Intelligent Attendance Management System with Geofencing & Work-Life Balance Analytics
Features • Demo • Installation • Documentation • Security
- Overview
- Key Features
- Tech Stack
- Architecture
- Getting Started
- API Documentation
- Security Features
- Work-Life Balance Analytics
- Screenshots
AttendEase is a modern, trust-based attendance management system designed for hybrid workplaces. It combines automatic geofencing-based check-ins with comprehensive work-life balance analytics to help organizations track attendance while promoting employee wellness.
Unlike traditional punitive attendance systems, AttendEase focuses on:
- 🎯 Trust-first approach - Respects employee autonomy while maintaining accountability
- 📊 Work-life balance - Provides actionable insights to prevent burnout
- 🛡️ Balanced security - Fraud detection without invasive monitoring
- 📱 Seamless UX - Automatic check-ins via geofencing, manual override available
- Automatic Check-In/Out - Background location monitoring triggers attendance when entering/leaving office
- Multi-Location Support - Manage multiple office locations with custom geofence radius
- Offline Support - Queue attendance events when offline, sync when connected
- GPS Accuracy Tracking - Monitor location precision for reliability
- Personal Dashboard - Weekly/monthly work hour insights
- Health Score (0-100) - AI-driven work-life balance rating
- Smart Suggestions - Personalized recommendations based on work patterns
- Overtime Tracking - Monitor excessive working hours
- Team Analytics (Admin) - Organization-wide wellness insights
- Device Fingerprinting - Track device metadata (OS, version, device ID)
- Mock Location Detection - Identify GPS spoofing attempts
- Risk Scoring System - Automatic flagging of suspicious check-ins (0-100 scale)
- Admin Review Workflow - Flagged records require admin verification
- JWT Token Security - 15-minute access tokens, 7-day refresh tokens with rotation
- Rate Limiting - Brute force protection (5 attempts/15 min for auth)
- Organization Scoping - Multi-tenant isolation ensures data privacy
- Multi-Tenant Architecture - Secure organization-scoped data access
- Invite System - Join organizations via unique codes
- Role-Based Access Control - Employee and Admin roles
- Admin Dashboard - User management, attendance reports, location control
- React Native + Expo - Cross-platform (iOS & Android)
- Beautiful UI - Dark theme with UI Kitten components
- Push Notifications - Real-time attendance alerts
- Offline Mode - Full functionality without internet
- Runtime: Node.js 20.x LTS
- Framework: Express.js
- Database: MongoDB Atlas (Cloud) / Local MongoDB
- Authentication: JWT (jsonwebtoken) with refresh token rotation
- File Storage: AWS S3 (profile images)
- Logging: Winston (file-based logging)
- Security:
- Helmet.js (HTTP headers)
- bcrypt (password hashing, 10 rounds)
- express-rate-limit (DDoS protection)
- CORS whitelist
- Documentation: Swagger/OpenAPI 3.0
- Framework: React Native with Expo SDK
- UI Library: UI Kitten (Eva Design System)
- Navigation: React Navigation
- State Management: AsyncStorage (local persistence)
- HTTP Client: Axios
- Geolocation: Expo Location + TaskManager
- Device Info: Expo Device, Application, Constants
- Version Control: Git
- CI/CD: GitHub Actions (optional)
- Hosting:
- Backend: Render / Heroku
- Database: MongoDB Atlas
- Storage: AWS S3
AttendEase/
├── Check-in-app/
│ ├── server/ # Backend (Express.js)
│ │ ├── controllers/ # Business logic
│ │ │ ├── authController.js # Authentication (register, login, refresh)
│ │ │ ├── attendanceController.js # Check-in/out, risk scoring
│ │ │ ├── analyticsController.js # Work-life balance analytics
│ │ │ ├── adminController.js # Admin operations
│ │ │ ├── userController.js # Profile management
│ │ │ ├── locationController.js # Geofence management
│ │ │ └── organizationController.js # Multi-tenancy
│ │ ├── models/ # MongoDB schemas (Mongoose)
│ │ │ ├── User.js # User accounts
│ │ │ ├── Organization.js # Organizations
│ │ │ ├── Location.js # Office locations
│ │ │ └── AttendanceRecord.js # Check-in/out with metadata
│ │ ├── routes/ # API endpoints
│ │ ├── middleware/ # Auth, validation, error handling
│ │ ├── utils/ # Helpers (logger, swagger)
│ │ ├── config/ # AWS S3, DB config
│ │ ├── logs/ # Application logs
│ │ └── index.js # Server entry point
│ │
│ └── client/ # Mobile App (React Native)
│ ├── screens/ # UI screens
│ │ ├── LoginScreen.js # Authentication
│ │ ├── HomeScreen.js # Dashboard
│ │ ├── AnalyticsScreen.js # Work-life analytics ⭐
│ │ ├── ProfileScreen.js # User profile
│ │ ├── LocationScreen.js # Office locations
│ │ └── AttendanceScreen.js # Attendance history
│ ├── components/ # Reusable components
│ │ └── geofencingTask.js # Background location monitoring
│ ├── helpers/ # Utilities
│ │ └── deviceInfo.js # Device fingerprinting
│ ├── services/ # API integration
│ │ └── API.js # Backend URL config
│ ├── assets/ # Images, icons
│ ├── App.js # App entry point
│ └── package.json # Dependencies
│
├── SETUP_GUIDE.md # Complete setup instructions
├── IMPLEMENTATION_SUMMARY.md # Technical documentation
└── README.md # This file
AttendEase includes comprehensive Swagger/OpenAPI 3.0 documentation for all 40+ API endpoints.
Once the backend is running, visit:
http://localhost:5001/api-docs
| Category | Endpoints | Description |
|---|---|---|
| Authentication | 3 | Register, login, refresh token |
| Users | 5 | Profile management, password, images |
| Organizations | 3 | Create, join, list organizations |
| Locations | 6 | CRUD for office geofences |
| Attendance | 3 | Check-in/out, records |
| Analytics | 4 | Work-life balance insights |
| Admin | 6 | User management, reports |
POST /api/auth/register
Content-Type: application/json
{
"name": "John Doe",
"email": "john@example.com",
"password": "SecurePass123!",
"role": "employee"
}POST /api/attendance/checkIn
Authorization: Bearer <your-jwt-token>
Content-Type: application/json
{
"locationId": "507f1f77bcf86cd799439013",
"latitude": 37.7749,
"longitude": -122.4194,
"accuracy": 15,
"isAutomatic": true,
"isMockLocation": false,
"deviceInfo": {
"deviceId": "device-uuid",
"deviceName": "iPhone 14 Pro",
"osName": "iOS",
"osVersion": "17.2",
"appVersion": "1.3.0"
}
}GET /api/analytics/user?period=week
Authorization: Bearer <your-jwt-token>
Response:
{
"totalHours": 42.5,
"averageHoursPerDay": 8.5,
"healthScore": 85,
"suggestions": [
"Great work-life balance!",
"Consider taking regular breaks"
],
...
}AttendEase implements enterprise-grade security with a trust-based approach:
| Feature | Implementation | Status |
|---|---|---|
| Password Security | bcrypt hashing (10 rounds) | ✅ Active |
| JWT Authentication | 15-min access + 7-day refresh tokens | ✅ Active |
| Token Rotation | New refresh token on every refresh | ✅ Active |
| Rate Limiting | 5 attempts/15min (auth), 100/15min (general) | ✅ Active |
| CORS Whitelist | Restricted origins only | ✅ Active |
| Helmet Security | HTTP headers hardening | ✅ Active |
| Organization Scoping | Multi-tenant data isolation | ✅ Active |
| Role-Based Access | Employee vs Admin permissions | ✅ Active |
| Device Fingerprinting | OS, version, device ID tracking | ✅ Active |
| Mock Location Detection | GPS spoofing identification | ✅ Active |
| Risk Scoring | 0-100 fraud likelihood score | ✅ Active |
| Admin Review | Flagged records require verification | ✅ Active |
AttendEase has addressed 18 security vulnerabilities:
- ✅ 5 Critical - CORS exposure, JWT expiration, role escalation
- ✅ 13 High - Organization scope bypass, weak tokens, rate limiting
For detailed security implementation, see IMPLEMENTATION_SUMMARY.md.
Before Production:
- Rotate all secrets (JWT, MongoDB, AWS)
- Add
.envto.gitignore(already done) - Remove
.envfrom git history - Enable HTTPS on backend
- Review CORS allowed origins
- Set
NODE_ENV=production - Enable MongoDB Atlas IP whitelist
- Set up monitoring (e.g., Sentry)
AttendEase's flagship feature - helping organizations prevent employee burnout.
Employees can view:
- Total Hours Worked - Weekly/monthly aggregates
- Average Hours Per Day - Trend analysis
- Overtime Tracking - Hours beyond 8/day
- Arrival Time Patterns - Average check-in time
- Longest/Shortest Days - Workload distribution
- Health Score (0-100) - AI-calculated wellness rating
- 80-100: Excellent balance (Green)
- 60-79: Moderate concerns (Yellow)
- 0-59: High burnout risk (Red)
- Smart Suggestions - Personalized recommendations:
- "Great work-life balance!"
- "You're working overtime - consider taking breaks"
- "Arrive earlier to reduce stress"
Admins can monitor:
- Team Average Hours - Organization-wide metrics
- Overworked Employees - Count of at-risk staff (>9h/day avg)
- Health Alerts - Team burnout warnings (>20% overworked)
- Per-Employee Breakdown - Individual health scores
- Trend Analysis - Week-over-week comparisons
// Health Score Calculation (0-100)
Health Score = Base Score (100)
- (10 × days with >9h)
- (20 × days with >10h)
+ (10 if avg < 8h)
+ (5 if consistent arrival time)
