An intelligent, AI-powered attendance management system built with facial recognition technology
Features β’ Installation β’ Documentation β’ Contributing β’ Demo
Smart Attendance is a modern, intelligent attendance management system designed for educational institutions. It leverages cutting-edge facial recognition technology to automate attendance tracking, making it faster, more accurate, and significantly easier to manage. The system provides real-time analytics, comprehensive dashboards, and intelligent reporting features for both teachers and students.
- β±οΈ Save Time: Automated attendance marking reduces manual work
- π― Improve Accuracy: AI-powered facial recognition eliminates errors
- π Gain Insights: Real-time analytics and predictive forecasting
- π Stay Secure: OAuth 2.0 authentication with Google Sign-In
- π± Access Anywhere: Responsive design works on all devices
- Features
- Tech Stack
- Prerequisites
- Installation
- Running Tests
- Usage
- Docker Deployment
- Project Structure
- API Documentation
- Screenshots
- Contributing
- Security
- Roadmap
- License
- Support
- Authors
- Acknowledgments
- πΈ Facial Recognition Attendance: Mark attendance using advanced facial recognition through webcam
- π¨βπ« Comprehensive Dashboard: View attendance statistics, trends, and analytics at a glance
- π Real-time Analytics: Monitor total students, daily attendance, and average attendance rates
- π Subject Management: Manage multiple subjects and classes efficiently
- π₯ Student Management: Add, view, and manage student records with attendance percentages
β οΈ At-Risk Detection: Automatically identify students with low attendance (<75%)- π§ Email Notifications: Send automated alerts to students with poor attendance
- π Attendance Reports: Generate and export detailed attendance reports
- βοΈ Teacher Settings: Customize notification preferences and profile settings
- π Google OAuth Login: Secure authentication with Google Sign-In
- π± Student Dashboard: Personal dashboard with attendance overview
- π Subject View: Track attendance across all enrolled subjects
- π Attendance Forecast: Predict future attendance and plan accordingly
- π€ Profile Management: View and update personal information
- π Visual Analytics: Charts and graphs showing attendance trends
- π Low Attendance Alerts: Get notified when attendance falls below threshold
- π¨ Theme Support: Multiple theme options (Light, Dark, Soft) for better user experience
- π± Responsive Design: Seamlessly works across desktop, tablet, and mobile devices
- π OAuth 2.0 Authentication: Secure login with Google integration
- πΎ Cloud Storage: Profile pictures stored securely on Cloudinary
- ποΈ MongoDB Database: Scalable and flexible data storage
- π High Performance: Built with FastAPI for lightning-fast API responses
| Technology | Version | Purpose |
|---|---|---|
| React | 19.2.0 | Modern UI library for building interactive interfaces |
| React Router DOM | 7.9.6 | Client-side routing and navigation |
| Vite | 7.2.4 | Lightning-fast build tool and dev server |
| Tailwind CSS | 4.1.17 | Utility-first CSS framework for styling |
| Material-UI | 7.3.5 | React UI component library |
| Recharts | 3.5.1 | Composable charting library for data visualization |
| React Webcam | 7.2.0 | Webcam component for capturing images |
| Axios | 1.13.2 | Promise-based HTTP client |
| TanStack Query | 5.90.12 | Powerful data fetching and state management |
| Lucide React | 0.555.0 | Beautiful & consistent icon toolkit |
| Technology | Version | Purpose |
|---|---|---|
| FastAPI | 0.115.5 | High-performance Python web framework |
| Uvicorn | 0.32.1 | Lightning-fast ASGI server |
| MongoDB | - | NoSQL database for flexible data storage |
| Motor | - | Asynchronous MongoDB driver for Python |
| PyJWT | - | JSON Web Token implementation |
| Cloudinary | - | Cloud-based image storage and management |
| Passlib | 1.7.4 | Password hashing library |
| Python Dotenv | - | Environment variable management |
| Authlib | - | OAuth and authentication library |
| Technology | Version | Purpose |
|---|---|---|
| FastAPI | 0.115.5 | High-performance Python web framework |
| Uvicorn | 0.32.1 | Lightning-fast ASGI server |
| MediaPipe | 0.10.9 | Face detection and mesh analysis |
| OpenCV | - | Computer vision and image processing |
| NumPy | 1.26.4 | Numerical computing library |
| Pillow | 11.0.0 | Python Imaging Library |
| Scikit-learn | - | Machine learning utilities |
Before you begin, ensure you have the following installed on your system:
- Node.js (v18.0 or higher) - Download
- npm (v8.0 or higher) - Comes with Node.js
- Python (v3.10 or higher) - Download
- pip (Latest version) - Comes with Python
- MongoDB (v5.0 or higher) - Download
- Git - Download
- Modern web browser with webcam support (Chrome, Firefox, Edge, Safari)
- Docker and Docker Compose - For containerized deployment
- Virtual Environment - For Python dependency isolation
git clone https://github.com/nem-web/smart-attendance.git
cd smart-attendancecd server/backend-apiOn Windows:
python -m venv .venv
.venv\Scripts\activateOn macOS/Linux:
python3 -m venv .venv
source .venv/bin/activatepip install --upgrade pip
pip install -r requirements.txtCopy the example environment file and configure it:
cp .env.example .envEdit .env file with your configuration (see Environment Variables section).
Ensure MongoDB is running on your system:
# On Ubuntu/Debian
sudo systemctl start mongod
# On macOS (with Homebrew)
brew services start mongodb-community
# Or run manually
mongod --dbpath /path/to/your/data/directory# From the backend-api directory
python -m app.main
# Or using uvicorn directly
uvicorn app.main:app --reload --host 0.0.0.0 --port 8000The backend API server will start on http://localhost:8000
You can access the interactive API documentation at:
- Swagger UI:
http://localhost:8000/docs - ReDoc:
http://localhost:8000/redoc
cd server/ml-serviceOn Windows:
python -m venv .venv
.venv\Scripts\activateOn macOS/Linux:
python3 -m venv .venv
source .venv/bin/activatepip install --upgrade pip
pip install -r requirements.txtNote: Installing mediapipe and opencv-python-headless may take several minutes. Ensure you have build tools installed if compilation is required.
For Ubuntu/Debian:
sudo apt-get update
sudo apt-get install build-essential cmake python3-devFor macOS:
brew install cmakeCopy the example environment file and configure it:
cp .env.example .envEdit .env file with your configuration.
# From the ml-service directory
python -m app.main
# Or using uvicorn directly
uvicorn app.main:app --reload --host 0.0.0.0 --port 8001The ML service will start on http://localhost:8001
You can access the interactive API documentation at:
- Swagger UI:
http://localhost:8001/docs - ReDoc:
http://localhost:8001/redoc
Open a new terminal window:
cd frontendnpm installIf you encounter any issues, try:
npm install --legacy-peer-depsnpm run devThe frontend application will start on http://localhost:5173
npm run build
npm run previewCreate a .env file in the server/backend-api directory with the following variables:
# MongoDB Configuration
MONGO_URI=mongodb://localhost:27017
MONGO_DB=smart_attendance
# JWT Configuration
JWT_SECRET=your-secret-key-here # Generate with: python -c "import secrets; print(secrets.token_urlsafe(32))"
JWT_ALGORITHM=HS256
JWT_EXPIRES_MINUTES=60
# Session Configuration
SESSION_SECRET_KEY=your-secret-key-here # Generate with: python -c "import secrets; print(secrets.token_urlsafe(32))"
# Email Configuration (for notifications)
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your-email@gmail.com
SMTP_PASS=your-app-specific-password
BACKEND_BASE_URL=http://127.0.0.1:8000
FRONTEND_BASE_URL=http://localhost:5173
# Google OAuth Configuration
GOOGLE_CLIENT_ID=your-google-client-id.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=your-google-client-secret
GOOGLE_REDIRECT_URI=http://127.0.0.1:8000/auth/google/callback
# Cloudinary Configuration (for image storage)
CLOUDINARY_CLOUD_NAME=your-cloudinary-cloud-name
CLOUDINARY_API_KEY=your-cloudinary-api-key
CLOUDINARY_API_SECRET=your-cloudinary-api-secret
# Demo User Credentials (for testing)
TEACHER_EMAIL=teacher@gmail.com
TEACHER_PASSWORD=teacher123
STUDENT_EMAIL=student@gmail.com
STUDENT_PASSWORD=student123Create a .env file in the server/ml-service directory with the following variables:
# Service Configuration
ML_SERVICE_HOST=0.0.0.0
ML_SERVICE_PORT=8001
# Backend API URL (for communication)
BACKEND_API_URL=http://localhost:8000
# Model Configuration (if needed)
# Add any ML model specific configurations hereCreate a .env file in the frontend directory with the following variables:
# Backend API URL
# Development: http://localhost:8000
# Production: Your deployed backend URL (e.g., Render service)
VITE_API_URL=http://localhost:8000Keep-Alive Feature: The frontend automatically implements a background ping mechanism to keep the backend service warm (prevents cold starts on platforms like Render). This ping is triggered on app startup, is non-blocking, and uses the VITE_API_URL configured above. No additional configuration is required.
We maintain a comprehensive testing suite covering Backend, ML Service, and Frontend.
Ensure MongoDB is running locally or set MONGO_URI.
cd server/backend-api
pip install -r requirements.txt
pytest --cov=app --cov-report=term-missingcd server/ml-service
pip install -r requirements.txt
pytest --cov=app --cov-report=term-missingcd frontend
npm install
npm test
# For coverage
npm run test:coverageRequires all services (Backend, ML, Frontend) to be running.
cd frontend
npx playwright install
npx playwright testFor more details, see TESTING.md.
-
JWT_SECRET: Generate a strong random secret:
python -c "import secrets; print(secrets.token_urlsafe(32))" -
Google OAuth:
- Create a project in Google Cloud Console
- Enable Google+ API
- Create OAuth 2.0 credentials
- Add authorized redirect URIs
-
Gmail SMTP:
- Enable 2-factor authentication on your Gmail account
- Generate an App Password
- Use the app password in
SMTP_PASS
-
Cloudinary:
- Sign up at Cloudinary
- Get your credentials from the dashboard
- Navigate to
http://localhost:5173 - Click "Login" or "Register"
- Sign in with Google OAuth or use email/password
- Select "Teacher" role during registration
After logging in, you'll see:
- Total Students: Number of students across all subjects
- Today's Attendance: Attendance marked today
- Average Attendance: Overall attendance percentage
- At-Risk Students: Students with attendance < 75%
- Recent Activity: Latest attendance records
- Navigate to Settings β Subjects
- Click "Add Subject" to create a new subject
- Add subject name, code, and schedule
- Enroll students in subjects
- Go to "Add Students" page
- Enter student details (name, email, roll number)
- Upload student photo for facial recognition
- Click "Submit" to add the student
- Students will receive an email invitation
- Navigate to "Mark Attendance"
- Select the subject from dropdown
- Click "Start Camera" and allow camera access
- Position students in front of the camera
- Click "Capture Photo"
- Click "Mark Attendance"
- System will:
- Detect faces in the image
- Match faces with enrolled students
- Mark attendance automatically
- Show results with confidence scores
- Navigate to "Analytics" page
- View:
- Daily attendance trends
- Subject-wise attendance comparison
- Monthly attendance heatmap
- Student performance charts
- Go to "Reports" page
- Select date range
- Choose subject or all subjects
- Click "Generate Report"
- Export as PDF or CSV
- Navigate to "Settings"
- Update profile information
- Configure email notification preferences
- Set attendance threshold for alerts
- Manage subject and class settings
- Navigate to
http://localhost:5173 - Click "Login" or "Register"
- Sign in with Google OAuth or use email/password
- Select "Student" role during registration
After logging in, view:
- Overall Attendance: Your attendance percentage
- Subject-wise Attendance: Attendance in each subject
- Recent Classes: Latest attendance records
- Alerts: Low attendance warnings
- Navigate to "Subjects"
- See all enrolled subjects
- View attendance percentage per subject
- Check class schedule and timings
- Go to "Forecast" page
- View predicted attendance trends
- See required classes to maintain target percentage
- Plan accordingly to avoid low attendance
- Navigate to "Profile"
- Update personal information
- Change profile picture
- View enrollment details
We provide a specialized Docker setup for both development and production environments.
For detailed instructions, please see DOCKER_DEPLOYMENT.md.
cp env.example .env && docker-compose up --build# Using Makefile
make prod
# Or using Docker Compose directly
docker-compose -f docker-compose.yml -f docker-compose.prod.yml up -dsmart-attendance/
βββ server/ # Backend services
β βββ backend-api/ # Backend API server
β β βββ app/
β β β βββ api/ # API routes
β β β β βββ routes/
β β β β β βββ auth.py # Authentication endpoints
β β β β β βββ students.py # Student management
β β β β β βββ attendance.py # Attendance marking
β β β β β βββ teacher_settings.py # Teacher preferences
β β β β βββ deps.py # API dependencies
β β β βββ core/ # Core configuration
β β β β βββ config.py # App configuration
β β β β βββ security.py # Security utilities
β β β β βββ email.py # Email service
β β β β βββ cloudinary_config.py # Cloud storage config
β β β βββ db/ # Database layer
β β β β βββ mongo.py # MongoDB connection
β β β β βββ models.py # Database models
β β β β βββ base.py # Base repository
β β β β βββ session.py # Session management
β β β β βββ subjects_repo.py # Subject repository
β β β β βββ teacher_settings_repo.py
β β β βββ schemas/ # Pydantic schemas
β β β β βββ user.py # User schemas
β β β β βββ student.py # Student schemas
β β β β βββ teacher.py # Teacher schemas
β β β β βββ auth.py # Authentication schemas
β β β β βββ attendance.py # Attendance schemas
β β β β βββ timetable.py # Timetable schemas
β β β β βββ teacher_settings.py # Settings schemas
β β β βββ services/ # Business logic
β β β β βββ attendance.py # Attendance logic
β β β β βββ students.py # Student management
β β β β βββ subject_service.py # Subject management
β β β β βββ email.py # Email service
β β β β βββ teacher_settings_service.py
β β β βββ utils/ # Utility functions
β β β β βββ jwt_token.py # JWT utilities
β β β β βββ logging.py # Logging configuration
β β β β βββ utils.py # General utilities
β β β βββ main.py # Application entry point
β β βββ tests/ # Test suite
β β βββ .env.example # Environment variables template
β β βββ Dockerfile # Docker configuration
β β βββ requirements.txt # Python dependencies
β β
β βββ ml-service/ # ML facial recognition service
β βββ app/
β β βββ api/ # API routes
β β β βββ routes/
β β β β βββ face.py # Face detection endpoints
β β β βββ deps.py # API dependencies
β β βββ core/ # Core configuration
β β β βββ config.py # App configuration
β β βββ ml/ # ML models and logic
β β β βββ face_detection.py # Face detection using MediaPipe
β β β βββ face_encoding.py # Face encoding
β β β βββ face_matching.py # Face matching logic
β β βββ schemas/ # Pydantic schemas
β β β βββ face.py # Face data schemas
β β βββ utils/ # Utility functions
β β β βββ image.py # Image processing
β β β βββ utils.py # General utilities
β β βββ main.py # Application entry point
β βββ .env.example # Environment variables template
β βββ Dockerfile # Docker configuration
β βββ requirements.txt # Python dependencies
β
βββ frontend/ # Frontend React application
β βββ public/ # Public assets
β β βββ logo.png
β β βββ logo-bg.png
β βββ src/
β β βββ api/ # API client
β β β βββ axios.js # Axios configuration
β β βββ assets/ # Images and resources
β β βββ components/ # Reusable components
β β β βββ Header.jsx # Navigation header
β β β βββ ...
β β βββ hooks/ # Custom React hooks
β β βββ pages/ # Page components
β β β βββ Dashboard.jsx # Teacher dashboard
β β β βββ Login.jsx # Login page
β β β βββ Register.jsx # Registration page
β β β βββ MarkAttendance.jsx # Attendance marking
β β β βββ StudentList.jsx # Student listing
β β β βββ AddStudents.jsx # Add students
β β β βββ Analytics.jsx # Analytics page
β β β βββ Reports.jsx # Reports generation
β β β βββ Settings.jsx # Settings page
β β β βββ OAuthCallback.jsx # OAuth callback
β β βββ students/ # Student portal
β β β βββ pages/
β β β βββ StudentDashboard.jsx
β β β βββ StudentSubjects.jsx
β β β βββ StudentForecast.jsx
β β β βββ StudentProfile.jsx
β β βββ renderer/ # UI renderers
β β βββ theme/ # Theme configuration
β β β βββ ThemeContext.jsx
β β βββ App.jsx # Main app component
β β βββ main.jsx # Application entry
β β βββ index.css # Global styles
β βββ .gitignore
β βββ index.html
β βββ package.json # NPM dependencies
β βββ package-lock.json
β βββ vite.config.js # Vite configuration
β βββ eslint.config.js # ESLint configuration
β βββ postcss.config.js # PostCSS configuration
β βββ vercel.json # Vercel deployment config
β
βββ .github/ # GitHub configuration
β βββ ISSUE_TEMPLATE/
β β βββ bug_report.md
β β βββ feature_request.md
β βββ pull_request_template.md
βββ .gitignore # Git ignore rules
βββ CODE_OF_CONDUCT.md # Code of conduct
βββ CONTRIBUTING.md # Contribution guidelines
βββ README.md # This file
βββ learn.md # Beginner's guide
This project uses versioned API routes under the /api/v1 prefix.
Example:
POST /api/v1/auth/login
To ensure stability for existing clients, legacy routes are still supported without redirection.
Example:
POST /api/auth/login β internally handled as /api/v1/auth/login
OPTIONS) requests in browsers.
Instead of using HTTP redirects (301/302), legacy routes are explicitly mapped to the new versioned routes to prevent CORS issues and maintain compatibility.
New integrations should always use the versioned routes:
/api/v1/...
Legacy routes may be removed in future major releases.
http://localhost:8000
- Swagger UI:
http://localhost:8000/docs - ReDoc:
http://localhost:8000/redoc
All protected endpoints require a JWT token in the Authorization header:
Authorization: Bearer <your-jwt-token>
POST /api/v1/auth/register
Content-Type: application/json
{
"email": "user@example.com",
"password": "securepassword",
"name": "John Doe",
"role": "teacher" // or "student"
}POST /api/v1/auth/login
Content-Type: application/json
{
"email": "user@example.com",
"password": "securepassword"
}Response:
{
"access_token": "eyJhbGciOiJIUzI1NiIs...",
"token_type": "bearer",
"user": {
"id": "507f1f77bcf86cd799439011",
"email": "user@example.com",
"name": "John Doe",
"role": "teacher"
}
}GET /auth/google/loginRedirects to Google OAuth consent screen.
GET /auth/google/callback?code=<authorization-code>GET /api/v1/students
Authorization: Bearer <token>Response:
[
{
"_id": "507f1f77bcf86cd799439011",
"name": "Ravi Kumar",
"email": "ravi@example.com",
"roll_number": "2101",
"profile_image": "https://cloudinary.com/...",
"attendance_percentage": 85.5
}
]POST /api/v1/students
Authorization: Bearer <token>
Content-Type: multipart/form-data
{
"name": "New Student",
"email": "student@example.com",
"roll_number": "2150",
"photo": <file>
}GET /api/v1/students/{student_id}
Authorization: Bearer <token>POST /api/v1/attendance/mark
Authorization: Bearer <token>
Content-Type: application/json
{
"image": "data:image/jpeg;base64,/9j/4AAQSkZJRg...",
"subject_id": "507f1f77bcf86cd799439011"
}Response:
{
"success": true,
"detected": [
{
"student_id": "507f1f77bcf86cd799439011",
"name": "Ravi Kumar",
"roll_number": "2101",
"confidence": 0.95,
"status": "present"
}
],
"not_detected": [
{
"student_id": "507f1f77bcf86cd799439012",
"name": "Priya Singh",
"roll_number": "2102"
}
],
"count": 1,
"timestamp": "2025-01-15T10:30:00"
}GET /api/v1/attendance?subject_id={id}&date={YYYY-MM-DD}
Authorization: Bearer <token>GET /api/v1/attendance/student/{student_id}
Authorization: Bearer <token>GET /api/v1/classes
Authorization: Bearer <token>POST /api/v1/classes
Authorization: Bearer <token>
Content-Type: application/json
{
"name": "Data Structures",
"code": "CS201",
"students": ["507f1f77bcf86cd799439011"]
}GET /api/v1/classes/{subject_id}
Authorization: Bearer <token>POST /api/v1/face/upload
Authorization: Bearer <token>
Content-Type: multipart/form-data
{
"student_id": "507f1f77bcf86cd799439011",
"image": <file>
}POST /api/v1/face/verify
Authorization: Bearer <token>
Content-Type: application/json
{
"student_id": "507f1f77bcf86cd799439011",
"image": "data:image/jpeg;base64,..."
}GET /api/v1/teacher-settings
Authorization: Bearer <token>PUT /api/v1/teacher-settings
Authorization: Bearer <token>
Content-Type: application/json
{
"email_notifications": true,
"attendance_threshold": 75,
"notification_time": "09:00"
}{
"detail": "Invalid request parameters"
}{
"detail": "Could not validate credentials"
}{
"detail": "Resource not found"
}{
"detail": "Internal server error"
}The API implements rate limiting to prevent abuse and ensure fair usage.
POST /auth/login: 10 requests/minute per client IPPOST /auth/register: 5 requests/minute per client IPPOST /api/attendance/mark: 30 requests/minute per teacher (teacher ID from JWT)- All other endpoints: 100 requests/minute per authenticated user (fallback to IP for unauthenticated requests)
| Endpoint | Limit | Description |
|---|---|---|
POST /auth/login |
10 requests/minute | Login attempts per IP |
POST /auth/register |
5 requests/minute | Registration attempts per IP |
POST /api/attendance/mark |
30 requests/minute | Attendance marking per teacher |
| All other endpoints | 100 requests/minute | Default limit per user |
Rate Limit Headers:
X-RateLimit-Limit: Maximum requests allowedX-RateLimit-Remaining: Remaining requests in current windowX-RateLimit-Reset: Unix timestamp when the limit resetsRetry-After: Seconds to wait before retrying (on 429 responses)
Error Response (HTTP 429):
{
"detail": "Rate limit exceeded: 10 per 1 minute"
}All ML service routes require API key authentication via the X-API-Key header and validate it against the ML_API_KEY environment variable.
GET /health
X-API-Key: your-ml-service-api-keyError Response (HTTP 401):
{
"detail": "X-API-Key header is missing"
}or
{
"detail": "Invalid API key"
}Configure the ML service API key using the ML_API_KEY environment variable.
*Comprehensive overview of attendance statistics and analytics*
*Real-time facial recognition attendance marking*
*Manage and view all enrolled students*
*Detailed attendance analytics and reports*
*Student portal with attendance overview*
We love contributions! Smart Attendance is an open-source project and we welcome contributions from developers of all skill levels. Whether you're fixing a bug, adding a feature, or improving documentation, your help is appreciated.
Please read our CONTRIBUTING.md for detailed guidelines on:
- Code of Conduct
- Setting up your development environment
- Making changes and creating pull requests
- Coding standards and best practices
-
Fork the repository
# Click the 'Fork' button on GitHub -
Clone your fork
git clone https://github.com/YOUR-USERNAME/smart-attendance.git cd smart-attendance -
Create a branch
git checkout -b feature/your-feature-name # or git checkout -b fix/your-bug-fix -
Make your changes
- Write clean, well-documented code
- Follow existing code style
- Add tests if applicable
- Update documentation
-
Commit your changes
git add . git commit -m "feat: add amazing feature" # or git commit -m "fix: resolve bug in attendance marking"
-
Push to your fork
git push origin feature/your-feature-name
-
Create a Pull Request
- Go to the original repository
- Click "New Pull Request"
- Select your branch
- Fill in the PR template
- Submit!
- π Bug Fixes: Found a bug? Fix it!
- β¨ New Features: Have an idea? Implement it!
- π Documentation: Improve README, add tutorials
- π¨ UI/UX: Enhance the user interface
- π§ͺ Testing: Add unit tests, integration tests
- βΏ Accessibility: Make the app more accessible
- π Internationalization: Add multi-language support
- β‘ Performance: Optimize code for better performance
- Follow PEP 8 for Python code
- Use ESLint for JavaScript/React code
- Write meaningful commit messages
- Add comments for complex logic
- Update documentation for new features
- Test your changes thoroughly
- Keep PRs focused and small
- π’ Discussions: Join GitHub Discussions
- π Issues: Report bugs or request features
- π¬ Discord: Join our community server (coming soon)
- π§ Email: Contact maintainers for questions
Smart Attendance implements several security measures:
β Implemented:
- JWT-based authentication
- OAuth 2.0 integration with Google
- Password hashing with bcrypt
- CORS protection
- Session management
- Input validation with Pydantic
- Secure environment variable storage
- HTTPS support (in production)
-
Never commit sensitive data to version control
- Use
.envfiles for secrets - Add
.envto.gitignore - Use environment variables in production
- Use
-
Production Deployment:
- Change all default secrets and keys
- Use strong, randomly generated passwords
- Enable HTTPS/TLS
- Set
https_only=Truein SessionMiddleware - Use secure MongoDB connection strings
- Implement rate limiting
- Add CSRF protection
- Use security headers (Helmet.js equivalent)
-
Database Security:
- Use MongoDB authentication
- Restrict database access to backend only
- Regular backups
- Encrypt sensitive data at rest
-
Face Recognition Data:
- Face embeddings are stored securely
- Images are processed and discarded (not stored permanently)
- Profile pictures stored on Cloudinary with access control
If you discover a security vulnerability, please:
- Do NOT open a public issue
- Email the maintainers privately
- Provide detailed information about the vulnerability
- Allow time for a fix before public disclosure
We take security seriously and will respond promptly to all reports.
- Basic facial recognition attendance
- Teacher and student dashboards
- MongoDB integration
- Google OAuth login
- Subject management
- Attendance analytics
- Email notifications
- Reports generation
- Attendance geofencing
- QR code backup attendance
- Multi-language support
- Video-based attendance (process video feed)
- Biometric integration
- Parent portal
- Mobile notifications (Push)
- Offline mode support
- Multi-institution support
- API marketplace for third-party integrations
- Blockchain-based attendance records
- Advanced fraud detection
- Virtual/Remote class support with Zoom/Meet integration
- Custom attendance policies per subject
- Proxy detection using advanced AI
- Attendance appeals/corrections workflow
- Integration with ID card systems
- Exam hall attendance mode
- Leave management system
Want to contribute to any of these? Check out our issues page!
This project is licensed under the MIT License - see the LICENSE file for details.
MIT License
Copyright (c) 2025 nem-web
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
If you need help or have questions:
- π Documentation: Read this README and learn.md
- π Bug Reports: Open an issue
- π‘ Feature Requests: Request a feature
- π¬ Discussions: GitHub Discussions
- π§ Email: Contact the maintainers
- π Community: Join our Discord server (coming soon)
Q: Does this work on mobile devices?
A: Yes! The web app is fully responsive and works on mobile browsers.
Q: Can I use this for my school/college?
A: Absolutely! This is open-source software. Just follow the installation guide.
Q: Is facial recognition accurate?
A: The system uses MediaPipe for face detection with high accuracy. However, lighting and camera quality affect results.
Q: Do I need a GPU for face recognition?
A: No, CPU is sufficient for small-scale deployments. GPU recommended for 100+ students.
Q: Can I customize the attendance threshold?
A: Yes, teachers can set custom thresholds in Settings.
Q: Is the data secure?
A: Yes, we use industry-standard security practices. See the Security section.
- Nemchand - Project Creator & Lead Developer - GitHub
- Suvam Paul - Project Maintainer & Mentor - GitHub
- Aditya Dattatreya - Project Maintainer & Mentor - GitHub
A big thank you to all our contributors! π
Want to see your name here? Check out our Contributing Guide!
Special thanks to:
- FastAPI team for the amazing framework
- React team for the powerful UI library
- MediaPipe team for the face detection library
- All our open-source contributors
- Educational institutions testing this system
- The open-source community for invaluable feedback
- FastAPI - Modern Python web framework
- React - JavaScript library for user interfaces
- MongoDB - NoSQL database
- MediaPipe - Face detection and analysis
- OpenCV - Computer vision library
- Tailwind CSS - Utility-first CSS framework
- Vite - Next-generation frontend tooling
- Cloudinary - Media management platform
- Frontend Demo: https://studentcheck.vercel.app
- UI Design Preview: https://app.banani.co/preview/n08pleRdJIZY
- API Documentation: Available at
/docsendpoint when running locally
Teacher Account:
Email: teacher@gmail.com
Password: teacher123
Student Account:
Email: student@gmail.com
Password: student123
Note: Demo deployment may have limited features. For full functionality, run locally.
Made with β€οΈ for better education management