This module provides a publicly accessible biometric face verification page for openIMIS. It allows health facility agents or kiosks to verify beneficiary identity in real-time using facial recognition, without requiring user authentication.
- π₯ Live camera preview with automatic frame capture
- π€ Client-side face detection with quality checks (TinyFaceDetector)
- Real-time face presence detection
- Position guidance (centered, move left/right/up/down)
- Distance guidance (move closer/back)
- Lighting quality feedback (too dark warning)
- Smart streaming: Frames only sent to backend when all quality checks pass
- Visual "Ready to Verify" indicator when quality is optimal
- π Face verification against enrolled reference photos
- π± Responsive design (mobile and desktop)
- π« No login required - fully public access
https://your-domain.com/front/biometric/verify
- Open the page at the public URL
- Allow camera access when prompted by the browser
- Enter or scan the insuree UUID (or use a pre-filled URL)
- Position your face - Real-time quality indicators guide you:
- Face detection status
- Position alignment (centered/move left/right/up/down)
- Distance check (move closer/back)
- Lighting quality (too dark warning)
- Click "Start Verification" to begin streaming verification
- View results - The system displays:
- β Verified (green) - Identity confirmed
- β Not Verified (red) - Identity mismatch
β οΈ Error (grey) - Technical issue
- Stop verification when done
The system continuously streams video frames via WebSocket, but only sends frames to the backend when all quality checks pass (face detected, centered, good distance, sufficient lighting). This smart streaming approach reduces bandwidth and improves verification accuracy.
Add this module to openimis.json or openimis-dev.json:
{
"name": "BiometricVerificationModule",
"npm": "@openimis/fe-biometric-verification@file:/path/to/openimis-fe-biometric_verification_js"
}Mount the module as a volume in compose.base.yml:
services:
frontend:
volumes:
- ../openimis-fe-biometric_verification_js:/frontend-packages/openimis-fe-biometric_verification_jsThis module requires the openimis-be-biometric-verification Python backend module to be installed and configured. See the backend module documentation for setup instructions.
# Install dependencies
npm install
# Build for production
npm run build
# Watch mode (auto-rebuild on changes)
npm startThis module uses TinyFaceDetector from @vladmandic/face-api for client-side face quality checks.
The BiometricVerifyPage component automatically loads the models from the vladmandic CDN on mount:
const MODEL_URL = "https://vladmandic.github.io/face-api/model";Advantages of CDN approach:
- β No local files needed - fully portable module
- β Always up-to-date models
- β No CORS issues
- β Cached by browsers across sites
Check the browser console for:
β TinyFaceDetector models loaded from CDN
For production environments where external dependencies are not allowed, you can self-host the models:
- Download model files:
cd /path/to/your-cdn-directory
wget https://raw.githubusercontent.com/vladmandic/face-api/master/model/tiny_face_detector_model-weights_manifest.json
wget https://raw.githubusercontent.com/vladmandic/face-api/master/model/tiny_face_detector_model.bin- Update
MODEL_URLinBiometricVerifyPage.jsx:
const MODEL_URL = "https://your-cdn.example.com/models";Model files required:
tiny_face_detector_model-weights_manifest.json(3KB)tiny_face_detector_model.bin(189KB)
Total size: ~192KB (very lightweight!)
- React 18 - UI framework
- Material-UI v7 - Component library
- @mui/styles - Styling (makeStyles)
- Vite 5 - Build tool
- WebRTC - Camera access via
navigator.mediaDevices.getUserMedia - @vladmandic/face-api - Client-side face detection (TinyFaceDetector)
- WebSocket - Real-time streaming communication with backend
The page establishes a WebSocket connection to /api/ws/biometric/verify/ for real-time verification:
{
"type": "frame",
"insuree_uuid": "uuid-string",
"frame": "data:image/jpeg;base64,...",
"claim_code": "optional-claim-code",
"step_name": "verification",
"device_id": "browser-user-agent"
}{
"type": "verification_result",
"verified": true,
"confidence": 85.5,
"distance": 0.35,
"provider": "deepface",
"error": null,
"verification_count": 3,
"frame_count": 15,
"audit_uuid": "audit-record-uuid"
}Backend Sampling: The backend processes frames every 5 seconds (configurable) to reduce CPU load, even though the frontend sends frames continuously when quality is good.
This page is publicly accessible by design (no authentication required). The backend module implements:
- Anonymous access whitelisting for
verifyFacemutation - Optional permission checks for authenticated users
- Rate limiting recommendations (configure at infrastructure level)
See SECURITY.md in the backend module for detailed security guidance.
- Chrome/Edge 90+ β
- Firefox 88+ β
- Safari 14+ β
- Mobile browsers with camera access β
Note: Camera access requires HTTPS in production (localhost works with HTTP for development).
- Ensure the browser has permission to access the camera
- Check that the site is served over HTTPS (required for camera access in production)
- Verify no other application is using the camera
- Confirm the UUID is correct
- Verify the insuree exists in the database
- Check that a reference photo was uploaded during enrollment
- Verify the backend module is installed and running
- Check GraphQL endpoint is accessible at
/api/graphql - Review backend logs for errors
LGPL-3.0
For issues and questions, please refer to the main openIMIS documentation