feat(core): implement basic auth and image management system(Github based Image storage)

[Ramzan-Khan-786]

Description

This PR introduces the "Phase 1" core architecture for the BHV platform, designed to be the "Beehive-2.0" replacement. It establishes a minimal, lightweight Flask structure with secure authentication and a unique GitHub-based storage engine, aligning with the project's goal of simplified deployment for community clinics.

Type of Change

• New feature (non-breaking change which adds functionality)

Changes Made

• Authentication & Security:

  • Implemented Google OAuth 2.0 and standard Email/Password login.
  • Added Session management and Role-Based Access Control (RBAC).

• Dashboard Architecture:

  • Admin Dashboard: Centralized view for system statistics and moderation.
  • User Dashboard: Profile management and personal image uploads.

• Storage Engine (Core Requirement):

  • Implemented GitHub API Integration: As per the project requirements, images are not stored in complex buckets but are programmatically pushed to a GitHub repository. This ensures version control and ease of data management.
  • Added logic for file validation, upload, and deletion via the GitHub API.

• Database:

  • Configured MongoDB (Atlas) for efficient storage of user metadata and narrative references.

Live Deployment

I have deployed the Phase 1 version to Render for live testing. You can access the application here:

🔗 Live Demo: https://bhv-hh7s.onrender.com/

Future Roadmap (GSoC Timeline)

If selected for GSoC, my main focus for the next phase is the Research & Analysis Module:

• Fuzzy Logic & Emotion Detection: I plan to implement the Color-Emotion Association Model (inspired by the referenced paper). This will allow researchers to analyze color palettes in user-submitted images and correlate them with self-reported emotions.
• Current Status: I have not started coding this part yet, but I’ve done the homework. I have the workflow and logic mapped out in my notes, and I will be including the full technical breakdown in my upcoming GSoC proposal. I am really looking forward to discussing that approach with you!

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes

[gemini-code-assist]

Summary of Changes

Hello @Ramzan-Khan-786, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request lays the groundwork for the BHV platform by implementing its core architecture. It focuses on establishing secure user authentication mechanisms, including Google OAuth, and a novel image management system that leverages GitHub for storage. The changes also introduce foundational dashboards for different user roles and integrate with MongoDB for data persistence, ensuring a scalable and secure base for future development.

Highlights

• Authentication System: Implemented both standard Email/Password login and Google OAuth 2.0 for user authentication, alongside session management and Role-Based Access Control (RBAC).
• GitHub-based Image Storage: A unique image management system was developed that uses the GitHub API to store images in repositories, ensuring version control and simplified data management, rather than traditional cloud storage buckets.
• Dashboards and Analytics: Introduced dedicated dashboards for both administrators (overview of system statistics, user uploads, and analytics) and regular users (profile management and personal image uploads). An admin analytics dashboard provides sentiment distribution, upload trends, and user activity reports with Excel export.
• Core Architecture & Database: Established a minimal Flask application structure, integrated with MongoDB Atlas for efficient storage of user metadata and image references. Enhanced security with CSRF protection, rate limiting, and a robust Content Security Policy.
• Comprehensive Developer Documentation: Added a detailed DEVELOPER.md guide covering local setup, environment configuration for MongoDB, Google OAuth, GitHub, and deployment instructions for Render.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/tests.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This is a substantial pull request that lays the foundational architecture for the new BHV platform. The introduction of Flask, authentication via Google OAuth and email, role-based access control, and the unique GitHub-based image storage system are all significant and well-structured additions. My review focuses on several critical security vulnerabilities that need to be addressed, along with issues related to data consistency, production readiness, and documentation. Overall, it's a great start, and addressing these points will significantly improve the security and robustness of the application.