All files added

.gitignore

@@ -0,0 +1,38 @@
+# Python / Django
+__pycache__/
+*.py[cod]
+*$py.class
+
+# Virtual Environment (Very Important)
+venv/
+env/
+.venv/
+
+# Environment Variables (Security)
+.env
+.env.local
+.env.example
+
+# Database (If using SQLite)
+db.sqlite3
+db.sqlite3-journal
+
+# Local Settings
+*/settings/local.py
+
+# Static and Media files (User uploads should not be in git)
+media/
+static/
+staticfiles/
+
+# VS Code / Editor settings
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# Mac System Files
+.DS_Store
+
+# Logs
+*.log

api/admin.py

@@ -0,0 +1,23 @@
+from django.contrib import admin
+from .models import UserProfile, TestResult
+
+# Register the UserProfile model so you can change roles
+@admin.register(UserProfile)
+class UserProfileAdmin(admin.ModelAdmin):
+    # Columns to show in the list
+    list_display = ('user', 'email_display', 'role', 'full_name', 'phone')
+    # Filters on the right sidebar
+    list_filter = ('role', 'state')
+    # Search box functionality
+    search_fields = ('user__username', 'user__email', 'full_name')
+
+    # Helper to show email from the related User model
+    def email_display(self, obj):
+        return obj.user.email
+    email_display.short_description = 'Email'
+
+# Register the TestResult model to see patient scans
+@admin.register(TestResult)
+class TestResultAdmin(admin.ModelAdmin):
+    list_display = ('patient', 'result', 'confidence_score', 'date_tested')
+    list_filter = ('result', 'risk_level', 'date_tested')

api/apps.py

@@ -0,0 +1,5 @@
+from django.apps import AppConfig
+
+
+class ApiConfig(AppConfig):
+    name = 'api'

api/authentication.py

@@ -0,0 +1,75 @@
+from rest_framework import authentication, exceptions
+from supabase import create_client, Client
+from django.conf import settings
+from django.contrib.auth.models import User
+from .models import UserProfile
+
+# 1. DRF Authentication Class (Keep this, it's good practice)
+class SupabaseAuthentication(authentication.BaseAuthentication):
+    def authenticate(self, request):
+        auth_header = request.headers.get('Authorization')
+        if not auth_header:
+            return None
+
+        try:
+            token = auth_header.split(' ')[1]
+            supabase: Client = create_client(settings.SUPABASE_URL, settings.SUPABASE_KEY)
+            
+            user_data = supabase.auth.get_user(token)
+            if not user_data:
+                raise exceptions.AuthenticationFailed('Invalid token')
+            
+            uid = user_data.user.id
+            email = user_data.user.email
+
+            user, created = User.objects.get_or_create(username=uid, defaults={'email': email})
+            return (user, None)
+            
+        except Exception as e:
+            raise exceptions.AuthenticationFailed(f'Authentication failed: {str(e)}')
+
+# 2. MISSING FUNCTIONS (Add these to fix the ImportError)
+
+def authenticate_user(email, password):
+    """
+    Logs in the user via Supabase and returns the access token.
+    Used by the 'login' view.
+    """
+    supabase: Client = create_client(settings.SUPABASE_URL, settings.SUPABASE_KEY)
+    try:
+        response = supabase.auth.sign_in_with_password({
+            "email": email, 
+            "password": password
+        })
+        # Return the access token string
+        return response.session.access_token
+    except Exception as e:
+        print(f"❌ Login failed: {e}")
+        return None
+
+def get_user_from_token(request):
+    """
+    Manually extracts the user from the request headers.
+    Used by 'patient_dashboard' and 'upload_xray'.
+    """
+    auth_header = request.headers.get('Authorization')
+    if not auth_header:
+        return None
+        
+    try:
+        token = auth_header.split(' ')[1]
+        supabase: Client = create_client(settings.SUPABASE_URL, settings.SUPABASE_KEY)
+        
+        user_data = supabase.auth.get_user(token)
+        if not user_data:
+            return None
+            
+        # Sync with Django User model (required for Foreign Keys in TestResult)
+        uid = user_data.user.id
+        email = user_data.user.email
+        user, _ = User.objects.get_or_create(username=uid, defaults={'email': email})
+        
+        return user
+    except Exception as e:
+        print(f"❌ Token extraction failed: {e}")
+        return None

api/email_utils.py

@@ -0,0 +1,131 @@
+import os
+import base64
+from sendgrid import SendGridAPIClient
+from sendgrid.helpers.mail import (
+    Mail, Attachment, FileContent, FileName, FileType, Disposition
+)
+from django.conf import settings
+from datetime import datetime
+
+# --- CONFIGURATION ---
+# 1. HARDCODE YOUR KEY HERE FOR TESTING (Remove before deploying to GitHub)
+SENDGRID_API_KEY = os.environ.get('SENDGRID_API_KEY') # <--- PASTE YOUR KEY HERE inside quotes
+SENDER_EMAIL = "gamingyash54@gmail.com"  # <--- MUST match the Single Sender you verified
+# ---------------------
+
+def send_html_email(subject, recipient_list, html_content, pdf_buffer=None, filename="Report.pdf"):
+    """
+    Sends an email using SendGrid API (Bypasses Gmail SMTP).
+    """
+    # 1. Create the email object
+    message = Mail(
+        from_email=SENDER_EMAIL,
+        to_emails=recipient_list,
+        subject=subject,
+        html_content=html_content
+    )
+
+    # 2. Attach the PDF if it exists
+    if pdf_buffer:
+        # SendGrid requires the file to be encoded in Base64 string
+        encoded_file = base64.b64encode(pdf_buffer.getvalue()).decode()
+        
+        attachment = Attachment(
+            FileContent(encoded_file),
+            FileName(filename),
+            FileType('application/pdf'),
+            Disposition('attachment')
+        )
+        message.attachment = attachment
+
+    # 3. Send via API
+    try:
+        print(f"🚀 Sending email via SendGrid to {recipient_list}...")
+        
+        sg = SendGridAPIClient(SENDGRID_API_KEY)
+        response = sg.send(message)
+        
+        print(f"✅ SendGrid Status: {response.status_code}")
+        
+        if response.status_code in [200, 201, 202]:
+            print("SUCCESS: Email sent!")
+        else:
+            print(f"WARNING: Unexpected status code {response.status_code}")
+            
+    except Exception as e:
+        print(f"❌ SendGrid Failed: {str(e)}")
+        if hasattr(e, 'body'):
+            print(f"Error Body: {e.body}")
+        raise e # Re-raise to alert the frontend
+
+def get_medical_email_template(patient_name, test_date, risk_level, confidence):
+    """
+    Returns the HTML email body.
+    """
+    # Define colors
+    if risk_level in ["High", "Medium"]:
+        color = "#e11d48" # Red
+        icon = "⚠️"
+    else:
+        color = "#059669" # Green
+        icon = "✅"
+        
+    dashboard_link = "https://respirex.vercel.app" # Change to your Vercel URL later
+
+    return f"""
+    <div style="font-family: Arial, sans-serif; max-width: 600px; margin: 0 auto; border: 1px solid #eee; border-radius: 8px;">
+        <div style="background-color: #0f172a; color: white; padding: 20px; text-align: center;">
+            <h2 style="margin:0;">RespireX Report</h2>
+        </div>
+        <div style="padding: 30px;">
+            <h3>Hello {patient_name},</h3>
+            <p>Your analysis from {test_date} is complete.</p>
+            
+            <div style="background: #f8fafc; padding: 15px; border-radius: 6px; margin: 20px 0;">
+                <p><strong>Result:</strong> <span style="color: {color}; font-weight: bold;">{icon} {risk_level} Risk</span></p>
+                <p><strong>AI Confidence:</strong> {confidence}%</p>
+            </div>
+            
+            <p>Please find the detailed PDF report attached.</p>
+            
+            <div style="text-align: center; margin-top: 30px;">
+                <a href="{dashboard_link}" style="background-color: #2563eb; color: white; padding: 12px 24px; text-decoration: none; border-radius: 6px; font-weight: bold;">Login to Dashboard</a>
+            </div>
+        </div>
+    </div>
+    """
+
+def send_test_result_email(user_email, prediction):
+    """
+    Orchestrates sending the test result email.
+    Handles both dict (future) and tuple (current ml_engine) formats.
+    """
+    # 1. Extract data safely
+    if isinstance(prediction, dict):
+        label = prediction.get('label', 'Analysis Complete')
+        confidence = prediction.get('confidence', 0)
+        # Estimate risk if missing
+        risk_level = "High" if label == "Positive" else "Low"
+    elif isinstance(prediction, (tuple, list)) and len(prediction) >= 3:
+        # Handle tuple from ml_engine.py: (result, confidence, risk_level)
+        label = prediction[0]
+        confidence = prediction[1]
+        risk_level = prediction[2]
+    else:
+        label = "Unknown"
+        confidence = 0
+        risk_level = "Low"
+
+    # 2. Prepare Email
+    subject = f"RespireX Result: {label}"
+    date_str = datetime.now().strftime("%B %d, %Y")
+    
+    html_content = get_medical_email_template(
+        patient_name="Valued Patient", 
+        test_date=date_str, 
+        risk_level=risk_level, 
+        confidence=confidence
+    )
+
+    # 3. Send
+    send_html_email(subject, [user_email], html_content)

api/migrations/0001_initial.py

@@ -0,0 +1,43 @@
+# Generated by Django 6.0 on 2025-12-31 19:56
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='UserProfile',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('role', models.CharField(choices=[('patient', 'Patient'), ('doctor', 'Doctor')], max_length=10)),
+                ('state', models.CharField(blank=True, max_length=100)),
+                ('city', models.CharField(blank=True, max_length=100)),
+                ('license_number', models.CharField(blank=True, max_length=50, null=True)),
+                ('age', models.IntegerField(blank=True, null=True)),
+                ('gender', models.CharField(blank=True, max_length=20)),
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='profile', to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='TestResult',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('xray_image_url', models.URLField()),
+                ('date_tested', models.DateTimeField(auto_now_add=True)),
+                ('result', models.CharField(choices=[('Positive', 'Positive'), ('Negative', 'Negative')], max_length=20)),
+                ('confidence_score', models.FloatField()),
+                ('risk_level', models.CharField(choices=[('High', 'High'), ('Medium', 'Medium'), ('Low', 'Low')], max_length=20)),
+                ('symptoms_data', models.JSONField(default=dict)),
+                ('patient', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='test_results', to='api.userprofile')),
+            ],
+        ),
+    ]

api/migrations/0002_userprofile_address_userprofile_full_name_and_more.py

@@ -0,0 +1,28 @@
+# Generated by Django 6.0 on 2026-01-01 09:38
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='userprofile',
+            name='address',
+            field=models.TextField(blank=True),
+        ),
+        migrations.AddField(
+            model_name='userprofile',
+            name='full_name',
+            field=models.CharField(blank=True, max_length=200),
+        ),
+        migrations.AddField(
+            model_name='userprofile',
+            name='phone',
+            field=models.CharField(blank=True, max_length=20),
+        ),
+    ]

api/ml_engine.py

@@ -0,0 +1,69 @@
+import os
+import numpy as np
+import tensorflow as tf
+from PIL import Image
+from django.conf import settings
+
+# Define the path to the model
+MODEL_PATH = os.path.join(settings.BASE_DIR, 'model', 'efficientnet_b0.h5')
+model = None
+
+# Load the model once when the server starts
+try:
+    model = tf.keras.models.load_model(MODEL_PATH)
+    print("✅ ML Model Loaded Successfully")
+except Exception as e:
+    print(f"⚠️ ML Model not found or error loading: {e}. Using dummy mode.")
+
+def predict_xray(image_file):
+    """
+    Predicts if an X-ray image is Positive (Tuberculosis) or Negative (Normal).
+    """
+    if not model:
+        # Dummy fallback if model didn't load
+        return "Negative", 85.5, "Low" 
+        
+    try:
+        # 1. Load and Preprocess Image
+        # Convert to RGB to ensure 3 channels
+        img = Image.open(image_file).convert('RGB')
+        
+        # Resize to 128x128 (Must match your training notebook size)
+        img = img.resize((128, 128))
+        
+        # Convert to array and add batch dimension
+        img_array = tf.keras.preprocessing.image.img_to_array(img)
+        img_array = np.expand_dims(img_array, axis=0)
+        
+        # CRITICAL FIX: Normalize pixel values to 0-1 range
+        img_array = img_array / 255.0
+        
+        # 2. Make Prediction
+        # Expected output shape: [[prob_normal, prob_tb]]
+        prediction = model.predict(img_array)
+        
+        # Get the class with the highest probability
+        # Class 0 = Normal, Class 1 = Tuberculosis
+        class_idx = np.argmax(prediction, axis=1)[0]
+        confidence = float(np.max(prediction))
+        
+        # 3. Interpret Results
+        if class_idx == 1:
+            result = "Positive"  # Tuberculosis detected
+            
+            if confidence > 0.8:
+                risk_level = "High"
+            elif confidence >= 0.5:
+                risk_level = "Medium"
+            else:
+                risk_level = "Low"
+        else:
+            result = "Negative"  # Normal
+            risk_level = "Low"
+
+        return (result, round(confidence * 100, 2), risk_level)
+
+    except Exception as e:
+        print(f"❌ Error processing image: {e}")
+        # Return error state or safe default
+        return "Error", 0.0, "Low"

api/models.py

@@ -0,0 +1,47 @@
+from django.db import models
+from django.contrib.auth.models import User
+
+class UserProfile(models.Model):
+    ROLE_CHOICES = (('patient', 'Patient'), ('doctor', 'Doctor'))
+    
+    user = models.OneToOneField(User, on_delete=models.CASCADE, related_name='profile')
+    role = models.CharField(max_length=10, choices=ROLE_CHOICES)
+    
+    # Common fields
+    # --- NEW FIELDS ADDED HERE ---
+    full_name = models.CharField(max_length=200, blank=True)
+    phone = models.CharField(max_length=20, blank=True)
+    address = models.TextField(blank=True)
+    # -----------------------------
+    
+    state = models.CharField(max_length=100, blank=True)
+    city = models.CharField(max_length=100, blank=True)
+    
+    # Doctor specific
+    license_number = models.CharField(max_length=50, blank=True, null=True)
+    
+    # Patient specific
+    age = models.IntegerField(null=True, blank=True)
+    gender = models.CharField(max_length=20, blank=True)
+
+    def __str__(self):
+        return f"{self.user.username} - {self.role}"
+
+class TestResult(models.Model):
+    RESULT_CHOICES = (('Positive', 'Positive'), ('Negative', 'Negative'))
+    RISK_CHOICES = (('High', 'High'), ('Medium', 'Medium'), ('Low', 'Low'))
+    
+    patient = models.ForeignKey(UserProfile, on_delete=models.CASCADE, related_name='test_results')
+    xray_image_url = models.URLField()
+    date_tested = models.DateTimeField(auto_now_add=True)
+    
+    # Prediction Data
+    result = models.CharField(max_length=20, choices=RESULT_CHOICES)
+    confidence_score = models.FloatField()
+    risk_level = models.CharField(max_length=20, choices=RISK_CHOICES)
+    
+    # Storing symptoms as a JSON object for flexibility
+    symptoms_data = models.JSONField(default=dict)
+
+    def __str__(self):
+        return f"{self.patient.user.username} - {self.result} ({self.date_tested})"

api/serializers.py

@@ -0,0 +1,54 @@
+from rest_framework import serializers
+from .models import UserProfile, TestResult
+from django.contrib.auth.models import User
+
+class UserProfileSerializer(serializers.ModelSerializer):
+    email = serializers.EmailField(source='user.email', read_only=True)
+    
+    class Meta:
+        model = UserProfile
+        # Add the new fields to the serializer
+        fields = ['id', 'email', 'full_name', 'phone', 'address', 'role', 'state', 'city', 'age', 'gender', 'license_number']
+
+class TestResultSerializer(serializers.ModelSerializer):
+    # Use full_name if available, otherwise fallback to email
+    patient_name = serializers.SerializerMethodField()
+    
+    # Fetch extra patient details
+    email = serializers.CharField(source='patient.user.email', read_only=True) 
+    
+    state = serializers.CharField(source='patient.state', read_only=True)
+    city = serializers.CharField(source='patient.city', read_only=True)
+    age = serializers.IntegerField(source='patient.age', read_only=True)
+    gender = serializers.CharField(source='patient.gender', read_only=True)
+    phone = serializers.CharField(source='patient.phone', read_only=True)
+
+    # OVERRIDE the model field to dynamically calculate risk level for ALL records (old and new)
+    risk_level = serializers.SerializerMethodField()
+
+    class Meta:
+        model = TestResult
+        fields = '__all__'
+        
+    def get_patient_name(self, obj):
+        # Return full_name if it exists, else return email
+        if obj.patient.full_name:
+            return obj.patient.full_name
+        return obj.patient.user.email
+
+    def get_risk_level(self, obj):
+        """
+        Dynamically calculates Risk Level based on Confidence Score.
+        This ensures 'Medium' is returned for 50-80% even if the DB says 'Low'.
+        """
+        if obj.result == 'Negative':
+            return 'Low'
+        
+        # Positive Case Logic
+        # obj.confidence_score is stored as 0-100 float
+        if obj.confidence_score > 80:
+            return 'High'
+        elif obj.confidence_score >= 50:
+            return 'Medium'
+        else:
+            return 'Low'

api/storage.py

@@ -0,0 +1,15 @@
+from supabase import create_client
+from django.conf import settings
+import uuid
+
+def upload_to_supabase(image_file):
+    supabase = create_client(settings.SUPABASE_URL, settings.SUPABASE_KEY)
+    filename = f"{uuid.uuid4()}.{image_file.name.split('.')[-1]}"
+    file_content = image_file.read()
+    
+    supabase.storage.from_("xrays").upload(
+        file=file_content,
+        path=filename,
+        file_options={"content-type": image_file.content_type}
+    )
+    return supabase.storage.from_("xrays").get_public_url(filename)

api/templates/email/test_result.html

@@ -0,0 +1,150 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>RespireX Test Results</title>
+</head>
+<body style="margin: 0; padding: 0; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif; background-color: #f0f4f8;">
+    <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="100%" style="background-color: #f0f4f8; padding: 40px 20px;">
+        <tr>
+            <td align="center">
+                <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="600" style="max-width: 600px; background-color: #ffffff; border-radius: 16px; overflow: hidden; box-shadow: 0 10px 25px rgba(0,0,0,0.1);">
+                    
+                    <!-- Header -->
+                    <tr>
+                        <td style="background: linear-gradient(135deg, #3b82f6 0%, #06b6d4 100%); padding: 40px 30px; text-align: center;">
+                            <h1 style="margin: 0; color: #ffffff; font-size: 32px; font-weight: 700; letter-spacing: -0.5px;">RespireX</h1>
+                            <p style="margin: 10px 0 0; color: rgba(255,255,255,0.9); font-size: 14px; font-weight: 500;">AI-Powered Tuberculosis Detection</p>
+                        </td>
+                    </tr>
+                    
+                    <!-- Result Banner -->
+                    <tr>
+                        <td style="padding: 0;">
+                            <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="100%" style="background-color: {{ banner_bg }}; padding: 24px 30px; border-left: 6px solid {{ banner_border }};">
+                                <tr>
+                                    <td width="80" style="vertical-align: middle; text-align: center;">
+                                        <div style="width: 50px; height: 50px; background-color: {{ icon_bg }}; border-radius: 50%; margin: 0 auto; line-height: 50px; text-align: center;">
+                                            <span style="font-size: 28px;">{{ icon }}</span>
+                                        </div>
+                                    </td>
+                                    <td style="vertical-align: middle; padding-left: 20px;">
+                                        <h2 style="margin: 0; color: #1f2937; font-size: 24px; font-weight: 700;">{{ result }} Result</h2>
+                                        <p style="margin: 5px 0 0; color: #4b5563; font-size: 14px;">Test completed on {{ test_date }}</p>
+                                    </td>
+                                </tr>
+                            </table>
+                        </td>
+                    </tr>
+                    
+                    <!-- Greeting -->
+                    <tr>
+                        <td style="padding: 30px 30px 20px;">
+                            <p style="margin: 0; color: #1f2937; font-size: 16px; line-height: 1.6;">Dear <strong>{{ patient_name }}</strong>,</p>
+                            <p style="margin: 15px 0 0; color: #4b5563; font-size: 15px; line-height: 1.7;">{{ message }}</p>
+                        </td>
+                    </tr>
+                    
+                    <!-- Test Details -->
+                    <tr>
+                        <td style="padding: 20px 30px;">
+                            <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="100%" style="background-color: #f9fafb; border-radius: 12px; overflow: hidden;">
+                                <tr>
+                                    <td style="padding: 20px;">
+                                        <h3 style="margin: 0 0 15px; color: #1f2937; font-size: 18px; font-weight: 600;">Test Summary</h3>
+                                        
+                                        <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="100%" style="margin-bottom: 12px;">
+                                            <tr>
+                                                <td style="padding: 8px 0;"><span style="color: #6b7280; font-size: 14px;">Result:</span></td>
+                                                <td align="right" style="padding: 8px 0;">
+                                                    <span style="background-color: {{ result_badge_bg }}; color: {{ result_badge_color }}; padding: 4px 12px; border-radius: 20px; font-size: 14px; font-weight: 600;">{{ result }}</span>
+                                                </td>
+                                            </tr>
+                                        </table>
+                                        
+                                        <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="100%" style="margin-bottom: 12px;">
+                                            <tr>
+                                                <td style="padding: 8px 0;"><span style="color: #6b7280; font-size: 14px;">Confidence Score:</span></td>
+                                                <td align="right" style="padding: 8px 0;">
+                                                    <span style="color: #1f2937; font-size: 18px; font-weight: 700;">{{ confidence }}%</span>
+                                                </td>
+                                            </tr>
+                                        </table>
+                                        
+                                        <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="100%">
+                                            <tr>
+                                                <td style="padding: 8px 0;"><span style="color: #6b7280; font-size: 14px;">Risk Level:</span></td>
+                                                <td align="right" style="padding: 8px 0;">
+                                                    <span style="background-color: {{ risk_badge_bg }}; color: {{ risk_badge_color }}; padding: 4px 12px; border-radius: 20px; font-size: 14px; font-weight: 600;">{{ risk_level }}</span>
+                                                </td>
+                                            </tr>
+                                        </table>
+                                    </td>
+                                </tr>
+                            </table>
+                        </td>
+                    </tr>
+                    
+                    <!-- Next Steps -->
+                    <tr>
+                        <td style="padding: 20px 30px;">
+                            <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="100%" style="background-color: {{ recommendation_bg }}; border-left: 4px solid {{ recommendation_border }}; padding: 20px; border-radius: 8px;">
+                                <tr>
+                                    <td>
+                                        <h4 style="margin: 0 0 12px; color: #1f2937; font-size: 16px; font-weight: 600;">{{ recommendation_title }}</h4>
+                                        {{ recommendations|safe }}
+                                    </td>
+                                </tr>
+                            </table>
+                        </td>
+                    </tr>
+                    
+                    <!-- Attachment Notice -->
+                    <tr>
+                        <td style="padding: 20px 30px;">
+                            <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="100%" style="background-color: #f3f4f6; border-radius: 8px; padding: 16px;">
+                                <tr>
+                                    <td width="40" style="vertical-align: middle;"><span style="font-size: 24px;">📎</span></td>
+                                    <td style="vertical-align: middle; padding-left: 12px;">
+                                        <p style="margin: 0; color: #1f2937; font-size: 14px; font-weight: 600;">Detailed Report Attached</p>
+                                        <p style="margin: 4px 0 0; color: #6b7280; font-size: 13px;">RespireX_Report_{{ test_id }}.pdf</p>
+                                    </td>
+                                </tr>
+                            </table>
+                        </td>
+                    </tr>
+                    
+                    <!-- Disclaimer -->
+                    <tr>
+                        <td style="padding: 20px 30px 30px;">
+                            <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="100%" style="background-color: #fef3c7; border-radius: 8px; padding: 16px; border-left: 4px solid #f59e0b;">
+                                <tr>
+                                    <td>
+                                        <p style="margin: 0; color: #92400e; font-size: 13px; line-height: 1.6;">
+                                            <strong>⚠️ Important Disclaimer:</strong> This is an AI-powered screening tool and does NOT replace professional medical diagnosis. Please consult with a qualified healthcare provider for proper diagnosis and treatment.
+                                        </p>
+                                    </td>
+                                </tr>
+                            </table>
+                        </td>
+                    </tr>
+                    
+                    <!-- Footer -->
+                    <tr>
+                        <td style="background-color: #1f2937; padding: 30px; text-align: center;">
+                            <p style="margin: 0 0 8px; color: #d1d5db; font-size: 14px; font-weight: 600;">RespireX - AI-Powered Healthcare</p>
+                            <p style="margin: 0 0 15px; color: #9ca3af; font-size: 12px;">Making healthcare accessible for everyone</p>
+                            <div style="border-top: 1px solid #374151; padding-top: 15px; margin-top: 15px;">
+                                <p style="margin: 0; color: #9ca3af; font-size: 11px;">© 2025 RespireX. All rights reserved. | By Team BitBash</p>
+                                <p style="margin: 8px 0 0; color: #6b7280; font-size: 11px;">Part of Atmanirbhar Bharat Mission</p>
+                            </div>
+                        </td>
+                    </tr>
+                    
+                </table>
+            </td>
+        </tr>
+    </table>
+</body>
+</html>

api/urls.py

@@ -0,0 +1,19 @@
+from django.urls import path
+from . import views
+
+urlpatterns = [
+    # ─── Auth ───
+    path('api/signup/', views.signup, name='signup'),
+    path('api/login/', views.login, name='login'),
+
+    # ─── Patient ───
+    path('api/patient/dashboard/', views.patient_dashboard, name='patient-dashboard'),
+    path('api/patient/upload-xray/', views.upload_xray, name='upload-xray'),
+    path('api/patient/symptom-test/', views.symptom_test, name='symptom-test'),
+
+    # ─── Doctor (Direct Access — no auth in prototype) ───
+    path('api/doctor/dashboard/', views.doctor_dashboard, name='doctor-dashboard'),
+
+    # ─── REMOVED for prototype ───
+    # path('api/report/...', ...)   ← all report/PDF routes removed
+]

api/views.py

@@ -0,0 +1,157 @@
+from django.shortcuts import render
+from django.http import JsonResponse
+from rest_framework.decorators import api_view, parser_classes
+from rest_framework.parsers import MultiPartParser
+from rest_framework.response import Response
+from rest_framework import status
+
+from .models import UserProfile, TestResult
+from .serializers import UserProfileSerializer, TestResultSerializer
+from .ml_engine import predict_xray as predict
+from .email_utils import send_test_result_email
+from .authentication import authenticate_user, get_user_from_token
+# pdf_generator import REMOVED for prototype
+
+import os
+import uuid
+from datetime import datetime
+
+
+# ─── AUTH ENDPOINTS ─────────────────────────────────────────────
+
+@api_view(['POST'])
+def signup(request):
+    """Patient / Doctor signup"""
+    serializer = UserProfileSerializer(data=request.data)
+    if serializer.is_valid():
+        serializer.save()
+        return Response({"message": "Signup successful", "user": serializer.data}, status=status.HTTP_201_CREATED)
+    return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+
+@api_view(['POST'])
+def login(request):
+    """Patient login (Doctor gets direct access — no login needed)"""
+    email = request.data.get('email')
+    password = request.data.get('password')
+
+    token = authenticate_user(email, password)
+    if token:
+        return Response({"token": token, "message": "Login successful"}, status=status.HTTP_200_OK)
+    return Response({"error": "Invalid credentials"}, status=status.HTTP_401_UNAUTHORIZED)
+
+
+# ─── PATIENT ENDPOINTS ──────────────────────────────────────────
+
+@api_view(['GET'])
+def patient_dashboard(request):
+    """Patient home — returns their latest test result (if any)"""
+    user = get_user_from_token(request)
+    if not user:
+        return Response({"error": "Unauthorized"}, status=status.HTTP_401_UNAUTHORIZED)
+
+    latest = TestResult.objects.filter(patient=user).order_by('-created_at').first()
+    if latest:
+        return Response(TestResultSerializer(latest).data)
+    return Response({"message": "No tests yet"})
+
+
+@api_view(['POST'], )
+@parser_classes([MultiPartParser])
+def upload_xray(request):
+    """Receive chest X-ray image, run ML prediction, save result"""
+    user = get_user_from_token(request)
+    if not user:
+        return Response({"error": "Unauthorized"}, status=status.HTTP_401_UNAUTHORIZED)
+
+    image = request.FILES.get('xray')
+    if not image:
+        return Response({"error": "No image provided"}, status=status.HTTP_400_BAD_REQUEST)
+
+    # Save image
+    filename = f"{uuid.uuid4()}_{image.name}"
+    upload_path = os.path.join('uploads', filename)
+    with open(upload_path, 'wb') as f:
+        for chunk in image.chunks():
+            f.write(chunk)
+
+    # ML prediction
+    prediction = predict(upload_path)  # returns dict like { "label": "Normal", "confidence": 0.92 }
+
+    # Save test result
+    result = TestResult.objects.create(
+        patient=user,
+        image_path=upload_path,
+        label=prediction['label'],
+        confidence=prediction['confidence'],
+    )
+
+    # Optionally send email (no PDF attachment in prototype)
+    try:
+        send_test_result_email(user.email, prediction)
+    except Exception:
+        pass  # non-blocking
+
+    return Response({
+        "id": result.id,
+        "label": prediction['label'],
+        "confidence": prediction['confidence'],
+        "created_at": result.created_at.isoformat(),
+    }, status=status.HTTP_201_CREATED)
+
+
+@api_view(['POST'])
+def symptom_test(request):
+    """Simple symptom quiz — returns a basic risk score"""
+    answers = request.data.get('answers', [])
+    # Lightweight scoring (no ML model needed)
+    score = sum(answers)  # assumes 0/1 answers
+    total = len(answers) if answers else 1
+
+    if score / total >= 0.6:
+        risk = "High"
+    elif score / total >= 0.3:
+        risk = "Moderate"
+    else:
+        risk = "Low"
+
+    return Response({"risk_level": risk, "score": score, "total": total})
+
+
+# ─── DOCTOR ENDPOINTS (Direct Access — no auth required for prototype) ───
+
+@api_view(['GET'])
+def doctor_dashboard(request):
+    """
+    Doctor direct-access endpoint.
+    Returns dummy test data for prototype.
+    No authentication required.
+    """
+    dummy_tests = [
+        {
+            "id": 1,
+            "test_name": "Test 1",
+            "patient_name": "Rahul Sharma",
+            "patient_email": "rahul.sharma@email.com",
+            "label": "Pneumonia",
+            "confidence": 0.87,
+            "date": "2026-01-28",
+            "status": "Pending Review",
+        },
+        {
+            "id": 2,
+            "test_name": "Test 2",
+            "patient_name": "Priya Mehta",
+            "patient_email": "priya.mehta@email.com",
+            "label": "Normal",
+            "confidence": 0.94,
+            "date": "2026-01-30",
+            "status": "Pending Review",
+        },
+    ]
+    return Response({"tests": dummy_tests}, status=status.HTTP_200_OK)
+
+
+# ─── REPORT GENERATION — REMOVED FOR PROTOTYPE ─────────────────
+# All /api/report/* endpoints and pdf_generator usage have been removed.
+# In the full version, this section handled PDF generation via pdf_generator.py.

manage.py

@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+"""Django's command-line utility for administrative tasks."""
+import os
+import sys
+
+
+def main():
+    """Run administrative tasks."""
+    os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'respirex_backend.settings')
+    try:
+        from django.core.management import execute_from_command_line
+    except ImportError as exc:
+        raise ImportError(
+            "Couldn't import Django. Are you sure it's installed and "
+            "available on your PYTHONPATH environment variable? Did you "
+            "forget to activate a virtual environment?"
+        ) from exc
+    execute_from_command_line(sys.argv)
+
+
+if __name__ == '__main__':
+    main()

model/efficientnet_b0.h5

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c3e49b621fb0eb04d4a20920949f6cd56def85795bbb5fd8c08425e17acd9208
+size 78245936

requirements.txt

@@ -0,0 +1,117 @@
+absl-py==2.3.1
+annotated-types==0.7.0
+anyio==4.12.1
+arabic-reshaper==3.0.0
+asgiref==3.11.0
+asn1crypto==1.5.1
+astunparse==1.6.3
+boto3==1.42.34
+botocore==1.42.34
+cachetools==6.2.5
+certifi==2026.1.4
+cffi==2.0.0
+charset-normalizer==3.4.4
+click==8.3.1
+contourpy==1.3.3
+cryptography==46.0.3
+cssselect2==0.8.0
+cycler==0.12.1
+deprecation==2.1.0
+dj-database-url==3.1.0
+Django==5.2.10
+django-cors-headers==4.9.0
+django-ses==4.6.0
+djangorestframework==3.16.1
+flatbuffers==25.12.19
+fonttools==4.61.1
+freetype-py==2.5.1
+fsspec==2026.1.0
+gast==0.7.0
+google-pasta==0.2.0
+grpcio==1.76.0
+gunicorn==24.1.1
+h11==0.16.0
+h2==4.3.0
+h5py==3.15.1
+hpack==4.1.0
+html5lib==1.1
+httpcore==1.0.9
+httpx==0.28.1
+hyperframe==6.1.0
+idna==3.11
+jmespath==1.1.0
+keras==3.13.1
+kiwisolver==1.4.9
+libclang==18.1.1
+lxml==6.0.2
+Markdown==3.10.1
+markdown-it-py==4.0.0
+MarkupSafe==3.0.3
+matplotlib==3.10.8
+mdurl==0.1.2
+ml_dtypes==0.5.4
+mmh3==5.2.0
+multidict==6.7.0
+namex==0.1.0
+numpy==2.4.1
+opt_einsum==3.4.0
+optree==0.18.0
+oscrypto==1.3.0
+packaging==26.0
+pillow==12.1.0
+postgrest==2.27.2
+propcache==0.4.1
+protobuf==6.33.4
+psycopg2-binary==2.9.11
+pycairo==1.29.0
+pycparser==3.0
+pydantic==2.12.5
+pydantic_core==2.41.5
+Pygments==2.19.2
+pyHanko==0.32.0
+pyhanko-certvalidator==0.29.0
+pyiceberg==0.10.0
+PyJWT==2.10.1
+pyparsing==3.3.2
+pypdf==6.6.1
+pyroaring==1.0.3
+python-bidi==0.6.7
+python-dateutil==2.9.0.post0
+python-dotenv==1.2.1
+python-http-client==3.3.7
+PyYAML==6.0.3
+realtime==2.27.2
+reportlab==4.4.9
+requests==2.32.5
+rich==14.3.1
+rlPyCairo==0.4.0
+s3transfer==0.16.0
+sendgrid==6.12.5
+six==1.17.0
+sortedcontainers==2.4.0
+sqlparse==0.5.5
+storage3==2.27.2
+StrEnum==0.4.15
+strictyaml==1.7.3
+supabase==2.27.2
+supabase-auth==2.27.2
+supabase-functions==2.27.2
+svglib==1.6.0
+tenacity==9.1.2
+tensorboard==2.20.0
+tensorboard-data-server==0.7.2
+tensorflow==2.20.0
+termcolor==3.3.0
+tinycss2==1.5.1
+typing-inspection==0.4.2
+typing_extensions==4.15.0
+tzlocal==5.3.1
+uritools==6.0.1
+urllib3==2.6.3
+webencodings==0.5.1
+websockets==15.0.1
+Werkzeug==3.1.5
+whitenoise==6.11.0
+wrapt==2.0.1
+xhtml2pdf==0.2.17
+yarl==1.22.0

respirex_backend/asgi.py

@@ -0,0 +1,16 @@
+"""
+ASGI config for respirex_backend project.
+
+It exposes the ASGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/6.0/howto/deployment/asgi/
+"""
+
+import os
+
+from django.core.asgi import get_asgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'respirex_backend.settings')
+
+application = get_asgi_application()

respirex_backend/settings.py

@@ -0,0 +1,134 @@
+import os
+from pathlib import Path
+import dj_database_url
+from dotenv import load_dotenv
+
+load_dotenv()
+
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+SECRET_KEY = os.getenv('SECRET_KEY', 'unsafe-secret-key')
+DEBUG = os.getenv('DEBUG', 'False') == 'True'
+
+ALLOWED_HOSTS = ['*']
+
+# Application definition
+INSTALLED_APPS = [
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    
+    # Third party
+    'rest_framework',
+    'corsheaders',
+    
+    # Local
+    'api',
+]
+
+MIDDLEWARE = [
+    'corsheaders.middleware.CorsMiddleware', # Must be at top
+    'django.middleware.security.SecurityMiddleware',
+    "whitenoise.middleware.WhiteNoiseMiddleware",
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+]
+
+ROOT_URLCONF = 'respirex_backend.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'respirex_backend.wsgi.application'
+
+# Database
+DATABASES = {
+    'default': dj_database_url.config(
+        default='sqlite:///db.sqlite3',
+        conn_max_age=600
+    )
+}
+
+# Password validation
+AUTH_PASSWORD_VALIDATORS = [
+    {'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator'},
+    {'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator'},
+    {'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator'},
+    {'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator'},
+]
+
+LANGUAGE_CODE = 'en-us'
+TIME_ZONE = 'UTC'
+USE_I18N = True
+USE_TZ = True
+
+STATIC_URL = 'static/'
+DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+# CORS Config (Allow React Frontend)
+CORS_ALLOW_ALL_ORIGINS = True # For development
+# CORS_ALLOWED_ORIGINS = ["http://localhost:5173"] # Use this for production
+
+# Supabase Settings
+SUPABASE_URL = os.getenv('SUPABASE_URL')
+SUPABASE_KEY = os.getenv('SUPABASE_KEY')
+
+# DRF Config
+REST_FRAMEWORK = {
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'api.authentication.SupabaseAuthentication', 
+    ],
+    'DEFAULT_PERMISSION_CLASSES': [
+        'rest_framework.permissions.IsAuthenticated',
+    ]
+}
+
+from corsheaders.defaults import default_headers
+
+CORS_ALLOW_HEADERS = list(default_headers) + [
+    'authorization',
+    'x-csrftoken',
+    'x-requested-with',
+]
+ALLOWED_HOSTS = ['*']  # You can replace '*' with your specific Render URL later
+STATIC_URL = 'static/'
+STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')
+STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
+CORS_ALLOW_ALL_ORIGINS = True # For simplicity. Or list your frontend Render URL here later.
+
+# HUGGING FACE SETTINGS
+SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
+CSRF_TRUSTED_ORIGINS = ['https://*.hf.space']
+
+# Email Configuration
+EMAIL_BACKEND = 'django_ses.SESBackend'
+AWS_ACCESS_KEY_ID = os.getenv('AWS_ACCESS_KEY_ID')
+AWS_SECRET_ACCESS_KEY = os.getenv('AWS_SECRET_ACCESS_KEY')
+AWS_SES_REGION_NAME = os.getenv('AWS_SES_REGION', 'us-east-1')
+AWS_SES_REGION_ENDPOINT = f'email.{AWS_SES_REGION_NAME}.amazonaws.com'
+
+# Fallback to console for development
+if DEBUG:
+    EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
+
+DEFAULT_FROM_EMAIL = os.getenv('DEFAULT_FROM_EMAIL', 'noreply@respirex.health')

respirex_backend/urls.py

@@ -0,0 +1,7 @@
+from django.contrib import admin
+from django.urls import path, include
+
+urlpatterns = [
+    path('admin/', admin.site.urls),
+    path('api/', include('api.urls')),
+]

respirex_backend/wsgi.py

@@ -0,0 +1,16 @@
+"""
+WSGI config for respirex_backend project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/6.0/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'respirex_backend.settings')
+
+application = get_wsgi_application()