app.route('/face-login', methods=['POST'])
 def face_login():
-    try:
-        if not check_db_connection():
-            flash('Database connection error. Please try again later.', 'danger')
-            return redirect(url_for('login_page'))
-            
-        face_image = request.form.get('face_image')
-        face_role = request.form.get('face_role')
+    face_image = request.form.get('face_image')
+    face_role = request.form.get('face_role')
 
-        if not face_image or not face_role:
-            flash('Face image and role are required for face login.', 'danger')
-            return redirect(url_for('login_page'))
+    if not face_image or not face_role:
+        flash('Face image and role are required for face login.', 'danger')
+        return redirect(url_for('login_page'))
 
-        image = decode_image(face_image)
-        if image is None:
-            flash('Invalid image data.', 'danger')
-            return redirect(url_for('login_page'))
+    image = decode_image(face_image)
 
-        if face_role == 'student':
-            collection = students_collection
-            id_field = 'student_id'
-            dashboard_route = 'dashboard'
-        elif face_role == 'teacher':
-            collection = teachers_collection
-            id_field = 'teacher_id'
-            dashboard_route = 'teacher_dashboard'
-        else:
-            flash('Invalid role selected for face login.', 'danger')
-            return redirect(url_for('login_page'))
+    if face_role == 'student':
+        collection = students_collection
+        id_field = 'student_id'
+        dashboard_route = 'dashboard'
+    elif face_role == 'teacher':
+        collection = teachers_collection
+        id_field = 'teacher_id'
+        dashboard_route = 'teacher_dashboard'
+    else:
+        flash('Invalid role selected for face login.', 'danger')
+        return redirect(url_for('login_page'))
 
-        users = collection.find({'face_image': {'$exists': True, '$ne': None}}).limit(20)
-        test_features = get_face_features_deepface(image)
+    users = collection.find({'face_image': {'$exists': True, '$ne': None}})
+    
+    # Use DeepFace for face matching with improved temp file handling
+    temp_login_path = get_unique_temp_path("login_image")
+    cv2.imwrite(temp_login_path, image)
+    
+    try:
+        from deepface import DeepFace
         
-        if test_features is None:
-            flash('No face detected or processing failed. Please try again.', 'danger')
-            return redirect(url_for('login_page'))
-
         for user in users:
+            ref_image_bytes = user['face_image']
+            ref_image_array = np.frombuffer(ref_image_bytes, np.uint8)
+            ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
+            
+            temp_ref_path = get_unique_temp_path(f"ref_{user[id_field]}")
+            cv2.imwrite(temp_ref_path, ref_image)
+            
             try:
-                ref_image_bytes = user['face_image']
-                ref_image_array = np.frombuffer(ref_image_bytes, np.uint8)
-                ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
-                ref_features = get_face_features_deepface(ref_image)
+                result = DeepFace.verify(
+                    img1_path=temp_login_path,
+                    img2_path=temp_ref_path,
+                    model_name="Facenet",
+                    enforce_detection=False
+                )
                 
-                if ref_features is None:
-                    continue
-                
-                similarity = cosine_similarity([test_features], [ref_features])[0][0]
-                distance = 1 - similarity
-                
-                if distance < 0.4:
-                    session.permanent = True
+                if result["verified"]:
                     session['logged_in'] = True
                     session['user_type'] = face_role
                     session[id_field] = user[id_field]
                     session['name'] = user.get('name')
-                    session.modified = True
-                    
                     flash('Face login successful!', 'success')
-                    return redirect(url_for(dashboard_route))
                     
+                    # Cleanup
+                    for temp_file in [temp_ref_path, temp_login_path]:
+                        if os.path.exists(temp_file):
+                            os.remove(temp_file)
+                    gc.collect()
+                    return redirect(url_for(dashboard_route))
+                
+                if os.path.exists(temp_ref_path):
+                    os.remove(temp_ref_path)
             except Exception as e:
-                logger.error(f"Error processing user {user.get(id_field)}: {e}")
+                if os.path.exists(temp_ref_path):
+                    os.remove(temp_ref_path)
                 continue
-
-        flash('Face not recognized. Please try again or contact admin.', 'danger')
-        return redirect(url_for('login_page'))
         
+        if os.path.exists(temp_login_path):
+            os.remove(temp_login_path)
+            
     except Exception as e:
-        logger.error(f"Face login error: {e}")
-        flash('Login failed due to server error. Please try again.', 'danger')
-        return redirect(url_for('login_page'))
+        if os.path.exists(temp_login_path):
+            os.remove(temp_login_path)
+    finally:
+        gc.collect()
+
+    flash('Face not recognized. Please try again or contact admin.', 'danger')
+    return redirect(url_for('login_page'))
 
 @app.route('/auto-face-login', methods=['POST'])
 def auto_face_login():
+    """Enhanced auto face login with role support"""
     try:
-        if not check_db_connection():
-            return jsonify({'success': False, 'message': 'Database connection error'})
-            
         data = request.json
         face_image = data.get('face_image')
         face_role = data.get('face_role', 'student')
-        
         if not face_image:
             return jsonify({'success': False, 'message': 'No image received'})
-            
+        
         image = decode_image(face_image)
-        test_features = get_face_features_deepface(image)
         
-        if test_features is None:
-            return jsonify({'success': False, 'message': 'No face detected'})
-
         if face_role == 'teacher':
             collection = teachers_collection
             id_field = 'teacher_id'
@@ -717,240 +645,288 @@ def auto_face_login():
             id_field = 'student_id'
             dashboard_route = '/dashboard'
 
-        users = collection.find({'face_image': {'$exists': True, '$ne': None}}).limit(20)
+        # Use DeepFace for recognition with improved temp file handling
+        temp_auto_path = get_unique_temp_path("auto_login")
+        cv2.imwrite(temp_auto_path, image)
         
-        for user in users:
-            try:
-                ref_image_array = np.frombuffer(user['face_image'], np.uint8)
-                ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
-                ref_features = get_face_features_deepface(ref_image)
-                
-                if ref_features is None:
-                    continue
-                
-                similarity = cosine_similarity([test_features], [ref_features])[0][0]
-                distance = 1 - similarity
-                
-                if distance < 0.4:
-                    session.permanent = True
-                    session['logged_in'] = True
-                    session['user_type'] = face_role
-                    session[id_field] = user[id_field]
-                    session['name'] = user.get('name')
-                    session.modified = True
+        try:
+            from deepface import DeepFace
+            
+            users = collection.find({'face_image': {'$exists': True, '$ne': None}})
+            for user in users:
+                try:
+                    ref_image_array = np.frombuffer(user['face_image'], np.uint8)
+                    ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
                     
-                    return jsonify({
-                        'success': True,
-                        'message': f'Welcome {user["name"]}! Redirecting...',
-                        'redirect_url': dashboard_route,
-                        'face_role': face_role
-                    })
+                    temp_ref_path = get_unique_temp_path(f"auto_ref_{user[id_field]}")
+                    cv2.imwrite(temp_ref_path, ref_image)
                     
-            except Exception as e:
-                logger.error(f"Error processing user {user.get(id_field)}: {e}")
-                continue
+                    result = DeepFace.verify(
+                        img1_path=temp_auto_path,
+                        img2_path=temp_ref_path,
+                        model_name="Facenet",
+                        enforce_detection=False
+                    )
+                    
+                    if result["verified"]:
+                        session['logged_in'] = True
+                        session['user_type'] = face_role
+                        session[id_field] = user[id_field]
+                        session['name'] = user.get('name')
+                        
+                        # Cleanup
+                        for temp_file in [temp_ref_path, temp_auto_path]:
+                            if os.path.exists(temp_file):
+                                os.remove(temp_file)
+                        
+                        gc.collect()
+                        return jsonify({
+                            'success': True,
+                            'message': f'Welcome {user["name"]}! Redirecting...',
+                            'redirect_url': dashboard_route,
+                            'face_role': face_role
+                        })
+                    
+                    if os.path.exists(temp_ref_path):
+                        os.remove(temp_ref_path)
+                except Exception as e:
+                    continue
+            
+            if os.path.exists(temp_auto_path):
+                os.remove(temp_auto_path)
+                
+        except Exception as e:
+            if os.path.exists(temp_auto_path):
+                os.remove(temp_auto_path)
+        finally:
+            gc.collect()
 
         return jsonify({'success': False, 'message': f'Face not recognized in {face_role} database'})
-        
     except Exception as e:
-        logger.error(f"Auto face login error: {e}")
+        print(f"Auto face login error: {e}")
         return jsonify({'success': False, 'message': 'Login failed due to server error'})
 
 @app.route('/attendance.html')
-@login_required('student')
 def attendance_page():
+    if 'logged_in' not in session or session.get('user_type') != 'student':
+        return redirect(url_for('login_page'))
     student_id = session.get('student_id')
     student = students_collection.find_one({'student_id': student_id})
     return render_template('attendance.html', student=student)
 
 @app.route('/dashboard')
-@login_required('student')
 def dashboard():
-    try:
-        if not check_db_connection():
-            flash('Database connection error. Please try again later.', 'warning')
-            return redirect(url_for('login_page'))
-            
-        student_id = session.get('student_id')
-        student = students_collection.find_one({'student_id': student_id})
-        
-        if not student:
-            session.clear()
-            flash('Student record not found. Please login again.', 'warning')
-            return redirect(url_for('login_page'))
-        
-        # Process face image for display
-        if student and 'face_image' in student and student['face_image']:
-            face_image_base64 = base64.b64encode(student['face_image']).decode('utf-8')
-            mime_type = student.get('face_image_type', 'image/jpeg')
-            student['face_image_url'] = f"data:{mime_type};base64,{face_image_base64}"
-        
-        attendance_records = list(attendance_collection.find({'student_id': student_id}).sort('date', -1))
-        
-        return render_template('dashboard.html', student=student, attendance_records=attendance_records)
-        
-    except Exception as e:
-        logger.error(f"Dashboard error: {e}")
-        flash('Error loading dashboard. Please try again.', 'danger')
+    if 'logged_in' not in session or session.get('user_type') != 'student':
         return redirect(url_for('login_page'))
+    student_id = session.get('student_id')
+    student = students_collection.find_one({'student_id': student_id})
+    if student and 'face_image' in student and student['face_image']:
+        face_image_base64 = base64.b64encode(student['face_image']).decode('utf-8')
+        mime_type = student.get('face_image_type', 'image/jpeg')
+        student['face_image_url'] = f"data:{mime_type};base64,{face_image_base64}"
+    attendance_records = list(attendance_collection.find({'student_id': student_id}).sort('date', -1))
+    return render_template('dashboard.html', student=student, attendance_records=attendance_records)
 
 @app.route('/mark-attendance', methods=['POST'])
-@login_required('student')
 def mark_attendance():
-    try:
-        if not check_db_connection():
-            return jsonify({'success': False, 'message': 'Database connection error. Please try again later.'})
-
-        if not model_status['yolo_loaded']:
-            return jsonify({'success': False, 'message': 'Face detection model not available. Please contact admin.'})
-
-        data = request.json
-        student_id = session.get('student_id') or data.get('student_id')
-        program = data.get('program')
-        semester = data.get('semester')
-        course = data.get('course')
-        face_image = data.get('face_image')
-
-        if not all([student_id, program, semester, course, face_image]):
-            return jsonify({'success': False, 'message': 'Missing required data'})
-
-        client_ip = request.remote_addr
-        t0 = time.time()
-
-        image = decode_image(face_image)
-        if image is None or image.size == 0:
-            return jsonify({'success': False, 'message': 'Invalid image data'})
-
-        h, w = image.shape[:2]
-        vis = image.copy()
+    if 'logged_in' not in session or session.get('user_type') != 'student':
+        return jsonify({'success': False, 'message': 'Not logged in'})
+
+    data = request.json
+    student_id = session.get('student_id') or data.get('student_id')
+    program = data.get('program')
+    semester = data.get('semester')
+    course = data.get('course')
+    face_image = data.get('face_image')
+
+    if not all([student_id, program, semester, course, face_image]):
+        return jsonify({'success': False, 'message': 'Missing required data'})
+
+    client_ip = request.remote_addr
+    t0 = time.time()
+
+    # Decode image
+    image = decode_image(face_image)
+    if image is None or image.size == 0:
+        return jsonify({'success': False, 'message': 'Invalid image data'})
+
+    h, w = image.shape[:2]
+    vis = image.copy()
+
+    # 1) Face detection using reliable methods
+    detections = detect_faces_yunet(image)
+    if not detections:
+        overlay = image_to_data_uri(vis)
+        log_metrics_event_normalized(
+            event="reject_true",
+            attempt_type="impostor",
+            claimed_id=student_id,
+            recognized_id=None,
+            liveness_pass=False,
+            distance=None,
+            live_prob=None,
+            latency_ms=round((time.time() - t0) * 1000.0, 2),
+            client_ip=client_ip,
+            reason="no_face_detected"
+        )
+        return jsonify({'success': False, 'message': 'No face detected for liveness', 'overlay': overlay})
+
+    # Pick highest-score detection
+    best = max(detections, key=lambda d: d["score"])
+    x1, y1, x2, y2 = [int(v) for v in best["bbox"]]
+    x1e, y1e, x2e, y2e = expand_and_clip_box((x1, y1, x2, y2), scale=1.2, w=w, h=h)
+    face_crop = image[y1e:y2e, x1e:x2e]
+    if face_crop.size == 0:
+        overlay = image_to_data_uri(vis)
+        log_metrics_event_normalized(
+            event="reject_true",
+            attempt_type="impostor",
+            claimed_id=student_id,
+            recognized_id=None,
+            liveness_pass=False,
+            distance=None,
+            live_prob=None,
+            latency_ms=round((time.time() - t0) * 1000.0, 2),
+            client_ip=client_ip,
+            reason="failed_crop"
+        )
+        return jsonify({'success': False, 'message': 'Failed to crop face for liveness', 'overlay': overlay})
+
+    # 2) Simple liveness check (lightweight)
+    live_prob = simple_liveness_check(face_crop)
+    is_live = live_prob >= 0.7
+    label = "LIVE" if is_live else "SPOOF"
+    color = (0, 200, 0) if is_live else (0, 0, 255)
+    draw_live_overlay(vis, (x1e, y1e, x2e, y2e), label, live_prob, color)
+    overlay_data = image_to_data_uri(vis)
+
+    if not is_live:
+        log_metrics_event_normalized(
+            event="reject_true",
+            attempt_type="impostor",
+            claimed_id=student_id,
+            recognized_id=None,
+            liveness_pass=False,
+            distance=None,
+            live_prob=float(live_prob),
+            latency_ms=round((time.time() - t0) * 1000.0, 2),
+            client_ip=client_ip,
+            reason="liveness_fail"
+        )
+        return jsonify({'success': False, 'message': f'Spoof detected or face not live (p={live_prob:.2f}).', 'overlay': overlay_data})
 
-        detections = yolo_face.detect(image, max_det=20)
-        if not detections:
-            overlay = image_to_data_uri(vis)
-            log_metrics_event_normalized(
-                event="reject_true", attempt_type="impostor", claimed_id=student_id,
-                recognized_id=None, liveness_pass=False, distance=None, live_prob=None,
-                latency_ms=round((time.time() - t0) * 1000.0, 2), client_ip=client_ip,
-                reason="no_face_detected"
-            )
-            return jsonify({'success': False, 'message': 'No face detected for liveness', 'overlay': overlay})
+    # 3) Face recognition using DeepFace
+    success, message = recognize_face_deepface(image, student_id, user_type='student')
+    total_latency_ms = round((time.time() - t0) * 1000.0, 2)
 
-        best = max(detections, key=lambda d: d["score"])
-        x1, y1, x2, y2 = [int(v) for v in best["bbox"]]
-        x1e, y1e, x2e, y2e = expand_and_clip_box((x1, y1, x2, y2), scale=1.2, w=w, h=h)
-        face_crop = image[y1e:y2e, x1e:x2e]
-        
-        if face_crop.size == 0:
-            overlay = image_to_data_uri(vis)
-            log_metrics_event_normalized(
-                event="reject_true", attempt_type="impostor", claimed_id=student_id,
-                recognized_id=None, liveness_pass=False, distance=None, live_prob=None,
-                latency_ms=round((time.time() - t0) * 1000.0, 2), client_ip=client_ip,
-                reason="failed_crop"
-            )
-            return jsonify({'success': False, 'message': 'Failed to crop face for liveness', 'overlay': overlay})
+    # Parse distance from message if available
+    distance_val = None
+    try:
+        if "distance=" in message:
+            part = message.split("distance=")[1]
+            distance_val = float(part.split(",")[0].strip(") "))
+    except Exception:
+        pass
 
-        # Anti-spoofing
-        live_prob = 1.0
-        is_live = True
-        
-        if model_status['antispoof_loaded'] and anti_spoof_bin:
-            live_prob = anti_spoof_bin.predict_live_prob(face_crop)
-            is_live = live_prob >= 0.7
+    # Derive reason string
+    reason = None
+    if not success:
+        if message.startswith("Unauthorized attempt"):
+            reason = "unauthorized_attempt"
+        elif message.startswith("No face detected"):
+            reason = "no_face_detected"
+        elif message.startswith("False reject"):
+            reason = "false_reject"
+        elif message.startswith("Error in face recognition") or message.startswith("DeepFace"):
+            reason = "recognition_error"
+        else:
+            reason = "not_recognized"
+
+    # Log event
+    if success:
+        log_metrics_event_normalized(
+            event="accept_true",
+            attempt_type="genuine",
+            claimed_id=student_id,
+            recognized_id=student_id,
+            liveness_pass=True,
+            distance=distance_val,
+            live_prob=float(live_prob),
+            latency_ms=total_latency_ms,
+            client_ip=client_ip,
+            reason=None
+        )
         
-        label = "LIVE" if is_live else "SPOOF"
-        color = (0, 200, 0) if is_live else (0, 0, 255)
-        draw_live_overlay(vis, (x1e, y1e, x2e, y2e), label, live_prob, color)
-        overlay_data = image_to_data_uri(vis)
-
-        if not is_live:
-            log_metrics_event_normalized(
-                event="reject_true", attempt_type="impostor", claimed_id=student_id,
-                recognized_id=None, liveness_pass=False, distance=None, live_prob=float(live_prob),
-                latency_ms=round((time.time() - t0) * 1000.0, 2), client_ip=client_ip,
-                reason="liveness_fail"
-            )
-            return jsonify({'success': False, 'message': f'Spoof detected or face not live (p={live_prob:.2f}).', 'overlay': overlay_data})
-
-        success, message = recognize_face(image, student_id, user_type='student')
-        total_latency_ms = round((time.time() - t0) * 1000.0, 2)
-
-        distance_val = None
+        # Save attendance
+        attendance_data = {
+            'student_id': student_id,
+            'program': program,
+            'semester': semester,
+            'subject': course,
+            'date': datetime.now().date().isoformat(),
+            'time': datetime.now().time().strftime('%H:%M:%S'),
+            'status': 'present',
+            'created_at': datetime.now()
+        }
         try:
-            if "distance=" in message:
-                part = message.split("distance=")[1]
-                distance_val = float(part.split(",")[0].strip(") "))
-        except Exception:
-            pass
-
-        if success:
-            log_metrics_event_normalized(
-                event="accept_true", attempt_type="genuine", claimed_id=student_id,
-                recognized_id=student_id, liveness_pass=True, distance=distance_val,
-                live_prob=float(live_prob), latency_ms=total_latency_ms, client_ip=client_ip, reason=None
-            )
-            
-            # Check if attendance already marked today
             existing_attendance = attendance_collection.find_one({
                 'student_id': student_id,
                 'subject': course,
                 'date': datetime.now().date().isoformat()
             })
-            
             if existing_attendance:
                 return jsonify({'success': False, 'message': 'Attendance already marked for this course today', 'overlay': overlay_data})
-            
-            attendance_data = {
-                'student_id': student_id,
-                'program': program,
-                'semester': semester,
-                'subject': course,
-                'date': datetime.now().date().isoformat(),
-                'time': datetime.now().time().strftime('%H:%M:%S'),
-                'status': 'present',
-                'created_at': datetime.now()
-            }
-            
             attendance_collection.insert_one(attendance_data)
+            gc.collect()  # Clean up memory after successful operation
             return jsonify({'success': True, 'message': 'Attendance marked successfully', 'overlay': overlay_data})
+        except Exception as e:
+            return jsonify({'success': False, 'message': f'Database error: {str(e)}', 'overlay': overlay_data})
+    else:
+        if reason == "false_reject":
+            log_metrics_event_normalized(
+                event="reject_false",
+                attempt_type="genuine",
+                claimed_id=student_id,
+                recognized_id=student_id,
+                liveness_pass=True,
+                distance=distance_val,
+                live_prob=float(live_prob),
+                latency_ms=total_latency_ms,
+                client_ip=client_ip,
+                reason=reason
+            )
         else:
-            # Determine reason for failure
-            reason = "unauthorized_attempt"
-            if "No face detected" in message:
-                reason = "no_face_detected"
-            elif "Error in face recognition" in message:
-                reason = "recognition_error"
-            
             log_metrics_event_normalized(
-                event="reject_true", attempt_type="impostor", claimed_id=student_id,
-                recognized_id=None, liveness_pass=True, distance=distance_val,
-                live_prob=float(live_prob), latency_ms=total_latency_ms, client_ip=client_ip, reason=reason
+                event="reject_true",
+                attempt_type="impostor",
+                claimed_id=student_id,
+                recognized_id=None,
+                liveness_pass=True,
+                distance=distance_val,
+                live_prob=float(live_prob),
+                latency_ms=total_latency_ms,
+                client_ip=client_ip,
+                reason=reason
             )
-            return jsonify({'success': False, 'message': message, 'overlay': overlay_data})
-            
-    except Exception as e:
-        logger.error(f"Mark attendance error: {e}")
-        return jsonify({'success': False, 'message': 'Server error occurred. Please try again.'})
+        return jsonify({'success': False, 'message': message, 'overlay': overlay_data})
 
 @app.route('/liveness-preview', methods=['POST'])
-@login_required('student')
 def liveness_preview():
+    if 'logged_in' not in session or session.get('user_type') != 'student':
+        return jsonify({'success': False, 'message': 'Not logged in'})
     try:
-        if not model_status['yolo_loaded']:
-            return jsonify({'success': False, 'message': 'Face detection model not available'})
-            
         data = request.json or {}
         face_image = data.get('face_image')
         if not face_image:
             return jsonify({'success': False, 'message': 'No image received'})
-            
+        
         image = decode_image(face_image)
         if image is None or image.size == 0:
             return jsonify({'success': False, 'message': 'Invalid image data'})
-            
+        
         h, w = image.shape[:2]
         vis = image.copy()
-        detections = yolo_face.detect(image, max_det=10)
+        detections = detect_faces_yunet(image)
         
         if not detections:
             overlay_data = image_to_data_uri(vis)
@@ -961,7 +937,7 @@ def liveness_preview():
                 'message': 'No face detected',
                 'overlay': overlay_data
             })
-            
+        
         best = max(detections, key=lambda d: d["score"])
         x1, y1, x2, y2 = [int(v) for v in best["bbox"]]
         x1e, y1e, x2e, y2e = expand_and_clip_box((x1, y1, x2, y2), scale=1.2, w=w, h=h)
@@ -977,28 +953,29 @@ def liveness_preview():
                 'overlay': overlay_data
             })
         
-        live_prob = 1.0
-        if model_status['antispoof_loaded'] and anti_spoof_bin:
-            live_prob = anti_spoof_bin.predict_live_prob(face_crop)
-        
+        live_prob = simple_liveness_check(face_crop)
         threshold = 0.7
         label = "LIVE" if live_prob >= threshold else "SPOOF"
         color = (0, 200, 0) if label == "LIVE" else (0, 0, 255)
+        
         draw_live_overlay(vis, (x1e, y1e, x2e, y2e), label, live_prob, color)
         overlay_data = image_to_data_uri(vis)
         
+        # Clean up memory
+        del image, vis, face_crop
+        gc.collect()
+        
         return jsonify({
             'success': True,
             'live': bool(live_prob >= threshold),
             'live_prob': float(live_prob),
             'overlay': overlay_data
         })
-        
     except Exception as e:
-        logger.error(f"Liveness preview error: {e}")
+        print("liveness_preview error:", e)
         return jsonify({'success': False, 'message': 'Server error during preview'})
 
-# Teacher routes
+# --------- TEACHER ROUTES ---------
 @app.route('/teacher_register.html')
 def teacher_register_page():
     return render_template('teacher_register.html')
@@ -1010,10 +987,6 @@ def teacher_login_page():
 @app.route('/teacher_register', methods=['POST'])
 def teacher_register():
     try:
-        if not check_db_connection():
-            flash('Database connection error. Please try again later.', 'danger')
-            return redirect(url_for('teacher_register_page'))
-            
         teacher_data = {
             'teacher_id': request.form.get('teacher_id'),
             'name': request.form.get('name'),
@@ -1026,7 +999,6 @@ def teacher_register():
             'password': request.form.get('password'),
             'created_at': datetime.now()
         }
-        
         face_image = request.form.get('face_image')
         if face_image and ',' in face_image:
             image_data = face_image.split(',')[1]
@@ -1035,7 +1007,6 @@ def teacher_register():
         else:
             flash('Face image is required for registration.', 'danger')
             return redirect(url_for('teacher_register_page'))
-            
         result = teachers_collection.insert_one(teacher_data)
         if result.inserted_id:
             flash('Registration successful! You can now login.', 'success')
@@ -1043,76 +1014,40 @@ def teacher_register():
         else:
             flash('Registration failed. Please try again.', 'danger')
             return redirect(url_for('teacher_register_page'))
-            
     except pymongo.errors.DuplicateKeyError:
         flash('Teacher ID already exists. Please use a different ID.', 'danger')
         return redirect(url_for('teacher_register_page'))
     except Exception as e:
-        logger.error(f"Teacher registration error: {e}")
         flash(f'Registration failed: {str(e)}', 'danger')
         return redirect(url_for('teacher_register_page'))
 
 @app.route('/teacher_login', methods=['POST'])
 def teacher_login():
-    try:
-        if not check_db_connection():
-            flash('Database connection error. Please try again later.', 'danger')
-            return redirect(url_for('teacher_login_page'))
-            
-        teacher_id = request.form.get('teacher_id')
-        password = request.form.get('password')
-        
-        if not teacher_id or not password:
-            flash('Please enter both teacher ID and password.', 'danger')
-            return redirect(url_for('teacher_login_page'))
-        
-        teacher = teachers_collection.find_one({'teacher_id': teacher_id})
-        if teacher and teacher.get('password') == password:
-            session.permanent = True
-            session['logged_in'] = True
-            session['user_type'] = 'teacher'
-            session['teacher_id'] = teacher_id
-            session['name'] = teacher.get('name')
-            session.modified = True
-            
-            flash('Login successful!', 'success')
-            return redirect(url_for('teacher_dashboard'))
-        else:
-            flash('Invalid credentials. Please try again.', 'danger')
-            return redirect(url_for('teacher_login_page'))
-            
-    except Exception as e:
-        logger.error(f"Teacher login error: {e}")
-        flash('Login failed due to server error. Please try again.', 'danger')
+    teacher_id = request.form.get('teacher_id')
+    password = request.form.get('password')
+    teacher = teachers_collection.find_one({'teacher_id': teacher_id})
+    if teacher and teacher['password'] == password:
+        session['logged_in'] = True
+        session['user_type'] = 'teacher'
+        session['teacher_id'] = teacher_id
+        session['name'] = teacher.get('name')
+        flash('Login successful!', 'success')
+        return redirect(url_for('teacher_dashboard'))
+    else:
+        flash('Invalid credentials. Please try again.', 'danger')
         return redirect(url_for('teacher_login_page'))
 
 @app.route('/teacher_dashboard')
-@login_required('teacher')
 def teacher_dashboard():
-    try:
-        if not check_db_connection():
-            flash('Database connection error. Please try again later.', 'warning')
-            return redirect(url_for('teacher_login_page'))
-            
-        teacher_id = session.get('teacher_id')
-        teacher = teachers_collection.find_one({'teacher_id': teacher_id})
-        
-        if not teacher:
-            session.clear()
-            flash('Teacher record not found. Please login again.', 'warning')
-            return redirect(url_for('teacher_login_page'))
-        
-        if teacher and 'face_image' in teacher and teacher['face_image']:
-            face_image_base64 = base64.b64encode(teacher['face_image']).decode('utf-8')
-            mime_type = teacher.get('face_image_type', 'image/jpeg')
-            teacher['face_image_url'] = f"data:{mime_type};base64,{face_image_base64}"
-        
-        return render_template('teacher_dashboard.html', teacher=teacher)
-        
-    except Exception as e:
-        logger.error(f"Teacher dashboard error: {e}")
-        flash('Error loading dashboard. Please try again.', 'danger')
+    if 'logged_in' not in session or session.get('user_type') != 'teacher':
         return redirect(url_for('teacher_login_page'))
+    teacher_id = session.get('teacher_id')
+    teacher = teachers_collection.find_one({'teacher_id': teacher_id})
+    if teacher and 'face_image' in teacher and teacher['face_image']:
+        face_image_base64 = base64.b64encode(teacher['face_image']).decode('utf-8')
+        mime_type = teacher.get('face_image_type', 'image/jpeg')
+        teacher['face_image_url'] = f"data:{mime_type};base64,{face_image_base64}"
+    return render_template('teacher_dashboard.html', teacher=teacher)
 
 @app.route('/teacher_logout')
 def teacher_logout():
@@ -1120,121 +1055,117 @@ def teacher_logout():
     flash('You have been logged out', 'info')
     return redirect(url_for('teacher_login_page'))
 
+# --------- COMMON LOGOUT ---------
 @app.route('/logout')
 def logout():
     session.clear()
     flash('You have been logged out', 'info')
     return redirect(url_for('login_page'))
 
-# Metrics endpoints
-def compute_metrics(limit: int = 10000):
-    if not check_db_connection():
-        return {"counts": {}, "rates": {}, "totals": {"totalAttempts": 0}}
-        
-    try:
-        cursor = metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(limit)
-        counts = {
-            "trueAccepts": 0, "falseAccepts": 0, "trueRejects": 0, "falseRejects": 0,
-            "genuineAttempts": 0, "impostorAttempts": 0, "unauthorizedRejected": 0, "unauthorizedAccepted": 0,
-        }
-
-        total_attempts_calc = 0
-        for ev in cursor:
-            event = ev.get("event", "")
-            attempt_type = ev.get("attempt_type", "")
-            
-            if not event:
-                continue
-                
-            total_attempts_calc += 1
-            
-            if event == "accept_true":
-                counts["trueAccepts"] += 1
-            elif event == "accept_false":
-                counts["falseAccepts"] += 1
-                counts["unauthorizedAccepted"] += 1
-            elif event == "reject_true":
-                counts["trueRejects"] += 1
-                counts["unauthorizedRejected"] += 1
-            elif event == "reject_false":
-                counts["falseRejects"] += 1
-
-            if attempt_type == "genuine":
-                counts["genuineAttempts"] += 1
-            elif attempt_type == "impostor":
-                counts["impostorAttempts"] += 1
-
-        genuine_attempts = max(counts["genuineAttempts"], 1)
-        impostor_attempts = max(counts["impostorAttempts"], 1)
-        total_attempts_final = max(total_attempts_calc, 1)
-
-        FAR = counts["falseAccepts"] / impostor_attempts
-        FRR = counts["falseRejects"] / genuine_attempts
-        accuracy = (counts["trueAccepts"] + counts["trueRejects"]) / total_attempts_final
-
-        return {
-            "counts": counts,
-            "rates": {"FAR": FAR, "FRR": FRR, "accuracy": accuracy},
-            "totals": {"totalAttempts": total_attempts_calc}
-        }
-    except Exception as e:
-        logger.error(f"Error computing metrics: {e}")
-        return {"counts": {}, "rates": {}, "totals": {"totalAttempts": 0}}
-
-def compute_latency_avg(limit: int = 300) -> Optional[float]:
-    if not check_db_connection():
-        return None
-        
-    try:
-        cursor = metrics_events.find({"latency_ms": {"$exists": True}}, {"latency_ms": 1, "_id": 0}).sort("ts", -1).limit(limit)
-        vals = [float(d["latency_ms"]) for d in cursor if isinstance(d.get("latency_ms"), (int, float))]
-        if not vals:
-            return None
-        return sum(vals) / len(vals)
-    except Exception as e:
-        logger.error(f"Error computing latency: {e}")
-        return None
-
+# --------- METRICS JSON ENDPOINTS ---------
 @app.route('/metrics-data', methods=['GET'])
-@login_required()
 def metrics_data():
     data = compute_metrics()
     try:
         recent = list(metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(200))
+        normalized_recent = []
         for r in recent:
             if isinstance(r.get("ts"), datetime):
                 r["ts"] = r["ts"].isoformat()
-        data["recent"] = recent
+            event, attempt_type = classify_event(r)
+            if event and not r.get("event"):
+                r["event"] = event
+            if attempt_type and not r.get("attempt_type"):
+                r["attempt_type"] = attempt_type
+            if "liveness_pass" not in r:
+                if r.get("decision") == "spoof_blocked":
+                    r["liveness_pass"] = False
+                elif isinstance(r.get("live_prob"), (int, float)):
+                    r["liveness_pass"] = bool(r["live_prob"] >= 0.7)
+                else:
+                    r["liveness_pass"] = None
+            normalized_recent.append(r)
+
+        data["recent"] = normalized_recent
     except Exception as e:
-        logger.error(f"Error fetching recent events: {e}")
+        print(f"Error getting recent metrics: {e}")
         data["recent"] = []
     
     data["avg_latency_ms"] = compute_latency_avg()
     return jsonify(data)
 
 @app.route('/metrics-json')
-@login_required()
 def metrics_json():
     m = compute_metrics()
     counts = m["counts"]
     rates = m["rates"]
     totals = m["totals"]
     avg_latency = compute_latency_avg()
-    
-    accuracy_pct = rates.get("accuracy", 0) * 100.0
-    far_pct = rates.get("FAR", 0) * 100.0
-    frr_pct = rates.get("FRR", 0) * 100.0
+    accuracy_pct = rates["accuracy"] * 100.0
+    far_pct = rates["FAR"] * 100.0
+    frr_pct = rates["FRR"] * 100.0
 
     return jsonify({
         'Accuracy': f"{accuracy_pct:.2f}%" if totals["totalAttempts"] > 0 else "N/A",
-        'False Accepts (FAR)': f"{far_pct:.2f}%" if counts.get("impostorAttempts", 0) > 0 else "N/A",
-        'False Rejects (FRR)': f"{frr_pct:.2f}%" if counts.get("genuineAttempts", 0) > 0 else "N/A",
+        'False Accepts (FAR)': f"{far_pct:.2f}%" if counts["impostorAttempts"] > 0 else "N/A",
+        'False Rejects (FRR)': f"{frr_pct:.2f}%" if counts["genuineAttempts"] > 0 else "N/A",
         'Average Inference Time (s)': f"{(avg_latency/1000.0):.2f}" if isinstance(avg_latency, (int, float)) else "N/A",
-        'Correct Recognitions': counts.get("trueAccepts", 0),
+        'Correct Recognitions': counts["trueAccepts"],
         'Total Attempts': totals["totalAttempts"],
-        'Unauthorized Attempts': counts.get("unauthorizedRejected", 0),
+        'Unauthorized Attempts': counts["unauthorizedRejected"],
+        'enhanced': {
+            'totals': {
+                'attempts': totals["totalAttempts"],
+                'trueAccepts': counts["trueAccepts"],
+                'falseAccepts': counts["falseAccepts"],
+                'trueRejects': counts["trueRejects"],
+                'falseRejects': counts["falseRejects"],
+                'genuineAttempts': counts["genuineAttempts"],
+                'impostorAttempts': counts["impostorAttempts"],
+                'unauthorizedRejected': counts["unauthorizedRejected"],
+                'unauthorizedAccepted': counts["unauthorizedAccepted"],
+            },
+            'accuracy_pct': round(accuracy_pct, 2),
+            'avg_latency_ms': round(avg_latency, 2) if isinstance(avg_latency, (int, float)) else None
+        }
     })
 
+@app.route('/metrics-events')
+def metrics_events_api():
+    limit = int(request.args.get("limit", 200))
+    try:
+        cursor = metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(limit)
+        events = list(cursor)
+        for ev in events:
+            if isinstance(ev.get("ts"), datetime):
+                ev["ts"] = ev["ts"].isoformat()
+        return jsonify(events)
+    except Exception as e:
+        print(f"Error getting metrics events: {e}")
+        return jsonify([])
+
+# Health check endpoint for Hugging Face
+@app.route('/health')
+def health_check():
+    return jsonify({
+        'status': 'healthy',
+        'platform': 'hugging_face',
+        'memory': 'optimized',
+        'face_detector': 'haar_cascade',
+        'timestamp': datetime.now().isoformat()
+    }), 200
+
+# Cleanup function to be called periodically
+@app.route('/cleanup', methods=['POST'])
+def manual_cleanup():
+    """Manual cleanup endpoint for memory management"""
+    try:
+        gc.collect()
+        return jsonify({'status': 'cleanup completed'}), 200
+    except Exception as e:
+        return jsonify({'status': 'cleanup failed', 'error': str(e)}), 500
+
+# HUGGING FACE SPECIFIC: Updated port to 7860
 if __name__ == '__main__':
-    port = int(os.environ.get('PORT', 7860))
+    port = int(os.environ.get('PORT', 7860))  # Hugging Face uses port 7860
     app.run(host='0.0.0.0', port=port, debug=False)

requirements.txt

@@ -1,11 +1,14 @@
 Flask==2.3.3
-pymongo==4.5.0
+pymongo==4.6.0
 python-dotenv==1.0.0
 opencv-python-headless==4.8.1.78
-tensorflow==2.13.0
-deepface==0.0.79
-scikit-learn==1.3.0
 numpy==1.24.3
-onnxruntime==1.15.1
-requests==2.31.0
 Pillow==10.0.0
+tensorflow-cpu==2.15.1
+deepface==0.0.79
+requests==2.32.3
+pandas==2.2.2
+scipy==1.11.4
+protobuf==4.25.3
+fire==0.6.0
+gunicorn==21.2.0