ProctorX — Online Exam Proctoring System

AI-powered exam proctoring with webcam monitoring, anti-cheat enforcement, and a full admin panel. Built with Flask + SQLite.

---

Quick Start

# 1. Install dependencies
pip install -r requirements.txt

# 2. Run the app (DB + demo data created automatically on first run)
python app.py

# 3. Open in browser
#    Student portal : http://localhost:5000
#    Admin panel    : http://localhost:5000/admin/login

---

Demo Credentials

Role	Username / ID	Password
Admin	admin	admin123
Student	STU001	alice123
Student	STU002	bob123
Student	STU003	carol123

---

Project Structure

proctoring/
├── app.py                  # App factory + seeding
├── extensions.py           # db, login_manager
├── models.py               # ORM: Student, Admin, Question, ExamResult, ViolationLog
├── requirements.txt
├── routes/
│   ├── auth.py             # /login  /admin/login  /logout
│   ├── exam.py             # /exam/  /exam/start   /exam/submit
│   ├── proctor.py          # /proctor/violation    /proctor/status
│   └── admin.py            # /admin/ /admin/violations /admin/student/<id>
├── static/
│   ├── css/main.css        # All styles (dark industrial theme)
│   └── js/exam.js          # Timer, anti-cheat, camera, submit
└── templates/
    ├── base.html
    ├── login.html           # Student login
    ├── dashboard.html       # Pre-exam / result view
    ├── exam.html            # Exam interface
    ├── admin_login.html
    ├── admin_dashboard.html # Results table
    ├── admin_violations.html
    └── admin_student.html   # Per-student detail

---

Features

Authentication

• Student login with ID + password (Werkzeug password hashing)
• Admin login with separate credentials
• Session-based auth via Flask-Login
• Duplicate login prevention — is_online flag blocks a second login

Exam Engine

• 15 Python MCQ questions (seeded automatically)
• Configurable duration + violation limit (ExamConfig table)
• Countdown timer with SVG ring animation (urgent/warn colour states)
• Question navigator sidebar with answered/current indicators
• One-attempt restriction — re-submission redirected

Anti-Cheat (JavaScript)

Mechanism	Implementation
Tab switch	Page Visibility API — visibilitychange event
Back/fwd nav	history.pushState + popstate trap
Copy / paste / cut	Event listeners + preventDefault()
Keyboard shortcuts	Ctrl+C/V/X/A/U/S/P, F12, PrintScreen blocked
Right-click	contextmenu disabled
Auto-submit on N violations	Server returns auto_submit: true
Auto-submit on timer	timeLeft <= 0 → submitExam(true)

Camera Monitoring (Browser-side)

• WebRTC getUserMedia — no plugin needed
• Every 3 seconds, a 80×60 frame is sampled from the video feed
• Skin-tone pixel heuristic (Kovac et al.) estimates face presence:
  • skinRatio < 4% → "No face" violation logged
  • skinRatio > 55% → "Multiple faces" violation logged
  • darkRatio > 85% → "Too dark / camera covered" violation logged
• For production, swap analyseFacePresence() with face-api.js TinyFaceDetector or a server-side OpenCV endpoint receiving periodic JPEG snapshots

Violation Logging

Every suspicious event → ViolationLog row: tab_switch, no_face, multiple_faces, copy_attempt, back_nav, camera_denied

Admin Panel

• Results table with pass/fail badges, percentage bar, auto-submit flag
• Full violation log with timestamps
• Per-student detail: score breakdown + complete answer sheet

---

Production Upgrade Notes

1. Replace SQLite with PostgreSQL (SQLALCHEMY_DATABASE_URI = 'postgresql://...')
2. Use a real ML face detector — face-api.js or MediaPipe in the browser
3. Set a real SECRET_KEY from an environment variable
4. Add HTTPS — session security requires TLS in production
5. Run with Gunicorn: gunicorn -w 4 "app:create_app()"