Spaces:

kkt-2002
/

AutoAttend-AI

Sleeping

App Files Files Community

kkt-2002 commited on Sep 8, 2025

Commit

c08bf91

1 Parent(s): a6e8527

Critical security fixes: prevent cross-user attendance + stable face detection

Browse files

Files changed (1) hide show

app.py +187 -586

app.py CHANGED Viewed

@@ -5,7 +5,7 @@ import gc
 import logging
 import time
 import uuid
-import secrets  # Added for token generation
 import pymongo
 from pymongo import MongoClient
 from bson.binary import Binary
@@ -51,15 +51,15 @@ app.config.update({
     'PERMANENT_SESSION_LIFETIME': timedelta(hours=2),
     'SESSION_COOKIE_NAME': 'face_app_session',
     'SESSION_COOKIE_HTTPONLY': True,
-    'SESSION_COOKIE_SECURE': False,  # Hugging Face uses HTTP internally
-    'SESSION_COOKIE_SAMESITE': None,  # Critical for Hugging Face iframe
-    'SESSION_REFRESH_EACH_REQUEST': False,  # Prevent session reset
     'SESSION_COOKIE_DOMAIN': None,
     'SESSION_COOKIE_PATH': '/',
-    'SEND_FILE_MAX_AGE_DEFAULT': 0  # Disable caching
 })
-# CRITICAL FIX: Add ProxyFix middleware for Hugging Face reverse proxy
 app.wsgi_app = ProxyFix(
     app.wsgi_app,
     x_for=1,
@@ -99,7 +99,7 @@ try:
     teachers_collection = db['teachers']
     attendance_collection = db['attendance']
     metrics_events = db['metrics_events']
-    sessions_collection = db['user_sessions']  # Added for token-based sessions
     # Create indexes for better performance
     students_collection.create_index([("student_id", pymongo.ASCENDING)], unique=True)
@@ -118,9 +118,7 @@ try:
 except Exception as e:
     print(f"MongoDB connection error: {e}")
-# ---------------- Memory-Optimized Face Detection ----------------
-# Initialize Haar Cascade Face Detector (lightweight and reliable)
 face_detector = None
 try:
     face_detector = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_frontalface_default.xml')
@@ -128,7 +126,6 @@ try:
 except Exception as e:
     print(f"Error initializing face detector: {e}")
-# Initialize eye cascade for liveness detection
 eye_cascade = None
 try:
     eye_cascade = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_eye.xml')
@@ -160,7 +157,6 @@ def detect_faces_haar(image):
                 "score": 0.9
             })
-        # Clean up memory
         del gray
         gc.collect()
         return detections
@@ -173,7 +169,6 @@ def detect_faces_yunet(image):
     if face_detector is not None:
         return detect_faces_haar(image)
-    # Final fallback
     try:
         gray = cv2.cvtColor(image, cv2.COLOR_BGR2GRAY)
         face_cascade = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_frontalface_default.xml')
@@ -194,7 +189,7 @@ def detect_faces_yunet(image):
         return []
 def recognize_face_deepface(image, user_id, user_type='student'):
-    """Enhanced face recognition with better detector and alignment"""
     global total_attempts, correct_recognitions, unauthorized_attempts, inference_times
     temp_files = []
@@ -204,10 +199,27 @@ def recognize_face_deepface(image, user_id, user_type='student'):
         start_time = time.time()
-        # Save current image temporarily
         temp_img_path = get_unique_temp_path(f"current_{user_id}")
         temp_files.append(temp_img_path)
-        cv2.imwrite(temp_img_path, image)
         # Get user's reference image
         if user_type == 'student':
@@ -219,39 +231,49 @@ def recognize_face_deepface(image, user_id, user_type='student'):
             unauthorized_attempts += 1
             return False, f"No reference face found for {user_type} ID {user_id}"
-        # Save reference image temporarily
         ref_image_bytes = user['face_image']
         ref_image_array = np.frombuffer(ref_image_bytes, np.uint8)
         ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
         temp_ref_path = get_unique_temp_path(f"ref_{user_id}")
         temp_files.append(temp_ref_path)
-        cv2.imwrite(temp_ref_path, ref_image)
         # Clean up arrays immediately
         del ref_image_array, ref_image
         try:
-            # CRITICAL FIX: Use better detector and alignment for accuracy
             result = DeepFace.verify(
                 img1_path=temp_img_path,
                 img2_path=temp_ref_path,
                 model_name="Facenet",
-                detector_backend="retinaface",  # More robust than default opencv
-                enforce_detection=False,  # Allow processing even if detection is uncertain
-                align=True,  # Enable face alignment for better matching
-                distance_metric="cosine"  # Often works better than euclidean
             )
             is_verified = result["verified"]
             distance = result["distance"]
-            threshold = result["threshold"]
             inference_time = time.time() - start_time
             inference_times.append(inference_time)
             total_attempts += 1
-            # Lower threshold for more lenient matching (adjust as needed)
-            custom_threshold = 0.45  # Default is usually 0.4, try 0.45-0.5 for more lenient
             is_verified_custom = distance < custom_threshold
             if is_verified_custom:
@@ -262,33 +284,11 @@ def recognize_face_deepface(image, user_id, user_type='student'):
                 return False, f"Face not recognized (distance={distance:.3f}, required < {custom_threshold})"
         except Exception as e:
-            # Fallback: try with opencv detector if retinaface fails
-            try:
-                print(f"RetinaFace failed, trying OpenCV detector: {e}")
-                result = DeepFace.verify(
-                    img1_path=temp_img_path,
-                    img2_path=temp_ref_path,
-                    model_name="Facenet",
-                    detector_backend="opencv",
-                    enforce_detection=False,
-                    align=True
-                )
-                distance = result["distance"]
-                custom_threshold = 0.5  # More lenient for fallback
-                is_verified_custom = distance < custom_threshold
-                if is_verified_custom:
-                    correct_recognitions += 1
-                    return True, f"Face recognized with fallback (distance={distance:.3f})"
-                else:
-                    unauthorized_attempts += 1
-                    return False, f"Face not recognized with fallback (distance={distance:.3f})"
-            except Exception as e2:
-                return False, f"DeepFace verification error: {str(e2)}"
     except Exception as e:
         return False, f"Error in face recognition: {str(e)}"
     finally:
@@ -322,29 +322,26 @@ def simple_liveness_check(image):
             liveness_score += 0.1  # No eyes detected but still some base score
         # Factor 2: Image quality assessment (30% weight)
-        # Check for blur and contrast
         laplacian_var = cv2.Laplacian(gray, cv2.CV_64F).var()
-        if laplacian_var > 100:  # Good sharpness
             liveness_score += 0.3
-        elif laplacian_var > 50:  # Moderate sharpness
             liveness_score += 0.2
         else:
-            liveness_score += 0.1  # Poor sharpness but not zero
         # Factor 3: Face size and position (30% weight)
-        # Larger faces are more likely to be real (closer to camera)
         face_area = image.shape[0] * image.shape[1]
-        if face_area > 10000:  # Decent face size
             liveness_score += 0.3
-        elif face_area > 5000:  # Smaller but acceptable
             liveness_score += 0.2
         else:
-            liveness_score += 0.1  # Very small face
         # Ensure score is between 0 and 1
         liveness_score = min(1.0, max(0.0, liveness_score))
-        # Clean up memory
         del gray
         gc.collect()
         return liveness_score
@@ -392,20 +389,10 @@ def decode_image(base64_image):
     np_array = np.frombuffer(image_bytes, np.uint8)
     image = cv2.imdecode(np_array, cv2.IMREAD_COLOR)
-    # Clean up memory
     del image_bytes, np_array
     gc.collect()
     return image
-# Legacy function for backward compatibility
-def get_face_features(image):
-    """Legacy wrapper - now uses DeepFace internally"""
-    return None
-def recognize_face(image, user_id, user_type='student'):
-    """Legacy wrapper for the new DeepFace recognition"""
-    return recognize_face_deepface(image, user_id, user_type)
 # Token-based session helpers
 def validate_session_token(token):
     """Validate session token and return session data"""
@@ -445,26 +432,24 @@ def create_session_token(user_id, user_type):
     sessions_collection.insert_one(session_data)
     return token
-# ---------------------- Metrics helpers ----------------------
 def log_metrics_event(event: dict):
     try:
         metrics_events.insert_one(event)
     except Exception as e:
         print("Failed to log metrics event:", e)
-def log_metrics_event_normalized(
-    *,
-    event: str,
-    attempt_type: str,
-    claimed_id: Optional[str],
-    recognized_id: Optional[str],
-    liveness_pass: bool,
-    distance: Optional[float],
-    live_prob: Optional[float],
-    latency_ms: Optional[float],
-    client_ip: Optional[str],
-    reason: Optional[str] = None
-):
     if not liveness_pass:
         decision = "spoof_blocked"
     else:
@@ -700,6 +685,11 @@ def face_login():
             return redirect(url_for('login_page'))
         image = decode_image(face_image)
         if face_role == 'student':
             collection = students_collection
@@ -718,28 +708,43 @@ def face_login():
         best_match = None
         best_distance = float('inf')
-        # Use DeepFace for face matching with improved temp file handling
         temp_login_path = get_unique_temp_path("login_image")
-        cv2.imwrite(temp_login_path, image)
         try:
             from deepface import DeepFace
             for user in users:
-                ref_image_bytes = user['face_image']
-                ref_image_array = np.frombuffer(ref_image_bytes, np.uint8)
-                ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
-                temp_ref_path = get_unique_temp_path(f"ref_{user[id_field]}")
-                cv2.imwrite(temp_ref_path, ref_image)
                 try:
-                    # Use improved recognition settings
                     result = DeepFace.verify(
                         img1_path=temp_login_path,
                         img2_path=temp_ref_path,
                         model_name="Facenet",
-                        detector_backend="retinaface",
                         enforce_detection=False,
                         align=True
                     )
@@ -752,7 +757,7 @@ def face_login():
                         best_match = user
                     # More lenient threshold for face login
-                    if distance < 0.5:  # Increased from default 0.4
                         # Create session token
                         token = create_session_token(user[id_field], face_role)
@@ -760,9 +765,10 @@ def face_login():
                         flash('Face login successful!', 'success')
                         # Cleanup
-                        for temp_file in [temp_ref_path, temp_login_path]:
-                            if os.path.exists(temp_file):
-                                os.remove(temp_file)
                         gc.collect()
                         return redirect(url_for(dashboard_route, token=token))
@@ -772,8 +778,6 @@ def face_login():
                 except Exception as e:
                     print(f"Face verification error: {e}")
-                    if os.path.exists(temp_ref_path):
-                        os.remove(temp_ref_path)
                     continue
             if os.path.exists(temp_login_path):
@@ -800,108 +804,6 @@ def face_login():
         flash(f'Face login failed: {str(e)}', 'danger')
         return redirect(url_for('login_page'))
-@app.route('/auto-face-login', methods=['POST'])
-def auto_face_login():
-    """Enhanced auto face login with role support"""
-    try:
-        data = request.json
-        face_image = data.get('face_image')
-        face_role = data.get('face_role', 'student')
-        print(f"Auto face login attempt for role: {face_role}")
-        if not face_image:
-            return jsonify({'success': False, 'message': 'No image received'})
-        image = decode_image(face_image)
-        if face_role == 'teacher':
-            collection = teachers_collection
-            id_field = 'teacher_id'
-        else:
-            collection = students_collection
-            id_field = 'student_id'
-        # Use DeepFace for recognition with improved temp file handling
-        temp_auto_path = get_unique_temp_path("auto_login")
-        cv2.imwrite(temp_auto_path, image)
-        try:
-            from deepface import DeepFace
-            users = collection.find({'face_image': {'$exists': True, '$ne': None}})
-            for user in users:
-                try:
-                    ref_image_array = np.frombuffer(user['face_image'], np.uint8)
-                    ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
-                    temp_ref_path = get_unique_temp_path(f"auto_ref_{user[id_field]}")
-                    cv2.imwrite(temp_ref_path, ref_image)
-                    result = DeepFace.verify(
-                        img1_path=temp_auto_path,
-                        img2_path=temp_ref_path,
-                        model_name="Facenet",
-                        detector_backend="retinaface",
-                        enforce_detection=False,
-                        align=True
-                    )
-                    if result["distance"] < 0.5:  # More lenient threshold
-                        # Create session token
-                        token = create_session_token(user[id_field], face_role)
-                        print(f"Auto face login successful for {user.get('name')}, Token: {token[:10]}...")
-                        # Cleanup
-                        for temp_file in [temp_ref_path, temp_auto_path]:
-                            if os.path.exists(temp_file):
-                                os.remove(temp_file)
-                        gc.collect()
-                        dashboard_route = '/dashboard' if face_role == 'student' else '/teacher_dashboard'
-                        return jsonify({
-                            'success': True,
-                            'message': f'Welcome {user["name"]}! Redirecting...',
-                            'redirect_url': f'{dashboard_route}?token={token}',
-                            'face_role': face_role
-                        })
-                    if os.path.exists(temp_ref_path):
-                        os.remove(temp_ref_path)
-                except Exception as e:
-                    continue
-            if os.path.exists(temp_auto_path):
-                os.remove(temp_auto_path)
-        except Exception as e:
-            if os.path.exists(temp_auto_path):
-                os.remove(temp_auto_path)
-        finally:
-            gc.collect()
-        print(f"Auto face login failed - face not recognized in {face_role} database")
-        return jsonify({'success': False, 'message': f'Face not recognized in {face_role} database'})
-    except Exception as e:
-        print(f"Auto face login error: {e}")
-        return jsonify({'success': False, 'message': 'Login failed due to server error'})
-@app.route('/attendance.html')
-def attendance_page():
-    token = request.args.get('token')
-    session_data = validate_session_token(token)
-    if not session_data or session_data.get('user_type') != 'student':
-        print("Token validation failed for attendance page")
-        return redirect(url_for('login_page'))
-    student_id = session_data.get('student_id')
-    student = students_collection.find_one({'student_id': student_id})
-    return render_template('attendance.html', student=student, session_token=token)
 @app.route('/dashboard')
 def dashboard():
     token = request.args.get('token')
@@ -977,13 +879,13 @@ def mark_attendance():
     if session_data.get('user_type') != 'student':
         return jsonify({'success': False, 'message': 'Invalid user type'})
-    student_id = session_data.get('student_id')
     program = data.get('program')
     semester = data.get('semester')
     course = data.get('course')
     face_image = data.get('face_image')
-    if not all([student_id, program, semester, course, face_image]):
         return jsonify({'success': False, 'message': 'Missing required data'})
     client_ip = request.remote_addr
@@ -1004,7 +906,7 @@ def mark_attendance():
         log_metrics_event_normalized(
             event="reject_true",
             attempt_type="impostor",
-            claimed_id=student_id,
             recognized_id=None,
             liveness_pass=False,
             distance=None,
@@ -1013,7 +915,7 @@ def mark_attendance():
             client_ip=client_ip,
             reason="no_face_detected"
         )
-        return jsonify({'success': False, 'message': 'No face detected for liveness', 'overlay': overlay})
     # Pick highest-score detection
     best = max(detections, key=lambda d: d["score"])
@@ -1025,7 +927,7 @@ def mark_attendance():
         log_metrics_event_normalized(
             event="reject_true",
             attempt_type="impostor",
-            claimed_id=student_id,
             recognized_id=None,
             liveness_pass=False,
             distance=None,
@@ -1034,13 +936,12 @@ def mark_attendance():
             client_ip=client_ip,
             reason="failed_crop"
         )
-        return jsonify({'success': False, 'message': 'Failed to crop face for liveness', 'overlay': overlay})
-    # 2) CRITICAL FIX: Enhanced liveness check with lower threshold
     live_prob = simple_liveness_check(face_crop)
-    # FIXED: Lower threshold to reduce false positives (was 0.7, now 0.5)
-    liveness_threshold = 0.5  # More lenient to avoid false spoof detection
     is_live = live_prob >= liveness_threshold
     label = "LIVE" if is_live else "SPOOF"
@@ -1054,7 +955,7 @@ def mark_attendance():
         log_metrics_event_normalized(
             event="reject_true",
             attempt_type="impostor",
-            claimed_id=student_id,
             recognized_id=None,
             liveness_pass=False,
             distance=None,
@@ -1069,8 +970,8 @@ def mark_attendance():
             'overlay': overlay_data
         })
-    # 3) Face recognition using DeepFace
-    success, message = recognize_face_deepface(image, student_id, user_type='student')
     total_latency_ms = round((time.time() - t0) * 1000.0, 2)
     # Parse distance from message if available
@@ -1082,87 +983,80 @@ def mark_attendance():
     except Exception:
         pass
-    # Derive reason string
-    reason = None
     if not success:
-        if message.startswith("Unauthorized attempt"):
-            reason = "unauthorized_attempt"
-        elif message.startswith("No face detected"):
-            reason = "no_face_detected"
-        elif message.startswith("False reject"):
-            reason = "false_reject"
-        elif message.startswith("Error in face recognition") or message.startswith("DeepFace"):
-            reason = "recognition_error"
-        else:
-            reason = "not_recognized"
-    # Log event
-    if success:
         log_metrics_event_normalized(
-            event="accept_true",
-            attempt_type="genuine",
-            claimed_id=student_id,
-            recognized_id=student_id,
             liveness_pass=True,
             distance=distance_val,
             live_prob=float(live_prob),
             latency_ms=total_latency_ms,
             client_ip=client_ip,
-            reason=None
         )
-        # Save attendance
-        attendance_data = {
-            'student_id': student_id,
-            'program': program,
-            'semester': semester,
             'subject': course,
-            'date': datetime.now().date().isoformat(),
-            'time': datetime.now().time().strftime('%H:%M:%S'),
-            'status': 'present',
-            'created_at': datetime.now()
-        }
-        try:
-            existing_attendance = attendance_collection.find_one({
-                'student_id': student_id,
-                'subject': course,
-                'date': datetime.now().date().isoformat()
             })
-            if existing_attendance:
-                return jsonify({'success': False, 'message': 'Attendance already marked for this course today', 'overlay': overlay_data})
-            attendance_collection.insert_one(attendance_data)
-            gc.collect()  # Clean up memory after successful operation
-            return jsonify({'success': True, 'message': 'Attendance marked successfully', 'overlay': overlay_data})
-        except Exception as e:
-            return jsonify({'success': False, 'message': f'Database error: {str(e)}', 'overlay': overlay_data})
-    else:
-        if reason == "false_reject":
-            log_metrics_event_normalized(
-                event="reject_false",
-                attempt_type="genuine",
-                claimed_id=student_id,
-                recognized_id=student_id,
-                liveness_pass=True,
-                distance=distance_val,
-                live_prob=float(live_prob),
-                latency_ms=total_latency_ms,
-                client_ip=client_ip,
-                reason=reason
-            )
-        else:
-            log_metrics_event_normalized(
-                event="reject_true",
-                attempt_type="impostor",
-                claimed_id=student_id,
-                recognized_id=None,
-                liveness_pass=True,
-                distance=distance_val,
-                live_prob=float(live_prob),
-                latency_ms=total_latency_ms,
-                client_ip=client_ip,
-                reason=reason
-            )
-        return jsonify({'success': False, 'message': message, 'overlay': overlay_data})
 @app.route('/liveness-preview', methods=['POST'])
 def liveness_preview():
@@ -1211,15 +1105,13 @@ def liveness_preview():
             })
         live_prob = simple_liveness_check(face_crop)
-        # Use same threshold as attendance marking
-        threshold = 0.5
         label = "LIVE" if live_prob >= threshold else "SPOOF"
         color = (0, 200, 0) if label == "LIVE" else (0, 0, 255)
         draw_live_overlay(vis, (x1e, y1e, x2e, y2e), label, live_prob, color)
         overlay_data = image_to_data_uri(vis)
-        # Clean up memory
         del image, vis, face_crop
         gc.collect()
@@ -1233,138 +1125,7 @@ def liveness_preview():
         print("liveness_preview error:", e)
         return jsonify({'success': False, 'message': 'Server error during preview'})
-# --------- TEACHER ROUTES ---------
-@app.route('/teacher_register.html')
-def teacher_register_page():
-    return render_template('teacher_register.html')
-@app.route('/teacher_login.html')
-def teacher_login_page():
-    return render_template('teacher_login.html')
-@app.route('/teacher_register', methods=['POST'])
-def teacher_register():
-    try:
-        teacher_data = {
-            'teacher_id': request.form.get('teacher_id'),
-            'name': request.form.get('name'),
-            'email': request.form.get('email'),
-            'department': request.form.get('department'),
-            'designation': request.form.get('designation'),
-            'mobile': request.form.get('mobile'),
-            'dob': request.form.get('dob'),
-            'gender': request.form.get('gender'),
-            'password': request.form.get('password'),
-            'created_at': datetime.now()
-        }
-        face_image = request.form.get('face_image')
-        if face_image and ',' in face_image:
-            image_data = face_image.split(',')[1]
-            teacher_data['face_image'] = Binary(base64.b64decode(image_data))
-            teacher_data['face_image_type'] = face_image.split(',')[0].split(':')[1].split(';')[0]
-        else:
-            flash('Face image is required for registration.', 'danger')
-            return redirect(url_for('teacher_register_page'))
-        result = teachers_collection.insert_one(teacher_data)
-        if result.inserted_id:
-            flash('Registration successful! You can now login.', 'success')
-            return redirect(url_for('teacher_login_page'))
-        else:
-            flash('Registration failed. Please try again.', 'danger')
-            return redirect(url_for('teacher_register_page'))
-    except pymongo.errors.DuplicateKeyError:
-        flash('Teacher ID already exists. Please use a different ID.', 'danger')
-        return redirect(url_for('teacher_register_page'))
-    except Exception as e:
-        flash(f'Registration failed: {str(e)}', 'danger')
-        return redirect(url_for('teacher_register_page'))
-@app.route('/teacher_login', methods=['POST'])
-def teacher_login():
-    try:
-        teacher_id = request.form.get('teacher_id')
-        password = request.form.get('password')
-        print(f"Teacher login attempt for teacher_id: {teacher_id}")
-        if not teacher_id or not password:
-            flash('Teacher ID and password are required.', 'danger')
-            return redirect(url_for('teacher_login_page'))
-        teacher = teachers_collection.find_one({'teacher_id': teacher_id})
-        print(f"Teacher found: {bool(teacher)}")
-        if teacher and teacher.get('password') == password:
-            # Create session token
-            token = create_session_token(teacher_id, 'teacher')
-            print(f"Teacher token created: {token[:10]}...")
-            flash('Login successful!', 'success')
-            return redirect(url_for('teacher_dashboard', token=token))
-        else:
-            print("Invalid teacher credentials")
-            flash('Invalid credentials. Please try again.', 'danger')
-            return redirect(url_for('teacher_login_page'))
-    except Exception as e:
-        print(f"Teacher login error: {e}")
-        flash(f'Login failed: {str(e)}', 'danger')
-        return redirect(url_for('teacher_login_page'))
-@app.route('/teacher_dashboard')
-def teacher_dashboard():
-    token = request.args.get('token')
-    print(f"Teacher dashboard access attempt. Token: {token[:10] if token else 'None'}...")
-    if not token:
-        print("No token provided for teacher dashboard")
-        flash('Please log in to access the teacher dashboard.', 'info')
-        return redirect(url_for('teacher_login_page'))
-    # Validate session token
-    session_data = validate_session_token(token)
-    if not session_data or session_data.get('user_type') != 'teacher':
-        print("Teacher token validation failed - redirecting to login")
-        flash('Please log in to access the teacher dashboard.', 'info')
-        return redirect(url_for('teacher_login_page'))
-    try:
-        teacher_id = session_data.get('teacher_id')
-        print(f"Loading teacher dashboard for teacher: {teacher_id}")
-        teacher = teachers_collection.find_one({'teacher_id': teacher_id})
-        if not teacher:
-            print("Teacher not found in database")
-            sessions_collection.delete_one({'token': token})
-            flash('Teacher record not found. Please log in again.', 'danger')
-            return redirect(url_for('teacher_login_page'))
-        # Process face image if exists
-        if teacher and 'face_image' in teacher and teacher['face_image']:
-            face_image_base64 = base64.b64encode(teacher['face_image']).decode('utf-8')
-            mime_type = teacher.get('face_image_type', 'image/jpeg')
-            teacher['face_image_url'] = f"data:{mime_type};base64,{face_image_base64}"
-        print(f"Teacher dashboard loaded successfully for {teacher.get('name')}")
-        return render_template('teacher_dashboard.html', teacher=teacher, session_token=token)
-    except Exception as e:
-        print(f"Teacher dashboard error: {e}")
-        flash(f'Error loading teacher dashboard: {str(e)}', 'danger')
-        return redirect(url_for('teacher_login_page'))
-@app.route('/teacher_logout')
-def teacher_logout():
-    token = request.args.get('token')
-    if token:
-        sessions_collection.delete_one({'token': token})
-        print(f"Teacher token {token[:10]}... invalidated")
-    flash('You have been logged out', 'info')
-    return redirect(url_for('teacher_login_page'))
-# --------- COMMON LOGOUT ---------
 @app.route('/logout')
 def logout():
     token = request.args.get('token')
@@ -1374,89 +1135,7 @@ def logout():
     flash('You have been logged out', 'info')
     return redirect(url_for('login_page'))
-# --------- METRICS JSON ENDPOINTS ---------
-@app.route('/metrics-data', methods=['GET'])
-def metrics_data():
-    data = compute_metrics()
-    try:
-        recent = list(metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(200))
-        normalized_recent = []
-        for r in recent:
-            if isinstance(r.get("ts"), datetime):
-                r["ts"] = r["ts"].isoformat()
-            event, attempt_type = classify_event(r)
-            if event and not r.get("event"):
-                r["event"] = event
-            if attempt_type and not r.get("attempt_type"):
-                r["attempt_type"] = attempt_type
-            if "liveness_pass" not in r:
-                if r.get("decision") == "spoof_blocked":
-                    r["liveness_pass"] = False
-                elif isinstance(r.get("live_prob"), (int, float)):
-                    r["liveness_pass"] = bool(r["live_prob"] >= 0.5)  # Updated threshold
-                else:
-                    r["liveness_pass"] = None
-            normalized_recent.append(r)
-        data["recent"] = normalized_recent
-    except Exception as e:
-        print(f"Error getting recent metrics: {e}")
-        data["recent"] = []
-    data["avg_latency_ms"] = compute_latency_avg()
-    return jsonify(data)
-@app.route('/metrics-json')
-def metrics_json():
-    m = compute_metrics()
-    counts = m["counts"]
-    rates = m["rates"]
-    totals = m["totals"]
-    avg_latency = compute_latency_avg()
-    accuracy_pct = rates["accuracy"] * 100.0
-    far_pct = rates["FAR"] * 100.0
-    frr_pct = rates["FRR"] * 100.0
-    return jsonify({
-        'Accuracy': f"{accuracy_pct:.2f}%" if totals["totalAttempts"] > 0 else "N/A",
-        'False Accepts (FAR)': f"{far_pct:.2f}%" if counts["impostorAttempts"] > 0 else "N/A",
-        'False Rejects (FRR)': f"{frr_pct:.2f}%" if counts["genuineAttempts"] > 0 else "N/A",
-        'Average Inference Time (s)': f"{(avg_latency/1000.0):.2f}" if isinstance(avg_latency, (int, float)) else "N/A",
-        'Correct Recognitions': counts["trueAccepts"],
-        'Total Attempts': totals["totalAttempts"],
-        'Unauthorized Attempts': counts["unauthorizedRejected"],
-        'enhanced': {
-            'totals': {
-                'attempts': totals["totalAttempts"],
-                'trueAccepts': counts["trueAccepts"],
-                'falseAccepts': counts["falseAccepts"],
-                'trueRejects': counts["trueRejects"],
-                'falseRejects': counts["falseRejects"],
-                'genuineAttempts': counts["genuineAttempts"],
-                'impostorAttempts': counts["impostorAttempts"],
-                'unauthorizedRejected': counts["unauthorizedRejected"],
-                'unauthorizedAccepted': counts["unauthorizedAccepted"],
-            },
-            'accuracy_pct': round(accuracy_pct, 2),
-            'avg_latency_ms': round(avg_latency, 2) if isinstance(avg_latency, (int, float)) else None
-        }
-    })
-@app.route('/metrics-events')
-def metrics_events_api():
-    limit = int(request.args.get("limit", 200))
-    try:
-        cursor = metrics_events.find({}, {"_id": 0}).sort("ts", -1).limit(limit)
-        events = list(cursor)
-        for ev in events:
-            if isinstance(ev.get("ts"), datetime):
-                ev["ts"] = ev["ts"].isoformat()
-        return jsonify(events)
-    except Exception as e:
-        print(f"Error getting metrics events: {e}")
-        return jsonify([])
-# --------- DEBUG AND HEALTH CHECK ROUTES ---------
 @app.route('/health-check')
 @app.route('/health')
 def health_check():
@@ -1465,7 +1144,8 @@ def health_check():
         'platform': 'hugging_face',
         'session_type': 'token_based',
         'proxy_fix': 'enabled',
-        'liveness_threshold': 0.5,
         'timestamp': datetime.now().isoformat()
     }), 200
@@ -1483,85 +1163,6 @@ def debug_session():
         'proxy_fix': 'enabled'
     })
-@app.route('/debug-session-detailed')
-def debug_session_detailed():
-    token = request.args.get('token')
-    session_data = validate_session_token(token) if token else None
-    return jsonify({
-        'token_provided': bool(token),
-        'token_valid': bool(session_data),
-        'session_data': session_data,
-        'cookies_received': dict(request.cookies),
-        'headers': dict(request.headers),
-        'user_agent': request.headers.get('User-Agent'),
-        'remote_addr': request.remote_addr,
-        'flask_secret_key_length': len(app.secret_key),
-        'session_interface_type': str(type(app.session_interface)),
-        'liveness_threshold': 0.5,
-        'timestamp': datetime.now().isoformat()
-    })
-@app.route('/test-session')
-def test_session():
-    """Test session functionality"""
-    token = secrets.token_urlsafe(16)
-    test_session = {
-        'token': token,
-        'test_data': 'working',
-        'timestamp': datetime.now(),
-        'expires_at': datetime.now() + timedelta(minutes=5)
-    }
-    sessions_collection.insert_one(test_session)
-    return jsonify({
-        'message': 'Token-based session test completed',
-        'test_token': token,
-        'test_successful': True
-    })
-@app.route('/debug-liveness', methods=['POST'])
-def debug_liveness():
-    """Debug route to test liveness detection settings"""
-    data = request.json or {}
-    token = data.get('session_token')
-    if not token or not validate_session_token(token):
-        return jsonify({'success': False, 'message': 'Not authenticated'})
-    try:
-        face_image = data.get('face_image')
-        if not face_image:
-            return jsonify({'success': False, 'message': 'No image received'})
-        image = decode_image(face_image)
-        if image is None:
-            return jsonify({'success': False, 'message': 'Invalid image data'})
-        detections = detect_faces_yunet(image)
-        if not detections:
-            return jsonify({'success': False, 'message': 'No face detected'})
-        best = max(detections, key=lambda d: d["score"])
-        x1, y1, x2, y2 = [int(v) for v in best["bbox"]]
-        x1e, y1e, x2e, y2e = expand_and_clip_box((x1, y1, x2, y2), scale=1.2, w=image.shape[1], h=image.shape[0])
-        face_crop = image[y1e:y2e, x1e:x2e]
-        if face_crop.size == 0:
-            return jsonify({'success': False, 'message': 'Failed to crop face'})
-        live_prob = simple_liveness_check(face_crop)
-        return jsonify({
-            'success': True,
-            'liveness_score': float(live_prob),
-            'threshold': 0.5,
-            'would_pass': live_prob >= 0.5,
-            'face_area': int(face_crop.shape[0] * face_crop.shape[1]),
-            'debug_info': f"Score: {live_prob:.3f}, Threshold: 0.5, Result: {'PASS' if live_prob >= 0.5 else 'FAIL'}"
-        })
-    except Exception as e:
-        return jsonify({'success': False, 'message': f'Debug error: {str(e)}'})
 @app.route('/cleanup', methods=['POST'])
 def manual_cleanup():
     """Manual cleanup endpoint for memory management"""
@@ -1573,6 +1174,6 @@ def manual_cleanup():
 # MAIN APPLICATION ENTRY POINT
 if __name__ == '__main__':
-    port = int(os.environ.get('PORT', 7860))  # Hugging Face uses port 7860
-    print(f"Starting Flask app on port {port} with token-based authentication and improved liveness detection")
     app.run(host='0.0.0.0', port=port, debug=False)

 import logging
 import time
 import uuid
+import secrets
 import pymongo
 from pymongo import MongoClient
 from bson.binary import Binary
     'PERMANENT_SESSION_LIFETIME': timedelta(hours=2),
     'SESSION_COOKIE_NAME': 'face_app_session',
     'SESSION_COOKIE_HTTPONLY': True,
+    'SESSION_COOKIE_SECURE': False,
+    'SESSION_COOKIE_SAMESITE': None,
+    'SESSION_REFRESH_EACH_REQUEST': False,
     'SESSION_COOKIE_DOMAIN': None,
     'SESSION_COOKIE_PATH': '/',
+    'SEND_FILE_MAX_AGE_DEFAULT': 0
 })
+# Add ProxyFix middleware for Hugging Face reverse proxy
 app.wsgi_app = ProxyFix(
     app.wsgi_app,
     x_for=1,
     teachers_collection = db['teachers']
     attendance_collection = db['attendance']
     metrics_events = db['metrics_events']
+    sessions_collection = db['user_sessions']
     # Create indexes for better performance
     students_collection.create_index([("student_id", pymongo.ASCENDING)], unique=True)
 except Exception as e:
     print(f"MongoDB connection error: {e}")
+# Initialize face detection cascades
 face_detector = None
 try:
     face_detector = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_frontalface_default.xml')
 except Exception as e:
     print(f"Error initializing face detector: {e}")
 eye_cascade = None
 try:
     eye_cascade = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_eye.xml')
                 "score": 0.9
             })
         del gray
         gc.collect()
         return detections
     if face_detector is not None:
         return detect_faces_haar(image)
     try:
         gray = cv2.cvtColor(image, cv2.COLOR_BGR2GRAY)
         face_cascade = cv2.CascadeClassifier(cv2.data.haarcascades + 'haarcascade_frontalface_default.xml')
         return []
 def recognize_face_deepface(image, user_id, user_type='student'):
+    """FIXED: Enhanced face recognition with robust error handling"""
     global total_attempts, correct_recognitions, unauthorized_attempts, inference_times
     temp_files = []
         start_time = time.time()
+        # CRITICAL FIX: Ensure image is valid numpy array
+        if not isinstance(image, np.ndarray):
+            print("Invalid image type provided to recognition")
+            return False, "Invalid image format"
+        if image.size == 0:
+            print("Empty image provided to recognition")
+            return False, "Empty image provided"
+        # Save current image temporarily with error handling
         temp_img_path = get_unique_temp_path(f"current_{user_id}")
         temp_files.append(temp_img_path)
+        # FIXED: Add image validation before saving
+        try:
+            success = cv2.imwrite(temp_img_path, image)
+            if not success:
+                return False, "Failed to save input image"
+        except Exception as e:
+            print(f"Error saving input image: {e}")
+            return False, f"Image save error: {str(e)}"
         # Get user's reference image
         if user_type == 'student':
             unauthorized_attempts += 1
             return False, f"No reference face found for {user_type} ID {user_id}"
+        # Save reference image temporarily with validation
         ref_image_bytes = user['face_image']
         ref_image_array = np.frombuffer(ref_image_bytes, np.uint8)
         ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
+        if ref_image is None:
+            return False, "Failed to decode reference image"
         temp_ref_path = get_unique_temp_path(f"ref_{user_id}")
         temp_files.append(temp_ref_path)
+        try:
+            success = cv2.imwrite(temp_ref_path, ref_image)
+            if not success:
+                return False, "Failed to save reference image"
+        except Exception as e:
+            print(f"Error saving reference image: {e}")
+            return False, f"Reference image save error: {str(e)}"
         # Clean up arrays immediately
         del ref_image_array, ref_image
         try:
+            # FIXED: More robust DeepFace call with better error handling
             result = DeepFace.verify(
                 img1_path=temp_img_path,
                 img2_path=temp_ref_path,
                 model_name="Facenet",
+                detector_backend="opencv",  # Use opencv instead of retinaface for stability
+                enforce_detection=False,
+                align=True,
+                distance_metric="cosine"
             )
             is_verified = result["verified"]
             distance = result["distance"]
             inference_time = time.time() - start_time
             inference_times.append(inference_time)
             total_attempts += 1
+            # More lenient threshold for better usability
+            custom_threshold = 0.55  # Increased threshold for better matching
             is_verified_custom = distance < custom_threshold
             if is_verified_custom:
                 return False, f"Face not recognized (distance={distance:.3f}, required < {custom_threshold})"
         except Exception as e:
+            print(f"DeepFace verification error: {e}")
+            return False, f"DeepFace verification error: {str(e)}"
     except Exception as e:
+        print(f"Error in face recognition: {e}")
         return False, f"Error in face recognition: {str(e)}"
     finally:
             liveness_score += 0.1  # No eyes detected but still some base score
         # Factor 2: Image quality assessment (30% weight)
         laplacian_var = cv2.Laplacian(gray, cv2.CV_64F).var()
+        if laplacian_var > 100:
             liveness_score += 0.3
+        elif laplacian_var > 50:
             liveness_score += 0.2
         else:
+            liveness_score += 0.1
         # Factor 3: Face size and position (30% weight)
         face_area = image.shape[0] * image.shape[1]
+        if face_area > 10000:
             liveness_score += 0.3
+        elif face_area > 5000:
             liveness_score += 0.2
         else:
+            liveness_score += 0.1
         # Ensure score is between 0 and 1
         liveness_score = min(1.0, max(0.0, liveness_score))
         del gray
         gc.collect()
         return liveness_score
     np_array = np.frombuffer(image_bytes, np.uint8)
     image = cv2.imdecode(np_array, cv2.IMREAD_COLOR)
     del image_bytes, np_array
     gc.collect()
     return image
 # Token-based session helpers
 def validate_session_token(token):
     """Validate session token and return session data"""
     sessions_collection.insert_one(session_data)
     return token
+# Legacy function for backward compatibility
+def get_face_features(image):
+    return None
+def recognize_face(image, user_id, user_type='student'):
+    return recognize_face_deepface(image, user_id, user_type)
+# Metrics helpers (keeping existing implementation)
 def log_metrics_event(event: dict):
     try:
         metrics_events.insert_one(event)
     except Exception as e:
         print("Failed to log metrics event:", e)
+def log_metrics_event_normalized(*, event: str, attempt_type: str, claimed_id: Optional[str],
+                                recognized_id: Optional[str], liveness_pass: bool, distance: Optional[float],
+                                live_prob: Optional[float], latency_ms: Optional[float], client_ip: Optional[str],
+                                reason: Optional[str] = None):
     if not liveness_pass:
         decision = "spoof_blocked"
     else:
             return redirect(url_for('login_page'))
         image = decode_image(face_image)
+        # FIXED: Add image validation
+        if image is None:
+            flash('Invalid image format received.', 'danger')
+            return redirect(url_for('login_page'))
         if face_role == 'student':
             collection = students_collection
         best_match = None
         best_distance = float('inf')
+        # Use robust face matching
         temp_login_path = get_unique_temp_path("login_image")
+        try:
+            success = cv2.imwrite(temp_login_path, image)
+            if not success:
+                flash('Failed to process face image. Please try again.', 'danger')
+                return redirect(url_for('login_page'))
+        except Exception as e:
+            print(f"Error saving login image: {e}")
+            flash('Error processing face image. Please try again.', 'danger')
+            return redirect(url_for('login_page'))
         try:
             from deepface import DeepFace
             for user in users:
                 try:
+                    ref_image_bytes = user['face_image']
+                    ref_image_array = np.frombuffer(ref_image_bytes, np.uint8)
+                    ref_image = cv2.imdecode(ref_image_array, cv2.IMREAD_COLOR)
+                    if ref_image is None:
+                        continue
+                    temp_ref_path = get_unique_temp_path(f"ref_{user[id_field]}")
+                    success = cv2.imwrite(temp_ref_path, ref_image)
+                    if not success:
+                        continue
+                    # FIXED: Use stable opencv detector
                     result = DeepFace.verify(
                         img1_path=temp_login_path,
                         img2_path=temp_ref_path,
                         model_name="Facenet",
+                        detector_backend="opencv",  # Use opencv instead of retinaface
                         enforce_detection=False,
                         align=True
                     )
                         best_match = user
                     # More lenient threshold for face login
+                    if distance < 0.6:  # Increased threshold for better matching
                         # Create session token
                         token = create_session_token(user[id_field], face_role)
                         flash('Face login successful!', 'success')
                         # Cleanup
+                        if os.path.exists(temp_ref_path):
+                            os.remove(temp_ref_path)
+                        if os.path.exists(temp_login_path):
+                            os.remove(temp_login_path)
                         gc.collect()
                         return redirect(url_for(dashboard_route, token=token))
                 except Exception as e:
                     print(f"Face verification error: {e}")
                     continue
             if os.path.exists(temp_login_path):
         flash(f'Face login failed: {str(e)}', 'danger')
         return redirect(url_for('login_page'))
 @app.route('/dashboard')
 def dashboard():
     token = request.args.get('token')
     if session_data.get('user_type') != 'student':
         return jsonify({'success': False, 'message': 'Invalid user type'})
+    logged_in_student_id = session_data.get('student_id')
     program = data.get('program')
     semester = data.get('semester')
     course = data.get('course')
     face_image = data.get('face_image')
+    if not all([logged_in_student_id, program, semester, course, face_image]):
         return jsonify({'success': False, 'message': 'Missing required data'})
     client_ip = request.remote_addr
         log_metrics_event_normalized(
             event="reject_true",
             attempt_type="impostor",
+            claimed_id=logged_in_student_id,
             recognized_id=None,
             liveness_pass=False,
             distance=None,
             client_ip=client_ip,
             reason="no_face_detected"
         )
+        return jsonify({'success': False, 'message': 'No face detected', 'overlay': overlay})
     # Pick highest-score detection
     best = max(detections, key=lambda d: d["score"])
         log_metrics_event_normalized(
             event="reject_true",
             attempt_type="impostor",
+            claimed_id=logged_in_student_id,
             recognized_id=None,
             liveness_pass=False,
             distance=None,
             client_ip=client_ip,
             reason="failed_crop"
         )
+        return jsonify({'success': False, 'message': 'Failed to crop face', 'overlay': overlay})
+    # 2) Liveness check with lower threshold
     live_prob = simple_liveness_check(face_crop)
+    liveness_threshold = 0.4  # More lenient threshold
     is_live = live_prob >= liveness_threshold
     label = "LIVE" if is_live else "SPOOF"
         log_metrics_event_normalized(
             event="reject_true",
             attempt_type="impostor",
+            claimed_id=logged_in_student_id,
             recognized_id=None,
             liveness_pass=False,
             distance=None,
             'overlay': overlay_data
         })
+    # 3) CRITICAL SECURITY FIX: Verify face belongs to logged-in user
+    success, message = recognize_face_deepface(image, logged_in_student_id, user_type='student')
     total_latency_ms = round((time.time() - t0) * 1000.0, 2)
     # Parse distance from message if available
     except Exception:
         pass
+    # CRITICAL SECURITY CHECK: Only allow attendance if recognized face matches logged-in user
     if not success:
+        reason = "face_mismatch_with_logged_user"
         log_metrics_event_normalized(
+            event="reject_true",
+            attempt_type="impostor",
+            claimed_id=logged_in_student_id,
+            recognized_id=None,
             liveness_pass=True,
             distance=distance_val,
             live_prob=float(live_prob),
             latency_ms=total_latency_ms,
             client_ip=client_ip,
+            reason=reason
         )
+        return jsonify({
+            'success': False,
+            'message': f'SECURITY ALERT: Face does not match logged-in student {logged_in_student_id}. Please ensure you are the correct person marking attendance.',
+            'overlay': overlay_data
+        })
+    # Log successful verification
+    log_metrics_event_normalized(
+        event="accept_true",
+        attempt_type="genuine",
+        claimed_id=logged_in_student_id,
+        recognized_id=logged_in_student_id,
+        liveness_pass=True,
+        distance=distance_val,
+        live_prob=float(live_prob),
+        latency_ms=total_latency_ms,
+        client_ip=client_ip,
+        reason=None
+    )
+    # Save attendance for the LOGGED-IN user (not whoever's face was recognized)
+    attendance_data = {
+        'student_id': logged_in_student_id,  # FIXED: Use logged-in user ID
+        'program': program,
+        'semester': semester,
+        'subject': course,
+        'date': datetime.now().date().isoformat(),
+        'time': datetime.now().time().strftime('%H:%M:%S'),
+        'status': 'present',
+        'created_at': datetime.now()
+    }
+    try:
+        existing_attendance = attendance_collection.find_one({
+            'student_id': logged_in_student_id,
             'subject': course,
+            'date': datetime.now().date().isoformat()
+        })
+        if existing_attendance:
+            return jsonify({
+                'success': False,
+                'message': 'Attendance already marked for this course today',
+                'overlay': overlay_data
             })
+        attendance_collection.insert_one(attendance_data)
+        gc.collect()
+        return jsonify({
+            'success': True,
+            'message': f'Attendance marked successfully for {logged_in_student_id}',
+            'overlay': overlay_data
+        })
+    except Exception as e:
+        return jsonify({
+            'success': False,
+            'message': f'Database error: {str(e)}',
+            'overlay': overlay_data
+        })
 @app.route('/liveness-preview', methods=['POST'])
 def liveness_preview():
             })
         live_prob = simple_liveness_check(face_crop)
+        threshold = 0.4  # Match attendance marking threshold
         label = "LIVE" if live_prob >= threshold else "SPOOF"
         color = (0, 200, 0) if label == "LIVE" else (0, 0, 255)
         draw_live_overlay(vis, (x1e, y1e, x2e, y2e), label, live_prob, color)
         overlay_data = image_to_data_uri(vis)
         del image, vis, face_crop
         gc.collect()
         print("liveness_preview error:", e)
         return jsonify({'success': False, 'message': 'Server error during preview'})
+# --------- LOGOUT ROUTES ---------
 @app.route('/logout')
 def logout():
     token = request.args.get('token')
     flash('You have been logged out', 'info')
     return redirect(url_for('login_page'))
+# --------- DEBUG ROUTES ---------
 @app.route('/health-check')
 @app.route('/health')
 def health_check():
         'platform': 'hugging_face',
         'session_type': 'token_based',
         'proxy_fix': 'enabled',
+        'liveness_threshold': 0.4,
+        'face_detector': 'opencv_stable',
         'timestamp': datetime.now().isoformat()
     }), 200
         'proxy_fix': 'enabled'
     })
 @app.route('/cleanup', methods=['POST'])
 def manual_cleanup():
     """Manual cleanup endpoint for memory management"""
 # MAIN APPLICATION ENTRY POINT
 if __name__ == '__main__':
+    port = int(os.environ.get('PORT', 7860))
+    print(f"Starting Flask app on port {port} with secure token-based authentication")
     app.run(host='0.0.0.0', port=port, debug=False)