From 0ed1b94c48ac61aaed7ce616cd73cf3ab0e30242 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Wed, 11 Feb 2026 17:41:22 -0600
Subject: [PATCH 01/41] test!

---
 main.py | 1 +
 1 file changed, 1 insertion(+)
diff --git a/main.py b/main.py
index cedf85d..994422a 100644
--- a/main.py
+++ b/main.py
@@ -1,4 +1,5 @@
 import eel
+#sofia
 
 eel.init('front-end')
 

From 69a3118b255aff665e2979e9e76620eb68dc6fe4 Mon Sep 17 00:00:00 2001
From: jacob <jslind@uwm.edu>
Date: Wed, 11 Feb 2026 17:45:11 -0600
Subject: [PATCH 02/41] Jacob Test

---
 main.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/main.py b/main.py
index 994422a..b600c9f 100644
--- a/main.py
+++ b/main.py
@@ -1,5 +1,6 @@
 import eel
 #sofia
+#jacob
 
 eel.init('front-end')
 

From 38602780efbbca505da7c3b581f0728f506d8530 Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Wed, 11 Feb 2026 17:56:19 -0600
Subject: [PATCH 03/41] tim

---
 main.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main.py b/main.py
index b600c9f..aae1daa 100644
--- a/main.py
+++ b/main.py
@@ -1,7 +1,7 @@
 import eel
 #sofia
 #jacob
-
+#tim
 eel.init('front-end')
 
 

From 99a712e2ce34ff082fef4071a1dc454823baec33 Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Thu, 12 Feb 2026 12:59:29 -0600
Subject: [PATCH 04/41] connect openAI api to backend

---
 .gitignore |  1 +
 main.py    | 16 ++++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/.gitignore b/.gitignore
index 3557e5d..06125d6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -189,3 +189,4 @@ gradle-app.setting
 
 /.vs/
 node_modules/
+.env
diff --git a/main.py b/main.py
index aae1daa..a64024d 100644
--- a/main.py
+++ b/main.py
@@ -1,9 +1,25 @@
 import eel
+import os
+from dotenv import load_dotenv
+from openai import OpenAI
 #sofia
 #jacob
 #tim
 eel.init('front-end')
 
+load_dotenv()
+client = OpenAI(api_key=os.getenv("OPENAI_API_KEY"))
+
+def test_openai():
+    if not os.getenv("OPENAI_API_KEY"):
+        print("ERROR: OPENAI_API_KEY not found. Put it in .env (same folder as main.py).")
+        return
+
+    resp = client.chat.completions.create(
+        model="gpt-4.1-mini",
+        messages=[{"role": "user", "content": "Say hello in one sentence."}],
+    )
+    print("OpenAI test reply:", resp.choices[0].message.content)
 
 @eel.expose
 def add(num1, num2):

From 3b4c170e00c2cddc1672cdaed1c605a44dc4f203 Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Thu, 12 Feb 2026 21:30:00 -0600
Subject: [PATCH 05/41] connet frontend-backend-openai api

---
 front-end/index.html      | 23 +++++++++++++----------
 front-end/scripts/main.js | 11 +++++++++++
 main.py                   | 26 +++++++++++++++++---------
 3 files changed, 41 insertions(+), 19 deletions(-)

diff --git a/front-end/index.html b/front-end/index.html
index 3a3ade3..e2ab344 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -1,25 +1,28 @@
 <!DOCTYPE html>
 <html lang="en">
-
 <head>
     <meta charset="UTF-8">
-    <meta name="description" content="">
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
     <title>Hello World!</title>
     <link rel="stylesheet" href="styles/style.css">
     <script type="text/javascript" src="/eel.js"></script>
     <script type="text/javascript" src="scripts/main.js"></script>
-
 </head>
 
 <body>
+<input type="text" id="num-1" placeholder="Enter number.">
+<input type="text" id="num-2" placeholder="Enter number.">
 
-    <input type="text" id="num-1" placeholder="Enter number.">
-    <input type="text" id="num-2" placeholder="Enter number.">
-    <input type="button" class="submit" value="Add" onclick="operate(eel.add)">
-    <input type="button" class="submit" value="Subtract" onclick="operate(eel.subtract)">
-    <span id="output"></span>
-</body>
+<input type="button" class="submit" value="Add" onclick="operate(eel.add)">
+<input type="button" class="submit" value="Subtract" onclick="operate(eel.subtract)">
+
+<hr>
 
-</html>
\ No newline at end of file
+<input type="text" id="prompt" placeholder="Ask GPT...">
+<input type="button" class="submit" value="Ask GPT" onclick="askGPT()">
+
+
+<pre id="output"></pre>
+</body>
+</html>
diff --git a/front-end/scripts/main.js b/front-end/scripts/main.js
index feeebf0..56a9f67 100644
--- a/front-end/scripts/main.js
+++ b/front-end/scripts/main.js
@@ -6,3 +6,14 @@ function operate(operator) {
 		document.querySelector('#output').innerText = result;
 	});
 }
+
+function askGPT() {
+	const prompt = document.querySelector('#prompt').value;
+
+	document.querySelector('#output').innerText = "Loading...";
+
+	eel.ask_api(prompt)(result => {
+		document.querySelector('#output').innerText = result;
+	});
+
+}
\ No newline at end of file
diff --git a/main.py b/main.py
index a64024d..7a8aab7 100644
--- a/main.py
+++ b/main.py
@@ -8,18 +8,25 @@
 eel.init('front-end')
 
 load_dotenv()
+print("API key loaded:", bool(os.getenv("OPENAI_API_KEY")))
 client = OpenAI(api_key=os.getenv("OPENAI_API_KEY"))
 
-def test_openai():
-    if not os.getenv("OPENAI_API_KEY"):
-        print("ERROR: OPENAI_API_KEY not found. Put it in .env (same folder as main.py).")
-        return
+@eel.expose
+def ask_api(user_text):
+    print("ask_api received:", user_text)
 
     resp = client.chat.completions.create(
-        model="gpt-4.1-mini",
-        messages=[{"role": "user", "content": "Say hello in one sentence."}],
-    )
-    print("OpenAI test reply:", resp.choices[0].message.content)
+            model="gpt-4.1-mini",
+            messages=[{"role": "user", "content": str(user_text)}],
+        )
+
+    answer = resp.choices[0].message.content
+    print("ask_api answer:", answer)
+    return answer
+
+
+
+
 
 @eel.expose
 def add(num1, num2):
@@ -31,4 +38,5 @@ def subtract(num1, num2):
     return int(num1) - int(num2)
 
 
-eel.start('index.html', size=(1000, 600))
+if __name__ == "__main__":
+    eel.start('index.html', size=(1000, 600), mode='safari')

From cfb44ee3df396af788b267a816deb3759c25e251 Mon Sep 17 00:00:00 2001
From: NathanEdwards2023 <edwar448@uwm.edu>
Date: Sun, 15 Feb 2026 17:07:27 -0600
Subject: [PATCH 06/41] Basic Frontend

---
 front-end/index.html        | 131 +++++++++++++++----
 front-end/scripts/upload.js |  14 +++
 front-end/styles/style.css  | 245 ++++++++++++++++++++++++++++++++++++
 3 files changed, 366 insertions(+), 24 deletions(-)
 create mode 100644 front-end/scripts/upload.js

diff --git a/front-end/index.html b/front-end/index.html
index 3a3ade3..2be9760 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -1,25 +1,108 @@
-<!DOCTYPE html>
-<html lang="en">
-
-<head>
-    <meta charset="UTF-8">
-    <meta name="description" content="">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-    <title>Hello World!</title>
-    <link rel="stylesheet" href="styles/style.css">
-    <script type="text/javascript" src="/eel.js"></script>
-    <script type="text/javascript" src="scripts/main.js"></script>
-
-</head>
-
-<body>
-
-    <input type="text" id="num-1" placeholder="Enter number.">
-    <input type="text" id="num-2" placeholder="Enter number.">
-    <input type="button" class="submit" value="Add" onclick="operate(eel.add)">
-    <input type="button" class="submit" value="Subtract" onclick="operate(eel.subtract)">
-    <span id="output"></span>
-</body>
-
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>AutoPen Dashboard</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+    <!-- External CSS -->
+    <link rel="stylesheet" href="styles/style.css">
+</head>
+<body>
+
+    <div class="sidebar">
+        <h2>AutoPen</h2>
+        <ul>
+            <li>Dashboard</li>
+            <li>Start Scan</li>
+            <li>Reports</li>
+            <li>Targets</li>
+            <li>Settings</li>
+        </ul>
+    </div>
+
+    <div class="main">
+        <div class="header">
+            <h1>Penetration Testing Dashboard</h1>
+            <div class="status">System Status: Active</div>
+        </div>
+
+        <div class="cards">
+            <div class="card">
+                <h3>Total Scans</h3>
+                <p>128</p>
+            </div>
+            <div class="card">
+                <h3>Critical Vulnerabilities</h3>
+                <p>12</p>
+            </div>
+            <div class="card">
+                <h3>Medium Vulnerabilities</h3>
+                <p>34</p>
+            </div>
+            <div class="card">
+                <h3>Low Vulnerabilities</h3>
+                <p>56</p>
+            </div>
+        </div>
+
+        <!-- Upload Code -->
+        <div class="code-center">
+            <div class="code-box">
+                <h2>Upload Code for Analysis</h2>
+
+                <div class="upload-tabs">
+                    <button class="tab-btn active" data-tab="file">Upload File</button>
+                    <button class="tab-btn" data-tab="paste">Paste Code</button>
+                </div>
+
+                <!-- Upload File -->
+                <div class="tab-content active" id="file">
+                    <label class="drop-zone">
+                        <input type="file" hidden>
+                        <p>Drop your code file here<br>or <span>click to browse</span></p>
+                    </label>
+                </div>
+
+                <!-- Paste Code -->
+                <div class="tab-content" id="paste">
+                    <textarea placeholder="Paste your code here..."></textarea>
+                </div>
+
+                <button class="scan-btn">Start Scan</button>
+            </div>
+        </div>
+
+        <script src="scripts/upload.js"></script>
+
+        <div class="recent-scans">
+            <h3>Recent Scan Results</h3>
+            <table>
+                <thead>
+                    <tr>
+                        <th>Target</th>
+                        <th>Date</th>
+                        <th>Risk Level</th>
+                        <th>Status</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    <tr>
+                        <td>example.com</td>
+                        <td>02/14/2026</td>
+                        <td class="critical">Critical</td>
+                        <td>Completed</td>
+                    </tr>
+                    <tr>
+                        <td>test-server.net</td>
+                        <td>02/12/2026</td>
+                        <td class="low">Low</td>
+                        <td>Completed</td>
+                    </tr>
+                </tbody>
+            </table>
+        </div>
+    </div>
+
+</body>
 </html>
\ No newline at end of file
diff --git a/front-end/scripts/upload.js b/front-end/scripts/upload.js
new file mode 100644
index 0000000..4d33a0b
--- /dev/null
+++ b/front-end/scripts/upload.js
@@ -0,0 +1,14 @@
+const tabButtons = document.querySelectorAll(".tab-btn");
+const tabContents = document.querySelectorAll(".tab-content");
+
+tabButtons.forEach(button => {
+    button.addEventListener("click", () => {
+        // Remove active state
+        tabButtons.forEach(btn => btn.classList.remove("active"));
+        tabContents.forEach(tab => tab.classList.remove("active"));
+
+        // Activate selected tab
+        button.classList.add("active");
+        document.getElementById(button.dataset.tab).classList.add("active");
+    });
+});
\ No newline at end of file
diff --git a/front-end/styles/style.css b/front-end/styles/style.css
index e69de29..2965520 100644
--- a/front-end/styles/style.css
+++ b/front-end/styles/style.css
@@ -0,0 +1,245 @@
+/* ================= RESET ================= */
+* {
+    margin: 0;
+    padding: 0;
+    box-sizing: border-box;
+    font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+}
+
+body {
+    background: #000000;
+    color: #e5e7eb;
+    display: flex;
+    min-height: 100vh;
+}
+
+/* ================= SIDEBAR ================= */
+.sidebar {
+    width: 250px;
+    height: 100vh;
+    background: rgba(17, 24, 39, 0.8);
+    padding: 20px;
+    border-right: 1px solid rgba(168, 85, 247, 0.2);
+}
+
+.sidebar h2 {
+    color: #e9d5ff;
+    margin-bottom: 40px;
+    text-align: center;
+}
+
+.sidebar ul {
+    list-style: none;
+}
+
+.sidebar ul li {
+    padding: 15px;
+    margin: 10px 0;
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    border-radius: 8px;
+    cursor: pointer;
+    transition: 0.25s;
+}
+
+.sidebar ul li:hover {
+    background: rgba(17, 24, 39, 0.95);
+}
+
+/* ================= MAIN ================= */
+.main {
+    flex: 1;
+    padding: 40px;
+}
+
+/* ================= HEADER ================= */
+.header {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    margin-bottom: 40px;
+}
+
+.header h1 {
+    color: #ffffff;
+}
+
+.status {
+    background: rgba(17, 24, 39, 0.8);
+    padding: 10px 20px;
+    border-radius: 999px;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+}
+
+/* ================= UPLOAD SECTION ================= */
+.code-center {
+    margin-bottom: 50px;
+}
+
+.code-box {
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    border-radius: 12px;
+    padding: 30px;
+    width: 100%;
+    max-width: 900px;
+}
+
+.code-box h2 {
+    color: #ffffff;
+    margin-bottom: 20px;
+}
+
+/* ================= TABS ================= */
+.upload-tabs {
+    display: flex;
+    gap: 12px;
+    margin-bottom: 20px;
+}
+
+.tab-btn {
+    background: transparent;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    color: #e9d5ff;
+    padding: 8px 22px;
+    border-radius: 999px;
+    cursor: pointer;
+    transition: 0.25s;
+}
+
+.tab-btn:hover {
+    background: rgba(168, 85, 247, 0.15);
+}
+
+.tab-btn.active {
+    background: rgba(168, 85, 247, 0.25);
+}
+
+/* ================= TAB CONTENT ================= */
+.tab-content {
+    display: none;
+}
+
+.tab-content.active {
+    display: block;
+}
+
+/* ================= DROP ZONE ================= */
+.drop-zone {
+    display: block;
+    padding: 50px;
+    border: 2px dashed rgba(168, 85, 247, 0.8);
+    border-radius: 12px;
+    background: rgba(17, 24, 39, 0.6);
+    text-align: center;
+    cursor: pointer;
+    transition: 0.25s;
+    width: 80%;
+    max-width: 600px;
+    margin: 0 auto;
+}
+
+.drop-zone:hover {
+    background: rgba(17, 24, 39, 0.9);
+}
+
+.drop-zone p {
+    font-size: 18px;
+    margin-bottom: 6px;
+}
+
+.drop-zone span {
+    font-size: 14px;
+    color: #c4b5fd;
+}
+
+/* ================= TEXTAREA ================= */
+textarea {
+    width: 100%;
+    min-height: 220px;
+    background: rgba(17, 24, 39, 0.6);
+    color: #ffffff;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    border-radius: 8px;
+    padding: 15px;
+    resize: vertical;
+}
+
+/* ================= BUTTON ================= */
+.scan-btn {
+    margin-top: 20px;
+    padding: 10px 30px;
+    background: rgba(168, 85, 247, 0.85);
+    color: white;
+    border: none;
+    border-radius: 999px;
+    cursor: pointer;
+    transition: 0.25s;
+}
+
+.scan-btn:hover {
+    background: rgba(168, 85, 247, 1);
+}
+
+/* ================= CARDS ================= */
+.cards {
+    display: grid;
+    grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
+    gap: 20px;
+    margin-bottom: 40px;
+}
+
+.card {
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    padding: 20px;
+    border-radius: 12px;
+    transition: 0.25s;
+}
+
+.card:hover {
+    background: rgba(17, 24, 39, 0.95);
+}
+
+.card h3 {
+    color: #ffffff;
+    margin-bottom: 10px;
+}
+
+.card p {
+    font-size: 28px;
+    font-weight: bold;
+}
+
+/* ================= TABLE ================= */
+.recent-scans {
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    padding: 20px;
+    border-radius: 12px;
+}
+
+table {
+    width: 100%;
+    border-collapse: collapse;
+    margin-top: 15px;
+}
+
+th, td {
+    padding: 12px;
+    text-align: left;
+}
+
+th {
+    color: #e9d5ff;
+    border-bottom: 1px solid rgba(168, 85, 247, 0.2);
+}
+
+tr:hover {
+    background: rgba(168, 85, 247, 0.05);
+}
+
+/* ================= SEVERITY COLORS ================= */
+.critical { color: #fb7185; font-weight: bold; }
+.medium   { color: #facc15; font-weight: bold; }
+.low      { color: #34d399; font-weight: bold; }
\ No newline at end of file

From 0ae235de84cd195a6a1de2cdcd6cedc70c61990c Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Mon, 16 Feb 2026 16:13:48 -0600
Subject: [PATCH 07/41] database connected to enviornment

---
 db.py            | 21 ++++++++++++++
 main.py          |  5 ++++
 models.py        | 74 ++++++++++++++++++++++++++++++++++++++++++++++++
 requirements.txt |  3 ++
 testquery.py     | 27 ++++++++++++++++++
 5 files changed, 130 insertions(+)
 create mode 100644 db.py
 create mode 100644 models.py
 create mode 100644 testquery.py

diff --git a/db.py b/db.py
new file mode 100644
index 0000000..4212ab5
--- /dev/null
+++ b/db.py
@@ -0,0 +1,21 @@
+import os
+from sqlalchemy import create_engine
+from sqlalchemy.orm import sessionmaker
+from dotenv import load_dotenv
+
+load_dotenv()
+
+DB_URL = f"postgresql://" \
+         f"{os.getenv('DB_USER')}:" \
+         f"{os.getenv('DB_PASS')}@" \
+         f"{os.getenv('DB_HOST')}:" \
+         f"{os.getenv('DB_PORT')}/" \
+         f"{os.getenv('DB_NAME')}"
+
+engine = create_engine(
+    DB_URL,
+    echo=True,
+    connect_args={"sslmode": "require"}
+)
+
+SessionLocal = sessionmaker(bind=engine)
diff --git a/main.py b/main.py
index aae1daa..579b0b6 100644
--- a/main.py
+++ b/main.py
@@ -1,9 +1,14 @@
 import eel
+from db import SessionLocal
 #sofia
 #jacob
 #tim
 eel.init('front-end')
 
+session = SessionLocal()
+
+print("Connected successfully!")
+
 
 @eel.expose
 def add(num1, num2):
diff --git a/models.py b/models.py
new file mode 100644
index 0000000..6da1d64
--- /dev/null
+++ b/models.py
@@ -0,0 +1,74 @@
+import os
+from sqlalchemy import create_engine, Column, Integer, String, Text, DateTime, ForeignKey, Numeric, Enum
+from sqlalchemy.orm import declarative_base, relationship, sessionmaker
+from datetime import datetime
+import enum
+from dotenv import load_dotenv
+
+load_dotenv()
+
+Base = declarative_base()
+
+# Severity Enum
+class SeverityEnum(enum.Enum):
+    Low = "Low"
+    Medium = "Medium"
+    High = "High"
+    Critical = "Critical"
+
+
+class User(Base):
+    __tablename__ = "users"
+
+    user_id = Column(Integer, primary_key=True, autoincrement=True)
+    email = Column(String(255), unique=True, nullable=False)
+    password_hash = Column(Text, nullable=False)
+    created_at = Column(DateTime, default=datetime.utcnow)
+
+    submissions = relationship("CodeSubmission", back_populates="user")
+
+
+class CodeSubmission(Base):
+    __tablename__ = "code_submissions"
+
+    submission_id = Column(Integer, primary_key=True, autoincrement=True)
+    user_id = Column(Integer, ForeignKey("users.user_id", ondelete="CASCADE"), nullable=False)
+    submission_name = Column(String(255))
+    uploaded_at = Column(DateTime, default=datetime.utcnow)
+    overall_risk_score = Column(Numeric(5,2))
+    simplified_summary = Column(Text)
+    detailed_summary = Column(Text)
+
+    user = relationship("User", back_populates="submissions")
+    files = relationship("File", back_populates="submission")
+    threats = relationship("Threat", back_populates="submission")
+
+
+class File(Base):
+    __tablename__ = "files"
+
+    file_id = Column(Integer, primary_key=True, autoincrement=True)
+    submission_id = Column(Integer, ForeignKey("code_submissions.submission_id", ondelete="CASCADE"), nullable=False)
+    file_name = Column(String(255), nullable=False)
+    file_path = Column(Text, nullable=False)
+    file_type = Column(String(100))
+
+    submission = relationship("CodeSubmission", back_populates="files")
+    threats = relationship("Threat", back_populates="file")
+
+
+class Threat(Base):
+    __tablename__ = "threats"
+
+    threat_id = Column(Integer, primary_key=True, autoincrement=True)
+    submission_id = Column(Integer, ForeignKey("code_submissions.submission_id", ondelete="CASCADE"), nullable=False)
+    file_id = Column(Integer, ForeignKey("files.file_id", ondelete="SET NULL"), nullable=True)
+    title = Column(String(255), nullable=False)
+    description = Column(Text)
+    severity_level = Column(Enum(SeverityEnum), nullable=False)
+    severity_score = Column(Numeric(5,2))
+    recommendation = Column(Text)
+    line_number = Column(Integer)
+
+    submission = relationship("CodeSubmission", back_populates="threats")
+    file = relationship("File", back_populates="threats")
diff --git a/requirements.txt b/requirements.txt
index e7c13db..c0be71b 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,3 +3,6 @@ pyqrcode
 pyinstaller
 pypng
 autopep8
+psycopg2-binary
+SQLAlchemy
+python-dotenv
diff --git a/testquery.py b/testquery.py
new file mode 100644
index 0000000..cf61dd8
--- /dev/null
+++ b/testquery.py
@@ -0,0 +1,27 @@
+from sqlalchemy import create_engine, text
+
+# Replace these with your Supabase info
+USER = "postgres"
+PASSWORD = "CapstoneVSecurity123"
+HOST = "db.zzraywtbowpotrqbevkz.supabase.co"
+PORT = "5432"
+DATABASE = "postgres"
+
+# This is the connection URL SQLAlchemy needs
+DB_URL = f"postgresql+psycopg2://{USER}:{PASSWORD}@{HOST}:{PORT}/{DATABASE}"
+
+# Create a connection
+engine = create_engine(DB_URL)
+
+try:
+    with engine.connect() as conn:
+        # Run a simple query to test
+        result = conn.execute(text("SELECT NOW();"))
+        print("Connected! Server time:", result.fetchone()[0])
+except Exception as e:
+    print("Connection failed:", e)
+
+with engine.connect() as conn:
+    #conn.execute(text("INSERT INTO users(email, password_hash) VALUES ('test2@example.com', '1A2B3C');"))
+    result = conn.execute(text("SELECT * FROM users;"))
+    print(result.fetchall())
\ No newline at end of file

From 5f3d3fad0f303676c92e79b6e25dc38983b82e83 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Wed, 18 Feb 2026 12:42:46 -0600
Subject: [PATCH 08/41] database secrets preserved

---
 testquery.py | 16 ++--------------
 1 file changed, 2 insertions(+), 14 deletions(-)

diff --git a/testquery.py b/testquery.py
index cf61dd8..80e1505 100644
--- a/testquery.py
+++ b/testquery.py
@@ -1,17 +1,5 @@
-from sqlalchemy import create_engine, text
-
-# Replace these with your Supabase info
-USER = "postgres"
-PASSWORD = "CapstoneVSecurity123"
-HOST = "db.zzraywtbowpotrqbevkz.supabase.co"
-PORT = "5432"
-DATABASE = "postgres"
-
-# This is the connection URL SQLAlchemy needs
-DB_URL = f"postgresql+psycopg2://{USER}:{PASSWORD}@{HOST}:{PORT}/{DATABASE}"
-
-# Create a connection
-engine = create_engine(DB_URL)
+from sqlalchemy import text
+from db import engine
 
 try:
     with engine.connect() as conn:

From d85a13a877983ca4d5be09842c740bc15c1b3af1 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Wed, 18 Feb 2026 12:43:30 -0600
Subject: [PATCH 09/41] Revert "database connected to enviornment"

This reverts commit 0ae235de84cd195a6a1de2cdcd6cedc70c61990c.

# Conflicts:
#	testquery.py
---
 db.py            | 21 --------------
 main.py          |  5 ----
 models.py        | 74 ------------------------------------------------
 requirements.txt |  3 --
 4 files changed, 103 deletions(-)
 delete mode 100644 db.py
 delete mode 100644 models.py

diff --git a/db.py b/db.py
deleted file mode 100644
index 4212ab5..0000000
--- a/db.py
+++ /dev/null
@@ -1,21 +0,0 @@
-import os
-from sqlalchemy import create_engine
-from sqlalchemy.orm import sessionmaker
-from dotenv import load_dotenv
-
-load_dotenv()
-
-DB_URL = f"postgresql://" \
-         f"{os.getenv('DB_USER')}:" \
-         f"{os.getenv('DB_PASS')}@" \
-         f"{os.getenv('DB_HOST')}:" \
-         f"{os.getenv('DB_PORT')}/" \
-         f"{os.getenv('DB_NAME')}"
-
-engine = create_engine(
-    DB_URL,
-    echo=True,
-    connect_args={"sslmode": "require"}
-)
-
-SessionLocal = sessionmaker(bind=engine)
diff --git a/main.py b/main.py
index 579b0b6..aae1daa 100644
--- a/main.py
+++ b/main.py
@@ -1,14 +1,9 @@
 import eel
-from db import SessionLocal
 #sofia
 #jacob
 #tim
 eel.init('front-end')
 
-session = SessionLocal()
-
-print("Connected successfully!")
-
 
 @eel.expose
 def add(num1, num2):
diff --git a/models.py b/models.py
deleted file mode 100644
index 6da1d64..0000000
--- a/models.py
+++ /dev/null
@@ -1,74 +0,0 @@
-import os
-from sqlalchemy import create_engine, Column, Integer, String, Text, DateTime, ForeignKey, Numeric, Enum
-from sqlalchemy.orm import declarative_base, relationship, sessionmaker
-from datetime import datetime
-import enum
-from dotenv import load_dotenv
-
-load_dotenv()
-
-Base = declarative_base()
-
-# Severity Enum
-class SeverityEnum(enum.Enum):
-    Low = "Low"
-    Medium = "Medium"
-    High = "High"
-    Critical = "Critical"
-
-
-class User(Base):
-    __tablename__ = "users"
-
-    user_id = Column(Integer, primary_key=True, autoincrement=True)
-    email = Column(String(255), unique=True, nullable=False)
-    password_hash = Column(Text, nullable=False)
-    created_at = Column(DateTime, default=datetime.utcnow)
-
-    submissions = relationship("CodeSubmission", back_populates="user")
-
-
-class CodeSubmission(Base):
-    __tablename__ = "code_submissions"
-
-    submission_id = Column(Integer, primary_key=True, autoincrement=True)
-    user_id = Column(Integer, ForeignKey("users.user_id", ondelete="CASCADE"), nullable=False)
-    submission_name = Column(String(255))
-    uploaded_at = Column(DateTime, default=datetime.utcnow)
-    overall_risk_score = Column(Numeric(5,2))
-    simplified_summary = Column(Text)
-    detailed_summary = Column(Text)
-
-    user = relationship("User", back_populates="submissions")
-    files = relationship("File", back_populates="submission")
-    threats = relationship("Threat", back_populates="submission")
-
-
-class File(Base):
-    __tablename__ = "files"
-
-    file_id = Column(Integer, primary_key=True, autoincrement=True)
-    submission_id = Column(Integer, ForeignKey("code_submissions.submission_id", ondelete="CASCADE"), nullable=False)
-    file_name = Column(String(255), nullable=False)
-    file_path = Column(Text, nullable=False)
-    file_type = Column(String(100))
-
-    submission = relationship("CodeSubmission", back_populates="files")
-    threats = relationship("Threat", back_populates="file")
-
-
-class Threat(Base):
-    __tablename__ = "threats"
-
-    threat_id = Column(Integer, primary_key=True, autoincrement=True)
-    submission_id = Column(Integer, ForeignKey("code_submissions.submission_id", ondelete="CASCADE"), nullable=False)
-    file_id = Column(Integer, ForeignKey("files.file_id", ondelete="SET NULL"), nullable=True)
-    title = Column(String(255), nullable=False)
-    description = Column(Text)
-    severity_level = Column(Enum(SeverityEnum), nullable=False)
-    severity_score = Column(Numeric(5,2))
-    recommendation = Column(Text)
-    line_number = Column(Integer)
-
-    submission = relationship("CodeSubmission", back_populates="threats")
-    file = relationship("File", back_populates="threats")
diff --git a/requirements.txt b/requirements.txt
index c0be71b..e7c13db 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,6 +3,3 @@ pyqrcode
 pyinstaller
 pypng
 autopep8
-psycopg2-binary
-SQLAlchemy
-python-dotenv

From 8377edc021735d1ec31fb97bfd7acc565c560162 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Wed, 18 Feb 2026 12:49:04 -0600
Subject: [PATCH 10/41] OKAY NOW FIXED, be sure to get .env file updated with
 new credentials

---
 db.py            | 21 +++++++++++++++++++++
 requirements.txt |  3 +++
 2 files changed, 24 insertions(+)
 create mode 100644 db.py

diff --git a/db.py b/db.py
new file mode 100644
index 0000000..5afc09b
--- /dev/null
+++ b/db.py
@@ -0,0 +1,21 @@
+import os
+from sqlalchemy import create_engine
+from sqlalchemy.orm import sessionmaker
+from dotenv import load_dotenv
+
+load_dotenv()
+
+DB_URL = f"postgresql://" \
+         f"{os.getenv('DB_USER')}:" \
+         f"{os.getenv('DB_PASS')}@" \
+         f"{os.getenv('DB_HOST')}:" \
+         f"{os.getenv('DB_PORT')}/" \
+         f"{os.getenv('DB_NAME')}"
+
+engine = create_engine(
+    DB_URL,
+    echo=True,
+    connect_args={"sslmode": "require"}
+)
+
+SessionLocal = sessionmaker(bind=engine)
\ No newline at end of file
diff --git a/requirements.txt b/requirements.txt
index e7c13db..c0be71b 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,3 +3,6 @@ pyqrcode
 pyinstaller
 pypng
 autopep8
+psycopg2-binary
+SQLAlchemy
+python-dotenv

From 012e4180e0d1721f071b93df7329d7154d0811e0 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Wed, 18 Feb 2026 13:08:46 -0600
Subject: [PATCH 11/41] showuser add user database functionality linked up

---
 front-end/index.html      |  7 +++++++
 front-end/scripts/main.js | 15 +++++++++++++++
 main.py                   | 28 +++++++++++++++++++++++++++-
 3 files changed, 49 insertions(+), 1 deletion(-)

diff --git a/front-end/index.html b/front-end/index.html
index 3a3ade3..bd942c2 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -19,6 +19,13 @@
     <input type="text" id="num-2" placeholder="Enter number.">
     <input type="button" class="submit" value="Add" onclick="operate(eel.add)">
     <input type="button" class="submit" value="Subtract" onclick="operate(eel.subtract)">
+    <br>
+    <br>
+    <input type="button" value="Show Users" onclick="loadUsers()">
+    <input type="text" id="email" placeholder="Enter email.">
+    <input type="text" id="pass" placeholder="Enter password.">
+    <input type="button" value="Add User" onclick="addUsers()">
+
     <span id="output"></span>
 </body>
 
diff --git a/front-end/scripts/main.js b/front-end/scripts/main.js
index feeebf0..133a2ba 100644
--- a/front-end/scripts/main.js
+++ b/front-end/scripts/main.js
@@ -6,3 +6,18 @@ function operate(operator) {
 		document.querySelector('#output').innerText = result;
 	});
 }
+
+function loadUsers() {
+	eel.showUsers()(users => {
+		document.querySelector('#output').innerText = JSON.stringify(users, null, 2);
+	});
+}
+
+function addUsers() {
+	var email = document.querySelector('#email').value;
+	var password = document.querySelector('#pass').value;
+
+	eel.addUsers(email, password)(response => {
+		document.querySelector('#output').innerText = response;
+	});
+}
\ No newline at end of file
diff --git a/main.py b/main.py
index aae1daa..e94e512 100644
--- a/main.py
+++ b/main.py
@@ -1,18 +1,44 @@
 import eel
+from db import engine
+from sqlalchemy import text
 #sofia
 #jacob
 #tim
 eel.init('front-end')
 
+try:
+    with engine.connect() as conn:
+        # Run a simple query to test
+        result = conn.execute(text("SELECT NOW();"))
+        print("Connected! Server time:", result.fetchone()[0])
+except Exception as e:
+    print("Connection failed:", e)
 
 @eel.expose
 def add(num1, num2):
     return int(num1) + int(num2)
 
-
 @eel.expose
 def subtract(num1, num2):
     return int(num1) - int(num2)
 
+@eel.expose
+def showUsers():
+     with engine.connect() as conn:
+         result = conn.execute(text("SELECT * FROM users;"))
+         users = result.fetchall()
+         return [dict(row._mapping) for row in users]
+
+@eel.expose
+def addUsers(email, password):
+    #hashing logic here
+
+    with engine.begin() as conn:   # auto-commit
+        conn.execute(
+            text("INSERT INTO users (email, password_hash) VALUES (:email, :password)"),
+            {"email": email, "password": password}
+        )
+    return "User added successfully"
+
 
 eel.start('index.html', size=(1000, 600))

From c7beafbe103ffc9135c4d150d26a94ada9f71869 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Wed, 18 Feb 2026 13:10:59 -0600
Subject: [PATCH 12/41] password hashing

---
 main.py          | 4 +++-
 requirements.txt | 1 +
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/main.py b/main.py
index e94e512..b94ee97 100644
--- a/main.py
+++ b/main.py
@@ -1,6 +1,7 @@
 import eel
 from db import engine
 from sqlalchemy import text
+import bcrypt
 #sofia
 #jacob
 #tim
@@ -32,11 +33,12 @@ def showUsers():
 @eel.expose
 def addUsers(email, password):
     #hashing logic here
+    hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
 
     with engine.begin() as conn:   # auto-commit
         conn.execute(
             text("INSERT INTO users (email, password_hash) VALUES (:email, :password)"),
-            {"email": email, "password": password}
+            {"email": email, "password": hashed}
         )
     return "User added successfully"
 
diff --git a/requirements.txt b/requirements.txt
index c0be71b..c5e047d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -6,3 +6,4 @@ autopep8
 psycopg2-binary
 SQLAlchemy
 python-dotenv
+bcrypt

From a6c2e34d99e70891fb1da8401eb1c25de60e60fe Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Wed, 18 Feb 2026 17:17:14 -0600
Subject: [PATCH 13/41] Moved db queries to new html file

---
 front-end/db_queries.html | 32 ++++++++++++++++++++++++++++++++
 front-end/index.html      | 17 +++++------------
 2 files changed, 37 insertions(+), 12 deletions(-)
 create mode 100644 front-end/db_queries.html

diff --git a/front-end/db_queries.html b/front-end/db_queries.html
new file mode 100644
index 0000000..f840170
--- /dev/null
+++ b/front-end/db_queries.html
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="description" content="">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <title>Hello World!</title>
+    <link rel="stylesheet" href="styles/style.css">
+    <script type="text/javascript" src="/eel.js"></script>
+    <script type="text/javascript" src="scripts/main.js"></script>
+
+</head>
+
+<body>
+
+<input type="text" id="num-1" placeholder="Enter number.">
+<input type="text" id="num-2" placeholder="Enter number.">
+<input type="button" class="submit" value="Add" onclick="operate(eel.add)">
+<input type="button" class="submit" value="Subtract" onclick="operate(eel.subtract)">
+<br>
+<br>
+<input type="button" value="Show Users" onclick="loadUsers()">
+<input type="text" id="email" placeholder="Enter email.">
+<input type="text" id="pass" placeholder="Enter password.">
+<input type="button" value="Add User" onclick="addUsers()">
+
+<span id="output"></span>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/front-end/index.html b/front-end/index.html
index bd942c2..112bd20 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -15,18 +15,11 @@
 
 <body>
 
-    <input type="text" id="num-1" placeholder="Enter number.">
-    <input type="text" id="num-2" placeholder="Enter number.">
-    <input type="button" class="submit" value="Add" onclick="operate(eel.add)">
-    <input type="button" class="submit" value="Subtract" onclick="operate(eel.subtract)">
-    <br>
-    <br>
-    <input type="button" value="Show Users" onclick="loadUsers()">
-    <input type="text" id="email" placeholder="Enter email.">
-    <input type="text" id="pass" placeholder="Enter password.">
-    <input type="button" value="Add User" onclick="addUsers()">
-
-    <span id="output"></span>
+<input type="text" id="num-1" placeholder="Enter number.">
+<input type="text" id="num-2" placeholder="Enter number.">
+<input type="button" class="submit" value="Add" onclick="operate(eel.add)">
+<input type="button" class="submit" value="Subtract" onclick="operate(eel.subtract)">
+<span id="output"></span>
 </body>
 
 </html>
\ No newline at end of file

From 8ee5c8783a76880528b755f1490b9de30b5a09fc Mon Sep 17 00:00:00 2001
From: jacob <jslind@uwm.edu>
Date: Wed, 18 Feb 2026 17:27:34 -0600
Subject: [PATCH 14/41] Initial backend commit: barebones backend inside app
 folder GroupFive, with model for AnalysisTask including request structure,
 user, language etc. Some simple tests on creation, APIView endpoint for
 analysis task and status endpoint. Uses serializer to interpret data from
 frontend

---
 GroupFive/__init__.py                |   0
 GroupFive/admin.py                   |   3 +
 GroupFive/apps.py                    |   6 ++
 GroupFive/dummy_analysis.py          |  13 +++
 GroupFive/migrations/0001_initial.py |  30 +++++++
 GroupFive/migrations/__init__.py     |   0
 GroupFive/models.py                  |  21 +++++
 GroupFive/serializers.py             |   7 ++
 GroupFive/tasks.py                   |  22 +++++
 GroupFive/tests.py                   |  60 +++++++++++++
 GroupFive/views.py                   |  42 +++++++++
 config/__init__.py                   |   0
 config/asgi.py                       |  16 ++++
 config/settings.py                   | 125 +++++++++++++++++++++++++++
 config/urls.py                       |  26 ++++++
 config/wsgi.py                       |  16 ++++
 manage.py                            |  22 +++++
 17 files changed, 409 insertions(+)
 create mode 100644 GroupFive/__init__.py
 create mode 100644 GroupFive/admin.py
 create mode 100644 GroupFive/apps.py
 create mode 100644 GroupFive/dummy_analysis.py
 create mode 100644 GroupFive/migrations/0001_initial.py
 create mode 100644 GroupFive/migrations/__init__.py
 create mode 100644 GroupFive/models.py
 create mode 100644 GroupFive/serializers.py
 create mode 100644 GroupFive/tasks.py
 create mode 100644 GroupFive/tests.py
 create mode 100644 GroupFive/views.py
 create mode 100644 config/__init__.py
 create mode 100644 config/asgi.py
 create mode 100644 config/settings.py
 create mode 100644 config/urls.py
 create mode 100644 config/wsgi.py
 create mode 100644 manage.py

diff --git a/GroupFive/__init__.py b/GroupFive/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/GroupFive/admin.py b/GroupFive/admin.py
new file mode 100644
index 0000000..8c38f3f
--- /dev/null
+++ b/GroupFive/admin.py
@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.
diff --git a/GroupFive/apps.py b/GroupFive/apps.py
new file mode 100644
index 0000000..8220433
--- /dev/null
+++ b/GroupFive/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class OurApplicationConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'GroupFive'
diff --git a/GroupFive/dummy_analysis.py b/GroupFive/dummy_analysis.py
new file mode 100644
index 0000000..992ba89
--- /dev/null
+++ b/GroupFive/dummy_analysis.py
@@ -0,0 +1,13 @@
+
+def run_dummy(code, language):
+
+    return {
+        "summary" : "this dummy code is better than yours",
+        "findings" : [
+            {
+                "severity" : "Minimal",
+                "description" : "Bad code",
+                "fix" : "Figure it Out"
+            }
+        ]
+    }
\ No newline at end of file
diff --git a/GroupFive/migrations/0001_initial.py b/GroupFive/migrations/0001_initial.py
new file mode 100644
index 0000000..b8f9b01
--- /dev/null
+++ b/GroupFive/migrations/0001_initial.py
@@ -0,0 +1,30 @@
+# Generated by Django 5.0.3 on 2026-02-18 09:51
+
+import django.db.models.deletion
+import uuid
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='AnalysisTask',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
+                ('input_code', models.TextField()),
+                ('language', models.CharField(max_length=50)),
+                ('status', models.CharField(choices=[('QUEUED', 'Queued'), ('RUNNING', 'Running'), ('COMPLETED', 'Completed'), ('FAILED', 'Failed')], max_length=20)),
+                ('results', models.JSONField(blank=True, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+    ]
diff --git a/GroupFive/migrations/__init__.py b/GroupFive/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/GroupFive/models.py b/GroupFive/models.py
new file mode 100644
index 0000000..f6f0ea7
--- /dev/null
+++ b/GroupFive/models.py
@@ -0,0 +1,21 @@
+#all id related lines are noted and can be deleted or changed if user id is skipped or substituted
+import uuid #for user ID
+from django.db import models
+from django.contrib.auth.models import User
+
+class AnalysisTask(models.Model):
+    #potential review request statuses
+    STATUS_OPT = [
+        ("QUEUED", "Queued"),
+        ("RUNNING", "Running"),
+        ("COMPLETED", "Completed"),
+        ("FAILED", "Failed")
+    ]
+
+    id = models.UUIDField(primary_key=True, default=uuid.uuid4) #more user id
+    user = models.ForeignKey(User, on_delete=models.CASCADE) #user id/user
+    input_code = models.TextField() #user provided code
+    language = models.CharField(max_length=50) #language of user provided code
+    status = models.CharField(max_length=20, choices=STATUS_OPT) #status of review request
+    results = models.JSONField(null=True, blank=True) #results of review
+    created_at = models.DateTimeField(auto_now_add=True) #creation timestamp
diff --git a/GroupFive/serializers.py b/GroupFive/serializers.py
new file mode 100644
index 0000000..255c15e
--- /dev/null
+++ b/GroupFive/serializers.py
@@ -0,0 +1,7 @@
+#this file uses serializers to define what information we add to our AnalysisTask model from user
+from rest_framework import serializers
+
+class AnalysisRequestSerializer(serializers.Serializer):
+    code = serializers.CharField() #for input code
+    #language definition of input code, can be commented out if language distinction added later
+    language = serializers.CharField()
diff --git a/GroupFive/tasks.py b/GroupFive/tasks.py
new file mode 100644
index 0000000..24c186e
--- /dev/null
+++ b/GroupFive/tasks.py
@@ -0,0 +1,22 @@
+#from celery import shared_task #task queue to handle simultaneous requests, making testing annoying for now can readd later when necessary
+from GroupFive.models import AnalysisTask
+from .dummy_analysis import run_dummy
+
+#@shared_task --from celery, readd later
+def run_analysis_async(task_id):
+
+    #instance of analysisTask
+    task = AnalysisTask.objects.get(id=task_id)
+    task.status = "RUNNING" #update status
+    task.save() #save instance task
+
+    try:
+        #call ai api rather than dummy
+        results = run_dummy(task.input_code, task.language)
+
+        task.results = results #store results
+        task.status = "COMPLETED" #update status
+    except Exception(BaseException) as e:
+        task.status = "FAILED"
+
+    task.save()
\ No newline at end of file
diff --git a/GroupFive/tests.py b/GroupFive/tests.py
new file mode 100644
index 0000000..5f5da37
--- /dev/null
+++ b/GroupFive/tests.py
@@ -0,0 +1,60 @@
+from rest_framework.test import APITestCase
+from django.contrib.auth.models import User
+from rest_framework import status
+from .models import *
+from uuid import uuid4
+
+
+class InitialAnalysisTests(APITestCase):
+
+    def setUp(self):
+        #create user
+        self.User = User.objects.create_user(
+            username="username",
+            password="password"
+        )
+        self.client.login(username="username", password="password")
+
+    def test_create_analysisTask(self):
+
+        response = self.client.post("/api/GroupFive/",{
+            "code" : "print('Hello World')", #code to analyze
+            "language" : "Python" #language of code
+        }, format="json")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertIn("task_id", response.data) #task_id in data
+        self.assertEqual(response.data["status"], "QUEUED")
+
+class InitialWorkflowTest(APITestCase):
+
+    def setUp(self):
+        #create user
+        self.User = User.objects.create_user(
+            username="username",
+            password="password"
+        )
+        self.client.login(username="username", password="password")
+
+    def test_initial_workflow(self):
+        response = self.client.post("/api/GroupFive/",{
+            "code" : "print('Hello Again')", #code to analyze
+            "language" : "Python" #language of code
+        }, format="json")
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        task_id = response.data["task_id"]
+
+        task = AnalysisTask.objects.get(id=task_id)
+
+        #confirm that dummy ran
+        self.assertEqual(task.status, "COMPLETED")
+
+        result_response = self.client.get(f"/api/GroupFive/{task_id}")
+
+        #ensure task endpoint
+        self.assertEqual(result_response.status_code, 200)
+
+
+
diff --git a/GroupFive/views.py b/GroupFive/views.py
new file mode 100644
index 0000000..01cfa8e
--- /dev/null
+++ b/GroupFive/views.py
@@ -0,0 +1,42 @@
+#all id related lines are noted and can be deleted or changed if user id is skipped or substituted
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework.permissions import IsAuthenticated #for user id
+from GroupFive.models import AnalysisTask
+from GroupFive.serializers import AnalysisRequestSerializer
+from .tasks import run_analysis_async
+
+
+#analysis task endpoint
+class AnalysisView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request):
+        serializer = AnalysisRequestSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True) #deserialize, check correct input and format, raises 400 Bad Request on fail
+
+        task = AnalysisTask.objects.create(
+            user=request.user, #user
+            input_code=serializer.validated_data["code"],
+            language=serializer.validated_data["language"],
+            status="QUEUED"
+        )
+
+        run_analysis_async(str(task.id))
+
+        return Response({
+            "task_id": str(task.id),
+            "status": task.status
+        })
+
+#status endpoint
+class StatusView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request, task_id):
+        task = AnalysisTask.objects.get(id=task_id, user=request.user) #user
+
+        return Response({
+            "status": task.status,
+            "summary": task.results if task.status == "COMPLETED" else None
+        })
\ No newline at end of file
diff --git a/config/__init__.py b/config/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/config/asgi.py b/config/asgi.py
new file mode 100644
index 0000000..39149a0
--- /dev/null
+++ b/config/asgi.py
@@ -0,0 +1,16 @@
+"""
+ASGI config for config project.
+
+It exposes the ASGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/5.0/howto/deployment/asgi/
+"""
+
+import os
+
+from django.core.asgi import get_asgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'config.settings')
+
+application = get_asgi_application()
diff --git a/config/settings.py b/config/settings.py
new file mode 100644
index 0000000..4a3bd85
--- /dev/null
+++ b/config/settings.py
@@ -0,0 +1,125 @@
+"""
+Django settings for config project.
+
+Generated by 'django-admin startproject' using Django 5.0.3.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/5.0/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/5.0/ref/settings/
+"""
+
+from pathlib import Path
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/5.0/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = 'django-insecure-y+j3zht6sr%!!2fg0&-ek^21&)yc+y+5a*-ly+@16$8$px)a$@'
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+
+ALLOWED_HOSTS = []
+
+
+# Application definition
+
+INSTALLED_APPS = [
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    'GroupFive',
+    'rest_framework'
+]
+
+MIDDLEWARE = [
+    'django.middleware.security.SecurityMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+]
+
+ROOT_URLCONF = 'config.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'config.wsgi.application'
+
+
+# Database
+# https://docs.djangoproject.com/en/5.0/ref/settings/#databases
+
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': BASE_DIR / 'db.sqlite3',
+    }
+}
+
+
+# Password validation
+# https://docs.djangoproject.com/en/5.0/ref/settings/#auth-password-validators
+
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+    },
+]
+
+
+# Internationalization
+# https://docs.djangoproject.com/en/5.0/topics/i18n/
+
+LANGUAGE_CODE = 'en-us'
+
+TIME_ZONE = 'UTC'
+
+USE_I18N = True
+
+USE_TZ = True
+
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/5.0/howto/static-files/
+
+STATIC_URL = 'static/'
+
+# Default primary key field type
+# https://docs.djangoproject.com/en/5.0/ref/settings/#default-auto-field
+
+DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
diff --git a/config/urls.py b/config/urls.py
new file mode 100644
index 0000000..a770eb4
--- /dev/null
+++ b/config/urls.py
@@ -0,0 +1,26 @@
+"""
+URL configuration for config project.
+
+The `urlpatterns` list routes URLs to views. For more information please see:
+    https://docs.djangoproject.com/en/5.0/topics/http/urls/
+Examples:
+Function views
+    1. Add an import:  from my_app import views
+    2. Add a URL to urlpatterns:  path('', views.home, name='home')
+Class-based views
+    1. Add an import:  from other_app.views import Home
+    2. Add a URL to urlpatterns:  path('', Home.as_view(), name='home')
+Including another URLconf
+    1. Import the include() function: from django.urls import include, path
+    2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
+"""
+from django.contrib import admin
+from django.urls import path
+
+from GroupFive.views import AnalysisView
+
+urlpatterns = [
+    path('admin/', admin.site.urls),
+    path('api/GroupFive/', AnalysisView.as_view(), name='GroupFive'),
+    path('api/GroupFive/', )
+]
diff --git a/config/wsgi.py b/config/wsgi.py
new file mode 100644
index 0000000..c0a9631
--- /dev/null
+++ b/config/wsgi.py
@@ -0,0 +1,16 @@
+"""
+WSGI config for config project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/5.0/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'config.settings')
+
+application = get_wsgi_application()
diff --git a/manage.py b/manage.py
new file mode 100644
index 0000000..8e7ac79
--- /dev/null
+++ b/manage.py
@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+"""Django's command-line utility for administrative tasks."""
+import os
+import sys
+
+
+def main():
+    """Run administrative tasks."""
+    os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'config.settings')
+    try:
+        from django.core.management import execute_from_command_line
+    except ImportError as exc:
+        raise ImportError(
+            "Couldn't import Django. Are you sure it's installed and "
+            "available on your PYTHONPATH environment variable? Did you "
+            "forget to activate a virtual environment?"
+        ) from exc
+    execute_from_command_line(sys.argv)
+
+
+if __name__ == '__main__':
+    main()

From d74cf23214a4bb693bd096fff49f489f0374ae20 Mon Sep 17 00:00:00 2001
From: NathanEdwards2023 <edwar448@uwm.edu>
Date: Wed, 18 Feb 2026 18:29:36 -0600
Subject: [PATCH 15/41] Frontend UI

---
 front-end/index.html        | 113 ++++++++++++++---
 front-end/scripts/upload.js |  14 +++
 front-end/styles/style.css  | 245 ++++++++++++++++++++++++++++++++++++
 3 files changed, 357 insertions(+), 15 deletions(-)
 create mode 100644 front-end/scripts/upload.js

diff --git a/front-end/index.html b/front-end/index.html
index 3a3ade3..f5ee704 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -1,25 +1,108 @@
 <!DOCTYPE html>
 <html lang="en">
-
 <head>
     <meta charset="UTF-8">
-    <meta name="description" content="">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-    <title>Hello World!</title>
-    <link rel="stylesheet" href="styles/style.css">
-    <script type="text/javascript" src="/eel.js"></script>
-    <script type="text/javascript" src="scripts/main.js"></script>
+    <title>AutoPen Dashboard</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
 
+    <!-- External CSS -->
+    <link rel="stylesheet" href="styles/style.css">
 </head>
-
 <body>
 
-    <input type="text" id="num-1" placeholder="Enter number.">
-    <input type="text" id="num-2" placeholder="Enter number.">
-    <input type="button" class="submit" value="Add" onclick="operate(eel.add)">
-    <input type="button" class="submit" value="Subtract" onclick="operate(eel.subtract)">
-    <span id="output"></span>
-</body>
+<div class="sidebar">
+    <h2>AutoPen</h2>
+    <ul>
+        <li>Dashboard</li>
+        <li>Start Scan</li>
+        <li>Reports</li>
+        <li>Targets</li>
+        <li>Settings</li>
+    </ul>
+</div>
+
+<div class="main">
+    <div class="header">
+        <h1>Penetration Testing Dashboard</h1>
+        <div class="status">System Status: Active</div>
+    </div>
+
+    <div class="cards">
+        <div class="card">
+            <h3>Total Scans</h3>
+            <p>128</p>
+        </div>
+        <div class="card">
+            <h3>Critical Vulnerabilities</h3>
+            <p>12</p>
+        </div>
+        <div class="card">
+            <h3>Medium Vulnerabilities</h3>
+            <p>34</p>
+        </div>
+        <div class="card">
+            <h3>Low Vulnerabilities</h3>
+            <p>56</p>
+        </div>
+    </div>
+
+    <!-- Upload Code -->
+    <div class="code-center">
+        <div class="code-box">
+            <h2>Upload Code for Analysis</h2>
 
+            <div class="upload-tabs">
+                <button class="tab-btn active" data-tab="file">Upload File</button>
+                <button class="tab-btn" data-tab="paste">Paste Code</button>
+            </div>
+
+            <!-- Upload File -->
+            <div class="tab-content active" id="file">
+                <label class="drop-zone">
+                    <input type="file" hidden>
+                    <p>Drop your code file here<br>or <span>click to browse</span></p>
+                </label>
+            </div>
+
+            <!-- Paste Code -->
+            <div class="tab-content" id="paste">
+                <textarea placeholder="Paste your code here..."></textarea>
+            </div>
+
+            <button class="scan-btn">Start Scan</button>
+        </div>
+    </div>
+
+    <script src="scripts/upload.js"></script>
+
+    <div class="recent-scans">
+        <h3>Recent Scan Results</h3>
+        <table>
+            <thead>
+            <tr>
+                <th>Target</th>
+                <th>Date</th>
+                <th>Risk Level</th>
+                <th>Status</th>
+            </tr>
+            </thead>
+            <tbody>
+            <tr>
+                <td>example.com</td>
+                <td>02/14/2026</td>
+                <td class="critical">Critical</td>
+                <td>Completed</td>
+            </tr>
+            <tr>
+                <td>test-server.net</td>
+                <td>02/12/2026</td>
+                <td class="low">Low</td>
+                <td>Completed</td>
+            </tr>
+            </tbody>
+        </table>
+    </div>
+</div>
+
+</body>
 </html>
\ No newline at end of file
diff --git a/front-end/scripts/upload.js b/front-end/scripts/upload.js
new file mode 100644
index 0000000..4d33a0b
--- /dev/null
+++ b/front-end/scripts/upload.js
@@ -0,0 +1,14 @@
+const tabButtons = document.querySelectorAll(".tab-btn");
+const tabContents = document.querySelectorAll(".tab-content");
+
+tabButtons.forEach(button => {
+    button.addEventListener("click", () => {
+        // Remove active state
+        tabButtons.forEach(btn => btn.classList.remove("active"));
+        tabContents.forEach(tab => tab.classList.remove("active"));
+
+        // Activate selected tab
+        button.classList.add("active");
+        document.getElementById(button.dataset.tab).classList.add("active");
+    });
+});
\ No newline at end of file
diff --git a/front-end/styles/style.css b/front-end/styles/style.css
index e69de29..8357d12 100644
--- a/front-end/styles/style.css
+++ b/front-end/styles/style.css
@@ -0,0 +1,245 @@
+/* ================= RESET ================= */
+* {
+    margin: 0;
+    padding: 0;
+    box-sizing: border-box;
+    font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+}
+
+body {
+    background: #000000;
+    color: #e5e7eb;
+    display: flex;
+    min-height: 100vh;
+}
+
+/* ================= SIDEBAR ================= */
+.sidebar {
+    width: 250px;
+    height: 100vh;
+    background: rgba(17, 24, 39, 0.8);
+    padding: 20px;
+    border-right: 1px solid rgba(168, 85, 247, 0.2);
+}
+
+.sidebar h2 {
+    color: #e9d5ff;
+    margin-bottom: 40px;
+    text-align: center;
+}
+
+.sidebar ul {
+    list-style: none;
+}
+
+.sidebar ul li {
+    padding: 15px;
+    margin: 10px 0;
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    border-radius: 8px;
+    cursor: pointer;
+    transition: 0.25s;
+}
+
+.sidebar ul li:hover {
+    background: rgba(17, 24, 39, 0.95);
+}
+
+/* ================= MAIN ================= */
+.main {
+    flex: 1;
+    padding: 40px;
+}
+
+/* ================= HEADER ================= */
+.header {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    margin-bottom: 40px;
+}
+
+.header h1 {
+    color: #ffffff;
+}
+
+.status {
+    background: rgba(17, 24, 39, 0.8);
+    padding: 10px 20px;
+    border-radius: 999px;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+}
+
+/* ================= UPLOAD SECTION ================= */
+.code-center {
+    margin-bottom: 50px;
+}
+
+.code-box {
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    border-radius: 12px;
+    padding: 30px;
+    width: 100%;
+    max-width: 900px;
+}
+
+.code-box h2 {
+    color: #ffffff;
+    margin-bottom: 20px;
+}
+
+/* ================= TABS ================= */
+.upload-tabs {
+    display: flex;
+    gap: 12px;
+    margin-bottom: 20px;
+}
+
+.tab-btn {
+    background: transparent;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    color: #e9d5ff;
+    padding: 8px 22px;
+    border-radius: 999px;
+    cursor: pointer;
+    transition: 0.25s;
+}
+
+.tab-btn:hover {
+    background: rgba(168, 85, 247, 0.15);
+}
+
+.tab-btn.active {
+    background: rgba(168, 85, 247, 0.25);
+}
+
+/* ================= TAB CONTENT ================= */
+.tab-content {
+    display: none;
+}
+
+.tab-content.active {
+    display: block;
+}
+
+/* ================= DROP ZONE ================= */
+.drop-zone {
+    display: block;
+    padding: 50px;
+    border: 2px dashed rgba(168, 85, 247, 0.8);
+    border-radius: 12px;
+    background: rgba(17, 24, 39, 0.6);
+    text-align: center;
+    cursor: pointer;
+    transition: 0.25s;
+    width: 80%;
+    max-width: 600px;
+    margin: 0 auto;
+}
+
+.drop-zone:hover {
+    background: rgba(17, 24, 39, 0.9);
+}
+
+.drop-zone p {
+    font-size: 18px;
+    margin-bottom: 6px;
+}
+
+.drop-zone span {
+    font-size: 14px;
+    color: #c4b5fd;
+}
+
+/* ================= TEXTAREA ================= */
+textarea {
+    width: 100%;
+    min-height: 220px;
+    background: rgba(17, 24, 39, 0.6);
+    color: #ffffff;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    border-radius: 8px;
+    padding: 15px;
+    resize: vertical;
+}
+
+/* ================= BUTTON ================= */
+.scan-btn {
+    margin-top: 20px;
+    padding: 10px 30px;
+    background: rgba(168, 85, 247, 0.85);
+    color: white;
+    border: none;
+    border-radius: 999px;
+    cursor: pointer;
+    transition: 0.25s;
+}
+
+.scan-btn:hover {
+    background: rgba(168, 85, 247, 1);
+}
+
+/* ================= CARDS ================= */
+.cards {
+    display: grid;
+    grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
+    gap: 20px;
+    margin-bottom: 40px;
+}
+
+.card {
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    padding: 20px;
+    border-radius: 12px;
+    transition: 0.25s;
+}
+
+.card:hover {
+    background: rgba(17, 24, 39, 0.95);
+}
+
+.card h3 {
+    color: #ffffff;
+    margin-bottom: 10px;
+}
+
+.card p {
+    font-size: 28px;
+    font-weight: bold;
+}
+
+/* ================= TABLE ================= */
+.recent-scans {
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    padding: 20px;
+    border-radius: 12px;
+}
+
+table {
+    width: 100%;
+    border-collapse: collapse;
+    margin-top: 15px;
+}
+
+th, td {
+    padding: 12px;
+    text-align: left;
+}
+
+th {
+    color: #e9d5ff;
+    border-bottom: 1px solid rgba(168, 85, 247, 0.2);
+}
+
+tr:hover {
+    background: rgba(168, 85, 247, 0.05);
+}
+
+/* ================= SEVERITY COLORS ================= */
+.critical { color: #fb7185; font-weight: bold; }
+.medium   { color: #facc15; font-weight: bold; }
+.low      { color: #34d399; font-weight: bold; }

From 5c156bb9f45fb206a5957472bdf98b7b695373f1 Mon Sep 17 00:00:00 2001
From: jacob <jslind@uwm.edu>
Date: Sun, 22 Feb 2026 16:04:18 -0600
Subject: [PATCH 16/41] Renamed API folder. Fixed urls.py and api/urls.py to
 pass initial tests. Added database integration lacking actual database and
 user

---
 .gitignore                                    |  2 ++
 {GroupFive => api}/__init__.py                |  0
 {GroupFive => api}/admin.py                   |  0
 {GroupFive => api}/apps.py                    |  2 +-
 {GroupFive => api}/dummy_analysis.py          |  0
 {GroupFive => api}/migrations/0001_initial.py |  0
 {GroupFive => api}/migrations/__init__.py     |  0
 {GroupFive => api}/models.py                  |  0
 {GroupFive => api}/serializers.py             |  0
 {GroupFive => api}/tasks.py                   |  2 +-
 {GroupFive => api}/tests.py                   |  6 +++---
 {GroupFive => api}/views.py                   | 13 ++++++-------
 config/settings.py                            | 13 +++++++++----
 config/urls.py                                |  9 +++++----
 14 files changed, 27 insertions(+), 20 deletions(-)
 rename {GroupFive => api}/__init__.py (100%)
 rename {GroupFive => api}/admin.py (100%)
 rename {GroupFive => api}/apps.py (85%)
 rename {GroupFive => api}/dummy_analysis.py (100%)
 rename {GroupFive => api}/migrations/0001_initial.py (100%)
 rename {GroupFive => api}/migrations/__init__.py (100%)
 rename {GroupFive => api}/models.py (100%)
 rename {GroupFive => api}/serializers.py (100%)
 rename {GroupFive => api}/tasks.py (94%)
 rename {GroupFive => api}/tests.py (89%)
 rename {GroupFive => api}/views.py (89%)

diff --git a/.gitignore b/.gitignore
index 06125d6..4a02c0a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -85,6 +85,8 @@ profile_default/
 ipython_config.py
 
 # pyenv
+#don't add database credentials
+.env
 .python-version
 
 # pipenv
diff --git a/GroupFive/__init__.py b/api/__init__.py
similarity index 100%
rename from GroupFive/__init__.py
rename to api/__init__.py
diff --git a/GroupFive/admin.py b/api/admin.py
similarity index 100%
rename from GroupFive/admin.py
rename to api/admin.py
diff --git a/GroupFive/apps.py b/api/apps.py
similarity index 85%
rename from GroupFive/apps.py
rename to api/apps.py
index 8220433..5b06c17 100644
--- a/GroupFive/apps.py
+++ b/api/apps.py
@@ -3,4 +3,4 @@
 
 class OurApplicationConfig(AppConfig):
     default_auto_field = 'django.db.models.BigAutoField'
-    name = 'GroupFive'
+    name = 'api'
diff --git a/GroupFive/dummy_analysis.py b/api/dummy_analysis.py
similarity index 100%
rename from GroupFive/dummy_analysis.py
rename to api/dummy_analysis.py
diff --git a/GroupFive/migrations/0001_initial.py b/api/migrations/0001_initial.py
similarity index 100%
rename from GroupFive/migrations/0001_initial.py
rename to api/migrations/0001_initial.py
diff --git a/GroupFive/migrations/__init__.py b/api/migrations/__init__.py
similarity index 100%
rename from GroupFive/migrations/__init__.py
rename to api/migrations/__init__.py
diff --git a/GroupFive/models.py b/api/models.py
similarity index 100%
rename from GroupFive/models.py
rename to api/models.py
diff --git a/GroupFive/serializers.py b/api/serializers.py
similarity index 100%
rename from GroupFive/serializers.py
rename to api/serializers.py
diff --git a/GroupFive/tasks.py b/api/tasks.py
similarity index 94%
rename from GroupFive/tasks.py
rename to api/tasks.py
index 24c186e..ddb7a07 100644
--- a/GroupFive/tasks.py
+++ b/api/tasks.py
@@ -1,5 +1,5 @@
 #from celery import shared_task #task queue to handle simultaneous requests, making testing annoying for now can readd later when necessary
-from GroupFive.models import AnalysisTask
+from api.models import AnalysisTask
 from .dummy_analysis import run_dummy
 
 #@shared_task --from celery, readd later
diff --git a/GroupFive/tests.py b/api/tests.py
similarity index 89%
rename from GroupFive/tests.py
rename to api/tests.py
index 5f5da37..06c9e67 100644
--- a/GroupFive/tests.py
+++ b/api/tests.py
@@ -17,7 +17,7 @@ def setUp(self):
 
     def test_create_analysisTask(self):
 
-        response = self.client.post("/api/GroupFive/",{
+        response = self.client.post("/api/analysis/",{
             "code" : "print('Hello World')", #code to analyze
             "language" : "Python" #language of code
         }, format="json")
@@ -37,7 +37,7 @@ def setUp(self):
         self.client.login(username="username", password="password")
 
     def test_initial_workflow(self):
-        response = self.client.post("/api/GroupFive/",{
+        response = self.client.post("/api/analysis/",{
             "code" : "print('Hello Again')", #code to analyze
             "language" : "Python" #language of code
         }, format="json")
@@ -51,7 +51,7 @@ def test_initial_workflow(self):
         #confirm that dummy ran
         self.assertEqual(task.status, "COMPLETED")
 
-        result_response = self.client.get(f"/api/GroupFive/{task_id}")
+        result_response = self.client.get(f"/api/analysis/{task_id}/")
 
         #ensure task endpoint
         self.assertEqual(result_response.status_code, 200)
diff --git a/GroupFive/views.py b/api/views.py
similarity index 89%
rename from GroupFive/views.py
rename to api/views.py
index 01cfa8e..c5d1861 100644
--- a/GroupFive/views.py
+++ b/api/views.py
@@ -2,15 +2,14 @@
 from rest_framework.views import APIView
 from rest_framework.response import Response
 from rest_framework.permissions import IsAuthenticated #for user id
-from GroupFive.models import AnalysisTask
-from GroupFive.serializers import AnalysisRequestSerializer
+from api.models import AnalysisTask
+from api.serializers import AnalysisRequestSerializer
 from .tasks import run_analysis_async
 
-
-#analysis task endpoint
 class AnalysisView(APIView):
     permission_classes = [IsAuthenticated]
 
+    #analysis task endpoint
     def post(self, request):
         serializer = AnalysisRequestSerializer(data=request.data)
         serializer.is_valid(raise_exception=True) #deserialize, check correct input and format, raises 400 Bad Request on fail
@@ -29,14 +28,14 @@ def post(self, request):
             "status": task.status
         })
 
-#status endpoint
 class StatusView(APIView):
     permission_classes = [IsAuthenticated]
-
+    #status endpoint
     def get(self, request, task_id):
         task = AnalysisTask.objects.get(id=task_id, user=request.user) #user
 
         return Response({
             "status": task.status,
             "summary": task.results if task.status == "COMPLETED" else None
-        })
\ No newline at end of file
+        })
+
diff --git a/config/settings.py b/config/settings.py
index 4a3bd85..be34dd9 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -9,7 +9,7 @@
 For the full list of settings and their values, see
 https://docs.djangoproject.com/en/5.0/ref/settings/
 """
-
+import os
 from pathlib import Path
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
@@ -37,7 +37,7 @@
     'django.contrib.sessions',
     'django.contrib.messages',
     'django.contrib.staticfiles',
-    'GroupFive',
+    'api',
     'rest_framework'
 ]
 
@@ -75,10 +75,15 @@
 # Database
 # https://docs.djangoproject.com/en/5.0/ref/settings/#databases
 
+#modified 2/22 to implement PostgreSQL
 DATABASES = {
     'default': {
-        'ENGINE': 'django.db.backends.sqlite3',
-        'NAME': BASE_DIR / 'db.sqlite3',
+        'ENGINE': 'django.db.backends.postgresql',
+        'NAME': os.getenv('DB_NAME'),
+        'USER': os.getenv('DB_USER'),
+        'PASSWORD': os.getenv('DB_USER'),
+        'HOST': os.getenv('DB_USER'),
+        'PORT': os.getenv('DB_USER'),
     }
 }
 
diff --git a/config/urls.py b/config/urls.py
index a770eb4..e0ee957 100644
--- a/config/urls.py
+++ b/config/urls.py
@@ -15,12 +15,13 @@
     2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
 """
 from django.contrib import admin
-from django.urls import path
+from django.urls import path, include
 
-from GroupFive.views import AnalysisView
+from api.views import *
 
 urlpatterns = [
     path('admin/', admin.site.urls),
-    path('api/GroupFive/', AnalysisView.as_view(), name='GroupFive'),
-    path('api/GroupFive/', )
+    path('api/', include('api.urls')),
+
+    #path('/api/<uuid:task_id>',)
 ]

From ecc43b5d43787c5497482bcc59a0ab0872a70f16 Mon Sep 17 00:00:00 2001
From: jacob <jslind@uwm.edu>
Date: Sun, 22 Feb 2026 16:47:33 -0600
Subject: [PATCH 17/41] api/urls.py

---
 api/urls.py | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 api/urls.py

diff --git a/api/urls.py b/api/urls.py
new file mode 100644
index 0000000..5dd7cb6
--- /dev/null
+++ b/api/urls.py
@@ -0,0 +1,8 @@
+from django.contrib.auth import get_user
+from django.urls import path
+from .views import *
+
+urlpatterns = [
+    path("analysis/", AnalysisView.as_view(), name="analysis"),
+    path("analysis/<uuid:task_id>/", StatusView.as_view(), name="analysis-status"),
+]
\ No newline at end of file

From 80a832f53c36d64d91afb1f6bdb303c14428d60d Mon Sep 17 00:00:00 2001
From: JacobLind1 <jslind@uwm.edu>
Date: Sun, 22 Feb 2026 17:23:03 -0600
Subject: [PATCH 18/41] Database Integrated with Backend, Added Requirements I
 had forgotten. Renamed testquery,py as it was conflicting with some python
 test naming.

---
 config/settings.py         | 16 +++++++++++++---
 testquery.py => db_test.py |  0
 requirements.txt           |  1 +
 3 files changed, 14 insertions(+), 3 deletions(-)
 rename testquery.py => db_test.py (100%)

diff --git a/config/settings.py b/config/settings.py
index be34dd9..6a40ff2 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -12,6 +12,11 @@
 import os
 from pathlib import Path
 
+#dotenv setup otherwise import and use db.py
+from dotenv import load_dotenv
+load_dotenv()
+
+
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
 
@@ -75,15 +80,20 @@
 # Database
 # https://docs.djangoproject.com/en/5.0/ref/settings/#databases
 
+
+
 #modified 2/22 to implement PostgreSQL
 DATABASES = {
     'default': {
         'ENGINE': 'django.db.backends.postgresql',
         'NAME': os.getenv('DB_NAME'),
         'USER': os.getenv('DB_USER'),
-        'PASSWORD': os.getenv('DB_USER'),
-        'HOST': os.getenv('DB_USER'),
-        'PORT': os.getenv('DB_USER'),
+        'PASSWORD': os.getenv('DB_PASSWORD'),
+        'HOST': os.getenv('DB_HOST'),
+        'PORT': os.getenv('DB_PORT'),
+        'OPTIONS': {
+            'sslmode': 'require',
+        }
     }
 }
 
diff --git a/testquery.py b/db_test.py
similarity index 100%
rename from testquery.py
rename to db_test.py
diff --git a/requirements.txt b/requirements.txt
index c5e047d..f69e2b0 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -7,3 +7,4 @@ psycopg2-binary
 SQLAlchemy
 python-dotenv
 bcrypt
+djangorestframework

From 71e9bd44ce2b47036bdcfdb6a979627fe22e5d8f Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Wed, 4 Mar 2026 01:46:05 -0600
Subject: [PATCH 19/41] create the prescan function with semgrep and gitleak

---
 front-end/scripts/main.js |   5 +-
 main.py                   |   2 +
 prescan.py                | 123 ++++++++++++++++++++++++++++++++++++++
 prescan_report.json       |  13 ++++
 requirements.txt          |   2 +
 5 files changed, 142 insertions(+), 3 deletions(-)
 create mode 100644 prescan.py
 create mode 100644 prescan_report.json

diff --git a/front-end/scripts/main.js b/front-end/scripts/main.js
index 38845f8..fc76eff 100644
--- a/front-end/scripts/main.js
+++ b/front-end/scripts/main.js
@@ -25,8 +25,7 @@ function askGPT() {
 
 	document.querySelector('#output').innerText = "Loading...";
 
-	eel.ask_api(prompt)(result => {
+	let newVar = eel.ask_api(prompt)(result => {
 		document.querySelector('#output').innerText = result;
-	});
+	});}}
 
-}
\ No newline at end of file
diff --git a/main.py b/main.py
index c97d798..1aef0c6 100644
--- a/main.py
+++ b/main.py
@@ -8,6 +8,8 @@
 #sofia
 #jacob
 #tim
+#Nathan
+#Sid
 eel.init('front-end')
 
 try:
diff --git a/prescan.py b/prescan.py
new file mode 100644
index 0000000..086cdc5
--- /dev/null
+++ b/prescan.py
@@ -0,0 +1,123 @@
+#!/usr/bin/env python3
+"""
+Pre-scan 模組：對指定檔案或目錄執行 semgrep 與 gitleaks，輸出合併的 JSON 報告。
+使用方式：
+  python prescan.py [輸入路徑] [-o 輸出.json]
+  不給路徑時預設掃描當前目錄。
+"""
+
+import argparse
+import json
+import os
+import subprocess
+import sys
+from pathlib import Path
+
+
+def run_semgrep(target_path: str) -> dict:
+    """對 target_path 執行 semgrep，回傳 JSON 結果。失敗或未安裝則回傳空結構。"""
+    path = Path(target_path).resolve()
+    if not path.exists():
+        return {"tool": "semgrep", "error": f"path not found: {target_path}", "results": []}
+    try:
+        cmd = [
+            sys.executable, "-m", "semgrep", "scan",
+            "--config", "auto",
+            "--json",
+            "--quiet",
+            str(path),
+        ]
+        out = subprocess.run(
+            cmd,
+            capture_output=True,
+            text=True,
+            timeout=300,
+            cwd=os.getcwd(),
+        )
+        if out.returncode != 0 and not out.stdout.strip():
+            return {
+                "tool": "semgrep",
+                "error": out.stderr.strip() or f"exit code {out.returncode}",
+                "results": [],
+            }
+        data = json.loads(out.stdout) if out.stdout.strip() else {}
+        return {"tool": "semgrep", "error": None, "results": data.get("results", data)}
+    except FileNotFoundError:
+        return {"tool": "semgrep", "error": "semgrep not installed (pip install semgrep)", "results": []}
+    except subprocess.TimeoutExpired:
+        return {"tool": "semgrep", "error": "timeout", "results": []}
+    except json.JSONDecodeError as e:
+        return {"tool": "semgrep", "error": str(e), "results": []}
+
+
+def run_gitleaks(target_path: str) -> dict:
+    """對 target_path 執行 gitleaks detect，回傳 JSON 結果。未安裝則回傳空結構。"""
+    path = Path(target_path).resolve()
+    if not path.exists():
+        return {"tool": "gitleaks", "error": f"path not found: {target_path}", "results": []}
+    source = str(path) if path.is_dir() else str(path.parent)
+    try:
+        cmd = [
+            "gitleaks", "detect",
+            "--source", source,
+            "--no-git",
+            "--report-format", "json",
+            "--report-path", "-",  # 將 JSON 輸出到 stdout
+        ]
+        out = subprocess.run(
+            cmd,
+            capture_output=True,
+            text=True,
+            timeout=120,
+        )
+        # gitleaks 找到 secret 時 exit code 可能為 1，但 stdout 仍有 JSON
+        raw = out.stdout.strip()
+        if not raw:
+            return {"tool": "gitleaks", "error": None, "results": []}
+        try:
+            data = json.loads(raw)
+            results = data if isinstance(data, list) else data.get("findings", data.get("results", []))
+        except json.JSONDecodeError:
+            results = []
+        return {"tool": "gitleaks", "error": None, "results": results}
+    except FileNotFoundError:
+        return {"tool": "gitleaks", "error": "gitleaks not installed", "results": []}
+    except subprocess.TimeoutExpired:
+        return {"tool": "gitleaks", "error": "timeout", "results": []}
+
+
+def main():
+    parser = argparse.ArgumentParser(description="Pre-scan: semgrep + gitleaks -> JSON report")
+    parser.add_argument(
+        "input_path",
+        nargs="?",
+        default=".",
+        help="要掃描的檔案或目錄路徑（預設: 當前目錄）",
+    )
+    parser.add_argument(
+        "-o", "--output",
+        default="prescan_report.json",
+        help="輸出的 JSON 檔案路徑（預設: prescan_report.json）",
+    )
+    args = parser.parse_args()
+
+    input_path = os.path.normpath(args.input_path)
+    if not os.path.exists(input_path):
+        print(f"錯誤：找不到路徑 {input_path}", file=sys.stderr)
+        sys.exit(1)
+
+    report = {
+        "input_path": os.path.abspath(input_path),
+        "semgrep": run_semgrep(input_path),
+        "gitleaks": run_gitleaks(input_path),
+    }
+
+    out_path = args.output
+    with open(out_path, "w", encoding="utf-8") as f:
+        json.dump(report, f, ensure_ascii=False, indent=2)
+
+    print(f"已寫入: {out_path}")
+
+
+if __name__ == "__main__":
+    main()
diff --git a/prescan_report.json b/prescan_report.json
new file mode 100644
index 0000000..63f87d9
--- /dev/null
+++ b/prescan_report.json
@@ -0,0 +1,13 @@
+{
+  "input_path": "/Users/zhangtingen/Downloads/V/testquery.py",
+  "semgrep": {
+    "tool": "semgrep",
+    "error": "Using `python -m semgrep` to run Semgrep is deprecated as of 1.38.0. Please simply run `semgrep` instead.",
+    "results": []
+  },
+  "gitleaks": {
+    "tool": "gitleaks",
+    "error": "gitleaks not installed",
+    "results": []
+  }
+}
\ No newline at end of file
diff --git a/requirements.txt b/requirements.txt
index c5e047d..aa31d5f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,5 @@
 eel
+engine
 pyqrcode
 pyinstaller
 pypng
@@ -7,3 +8,4 @@ psycopg2-binary
 SQLAlchemy
 python-dotenv
 bcrypt
+semgrep

From 2a92970f1d2e60fa808f34e4e8b4e3d0f35f3281 Mon Sep 17 00:00:00 2001
From: JacobLind1 <jslind@uwm.edu>
Date: Wed, 4 Mar 2026 12:34:17 -0600
Subject: [PATCH 20/41] Fixed issue connecting with group database.

---
 config/settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/settings.py b/config/settings.py
index 6a40ff2..0dc2614 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -88,7 +88,7 @@
         'ENGINE': 'django.db.backends.postgresql',
         'NAME': os.getenv('DB_NAME'),
         'USER': os.getenv('DB_USER'),
-        'PASSWORD': os.getenv('DB_PASSWORD'),
+        'PASSWORD': os.getenv('DB_PASS'),
         'HOST': os.getenv('DB_HOST'),
         'PORT': os.getenv('DB_PORT'),
         'OPTIONS': {

From 80af157e75c5a96c84a4a270d75ef57eb160b817 Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Wed, 4 Mar 2026 13:05:01 -0600
Subject: [PATCH 21/41] create the prescan function with semgrep and gitleak

---
 prescan.py | 23 ++++++++---------------
 1 file changed, 8 insertions(+), 15 deletions(-)

diff --git a/prescan.py b/prescan.py
index 086cdc5..e6d51ca 100644
--- a/prescan.py
+++ b/prescan.py
@@ -1,11 +1,4 @@
 #!/usr/bin/env python3
-"""
-Pre-scan 模組：對指定檔案或目錄執行 semgrep 與 gitleaks，輸出合併的 JSON 報告。
-使用方式：
-  python prescan.py [輸入路徑] [-o 輸出.json]
-  不給路徑時預設掃描當前目錄。
-"""
-
 import argparse
 import json
 import os
@@ -15,7 +8,7 @@
 
 
 def run_semgrep(target_path: str) -> dict:
-    """對 target_path 執行 semgrep，回傳 JSON 結果。失敗或未安裝則回傳空結構。"""
+   
     path = Path(target_path).resolve()
     if not path.exists():
         return {"tool": "semgrep", "error": f"path not found: {target_path}", "results": []}
@@ -51,7 +44,7 @@ def run_semgrep(target_path: str) -> dict:
 
 
 def run_gitleaks(target_path: str) -> dict:
-    """對 target_path 執行 gitleaks detect，回傳 JSON 結果。未安裝則回傳空結構。"""
+    """Run gitleaks detect on target_path and return JSON results. Empty structure if unavailable."""
     path = Path(target_path).resolve()
     if not path.exists():
         return {"tool": "gitleaks", "error": f"path not found: {target_path}", "results": []}
@@ -62,7 +55,7 @@ def run_gitleaks(target_path: str) -> dict:
             "--source", source,
             "--no-git",
             "--report-format", "json",
-            "--report-path", "-",  # 將 JSON 輸出到 stdout
+            "--report-path", "-",  # write JSON to stdout
         ]
         out = subprocess.run(
             cmd,
@@ -70,7 +63,7 @@ def run_gitleaks(target_path: str) -> dict:
             text=True,
             timeout=120,
         )
-        # gitleaks 找到 secret 時 exit code 可能為 1，但 stdout 仍有 JSON
+        # when gitleaks finds secrets exit code may be 1, but stdout still contains JSON
         raw = out.stdout.strip()
         if not raw:
             return {"tool": "gitleaks", "error": None, "results": []}
@@ -92,18 +85,18 @@ def main():
         "input_path",
         nargs="?",
         default=".",
-        help="要掃描的檔案或目錄路徑（預設: 當前目錄）",
+        help="File or directory path to scan (default: current directory)",
     )
     parser.add_argument(
         "-o", "--output",
         default="prescan_report.json",
-        help="輸出的 JSON 檔案路徑（預設: prescan_report.json）",
+        help="Output JSON file path (default: prescan_report.json)",
     )
     args = parser.parse_args()
 
     input_path = os.path.normpath(args.input_path)
     if not os.path.exists(input_path):
-        print(f"錯誤：找不到路徑 {input_path}", file=sys.stderr)
+        print(f"Error: path not found {input_path}", file=sys.stderr)
         sys.exit(1)
 
     report = {
@@ -116,7 +109,7 @@ def main():
     with open(out_path, "w", encoding="utf-8") as f:
         json.dump(report, f, ensure_ascii=False, indent=2)
 
-    print(f"已寫入: {out_path}")
+    print(f"Report written to: {out_path}")
 
 
 if __name__ == "__main__":

From 5db65b6ea526942b848d324875f72287c8d1e2a4 Mon Sep 17 00:00:00 2001
From: NathanEdwards2023 <edwar448@uwm.edu>
Date: Wed, 4 Mar 2026 21:22:28 -0600
Subject: [PATCH 22/41] Simple Login and Register pages. Needs to be linked to
 backend

---
 front-end/login.html    | 30 ++++++++++++++++++++++++++++++
 front-end/register.html | 27 +++++++++++++++++++++++++++
 2 files changed, 57 insertions(+)
 create mode 100644 front-end/login.html
 create mode 100644 front-end/register.html

diff --git a/front-end/login.html b/front-end/login.html
new file mode 100644
index 0000000..425f5a7
--- /dev/null
+++ b/front-end/login.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Login</title>
+</head>
+<body>
+
+<h2>Login</h2>
+
+{% if error %}
+<p style="color:red">{{ error }}</p>
+{% endif %}
+
+<form method="POST">
+  {% csrf_token %}
+
+  <input type="text" name="username" placeholder="Username" required>
+  <br><br>
+
+  <input type="password" name="password" placeholder="Password" required>
+  <br><br>
+
+  <button type="submit">Login</button>
+</form>
+
+<p>Don't have an account?</p>
+<a href="/register/">Register</a>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/front-end/register.html b/front-end/register.html
new file mode 100644
index 0000000..18bf32c
--- /dev/null
+++ b/front-end/register.html
@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Register</title>
+</head>
+<body>
+
+<h2>Create Account</h2>
+
+<form method="POST">
+  {% csrf_token %}
+
+  <input type="text" name="username" placeholder="Username" required>
+  <br><br>
+
+  <input type="password" name="password" placeholder="Password" required>
+  <br><br>
+
+  <button type="submit">Register</button>
+
+</form>
+
+<br>
+<a href="/">Back to Login</a>
+
+</body>
+</html>
\ No newline at end of file

From c351af70ea5ca7f1696b862ef0869a723a560476 Mon Sep 17 00:00:00 2001
From: Sidh05 <smidha@uwm.edu>
Date: Thu, 12 Mar 2026 17:41:17 -0500
Subject: [PATCH 23/41] Test cases- Safe, vulnerable, mixed and edge

---
 test_cases/edge1.py       | 16 ++++++++++++++++
 test_cases/edhe2.js       |  3 +++
 test_cases/mixed1.py      | 24 ++++++++++++++++++++++++
 test_cases/mixed2.js      | 11 +++++++++++
 test_cases/safe1.py       |  7 +++++++
 test_cases/safe2.py       |  6 ++++++
 test_cases/safe3.py       |  6 ++++++
 test_cases/safe4.c        | 10 ++++++++++
 test_cases/vulnerable1.py | 14 ++++++++++++++
 test_cases/vulnerable2.py |  8 ++++++++
 test_cases/vulnerable3.c  |  7 +++++++
 test_cases/vulnerable4.js |  7 +++++++
 12 files changed, 119 insertions(+)
 create mode 100644 test_cases/edge1.py
 create mode 100644 test_cases/edhe2.js
 create mode 100644 test_cases/mixed1.py
 create mode 100644 test_cases/mixed2.js
 create mode 100644 test_cases/safe1.py
 create mode 100644 test_cases/safe2.py
 create mode 100644 test_cases/safe3.py
 create mode 100644 test_cases/safe4.c
 create mode 100644 test_cases/vulnerable1.py
 create mode 100644 test_cases/vulnerable2.py
 create mode 100644 test_cases/vulnerable3.c
 create mode 100644 test_cases/vulnerable4.js

diff --git a/test_cases/edge1.py b/test_cases/edge1.py
new file mode 100644
index 0000000..f355037
--- /dev/null
+++ b/test_cases/edge1.py
@@ -0,0 +1,16 @@
+# Never use eval(user_input) here.
+import os
+
+EXAMPLE_TEXT = "password"
+HELP_MESSAGE = "Enter your api key here"
+
+def docs():
+    return EXAMPLE_TEXT + HELP_MESSAGE
+
+
+def add(a, b):
+    return a + b
+
+
+def fixed_command():
+    os.system("ls")
\ No newline at end of file
diff --git a/test_cases/edhe2.js b/test_cases/edhe2.js
new file mode 100644
index 0000000..2c8f8b3
--- /dev/null
+++ b/test_cases/edhe2.js
@@ -0,0 +1,3 @@
+function renderStatic() {
+    document.getElementById("box").innerHTML = "<b>Hello</b>";
+  }
\ No newline at end of file
diff --git a/test_cases/mixed1.py b/test_cases/mixed1.py
new file mode 100644
index 0000000..6ee0950
--- /dev/null
+++ b/test_cases/mixed1.py
@@ -0,0 +1,24 @@
+import os
+import sqlite3
+import hashlib
+
+API_KEY = os.getenv("API_KEY")
+
+def safe_lookup(username):
+    conn = sqlite3.connect("users.db")
+    cursor = conn.cursor()
+    cursor.execute("SELECT * FROM users WHERE username = ?", (username,))
+    return cursor.fetchall()
+
+def unsafe_lookup(username):
+    conn = sqlite3.connect("users.db")
+    cursor = conn.cursor()
+    query = f"SELECT * FROM users WHERE username = '{username}'"
+    cursor.execute(query)
+    return cursor.fetchall()
+
+def weak_hash(password):
+    return hashlib.sha1(password.encode()).hexdigest()
+
+def safe_echo(text):
+    return text
\ No newline at end of file
diff --git a/test_cases/mixed2.js b/test_cases/mixed2.js
new file mode 100644
index 0000000..cfc07c6
--- /dev/null
+++ b/test_cases/mixed2.js
@@ -0,0 +1,11 @@
+function renderSafe(msg) {
+  document.getElementById("safe").textContent = msg;
+}
+
+function renderUnsafe(msg) {
+  document.getElementById("unsafe").innerHTML = msg;
+}
+
+function calculate(a, b) {
+  return a + b;
+}
\ No newline at end of file
diff --git a/test_cases/safe1.py b/test_cases/safe1.py
new file mode 100644
index 0000000..11b1ce7
--- /dev/null
+++ b/test_cases/safe1.py
@@ -0,0 +1,7 @@
+import sqlite3
+
+def get_user(username):
+    conn = sqlite3.connect("users.db")
+    cursor = conn.cursor()
+    cursor.execute("SELECT * FROM users WHERE username = ?", (username,))
+    return cursor.fetchall()
\ No newline at end of file
diff --git a/test_cases/safe2.py b/test_cases/safe2.py
new file mode 100644
index 0000000..2288b7e
--- /dev/null
+++ b/test_cases/safe2.py
@@ -0,0 +1,6 @@
+import os
+
+API_KEY = os.getenv("API_KEY")
+
+def connect():
+    return API_KEY
\ No newline at end of file
diff --git a/test_cases/safe3.py b/test_cases/safe3.py
new file mode 100644
index 0000000..8b12626
--- /dev/null
+++ b/test_cases/safe3.py
@@ -0,0 +1,6 @@
+import hashlib
+import os
+
+def hash_password(password):
+    salt = os.urandom(16)
+    return hashlib.pbkdf2_hmac("sha256", password.encode(), salt, 100000)
\ No newline at end of file
diff --git a/test_cases/safe4.c b/test_cases/safe4.c
new file mode 100644
index 0000000..fd5e85c
--- /dev/null
+++ b/test_cases/safe4.c
@@ -0,0 +1,10 @@
+#include <stdio.h>
+#include <string.h>
+
+void copy_input(char *input) {
+    char buffer[10];
+    strncpy(buffer, input, sizeof(buffer) - 1);
+    buffer[sizeof(buffer) - 1] = '\0';
+    printf("%s\n", buffer);
+}
+
diff --git a/test_cases/vulnerable1.py b/test_cases/vulnerable1.py
new file mode 100644
index 0000000..db52e22
--- /dev/null
+++ b/test_cases/vulnerable1.py
@@ -0,0 +1,14 @@
+import os
+API_KEY = "sk_test_123456789SECRET"
+DB_PASSWORD = "supersecretpassword"
+
+
+def connect():
+    return f"Connecting with {API_KEY}"
+
+def ping_host(host):
+    os.system("ping -c 1 " + host)
+
+
+
+
diff --git a/test_cases/vulnerable2.py b/test_cases/vulnerable2.py
new file mode 100644
index 0000000..9ea15f9
--- /dev/null
+++ b/test_cases/vulnerable2.py
@@ -0,0 +1,8 @@
+import sqlite3
+
+def get_user(username):
+    conn = sqlite3.connect("users.db")
+    cursor = conn.cursor()
+    query = f"SELECT * FROM users WHERE username = '{username}'"
+    cursor.execute(query)
+    return cursor.fetchall()
\ No newline at end of file
diff --git a/test_cases/vulnerable3.c b/test_cases/vulnerable3.c
new file mode 100644
index 0000000..a30fbe5
--- /dev/null
+++ b/test_cases/vulnerable3.c
@@ -0,0 +1,7 @@
+#include <stdio.h>
+#include <string.h>
+void copy_input(char *input) {
+    char buffer[10];
+    strcpy(buffer, input);
+    printf("%s\n", buffer);
+}
diff --git a/test_cases/vulnerable4.js b/test_cases/vulnerable4.js
new file mode 100644
index 0000000..25d4bff
--- /dev/null
+++ b/test_cases/vulnerable4.js
@@ -0,0 +1,7 @@
+function showMessage(msg) {
+    document.getElementById("output").innerHTML = msg;
+  }
+
+function showMessage(msg) {
+    document.getElementById("output").innerHTML = msg;
+  }
\ No newline at end of file

From 57cde04e7f5c9d34d0c35c7c5ad1367496a05565 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Thu, 19 Mar 2026 14:28:15 -0500
Subject: [PATCH 24/41] Refactored everything in main branch - changed group5
 into a new app called scanner - updated everything to fully remove eel
 functionality - cleaned up duplicate code and unneeded testing code

---
 GroupFive/migrations/0001_initial.py          | 30 -------
 GroupFive/models.py                           | 21 -----
 GroupFive/serializers.py                      |  7 --
 GroupFive/tasks.py                            | 22 -----
 GroupFive/tests.py                            | 60 --------------
 GroupFive/views.py                            | 42 ----------
 config/settings.py                            | 36 ++++++---
 config/urls.py                                | 10 +--
 db.py                                         | 21 -----
 front-end/db_queries.html                     | 32 --------
 front-end/index.html                          | 21 +++--
 front-end/scripts/main.js                     | 32 --------
 main.py                                       | 70 ----------------
 requirements.txt                              | 13 +--
 {GroupFive => scanner}/__init__.py            |  0
 {GroupFive => scanner}/admin.py               |  0
 {GroupFive => scanner}/apps.py                |  4 +-
 scanner/migrations/0001_initial.py            | 77 ++++++++++++++++++
 {GroupFive => scanner}/migrations/__init__.py |  0
 scanner/models.py                             | 81 +++++++++++++++++++
 scanner/serializers.py                        | 26 ++++++
 scanner/services/ai_service.py                | 13 +++
 .../services}/dummy_analysis.py               |  1 -
 scanner/services/user_services.py             |  9 +++
 scanner/tasks.py                              | 43 ++++++++++
 scanner/tests.py                              | 58 +++++++++++++
 scanner/urls.py                               | 10 +++
 scanner/views.py                              | 68 ++++++++++++++++
 testquery.py                                  | 15 ----
 29 files changed, 431 insertions(+), 391 deletions(-)
 delete mode 100644 GroupFive/migrations/0001_initial.py
 delete mode 100644 GroupFive/models.py
 delete mode 100644 GroupFive/serializers.py
 delete mode 100644 GroupFive/tasks.py
 delete mode 100644 GroupFive/tests.py
 delete mode 100644 GroupFive/views.py
 delete mode 100644 db.py
 delete mode 100644 front-end/db_queries.html
 delete mode 100644 front-end/scripts/main.js
 delete mode 100644 main.py
 rename {GroupFive => scanner}/__init__.py (100%)
 rename {GroupFive => scanner}/admin.py (100%)
 rename {GroupFive => scanner}/apps.py (60%)
 create mode 100644 scanner/migrations/0001_initial.py
 rename {GroupFive => scanner}/migrations/__init__.py (100%)
 create mode 100644 scanner/models.py
 create mode 100644 scanner/serializers.py
 create mode 100644 scanner/services/ai_service.py
 rename {GroupFive => scanner/services}/dummy_analysis.py (99%)
 create mode 100644 scanner/services/user_services.py
 create mode 100644 scanner/tasks.py
 create mode 100644 scanner/tests.py
 create mode 100644 scanner/urls.py
 create mode 100644 scanner/views.py
 delete mode 100644 testquery.py

diff --git a/GroupFive/migrations/0001_initial.py b/GroupFive/migrations/0001_initial.py
deleted file mode 100644
index b8f9b01..0000000
--- a/GroupFive/migrations/0001_initial.py
+++ /dev/null
@@ -1,30 +0,0 @@
-# Generated by Django 5.0.3 on 2026-02-18 09:51
-
-import django.db.models.deletion
-import uuid
-from django.conf import settings
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    initial = True
-
-    dependencies = [
-        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
-    ]
-
-    operations = [
-        migrations.CreateModel(
-            name='AnalysisTask',
-            fields=[
-                ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
-                ('input_code', models.TextField()),
-                ('language', models.CharField(max_length=50)),
-                ('status', models.CharField(choices=[('QUEUED', 'Queued'), ('RUNNING', 'Running'), ('COMPLETED', 'Completed'), ('FAILED', 'Failed')], max_length=20)),
-                ('results', models.JSONField(blank=True, null=True)),
-                ('created_at', models.DateTimeField(auto_now_add=True)),
-                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
-            ],
-        ),
-    ]
diff --git a/GroupFive/models.py b/GroupFive/models.py
deleted file mode 100644
index f6f0ea7..0000000
--- a/GroupFive/models.py
+++ /dev/null
@@ -1,21 +0,0 @@
-#all id related lines are noted and can be deleted or changed if user id is skipped or substituted
-import uuid #for user ID
-from django.db import models
-from django.contrib.auth.models import User
-
-class AnalysisTask(models.Model):
-    #potential review request statuses
-    STATUS_OPT = [
-        ("QUEUED", "Queued"),
-        ("RUNNING", "Running"),
-        ("COMPLETED", "Completed"),
-        ("FAILED", "Failed")
-    ]
-
-    id = models.UUIDField(primary_key=True, default=uuid.uuid4) #more user id
-    user = models.ForeignKey(User, on_delete=models.CASCADE) #user id/user
-    input_code = models.TextField() #user provided code
-    language = models.CharField(max_length=50) #language of user provided code
-    status = models.CharField(max_length=20, choices=STATUS_OPT) #status of review request
-    results = models.JSONField(null=True, blank=True) #results of review
-    created_at = models.DateTimeField(auto_now_add=True) #creation timestamp
diff --git a/GroupFive/serializers.py b/GroupFive/serializers.py
deleted file mode 100644
index 255c15e..0000000
--- a/GroupFive/serializers.py
+++ /dev/null
@@ -1,7 +0,0 @@
-#this file uses serializers to define what information we add to our AnalysisTask model from user
-from rest_framework import serializers
-
-class AnalysisRequestSerializer(serializers.Serializer):
-    code = serializers.CharField() #for input code
-    #language definition of input code, can be commented out if language distinction added later
-    language = serializers.CharField()
diff --git a/GroupFive/tasks.py b/GroupFive/tasks.py
deleted file mode 100644
index 24c186e..0000000
--- a/GroupFive/tasks.py
+++ /dev/null
@@ -1,22 +0,0 @@
-#from celery import shared_task #task queue to handle simultaneous requests, making testing annoying for now can readd later when necessary
-from GroupFive.models import AnalysisTask
-from .dummy_analysis import run_dummy
-
-#@shared_task --from celery, readd later
-def run_analysis_async(task_id):
-
-    #instance of analysisTask
-    task = AnalysisTask.objects.get(id=task_id)
-    task.status = "RUNNING" #update status
-    task.save() #save instance task
-
-    try:
-        #call ai api rather than dummy
-        results = run_dummy(task.input_code, task.language)
-
-        task.results = results #store results
-        task.status = "COMPLETED" #update status
-    except Exception(BaseException) as e:
-        task.status = "FAILED"
-
-    task.save()
\ No newline at end of file
diff --git a/GroupFive/tests.py b/GroupFive/tests.py
deleted file mode 100644
index 5f5da37..0000000
--- a/GroupFive/tests.py
+++ /dev/null
@@ -1,60 +0,0 @@
-from rest_framework.test import APITestCase
-from django.contrib.auth.models import User
-from rest_framework import status
-from .models import *
-from uuid import uuid4
-
-
-class InitialAnalysisTests(APITestCase):
-
-    def setUp(self):
-        #create user
-        self.User = User.objects.create_user(
-            username="username",
-            password="password"
-        )
-        self.client.login(username="username", password="password")
-
-    def test_create_analysisTask(self):
-
-        response = self.client.post("/api/GroupFive/",{
-            "code" : "print('Hello World')", #code to analyze
-            "language" : "Python" #language of code
-        }, format="json")
-
-        self.assertEqual(response.status_code, status.HTTP_200_OK)
-        self.assertIn("task_id", response.data) #task_id in data
-        self.assertEqual(response.data["status"], "QUEUED")
-
-class InitialWorkflowTest(APITestCase):
-
-    def setUp(self):
-        #create user
-        self.User = User.objects.create_user(
-            username="username",
-            password="password"
-        )
-        self.client.login(username="username", password="password")
-
-    def test_initial_workflow(self):
-        response = self.client.post("/api/GroupFive/",{
-            "code" : "print('Hello Again')", #code to analyze
-            "language" : "Python" #language of code
-        }, format="json")
-
-        self.assertEqual(response.status_code, status.HTTP_200_OK)
-
-        task_id = response.data["task_id"]
-
-        task = AnalysisTask.objects.get(id=task_id)
-
-        #confirm that dummy ran
-        self.assertEqual(task.status, "COMPLETED")
-
-        result_response = self.client.get(f"/api/GroupFive/{task_id}")
-
-        #ensure task endpoint
-        self.assertEqual(result_response.status_code, 200)
-
-
-
diff --git a/GroupFive/views.py b/GroupFive/views.py
deleted file mode 100644
index 01cfa8e..0000000
--- a/GroupFive/views.py
+++ /dev/null
@@ -1,42 +0,0 @@
-#all id related lines are noted and can be deleted or changed if user id is skipped or substituted
-from rest_framework.views import APIView
-from rest_framework.response import Response
-from rest_framework.permissions import IsAuthenticated #for user id
-from GroupFive.models import AnalysisTask
-from GroupFive.serializers import AnalysisRequestSerializer
-from .tasks import run_analysis_async
-
-
-#analysis task endpoint
-class AnalysisView(APIView):
-    permission_classes = [IsAuthenticated]
-
-    def post(self, request):
-        serializer = AnalysisRequestSerializer(data=request.data)
-        serializer.is_valid(raise_exception=True) #deserialize, check correct input and format, raises 400 Bad Request on fail
-
-        task = AnalysisTask.objects.create(
-            user=request.user, #user
-            input_code=serializer.validated_data["code"],
-            language=serializer.validated_data["language"],
-            status="QUEUED"
-        )
-
-        run_analysis_async(str(task.id))
-
-        return Response({
-            "task_id": str(task.id),
-            "status": task.status
-        })
-
-#status endpoint
-class StatusView(APIView):
-    permission_classes = [IsAuthenticated]
-
-    def get(self, request, task_id):
-        task = AnalysisTask.objects.get(id=task_id, user=request.user) #user
-
-        return Response({
-            "status": task.status,
-            "summary": task.results if task.status == "COMPLETED" else None
-        })
\ No newline at end of file
diff --git a/config/settings.py b/config/settings.py
index 4a3bd85..dd62635 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -11,6 +11,8 @@
 """
 
 from pathlib import Path
+from decouple import config
+import os
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
@@ -20,7 +22,7 @@
 # See https://docs.djangoproject.com/en/5.0/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'django-insecure-y+j3zht6sr%!!2fg0&-ek^21&)yc+y+5a*-ly+@16$8$px)a$@'
+SECRET_KEY = config('SECRET_KEY')
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
@@ -37,7 +39,7 @@
     'django.contrib.sessions',
     'django.contrib.messages',
     'django.contrib.staticfiles',
-    'GroupFive',
+    'scanner',
     'rest_framework'
 ]
 
@@ -56,7 +58,7 @@
 TEMPLATES = [
     {
         'BACKEND': 'django.template.backends.django.DjangoTemplates',
-        'DIRS': [],
+        'DIRS': [os.path.join(BASE_DIR, 'front-end')],
         'APP_DIRS': True,
         'OPTIONS': {
             'context_processors': [
@@ -75,13 +77,6 @@
 # Database
 # https://docs.djangoproject.com/en/5.0/ref/settings/#databases
 
-DATABASES = {
-    'default': {
-        'ENGINE': 'django.db.backends.sqlite3',
-        'NAME': BASE_DIR / 'db.sqlite3',
-    }
-}
-
 
 # Password validation
 # https://docs.djangoproject.com/en/5.0/ref/settings/#auth-password-validators
@@ -117,9 +112,28 @@
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/5.0/howto/static-files/
 
-STATIC_URL = 'static/'
+STATIC_URL = '/static/'
+
+# if you want to keep front-end/styles & front-end/scripts
+STATICFILES_DIRS = [
+    os.path.join(BASE_DIR, 'front-end'),  # points to the folder that contains scripts/ and styles/
+]
 
 # Default primary key field type
 # https://docs.djangoproject.com/en/5.0/ref/settings/#default-auto-field
 
 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.postgresql',
+        'NAME': config('DB_NAME'),
+        'USER': config('DB_USER'),
+        'PASSWORD': config('DB_PASS'),
+        'HOST': config('DB_HOST'),
+        'PORT': config('DB_PORT', default='5432'),
+        'OPTIONS': {
+            'sslmode': 'require',
+        }
+    }
+}
diff --git a/config/urls.py b/config/urls.py
index a770eb4..197c1e1 100644
--- a/config/urls.py
+++ b/config/urls.py
@@ -14,13 +14,13 @@
     1. Import the include() function: from django.urls import include, path
     2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
 """
-from django.contrib import admin
-from django.urls import path
 
-from GroupFive.views import AnalysisView
+from django.contrib import admin
+from django.urls import path, include
+from django.views.generic import TemplateView
 
 urlpatterns = [
     path('admin/', admin.site.urls),
-    path('api/GroupFive/', AnalysisView.as_view(), name='GroupFive'),
-    path('api/GroupFive/', )
+    path('api/scanner/', include('scanner.urls')),  # include scanner app URLs
+    path('', TemplateView.as_view(template_name="index.html")),
 ]
diff --git a/db.py b/db.py
deleted file mode 100644
index 5afc09b..0000000
--- a/db.py
+++ /dev/null
@@ -1,21 +0,0 @@
-import os
-from sqlalchemy import create_engine
-from sqlalchemy.orm import sessionmaker
-from dotenv import load_dotenv
-
-load_dotenv()
-
-DB_URL = f"postgresql://" \
-         f"{os.getenv('DB_USER')}:" \
-         f"{os.getenv('DB_PASS')}@" \
-         f"{os.getenv('DB_HOST')}:" \
-         f"{os.getenv('DB_PORT')}/" \
-         f"{os.getenv('DB_NAME')}"
-
-engine = create_engine(
-    DB_URL,
-    echo=True,
-    connect_args={"sslmode": "require"}
-)
-
-SessionLocal = sessionmaker(bind=engine)
\ No newline at end of file
diff --git a/front-end/db_queries.html b/front-end/db_queries.html
deleted file mode 100644
index f840170..0000000
--- a/front-end/db_queries.html
+++ /dev/null
@@ -1,32 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-
-<head>
-    <meta charset="UTF-8">
-    <meta name="description" content="">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-    <title>Hello World!</title>
-    <link rel="stylesheet" href="styles/style.css">
-    <script type="text/javascript" src="/eel.js"></script>
-    <script type="text/javascript" src="scripts/main.js"></script>
-
-</head>
-
-<body>
-
-<input type="text" id="num-1" placeholder="Enter number.">
-<input type="text" id="num-2" placeholder="Enter number.">
-<input type="button" class="submit" value="Add" onclick="operate(eel.add)">
-<input type="button" class="submit" value="Subtract" onclick="operate(eel.subtract)">
-<br>
-<br>
-<input type="button" value="Show Users" onclick="loadUsers()">
-<input type="text" id="email" placeholder="Enter email.">
-<input type="text" id="pass" placeholder="Enter password.">
-<input type="button" value="Add User" onclick="addUsers()">
-
-<span id="output"></span>
-</body>
-
-</html>
\ No newline at end of file
diff --git a/front-end/index.html b/front-end/index.html
index f824cb1..0db3cde 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -1,22 +1,21 @@
 <!DOCTYPE html>
+{% load static %}
 <html lang="en">
 <head>
     <meta charset="UTF-8">
-    <title>AutoPen Dashboard</title>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-
-    <!-- External CSS -->
-    <link rel="stylesheet" href="styles/style.css">
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-    <title>Hello World!</title>
-    <link rel="stylesheet" href="styles/style.css">
-    <script type="text/javascript" src="/eel.js"></script>
-    <script type="text/javascript" src="scripts/main.js"></script>
+
+    <title>AutoPen Dashboard</title>
+
+    <!-- CSS -->
+    <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+
+    <!-- JS -->
+    <script type="text/javascript" src="{% static 'scripts/main.js' %}"></script>
 </head>
 <body>
-<input type="text" id="num-1" placeholder="Enter number.">
-<input type="text" id="num-2" placeholder="Enter number.">
+
 
 <div class="sidebar">
     <h2>AutoPen</h2>
diff --git a/front-end/scripts/main.js b/front-end/scripts/main.js
deleted file mode 100644
index 38845f8..0000000
--- a/front-end/scripts/main.js
+++ /dev/null
@@ -1,32 +0,0 @@
-function operate(operator) {
-	var num1 = document.querySelector('#num-1').value;
-	var num2 = document.querySelector('#num-2').value;
-	resultLambda = operator(num1, num2);
-	resultLambda(result => {
-		document.querySelector('#output').innerText = result;
-	});
-}
-
-function loadUsers() {
-	eel.showUsers()(users => {
-		document.querySelector('#output').innerText = JSON.stringify(users, null, 2);
-	});
-}
-
-function addUsers() {
-	var email = document.querySelector('#email').value;
-	var password = document.querySelector('#pass').value;
-
-	eel.addUsers(email, password)(response => {
-		document.querySelector('#output').innerText = response;
-	});
-function askGPT() {
-	const prompt = document.querySelector('#prompt').value;
-
-	document.querySelector('#output').innerText = "Loading...";
-
-	eel.ask_api(prompt)(result => {
-		document.querySelector('#output').innerText = result;
-	});
-
-}
\ No newline at end of file
diff --git a/main.py b/main.py
deleted file mode 100644
index c97d798..0000000
--- a/main.py
+++ /dev/null
@@ -1,70 +0,0 @@
-import eel
-from db import engine
-from sqlalchemy import text
-import bcrypt
-import os
-from dotenv import load_dotenv
-from openai import OpenAI
-#sofia
-#jacob
-#tim
-eel.init('front-end')
-
-try:
-    with engine.connect() as conn:
-        # Run a simple query to test
-        result = conn.execute(text("SELECT NOW();"))
-        print("Connected! Server time:", result.fetchone()[0])
-except Exception as e:
-    print("Connection failed:", e)
-load_dotenv()
-print("API key loaded:", bool(os.getenv("OPENAI_API_KEY")))
-client = OpenAI(api_key=os.getenv("OPENAI_API_KEY"))
-
-@eel.expose
-def ask_api(user_text):
-    print("ask_api received:", user_text)
-
-    resp = client.chat.completions.create(
-            model="gpt-4.1-mini",
-            messages=[{"role": "user", "content": str(user_text)}],
-        )
-
-    answer = resp.choices[0].message.content
-    print("ask_api answer:", answer)
-    return answer
-
-
-
-
-
-@eel.expose
-def add(num1, num2):
-    return int(num1) + int(num2)
-
-@eel.expose
-def subtract(num1, num2):
-    return int(num1) - int(num2)
-
-@eel.expose
-def showUsers():
-     with engine.connect() as conn:
-         result = conn.execute(text("SELECT * FROM users;"))
-         users = result.fetchall()
-         return [dict(row._mapping) for row in users]
-
-@eel.expose
-def addUsers(email, password):
-    #hashing logic here
-    hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
-
-    with engine.begin() as conn:   # auto-commit
-        conn.execute(
-            text("INSERT INTO users (email, password_hash) VALUES (:email, :password)"),
-            {"email": email, "password": hashed}
-        )
-    return "User added successfully"
-
-
-if __name__ == "__main__":
-    eel.start('index.html', size=(1000, 600), mode='safari')
diff --git a/requirements.txt b/requirements.txt
index c5e047d..fec7641 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,9 +1,4 @@
-eel
-pyqrcode
-pyinstaller
-pypng
-autopep8
-psycopg2-binary
-SQLAlchemy
-python-dotenv
-bcrypt
+Django>=4.2
+psycopg2-binary>=2.9
+python-dotenv>=1.0
+bcrypt>=4.0
diff --git a/GroupFive/__init__.py b/scanner/__init__.py
similarity index 100%
rename from GroupFive/__init__.py
rename to scanner/__init__.py
diff --git a/GroupFive/admin.py b/scanner/admin.py
similarity index 100%
rename from GroupFive/admin.py
rename to scanner/admin.py
diff --git a/GroupFive/apps.py b/scanner/apps.py
similarity index 60%
rename from GroupFive/apps.py
rename to scanner/apps.py
index 8220433..9331108 100644
--- a/GroupFive/apps.py
+++ b/scanner/apps.py
@@ -1,6 +1,6 @@
 from django.apps import AppConfig
 
 
-class OurApplicationConfig(AppConfig):
+class ScannerConfig(AppConfig):
     default_auto_field = 'django.db.models.BigAutoField'
-    name = 'GroupFive'
+    name = 'scanner'
diff --git a/scanner/migrations/0001_initial.py b/scanner/migrations/0001_initial.py
new file mode 100644
index 0000000..6019db1
--- /dev/null
+++ b/scanner/migrations/0001_initial.py
@@ -0,0 +1,77 @@
+# Generated by Django 5.1.2 on 2026-03-19 19:10
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='CodeSubmission',
+            fields=[
+                ('submission_id', models.AutoField(primary_key=True, serialize=False)),
+                ('submission_name', models.CharField(blank=True, max_length=255, null=True)),
+                ('uploaded_at', models.DateTimeField(auto_now_add=True)),
+                ('overall_risk_score', models.DecimalField(blank=True, decimal_places=2, max_digits=5, null=True)),
+                ('simplified_summary', models.TextField(blank=True, null=True)),
+                ('detailed_summary', models.TextField(blank=True, null=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='CWE',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('cwe_id', models.CharField(max_length=50, unique=True)),
+                ('name', models.TextField()),
+                ('description', models.TextField(blank=True, null=True)),
+                ('cvss_version', models.CharField(default='3.1', max_length=10)),
+                ('average_score', models.DecimalField(decimal_places=2, max_digits=5)),
+                ('severity', models.CharField(blank=True, max_length=20, null=True)),
+                ('categories', models.TextField(blank=True, null=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('user_id', models.AutoField(primary_key=True, serialize=False)),
+                ('email', models.CharField(max_length=255, unique=True)),
+                ('password_hash', models.TextField()),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='File',
+            fields=[
+                ('file_id', models.AutoField(primary_key=True, serialize=False)),
+                ('file_name', models.CharField(max_length=255)),
+                ('file_path', models.TextField()),
+                ('file_type', models.CharField(blank=True, max_length=100, null=True)),
+                ('submission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='files', to='scanner.codesubmission')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Threat',
+            fields=[
+                ('threat_id', models.AutoField(primary_key=True, serialize=False)),
+                ('title', models.CharField(max_length=255)),
+                ('description', models.TextField(blank=True, null=True)),
+                ('severity_level', models.CharField(choices=[('Low', 'Low'), ('Medium', 'Medium'), ('High', 'High'), ('Critical', 'Critical')], max_length=10)),
+                ('severity_score', models.DecimalField(blank=True, decimal_places=2, max_digits=5, null=True)),
+                ('recommendation', models.TextField(blank=True, null=True)),
+                ('line_number', models.IntegerField(blank=True, null=True)),
+                ('file', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='threats', to='scanner.file')),
+                ('submission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='threats', to='scanner.codesubmission')),
+            ],
+        ),
+        migrations.AddField(
+            model_name='codesubmission',
+            name='user',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='submissions', to='scanner.user'),
+        ),
+    ]
diff --git a/GroupFive/migrations/__init__.py b/scanner/migrations/__init__.py
similarity index 100%
rename from GroupFive/migrations/__init__.py
rename to scanner/migrations/__init__.py
diff --git a/scanner/models.py b/scanner/models.py
new file mode 100644
index 0000000..b66898d
--- /dev/null
+++ b/scanner/models.py
@@ -0,0 +1,81 @@
+from django.db import models
+
+# -------------------
+# Users
+# -------------------
+class User(models.Model):
+    user_id = models.AutoField(primary_key=True)
+    email = models.CharField(max_length=255, unique=True)
+    password_hash = models.TextField()
+    created_at = models.DateTimeField(auto_now_add=True)
+
+    def __str__(self):
+        return self.email
+
+# -------------------
+# Code Submissions
+# -------------------
+class CodeSubmission(models.Model):
+    submission_id = models.AutoField(primary_key=True)
+    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='submissions')
+    submission_name = models.CharField(max_length=255, null=True, blank=True)
+    uploaded_at = models.DateTimeField(auto_now_add=True)
+    overall_risk_score = models.DecimalField(max_digits=5, decimal_places=2, null=True, blank=True)
+    simplified_summary = models.TextField(null=True, blank=True)
+    detailed_summary = models.TextField(null=True, blank=True)
+
+    def __str__(self):
+        return f"{self.submission_name} by {self.user.email}"
+
+# -------------------
+# Files
+# -------------------
+class File(models.Model):
+    file_id = models.AutoField(primary_key=True)
+    submission = models.ForeignKey(CodeSubmission, on_delete=models.CASCADE, related_name='files')
+    file_name = models.CharField(max_length=255)
+    file_path = models.TextField()
+    file_type = models.CharField(max_length=100, null=True, blank=True)
+
+    def __str__(self):
+        return self.file_name
+
+# -------------------
+# Threats
+# -------------------
+class Threat(models.Model):
+    SEVERITY_CHOICES = [
+        ('Low', 'Low'),
+        ('Medium', 'Medium'),
+        ('High', 'High'),
+        ('Critical', 'Critical'),
+    ]
+
+    threat_id = models.AutoField(primary_key=True)
+    submission = models.ForeignKey(CodeSubmission, on_delete=models.CASCADE, related_name='threats')
+    file = models.ForeignKey(File, on_delete=models.SET_NULL, null=True, blank=True, related_name='threats')
+    title = models.CharField(max_length=255)
+    description = models.TextField(null=True, blank=True)
+    severity_level = models.CharField(max_length=10, choices=SEVERITY_CHOICES)
+    severity_score = models.DecimalField(max_digits=5, decimal_places=2, null=True, blank=True)
+    recommendation = models.TextField(null=True, blank=True)
+    line_number = models.IntegerField(null=True, blank=True)
+
+    def __str__(self):
+        return f"{self.title} ({self.severity_level})"
+
+# -------------------
+# CWE Reference
+# -------------------
+class CWE(models.Model):
+    cwe_id = models.CharField(max_length=50, unique=True)
+    name = models.TextField()
+    description = models.TextField(null=True, blank=True)
+    cvss_version = models.CharField(max_length=10, default='3.1')
+    average_score = models.DecimalField(max_digits=5, decimal_places=2)
+    severity = models.CharField(max_length=20, null=True, blank=True)
+    categories = models.TextField(null=True, blank=True)
+
+    def __str__(self):
+        return f"{self.cwe_id} - {self.name}"
+
diff --git a/scanner/serializers.py b/scanner/serializers.py
new file mode 100644
index 0000000..896f234
--- /dev/null
+++ b/scanner/serializers.py
@@ -0,0 +1,26 @@
+from rest_framework import serializers
+from .models import CodeSubmission, File, Threat
+
+# -------------------
+# Serializer for submitting new code
+# -------------------
+class CodeSubmissionSerializer(serializers.ModelSerializer):
+    code = serializers.CharField(write_only=True)  # user input code
+    submission_name = serializers.CharField(required=False, allow_blank=True)
+
+    class Meta:
+        model = CodeSubmission
+        fields = ['submission_name', 'code']
+
+    def create(self, validated_data):
+        # We'll store the "code" as a single File for simplicity
+        code_text = validated_data.pop('code')
+        submission = CodeSubmission.objects.create(**validated_data)
+        File.objects.create(
+            submission=submission,
+            file_name=validated_data.get('submission_name', 'unnamed.py'),
+            file_path='',
+            file_type='code',
+        )
+        # Optionally, you can attach code_text somewhere (DB or AI service)
+        return submission
\ No newline at end of file
diff --git a/scanner/services/ai_service.py b/scanner/services/ai_service.py
new file mode 100644
index 0000000..d8ea995
--- /dev/null
+++ b/scanner/services/ai_service.py
@@ -0,0 +1,13 @@
+import os
+from openai import OpenAI
+from decouple import config
+
+client = OpenAI(api_key=config("OPENAI_API_KEY"))
+
+def ask_ai(user_text):
+    resp = client.chat.completions.create(
+        model="gpt-4.1-mini",
+        messages=[{"role": "user", "content": str(user_text)}],
+    )
+
+    return resp.choices[0].message.content
\ No newline at end of file
diff --git a/GroupFive/dummy_analysis.py b/scanner/services/dummy_analysis.py
similarity index 99%
rename from GroupFive/dummy_analysis.py
rename to scanner/services/dummy_analysis.py
index 992ba89..8142b40 100644
--- a/GroupFive/dummy_analysis.py
+++ b/scanner/services/dummy_analysis.py
@@ -1,4 +1,3 @@
-
 def run_dummy(code, language):
 
     return {
diff --git a/scanner/services/user_services.py b/scanner/services/user_services.py
new file mode 100644
index 0000000..8ba9d0f
--- /dev/null
+++ b/scanner/services/user_services.py
@@ -0,0 +1,9 @@
+from django.contrib.auth.models import User
+
+def create_user(email, password):
+    user = User.objects.create_user(
+        username=email,
+        email=email,
+        password=password
+    )
+    return user
\ No newline at end of file
diff --git a/scanner/tasks.py b/scanner/tasks.py
new file mode 100644
index 0000000..457d809
--- /dev/null
+++ b/scanner/tasks.py
@@ -0,0 +1,43 @@
+from .models import CodeSubmission, File, Threat
+from .services.dummy_analysis import run_dummy
+
+def run_analysis_sync(submission_id):
+    """
+    Runs code analysis on a given CodeSubmission.
+    Updates submission with dummy results and creates Threat records.
+    """
+
+    submission = CodeSubmission.objects.get(submission_id=submission_id)
+
+    # For status tracking, we could add a 'status' field if desired
+    # submission.status = "RUNNING"
+    # submission.save()
+
+    try:
+        # Assume analyzing the first file for simplicity
+        file_obj = submission.files.first()
+        code_text = ""  # replace with actual file reading if needed
+
+        # Call dummy analysis
+        results = run_dummy(code_text, "python")  # language can be dynamic
+
+        # Save results in submission (simplified summary + detailed)
+        submission.simplified_summary = results.get("summary", "")
+        submission.detailed_summary = str(results.get("findings", []))
+        submission.save()
+
+        # Create Threat objects from findings
+        for finding in results.get("findings", []):
+            Threat.objects.create(
+                submission=submission,
+                file=file_obj,
+                title=finding.get("description", "Unnamed Threat"),
+                description=finding.get("description", ""),
+                severity_level=finding.get("severity", "Low"),
+                recommendation=finding.get("fix", ""),
+            )
+
+    except Exception as e:
+        # handle failures, e.g., logging
+        print(f"Analysis failed for submission {submission_id}: {e}")
+        # optionally mark submission as failed
\ No newline at end of file
diff --git a/scanner/tests.py b/scanner/tests.py
new file mode 100644
index 0000000..d248458
--- /dev/null
+++ b/scanner/tests.py
@@ -0,0 +1,58 @@
+from django.test import TestCase
+
+# Create your tests here.
+from rest_framework.test import APITestCase
+from django.contrib.auth import get_user_model
+from rest_framework import status
+from .models import CodeSubmission, File, Threat
+from .tasks import run_analysis_sync
+
+User = get_user_model()
+
+class CodeSubmissionTests(APITestCase):
+
+    def setUp(self):
+        # create a test user
+        self.user = User.objects.create(
+            email="testuser@example.com",
+            password_hash="hashedpassword"
+        )
+        # log in manually if using session auth, or skip if using token auth
+        self.client.force_authenticate(user=self.user)
+
+    def test_create_submission(self):
+        response = self.client.post("/api/scanner/", {
+            "submission_name": "hello.py",
+            "code": "print('Hello World')"
+        }, format="json")
+
+        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
+        self.assertIn("submission_id", response.data)
+
+    def test_workflow(self):
+        # create submission
+        submission = CodeSubmission.objects.create(
+            user=self.user,
+            submission_name="hello_again.py"
+        )
+
+        # create associated file
+        File.objects.create(
+            submission=submission,
+            file_name="hello_again.py",
+            file_path="",
+            file_type="code"
+        )
+
+        # run dummy analysis
+        run_analysis_sync(submission.submission_id)
+
+        # refresh from DB
+        submission.refresh_from_db()
+
+        # confirm dummy analysis populated summaries
+        self.assertTrue(submission.simplified_summary)
+        self.assertTrue(submission.detailed_summary)
+
+        # confirm threats created
+        self.assertGreaterEqual(submission.threats.count(), 1)
diff --git a/scanner/urls.py b/scanner/urls.py
new file mode 100644
index 0000000..124af50
--- /dev/null
+++ b/scanner/urls.py
@@ -0,0 +1,10 @@
+from django.urls import path
+from .views import SubmissionView, SubmissionStatusView
+
+urlpatterns = [
+    # Create a new code submission and run analysis
+    path('', SubmissionView.as_view(), name='create_submission'),
+
+    # Check status / get results of a submission
+    path('<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
+]
\ No newline at end of file
diff --git a/scanner/views.py b/scanner/views.py
new file mode 100644
index 0000000..ae7f39d
--- /dev/null
+++ b/scanner/views.py
@@ -0,0 +1,68 @@
+from django.shortcuts import render
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework.permissions import IsAuthenticated
+from .models import CodeSubmission, File, Threat
+from .serializers import CodeSubmissionSerializer
+from .tasks import run_analysis_sync
+from django.http import JsonResponse
+import json
+from .services.ai_service import ask_ai
+
+def ask_ai_view(request):
+    if request.method == "POST":
+        data = json.loads(request.body)
+        user_text = data.get("message")
+
+        response = ask_ai(user_text)
+
+        return JsonResponse({"response": response})
+
+# -------------------
+# Create a new code submission and run analysis
+# -------------------
+class SubmissionView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request):
+        serializer = CodeSubmissionSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+
+        # create submission
+        submission = serializer.save(user=request.user)
+
+        # run analysis (sync for now)
+        run_analysis_sync(submission.submission_id)
+
+        return Response({
+            "submission_id": submission.submission_id,
+            "simplified_summary": submission.simplified_summary
+        }, status=201)
+
+# -------------------
+# Check status and results of a submission
+# -------------------
+class SubmissionStatusView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request, submission_id):
+        try:
+            submission = CodeSubmission.objects.get(submission_id=submission_id, user=request.user)
+        except CodeSubmission.DoesNotExist:
+            return Response({"error": "Submission not found"}, status=404)
+
+        # If threats exist, include them in the response
+        threats = [
+            {
+                "title": t.title,
+                "severity": t.severity_level,
+                "recommendation": t.recommendation
+            }
+            for t in submission.threats.all()
+        ]
+
+        return Response({
+            "submission_id": submission.submission_id,
+            "simplified_summary": submission.simplified_summary,
+            "threats": threats
+        })
diff --git a/testquery.py b/testquery.py
deleted file mode 100644
index 80e1505..0000000
--- a/testquery.py
+++ /dev/null
@@ -1,15 +0,0 @@
-from sqlalchemy import text
-from db import engine
-
-try:
-    with engine.connect() as conn:
-        # Run a simple query to test
-        result = conn.execute(text("SELECT NOW();"))
-        print("Connected! Server time:", result.fetchone()[0])
-except Exception as e:
-    print("Connection failed:", e)
-
-with engine.connect() as conn:
-    #conn.execute(text("INSERT INTO users(email, password_hash) VALUES ('test2@example.com', '1A2B3C');"))
-    result = conn.execute(text("SELECT * FROM users;"))
-    print(result.fetchall())
\ No newline at end of file

From 5458ff4a6452a3813caa5d26dc2cb6923f982136 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Thu, 19 Mar 2026 15:08:16 -0500
Subject: [PATCH 25/41] merge conflicts ahaha

---
 api/admin.py                                  |  3 +
 api/apps.py                                   |  6 ++
 api/dummy_analysis.py                         |  1 -
 api/migrations/0001_initial.py                |  0
 api/models.py                                 | 81 +++++++++++++++++++
 api/serializers.py                            | 26 ++++++
 {scanner => api}/services/ai_service.py       |  0
 {scanner => api}/services/dummy_analysis.py   |  0
 {scanner => api}/services/user_services.py    |  0
 api/tasks.py                                  | 43 ++++++++++
 api/tests.py                                  | 58 +++++++++++++
 api/urls.py                                   | 10 ++-
 prescan.py => api/utils/prescan.py            |  0
 .../utils/prescan_report.json                 |  0
 api/views.py                                  | 77 ++++++++++++++++++
 config/settings.py                            |  4 +-
 config/urls.py                                |  2 +-
 front-end/scripts/main.js                     |  0
 requirements.txt                              |  2 +-
 scanner/__init__.py                           |  0
 scanner/admin.py                              |  3 -
 scanner/apps.py                               |  6 --
 scanner/migrations/0001_initial.py            | 77 ------------------
 scanner/migrations/__init__.py                |  0
 scanner/models.py                             | 81 -------------------
 scanner/serializers.py                        | 26 ------
 scanner/tasks.py                              | 43 ----------
 scanner/tests.py                              | 58 -------------
 scanner/urls.py                               | 10 ---
 scanner/views.py                              | 68 ----------------
 30 files changed, 305 insertions(+), 380 deletions(-)
 delete mode 100644 api/dummy_analysis.py
 delete mode 100644 api/migrations/0001_initial.py
 rename {scanner => api}/services/ai_service.py (100%)
 rename {scanner => api}/services/dummy_analysis.py (100%)
 rename {scanner => api}/services/user_services.py (100%)
 rename prescan.py => api/utils/prescan.py (100%)
 rename prescan_report.json => api/utils/prescan_report.json (100%)
 delete mode 100644 front-end/scripts/main.js
 delete mode 100644 scanner/__init__.py
 delete mode 100644 scanner/admin.py
 delete mode 100644 scanner/apps.py
 delete mode 100644 scanner/migrations/0001_initial.py
 delete mode 100644 scanner/migrations/__init__.py
 delete mode 100644 scanner/models.py
 delete mode 100644 scanner/serializers.py
 delete mode 100644 scanner/tasks.py
 delete mode 100644 scanner/tests.py
 delete mode 100644 scanner/urls.py
 delete mode 100644 scanner/views.py

diff --git a/api/admin.py b/api/admin.py
index e69de29..8c38f3f 100644
--- a/api/admin.py
+++ b/api/admin.py
@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.
diff --git a/api/apps.py b/api/apps.py
index e69de29..aafb282 100644
--- a/api/apps.py
+++ b/api/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class ScannerConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'api'
diff --git a/api/dummy_analysis.py b/api/dummy_analysis.py
deleted file mode 100644
index 3713023..0000000
--- a/api/dummy_analysis.py
+++ /dev/null
@@ -1 +0,0 @@
-def run_dummy(code, language):
diff --git a/api/migrations/0001_initial.py b/api/migrations/0001_initial.py
deleted file mode 100644
index e69de29..0000000
diff --git a/api/models.py b/api/models.py
index e69de29..b66898d 100644
--- a/api/models.py
+++ b/api/models.py
@@ -0,0 +1,81 @@
+from django.db import models
+
+# -------------------
+# Users
+# -------------------
+class User(models.Model):
+    user_id = models.AutoField(primary_key=True)
+    email = models.CharField(max_length=255, unique=True)
+    password_hash = models.TextField()
+    created_at = models.DateTimeField(auto_now_add=True)
+
+    def __str__(self):
+        return self.email
+
+# -------------------
+# Code Submissions
+# -------------------
+class CodeSubmission(models.Model):
+    submission_id = models.AutoField(primary_key=True)
+    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='submissions')
+    submission_name = models.CharField(max_length=255, null=True, blank=True)
+    uploaded_at = models.DateTimeField(auto_now_add=True)
+    overall_risk_score = models.DecimalField(max_digits=5, decimal_places=2, null=True, blank=True)
+    simplified_summary = models.TextField(null=True, blank=True)
+    detailed_summary = models.TextField(null=True, blank=True)
+
+    def __str__(self):
+        return f"{self.submission_name} by {self.user.email}"
+
+# -------------------
+# Files
+# -------------------
+class File(models.Model):
+    file_id = models.AutoField(primary_key=True)
+    submission = models.ForeignKey(CodeSubmission, on_delete=models.CASCADE, related_name='files')
+    file_name = models.CharField(max_length=255)
+    file_path = models.TextField()
+    file_type = models.CharField(max_length=100, null=True, blank=True)
+
+    def __str__(self):
+        return self.file_name
+
+# -------------------
+# Threats
+# -------------------
+class Threat(models.Model):
+    SEVERITY_CHOICES = [
+        ('Low', 'Low'),
+        ('Medium', 'Medium'),
+        ('High', 'High'),
+        ('Critical', 'Critical'),
+    ]
+
+    threat_id = models.AutoField(primary_key=True)
+    submission = models.ForeignKey(CodeSubmission, on_delete=models.CASCADE, related_name='threats')
+    file = models.ForeignKey(File, on_delete=models.SET_NULL, null=True, blank=True, related_name='threats')
+    title = models.CharField(max_length=255)
+    description = models.TextField(null=True, blank=True)
+    severity_level = models.CharField(max_length=10, choices=SEVERITY_CHOICES)
+    severity_score = models.DecimalField(max_digits=5, decimal_places=2, null=True, blank=True)
+    recommendation = models.TextField(null=True, blank=True)
+    line_number = models.IntegerField(null=True, blank=True)
+
+    def __str__(self):
+        return f"{self.title} ({self.severity_level})"
+
+# -------------------
+# CWE Reference
+# -------------------
+class CWE(models.Model):
+    cwe_id = models.CharField(max_length=50, unique=True)
+    name = models.TextField()
+    description = models.TextField(null=True, blank=True)
+    cvss_version = models.CharField(max_length=10, default='3.1')
+    average_score = models.DecimalField(max_digits=5, decimal_places=2)
+    severity = models.CharField(max_length=20, null=True, blank=True)
+    categories = models.TextField(null=True, blank=True)
+
+    def __str__(self):
+        return f"{self.cwe_id} - {self.name}"
+
diff --git a/api/serializers.py b/api/serializers.py
index e69de29..896f234 100644
--- a/api/serializers.py
+++ b/api/serializers.py
@@ -0,0 +1,26 @@
+from rest_framework import serializers
+from .models import CodeSubmission, File, Threat
+
+# -------------------
+# Serializer for submitting new code
+# -------------------
+class CodeSubmissionSerializer(serializers.ModelSerializer):
+    code = serializers.CharField(write_only=True)  # user input code
+    submission_name = serializers.CharField(required=False, allow_blank=True)
+
+    class Meta:
+        model = CodeSubmission
+        fields = ['submission_name', 'code']
+
+    def create(self, validated_data):
+        # We'll store the "code" as a single File for simplicity
+        code_text = validated_data.pop('code')
+        submission = CodeSubmission.objects.create(**validated_data)
+        File.objects.create(
+            submission=submission,
+            file_name=validated_data.get('submission_name', 'unnamed.py'),
+            file_path='',
+            file_type='code',
+        )
+        # Optionally, you can attach code_text somewhere (DB or AI service)
+        return submission
\ No newline at end of file
diff --git a/scanner/services/ai_service.py b/api/services/ai_service.py
similarity index 100%
rename from scanner/services/ai_service.py
rename to api/services/ai_service.py
diff --git a/scanner/services/dummy_analysis.py b/api/services/dummy_analysis.py
similarity index 100%
rename from scanner/services/dummy_analysis.py
rename to api/services/dummy_analysis.py
diff --git a/scanner/services/user_services.py b/api/services/user_services.py
similarity index 100%
rename from scanner/services/user_services.py
rename to api/services/user_services.py
diff --git a/api/tasks.py b/api/tasks.py
index e69de29..457d809 100644
--- a/api/tasks.py
+++ b/api/tasks.py
@@ -0,0 +1,43 @@
+from .models import CodeSubmission, File, Threat
+from .services.dummy_analysis import run_dummy
+
+def run_analysis_sync(submission_id):
+    """
+    Runs code analysis on a given CodeSubmission.
+    Updates submission with dummy results and creates Threat records.
+    """
+
+    submission = CodeSubmission.objects.get(submission_id=submission_id)
+
+    # For status tracking, we could add a 'status' field if desired
+    # submission.status = "RUNNING"
+    # submission.save()
+
+    try:
+        # Assume analyzing the first file for simplicity
+        file_obj = submission.files.first()
+        code_text = ""  # replace with actual file reading if needed
+
+        # Call dummy analysis
+        results = run_dummy(code_text, "python")  # language can be dynamic
+
+        # Save results in submission (simplified summary + detailed)
+        submission.simplified_summary = results.get("summary", "")
+        submission.detailed_summary = str(results.get("findings", []))
+        submission.save()
+
+        # Create Threat objects from findings
+        for finding in results.get("findings", []):
+            Threat.objects.create(
+                submission=submission,
+                file=file_obj,
+                title=finding.get("description", "Unnamed Threat"),
+                description=finding.get("description", ""),
+                severity_level=finding.get("severity", "Low"),
+                recommendation=finding.get("fix", ""),
+            )
+
+    except Exception as e:
+        # handle failures, e.g., logging
+        print(f"Analysis failed for submission {submission_id}: {e}")
+        # optionally mark submission as failed
\ No newline at end of file
diff --git a/api/tests.py b/api/tests.py
index e69de29..d248458 100644
--- a/api/tests.py
+++ b/api/tests.py
@@ -0,0 +1,58 @@
+from django.test import TestCase
+
+# Create your tests here.
+from rest_framework.test import APITestCase
+from django.contrib.auth import get_user_model
+from rest_framework import status
+from .models import CodeSubmission, File, Threat
+from .tasks import run_analysis_sync
+
+User = get_user_model()
+
+class CodeSubmissionTests(APITestCase):
+
+    def setUp(self):
+        # create a test user
+        self.user = User.objects.create(
+            email="testuser@example.com",
+            password_hash="hashedpassword"
+        )
+        # log in manually if using session auth, or skip if using token auth
+        self.client.force_authenticate(user=self.user)
+
+    def test_create_submission(self):
+        response = self.client.post("/api/scanner/", {
+            "submission_name": "hello.py",
+            "code": "print('Hello World')"
+        }, format="json")
+
+        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
+        self.assertIn("submission_id", response.data)
+
+    def test_workflow(self):
+        # create submission
+        submission = CodeSubmission.objects.create(
+            user=self.user,
+            submission_name="hello_again.py"
+        )
+
+        # create associated file
+        File.objects.create(
+            submission=submission,
+            file_name="hello_again.py",
+            file_path="",
+            file_type="code"
+        )
+
+        # run dummy analysis
+        run_analysis_sync(submission.submission_id)
+
+        # refresh from DB
+        submission.refresh_from_db()
+
+        # confirm dummy analysis populated summaries
+        self.assertTrue(submission.simplified_summary)
+        self.assertTrue(submission.detailed_summary)
+
+        # confirm threats created
+        self.assertGreaterEqual(submission.threats.count(), 1)
diff --git a/api/urls.py b/api/urls.py
index 5dd7cb6..124af50 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -1,8 +1,10 @@
-from django.contrib.auth import get_user
 from django.urls import path
-from .views import *
+from .views import SubmissionView, SubmissionStatusView
 
 urlpatterns = [
-    path("analysis/", AnalysisView.as_view(), name="analysis"),
-    path("analysis/<uuid:task_id>/", StatusView.as_view(), name="analysis-status"),
+    # Create a new code submission and run analysis
+    path('', SubmissionView.as_view(), name='create_submission'),
+
+    # Check status / get results of a submission
+    path('<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
 ]
\ No newline at end of file
diff --git a/prescan.py b/api/utils/prescan.py
similarity index 100%
rename from prescan.py
rename to api/utils/prescan.py
diff --git a/prescan_report.json b/api/utils/prescan_report.json
similarity index 100%
rename from prescan_report.json
rename to api/utils/prescan_report.json
diff --git a/api/views.py b/api/views.py
index e69de29..903e745 100644
--- a/api/views.py
+++ b/api/views.py
@@ -0,0 +1,77 @@
+from django.shortcuts import render
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework.permissions import IsAuthenticated
+from .models import CodeSubmission, File, Threat
+from .serializers import CodeSubmissionSerializer
+from .tasks import run_analysis_sync
+from django.http import JsonResponse
+import json
+from .services.ai_service import ask_ai
+
+def ask_ai_view(request):
+    if request.method == "POST":
+        data = json.loads(request.body)
+        user_text = data.get("message")
+
+        response = ask_ai(user_text)
+
+        return JsonResponse({"response": response})
+
+def scan_view(request):
+    target_path = "/path/to/code"  # you could get this from request.POST
+    report = {
+        "input_path": str(Path(target_path).resolve()),
+        "semgrep": run_semgrep(target_path),
+        "gitleaks": run_gitleaks(target_path),
+    }
+    return JsonResponse(report)
+
+# -------------------
+# Create a new code submission and run analysis
+# -------------------
+class SubmissionView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request):
+        serializer = CodeSubmissionSerializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+
+        # create submission
+        submission = serializer.save(user=request.user)
+
+        # run analysis (sync for now)
+        run_analysis_sync(submission.submission_id)
+
+        return Response({
+            "submission_id": submission.submission_id,
+            "simplified_summary": submission.simplified_summary
+        }, status=201)
+
+# -------------------
+# Check status and results of a submission
+# -------------------
+class SubmissionStatusView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request, submission_id):
+        try:
+            submission = CodeSubmission.objects.get(submission_id=submission_id, user=request.user)
+        except CodeSubmission.DoesNotExist:
+            return Response({"error": "Submission not found"}, status=404)
+
+        # If threats exist, include them in the response
+        threats = [
+            {
+                "title": t.title,
+                "severity": t.severity_level,
+                "recommendation": t.recommendation
+            }
+            for t in submission.threats.all()
+        ]
+
+        return Response({
+            "submission_id": submission.submission_id,
+            "simplified_summary": submission.simplified_summary,
+            "threats": threats
+        })
diff --git a/config/settings.py b/config/settings.py
index fcf33c5..311115a 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -11,6 +11,8 @@
 """
 
 from pathlib import Path
+from decouple import config
+import os
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
@@ -37,7 +39,7 @@
     'django.contrib.sessions',
     'django.contrib.messages',
     'django.contrib.staticfiles',
-    'scanner',
+    'api',
     'rest_framework'
 ]
 
diff --git a/config/urls.py b/config/urls.py
index 197c1e1..9723a9c 100644
--- a/config/urls.py
+++ b/config/urls.py
@@ -21,6 +21,6 @@
 
 urlpatterns = [
     path('admin/', admin.site.urls),
-    path('api/scanner/', include('scanner.urls')),  # include scanner app URLs
+    path('api/', include('api.urls')),
     path('', TemplateView.as_view(template_name="index.html")),
 ]
diff --git a/front-end/scripts/main.js b/front-end/scripts/main.js
deleted file mode 100644
index e69de29..0000000
diff --git a/requirements.txt b/requirements.txt
index fec7641..86b0c91 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,4 @@
 Django>=4.2
 psycopg2-binary>=2.9
 python-dotenv>=1.0
-bcrypt>=4.0
+bcrypt>=4.0s
\ No newline at end of file
diff --git a/scanner/__init__.py b/scanner/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/scanner/admin.py b/scanner/admin.py
deleted file mode 100644
index 8c38f3f..0000000
--- a/scanner/admin.py
+++ /dev/null
@@ -1,3 +0,0 @@
-from django.contrib import admin
-
-# Register your models here.
diff --git a/scanner/apps.py b/scanner/apps.py
deleted file mode 100644
index 9331108..0000000
--- a/scanner/apps.py
+++ /dev/null
@@ -1,6 +0,0 @@
-from django.apps import AppConfig
-
-
-class ScannerConfig(AppConfig):
-    default_auto_field = 'django.db.models.BigAutoField'
-    name = 'scanner'
diff --git a/scanner/migrations/0001_initial.py b/scanner/migrations/0001_initial.py
deleted file mode 100644
index 6019db1..0000000
--- a/scanner/migrations/0001_initial.py
+++ /dev/null
@@ -1,77 +0,0 @@
-# Generated by Django 5.1.2 on 2026-03-19 19:10
-
-import django.db.models.deletion
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    initial = True
-
-    dependencies = [
-    ]
-
-    operations = [
-        migrations.CreateModel(
-            name='CodeSubmission',
-            fields=[
-                ('submission_id', models.AutoField(primary_key=True, serialize=False)),
-                ('submission_name', models.CharField(blank=True, max_length=255, null=True)),
-                ('uploaded_at', models.DateTimeField(auto_now_add=True)),
-                ('overall_risk_score', models.DecimalField(blank=True, decimal_places=2, max_digits=5, null=True)),
-                ('simplified_summary', models.TextField(blank=True, null=True)),
-                ('detailed_summary', models.TextField(blank=True, null=True)),
-            ],
-        ),
-        migrations.CreateModel(
-            name='CWE',
-            fields=[
-                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('cwe_id', models.CharField(max_length=50, unique=True)),
-                ('name', models.TextField()),
-                ('description', models.TextField(blank=True, null=True)),
-                ('cvss_version', models.CharField(default='3.1', max_length=10)),
-                ('average_score', models.DecimalField(decimal_places=2, max_digits=5)),
-                ('severity', models.CharField(blank=True, max_length=20, null=True)),
-                ('categories', models.TextField(blank=True, null=True)),
-            ],
-        ),
-        migrations.CreateModel(
-            name='User',
-            fields=[
-                ('user_id', models.AutoField(primary_key=True, serialize=False)),
-                ('email', models.CharField(max_length=255, unique=True)),
-                ('password_hash', models.TextField()),
-                ('created_at', models.DateTimeField(auto_now_add=True)),
-            ],
-        ),
-        migrations.CreateModel(
-            name='File',
-            fields=[
-                ('file_id', models.AutoField(primary_key=True, serialize=False)),
-                ('file_name', models.CharField(max_length=255)),
-                ('file_path', models.TextField()),
-                ('file_type', models.CharField(blank=True, max_length=100, null=True)),
-                ('submission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='files', to='scanner.codesubmission')),
-            ],
-        ),
-        migrations.CreateModel(
-            name='Threat',
-            fields=[
-                ('threat_id', models.AutoField(primary_key=True, serialize=False)),
-                ('title', models.CharField(max_length=255)),
-                ('description', models.TextField(blank=True, null=True)),
-                ('severity_level', models.CharField(choices=[('Low', 'Low'), ('Medium', 'Medium'), ('High', 'High'), ('Critical', 'Critical')], max_length=10)),
-                ('severity_score', models.DecimalField(blank=True, decimal_places=2, max_digits=5, null=True)),
-                ('recommendation', models.TextField(blank=True, null=True)),
-                ('line_number', models.IntegerField(blank=True, null=True)),
-                ('file', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='threats', to='scanner.file')),
-                ('submission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='threats', to='scanner.codesubmission')),
-            ],
-        ),
-        migrations.AddField(
-            model_name='codesubmission',
-            name='user',
-            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='submissions', to='scanner.user'),
-        ),
-    ]
diff --git a/scanner/migrations/__init__.py b/scanner/migrations/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/scanner/models.py b/scanner/models.py
deleted file mode 100644
index b66898d..0000000
--- a/scanner/models.py
+++ /dev/null
@@ -1,81 +0,0 @@
-from django.db import models
-
-# -------------------
-# Users
-# -------------------
-class User(models.Model):
-    user_id = models.AutoField(primary_key=True)
-    email = models.CharField(max_length=255, unique=True)
-    password_hash = models.TextField()
-    created_at = models.DateTimeField(auto_now_add=True)
-
-    def __str__(self):
-        return self.email
-
-# -------------------
-# Code Submissions
-# -------------------
-class CodeSubmission(models.Model):
-    submission_id = models.AutoField(primary_key=True)
-    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='submissions')
-    submission_name = models.CharField(max_length=255, null=True, blank=True)
-    uploaded_at = models.DateTimeField(auto_now_add=True)
-    overall_risk_score = models.DecimalField(max_digits=5, decimal_places=2, null=True, blank=True)
-    simplified_summary = models.TextField(null=True, blank=True)
-    detailed_summary = models.TextField(null=True, blank=True)
-
-    def __str__(self):
-        return f"{self.submission_name} by {self.user.email}"
-
-# -------------------
-# Files
-# -------------------
-class File(models.Model):
-    file_id = models.AutoField(primary_key=True)
-    submission = models.ForeignKey(CodeSubmission, on_delete=models.CASCADE, related_name='files')
-    file_name = models.CharField(max_length=255)
-    file_path = models.TextField()
-    file_type = models.CharField(max_length=100, null=True, blank=True)
-
-    def __str__(self):
-        return self.file_name
-
-# -------------------
-# Threats
-# -------------------
-class Threat(models.Model):
-    SEVERITY_CHOICES = [
-        ('Low', 'Low'),
-        ('Medium', 'Medium'),
-        ('High', 'High'),
-        ('Critical', 'Critical'),
-    ]
-
-    threat_id = models.AutoField(primary_key=True)
-    submission = models.ForeignKey(CodeSubmission, on_delete=models.CASCADE, related_name='threats')
-    file = models.ForeignKey(File, on_delete=models.SET_NULL, null=True, blank=True, related_name='threats')
-    title = models.CharField(max_length=255)
-    description = models.TextField(null=True, blank=True)
-    severity_level = models.CharField(max_length=10, choices=SEVERITY_CHOICES)
-    severity_score = models.DecimalField(max_digits=5, decimal_places=2, null=True, blank=True)
-    recommendation = models.TextField(null=True, blank=True)
-    line_number = models.IntegerField(null=True, blank=True)
-
-    def __str__(self):
-        return f"{self.title} ({self.severity_level})"
-
-# -------------------
-# CWE Reference
-# -------------------
-class CWE(models.Model):
-    cwe_id = models.CharField(max_length=50, unique=True)
-    name = models.TextField()
-    description = models.TextField(null=True, blank=True)
-    cvss_version = models.CharField(max_length=10, default='3.1')
-    average_score = models.DecimalField(max_digits=5, decimal_places=2)
-    severity = models.CharField(max_length=20, null=True, blank=True)
-    categories = models.TextField(null=True, blank=True)
-
-    def __str__(self):
-        return f"{self.cwe_id} - {self.name}"
-
diff --git a/scanner/serializers.py b/scanner/serializers.py
deleted file mode 100644
index 896f234..0000000
--- a/scanner/serializers.py
+++ /dev/null
@@ -1,26 +0,0 @@
-from rest_framework import serializers
-from .models import CodeSubmission, File, Threat
-
-# -------------------
-# Serializer for submitting new code
-# -------------------
-class CodeSubmissionSerializer(serializers.ModelSerializer):
-    code = serializers.CharField(write_only=True)  # user input code
-    submission_name = serializers.CharField(required=False, allow_blank=True)
-
-    class Meta:
-        model = CodeSubmission
-        fields = ['submission_name', 'code']
-
-    def create(self, validated_data):
-        # We'll store the "code" as a single File for simplicity
-        code_text = validated_data.pop('code')
-        submission = CodeSubmission.objects.create(**validated_data)
-        File.objects.create(
-            submission=submission,
-            file_name=validated_data.get('submission_name', 'unnamed.py'),
-            file_path='',
-            file_type='code',
-        )
-        # Optionally, you can attach code_text somewhere (DB or AI service)
-        return submission
\ No newline at end of file
diff --git a/scanner/tasks.py b/scanner/tasks.py
deleted file mode 100644
index 457d809..0000000
--- a/scanner/tasks.py
+++ /dev/null
@@ -1,43 +0,0 @@
-from .models import CodeSubmission, File, Threat
-from .services.dummy_analysis import run_dummy
-
-def run_analysis_sync(submission_id):
-    """
-    Runs code analysis on a given CodeSubmission.
-    Updates submission with dummy results and creates Threat records.
-    """
-
-    submission = CodeSubmission.objects.get(submission_id=submission_id)
-
-    # For status tracking, we could add a 'status' field if desired
-    # submission.status = "RUNNING"
-    # submission.save()
-
-    try:
-        # Assume analyzing the first file for simplicity
-        file_obj = submission.files.first()
-        code_text = ""  # replace with actual file reading if needed
-
-        # Call dummy analysis
-        results = run_dummy(code_text, "python")  # language can be dynamic
-
-        # Save results in submission (simplified summary + detailed)
-        submission.simplified_summary = results.get("summary", "")
-        submission.detailed_summary = str(results.get("findings", []))
-        submission.save()
-
-        # Create Threat objects from findings
-        for finding in results.get("findings", []):
-            Threat.objects.create(
-                submission=submission,
-                file=file_obj,
-                title=finding.get("description", "Unnamed Threat"),
-                description=finding.get("description", ""),
-                severity_level=finding.get("severity", "Low"),
-                recommendation=finding.get("fix", ""),
-            )
-
-    except Exception as e:
-        # handle failures, e.g., logging
-        print(f"Analysis failed for submission {submission_id}: {e}")
-        # optionally mark submission as failed
\ No newline at end of file
diff --git a/scanner/tests.py b/scanner/tests.py
deleted file mode 100644
index d248458..0000000
--- a/scanner/tests.py
+++ /dev/null
@@ -1,58 +0,0 @@
-from django.test import TestCase
-
-# Create your tests here.
-from rest_framework.test import APITestCase
-from django.contrib.auth import get_user_model
-from rest_framework import status
-from .models import CodeSubmission, File, Threat
-from .tasks import run_analysis_sync
-
-User = get_user_model()
-
-class CodeSubmissionTests(APITestCase):
-
-    def setUp(self):
-        # create a test user
-        self.user = User.objects.create(
-            email="testuser@example.com",
-            password_hash="hashedpassword"
-        )
-        # log in manually if using session auth, or skip if using token auth
-        self.client.force_authenticate(user=self.user)
-
-    def test_create_submission(self):
-        response = self.client.post("/api/scanner/", {
-            "submission_name": "hello.py",
-            "code": "print('Hello World')"
-        }, format="json")
-
-        self.assertEqual(response.status_code, status.HTTP_201_CREATED)
-        self.assertIn("submission_id", response.data)
-
-    def test_workflow(self):
-        # create submission
-        submission = CodeSubmission.objects.create(
-            user=self.user,
-            submission_name="hello_again.py"
-        )
-
-        # create associated file
-        File.objects.create(
-            submission=submission,
-            file_name="hello_again.py",
-            file_path="",
-            file_type="code"
-        )
-
-        # run dummy analysis
-        run_analysis_sync(submission.submission_id)
-
-        # refresh from DB
-        submission.refresh_from_db()
-
-        # confirm dummy analysis populated summaries
-        self.assertTrue(submission.simplified_summary)
-        self.assertTrue(submission.detailed_summary)
-
-        # confirm threats created
-        self.assertGreaterEqual(submission.threats.count(), 1)
diff --git a/scanner/urls.py b/scanner/urls.py
deleted file mode 100644
index 124af50..0000000
--- a/scanner/urls.py
+++ /dev/null
@@ -1,10 +0,0 @@
-from django.urls import path
-from .views import SubmissionView, SubmissionStatusView
-
-urlpatterns = [
-    # Create a new code submission and run analysis
-    path('', SubmissionView.as_view(), name='create_submission'),
-
-    # Check status / get results of a submission
-    path('<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
-]
\ No newline at end of file
diff --git a/scanner/views.py b/scanner/views.py
deleted file mode 100644
index ae7f39d..0000000
--- a/scanner/views.py
+++ /dev/null
@@ -1,68 +0,0 @@
-from django.shortcuts import render
-from rest_framework.views import APIView
-from rest_framework.response import Response
-from rest_framework.permissions import IsAuthenticated
-from .models import CodeSubmission, File, Threat
-from .serializers import CodeSubmissionSerializer
-from .tasks import run_analysis_sync
-from django.http import JsonResponse
-import json
-from .services.ai_service import ask_ai
-
-def ask_ai_view(request):
-    if request.method == "POST":
-        data = json.loads(request.body)
-        user_text = data.get("message")
-
-        response = ask_ai(user_text)
-
-        return JsonResponse({"response": response})
-
-# -------------------
-# Create a new code submission and run analysis
-# -------------------
-class SubmissionView(APIView):
-    permission_classes = [IsAuthenticated]
-
-    def post(self, request):
-        serializer = CodeSubmissionSerializer(data=request.data)
-        serializer.is_valid(raise_exception=True)
-
-        # create submission
-        submission = serializer.save(user=request.user)
-
-        # run analysis (sync for now)
-        run_analysis_sync(submission.submission_id)
-
-        return Response({
-            "submission_id": submission.submission_id,
-            "simplified_summary": submission.simplified_summary
-        }, status=201)
-
-# -------------------
-# Check status and results of a submission
-# -------------------
-class SubmissionStatusView(APIView):
-    permission_classes = [IsAuthenticated]
-
-    def get(self, request, submission_id):
-        try:
-            submission = CodeSubmission.objects.get(submission_id=submission_id, user=request.user)
-        except CodeSubmission.DoesNotExist:
-            return Response({"error": "Submission not found"}, status=404)
-
-        # If threats exist, include them in the response
-        threats = [
-            {
-                "title": t.title,
-                "severity": t.severity_level,
-                "recommendation": t.recommendation
-            }
-            for t in submission.threats.all()
-        ]
-
-        return Response({
-            "submission_id": submission.submission_id,
-            "simplified_summary": submission.simplified_summary,
-            "threats": threats
-        })

From 8f0e1f114e651fc917aeb12f83d302e31054bf39 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Thu, 19 Mar 2026 15:42:34 -0500
Subject: [PATCH 26/41] good news merge conflicts done and project is fully
 django. bad news paste code button is broke. good news login page is almost
 fully connected

---
 api/urls.py                 | 14 +++++++++---
 api/views.py                | 45 +++++++++++++++++++++++++++++++++++--
 config/settings.py          |  2 ++
 config/urls.py              |  4 +---
 front-end/index.html        |  4 +---
 front-end/scripts/upload.js | 22 +++++++++---------
 6 files changed, 70 insertions(+), 21 deletions(-)

diff --git a/api/urls.py b/api/urls.py
index 124af50..c9545ec 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -1,10 +1,18 @@
 from django.urls import path
-from .views import SubmissionView, SubmissionStatusView
+from . import views
+from .views import login_view, SubmissionView, SubmissionStatusView
 
 urlpatterns = [
+    # Login / Logout
+    path('login/', views.login_view, name='login'),
+    path('logout/', views.logout_view, name='logout'),
+
+    # Dashboard (default root)
+    path('', views.dashboard_view, name='dashboard'),
+
     # Create a new code submission and run analysis
-    path('', SubmissionView.as_view(), name='create_submission'),
+    path('submit-code/', SubmissionView.as_view(), name='create_submission'),
 
     # Check status / get results of a submission
-    path('<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
+    path('submission/<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
 ]
\ No newline at end of file
diff --git a/api/views.py b/api/views.py
index 903e745..cbce02a 100644
--- a/api/views.py
+++ b/api/views.py
@@ -1,13 +1,15 @@
-from django.shortcuts import render
+from django.shortcuts import render, redirect
 from rest_framework.views import APIView
 from rest_framework.response import Response
 from rest_framework.permissions import IsAuthenticated
-from .models import CodeSubmission, File, Threat
 from .serializers import CodeSubmissionSerializer
 from .tasks import run_analysis_sync
 from django.http import JsonResponse
 import json
 from .services.ai_service import ask_ai
+from django.contrib.auth.decorators import login_required
+from django.contrib.auth import authenticate, login, logout
+from .models import CodeSubmission, File, Threat
 
 def ask_ai_view(request):
     if request.method == "POST":
@@ -75,3 +77,42 @@ def get(self, request, submission_id):
             "simplified_summary": submission.simplified_summary,
             "threats": threats
         })
+
+# -------------------
+# Login / Logout
+# -------------------
+def login_view(request):
+    error = None
+    if request.method == "POST":
+        username = request.POST['username']
+        password = request.POST['password']
+        user = authenticate(request, username=username, password=password)
+        if user:
+            login(request, user)
+            return redirect('dashboard')
+        else:
+            error = "Invalid username or password"
+    return render(request, 'login.html', {'error': error})
+
+def logout_view(request):
+    logout(request)
+    return redirect('login')
+
+# -------------------
+# Dashboard
+# -------------------
+@login_required(login_url='/login/')  # Redirects to login if not logged in
+def dashboard_view(request):
+    return render(request, 'index.html')
+
+# -------------------
+# Dummy Code Submission
+# -------------------
+@login_required
+def submit_code(request):
+    result = None
+    if request.method == "POST":
+        code = request.POST.get("code")
+        # For demo, just return a dummy response
+        result = f"Received {len(code.splitlines())} lines of code. Dummy analysis: All good!"
+    return render(request, 'submit_code.html', {'result': result})
diff --git a/config/settings.py b/config/settings.py
index 311115a..afae9e2 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -29,6 +29,8 @@
 
 ALLOWED_HOSTS = []
 
+LOGIN_URL = '/login/'
+
 
 # Application definition
 
diff --git a/config/urls.py b/config/urls.py
index 9723a9c..e5677dc 100644
--- a/config/urls.py
+++ b/config/urls.py
@@ -17,10 +17,8 @@
 
 from django.contrib import admin
 from django.urls import path, include
-from django.views.generic import TemplateView
 
 urlpatterns = [
     path('admin/', admin.site.urls),
-    path('api/', include('api.urls')),
-    path('', TemplateView.as_view(template_name="index.html")),
+    path('', include('api.urls')),
 ]
diff --git a/front-end/index.html b/front-end/index.html
index 0db3cde..0a65a70 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -12,7 +12,7 @@
     <link rel="stylesheet" href="{% static 'styles/style.css' %}">
 
     <!-- JS -->
-    <script type="text/javascript" src="{% static 'scripts/main.js' %}"></script>
+    <script type="text/javascript" src="{% static 'scripts/upload.js' %}"></script>
 </head>
 <body>
 
@@ -80,8 +80,6 @@ <h2>Upload Code for Analysis</h2>
         </div>
     </div>
 
-    <script src="scripts/upload.js"></script>
-
     <div class="recent-scans">
         <h3>Recent Scan Results</h3>
         <table>
diff --git a/front-end/scripts/upload.js b/front-end/scripts/upload.js
index 4d33a0b..4f27024 100644
--- a/front-end/scripts/upload.js
+++ b/front-end/scripts/upload.js
@@ -1,14 +1,16 @@
-const tabButtons = document.querySelectorAll(".tab-btn");
-const tabContents = document.querySelectorAll(".tab-content");
+document.addEventListener("DOMContentLoaded", () => {
+    const tabButtons = document.querySelectorAll(".tab-btn");
+    const tabContents = document.querySelectorAll(".tab-content");
 
-tabButtons.forEach(button => {
-    button.addEventListener("click", () => {
-        // Remove active state
-        tabButtons.forEach(btn => btn.classList.remove("active"));
-        tabContents.forEach(tab => tab.classList.remove("active"));
+    tabButtons.forEach(button => {
+        button.addEventListener("click", () => {
+            // Remove active state
+            tabButtons.forEach(btn => btn.classList.remove("active"));
+            tabContents.forEach(tab => tab.classList.remove("active"));
 
-        // Activate selected tab
-        button.classList.add("active");
-        document.getElementById(button.dataset.tab).classList.add("active");
+            // Activate selected tab
+            button.classList.add("active");
+            document.getElementById(button.dataset.tab).classList.add("active");
+        });
     });
 });
\ No newline at end of file

From bc332c28354d4a267c78916873f62b75577d4270 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Wed, 1 Apr 2026 17:18:22 -0500
Subject: [PATCH 27/41] Logout button

---
 api/urls.py                |  3 +-
 api/views.py               | 16 ++++++++---
 config/settings.py         |  3 +-
 db_test.py                 |  0
 front-end/index.html       | 57 ++++++++++++++++++++++++++------------
 front-end/login.html       | 44 ++++++++++++++++++-----------
 front-end/styles/style.css |  5 +++-
 main.py                    |  0
 8 files changed, 87 insertions(+), 41 deletions(-)
 delete mode 100644 db_test.py
 delete mode 100644 main.py

diff --git a/api/urls.py b/api/urls.py
index c9545ec..90bd453 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -10,8 +10,7 @@
     # Dashboard (default root)
     path('', views.dashboard_view, name='dashboard'),
 
-    # Create a new code submission and run analysis
-    path('submit-code/', SubmissionView.as_view(), name='create_submission'),
+    path('submit/', views.submit_code, name='submit_code'),
 
     # Check status / get results of a submission
     path('submission/<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
diff --git a/api/views.py b/api/views.py
index cbce02a..7ea075b 100644
--- a/api/views.py
+++ b/api/views.py
@@ -110,9 +110,17 @@ def dashboard_view(request):
 # -------------------
 @login_required
 def submit_code(request):
+    print("HIT SUBMIT VIEW")
     result = None
+
     if request.method == "POST":
-        code = request.POST.get("code")
-        # For demo, just return a dummy response
-        result = f"Received {len(code.splitlines())} lines of code. Dummy analysis: All good!"
-    return render(request, 'submit_code.html', {'result': result})
+        code = request.POST.get("code", "")
+
+        print("CODE:", code)  # debug
+
+        if not code.strip():
+            result = "No code submitted."
+        else:
+            result = f"Received {len(code.splitlines())} lines of code. Dummy analysis: All good!"
+
+    return render(request, 'index.html', {'result': result})
diff --git a/config/settings.py b/config/settings.py
index afae9e2..d1fcc39 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -29,7 +29,8 @@
 
 ALLOWED_HOSTS = []
 
-LOGIN_URL = '/login/'
+LOGIN_URL = 'login'
+LOGIN_REDIRECT_URL = 'dashboard'
 
 
 # Application definition
diff --git a/db_test.py b/db_test.py
deleted file mode 100644
index e69de29..0000000
diff --git a/front-end/index.html b/front-end/index.html
index 0a65a70..3386def 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -31,7 +31,21 @@ <h2>AutoPen</h2>
 <div class="main">
     <div class="header">
         <h1>Penetration Testing Dashboard</h1>
+        <p>User: {{ request.user }}</p>
         <div class="status">System Status: Active</div>
+        <form method="POST" action="{% url 'logout' %}" style="display:inline;">
+            {% csrf_token %}
+            <button type="submit" style="
+        background-color:#ff4d4d;
+        color:white;
+        border:none;
+        padding:8px 12px;
+        border-radius:5px;
+        cursor:pointer;
+    ">
+                Logout
+            </button>
+        </form>
     </div>
 
     <div class="cards">
@@ -53,30 +67,39 @@ <h3>Low Vulnerabilities</h3>
         </div>
     </div>
 
-    <!-- Upload Code -->
     <div class="code-center">
         <div class="code-box">
             <h2>Upload Code for Analysis</h2>
 
-            <div class="upload-tabs">
-                <button class="tab-btn active" data-tab="file">Upload File</button>
-                <button class="tab-btn" data-tab="paste">Paste Code</button>
-            </div>
+            <form method="POST" action="{% url 'submit_code' %}">
+                {% csrf_token %}
 
-            <!-- Upload File -->
-            <div class="tab-content active" id="file">
-                <label class="drop-zone">
-                    <input type="file" hidden>
-                    <p>Drop your code file here<br>or <span>click to browse</span></p>
-                </label>
-            </div>
+                <div class="upload-tabs">
+                    <button type="button" class="tab-btn active" data-tab="file">Upload File</button>
+                    <button type="button" class="tab-btn" data-tab="paste">Paste Code</button>
+                </div>
 
-            <!-- Paste Code -->
-            <div class="tab-content" id="paste">
-                <textarea placeholder="Paste your code here..."></textarea>
-            </div>
+                <!-- Upload File -->
+                <div class="tab-content active" id="file">
+                    <label class="drop-zone">
+                        <input type="file" name="file">
+                        <p>Drop your code file here<br>or <span>click to browse</span></p>
+                    </label>
+                </div>
 
-            <button class="scan-btn">Start Scan</button>
+                <!-- Paste Code -->
+                <div class="tab-content" id="paste">
+                    <textarea name="code" placeholder="Paste your code here..."></textarea>
+                </div>
+
+                <button type="submit" class="scan-btn">Start Scan</button>
+            </form>
+
+            {% if result %}
+            <div style="margin-top:20px; color:green;">
+                {{ result }}
+            </div>
+            {% endif %}
         </div>
     </div>
 
diff --git a/front-end/login.html b/front-end/login.html
index 425f5a7..06080e9 100644
--- a/front-end/login.html
+++ b/front-end/login.html
@@ -1,30 +1,42 @@
 <!DOCTYPE html>
+{% load static %}
 <html>
 <head>
-  <title>Login</title>
+  <title>Login - AutoPen</title>
+  <link rel="stylesheet" href="{% static 'styles/style.css' %}">
 </head>
-<body>
 
-<h2>Login</h2>
+<body style="display:block;">
 
-{% if error %}
-<p style="color:red">{{ error }}</p>
-{% endif %}
+<div class="code-center">
+  <div class="code-box" style="max-width:400px; margin:auto;">
 
-<form method="POST">
-  {% csrf_token %}
+    <h2 style="text-align:center;">AutoPen Login</h2>
 
-  <input type="text" name="username" placeholder="Username" required>
-  <br><br>
+    {% if error %}
+    <p style="color:red; text-align:center;">{{ error }}</p>
+    {% endif %}
 
-  <input type="password" name="password" placeholder="Password" required>
-  <br><br>
+    <form method="POST">
+      {% csrf_token %}
 
-  <button type="submit">Login</button>
-</form>
+      <input type="text" name="username" placeholder="Email / Username" required style="width:100%; padding:10px; margin-bottom:10px;">
 
-<p>Don't have an account?</p>
-<a href="/register/">Register</a>
+      <input type="password" name="password" placeholder="Password" required style="width:100%; padding:10px; margin-bottom:15px;">
+
+      <button type="submit" class="scan-btn" style="width:100%;">Login</button>
+    </form>
+
+    <p style="text-align:center; margin-top:15px;">
+      Don't have an account?
+    </p>
+
+    <div style="text-align:center;">
+      <a href="/register/">Register</a>
+    </div>
+
+  </div>
+</div>
 
 </body>
 </html>
\ No newline at end of file
diff --git a/front-end/styles/style.css b/front-end/styles/style.css
index 8357d12..08fe5e3 100644
--- a/front-end/styles/style.css
+++ b/front-end/styles/style.css
@@ -73,7 +73,10 @@ body {
 
 /* ================= UPLOAD SECTION ================= */
 .code-center {
-    margin-bottom: 50px;
+    display: flex;
+    justify-content: center;   /* horizontal center */
+    align-items: center;       /* vertical center */
+    min-height: 100vh;         /* full screen height */
 }
 
 .code-box {
diff --git a/main.py b/main.py
deleted file mode 100644
index e69de29..0000000

From 797a4e1e4c26e14c203f9bfbce2274d3c40da6d8 Mon Sep 17 00:00:00 2001
From: NathanEdwards2023 <edwar448@uwm.edu>
Date: Wed, 1 Apr 2026 18:31:02 -0500
Subject: [PATCH 28/41] UX Updates from previous branch

---
 front-end/index.html       |  34 ++++---
 front-end/login.html       |  47 +++++-----
 front-end/scripts/login.js |  33 +++++++
 front-end/scripts/main.js  |  18 ++++
 front-end/styles/login.css | 148 +++++++++++++++++++++++++++++++
 front-end/styles/style.css | 175 ++++++++++++++++++++++++++++++++-----
 6 files changed, 394 insertions(+), 61 deletions(-)
 create mode 100644 front-end/scripts/login.js
 create mode 100644 front-end/scripts/main.js
 create mode 100644 front-end/styles/login.css

diff --git a/front-end/index.html b/front-end/index.html
index db2c5f7..0af93ca 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -10,12 +10,20 @@
 
     <!-- CSS -->
     <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap" rel="stylesheet">
 
     <!-- JS -->
     <script type="text/javascript" src="{% static 'scripts/upload.js' %}"></script>
+    <script src="{% static 'scripts/main.js' %}"></script>
 </head>
 <body>
 
+<!-- ☰ Hamburger -->
+<div class="hamburger" id="hamburger">
+    <span></span>
+    <span></span>
+    <span></span>
+</div>
 
 <div class="sidebar">
     <h2>AutoPen</h2>
@@ -26,26 +34,24 @@ <h2>AutoPen</h2>
         <li>Targets</li>
         <li>Settings</li>
     </ul>
+
+    <!-- 👇 Sidebar Footer (User + Logout) -->
+    <div class="sidebar-footer">
+        <span class="user-name">{{ request.user }}</span>
+
+        <form method="POST" action="{% url 'logout' %}">
+            {% csrf_token %}
+            <button type="submit" class="logout-btn">
+                Logout
+            </button>
+        </form>
+    </div>
 </div>
 
 <div class="main">
     <div class="header">
         <h1>Penetration Testing Dashboard</h1>
-        <p>User: {{ request.user }}</p>
         <div class="status">System Status: Active</div>
-        <form method="POST" action="{% url 'logout' %}" style="display:inline;">
-            {% csrf_token %}
-            <button type="submit" style="
-        background-color:#ff4d4d;
-        color:white;
-        border:none;
-        padding:8px 12px;
-        border-radius:5px;
-        cursor:pointer;
-    ">
-                Logout
-            </button>
-        </form>
     </div>
 
     <div class="cards">
diff --git a/front-end/login.html b/front-end/login.html
index 06080e9..a7d2d34 100644
--- a/front-end/login.html
+++ b/front-end/login.html
@@ -1,42 +1,43 @@
 <!DOCTYPE html>
 {% load static %}
-<html>
+<html lang="en">
 <head>
   <title>Login - AutoPen</title>
-  <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+  <link rel="stylesheet" href="{% static 'styles/login.css' %}">
 </head>
 
-<body style="display:block;">
+<body>
 
-<div class="code-center">
-  <div class="code-box" style="max-width:400px; margin:auto;">
+<div class="login-box">
 
-    <h2 style="text-align:center;">AutoPen Login</h2>
+  <h2>AutoPen Login</h2>
 
-    {% if error %}
-    <p style="color:red; text-align:center;">{{ error }}</p>
-    {% endif %}
+  {% if error %}
+  <p class="error">{{ error }}</p>
+  {% endif %}
 
-    <form method="POST">
-      {% csrf_token %}
+  <form method="POST">
+    {% csrf_token %}
 
-      <input type="text" name="username" placeholder="Email / Username" required style="width:100%; padding:10px; margin-bottom:10px;">
-
-      <input type="password" name="password" placeholder="Password" required style="width:100%; padding:10px; margin-bottom:15px;">
-
-      <button type="submit" class="scan-btn" style="width:100%;">Login</button>
-    </form>
-
-    <p style="text-align:center; margin-top:15px;">
-      Don't have an account?
-    </p>
+    <div class="input-group">
+      <input type="text" name="username" placeholder="Email / Username" required>
+    </div>
 
-    <div style="text-align:center;">
-      <a href="/register/">Register</a>
+    <div class="input-group">
+      <input type="password" name="password" placeholder="Password" required>
     </div>
 
+    <button type="submit" class="login-btn">Login</button>
+  </form>
+
+  <div class="register">
+    <p>Don't have an account?</p>
+    <a href="/register/">Register</a>
   </div>
+
 </div>
 
+<script src="{% static 'scripts/login.js' %}"></script>
+
 </body>
 </html>
\ No newline at end of file
diff --git a/front-end/scripts/login.js b/front-end/scripts/login.js
new file mode 100644
index 0000000..2b017cd
--- /dev/null
+++ b/front-end/scripts/login.js
@@ -0,0 +1,33 @@
+// Page fade in
+window.addEventListener("load", () => {
+    document.body.classList.add("loaded");
+});
+
+// Animate login box
+window.addEventListener("DOMContentLoaded", () => {
+    const box = document.querySelector(".login-box");
+
+    setTimeout(() => {
+        box.classList.add("show");
+    }, 150);
+});
+
+// Button loading state
+const form = document.querySelector("form");
+const button = document.querySelector(".login-btn");
+
+form.addEventListener("submit", () => {
+    button.innerText = "Logging in...";
+    button.classList.add("loading");
+    button.disabled = true;
+});
+
+// Shake on error (if Django renders error)
+window.addEventListener("DOMContentLoaded", () => {
+    const error = document.querySelector(".error");
+    const box = document.querySelector(".login-box");
+
+    if (error && box) {
+        box.classList.add("shake");
+    }
+});
\ No newline at end of file
diff --git a/front-end/scripts/main.js b/front-end/scripts/main.js
new file mode 100644
index 0000000..1385644
--- /dev/null
+++ b/front-end/scripts/main.js
@@ -0,0 +1,18 @@
+// Fade In
+window.addEventListener("load", () => {
+    document.body.classList.add("loaded");
+});
+
+window.addEventListener("DOMContentLoaded", () => {
+
+    const hamburger = document.getElementById("hamburger");
+    const sidebar = document.querySelector(".sidebar");
+    const main = document.querySelector(".main");
+
+    hamburger.addEventListener("click", () => {
+        hamburger.classList.toggle("active");
+        sidebar.classList.toggle("active");
+        main.classList.toggle("shift");
+    });
+
+});
\ No newline at end of file
diff --git a/front-end/styles/login.css b/front-end/styles/login.css
new file mode 100644
index 0000000..97025e1
--- /dev/null
+++ b/front-end/styles/login.css
@@ -0,0 +1,148 @@
+/* ================= LOGIN PAGE BASE ================= */
+
+* {
+    box-sizing: border-box;
+}
+
+body {
+    margin: 0;
+    font-family: 'Inter', sans-serif;
+
+    background:
+            radial-gradient(circle at top left, rgba(168, 85, 247, 0.15), transparent 40%),
+            radial-gradient(circle at bottom right, rgba(124, 58, 237, 0.12), transparent 50%),
+            linear-gradient(135deg, #000000, #0f172a);
+
+    color: #e5e7eb;
+
+    display: flex;
+    justify-content: center;
+    align-items: center;
+    height: 100vh;
+
+    opacity: 0;
+    transition: opacity 0.6s ease;
+}
+
+body.loaded {
+    opacity: 1;
+}
+
+/* ================= LOGIN CONTAINER ================= */
+.login-box {
+    width: 380px;
+    padding: 35px;
+
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    border-radius: 12px;
+
+    box-shadow: 0 0 20px rgba(168, 85, 247, 0.15);
+
+    transform: translateY(30px);
+    opacity: 0;
+    transition: all 0.5s ease;
+}
+
+.login-box.show {
+    transform: translateY(0);
+    opacity: 1;
+}
+
+/* ================= TITLE ================= */
+.login-box h2 {
+    text-align: center;
+    margin-bottom: 25px;
+
+    font-weight: 700;
+
+    background: linear-gradient(90deg, #c084fc, #a855f7, #7c3aed);
+    -webkit-background-clip: text;
+    -webkit-text-fill-color: transparent;
+}
+
+/* ================= INPUTS ================= */
+.input-group {
+    margin-bottom: 15px;
+}
+
+.input-group input {
+    width: 100%;
+    padding: 12px;
+
+    border-radius: 8px;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+
+    background: rgba(17, 24, 39, 0.6);
+    color: #e5e7eb;
+
+    transition: 0.25s;
+}
+
+.input-group input:focus {
+    outline: none;
+    border-color: #a855f7;
+    box-shadow: 0 0 10px rgba(168, 85, 247, 0.4);
+    transform: scale(1.02);
+}
+
+/* ================= BUTTON ================= */
+.login-btn {
+    width: 100%;
+    padding: 10px 20px;
+
+    background: rgba(168, 85, 247, 0.85);
+    color: white;
+
+    border: none;
+    border-radius: 999px;
+
+    cursor: pointer;
+    transition: 0.25s;
+}
+
+.login-btn:hover {
+    background: rgba(168, 85, 247, 1);
+    transform: translateY(-2px);
+    box-shadow: 0 0 12px rgba(168, 85, 247, 0.6);
+}
+
+.login-btn.loading {
+    opacity: 0.7;
+    cursor: not-allowed;
+}
+
+/* ================= ERROR ================= */
+.error {
+    color: #fb7185;
+    text-align: center;
+    margin-bottom: 10px;
+}
+
+/* ================= REGISTER LINK ================= */
+.register {
+    text-align: center;
+    margin-top: 15px;
+}
+
+.register a {
+    color: #c084fc;
+    text-decoration: none;
+}
+
+.register a:hover {
+    text-shadow: 0 0 8px rgba(168, 85, 247, 0.6);
+}
+
+/* ================= SHAKE ANIMATION ================= */
+.shake {
+    animation: shake 0.3s;
+}
+
+@keyframes shake {
+    0% { transform: translateX(0); }
+    25% { transform: translateX(-5px); }
+    50% { transform: translateX(5px); }
+    75% { transform: translateX(-5px); }
+    100% { transform: translateX(0); }
+}
\ No newline at end of file
diff --git a/front-end/styles/style.css b/front-end/styles/style.css
index 08fe5e3..50576db 100644
--- a/front-end/styles/style.css
+++ b/front-end/styles/style.css
@@ -3,14 +3,23 @@
     margin: 0;
     padding: 0;
     box-sizing: border-box;
-    font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+    font-family: 'Inter', sans-serif;
 }
 
 body {
-    background: #000000;
+    background:
+            radial-gradient(circle at top left, rgba(168, 85, 247, 0.15), transparent 40%),
+            radial-gradient(circle at bottom right, rgba(124, 58, 237, 0.12), transparent 50%),
+            linear-gradient(135deg, #000000, #0f172a);
     color: #e5e7eb;
     display: flex;
     min-height: 100vh;
+    opacity: 0;
+    transition: opacity 0.6s ease;
+}
+
+body.loaded {
+    opacity: 1;
 }
 
 /* ================= SIDEBAR ================= */
@@ -20,12 +29,24 @@ body {
     background: rgba(17, 24, 39, 0.8);
     padding: 20px;
     border-right: 1px solid rgba(168, 85, 247, 0.2);
+
+    position: fixed;
+    top: 0;
+    left: -260px;
+    transition: left 0.3s ease;
+    z-index: 999;
+
+    display: flex;
+    flex-direction: column;
+}
+
+.sidebar.active {
+    left: 0;
 }
 
 .sidebar h2 {
-    color: #e9d5ff;
-    margin-bottom: 40px;
-    text-align: center;
+    letter-spacing: 1px;
+    font-weight: 600;
 }
 
 .sidebar ul {
@@ -33,23 +54,56 @@ body {
 }
 
 .sidebar ul li {
+    letter-spacing: 0.5px;
+    font-weight: 500;
+}
+
+.sidebar ul li:hover {
+    color: #c084fc;
+    text-shadow: 0 0 8px rgba(168, 85, 247, 0.6);
+}
+
+/* ================= SIDEBAR FOOTER ================= */
+.sidebar-footer {
+    margin-top: auto;
     padding: 15px;
-    margin: 10px 0;
-    background: rgba(17, 24, 39, 0.8);
-    border: 1px solid rgba(168, 85, 247, 0.2);
-    border-radius: 8px;
+    border-top: 1px solid rgba(168, 85, 247, 0.2);
+
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+}
+
+.user-name {
+    font-size: 14px;
+    color: #c084fc;
+    font-weight: 500;
+}
+
+.logout-btn {
+    background-color: #ff4d4d;
+    color: white;
+    border: none;
+    padding: 6px 10px;
+    border-radius: 5px;
     cursor: pointer;
-    transition: 0.25s;
+    transition: 0.2s;
 }
 
-.sidebar ul li:hover {
-    background: rgba(17, 24, 39, 0.95);
+.logout-btn:hover {
+    background-color: #ff1f1f;
 }
 
 /* ================= MAIN ================= */
 .main {
     flex: 1;
     padding: 40px;
+    margin-left: 0;
+    transition: margin-left 0.3s ease;
+}
+
+.main.shift {
+    margin-left: 250px;
 }
 
 /* ================= HEADER ================= */
@@ -61,22 +115,50 @@ body {
 }
 
 .header h1 {
-    color: #ffffff;
+    font-weight: 700;
+    background: linear-gradient(90deg, #c084fc, #a855f7, #7c3aed);
+    -webkit-background-clip: text;
+    -webkit-text-fill-color: transparent;
 }
 
 .status {
-    background: rgba(17, 24, 39, 0.8);
-    padding: 10px 20px;
-    border-radius: 999px;
-    border: 1px solid rgba(168, 85, 247, 0.2);
+    box-shadow: 0 0 10px rgba(168, 85, 247, 0.3);
+    display: flex;
+    align-items: center;
+    gap: 10px;
+}
+
+/* Green glowing dot */
+.status-dot {
+    width: 10px;
+    height: 10px;
+    background: #22c55e;
+    border-radius: 50%;
+    box-shadow: 0 0 6px #22c55e, 0 0 12px #22c55e;
+    animation: pulse 1.8s infinite ease-in-out;
+}
+
+@keyframes pulse {
+    0% {
+        transform: scale(1);
+        opacity: 1;
+        box-shadow: 0 0 6px #22c55e, 0 0 12px #22c55e;
+    }
+    50% {
+        transform: scale(1.3);
+        opacity: 0.7;
+        box-shadow: 0 0 10px #22c55e, 0 0 20px #22c55e;
+    }
+    100% {
+        transform: scale(1);
+        opacity: 1;
+        box-shadow: 0 0 6px #22c55e, 0 0 12px #22c55e;
+    }
 }
 
 /* ================= UPLOAD SECTION ================= */
 .code-center {
-    display: flex;
-    justify-content: center;   /* horizontal center */
-    align-items: center;       /* vertical center */
-    min-height: 100vh;         /* full screen height */
+    margin-bottom: 50px;
 }
 
 .code-box {
@@ -210,8 +292,8 @@ textarea {
 }
 
 .card p {
-    font-size: 28px;
-    font-weight: bold;
+    color: #c084fc;
+    text-shadow: 0 0 10px rgba(168, 85, 247, 0.4);
 }
 
 /* ================= TABLE ================= */
@@ -242,7 +324,52 @@ tr:hover {
     background: rgba(168, 85, 247, 0.05);
 }
 
+/* ================= HAMBURGER MENU ================= */
+.hamburger {
+    position: fixed;
+    top: 20px;
+    left: 20px;
+    width: 30px;
+    height: 22px;
+    display: flex;
+    flex-direction: column;
+    justify-content: space-between;
+    cursor: pointer;
+    z-index: 1000;
+}
+
+.hamburger span {
+    height: 3px;
+    width: 100%;
+    background: white;
+    border-radius: 2px;
+    transition: 0.3s;
+}
+
+.hamburger.active span:nth-child(1) {
+    transform: rotate(45deg) translateY(8px);
+}
+
+.hamburger.active span:nth-child(2) {
+    opacity: 0;
+}
+
+.hamburger.active span:nth-child(3) {
+    transform: rotate(-45deg) translateY(-8px);
+}
+
+/* ================= SPLIT LAYOUT ================= */
+.split-layout {
+    display: flex;
+    gap: 20px;
+    align-items: flex-start;
+}
+
+/* Upload box */
+.split-layout .code-box {
+    flex: 2;
+}
 /* ================= SEVERITY COLORS ================= */
 .critical { color: #fb7185; font-weight: bold; }
 .medium   { color: #facc15; font-weight: bold; }
-.low      { color: #34d399; font-weight: bold; }
+.low      { color: #34d399; font-weight: bold; }
\ No newline at end of file

From 51148ac9054aea9837a692de248df4d5f2dd325c Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Thu, 2 Apr 2026 02:32:03 -0500
Subject: [PATCH 29/41] feat:generate report on frontend

---
 api/views.py | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 60 insertions(+), 1 deletion(-)

diff --git a/api/views.py b/api/views.py
index 7ea075b..aab21d0 100644
--- a/api/views.py
+++ b/api/views.py
@@ -10,6 +10,10 @@
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth import authenticate, login, logout
 from .models import CodeSubmission, File, Threat
+from pathlib import Path
+import tempfile
+import shutil
+from .utils.prescan import run_semgrep, run_gitleaks
 
 def ask_ai_view(request):
     if request.method == "POST":
@@ -121,6 +125,61 @@ def submit_code(request):
         if not code.strip():
             result = "No code submitted."
         else:
-            result = f"Received {len(code.splitlines())} lines of code. Dummy analysis: All good!"
+            # Create an isolated temp directory so semgrep/gitleaks can scan it safely.
+            tmp_dir_path = Path(tempfile.mkdtemp(prefix="autopen_"))
+            try:
+                target_file_path = tmp_dir_path / "target.py"
+                target_file_path.write_text(code, encoding="utf-8")
+
+                # Pre-process: run semgrep + gitleaks against the temporary file.
+                semgrep_report = run_semgrep(str(target_file_path))
+                gitleaks_report = run_gitleaks(str(target_file_path))
+
+                # Keep the prompt size bounded.
+                max_code_chars = 8000
+                truncated = code[:max_code_chars]
+                trunc_note = ""
+                if len(code) > max_code_chars:
+                    trunc_note = f"\n\n[NOTE] Code was truncated to the first {max_code_chars} characters."
+
+                # Keep tool findings compact to reduce token usage.
+                semgrep_results = semgrep_report.get("results", []) or []
+                gitleaks_results = gitleaks_report.get("results", []) or []
+                semgrep_results = semgrep_results[:20]
+                gitleaks_results = gitleaks_results[:20]
+
+                # Assemble a single "passage" for OpenAI analysis.
+                passage = {
+                    "user_code": truncated + trunc_note,
+                    "semgrep": {
+                        "error": semgrep_report.get("error"),
+                        "results": semgrep_results,
+                    },
+                    "gitleaks": {
+                        "error": gitleaks_report.get("error"),
+                        "results": gitleaks_results,
+                    },
+                }
+
+                prompt = (
+                    "You are a security analysis assistant.\n\n"
+                    "Analyze this passage and tell me the consequences of following up and not following up.\n\n"
+                    "## Passage (code + tool findings)\n"
+                    f"{json.dumps(passage, ensure_ascii=False, indent=2)}\n\n"
+                    "## Output requirements\n"
+                    "1. Provide a clear overall risk summary (1-2 sentences).\n"
+                    "2. Provide 'Consequences if following up' and 'Consequences if not following up'.\n"
+                    "3. For each consequence, include which tool finding(s) it is based on.\n"
+                    "4. End with 'Recommended next steps' (3-5 bullet points) focusing on practical remediation.\n"
+                    "5. Do not invent findings that are not supported by the passage.\n"
+                )
+
+                result = ask_ai(prompt)
+            except Exception as e:
+                # Return an error string so the front-end still shows something useful.
+                result = f"Analysis failed: {type(e).__name__}: {e}"
+            finally:
+                # Best-effort cleanup of temporary files.
+                shutil.rmtree(tmp_dir_path, ignore_errors=True)
 
     return render(request, 'index.html', {'result': result})

From 5f9d9c67488ba42139b1f272b57502a95cc364f1 Mon Sep 17 00:00:00 2001
From: JacobLind1 <jslind@uwm.edu>
Date: Mon, 6 Apr 2026 13:06:26 -0500
Subject: [PATCH 30/41] Connected register to backend, reg and login do not
 point to same tables in database

---
 api/migrations/0001_initial.py          | 77 +++++++++++++++++++++++++
 api/migrations/0002_alter_user_table.py | 22 +++++++
 api/models.py                           |  3 +
 api/urls.py                             |  3 +
 api/views.py                            | 28 ++++++++-
 front-end/register.html                 |  2 +-
 6 files changed, 133 insertions(+), 2 deletions(-)
 create mode 100644 api/migrations/0001_initial.py
 create mode 100644 api/migrations/0002_alter_user_table.py

diff --git a/api/migrations/0001_initial.py b/api/migrations/0001_initial.py
new file mode 100644
index 0000000..ace3cd2
--- /dev/null
+++ b/api/migrations/0001_initial.py
@@ -0,0 +1,77 @@
+# Generated by Django 6.0.3 on 2026-03-30 20:11
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='CodeSubmission',
+            fields=[
+                ('submission_id', models.AutoField(primary_key=True, serialize=False)),
+                ('submission_name', models.CharField(blank=True, max_length=255, null=True)),
+                ('uploaded_at', models.DateTimeField(auto_now_add=True)),
+                ('overall_risk_score', models.DecimalField(blank=True, decimal_places=2, max_digits=5, null=True)),
+                ('simplified_summary', models.TextField(blank=True, null=True)),
+                ('detailed_summary', models.TextField(blank=True, null=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='CWE',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('cwe_id', models.CharField(max_length=50, unique=True)),
+                ('name', models.TextField()),
+                ('description', models.TextField(blank=True, null=True)),
+                ('cvss_version', models.CharField(default='3.1', max_length=10)),
+                ('average_score', models.DecimalField(decimal_places=2, max_digits=5)),
+                ('severity', models.CharField(blank=True, max_length=20, null=True)),
+                ('categories', models.TextField(blank=True, null=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('user_id', models.AutoField(primary_key=True, serialize=False)),
+                ('email', models.CharField(max_length=255, unique=True)),
+                ('password_hash', models.TextField()),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='File',
+            fields=[
+                ('file_id', models.AutoField(primary_key=True, serialize=False)),
+                ('file_name', models.CharField(max_length=255)),
+                ('file_path', models.TextField()),
+                ('file_type', models.CharField(blank=True, max_length=100, null=True)),
+                ('submission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='files', to='api.codesubmission')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Threat',
+            fields=[
+                ('threat_id', models.AutoField(primary_key=True, serialize=False)),
+                ('title', models.CharField(max_length=255)),
+                ('description', models.TextField(blank=True, null=True)),
+                ('severity_level', models.CharField(choices=[('Low', 'Low'), ('Medium', 'Medium'), ('High', 'High'), ('Critical', 'Critical')], max_length=10)),
+                ('severity_score', models.DecimalField(blank=True, decimal_places=2, max_digits=5, null=True)),
+                ('recommendation', models.TextField(blank=True, null=True)),
+                ('line_number', models.IntegerField(blank=True, null=True)),
+                ('file', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='threats', to='api.file')),
+                ('submission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='threats', to='api.codesubmission')),
+            ],
+        ),
+        migrations.AddField(
+            model_name='codesubmission',
+            name='user',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='submissions', to='api.user'),
+        ),
+    ]
diff --git a/api/migrations/0002_alter_user_table.py b/api/migrations/0002_alter_user_table.py
new file mode 100644
index 0000000..9fb34a5
--- /dev/null
+++ b/api/migrations/0002_alter_user_table.py
@@ -0,0 +1,22 @@
+# Generated by Django 6.0.3 on 2026-04-06 17:52
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.SeparateDatabaseAndState(
+            database_operations=[],
+            state_operations=[
+                migrations.AlterModelTable(
+                    name='user',
+                    table='users',
+                ),
+            ],
+        ),
+    ]
diff --git a/api/models.py b/api/models.py
index b66898d..4ab07d6 100644
--- a/api/models.py
+++ b/api/models.py
@@ -12,6 +12,9 @@ class User(models.Model):
     def __str__(self):
         return self.email
 
+    class Meta:
+        db_table = "users"
+
 # -------------------
 # Code Submissions
 # -------------------
diff --git a/api/urls.py b/api/urls.py
index 90bd453..d7ced40 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -7,6 +7,9 @@
     path('login/', views.login_view, name='login'),
     path('logout/', views.logout_view, name='logout'),
 
+    # Register
+    path('register/', views.register_view, name='register'),
+
     # Dashboard (default root)
     path('', views.dashboard_view, name='dashboard'),
 
diff --git a/api/views.py b/api/views.py
index 7ea075b..0b347aa 100644
--- a/api/views.py
+++ b/api/views.py
@@ -1,3 +1,4 @@
+from django.contrib.auth.hashers import make_password
 from django.shortcuts import render, redirect
 from rest_framework.views import APIView
 from rest_framework.response import Response
@@ -9,7 +10,7 @@
 from .services.ai_service import ask_ai
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth import authenticate, login, logout
-from .models import CodeSubmission, File, Threat
+from .models import CodeSubmission, File, Threat, User
 
 def ask_ai_view(request):
     if request.method == "POST":
@@ -124,3 +125,28 @@ def submit_code(request):
             result = f"Received {len(code.splitlines())} lines of code. Dummy analysis: All good!"
 
     return render(request, 'index.html', {'result': result})
+
+# -----------------
+# User Registration
+# -----------------
+def register_view(request):
+    error = None
+
+    if request.method == "POST":
+        email = request.POST.get("email")
+        password = request.POST.get("password")
+
+        if not email or not password:
+            error = "Enter Username and Password"
+
+        elif User.objects.filter(email=email).exists():
+            error = "Username Taken"
+
+        else:
+            hashed_pass = make_password(password)
+
+            user = User.objects.create(email=email, password_hash=hashed_pass)
+            request.session["user_id"] = user.user_id
+            return redirect('dashboard')
+
+    return render(request, 'register.html', {'error': error})
diff --git a/front-end/register.html b/front-end/register.html
index 18bf32c..427fa0d 100644
--- a/front-end/register.html
+++ b/front-end/register.html
@@ -10,7 +10,7 @@ <h2>Create Account</h2>
 <form method="POST">
   {% csrf_token %}
 
-  <input type="text" name="username" placeholder="Username" required>
+  <input type="text" name="email" placeholder="email" required>
   <br><br>
 
   <input type="password" name="password" placeholder="Password" required>

From 7023c243434ebe5b68a8e564615f74c9ce882fba Mon Sep 17 00:00:00 2001
From: JacobLind1 <jslind@uwm.edu>
Date: Mon, 6 Apr 2026 13:34:19 -0500
Subject: [PATCH 31/41] Modified login so that it refers to our user model

---
 api/views.py            | 34 ++++++++++++++++++++++------------
 front-end/login.html    |  2 +-
 front-end/register.html |  2 +-
 3 files changed, 24 insertions(+), 14 deletions(-)

diff --git a/api/views.py b/api/views.py
index 0b347aa..b8fc0ca 100644
--- a/api/views.py
+++ b/api/views.py
@@ -1,4 +1,4 @@
-from django.contrib.auth.hashers import make_password
+from django.contrib.auth.hashers import make_password, check_password
 from django.shortcuts import render, redirect
 from rest_framework.views import APIView
 from rest_framework.response import Response
@@ -85,25 +85,35 @@ def get(self, request, submission_id):
 def login_view(request):
     error = None
     if request.method == "POST":
-        username = request.POST['username']
-        password = request.POST['password']
-        user = authenticate(request, username=username, password=password)
-        if user:
-            login(request, user)
-            return redirect('dashboard')
+        email = request.POST.get("email")
+        password = request.POST.get("password")
+
+        if not email or not password:
+            error = "Enter Email and Password"
         else:
-            error = "Invalid username or password"
+            try:
+                user = User.objects.get(email=email)
+
+                if check_password(password, user.password_hash):
+                    request.session["user_id"] = user.user_id
+                    request.session["user_email"] = user.email
+                    return redirect("dashboard")
+                else:
+                    error = "Invalid Email or Password"
+            except User.DoesNotExist:
+                error = "Invalid Email or Password"
     return render(request, 'login.html', {'error': error})
 
 def logout_view(request):
-    logout(request)
+    request.session.flush()
     return redirect('login')
 
 # -------------------
 # Dashboard
 # -------------------
-@login_required(login_url='/login/')  # Redirects to login if not logged in
 def dashboard_view(request):
+    if "user_id" not in request.session:
+        return redirect("/login/")
     return render(request, 'index.html')
 
 # -------------------
@@ -137,10 +147,10 @@ def register_view(request):
         password = request.POST.get("password")
 
         if not email or not password:
-            error = "Enter Username and Password"
+            error = "Enter Email and Password"
 
         elif User.objects.filter(email=email).exists():
-            error = "Username Taken"
+            error = "Email Already in Use"
 
         else:
             hashed_pass = make_password(password)
diff --git a/front-end/login.html b/front-end/login.html
index 06080e9..c697750 100644
--- a/front-end/login.html
+++ b/front-end/login.html
@@ -20,7 +20,7 @@ <h2 style="text-align:center;">AutoPen Login</h2>
     <form method="POST">
       {% csrf_token %}
 
-      <input type="text" name="username" placeholder="Email / Username" required style="width:100%; padding:10px; margin-bottom:10px;">
+      <input type="text" name="email" placeholder="Email / Username" required style="width:100%; padding:10px; margin-bottom:10px;">
 
       <input type="password" name="password" placeholder="Password" required style="width:100%; padding:10px; margin-bottom:15px;">
 
diff --git a/front-end/register.html b/front-end/register.html
index 427fa0d..69ccf91 100644
--- a/front-end/register.html
+++ b/front-end/register.html
@@ -10,7 +10,7 @@ <h2>Create Account</h2>
 <form method="POST">
   {% csrf_token %}
 
-  <input type="text" name="email" placeholder="email" required>
+  <input type="text" name="email" placeholder="Email" required>
   <br><br>
 
   <input type="password" name="password" placeholder="Password" required>

From 8ce532d0595447887ce7ddd137706b0797a335a8 Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Wed, 8 Apr 2026 14:36:28 -0500
Subject: [PATCH 32/41] vulnerability page added

---
 api/models.py                  |   4 ++
 api/urls.py                    |   4 +-
 api/views.py                   |  29 +++++++++-
 front-end/index.html           |   1 +
 front-end/styles/style.css     |  15 ++++-
 front-end/vulnerabilities.html | 101 +++++++++++++++++++++++++++++++++
 6 files changed, 149 insertions(+), 5 deletions(-)
 create mode 100644 front-end/vulnerabilities.html

diff --git a/api/models.py b/api/models.py
index b66898d..72d3732 100644
--- a/api/models.py
+++ b/api/models.py
@@ -76,6 +76,10 @@ class CWE(models.Model):
     severity = models.CharField(max_length=20, null=True, blank=True)
     categories = models.TextField(null=True, blank=True)
 
+    class Meta:
+                db_table = 'cwe'
+                managed = False
+
     def __str__(self):
         return f"{self.cwe_id} - {self.name}"
 
diff --git a/api/urls.py b/api/urls.py
index 90bd453..3ae77f7 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -1,6 +1,6 @@
 from django.urls import path
 from . import views
-from .views import login_view, SubmissionView, SubmissionStatusView
+from .views import login_view, SubmissionView, SubmissionStatusView, vulnerability_list
 
 urlpatterns = [
     # Login / Logout
@@ -14,4 +14,6 @@
 
     # Check status / get results of a submission
     path('submission/<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
+
+    path('vulnerabilities/', views.vulnerability_list, name='vulnerability_list'),
 ]
\ No newline at end of file
diff --git a/api/views.py b/api/views.py
index 7ea075b..9d29700 100644
--- a/api/views.py
+++ b/api/views.py
@@ -9,7 +9,8 @@
 from .services.ai_service import ask_ai
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth import authenticate, login, logout
-from .models import CodeSubmission, File, Threat
+from .models import CodeSubmission, File, Threat, CWE
+from django.db.models import Q
 
 def ask_ai_view(request):
     if request.method == "POST":
@@ -124,3 +125,29 @@ def submit_code(request):
             result = f"Received {len(code.splitlines())} lines of code. Dummy analysis: All good!"
 
     return render(request, 'index.html', {'result': result})
+
+def vulnerability_list(request):
+   query = request.GET.get('q', '').strip()
+   severity = request.GET.get('severity', '').strip()
+
+   vulnerabilities = CWE.objects.all()
+
+   # ONLY apply search if actually typed
+   if query:
+       vulnerabilities = vulnerabilities.filter(
+           Q(name__icontains=query) |
+           Q(description__icontains=query) |
+           Q(cwe_id__icontains=query)
+       )
+
+   # Apply severity filter independently
+   if severity:
+       vulnerabilities = vulnerabilities.filter(severity=severity)
+
+   context = {
+        'vulnerabilities': vulnerabilities,
+        'query': query,
+        'selected_severity': severity,
+    }
+
+   return render(request, 'vulnerabilities.html', context)
\ No newline at end of file
diff --git a/front-end/index.html b/front-end/index.html
index 3386def..7d60367 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -25,6 +25,7 @@ <h2>AutoPen</h2>
         <li>Reports</li>
         <li>Targets</li>
         <li>Settings</li>
+        <li><a href="{% url 'vulnerability_list' %}">Vulnerabilities</a></li>
     </ul>
 </div>
 
diff --git a/front-end/styles/style.css b/front-end/styles/style.css
index 08fe5e3..8f76752 100644
--- a/front-end/styles/style.css
+++ b/front-end/styles/style.css
@@ -243,6 +243,15 @@ tr:hover {
 }
 
 /* ================= SEVERITY COLORS ================= */
-.critical { color: #fb7185; font-weight: bold; }
-.medium   { color: #facc15; font-weight: bold; }
-.low      { color: #34d399; font-weight: bold; }
+.Critical { color: #fb7185; font-weight: bold; }
+.High     { color: #f97316; font-weight: bold; }
+.Medium   { color: #facc15; font-weight: bold; }
+.Low      { color: #34d399; font-weight: bold; }
+
+input, select {
+    background: rgba(17, 24, 39, 0.6);
+    color: #ffffff;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    border-radius: 8px;
+    padding: 10px;
+}
\ No newline at end of file
diff --git a/front-end/vulnerabilities.html b/front-end/vulnerabilities.html
new file mode 100644
index 0000000..c3a5e68
--- /dev/null
+++ b/front-end/vulnerabilities.html
@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+{% load static %}
+<html>
+<head>
+    <title>Vulnerabilities</title>
+    <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+</head>
+
+<body>
+
+<!-- ================= SIDEBAR ================= -->
+<div class="sidebar">
+    <h2>Security Dashboard</h2>
+    <ul>
+        <li><a href="/">Home</a></li>
+        <li><a href="{% url 'vulnerability_list' %}">Vulnerabilities</a></li>
+    </ul>
+</div>
+
+<!-- ================= MAIN CONTENT ================= -->
+<div class="main">
+
+    <!-- HEADER -->
+    <div class="header">
+        <h1>Vulnerability Database</h1>
+        <div class="status">Live Data</div>
+    </div>
+
+    <!-- SEARCH / FILTER CARD -->
+    <div class="card">
+        <h3 style="margin-bottom: 15px;">Search & Filter</h3>
+
+        <form method="GET" style="display:flex; gap:10px; flex-wrap:wrap;">
+
+            <input
+                    type="text"
+                    name="q"
+                    placeholder="Search by name, description, or CWE..."
+                    value="{{ query }}"
+            >
+
+            <select name="severity">
+                <option value="">All Severities</option>
+                <option value="Critical" {% if selected_severity == "Critical" %}selected{% endif %}>Critical</option>
+                <option value="High" {% if selected_severity == "High" %}selected{% endif %}>High</option>
+                <option value="Medium" {% if selected_severity == "Medium" %}selected{% endif %}>Medium</option>
+                <option value="Low" {% if selected_severity == "Low" %}selected{% endif %}>Low</option>
+            </select>
+
+            <button class="scan-btn" type="submit">Apply</button>
+
+        </form>
+    </div>
+
+    <!-- TABLE -->
+    <div class="recent-scans">
+        <h2>All Vulnerabilities</h2>
+
+        <table>
+            <thead>
+            <tr>
+                <th>CWE</th>
+                <th>Name</th>
+                <th>Category</th>
+                <th>CVSS</th>
+                <th>Score</th>
+                <th>Severity</th>
+            </tr>
+            </thead>
+
+            <tbody>
+            {% for v in vulnerabilities %}
+            <tr>
+                <td>{{ v.cwe_id }}</td>
+
+                <td title="{{ v.description }}">
+                    {{ v.name }}
+                </td>
+
+                <td>{{ v.categories }}</td>
+                <td>{{ v.cvss_version }}</td>
+                <td>{{ v.average_score }}</td>
+
+                <td class="{{ v.severity }}">
+                    {{ v.severity }}
+                </td>
+            </tr>
+
+            {% empty %}
+            <tr>
+                <td colspan="6">No vulnerabilities found.</td>
+            </tr>
+            {% endfor %}
+            </tbody>
+        </table>
+    </div>
+
+</div>
+
+</body>
+</html>
\ No newline at end of file

From d2d721d74cb8a36b6d4ed2e75026ce00ffbd71a6 Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Wed, 8 Apr 2026 21:37:36 -0500
Subject: [PATCH 33/41] AI report

---
 api/services/incident_report_ai.py   |  69 +++++++++
 api/utils/incident_report.py         | 142 +++++++++++++++++++
 api/views.py                         | 146 ++++++++++---------
 front-end/incident_report.html       | 203 ++++++++++++++++++++++++++
 front-end/styles/incident_report.css | 204 +++++++++++++++++++++++++++
 5 files changed, 695 insertions(+), 69 deletions(-)
 create mode 100644 api/services/incident_report_ai.py
 create mode 100644 api/utils/incident_report.py
 create mode 100644 front-end/incident_report.html
 create mode 100644 front-end/styles/incident_report.css

diff --git a/api/services/incident_report_ai.py b/api/services/incident_report_ai.py
new file mode 100644
index 0000000..8eafb6e
--- /dev/null
+++ b/api/services/incident_report_ai.py
@@ -0,0 +1,69 @@
+"""
+OpenAI call for structured incident report JSON (template is rendered server-side).
+"""
+from __future__ import annotations
+
+import json
+from typing import Any
+
+from openai import OpenAI
+from decouple import config
+
+client = OpenAI(api_key=config("OPENAI_API_KEY"))
+
+# System message: enforce JSON-only output for downstream parsing.
+_SYSTEM = (
+    "You are a senior cybersecurity analyst. "
+    "You must respond with a single valid JSON object only (no markdown, no prose outside JSON). "
+    "Base every field strictly on the provided passage (user code + tool outputs). "
+    "If information is missing, use concise placeholders like \"N/A\" or \"Not evidenced in scan data\". "
+    "Do not fabricate CVEs, exploits, or incidents not supported by the passage."
+)
+
+
+def build_incident_report_user_prompt(passage: dict[str, Any]) -> str:
+    passage_json = json.dumps(passage, ensure_ascii=False, indent=2)
+    schema = """
+Return a JSON object with exactly these keys (all string values unless noted):
+
+- severity_level: short label (e.g. "Low", "Medium", "High", "Critical", or "Informational")
+- incident_type: short type based on findings (e.g. "Secret exposure", "Injection risk", "Misconfiguration")
+- systems_affected: what is at risk in plain language (the analyzed code context)
+- discovery_method: how issues were found (mention semgrep/gitleaks only if present in passage)
+- status: short status string suitable for an executive summary table
+- cvss: object with keys base, threat, environmental, supplemental — each a string score "0.0"-"10.0" or "N/A"
+- what_happened: 2-5 sentences describing the situation for a non-technical reader
+- impact: array of strings; each item one concrete impact statement
+- follow_up_consequences: 2-4 sentences on consequences if the organization follows up on recommendations
+- no_follow_up_consequences: 2-4 sentences on consequences if recommendations are not followed
+- response_actions: array of objects { "action": string, "details": string } with 4-8 practical remediation steps
+
+Also incorporate this analytical requirement into the narrative fields (what_happened, impact, follow_up_consequences, no_follow_up_consequences):
+Analyze this passage and tell me the consequences of following up and not following up.
+
+Passage (JSON):
+"""
+    return schema.strip() + "\n" + passage_json
+
+
+def generate_incident_report_ai_payload(passage: dict[str, Any]) -> str:
+    """
+    Calls the chat completion API and returns raw message content (expected JSON object).
+    """
+    user_prompt = build_incident_report_user_prompt(passage)
+    kwargs: dict[str, Any] = {
+        "model": "gpt-4.1-mini",
+        "messages": [
+            {"role": "system", "content": _SYSTEM},
+            {"role": "user", "content": user_prompt},
+        ],
+        "response_format": {"type": "json_object"},
+    }
+    try:
+        resp = client.chat.completions.create(**kwargs)
+    except Exception:
+        # Some deployments/models may reject response_format; retry without it.
+        kwargs.pop("response_format", None)
+        resp = client.chat.completions.create(**kwargs)
+
+    return (resp.choices[0].message.content or "").strip()
diff --git a/api/utils/incident_report.py b/api/utils/incident_report.py
new file mode 100644
index 0000000..de378bb
--- /dev/null
+++ b/api/utils/incident_report.py
@@ -0,0 +1,142 @@
+"""
+Helpers to parse LLM JSON output and merge backend-filled fields for incident reports.
+"""
+from __future__ import annotations
+
+import json
+import re
+import uuid
+from typing import Any
+
+from django.utils import timezone
+
+
+def parse_llm_json(raw: str) -> dict[str, Any]:
+    """
+    Parse JSON from model output. Strips optional ```json ... ``` fences.
+    """
+    text = (raw or "").strip()
+    if not text:
+        return {}
+
+    fence = re.search(r"```(?:json)?\s*([\s\S]*?)\s*```", text, re.IGNORECASE)
+    if fence:
+        text = fence.group(1).strip()
+
+    try:
+        data = json.loads(text)
+        return data if isinstance(data, dict) else {}
+    except json.JSONDecodeError:
+        return {}
+
+
+def _as_str(value: Any, default: str = "") -> str:
+    if value is None:
+        return default
+    if isinstance(value, str):
+        return value
+    return str(value)
+
+
+def _as_str_list(value: Any) -> list[str]:
+    if value is None:
+        return []
+    if isinstance(value, str):
+        return [value] if value.strip() else []
+    if isinstance(value, list):
+        out: list[str] = []
+        for item in value:
+            s = _as_str(item).strip()
+            if s:
+                out.append(s)
+        return out
+    return []
+
+
+def _normalize_cvss(ai: dict[str, Any]) -> dict[str, str]:
+    raw = ai.get("cvss")
+    if not isinstance(raw, dict):
+        raw = {}
+    return {
+        "base": _as_str(raw.get("base"), "N/A"),
+        "threat": _as_str(raw.get("threat"), "N/A"),
+        "environmental": _as_str(raw.get("environmental"), "N/A"),
+        "supplemental": _as_str(raw.get("supplemental"), "N/A"),
+    }
+
+
+def _normalize_response_actions(ai: dict[str, Any]) -> list[dict[str, str]]:
+    rows = ai.get("response_actions")
+    if not isinstance(rows, list):
+        return []
+    out: list[dict[str, str]] = []
+    for row in rows:
+        if not isinstance(row, dict):
+            continue
+        action = _as_str(row.get("action")).strip()
+        details = _as_str(row.get("details")).strip()
+        if action or details:
+            out.append({"action": action or "—", "details": details or "—"})
+    return out
+
+
+def merge_incident_report_context(
+    *,
+    request,
+    ai: dict[str, Any],
+    parse_error: str | None = None,
+) -> dict[str, Any]:
+    """
+    Backend-owned fields + normalized AI fields for template rendering.
+    """
+    now = timezone.now()
+    incident_id = f"CYB-{now.year}-{uuid.uuid4().hex[:4].upper()}"
+    dt_display = now.strftime("%d %B %Y, %H:%M %Z").strip() or now.isoformat()
+
+    user = getattr(request, "user", None)
+    if user is not None and getattr(user, "is_authenticated", False):
+        reported_by = user.get_username() or _as_str(getattr(user, "email", ""), "Unknown")
+    else:
+        reported_by = "Unknown"
+
+    cvss = _normalize_cvss(ai)
+    impact = _as_str_list(ai.get("impact"))
+    response_actions = _normalize_response_actions(ai)
+
+    return {
+        "report_kicker": "Cybersecurity",
+        "report_title": "Incident Report",
+        "report_subtitle": "CODE SECURITY ANALYSIS",
+        "incident_id": incident_id,
+        "report_datetime": dt_display,
+        "reported_by": reported_by,
+        "severity_level": _as_str(ai.get("severity_level"), "Unknown"),
+        "incident_type": _as_str(ai.get("incident_type"), "Code security review"),
+        "systems_affected": _as_str(ai.get("systems_affected"), "Submitted code artifact"),
+        "discovery_method": _as_str(
+            ai.get("discovery_method"),
+            "Automated static analysis (semgrep) and secret scanning (gitleaks)",
+        ),
+        "status": _as_str(ai.get("status"), "Analysis complete"),
+        "cvss_base": cvss["base"],
+        "cvss_threat": cvss["threat"],
+        "cvss_environmental": cvss["environmental"],
+        "cvss_supplemental": cvss["supplemental"],
+        "what_happened": _as_str(
+            ai.get("what_happened"),
+            "No narrative could be generated from the model output.",
+        ),
+        "impact_items": impact,
+        "follow_up_consequences": _as_str(ai.get("follow_up_consequences"), ""),
+        "no_follow_up_consequences": _as_str(ai.get("no_follow_up_consequences"), ""),
+        "response_actions": response_actions,
+        "parse_error": parse_error or "",
+    }
+
+
+DISCLAIMER_TEXT = (
+    "This report is partially generated with the assistance of automated code pre-processing "
+    "and OpenAI-based report generation. It should not be treated as a substitute for manual "
+    "security review, professional judgment, or formal penetration testing validation. Any "
+    "findings, risk ratings, and recommendations should be independently verified before use."
+)
diff --git a/api/views.py b/api/views.py
index aab21d0..c7fd554 100644
--- a/api/views.py
+++ b/api/views.py
@@ -7,6 +7,12 @@
 from django.http import JsonResponse
 import json
 from .services.ai_service import ask_ai
+from .services.incident_report_ai import generate_incident_report_ai_payload
+from .utils.incident_report import (
+    DISCLAIMER_TEXT,
+    merge_incident_report_context,
+    parse_llm_json,
+)
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth import authenticate, login, logout
 from .models import CodeSubmission, File, Threat
@@ -114,72 +120,74 @@ def dashboard_view(request):
 # -------------------
 @login_required
 def submit_code(request):
-    print("HIT SUBMIT VIEW")
-    result = None
-
-    if request.method == "POST":
-        code = request.POST.get("code", "")
-
-        print("CODE:", code)  # debug
-
-        if not code.strip():
-            result = "No code submitted."
-        else:
-            # Create an isolated temp directory so semgrep/gitleaks can scan it safely.
-            tmp_dir_path = Path(tempfile.mkdtemp(prefix="autopen_"))
-            try:
-                target_file_path = tmp_dir_path / "target.py"
-                target_file_path.write_text(code, encoding="utf-8")
-
-                # Pre-process: run semgrep + gitleaks against the temporary file.
-                semgrep_report = run_semgrep(str(target_file_path))
-                gitleaks_report = run_gitleaks(str(target_file_path))
-
-                # Keep the prompt size bounded.
-                max_code_chars = 8000
-                truncated = code[:max_code_chars]
-                trunc_note = ""
-                if len(code) > max_code_chars:
-                    trunc_note = f"\n\n[NOTE] Code was truncated to the first {max_code_chars} characters."
-
-                # Keep tool findings compact to reduce token usage.
-                semgrep_results = semgrep_report.get("results", []) or []
-                gitleaks_results = gitleaks_report.get("results", []) or []
-                semgrep_results = semgrep_results[:20]
-                gitleaks_results = gitleaks_results[:20]
-
-                # Assemble a single "passage" for OpenAI analysis.
-                passage = {
-                    "user_code": truncated + trunc_note,
-                    "semgrep": {
-                        "error": semgrep_report.get("error"),
-                        "results": semgrep_results,
-                    },
-                    "gitleaks": {
-                        "error": gitleaks_report.get("error"),
-                        "results": gitleaks_results,
-                    },
-                }
-
-                prompt = (
-                    "You are a security analysis assistant.\n\n"
-                    "Analyze this passage and tell me the consequences of following up and not following up.\n\n"
-                    "## Passage (code + tool findings)\n"
-                    f"{json.dumps(passage, ensure_ascii=False, indent=2)}\n\n"
-                    "## Output requirements\n"
-                    "1. Provide a clear overall risk summary (1-2 sentences).\n"
-                    "2. Provide 'Consequences if following up' and 'Consequences if not following up'.\n"
-                    "3. For each consequence, include which tool finding(s) it is based on.\n"
-                    "4. End with 'Recommended next steps' (3-5 bullet points) focusing on practical remediation.\n"
-                    "5. Do not invent findings that are not supported by the passage.\n"
-                )
-
-                result = ask_ai(prompt)
-            except Exception as e:
-                # Return an error string so the front-end still shows something useful.
-                result = f"Analysis failed: {type(e).__name__}: {e}"
-            finally:
-                # Best-effort cleanup of temporary files.
-                shutil.rmtree(tmp_dir_path, ignore_errors=True)
-
-    return render(request, 'index.html', {'result': result})
+    if request.method != "POST":
+        return redirect("dashboard")
+
+    code = request.POST.get("code", "").strip()
+    if not code:
+        return render(
+            request,
+            "index.html",
+            {"result": "No code submitted."},
+        )
+
+    # Create an isolated temp directory so semgrep/gitleaks can scan it safely.
+    tmp_dir_path = Path(tempfile.mkdtemp(prefix="autopen_"))
+    try:
+        target_file_path = tmp_dir_path / "target.py"
+        target_file_path.write_text(code, encoding="utf-8")
+
+        # Pre-process: run semgrep + gitleaks against the temporary file.
+        semgrep_report = run_semgrep(str(target_file_path))
+        gitleaks_report = run_gitleaks(str(target_file_path))
+
+        # Keep the prompt size bounded.
+        max_code_chars = 8000
+        truncated = code[:max_code_chars]
+        trunc_note = ""
+        if len(code) > max_code_chars:
+            trunc_note = f"\n\n[NOTE] Code was truncated to the first {max_code_chars} characters."
+
+        # Keep tool findings compact to reduce token usage.
+        semgrep_results = semgrep_report.get("results", []) or []
+        gitleaks_results = gitleaks_report.get("results", []) or []
+        semgrep_results = semgrep_results[:20]
+        gitleaks_results = gitleaks_results[:20]
+
+        # Assemble a single "passage" for OpenAI analysis.
+        passage = {
+            "user_code": truncated + trunc_note,
+            "semgrep": {
+                "error": semgrep_report.get("error"),
+                "results": semgrep_results,
+            },
+            "gitleaks": {
+                "error": gitleaks_report.get("error"),
+                "results": gitleaks_results,
+            },
+        }
+
+        raw_json = generate_incident_report_ai_payload(passage)
+        ai_data = parse_llm_json(raw_json)
+        parse_error = None
+        if not ai_data:
+            parse_error = (
+                "The model returned empty or non-JSON output; placeholder values are shown where needed."
+            )
+
+        ctx = merge_incident_report_context(
+            request=request,
+            ai=ai_data,
+            parse_error=parse_error,
+        )
+        ctx["disclaimer"] = DISCLAIMER_TEXT
+        return render(request, "incident_report.html", ctx)
+    except Exception as e:
+        return render(
+            request,
+            "index.html",
+            {"result": f"Analysis failed: {type(e).__name__}: {e}"},
+        )
+    finally:
+        # Best-effort cleanup of temporary files.
+        shutil.rmtree(tmp_dir_path, ignore_errors=True)
diff --git a/front-end/incident_report.html b/front-end/incident_report.html
new file mode 100644
index 0000000..6eff57a
--- /dev/null
+++ b/front-end/incident_report.html
@@ -0,0 +1,203 @@
+<!DOCTYPE html>
+{% load static %}
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Incident Report — AutoPen</title>
+  <link rel="stylesheet" href="{% static 'styles/incident_report.css' %}">
+</head>
+<body class="incident-report-body">
+
+<div class="ir-wrap">
+  <div class="ir-actions">
+    <a class="ir-back" href="{% url 'dashboard' %}">← Back to dashboard</a>
+    <button type="button" class="ir-btn-download" id="ir-download-html" data-incident-id="{{ incident_id }}">
+      Download HTML
+    </button>
+  </div>
+
+  {% if parse_error %}
+  <div class="ir-parse-error">{{ parse_error }}</div>
+  {% endif %}
+
+  <header class="ir-header">
+    <p class="ir-kicker">{{ report_kicker }}</p>
+    <h1 class="ir-title">{{ report_title }}</h1>
+    <p class="ir-subtitle">{{ report_subtitle }}</p>
+  </header>
+
+  <h2 class="ir-section-title">Incident overview</h2>
+  <div class="ir-card">
+    <table class="ir-table">
+      <tbody>
+        <tr><th scope="row">Incident ID</th><td>{{ incident_id }}</td></tr>
+        <tr><th scope="row">Date &amp; time</th><td>{{ report_datetime }}</td></tr>
+        <tr><th scope="row">Reported by</th><td>{{ reported_by }}</td></tr>
+        <tr><th scope="row">Severity level</th><td>{{ severity_level }}</td></tr>
+        <tr><th scope="row">Incident type</th><td>{{ incident_type }}</td></tr>
+        <tr><th scope="row">Systems affected</th><td>{{ systems_affected }}</td></tr>
+        <tr><th scope="row">Discovery method</th><td>{{ discovery_method }}</td></tr>
+        <tr><th scope="row">Status</th><td>{{ status }}</td></tr>
+      </tbody>
+    </table>
+  </div>
+
+  <h2 class="ir-section-title">CVSS score (0.0–10.0)</h2>
+  <div class="ir-card">
+    <table class="ir-table ir-cvss-table">
+      <thead>
+        <tr>
+          <th scope="col">Base</th>
+          <th scope="col">Threat</th>
+          <th scope="col">Environmental</th>
+          <th scope="col">Supplemental</th>
+        </tr>
+      </thead>
+      <tbody>
+        <tr>
+          <td>{{ cvss_base }}</td>
+          <td>{{ cvss_threat }}</td>
+          <td>{{ cvss_environmental }}</td>
+          <td>{{ cvss_supplemental }}</td>
+        </tr>
+      </tbody>
+    </table>
+  </div>
+
+  <h2 class="ir-section-title">Description &amp; impact</h2>
+  <div class="ir-card ir-block">
+    <h4>What happened</h4>
+    <p>{{ what_happened|linebreaksbr }}</p>
+
+    <h4>Impact</h4>
+    {% if impact_items %}
+    <ul>
+      {% for item in impact_items %}
+      <li>{{ item }}</li>
+      {% endfor %}
+    </ul>
+    {% else %}
+    <p>—</p>
+    {% endif %}
+
+    <h4>Consequences if following up</h4>
+    <p>{% if follow_up_consequences %}{{ follow_up_consequences|linebreaksbr }}{% else %}—{% endif %}</p>
+
+    <h4>Consequences if not following up</h4>
+    <p>{% if no_follow_up_consequences %}{{ no_follow_up_consequences|linebreaksbr }}{% else %}—{% endif %}</p>
+  </div>
+
+  <h2 class="ir-section-title">Response &amp; resolution</h2>
+  <div class="ir-card">
+    <table class="ir-table">
+      <thead>
+        <tr>
+          <th scope="col">Action</th>
+          <th scope="col">Details</th>
+        </tr>
+      </thead>
+      <tbody>
+        {% for row in response_actions %}
+        <tr>
+          <td>{{ row.action }}</td>
+          <td>{{ row.details }}</td>
+        </tr>
+        {% empty %}
+        <tr>
+          <td colspan="2">No remediation steps were returned by the model.</td>
+        </tr>
+        {% endfor %}
+      </tbody>
+    </table>
+  </div>
+
+  <p class="ir-disclaimer">{{ disclaimer }}</p>
+
+  <div class="ir-sign">
+    <div class="ir-sign-row"><strong>Sign:</strong></div>
+    <div class="ir-sign-row"><strong>Date:</strong></div>
+  </div>
+</div>
+
+<script>
+(function () {
+  const btn = document.getElementById("ir-download-html");
+  if (!btn) return;
+
+  function escapeHtml(text) {
+    return String(text)
+      .replace(/&/g, "&amp;")
+      .replace(/</g, "&lt;")
+      .replace(/>/g, "&gt;")
+      .replace(/"/g, "&quot;");
+  }
+
+  btn.addEventListener("click", async function () {
+    let inlineCss = "";
+    const link = document.querySelector('link[rel="stylesheet"]');
+    if (link && link.href) {
+      try {
+        const res = await fetch(link.href, { credentials: "same-origin" });
+        if (res.ok) {
+          inlineCss = "<style>\n" + (await res.text()) + "\n</style>";
+        }
+      } catch (_) {
+        /* offline / CORS: file will still download without inlined CSS */
+      }
+    }
+
+    const bodyClone = document.body.cloneNode(true);
+    bodyClone.querySelectorAll("script").forEach(function (el) {
+      el.remove();
+    });
+    const cloneBtn = bodyClone.querySelector("#ir-download-html");
+    if (cloneBtn) {
+      const actions = cloneBtn.closest(".ir-actions");
+      if (actions) {
+        const backOnly = document.createElement("div");
+        backOnly.className = "ir-actions";
+        const back = actions.querySelector(".ir-back");
+        if (back) {
+          backOnly.appendChild(back.cloneNode(true));
+        }
+        actions.replaceWith(backOnly);
+      } else {
+        cloneBtn.remove();
+      }
+    }
+
+    const title = document.title || "Incident Report";
+    const rawId = btn.getAttribute("data-incident-id") || "report";
+    const safeId = rawId.replace(/[^a-zA-Z0-9-_]/g, "_");
+    const filename = "incident-report-" + safeId + ".html";
+
+    const doc =
+      "<!DOCTYPE html>\n" +
+      '<html lang="en">\n' +
+      "<head>\n" +
+      '<meta charset="UTF-8">\n' +
+      '<meta name="viewport" content="width=device-width, initial-scale=1.0">\n' +
+      "<title>" + escapeHtml(title) + "</title>\n" +
+      inlineCss +
+      "\n</head>\n" +
+      '<body class="incident-report-body">\n' +
+      bodyClone.innerHTML +
+      "\n</body>\n</html>";
+
+    const blob = new Blob([doc], { type: "text/html;charset=utf-8" });
+    const url = URL.createObjectURL(blob);
+    const a = document.createElement("a");
+    a.href = url;
+    a.download = filename;
+    a.rel = "noopener";
+    document.body.appendChild(a);
+    a.click();
+    a.remove();
+    URL.revokeObjectURL(url);
+  });
+})();
+</script>
+
+</body>
+</html>
diff --git a/front-end/styles/incident_report.css b/front-end/styles/incident_report.css
new file mode 100644
index 0000000..29edcb1
--- /dev/null
+++ b/front-end/styles/incident_report.css
@@ -0,0 +1,204 @@
+/* Incident report page — grey + seafoam, minimal */
+
+:root {
+  --bg: #f4f7f6;
+  --surface: #ffffff;
+  --text: #334155;
+  --muted: #64748b;
+  --seafoam: #5eead4;
+  --seafoam-dark: #0d9488;
+  --border: #cbd5e1;
+  --grey-bar: #e2e8f0;
+}
+
+* {
+  box-sizing: border-box;
+}
+
+body.incident-report-body {
+  margin: 0;
+  min-height: 100vh;
+  font-family: "Segoe UI", system-ui, -apple-system, sans-serif;
+  background: var(--bg);
+  color: var(--text);
+  line-height: 1.5;
+}
+
+.ir-wrap {
+  max-width: 900px;
+  margin: 0 auto;
+  padding: 2.5rem 1.5rem 4rem;
+}
+
+.ir-actions {
+  display: flex;
+  align-items: center;
+  justify-content: space-between;
+  flex-wrap: wrap;
+  gap: 0.75rem;
+  margin-bottom: 1.25rem;
+}
+
+.ir-back {
+  display: inline-block;
+  font-size: 0.9rem;
+  color: var(--seafoam-dark);
+  text-decoration: none;
+}
+
+.ir-back:hover {
+  text-decoration: underline;
+}
+
+.ir-btn-download {
+  font-size: 0.9rem;
+  font-family: inherit;
+  padding: 0.5rem 1.1rem;
+  border-radius: 999px;
+  border: 1px solid var(--seafoam-dark);
+  background: var(--surface);
+  color: var(--seafoam-dark);
+  cursor: pointer;
+  transition: background 0.2s, color 0.2s;
+}
+
+.ir-btn-download:hover {
+  background: rgba(94, 234, 212, 0.25);
+  color: #0f766e;
+}
+
+.ir-parse-error {
+  background: #fef3c7;
+  border: 1px solid #fcd34d;
+  color: #92400e;
+  padding: 0.75rem 1rem;
+  border-radius: 8px;
+  margin-bottom: 1.5rem;
+  font-size: 0.9rem;
+}
+
+.ir-header {
+  border-left: 4px solid var(--seafoam);
+  padding-left: 1.25rem;
+  margin-bottom: 2rem;
+}
+
+.ir-kicker {
+  font-size: 0.75rem;
+  letter-spacing: 0.12em;
+  text-transform: uppercase;
+  color: var(--muted);
+  margin: 0 0 0.35rem;
+}
+
+.ir-title {
+  font-size: 1.85rem;
+  font-weight: 600;
+  margin: 0 0 0.25rem;
+  color: #1e293b;
+}
+
+.ir-subtitle {
+  font-size: 0.8rem;
+  letter-spacing: 0.08em;
+  text-transform: uppercase;
+  color: var(--seafoam-dark);
+  margin: 0;
+}
+
+.ir-section-title {
+  font-size: 1rem;
+  font-weight: 600;
+  color: #1e293b;
+  margin: 2rem 0 0.75rem;
+  padding-bottom: 0.35rem;
+  border-bottom: 2px solid var(--seafoam);
+}
+
+.ir-card {
+  background: var(--surface);
+  border: 1px solid var(--border);
+  border-radius: 10px;
+  padding: 1.25rem 1.5rem;
+  box-shadow: 0 1px 2px rgba(15, 23, 42, 0.04);
+}
+
+.ir-table {
+  width: 100%;
+  border-collapse: collapse;
+  font-size: 0.92rem;
+}
+
+.ir-table th,
+.ir-table td {
+  padding: 0.65rem 0.85rem;
+  text-align: left;
+  border-bottom: 1px solid var(--grey-bar);
+  vertical-align: top;
+}
+
+.ir-table th {
+  width: 32%;
+  font-weight: 600;
+  color: #475569;
+  background: #f8fafc;
+}
+
+.ir-table tr:last-child th,
+.ir-table tr:last-child td {
+  border-bottom: none;
+}
+
+.ir-cvss-table th {
+  width: 25%;
+  text-align: center;
+  background: #f1f5f9;
+}
+
+.ir-cvss-table td {
+  text-align: center;
+  font-variant-numeric: tabular-nums;
+}
+
+.ir-block h4 {
+  margin: 1rem 0 0.5rem;
+  font-size: 0.95rem;
+  color: #0f766e;
+}
+
+.ir-block p {
+  margin: 0 0 0.75rem;
+  white-space: pre-wrap;
+}
+
+.ir-block ul {
+  margin: 0;
+  padding-left: 1.25rem;
+}
+
+.ir-block li {
+  margin-bottom: 0.35rem;
+}
+
+.ir-disclaimer {
+  margin-top: 2.5rem;
+  padding: 1rem 1.25rem;
+  background: #f1f5f9;
+  border-radius: 8px;
+  font-size: 0.8rem;
+  color: var(--muted);
+  line-height: 1.55;
+}
+
+.ir-sign {
+  margin-top: 2rem;
+  display: grid;
+  gap: 1rem;
+  font-size: 0.95rem;
+}
+
+.ir-sign-row {
+  border-bottom: 1px solid var(--border);
+  padding-bottom: 0.35rem;
+  min-height: 2rem;
+}

From 33ce3193ef4075a22f957acb55cf636b0aa29b4e Mon Sep 17 00:00:00 2001
From: kaye-s <kayes@uwm.edu>
Date: Fri, 10 Apr 2026 12:34:22 -0500
Subject: [PATCH 34/41] fixed merging errors and updated everything with the
 changes

---
 api/views.py                   | 18 +++++++++-----
 front-end/login.html           | 13 +++-------
 front-end/register.html        | 43 ++++++++++++++++++++++++----------
 front-end/scripts/login.js     |  7 +++++-
 front-end/vulnerabilities.html | 29 ++++++++++++++++++++---
 5 files changed, 77 insertions(+), 33 deletions(-)

diff --git a/api/views.py b/api/views.py
index 5f2803b..6b6dfd4 100644
--- a/api/views.py
+++ b/api/views.py
@@ -8,10 +8,15 @@
 from django.http import JsonResponse
 import json
 from .services.ai_service import ask_ai
-from django.contrib.auth.decorators import login_required
-from django.contrib.auth import authenticate, login, logout
 from .models import CodeSubmission, File, Threat, CWE, User
 from django.db.models import Q
+from django.shortcuts import render, redirect
+from django.contrib.auth.hashers import check_password, make_password
+
+def require_login(request):
+    if "user_id" not in request.session:
+        return redirect("login")
+    return None
 
 def ask_ai_view(request):
     if request.method == "POST":
@@ -113,15 +118,16 @@ def logout_view(request):
 # Dashboard
 # -------------------
 def dashboard_view(request):
-    if "user_id" not in request.session:
-        return redirect("/login/")
+    if require_login(request):
+        return require_login(request)
     return render(request, 'index.html')
 
 # -------------------
 # Dummy Code Submission
 # -------------------
-@login_required
 def submit_code(request):
+    if require_login(request):
+            return require_login(request)
     print("HIT SUBMIT VIEW")
     result = None
 
@@ -182,7 +188,7 @@ def register_view(request):
             hashed_pass = make_password(password)
 
             user = User.objects.create(email=email, password_hash=hashed_pass)
-            request.session["user_id"] = user.user_id
+            request.session["user_email"] = user.email
             return redirect('dashboard')
 
     return render(request, 'register.html', {'error': error})
diff --git a/front-end/login.html b/front-end/login.html
index 68261df..886a640 100644
--- a/front-end/login.html
+++ b/front-end/login.html
@@ -19,16 +19,9 @@ <h2>AutoPen Login</h2>
   <form method="POST">
     {% csrf_token %}
 
-      <input type="text" name="email" placeholder="Email / Username" required style="width:100%; padding:10px; margin-bottom:10px;">
-
-      <input type="password" name="password" placeholder="Password" required style="width:100%; padding:10px; margin-bottom:15px;">
-
-      <button type="submit" class="scan-btn" style="width:100%;">Login</button>
-    </form>
-
-    <p style="text-align:center; margin-top:15px;">
-      Don't have an account?
-    </p>
+    <div class="input-group">
+      <input type="text" name="email" placeholder="Email" required>
+    </div>
 
     <div class="input-group">
       <input type="password" name="password" placeholder="Password" required>
diff --git a/front-end/register.html b/front-end/register.html
index 69ccf91..21bb538 100644
--- a/front-end/register.html
+++ b/front-end/register.html
@@ -1,27 +1,44 @@
 <!DOCTYPE html>
-<html>
+{% load static %}
+<html lang="en">
 <head>
-  <title>Register</title>
+  <title>Register - AutoPen</title>
+
+  <link rel="stylesheet" href="{% static 'styles/login.css' %}">
 </head>
+
 <body>
 
-<h2>Create Account</h2>
+<div class="login-box">
+
+  <h2>Create Account</h2>
+
+  {% if error %}
+  <p class="error">{{ error }}</p>
+  {% endif %}
+
+  <form method="POST">
+    {% csrf_token %}
 
-<form method="POST">
-  {% csrf_token %}
+    <div class="input-group">
+      <input type="text" name="email" placeholder="Email" required>
+    </div>
 
-  <input type="text" name="email" placeholder="Email" required>
-  <br><br>
+    <div class="input-group">
+      <input type="password" name="password" placeholder="Password" required>
+    </div>
 
-  <input type="password" name="password" placeholder="Password" required>
-  <br><br>
+    <button type="submit" class="login-btn">Register</button>
+  </form>
 
-  <button type="submit">Register</button>
+  <div class="register">
+    <p>Already have an account?</p>
+    <a href="/login/">Back to Login</a>
+  </div>
 
-</form>
+</div>
 
-<br>
-<a href="/">Back to Login</a>
+<script src="{% static 'scripts/login.js' %}"></script>
 
 </body>
 </html>
\ No newline at end of file
diff --git a/front-end/scripts/login.js b/front-end/scripts/login.js
index 2b017cd..4657bb0 100644
--- a/front-end/scripts/login.js
+++ b/front-end/scripts/login.js
@@ -17,7 +17,12 @@ const form = document.querySelector("form");
 const button = document.querySelector(".login-btn");
 
 form.addEventListener("submit", () => {
-    button.innerText = "Logging in...";
+    if (button.innerText.toLowerCase().includes("register")) {
+        button.innerText = "Creating account...";
+    } else {
+        button.innerText = "Logging in...";
+    }
+
     button.classList.add("loading");
     button.disabled = true;
 });
diff --git a/front-end/vulnerabilities.html b/front-end/vulnerabilities.html
index c3a5e68..9cec22b 100644
--- a/front-end/vulnerabilities.html
+++ b/front-end/vulnerabilities.html
@@ -4,17 +4,40 @@
 <head>
     <title>Vulnerabilities</title>
     <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+    <script src="{% static 'scripts/main.js' %}"></script>
 </head>
 
 <body>
 
-<!-- ================= SIDEBAR ================= -->
+<!-- ☰ Hamburger -->
+<div class="hamburger" id="hamburger">
+    <span></span>
+    <span></span>
+    <span></span>
+</div>
+
 <div class="sidebar">
-    <h2>Security Dashboard</h2>
+    <h2>AutoPen</h2>
     <ul>
-        <li><a href="/">Home</a></li>
+        <li><a href="{% url 'dashboard' %}">Dashboard</a></li>
+        <li>Start Scan</li>
+        <li>Reports</li>
+        <li>Targets</li>
+        <li>Settings</li>
         <li><a href="{% url 'vulnerability_list' %}">Vulnerabilities</a></li>
     </ul>
+
+    <!-- 👇 Sidebar Footer (User + Logout) -->
+    <div class="sidebar-footer">
+        <span class="user-name">{{ request.user }}</span>
+
+        <form method="POST" action="{% url 'logout' %}">
+            {% csrf_token %}
+            <button type="submit" class="logout-btn">
+                Logout
+            </button>
+        </form>
+    </div>
 </div>
 
 <!-- ================= MAIN CONTENT ================= -->

From 52e22dec5768dda979f4e3ee49bbff2f633a6e10 Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Sat, 11 Apr 2026 18:34:07 -0500
Subject: [PATCH 35/41] upload file and connect to backend to generate report

---
 api/services/incident_report_ai.py |   2 +-
 api/views.py                       | 189 +++++++++++++++++++----------
 front-end/index.html               |   4 +-
 3 files changed, 129 insertions(+), 66 deletions(-)

diff --git a/api/services/incident_report_ai.py b/api/services/incident_report_ai.py
index 8eafb6e..58d8a93 100644
--- a/api/services/incident_report_ai.py
+++ b/api/services/incident_report_ai.py
@@ -52,7 +52,7 @@ def generate_incident_report_ai_payload(passage: dict[str, Any]) -> str:
     """
     user_prompt = build_incident_report_user_prompt(passage)
     kwargs: dict[str, Any] = {
-        "model": "gpt-4.1-mini",
+        "model": "gpt-5.4-nano",
         "messages": [
             {"role": "system", "content": _SYSTEM},
             {"role": "user", "content": user_prompt},
diff --git a/api/views.py b/api/views.py
index c7fd554..d684f4d 100644
--- a/api/views.py
+++ b/api/views.py
@@ -17,10 +17,108 @@
 from django.contrib.auth import authenticate, login, logout
 from .models import CodeSubmission, File, Threat
 from pathlib import Path
+import re
 import tempfile
 import shutil
 from .utils.prescan import run_semgrep, run_gitleaks
 
+# Max upload size for scan (bytes).
+MAX_UPLOAD_BYTES = 2 * 1024 * 1024
+
+
+def _safe_upload_basename(original_name: str) -> str:
+    """Return a single path segment safe for writing under a temp directory."""
+    base = Path(original_name).name
+    if not base or base in {".", ".."}:
+        return "upload.txt"
+    safe = re.sub(r"[^a-zA-Z0-9._-]", "_", base)
+    if len(safe) > 200:
+        stem = Path(safe).stem[:150]
+        suffix = Path(safe).suffix[:20]
+        safe = stem + suffix
+    return safe or "upload.txt"
+
+
+def _read_uploaded_text(uploaded) -> str:
+    """Read uploaded file as text with a hard size cap."""
+    chunk = uploaded.read(MAX_UPLOAD_BYTES + 1)
+    if len(chunk) > MAX_UPLOAD_BYTES:
+        raise ValueError(
+            f"File is too large (max {MAX_UPLOAD_BYTES // (1024 * 1024)} MiB)."
+        )
+    return chunk.decode("utf-8", errors="replace")
+
+
+def _run_incident_scan(request, code: str, source: dict):
+    """
+    Shared pipeline: write code to a temp file, pre-scan, call OpenAI JSON report, render HTML.
+    source: {"origin": "upload"|"paste", "filename": str}
+    """
+    tmp_dir_path = Path(tempfile.mkdtemp(prefix="autopen_"))
+    try:
+        if source.get("origin") == "upload":
+            fname = _safe_upload_basename(source.get("filename") or "upload.txt")
+        else:
+            fname = "pasted_code.py"
+        target_file_path = tmp_dir_path / fname
+        target_file_path.write_text(code, encoding="utf-8")
+
+        # Pre-process: run semgrep + gitleaks against the temporary file.
+        semgrep_report = run_semgrep(str(target_file_path))
+        gitleaks_report = run_gitleaks(str(target_file_path))
+
+        # Keep the prompt size bounded.
+        max_code_chars = 8000
+        truncated = code[:max_code_chars]
+        trunc_note = ""
+        if len(code) > max_code_chars:
+            trunc_note = f"\n\n[NOTE] Code was truncated to the first {max_code_chars} characters."
+
+        # Keep tool findings compact to reduce token usage.
+        semgrep_results = semgrep_report.get("results", []) or []
+        gitleaks_results = gitleaks_report.get("results", []) or []
+        semgrep_results = semgrep_results[:20]
+        gitleaks_results = gitleaks_results[:20]
+
+        # Assemble a single "passage" for OpenAI analysis.
+        passage = {
+            "source": source,
+            "user_code": truncated + trunc_note,
+            "semgrep": {
+                "error": semgrep_report.get("error"),
+                "results": semgrep_results,
+            },
+            "gitleaks": {
+                "error": gitleaks_report.get("error"),
+                "results": gitleaks_results,
+            },
+        }
+
+        raw_json = generate_incident_report_ai_payload(passage)
+        ai_data = parse_llm_json(raw_json)
+        parse_error = None
+        if not ai_data:
+            parse_error = (
+                "The model returned empty or non-JSON output; placeholder values are shown where needed."
+            )
+
+        ctx = merge_incident_report_context(
+            request=request,
+            ai=ai_data,
+            parse_error=parse_error,
+        )
+        ctx["disclaimer"] = DISCLAIMER_TEXT
+        return render(request, "incident_report.html", ctx)
+    except Exception as e:
+        return render(
+            request,
+            "index.html",
+            {"result": f"Analysis failed: {type(e).__name__}: {e}"},
+        )
+    finally:
+        # Best-effort cleanup of temporary files.
+        shutil.rmtree(tmp_dir_path, ignore_errors=True)
+
 def ask_ai_view(request):
     if request.method == "POST":
         data = json.loads(request.body)
@@ -123,71 +221,36 @@ def submit_code(request):
     if request.method != "POST":
         return redirect("dashboard")
 
-    code = request.POST.get("code", "").strip()
-    if not code:
-        return render(
-            request,
-            "index.html",
-            {"result": "No code submitted."},
-        )
-
-    # Create an isolated temp directory so semgrep/gitleaks can scan it safely.
-    tmp_dir_path = Path(tempfile.mkdtemp(prefix="autopen_"))
-    try:
-        target_file_path = tmp_dir_path / "target.py"
-        target_file_path.write_text(code, encoding="utf-8")
-
-        # Pre-process: run semgrep + gitleaks against the temporary file.
-        semgrep_report = run_semgrep(str(target_file_path))
-        gitleaks_report = run_gitleaks(str(target_file_path))
-
-        # Keep the prompt size bounded.
-        max_code_chars = 8000
-        truncated = code[:max_code_chars]
-        trunc_note = ""
-        if len(code) > max_code_chars:
-            trunc_note = f"\n\n[NOTE] Code was truncated to the first {max_code_chars} characters."
-
-        # Keep tool findings compact to reduce token usage.
-        semgrep_results = semgrep_report.get("results", []) or []
-        gitleaks_results = gitleaks_report.get("results", []) or []
-        semgrep_results = semgrep_results[:20]
-        gitleaks_results = gitleaks_results[:20]
-
-        # Assemble a single "passage" for OpenAI analysis.
-        passage = {
-            "user_code": truncated + trunc_note,
-            "semgrep": {
-                "error": semgrep_report.get("error"),
-                "results": semgrep_results,
-            },
-            "gitleaks": {
-                "error": gitleaks_report.get("error"),
-                "results": gitleaks_results,
-            },
-        }
+    uploaded = request.FILES.get("file")
+    code_paste = request.POST.get("code", "").strip()
 
-        raw_json = generate_incident_report_ai_payload(passage)
-        ai_data = parse_llm_json(raw_json)
-        parse_error = None
-        if not ai_data:
-            parse_error = (
-                "The model returned empty or non-JSON output; placeholder values are shown where needed."
+    # Prefer a non-empty file upload over pasted text when both are present.
+    if uploaded is not None and getattr(uploaded, "size", 0) > 0:
+        try:
+            code = _read_uploaded_text(uploaded)
+        except ValueError as e:
+            return render(request, "index.html", {"result": str(e)})
+        if not code.strip():
+            return render(
+                request,
+                "index.html",
+                {"result": "Uploaded file is empty."},
             )
+        source = {
+            "origin": "upload",
+            "filename": uploaded.name or "upload.txt",
+        }
+        return _run_incident_scan(request, code, source)
 
-        ctx = merge_incident_report_context(
-            request=request,
-            ai=ai_data,
-            parse_error=parse_error,
-        )
-        ctx["disclaimer"] = DISCLAIMER_TEXT
-        return render(request, "incident_report.html", ctx)
-    except Exception as e:
-        return render(
+    if code_paste:
+        return _run_incident_scan(
             request,
-            "index.html",
-            {"result": f"Analysis failed: {type(e).__name__}: {e}"},
+            code_paste,
+            {"origin": "paste", "filename": "pasted_code.py"},
         )
-    finally:
-        # Best-effort cleanup of temporary files.
-        shutil.rmtree(tmp_dir_path, ignore_errors=True)
+
+    return render(
+        request,
+        "index.html",
+        {"result": "No code submitted. Upload a file or paste code."},
+    )
diff --git a/front-end/index.html b/front-end/index.html
index 3386def..c0e77fb 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -71,7 +71,7 @@ <h3>Low Vulnerabilities</h3>
         <div class="code-box">
             <h2>Upload Code for Analysis</h2>
 
-            <form method="POST" action="{% url 'submit_code' %}">
+            <form method="POST" action="{% url 'submit_code' %}" enctype="multipart/form-data">
                 {% csrf_token %}
 
                 <div class="upload-tabs">
@@ -82,7 +82,7 @@ <h2>Upload Code for Analysis</h2>
                 <!-- Upload File -->
                 <div class="tab-content active" id="file">
                     <label class="drop-zone">
-                        <input type="file" name="file">
+                        <input type="file" name="file" accept=".py,.js,.ts,.tsx,.jsx,.java,.go,.rs,.c,.cpp,.h,.cs,.php,.rb,.swift,.kt,.sql,.sh,.yaml,.yml,.json,.xml,.html,.css,.md,.txt">
                         <p>Drop your code file here<br>or <span>click to browse</span></p>
                     </label>
                 </div>

From 80555a36353ec8256b73df4b030e6af496e88e9d Mon Sep 17 00:00:00 2001
From: JacobLind1 <jslind@uwm.edu>
Date: Tue, 21 Apr 2026 12:57:42 -0500
Subject: [PATCH 36/41] Added backend functionality/connection for dashboard
 recent scans

---
 api/models.py              |   6 ++
 api/urls.py                |   5 ++
 api/views.py               | 159 ++++++++++++++++++++++++++++++++++---
 front-end/index.html       |  22 ++---
 front-end/login.html       |  47 +++++------
 front-end/register.html    |  43 +++++++---
 front-end/scripts/login.js |  38 +++++++++
 front-end/scripts/main.js  |  18 +++++
 front-end/styles/login.css | 148 ++++++++++++++++++++++++++++++++++
 9 files changed, 428 insertions(+), 58 deletions(-)
 create mode 100644 front-end/scripts/login.js
 create mode 100644 front-end/scripts/main.js
 create mode 100644 front-end/styles/login.css

diff --git a/api/models.py b/api/models.py
index b66898d..b9a5f31 100644
--- a/api/models.py
+++ b/api/models.py
@@ -20,10 +20,16 @@ class CodeSubmission(models.Model):
     user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='submissions')
     submission_name = models.CharField(max_length=255, null=True, blank=True)
     uploaded_at = models.DateTimeField(auto_now_add=True)
+
     overall_risk_score = models.DecimalField(max_digits=5, decimal_places=2, null=True, blank=True)
     simplified_summary = models.TextField(null=True, blank=True)
     detailed_summary = models.TextField(null=True, blank=True)
 
+    scan_status = models.CharField(max_length=50, null=True, blank=True)
+    risk_level = models.CharField(max_length=20, null=True, blank=True)
+    incident_id = models.CharField(max_length=100, null=True, blank=True)
+    report_html_path = models.TextField(null=True, blank=True)
+
     def __str__(self):
         return f"{self.submission_name} by {self.user.email}"
 
diff --git a/api/urls.py b/api/urls.py
index 90bd453..8d05162 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -7,6 +7,9 @@
     path('login/', views.login_view, name='login'),
     path('logout/', views.logout_view, name='logout'),
 
+    # Register
+    path('register/', views.register_view, name='register'),
+
     # Dashboard (default root)
     path('', views.dashboard_view, name='dashboard'),
 
@@ -14,4 +17,6 @@
 
     # Check status / get results of a submission
     path('submission/<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
+
+    path('vulnerabilities/', views.vulnerability_list, name='vulnerability_list'),
 ]
\ No newline at end of file
diff --git a/api/views.py b/api/views.py
index d684f4d..c9f0741 100644
--- a/api/views.py
+++ b/api/views.py
@@ -15,16 +15,22 @@
 )
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth import authenticate, login, logout
-from .models import CodeSubmission, File, Threat
+from .models import CodeSubmission, File, Threat, CWE, User
 from pathlib import Path
 import re
 import tempfile
 import shutil
 from .utils.prescan import run_semgrep, run_gitleaks
+from django.shortcuts import render, redirect
+from django.contrib.auth.hashers import check_password, make_password
 
 # Max upload size for scan (bytes).
 MAX_UPLOAD_BYTES = 2 * 1024 * 1024
 
+def require_login(request):
+    if "user_id" not in request.session:
+        return redirect("login")
+    return None
 
 def _safe_upload_basename(original_name: str) -> str:
     """Return a single path segment safe for writing under a temp directory."""
@@ -55,14 +61,33 @@ def _run_incident_scan(request, code: str, source: dict):
     source: {"origin": "upload"|"paste", "filename": str}
     """
     tmp_dir_path = Path(tempfile.mkdtemp(prefix="autopen_"))
+
     try:
         if source.get("origin") == "upload":
             fname = _safe_upload_basename(source.get("filename") or "upload.txt")
         else:
             fname = "pasted_code.py"
+
         target_file_path = tmp_dir_path / fname
         target_file_path.write_text(code, encoding="utf-8")
 
+        # Create submission record early
+        user_id = request.session.get("user_id")
+        if not user_id:
+            return render(
+                request,
+                "index.html",
+                {"result": "You must be logged in to run a scan."},
+            )
+
+        user = User.objects.get(user_id=user_id)
+
+        submission = CodeSubmission.objects.create(
+            user=user,
+            submission_name=fname,
+            scan_status="Running",
+        )
+
         # Pre-process: run semgrep + gitleaks against the temporary file.
         semgrep_report = run_semgrep(str(target_file_path))
         gitleaks_report = run_gitleaks(str(target_file_path))
@@ -96,11 +121,50 @@ def _run_incident_scan(request, code: str, source: dict):
 
         raw_json = generate_incident_report_ai_payload(passage)
         ai_data = parse_llm_json(raw_json)
+
         parse_error = None
         if not ai_data:
             parse_error = (
                 "The model returned empty or non-JSON output; placeholder values are shown where needed."
             )
+            ai_data = {}
+
+        # Build simple incident ID
+        incident_id = f"CYB-{submission.uploaded_at.year}-{submission.submission_id}"
+
+        # If you later save a real HTML file, replace this with the actual path
+        report_path = f"reports/{incident_id}.html"
+
+        # Safely convert score
+        base_score_raw = (
+            ai_data.get("cvss", {}).get("base")
+            if isinstance(ai_data.get("cvss"), dict)
+            else None
+        )
+
+        base_score = None
+        try:
+            if base_score_raw not in (None, "", "N/A"):
+                base_score = Decimal(str(base_score_raw))
+        except Exception:
+            base_score = None
+
+        # Update dashboard/report fields
+        submission.submission_name = fname
+        submission.risk_level = ai_data.get("severity_level", "Informational")
+        submission.scan_status = "Completed"
+        submission.overall_risk_score = base_score
+        submission.simplified_summary = ai_data.get(
+            "status",
+            "No findings evidenced"
+        )
+        submission.detailed_summary = ai_data.get(
+            "what_happened",
+            "No additional analysis details available."
+        )
+        submission.incident_id = incident_id
+        submission.report_html_path = report_path
+        submission.save()
 
         ctx = merge_incident_report_context(
             request=request,
@@ -108,7 +172,11 @@ def _run_incident_scan(request, code: str, source: dict):
             parse_error=parse_error,
         )
         ctx["disclaimer"] = DISCLAIMER_TEXT
+        ctx["submission_id"] = submission.submission_id
+        ctx["incident_id"] = incident_id
+
         return render(request, "incident_report.html", ctx)
+
     except Exception as e:
         return render(
             request,
@@ -192,31 +260,48 @@ def get(self, request, submission_id):
 def login_view(request):
     error = None
     if request.method == "POST":
-        username = request.POST['username']
-        password = request.POST['password']
-        user = authenticate(request, username=username, password=password)
-        if user:
-            login(request, user)
-            return redirect('dashboard')
+        email = request.POST.get("email")
+        password = request.POST.get("password")
+
+        if not email or not password:
+            error = "Enter Email and Password"
         else:
-            error = "Invalid username or password"
+            try:
+                user = User.objects.get(email=email)
+
+                if check_password(password, user.password_hash):
+                    request.session["user_id"] = user.user_id
+                    request.session["user_email"] = user.email
+                    return redirect("dashboard")
+                else:
+                    error = "Invalid Email or Password"
+            except User.DoesNotExist:
+                error = "Invalid Email or Password"
     return render(request, 'login.html', {'error': error})
 
 def logout_view(request):
-    logout(request)
+    request.session.flush()
     return redirect('login')
 
+
 # -------------------
 # Dashboard
 # -------------------
-@login_required(login_url='/login/')  # Redirects to login if not logged in
+#@login_required(login_url='/login/')  # Redirects to login if not logged in
 def dashboard_view(request):
-    return render(request, 'index.html')
+    if "user_id" not in request.session:
+        return redirect("/login/")
+
+    scans = CodeSubmission.objects.filter(
+        user_id=request.session["user_id"]
+    ).order_by("-uploaded_at")[:10]
+
+    return render(request, "index.html", {"scans": scans})
 
 # -------------------
 # Dummy Code Submission
 # -------------------
-@login_required
+#@login_required
 def submit_code(request):
     if request.method != "POST":
         return redirect("dashboard")
@@ -254,3 +339,53 @@ def submit_code(request):
         "index.html",
         {"result": "No code submitted. Upload a file or paste code."},
     )
+
+def vulnerability_list(request):
+    query = request.GET.get('q', '').strip()
+    severity = request.GET.get('severity', '').strip()
+
+    vulnerabilities = CWE.objects.all()
+
+    # ONLY apply search if actually typed
+    if query:
+        vulnerabilities = vulnerabilities.filter(
+            Q(name__icontains=query) |
+            Q(description__icontains=query) |
+            Q(cwe_id__icontains=query)
+        )
+
+    # Apply severity filter independently
+    if severity:
+        vulnerabilities = vulnerabilities.filter(severity=severity)
+
+    context = {
+        'vulnerabilities': vulnerabilities,
+        'query': query,
+        'selected_severity': severity,
+    }
+
+    return render(request, 'vulnerabilities.html', context)
+# -----------------
+# User Registration
+# -----------------
+def register_view(request):
+    error = None
+
+    if request.method == "POST":
+        email = request.POST.get("email")
+        password = request.POST.get("password")
+
+        if not email or not password:
+            error = "Enter Email and Password"
+
+        elif User.objects.filter(email=email).exists():
+            error = "Email Already in Use"
+
+        else:
+            hashed_pass = make_password(password)
+
+            user = User.objects.create(email=email, password_hash=hashed_pass)
+            request.session["user_email"] = user.email
+            return redirect('dashboard')
+
+    return render(request, 'register.html', {'error': error})
diff --git a/front-end/index.html b/front-end/index.html
index c0e77fb..327f39d 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -31,7 +31,7 @@ <h2>AutoPen</h2>
 <div class="main">
     <div class="header">
         <h1>Penetration Testing Dashboard</h1>
-        <p>User: {{ request.user }}</p>
+        <p>User: {{ user_email|default:"Unknown User" }}</p>
         <div class="status">System Status: Active</div>
         <form method="POST" action="{% url 'logout' %}" style="display:inline;">
             {% csrf_token %}
@@ -51,7 +51,7 @@ <h1>Penetration Testing Dashboard</h1>
     <div class="cards">
         <div class="card">
             <h3>Total Scans</h3>
-            <p>128</p>
+            <p>{{scans|length}}</p>
         </div>
         <div class="card">
             <h3>Critical Vulnerabilities</h3>
@@ -115,18 +115,20 @@ <h3>Recent Scan Results</h3>
             </tr>
             </thead>
             <tbody>
+            {% for scan in scans %}
             <tr>
-                <td>example.com</td>
-                <td>02/14/2026</td>
-                <td class="critical">Critical</td>
-                <td>Completed</td>
+                <td>{{ scan.submission_name|default:"Unnamed submission" }}</td>
+                <td>{{ scan.uploaded_at|date:"m/d/Y" }}</td>
+                <td class="{% if scan.risk_level == 'Critical' %}critical{% elif scan.risk_level == 'High' %}high{% elif scan.risk_level == 'Medium' %}medium{% elif scan.risk_level == 'Low' %}low{% else %}info{% endif %}">
+                    {{ scan.risk_level|default:"N/A" }}
+                </td>
+                <td>{{ scan.scan_status|default:"Unknown" }}</td>
             </tr>
+            {% empty %}
             <tr>
-                <td>test-server.net</td>
-                <td>02/12/2026</td>
-                <td class="low">Low</td>
-                <td>Completed</td>
+                <td colspan="4">No scans yet.</td>
             </tr>
+            {% endfor %}
             </tbody>
         </table>
     </div>
diff --git a/front-end/login.html b/front-end/login.html
index 06080e9..886a640 100644
--- a/front-end/login.html
+++ b/front-end/login.html
@@ -1,42 +1,43 @@
 <!DOCTYPE html>
 {% load static %}
-<html>
+<html lang="en">
 <head>
   <title>Login - AutoPen</title>
-  <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+  <link rel="stylesheet" href="{% static 'styles/login.css' %}">
 </head>
 
-<body style="display:block;">
+<body>
 
-<div class="code-center">
-  <div class="code-box" style="max-width:400px; margin:auto;">
+<div class="login-box">
 
-    <h2 style="text-align:center;">AutoPen Login</h2>
+  <h2>AutoPen Login</h2>
 
-    {% if error %}
-    <p style="color:red; text-align:center;">{{ error }}</p>
-    {% endif %}
+  {% if error %}
+  <p class="error">{{ error }}</p>
+  {% endif %}
 
-    <form method="POST">
-      {% csrf_token %}
+  <form method="POST">
+    {% csrf_token %}
 
-      <input type="text" name="username" placeholder="Email / Username" required style="width:100%; padding:10px; margin-bottom:10px;">
-
-      <input type="password" name="password" placeholder="Password" required style="width:100%; padding:10px; margin-bottom:15px;">
-
-      <button type="submit" class="scan-btn" style="width:100%;">Login</button>
-    </form>
-
-    <p style="text-align:center; margin-top:15px;">
-      Don't have an account?
-    </p>
+    <div class="input-group">
+      <input type="text" name="email" placeholder="Email" required>
+    </div>
 
-    <div style="text-align:center;">
-      <a href="/register/">Register</a>
+    <div class="input-group">
+      <input type="password" name="password" placeholder="Password" required>
     </div>
 
+    <button type="submit" class="login-btn">Login</button>
+  </form>
+
+  <div class="register">
+    <p>Don't have an account?</p>
+    <a href="/register/">Register</a>
   </div>
+
 </div>
 
+<script src="{% static 'scripts/login.js' %}"></script>
+
 </body>
 </html>
\ No newline at end of file
diff --git a/front-end/register.html b/front-end/register.html
index 18bf32c..21bb538 100644
--- a/front-end/register.html
+++ b/front-end/register.html
@@ -1,27 +1,44 @@
 <!DOCTYPE html>
-<html>
+{% load static %}
+<html lang="en">
 <head>
-  <title>Register</title>
+  <title>Register - AutoPen</title>
+
+  <link rel="stylesheet" href="{% static 'styles/login.css' %}">
 </head>
+
 <body>
 
-<h2>Create Account</h2>
+<div class="login-box">
+
+  <h2>Create Account</h2>
+
+  {% if error %}
+  <p class="error">{{ error }}</p>
+  {% endif %}
+
+  <form method="POST">
+    {% csrf_token %}
 
-<form method="POST">
-  {% csrf_token %}
+    <div class="input-group">
+      <input type="text" name="email" placeholder="Email" required>
+    </div>
 
-  <input type="text" name="username" placeholder="Username" required>
-  <br><br>
+    <div class="input-group">
+      <input type="password" name="password" placeholder="Password" required>
+    </div>
 
-  <input type="password" name="password" placeholder="Password" required>
-  <br><br>
+    <button type="submit" class="login-btn">Register</button>
+  </form>
 
-  <button type="submit">Register</button>
+  <div class="register">
+    <p>Already have an account?</p>
+    <a href="/login/">Back to Login</a>
+  </div>
 
-</form>
+</div>
 
-<br>
-<a href="/">Back to Login</a>
+<script src="{% static 'scripts/login.js' %}"></script>
 
 </body>
 </html>
\ No newline at end of file
diff --git a/front-end/scripts/login.js b/front-end/scripts/login.js
new file mode 100644
index 0000000..4657bb0
--- /dev/null
+++ b/front-end/scripts/login.js
@@ -0,0 +1,38 @@
+// Page fade in
+window.addEventListener("load", () => {
+    document.body.classList.add("loaded");
+});
+
+// Animate login box
+window.addEventListener("DOMContentLoaded", () => {
+    const box = document.querySelector(".login-box");
+
+    setTimeout(() => {
+        box.classList.add("show");
+    }, 150);
+});
+
+// Button loading state
+const form = document.querySelector("form");
+const button = document.querySelector(".login-btn");
+
+form.addEventListener("submit", () => {
+    if (button.innerText.toLowerCase().includes("register")) {
+        button.innerText = "Creating account...";
+    } else {
+        button.innerText = "Logging in...";
+    }
+
+    button.classList.add("loading");
+    button.disabled = true;
+});
+
+// Shake on error (if Django renders error)
+window.addEventListener("DOMContentLoaded", () => {
+    const error = document.querySelector(".error");
+    const box = document.querySelector(".login-box");
+
+    if (error && box) {
+        box.classList.add("shake");
+    }
+});
\ No newline at end of file
diff --git a/front-end/scripts/main.js b/front-end/scripts/main.js
new file mode 100644
index 0000000..1385644
--- /dev/null
+++ b/front-end/scripts/main.js
@@ -0,0 +1,18 @@
+// Fade In
+window.addEventListener("load", () => {
+    document.body.classList.add("loaded");
+});
+
+window.addEventListener("DOMContentLoaded", () => {
+
+    const hamburger = document.getElementById("hamburger");
+    const sidebar = document.querySelector(".sidebar");
+    const main = document.querySelector(".main");
+
+    hamburger.addEventListener("click", () => {
+        hamburger.classList.toggle("active");
+        sidebar.classList.toggle("active");
+        main.classList.toggle("shift");
+    });
+
+});
\ No newline at end of file
diff --git a/front-end/styles/login.css b/front-end/styles/login.css
new file mode 100644
index 0000000..97025e1
--- /dev/null
+++ b/front-end/styles/login.css
@@ -0,0 +1,148 @@
+/* ================= LOGIN PAGE BASE ================= */
+
+* {
+    box-sizing: border-box;
+}
+
+body {
+    margin: 0;
+    font-family: 'Inter', sans-serif;
+
+    background:
+            radial-gradient(circle at top left, rgba(168, 85, 247, 0.15), transparent 40%),
+            radial-gradient(circle at bottom right, rgba(124, 58, 237, 0.12), transparent 50%),
+            linear-gradient(135deg, #000000, #0f172a);
+
+    color: #e5e7eb;
+
+    display: flex;
+    justify-content: center;
+    align-items: center;
+    height: 100vh;
+
+    opacity: 0;
+    transition: opacity 0.6s ease;
+}
+
+body.loaded {
+    opacity: 1;
+}
+
+/* ================= LOGIN CONTAINER ================= */
+.login-box {
+    width: 380px;
+    padding: 35px;
+
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    border-radius: 12px;
+
+    box-shadow: 0 0 20px rgba(168, 85, 247, 0.15);
+
+    transform: translateY(30px);
+    opacity: 0;
+    transition: all 0.5s ease;
+}
+
+.login-box.show {
+    transform: translateY(0);
+    opacity: 1;
+}
+
+/* ================= TITLE ================= */
+.login-box h2 {
+    text-align: center;
+    margin-bottom: 25px;
+
+    font-weight: 700;
+
+    background: linear-gradient(90deg, #c084fc, #a855f7, #7c3aed);
+    -webkit-background-clip: text;
+    -webkit-text-fill-color: transparent;
+}
+
+/* ================= INPUTS ================= */
+.input-group {
+    margin-bottom: 15px;
+}
+
+.input-group input {
+    width: 100%;
+    padding: 12px;
+
+    border-radius: 8px;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+
+    background: rgba(17, 24, 39, 0.6);
+    color: #e5e7eb;
+
+    transition: 0.25s;
+}
+
+.input-group input:focus {
+    outline: none;
+    border-color: #a855f7;
+    box-shadow: 0 0 10px rgba(168, 85, 247, 0.4);
+    transform: scale(1.02);
+}
+
+/* ================= BUTTON ================= */
+.login-btn {
+    width: 100%;
+    padding: 10px 20px;
+
+    background: rgba(168, 85, 247, 0.85);
+    color: white;
+
+    border: none;
+    border-radius: 999px;
+
+    cursor: pointer;
+    transition: 0.25s;
+}
+
+.login-btn:hover {
+    background: rgba(168, 85, 247, 1);
+    transform: translateY(-2px);
+    box-shadow: 0 0 12px rgba(168, 85, 247, 0.6);
+}
+
+.login-btn.loading {
+    opacity: 0.7;
+    cursor: not-allowed;
+}
+
+/* ================= ERROR ================= */
+.error {
+    color: #fb7185;
+    text-align: center;
+    margin-bottom: 10px;
+}
+
+/* ================= REGISTER LINK ================= */
+.register {
+    text-align: center;
+    margin-top: 15px;
+}
+
+.register a {
+    color: #c084fc;
+    text-decoration: none;
+}
+
+.register a:hover {
+    text-shadow: 0 0 8px rgba(168, 85, 247, 0.6);
+}
+
+/* ================= SHAKE ANIMATION ================= */
+.shake {
+    animation: shake 0.3s;
+}
+
+@keyframes shake {
+    0% { transform: translateX(0); }
+    25% { transform: translateX(-5px); }
+    50% { transform: translateX(5px); }
+    75% { transform: translateX(-5px); }
+    100% { transform: translateX(0); }
+}
\ No newline at end of file

From a8ba54adcfe6e63047929498130b34ef76031557 Mon Sep 17 00:00:00 2001
From: JacobLind1 <jslind@uwm.edu>
Date: Wed, 22 Apr 2026 16:21:55 -0500
Subject: [PATCH 37/41] Added backend functionality/connection for dashboard
 recent scans

---
 api/models.py        |  1 +
 api/urls.py          |  2 ++
 api/views.py         | 26 +++++++++++++++++++++++++-
 front-end/index.html |  4 ++--
 4 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/api/models.py b/api/models.py
index b9a5f31..86c7748 100644
--- a/api/models.py
+++ b/api/models.py
@@ -29,6 +29,7 @@ class CodeSubmission(models.Model):
     risk_level = models.CharField(max_length=20, null=True, blank=True)
     incident_id = models.CharField(max_length=100, null=True, blank=True)
     report_html_path = models.TextField(null=True, blank=True)
+    report_data = models.JSONField(null=True, blank=True)
 
     def __str__(self):
         return f"{self.submission_name} by {self.user.email}"
diff --git a/api/urls.py b/api/urls.py
index 8d05162..743ba53 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -19,4 +19,6 @@
     path('submission/<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
 
     path('vulnerabilities/', views.vulnerability_list, name='vulnerability_list'),
+
+    path("report/<int:submission_id>/", views.report_detail_view, name="report_detail"),
 ]
\ No newline at end of file
diff --git a/api/views.py b/api/views.py
index c9f0741..2bb2ead 100644
--- a/api/views.py
+++ b/api/views.py
@@ -1,4 +1,4 @@
-from django.shortcuts import render, redirect
+from django.shortcuts import render, redirect, get_object_or_404
 from rest_framework.views import APIView
 from rest_framework.response import Response
 from rest_framework.permissions import IsAuthenticated
@@ -389,3 +389,27 @@ def register_view(request):
             return redirect('dashboard')
 
     return render(request, 'register.html', {'error': error})
+
+def report_detail_view(request, submission_id):
+    user_id = request.session.get("user_id")
+    if not user_id:
+        return redirect("/login/")
+
+    submission = get_object_or_404(
+        CodeSubmission,
+        submission_id=submission_id,
+        user_id=user_id
+    )
+
+    ai_data = submission.report_data or {}
+
+    ctx = merge_incident_report_context(
+        request=request,
+        ai=ai_data,
+        parse_error=None,
+    )
+
+    ctx["disclaimer"] = DISCLAIMER_TEXT
+    ctx["submission"] = submission
+
+    return render(request, "incident_report.html", ctx)
diff --git a/front-end/index.html b/front-end/index.html
index 327f39d..99edd1b 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -116,7 +116,7 @@ <h3>Recent Scan Results</h3>
             </thead>
             <tbody>
             {% for scan in scans %}
-            <tr>
+            <tr onclick="window.location='{% url 'report_detail' scan.submission_id %}'" style="cursor:pointer;">
                 <td>{{ scan.submission_name|default:"Unnamed submission" }}</td>
                 <td>{{ scan.uploaded_at|date:"m/d/Y" }}</td>
                 <td class="{% if scan.risk_level == 'Critical' %}critical{% elif scan.risk_level == 'High' %}high{% elif scan.risk_level == 'Medium' %}medium{% elif scan.risk_level == 'Low' %}low{% else %}info{% endif %}">
@@ -126,7 +126,7 @@ <h3>Recent Scan Results</h3>
             </tr>
             {% empty %}
             <tr>
-                <td colspan="4">No scans yet.</td>
+                <td colspan="4">No recent scans yet.</td>
             </tr>
             {% endfor %}
             </tbody>

From 8d34a8b72b1a525ae666b0078f7866fb7777428e Mon Sep 17 00:00:00 2001
From: JacobLind1 <jslind@uwm.edu>
Date: Wed, 22 Apr 2026 17:32:36 -0500
Subject: [PATCH 38/41] Fixed references to default user package, modified
 codesubmission migration to refer to code_submission table

---
 api/migrations/0004_merge_20260422_1651.py    | 14 ++++++
 api/migrations/0005_alter_cwe_options.py      | 17 +++++++
 api/migrations/0006_alter_cwe_table.py        | 17 +++++++
 .../0007_alter_codesubmission_table.py        | 17 +++++++
 api/models.py                                 |  3 ++
 api/views.py                                  | 44 ++++++++++++++-----
 6 files changed, 102 insertions(+), 10 deletions(-)
 create mode 100644 api/migrations/0004_merge_20260422_1651.py
 create mode 100644 api/migrations/0005_alter_cwe_options.py
 create mode 100644 api/migrations/0006_alter_cwe_table.py
 create mode 100644 api/migrations/0007_alter_codesubmission_table.py

diff --git a/api/migrations/0004_merge_20260422_1651.py b/api/migrations/0004_merge_20260422_1651.py
new file mode 100644
index 0000000..2bec492
--- /dev/null
+++ b/api/migrations/0004_merge_20260422_1651.py
@@ -0,0 +1,14 @@
+# Generated by Django 6.0.3 on 2026-04-22 21:51
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0002_alter_user_table'),
+        ('api', '0003_codesubmission_report_data'),
+    ]
+
+    operations = [
+    ]
diff --git a/api/migrations/0005_alter_cwe_options.py b/api/migrations/0005_alter_cwe_options.py
new file mode 100644
index 0000000..e201f75
--- /dev/null
+++ b/api/migrations/0005_alter_cwe_options.py
@@ -0,0 +1,17 @@
+# Generated by Django 6.0.3 on 2026-04-22 21:51
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0004_merge_20260422_1651'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='cwe',
+            options={'managed': False},
+        ),
+    ]
diff --git a/api/migrations/0006_alter_cwe_table.py b/api/migrations/0006_alter_cwe_table.py
new file mode 100644
index 0000000..cedc8c5
--- /dev/null
+++ b/api/migrations/0006_alter_cwe_table.py
@@ -0,0 +1,17 @@
+# Generated by Django 6.0.3 on 2026-04-22 22:13
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0005_alter_cwe_options'),
+    ]
+
+    operations = [
+        migrations.AlterModelTable(
+            name='cwe',
+            table='cwe',
+        ),
+    ]
diff --git a/api/migrations/0007_alter_codesubmission_table.py b/api/migrations/0007_alter_codesubmission_table.py
new file mode 100644
index 0000000..a3d3952
--- /dev/null
+++ b/api/migrations/0007_alter_codesubmission_table.py
@@ -0,0 +1,17 @@
+# Generated by Django 6.0.3 on 2026-04-22 22:22
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0006_alter_cwe_table'),
+    ]
+
+    operations = [
+        migrations.AlterModelTable(
+            name='codesubmission',
+            table='code_submissions',
+        ),
+    ]
diff --git a/api/models.py b/api/models.py
index 8c577cf..3447c39 100644
--- a/api/models.py
+++ b/api/models.py
@@ -37,6 +37,9 @@ class CodeSubmission(models.Model):
     def __str__(self):
         return f"{self.submission_name} by {self.user.email}"
 
+    class Meta:
+        db_table = "code_submissions"
+
 # -------------------
 # Files
 # -------------------
diff --git a/api/views.py b/api/views.py
index b022d35..41d97a5 100644
--- a/api/views.py
+++ b/api/views.py
@@ -1,12 +1,18 @@
+from decimal import Decimal
 from django.contrib.auth.hashers import make_password, check_password
 from django.shortcuts import render, redirect, get_object_or_404
 from rest_framework.views import APIView
 from rest_framework.response import Response
-from rest_framework.permissions import IsAuthenticated
-from .serializers import CodeSubmissionSerializer
-from .tasks import run_analysis_sync
 from django.http import JsonResponse
+from django.db.models import Q
+from pathlib import Path
 import json
+import re
+import tempfile
+import shutil
+
+from .serializers import CodeSubmissionSerializer
+from .tasks import run_analysis_sync
 from .services.ai_service import ask_ai
 from .services.incident_report_ai import generate_incident_report_ai_payload
 from .utils.incident_report import (
@@ -14,8 +20,8 @@
     merge_incident_report_context,
     parse_llm_json,
 )
-from django.contrib.auth.decorators import login_required
-from django.contrib.auth import authenticate, login, logout
+from .utils.prescan import run_semgrep, run_gitleaks
+
 from .models import CodeSubmission, File, Threat, CWE, User
 from django.db.models import Q
 from pathlib import Path
@@ -166,6 +172,7 @@ def _run_incident_scan(request, code: str, source: dict):
         )
         submission.incident_id = incident_id
         submission.report_html_path = report_path
+        submission.report_data = ai_data
         submission.save()
 
         ctx = merge_incident_report_context(
@@ -210,10 +217,20 @@ def scan_view(request):
 # -------------------
 # Create a new code submission and run analysis
 # -------------------
+
 class SubmissionView(APIView):
-    permission_classes = [IsAuthenticated]
 
     def post(self, request):
+
+        user_id = request.session.get("user_id")
+        if not user_id:
+            return Response({"error": "Authentication required"}, status=401)
+
+        try:
+            user = User.objects.get(user_id=user_id)
+        except User.DoesNotExist:
+            return Response({"error": "User not found"}, status=404)
+
         serializer = CodeSubmissionSerializer(data=request.data)
         serializer.is_valid(raise_exception=True)
 
@@ -228,15 +245,19 @@ def post(self, request):
             "simplified_summary": submission.simplified_summary
         }, status=201)
 
+
 # -------------------
 # Check status and results of a submission
 # -------------------
 class SubmissionStatusView(APIView):
-    permission_classes = [IsAuthenticated]
 
     def get(self, request, submission_id):
+        user_id = request.session.get("user_id")
+        if not user_id:
+            return Response({"error": "Authentication required"}, status=401)
+
         try:
-            submission = CodeSubmission.objects.get(submission_id=submission_id, user=request.user)
+            submission = CodeSubmission.objects.get(submission_id=submission_id, user_id=user_id)
         except CodeSubmission.DoesNotExist:
             return Response({"error": "Submission not found"}, status=404)
 
@@ -256,6 +277,7 @@ def get(self, request, submission_id):
             "threats": threats
         })
 
+
 # -------------------
 # Login / Logout
 # -------------------
@@ -289,8 +311,9 @@ def logout_view(request):
 # Dashboard
 # -------------------
 def dashboard_view(request):
-    if require_login(request):
-        return require_login(request)
+    auth_redirect = require_login(request)
+    if auth_redirect:
+        return auth_redirect
 
     scans = CodeSubmission.objects.filter(
         user_id=request.session["user_id"]
@@ -389,6 +412,7 @@ def register_view(request):
             hashed_pass = make_password(password)
 
             user = User.objects.create(email=email, password_hash=hashed_pass)
+            request.session["user_id"] = user.user_id
             request.session["user_email"] = user.email
             return redirect('dashboard')
 

From b8115623c5d3b9a2869f839b6aedfdec9d42df11 Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Thu, 23 Apr 2026 20:02:57 -0500
Subject: [PATCH 39/41] Update:README.md

---
 README.md        | 84 +++++++++++++++++++++++++++++++++++++++++++++---
 requirements.txt |  5 ++-
 2 files changed, 84 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index b65e37a..371487a 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,84 @@
-# Install
+# Code security scanning and vulnerability reports
 
-```pip install -r requirements.txt ```
+A Django app for user sign-up, sign-in, and a code upload and analysis flow. The pipeline runs **Semgrep** and **Gitleaks** as a pre-scan, then uses **OpenAI** to generate risk summaries and security-incident style reports, plus vulnerability lists and per-submission report pages.
 
-# Run
+## Tech stack
 
-```python main.py```
+| Area | Details |
+| --- | --- |
+| Backend | Python, Django 4.2+, Django REST framework |
+| Database | PostgreSQL (`sslmode=require`) |
+| Frontend | Static HTML, CSS, and JavaScript (`front-end/`) |
+| Scanning | Semgrep (`--config auto`), Gitleaks (optional; if missing, the step surfaces an error and continues per implementation) |
+| AI | OpenAI API (e.g. `gpt-4.1-mini`—see code) |
 
+## Project layout (overview)
+
+- `config/` – Django project settings and URL config
+- `api/` – Models, views, serializers, scanning and AI services (`services/`, `utils/`)
+- `front-end/` – Pages and static assets (`styles/`, `scripts/`)
+- `test_cases/` – Sample code for testing
+- `manage.py` – Django management entry point
+
+## Environment variables
+
+Create a `.env` in the project root (or use your `python-decouple` loading pattern). You need at least:
+
+| Variable | Purpose |
+| --- | --- |
+| `SECRET_KEY` | Django secret key |
+| `DB_NAME` | PostgreSQL database name |
+| `DB_USER` | Database user |
+| `DB_PASS` | Database password |
+| `DB_HOST` | Hostname |
+| `DB_PORT` | Port (optional, default `5432`) |
+| `OPENAI_API_KEY` | OpenAI API key for analysis and report content |
+
+## System dependencies (scanners)
+
+- **Semgrep** – Install via `pip install semgrep` or the [official method](https://semgrep.dev/docs/getting-started) so `python -m semgrep` works.
+- **Gitleaks** – If the `gitleaks` binary is on your `PATH`, pre-scan runs it; if not, that step returns a message and the rest of the flow may still continue.
+
+## Install and run
+
+1. **Create a virtual environment** (recommended) and install dependencies:
+
+   ```bash
+   python -m venv .venv
+   source .venv/bin/activate   # Windows: .venv\Scripts\activate
+   pip install -r requirements.txt
+   ```
+
+2. **Database** – Ensure PostgreSQL is reachable and `.env` matches your instance.
+
+3. **Migrate and start the dev server:**
+
+   ```bash
+   python manage.py migrate
+   python manage.py runserver
+   ```
+
+4. Open `http://127.0.0.1:8000/` in a browser. You must **register and sign in** before using the dashboard and upload scan.
+
+## Main routes (reference)
+
+| Path | Description |
+| --- | --- |
+| `/` | Dashboard (auth required) |
+| `/login/`, `/logout/` | Sign in, sign out |
+| `/register/` | Registration |
+| `/submit/` | Submit code for scanning |
+| `/submission/<id>/` | Submission status / results (API view) |
+| `/vulnerabilities/` | Vulnerability list |
+| `/report/<submission_id>/` | Report for one submission |
+| `/admin/` | Django admin |
+
+Single-file uploads are limited to **2 MiB** (see `MAX_UPLOAD_BYTES` in the app); larger files are rejected.
+
+## Admin
+
+Create a superuser to use `/admin/`:
+
+```bash
+python manage.py createsuperuser
+```
diff --git a/requirements.txt b/requirements.txt
index 86b0c91..b712172 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,7 @@
 Django>=4.2
 psycopg2-binary>=2.9
 python-dotenv>=1.0
-bcrypt>=4.0s
\ No newline at end of file
+bcrypt>=4.0.0
+djangorestframework>=3.14
+python-decouple>=3.8
+openai>=1.0.0
\ No newline at end of file

From 16c8d59cc750bce11fecee476db761d944e7fa28 Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Fri, 1 May 2026 09:58:12 -0500
Subject: [PATCH 40/41] Update:Sidebar new function

---
 README.md                                     |   3 +
 api/context_processors.py                     |  18 +
 api/migrations/0001_initial.py                |  51 +-
 api/migrations/0002_alter_user_table.py       |  22 -
 ...user_department_user_full_name_and_more.py |  50 ++
 ..._codesubmission_focus_end_line_and_more.py |  71 +++
 .../0004_codesubmission_report_title.py       |  18 +
 api/migrations/0004_merge_20260422_1651.py    |  14 -
 api/migrations/0005_alter_cwe_options.py      |  17 -
 api/migrations/0006_alter_cwe_table.py        |  17 -
 .../0007_alter_codesubmission_table.py        |  17 -
 api/models.py                                 | 129 ++++
 api/services/ai_service.py                    |   4 +-
 api/services/incident_report_ai.py            |   4 +-
 api/urls.py                                   |   7 +
 api/views.py                                  | 473 +++++++++++++--
 config/settings.py                            |   1 +
 front-end/approval_queue.html                 |  57 ++
 front-end/images/ai-assistant.png             | Bin 0 -> 87793 bytes
 front-end/incident_report.html                |  66 ++-
 front-end/includes/ai_assistant.html          | 180 ++++++
 front-end/includes/app_sidebar.html           |  50 ++
 front-end/index.html                          | 286 ++++-----
 front-end/register.html                       |  21 +
 front-end/reports.html                        | 100 ++++
 front-end/scan.html                           |  75 +++
 front-end/scripts/main.js                     |  40 +-
 front-end/settings.html                       |  56 ++
 front-end/styles/incident_report.css          |  22 +
 front-end/styles/login.css                    |  15 +
 front-end/styles/style.css                    | 559 +++++++++++++++++-
 front-end/targets.html                        | 111 ++++
 front-end/vulnerabilities.html                |  45 +-
 33 files changed, 2210 insertions(+), 389 deletions(-)
 create mode 100644 api/context_processors.py
 delete mode 100644 api/migrations/0002_alter_user_table.py
 create mode 100644 api/migrations/0002_user_account_status_user_department_user_full_name_and_more.py
 create mode 100644 api/migrations/0003_codesubmission_focus_end_line_and_more.py
 create mode 100644 api/migrations/0004_codesubmission_report_title.py
 delete mode 100644 api/migrations/0004_merge_20260422_1651.py
 delete mode 100644 api/migrations/0005_alter_cwe_options.py
 delete mode 100644 api/migrations/0006_alter_cwe_table.py
 delete mode 100644 api/migrations/0007_alter_codesubmission_table.py
 create mode 100644 front-end/approval_queue.html
 create mode 100644 front-end/images/ai-assistant.png
 create mode 100644 front-end/includes/ai_assistant.html
 create mode 100644 front-end/includes/app_sidebar.html
 create mode 100644 front-end/reports.html
 create mode 100644 front-end/scan.html
 create mode 100644 front-end/settings.html
 create mode 100644 front-end/targets.html

diff --git a/README.md b/README.md
index 371487a..8f612ea 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,9 @@ Create a `.env` in the project root (or use your `python-decouple` loading patte
 | `DB_HOST` | Hostname |
 | `DB_PORT` | Port (optional, default `5432`) |
 | `OPENAI_API_KEY` | OpenAI API key for analysis and report content |
+| `MANAGER_SETUP_CODE` | Registration code used to bootstrap manager accounts |
+| `OPENAI_REPORT_MODEL` | Default model for report generation |
+| `OPENAI_MODEL_CHOICES` | Comma-separated model list shown in Settings |
 
 ## System dependencies (scanners)
 
diff --git a/api/context_processors.py b/api/context_processors.py
new file mode 100644
index 0000000..726bd69
--- /dev/null
+++ b/api/context_processors.py
@@ -0,0 +1,18 @@
+def session_user(request):
+    """Expose logged-in session email for nav/sidebar templates."""
+    theme = "dark"
+    user_id = request.session.get("user_id")
+    if user_id:
+        try:
+            from .models import UserSetting
+
+            theme = UserSetting.objects.filter(user_id=user_id).values_list("theme", flat=True).first() or theme
+        except Exception:
+            theme = "dark"
+    return {
+        "user_email": request.session.get("user_email") or "",
+        "user_name": request.session.get("user_name") or "",
+        "user_department": request.session.get("department") or "",
+        "user_role": request.session.get("user_role") or "",
+        "user_theme": theme,
+    }
diff --git a/api/migrations/0001_initial.py b/api/migrations/0001_initial.py
index ace3cd2..a59279a 100644
--- a/api/migrations/0001_initial.py
+++ b/api/migrations/0001_initial.py
@@ -1,7 +1,7 @@
-# Generated by Django 6.0.3 on 2026-03-30 20:11
+# Generated by Django 4.2.26 on 2026-04-27 23:39
 
-import django.db.models.deletion
 from django.db import migrations, models
+import django.db.models.deletion
 
 
 class Migration(migrations.Migration):
@@ -12,17 +12,6 @@ class Migration(migrations.Migration):
     ]
 
     operations = [
-        migrations.CreateModel(
-            name='CodeSubmission',
-            fields=[
-                ('submission_id', models.AutoField(primary_key=True, serialize=False)),
-                ('submission_name', models.CharField(blank=True, max_length=255, null=True)),
-                ('uploaded_at', models.DateTimeField(auto_now_add=True)),
-                ('overall_risk_score', models.DecimalField(blank=True, decimal_places=2, max_digits=5, null=True)),
-                ('simplified_summary', models.TextField(blank=True, null=True)),
-                ('detailed_summary', models.TextField(blank=True, null=True)),
-            ],
-        ),
         migrations.CreateModel(
             name='CWE',
             fields=[
@@ -35,15 +24,29 @@ class Migration(migrations.Migration):
                 ('severity', models.CharField(blank=True, max_length=20, null=True)),
                 ('categories', models.TextField(blank=True, null=True)),
             ],
+            options={
+                'db_table': 'cwe',
+                'managed': False,
+            },
         ),
         migrations.CreateModel(
-            name='User',
+            name='CodeSubmission',
             fields=[
-                ('user_id', models.AutoField(primary_key=True, serialize=False)),
-                ('email', models.CharField(max_length=255, unique=True)),
-                ('password_hash', models.TextField()),
-                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('submission_id', models.AutoField(primary_key=True, serialize=False)),
+                ('submission_name', models.CharField(blank=True, max_length=255, null=True)),
+                ('uploaded_at', models.DateTimeField(auto_now_add=True)),
+                ('overall_risk_score', models.DecimalField(blank=True, decimal_places=2, max_digits=5, null=True)),
+                ('simplified_summary', models.TextField(blank=True, null=True)),
+                ('detailed_summary', models.TextField(blank=True, null=True)),
+                ('scan_status', models.CharField(blank=True, max_length=50, null=True)),
+                ('risk_level', models.CharField(blank=True, max_length=20, null=True)),
+                ('incident_id', models.CharField(blank=True, max_length=100, null=True)),
+                ('report_html_path', models.TextField(blank=True, null=True)),
+                ('report_data', models.JSONField(blank=True, null=True)),
             ],
+            options={
+                'db_table': 'code_submissions',
+            },
         ),
         migrations.CreateModel(
             name='File',
@@ -55,6 +58,18 @@ class Migration(migrations.Migration):
                 ('submission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='files', to='api.codesubmission')),
             ],
         ),
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('user_id', models.AutoField(primary_key=True, serialize=False)),
+                ('email', models.CharField(max_length=255, unique=True)),
+                ('password_hash', models.TextField()),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+            ],
+            options={
+                'db_table': 'users',
+            },
+        ),
         migrations.CreateModel(
             name='Threat',
             fields=[
diff --git a/api/migrations/0002_alter_user_table.py b/api/migrations/0002_alter_user_table.py
deleted file mode 100644
index 9fb34a5..0000000
--- a/api/migrations/0002_alter_user_table.py
+++ /dev/null
@@ -1,22 +0,0 @@
-# Generated by Django 6.0.3 on 2026-04-06 17:52
-
-from django.db import migrations
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('api', '0001_initial'),
-    ]
-
-    operations = [
-        migrations.SeparateDatabaseAndState(
-            database_operations=[],
-            state_operations=[
-                migrations.AlterModelTable(
-                    name='user',
-                    table='users',
-                ),
-            ],
-        ),
-    ]
diff --git a/api/migrations/0002_user_account_status_user_department_user_full_name_and_more.py b/api/migrations/0002_user_account_status_user_department_user_full_name_and_more.py
new file mode 100644
index 0000000..ac6359e
--- /dev/null
+++ b/api/migrations/0002_user_account_status_user_department_user_full_name_and_more.py
@@ -0,0 +1,50 @@
+# Generated by Django 4.2.26 on 2026-04-30 20:56
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='account_status',
+            field=models.CharField(choices=[('pending', 'Pending approval'), ('active', 'Active'), ('rejected', 'Rejected')], default='pending', max_length=16),
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='department',
+            field=models.CharField(choices=[('frontend', 'Frontend Department'), ('backend', 'Backend Department'), ('database', 'Database Department'), ('cybersecurity', 'Cybersecurity Department')], default='frontend', max_length=32),
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='full_name',
+            field=models.CharField(default='', max_length=120),
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='role',
+            field=models.CharField(choices=[('member', 'Member'), ('manager', 'Manager')], default='member', max_length=16),
+        ),
+        migrations.CreateModel(
+            name='DepartmentJoinRequest',
+            fields=[
+                ('request_id', models.AutoField(primary_key=True, serialize=False)),
+                ('requested_department', models.CharField(choices=[('frontend', 'Frontend Department'), ('backend', 'Backend Department'), ('database', 'Database Department'), ('cybersecurity', 'Cybersecurity Department')], max_length=32)),
+                ('status', models.CharField(choices=[('pending', 'Pending'), ('approved', 'Approved'), ('rejected', 'Rejected')], default='pending', max_length=16)),
+                ('reviewed_at', models.DateTimeField(blank=True, null=True)),
+                ('review_note', models.CharField(blank=True, default='', max_length=255)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('reviewed_by', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='reviewed_join_requests', to='api.user')),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='join_requests', to='api.user')),
+            ],
+            options={
+                'db_table': 'department_join_requests',
+            },
+        ),
+    ]
diff --git a/api/migrations/0003_codesubmission_focus_end_line_and_more.py b/api/migrations/0003_codesubmission_focus_end_line_and_more.py
new file mode 100644
index 0000000..86959a7
--- /dev/null
+++ b/api/migrations/0003_codesubmission_focus_end_line_and_more.py
@@ -0,0 +1,71 @@
+# Generated by Django 4.2.26 on 2026-04-30 21:28
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0002_user_account_status_user_department_user_full_name_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='codesubmission',
+            name='focus_end_line',
+            field=models.PositiveIntegerField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='codesubmission',
+            name='focus_start_line',
+            field=models.PositiveIntegerField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='codesubmission',
+            name='priority',
+            field=models.CharField(choices=[('low', 'Low'), ('medium', 'Medium'), ('urgent', 'Urgent')], default='low', max_length=16),
+        ),
+        migrations.AddField(
+            model_name='codesubmission',
+            name='priority_updated_at',
+            field=models.DateTimeField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='codesubmission',
+            name='priority_updated_by',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='priority_updates', to='api.user'),
+        ),
+        migrations.AddField(
+            model_name='codesubmission',
+            name='scan_input_type',
+            field=models.CharField(choices=[('file', 'File upload'), ('paste', 'Pasted code'), ('text', 'Text question')], default='file', max_length=16),
+        ),
+        migrations.CreateModel(
+            name='UserSetting',
+            fields=[
+                ('setting_id', models.AutoField(primary_key=True, serialize=False)),
+                ('theme', models.CharField(choices=[('dark', 'Dark'), ('purple', 'Purple'), ('blue', 'Blue')], default='dark', max_length=20)),
+                ('ai_model', models.CharField(blank=True, default='', max_length=120)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='settings', to='api.user')),
+            ],
+            options={
+                'db_table': 'user_settings',
+            },
+        ),
+        migrations.CreateModel(
+            name='ReportComment',
+            fields=[
+                ('comment_id', models.AutoField(primary_key=True, serialize=False)),
+                ('comment', models.TextField()),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('submission', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='comments', to='api.codesubmission')),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='report_comments', to='api.user')),
+            ],
+            options={
+                'db_table': 'report_comments',
+                'ordering': ['created_at'],
+            },
+        ),
+    ]
diff --git a/api/migrations/0004_codesubmission_report_title.py b/api/migrations/0004_codesubmission_report_title.py
new file mode 100644
index 0000000..99d772f
--- /dev/null
+++ b/api/migrations/0004_codesubmission_report_title.py
@@ -0,0 +1,18 @@
+# Generated by Django 4.2.26 on 2026-04-30 21:42
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0003_codesubmission_focus_end_line_and_more'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='codesubmission',
+            name='report_title',
+            field=models.CharField(blank=True, default='', help_text='User-facing name for this report (optional).', max_length=200),
+        ),
+    ]
diff --git a/api/migrations/0004_merge_20260422_1651.py b/api/migrations/0004_merge_20260422_1651.py
deleted file mode 100644
index 2bec492..0000000
--- a/api/migrations/0004_merge_20260422_1651.py
+++ /dev/null
@@ -1,14 +0,0 @@
-# Generated by Django 6.0.3 on 2026-04-22 21:51
-
-from django.db import migrations
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('api', '0002_alter_user_table'),
-        ('api', '0003_codesubmission_report_data'),
-    ]
-
-    operations = [
-    ]
diff --git a/api/migrations/0005_alter_cwe_options.py b/api/migrations/0005_alter_cwe_options.py
deleted file mode 100644
index e201f75..0000000
--- a/api/migrations/0005_alter_cwe_options.py
+++ /dev/null
@@ -1,17 +0,0 @@
-# Generated by Django 6.0.3 on 2026-04-22 21:51
-
-from django.db import migrations
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('api', '0004_merge_20260422_1651'),
-    ]
-
-    operations = [
-        migrations.AlterModelOptions(
-            name='cwe',
-            options={'managed': False},
-        ),
-    ]
diff --git a/api/migrations/0006_alter_cwe_table.py b/api/migrations/0006_alter_cwe_table.py
deleted file mode 100644
index cedc8c5..0000000
--- a/api/migrations/0006_alter_cwe_table.py
+++ /dev/null
@@ -1,17 +0,0 @@
-# Generated by Django 6.0.3 on 2026-04-22 22:13
-
-from django.db import migrations
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('api', '0005_alter_cwe_options'),
-    ]
-
-    operations = [
-        migrations.AlterModelTable(
-            name='cwe',
-            table='cwe',
-        ),
-    ]
diff --git a/api/migrations/0007_alter_codesubmission_table.py b/api/migrations/0007_alter_codesubmission_table.py
deleted file mode 100644
index a3d3952..0000000
--- a/api/migrations/0007_alter_codesubmission_table.py
+++ /dev/null
@@ -1,17 +0,0 @@
-# Generated by Django 6.0.3 on 2026-04-22 22:22
-
-from django.db import migrations
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('api', '0006_alter_cwe_table'),
-    ]
-
-    operations = [
-        migrations.AlterModelTable(
-            name='codesubmission',
-            table='code_submissions',
-        ),
-    ]
diff --git a/api/models.py b/api/models.py
index 3447c39..e3ba9b8 100644
--- a/api/models.py
+++ b/api/models.py
@@ -4,9 +4,40 @@
 # Users
 # -------------------
 class User(models.Model):
+    DEPARTMENT_FRONTEND = "frontend"
+    DEPARTMENT_BACKEND = "backend"
+    DEPARTMENT_DATABASE = "database"
+    DEPARTMENT_CYBERSECURITY = "cybersecurity"
+    DEPARTMENT_CHOICES = [
+        (DEPARTMENT_FRONTEND, "Frontend Department"),
+        (DEPARTMENT_BACKEND, "Backend Department"),
+        (DEPARTMENT_DATABASE, "Database Department"),
+        (DEPARTMENT_CYBERSECURITY, "Cybersecurity Department"),
+    ]
+
+    ROLE_MEMBER = "member"
+    ROLE_MANAGER = "manager"
+    ROLE_CHOICES = [
+        (ROLE_MEMBER, "Member"),
+        (ROLE_MANAGER, "Manager"),
+    ]
+
+    STATUS_PENDING = "pending"
+    STATUS_ACTIVE = "active"
+    STATUS_REJECTED = "rejected"
+    STATUS_CHOICES = [
+        (STATUS_PENDING, "Pending approval"),
+        (STATUS_ACTIVE, "Active"),
+        (STATUS_REJECTED, "Rejected"),
+    ]
+
     user_id = models.AutoField(primary_key=True)
     email = models.CharField(max_length=255, unique=True)
     password_hash = models.TextField()
+    full_name = models.CharField(max_length=120, default="")
+    department = models.CharField(max_length=32, choices=DEPARTMENT_CHOICES, default=DEPARTMENT_FRONTEND)
+    role = models.CharField(max_length=16, choices=ROLE_CHOICES, default=ROLE_MEMBER)
+    account_status = models.CharField(max_length=16, choices=STATUS_CHOICES, default=STATUS_PENDING)
     created_at = models.DateTimeField(auto_now_add=True)
 
     def __str__(self):
@@ -19,9 +50,33 @@ class Meta:
 # Code Submissions
 # -------------------
 class CodeSubmission(models.Model):
+    PRIORITY_LOW = "low"
+    PRIORITY_MEDIUM = "medium"
+    PRIORITY_URGENT = "urgent"
+    PRIORITY_CHOICES = [
+        (PRIORITY_LOW, "Low"),
+        (PRIORITY_MEDIUM, "Medium"),
+        (PRIORITY_URGENT, "Urgent"),
+    ]
+
+    INPUT_FILE = "file"
+    INPUT_PASTE = "paste"
+    INPUT_TEXT = "text"
+    INPUT_CHOICES = [
+        (INPUT_FILE, "File upload"),
+        (INPUT_PASTE, "Pasted code"),
+        (INPUT_TEXT, "Text question"),
+    ]
+
     submission_id = models.AutoField(primary_key=True)
     user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='submissions')
     submission_name = models.CharField(max_length=255, null=True, blank=True)
+    report_title = models.CharField(
+        max_length=200,
+        blank=True,
+        default="",
+        help_text="User-facing name for this report (optional).",
+    )
     uploaded_at = models.DateTimeField(auto_now_add=True)
 
     overall_risk_score = models.DecimalField(max_digits=5, decimal_places=2, null=True, blank=True)
@@ -33,6 +88,14 @@ class CodeSubmission(models.Model):
     incident_id = models.CharField(max_length=100, null=True, blank=True)
     report_html_path = models.TextField(null=True, blank=True)
     report_data = models.JSONField(null=True, blank=True)
+    priority = models.CharField(max_length=16, choices=PRIORITY_CHOICES, default=PRIORITY_LOW)
+    priority_updated_by = models.ForeignKey(
+        User, on_delete=models.SET_NULL, null=True, blank=True, related_name="priority_updates"
+    )
+    priority_updated_at = models.DateTimeField(null=True, blank=True)
+    scan_input_type = models.CharField(max_length=16, choices=INPUT_CHOICES, default=INPUT_FILE)
+    focus_start_line = models.PositiveIntegerField(null=True, blank=True)
+    focus_end_line = models.PositiveIntegerField(null=True, blank=True)
 
     def __str__(self):
         return f"{self.submission_name} by {self.user.email}"
@@ -96,3 +159,69 @@ class Meta:
     def __str__(self):
         return f"{self.cwe_id} - {self.name}"
 
+
+class DepartmentJoinRequest(models.Model):
+    STATUS_PENDING = "pending"
+    STATUS_APPROVED = "approved"
+    STATUS_REJECTED = "rejected"
+    STATUS_CHOICES = [
+        (STATUS_PENDING, "Pending"),
+        (STATUS_APPROVED, "Approved"),
+        (STATUS_REJECTED, "Rejected"),
+    ]
+
+    request_id = models.AutoField(primary_key=True)
+    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name="join_requests")
+    requested_department = models.CharField(max_length=32, choices=User.DEPARTMENT_CHOICES)
+    status = models.CharField(max_length=16, choices=STATUS_CHOICES, default=STATUS_PENDING)
+    reviewed_by = models.ForeignKey(
+        User, on_delete=models.SET_NULL, null=True, blank=True, related_name="reviewed_join_requests"
+    )
+    reviewed_at = models.DateTimeField(null=True, blank=True)
+    review_note = models.CharField(max_length=255, blank=True, default="")
+    created_at = models.DateTimeField(auto_now_add=True)
+
+    class Meta:
+        db_table = "department_join_requests"
+
+    def __str__(self):
+        return f"{self.user.email} -> {self.requested_department} ({self.status})"
+
+
+class ReportComment(models.Model):
+    comment_id = models.AutoField(primary_key=True)
+    submission = models.ForeignKey(CodeSubmission, on_delete=models.CASCADE, related_name="comments")
+    user = models.ForeignKey(User, on_delete=models.CASCADE, related_name="report_comments")
+    comment = models.TextField()
+    created_at = models.DateTimeField(auto_now_add=True)
+
+    class Meta:
+        db_table = "report_comments"
+        ordering = ["created_at"]
+
+    def __str__(self):
+        return f"{self.user.email} on {self.submission_id}"
+
+
+class UserSetting(models.Model):
+    THEME_DARK = "dark"
+    THEME_PURPLE = "purple"
+    THEME_BLUE = "blue"
+    THEME_CHOICES = [
+        (THEME_DARK, "Dark"),
+        (THEME_PURPLE, "Purple"),
+        (THEME_BLUE, "Blue"),
+    ]
+
+    setting_id = models.AutoField(primary_key=True)
+    user = models.OneToOneField(User, on_delete=models.CASCADE, related_name="settings")
+    theme = models.CharField(max_length=20, choices=THEME_CHOICES, default=THEME_DARK)
+    ai_model = models.CharField(max_length=120, blank=True, default="")
+    updated_at = models.DateTimeField(auto_now=True)
+
+    class Meta:
+        db_table = "user_settings"
+
+    def __str__(self):
+        return f"Settings for {self.user.email}"
+
diff --git a/api/services/ai_service.py b/api/services/ai_service.py
index d8ea995..fad18ea 100644
--- a/api/services/ai_service.py
+++ b/api/services/ai_service.py
@@ -4,9 +4,9 @@
 
 client = OpenAI(api_key=config("OPENAI_API_KEY"))
 
-def ask_ai(user_text):
+def ask_ai(user_text, model=None):
     resp = client.chat.completions.create(
-        model="gpt-4.1-mini",
+        model=model or "gpt-4.1-mini",
         messages=[{"role": "user", "content": str(user_text)}],
     )
 
diff --git a/api/services/incident_report_ai.py b/api/services/incident_report_ai.py
index 58d8a93..9760f8f 100644
--- a/api/services/incident_report_ai.py
+++ b/api/services/incident_report_ai.py
@@ -46,13 +46,13 @@ def build_incident_report_user_prompt(passage: dict[str, Any]) -> str:
     return schema.strip() + "\n" + passage_json
 
 
-def generate_incident_report_ai_payload(passage: dict[str, Any]) -> str:
+def generate_incident_report_ai_payload(passage: dict[str, Any], model: str | None = None) -> str:
     """
     Calls the chat completion API and returns raw message content (expected JSON object).
     """
     user_prompt = build_incident_report_user_prompt(passage)
     kwargs: dict[str, Any] = {
-        "model": "gpt-5.4-nano",
+        "model": model or config("OPENAI_REPORT_MODEL", default="gpt-4.1-mini"),
         "messages": [
             {"role": "system", "content": _SYSTEM},
             {"role": "user", "content": user_prompt},
diff --git a/api/urls.py b/api/urls.py
index 619090f..5efc2e7 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -14,11 +14,18 @@
     path('', views.dashboard_view, name='dashboard'),
 
     path('submit/', views.submit_code, name='submit_code'),
+    path('scan/', views.start_scan_view, name='start_scan'),
+    path('reports/', views.reports_view, name='reports'),
+    path('targets/', views.targets_view, name='targets'),
+    path('settings/', views.settings_view, name='settings'),
 
     # Check status / get results of a submission
     path('submission/<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
 
     path('vulnerabilities/', views.vulnerability_list, name='vulnerability_list'),
+    path("approvals/", views.approval_queue_view, name="approval_queue"),
 
     path("report/<int:submission_id>/", views.report_detail_view, name="report_detail"),
+
+    path("assistant/chat/", views.assistant_chat_view, name="assistant_chat"),
 ]
\ No newline at end of file
diff --git a/api/views.py b/api/views.py
index 41d97a5..b88b770 100644
--- a/api/views.py
+++ b/api/views.py
@@ -1,11 +1,16 @@
 from decimal import Decimal
 from django.contrib.auth.hashers import make_password, check_password
 from django.shortcuts import render, redirect, get_object_or_404
+from django.contrib import messages
+from django.utils import timezone
+from decouple import config
 from rest_framework.views import APIView
 from rest_framework.response import Response
 from django.http import JsonResponse
-from django.db.models import Q
+from django.views.decorators.http import require_POST, require_http_methods
+from django.db.models import Case, IntegerField, Q, When
 from pathlib import Path
+from typing import Optional
 import json
 import re
 import tempfile
@@ -22,24 +27,93 @@
 )
 from .utils.prescan import run_semgrep, run_gitleaks
 
-from .models import CodeSubmission, File, Threat, CWE, User
-from django.db.models import Q
-from pathlib import Path
-import re
-import tempfile
-import shutil
-from .utils.prescan import run_semgrep, run_gitleaks
-from django.shortcuts import render, redirect
-from django.contrib.auth.hashers import check_password, make_password
+from .models import CodeSubmission, File, Threat, CWE, User, DepartmentJoinRequest, ReportComment, UserSetting
 
 # Max upload size for scan (bytes).
 MAX_UPLOAD_BYTES = 2 * 1024 * 1024
+MANAGER_SETUP_CODE = config("MANAGER_SETUP_CODE", default="")
+DEFAULT_AI_MODEL = config("OPENAI_REPORT_MODEL", default="gpt-4.1-mini")
 
 def require_login(request):
     if "user_id" not in request.session:
         return redirect("login")
     return None
 
+
+def _get_session_user(request):
+    user_id = request.session.get("user_id")
+    if not user_id:
+        return None
+    try:
+        return User.objects.get(user_id=user_id)
+    except User.DoesNotExist:
+        return None
+
+
+def _department_scans_queryset(user):
+    return CodeSubmission.objects.filter(user__department=user.department)
+
+
+def _my_reports_queryset(user):
+    return CodeSubmission.objects.filter(user=user)
+
+
+def _active_user_or_redirect(request):
+    auth_redirect = require_login(request)
+    if auth_redirect:
+        return None, auth_redirect
+    current_user = _get_session_user(request)
+    if not current_user or current_user.account_status != User.STATUS_ACTIVE:
+        request.session.flush()
+        return None, redirect("login")
+    return current_user, None
+
+
+def _get_or_create_settings(user):
+    settings, _ = UserSetting.objects.get_or_create(user=user, defaults={"ai_model": DEFAULT_AI_MODEL})
+    if not settings.ai_model:
+        settings.ai_model = DEFAULT_AI_MODEL
+        settings.save(update_fields=["ai_model", "updated_at"])
+    return settings
+
+
+def _available_ai_models():
+    raw = config("OPENAI_MODEL_CHOICES", default="")
+    models = [item.strip() for item in raw.split(",") if item.strip()]
+    if DEFAULT_AI_MODEL not in models:
+        models.insert(0, DEFAULT_AI_MODEL)
+    return models
+
+
+def _parse_focus_lines(request):
+    start_raw = request.POST.get("focus_start_line", "").strip()
+    end_raw = request.POST.get("focus_end_line", "").strip()
+    if not start_raw and not end_raw:
+        return None, None, None
+    try:
+        start = int(start_raw)
+        end = int(end_raw)
+    except ValueError:
+        return None, None, "Line range must use numbers."
+    if start < 1 or end < start:
+        return None, None, "Line range must start at 1 and end after the start line."
+    return start, end, None
+
+
+def _user_can_update_priority(user, submission):
+    return submission.user_id == user.user_id or (
+        user.role == User.ROLE_MANAGER and submission.user.department == user.department
+    )
+
+
+def _user_can_rename_report(user, submission):
+    return submission.user_id == user.user_id
+
+
+def _clean_report_title(request) -> str:
+    title = (request.POST.get("report_title") or "").strip()
+    return title[:200]
+
 def _safe_upload_basename(original_name: str) -> str:
     """Return a single path segment safe for writing under a temp directory."""
     base = Path(original_name).name
@@ -63,7 +137,16 @@ def _read_uploaded_text(uploaded) -> str:
     return chunk.decode("utf-8", errors="replace")
 
 
-def _run_incident_scan(request, code: str, source: dict):
+def _run_incident_scan(
+    request,
+    code: str,
+    source: dict,
+    *,
+    scan_input_type: str = CodeSubmission.INPUT_FILE,
+    focus_start_line: Optional[int] = None,
+    focus_end_line: Optional[int] = None,
+    report_title: str = "",
+):
     """
     Shared pipeline: write code to a temp file, pre-scan, call OpenAI JSON report, render HTML.
     source: {"origin": "upload"|"paste", "filename": str}
@@ -73,6 +156,8 @@ def _run_incident_scan(request, code: str, source: dict):
     try:
         if source.get("origin") == "upload":
             fname = _safe_upload_basename(source.get("filename") or "upload.txt")
+        elif source.get("origin") == "text":
+            fname = _safe_upload_basename(source.get("filename") or "security_question.txt")
         else:
             fname = "pasted_code.py"
 
@@ -89,11 +174,16 @@ def _run_incident_scan(request, code: str, source: dict):
             )
 
         user = User.objects.get(user_id=user_id)
+        user_settings = _get_or_create_settings(user)
 
         submission = CodeSubmission.objects.create(
             user=user,
             submission_name=fname,
+            report_title=report_title[:200] if report_title else "",
             scan_status="Running",
+            scan_input_type=scan_input_type,
+            focus_start_line=focus_start_line,
+            focus_end_line=focus_end_line,
         )
 
         # Pre-process: run semgrep + gitleaks against the temporary file.
@@ -106,6 +196,10 @@ def _run_incident_scan(request, code: str, source: dict):
         trunc_note = ""
         if len(code) > max_code_chars:
             trunc_note = f"\n\n[NOTE] Code was truncated to the first {max_code_chars} characters."
+        focus_code = ""
+        if focus_start_line and focus_end_line:
+            lines = code.splitlines()
+            focus_code = "\n".join(lines[focus_start_line - 1:focus_end_line])
 
         # Keep tool findings compact to reduce token usage.
         semgrep_results = semgrep_report.get("results", []) or []
@@ -117,6 +211,11 @@ def _run_incident_scan(request, code: str, source: dict):
         passage = {
             "source": source,
             "user_code": truncated + trunc_note,
+            "focus_lines": {
+                "start": focus_start_line,
+                "end": focus_end_line,
+                "code": focus_code,
+            },
             "semgrep": {
                 "error": semgrep_report.get("error"),
                 "results": semgrep_results,
@@ -127,7 +226,7 @@ def _run_incident_scan(request, code: str, source: dict):
             },
         }
 
-        raw_json = generate_incident_report_ai_payload(passage)
+        raw_json = generate_incident_report_ai_payload(passage, model=user_settings.ai_model)
         ai_data = parse_llm_json(raw_json)
 
         parse_error = None
@@ -175,16 +274,9 @@ def _run_incident_scan(request, code: str, source: dict):
         submission.report_data = ai_data
         submission.save()
 
-        ctx = merge_incident_report_context(
-            request=request,
-            ai=ai_data,
-            parse_error=parse_error,
-        )
-        ctx["disclaimer"] = DISCLAIMER_TEXT
-        ctx["submission_id"] = submission.submission_id
-        ctx["incident_id"] = incident_id
-
-        return render(request, "incident_report.html", ctx)
+        if parse_error:
+            messages.warning(request, parse_error)
+        return redirect("report_detail", submission_id=submission.submission_id)
 
     except Exception as e:
         return render(
@@ -196,14 +288,26 @@ def _run_incident_scan(request, code: str, source: dict):
         # Best-effort cleanup of temporary files.
         shutil.rmtree(tmp_dir_path, ignore_errors=True)
 
-def ask_ai_view(request):
-    if request.method == "POST":
-        data = json.loads(request.body)
-        user_text = data.get("message")
-
-        response = ask_ai(user_text)
-
-        return JsonResponse({"response": response})
+@require_POST
+def assistant_chat_view(request):
+    """JSON chat for the floating assistant (session auth)."""
+    if not request.session.get("user_id"):
+        return JsonResponse({"error": "Authentication required"}, status=401)
+    try:
+        data = json.loads(request.body.decode("utf-8") or "{}")
+    except json.JSONDecodeError:
+        return JsonResponse({"error": "Invalid JSON"}, status=400)
+    user_text = (data.get("message") or "").strip()
+    if not user_text:
+        return JsonResponse({"error": "Message is required"}, status=400)
+    try:
+        user = User.objects.get(user_id=request.session["user_id"])
+        user_settings = _get_or_create_settings(user)
+        model = user_settings.ai_model or None
+        reply = ask_ai(user_text, model=model)
+    except Exception as exc:
+        return JsonResponse({"error": str(exc)}, status=502)
+    return JsonResponse({"reply": reply})
 
 def scan_view(request):
     target_path = "/path/to/code"  # you could get this from request.POST
@@ -252,12 +356,15 @@ def post(self, request):
 class SubmissionStatusView(APIView):
 
     def get(self, request, submission_id):
-        user_id = request.session.get("user_id")
-        if not user_id:
+        current_user = _get_session_user(request)
+        if not current_user:
             return Response({"error": "Authentication required"}, status=401)
 
         try:
-            submission = CodeSubmission.objects.get(submission_id=submission_id, user_id=user_id)
+            submission = CodeSubmission.objects.get(
+                submission_id=submission_id,
+                user__department=current_user.department,
+            )
         except CodeSubmission.DoesNotExist:
             return Response({"error": "Submission not found"}, status=404)
 
@@ -294,8 +401,17 @@ def login_view(request):
                 user = User.objects.get(email=email)
 
                 if check_password(password, user.password_hash):
+                    if user.account_status == User.STATUS_PENDING:
+                        error = "Account is pending manager approval."
+                        return render(request, 'login.html', {'error': error})
+                    if user.account_status == User.STATUS_REJECTED:
+                        error = "Account request was rejected. Contact your manager."
+                        return render(request, 'login.html', {'error': error})
                     request.session["user_id"] = user.user_id
                     request.session["user_email"] = user.email
+                    request.session["user_name"] = user.full_name
+                    request.session["department"] = user.department
+                    request.session["user_role"] = user.role
                     return redirect("dashboard")
                 else:
                     error = "Invalid Email or Password"
@@ -311,30 +427,44 @@ def logout_view(request):
 # Dashboard
 # -------------------
 def dashboard_view(request):
-    auth_redirect = require_login(request)
+    current_user, auth_redirect = _active_user_or_redirect(request)
     if auth_redirect:
         return auth_redirect
 
-    scans = CodeSubmission.objects.filter(
-        user_id=request.session["user_id"]
-    ).order_by("-uploaded_at")[:10]
+    department_scans = _department_scans_queryset(current_user)
+    scans = department_scans.select_related("user").order_by("-uploaded_at")[:5]
+    urgent_count = department_scans.filter(priority=CodeSubmission.PRIORITY_URGENT).count()
+    my_count = department_scans.filter(user=current_user).count()
 
-    return render(request, "index.html", {"scans": scans})
+    return render(
+        request,
+        "index.html",
+        {
+            "scans": scans,
+            "total_scans": department_scans.count(),
+            "urgent_count": urgent_count,
+            "my_count": my_count,
+        },
+    )
 
 # -------------------
 # Dummy Code Submission
 # -------------------
 def submit_code(request):
-    if require_login(request):
-            return require_login(request)
-    print("HIT SUBMIT VIEW")
-    result = None
+    current_user, auth_redirect = _active_user_or_redirect(request)
+    if auth_redirect:
+        return auth_redirect
 
     if request.method != "POST":
         return redirect("dashboard")
 
     uploaded = request.FILES.get("file")
     code_paste = request.POST.get("code", "").strip()
+    text_question = request.POST.get("text_question", "").strip()
+    report_title = _clean_report_title(request)
+    focus_start, focus_end, line_error = _parse_focus_lines(request)
+    if line_error:
+        return render(request, "scan.html", {"result": line_error})
 
     # Prefer a non-empty file upload over pasted text when both are present.
     if uploaded is not None and getattr(uploaded, "size", 0) > 0:
@@ -352,18 +482,39 @@ def submit_code(request):
             "origin": "upload",
             "filename": uploaded.name or "upload.txt",
         }
-        return _run_incident_scan(request, code, source)
+        return _run_incident_scan(
+            request,
+            code,
+            source,
+            scan_input_type=CodeSubmission.INPUT_FILE,
+            focus_start_line=focus_start,
+            focus_end_line=focus_end,
+            report_title=report_title,
+        )
 
     if code_paste:
         return _run_incident_scan(
             request,
             code_paste,
             {"origin": "paste", "filename": "pasted_code.py"},
+            scan_input_type=CodeSubmission.INPUT_PASTE,
+            focus_start_line=focus_start,
+            focus_end_line=focus_end,
+            report_title=report_title,
+        )
+
+    if text_question:
+        return _run_incident_scan(
+            request,
+            text_question,
+            {"origin": "text", "filename": "security_question.txt"},
+            scan_input_type=CodeSubmission.INPUT_TEXT,
+            report_title=report_title,
         )
 
     return render(
         request,
-        "index.html",
+        "scan.html",
         {"result": "No code submitted. Upload a file or paste code."},
     )
 
@@ -392,41 +543,210 @@ def vulnerability_list(request):
     }
 
     return render(request, 'vulnerabilities.html', context)
+
+
+def start_scan_view(request):
+    current_user, auth_redirect = _active_user_or_redirect(request)
+    if auth_redirect:
+        return auth_redirect
+    if request.method == "POST":
+        return submit_code(request)
+    return render(request, "scan.html")
+
+
+def reports_view(request):
+    current_user, auth_redirect = _active_user_or_redirect(request)
+    if auth_redirect:
+        return auth_redirect
+
+    if request.method == "POST":
+        submission = get_object_or_404(
+            CodeSubmission,
+            submission_id=request.POST.get("submission_id"),
+            user=current_user,
+        )
+        action = request.POST.get("action")
+        if action == "priority":
+            priority = request.POST.get("priority")
+            valid_priorities = {value for value, _ in CodeSubmission.PRIORITY_CHOICES}
+            if priority in valid_priorities and _user_can_update_priority(current_user, submission):
+                submission.priority = priority
+                submission.priority_updated_by = current_user
+                submission.priority_updated_at = timezone.now()
+                submission.save(update_fields=["priority", "priority_updated_by", "priority_updated_at"])
+        elif action == "comment":
+            comment = request.POST.get("comment", "").strip()
+            if comment:
+                ReportComment.objects.create(submission=submission, user=current_user, comment=comment)
+        elif action == "rename":
+            if _user_can_rename_report(current_user, submission):
+                submission.report_title = _clean_report_title(request)
+                submission.save(update_fields=["report_title"])
+        return redirect("reports")
+
+    reports = (
+        _my_reports_queryset(current_user)
+        .select_related("user", "priority_updated_by")
+        .prefetch_related("comments__user")
+        .order_by("-uploaded_at")
+    )
+    return render(
+        request,
+        "reports.html",
+        {
+            "reports": reports,
+            "priority_choices": CodeSubmission.PRIORITY_CHOICES,
+            "current_user": current_user,
+        },
+    )
+
+
+def targets_view(request):
+    current_user, auth_redirect = _active_user_or_redirect(request)
+    if auth_redirect:
+        return auth_redirect
+
+    if request.method == "POST":
+        submission = get_object_or_404(
+            CodeSubmission,
+            submission_id=request.POST.get("submission_id"),
+            user__department=current_user.department,
+        )
+        action = request.POST.get("action")
+        if action == "priority":
+            priority = request.POST.get("priority")
+            valid_priorities = {value for value, _ in CodeSubmission.PRIORITY_CHOICES}
+            if priority in valid_priorities and _user_can_update_priority(current_user, submission):
+                submission.priority = priority
+                submission.priority_updated_by = current_user
+                submission.priority_updated_at = timezone.now()
+                submission.save(update_fields=["priority", "priority_updated_by", "priority_updated_at"])
+        elif action == "comment":
+            comment = request.POST.get("comment", "").strip()
+            if comment:
+                ReportComment.objects.create(submission=submission, user=current_user, comment=comment)
+        return redirect("targets")
+
+    priority_rank = Case(
+        When(priority=CodeSubmission.PRIORITY_URGENT, then=0),
+        When(priority=CodeSubmission.PRIORITY_MEDIUM, then=1),
+        When(priority=CodeSubmission.PRIORITY_LOW, then=2),
+        default=99,
+        output_field=IntegerField(),
+    )
+    reports = (
+        _department_scans_queryset(current_user)
+        .select_related("user", "priority_updated_by")
+        .prefetch_related("comments__user")
+        .annotate(priority_rank=priority_rank)
+        .order_by("priority_rank", "-uploaded_at")
+    )
+    return render(
+        request,
+        "targets.html",
+        {
+            "reports": reports,
+            "priority_choices": CodeSubmission.PRIORITY_CHOICES,
+            "current_user": current_user,
+        },
+    )
+
+
+def settings_view(request):
+    current_user, auth_redirect = _active_user_or_redirect(request)
+    if auth_redirect:
+        return auth_redirect
+
+    settings = _get_or_create_settings(current_user)
+    if request.method == "POST":
+        theme = request.POST.get("theme", "").strip()
+        ai_model = request.POST.get("ai_model", "").strip()
+        valid_themes = {value for value, _ in UserSetting.THEME_CHOICES}
+        if theme in valid_themes:
+            settings.theme = theme
+        if ai_model in _available_ai_models():
+            settings.ai_model = ai_model
+        settings.save()
+        messages.success(request, "Settings saved.")
+        return redirect("settings")
+
+    return render(
+        request,
+        "settings.html",
+        {
+            "settings": settings,
+            "theme_choices": UserSetting.THEME_CHOICES,
+            "ai_models": _available_ai_models(),
+        },
+    )
 # -----------------
 # User Registration
 # -----------------
 def register_view(request):
     error = None
+    department_choices = User.DEPARTMENT_CHOICES
 
     if request.method == "POST":
+        full_name = request.POST.get("full_name", "").strip()
         email = request.POST.get("email")
         password = request.POST.get("password")
+        department = request.POST.get("department", "").strip()
+        manager_code = request.POST.get("manager_code", "").strip()
+        valid_departments = {value for value, _ in User.DEPARTMENT_CHOICES}
 
-        if not email or not password:
-            error = "Enter Email and Password"
+        if not full_name or not email or not password or not department:
+            error = "Please fill in name, email, password, and department."
+        elif department not in valid_departments:
+            error = "Invalid department selected."
 
         elif User.objects.filter(email=email).exists():
             error = "Email Already in Use"
 
         else:
             hashed_pass = make_password(password)
-
-            user = User.objects.create(email=email, password_hash=hashed_pass)
+            is_manager = bool(MANAGER_SETUP_CODE) and manager_code == MANAGER_SETUP_CODE
+            user = User.objects.create(
+                full_name=full_name,
+                email=email,
+                password_hash=hashed_pass,
+                department=department,
+                role=User.ROLE_MANAGER if is_manager else User.ROLE_MEMBER,
+                account_status=User.STATUS_ACTIVE if is_manager else User.STATUS_PENDING,
+            )
+            if not is_manager:
+                DepartmentJoinRequest.objects.create(
+                    user=user,
+                    requested_department=department,
+                    status=DepartmentJoinRequest.STATUS_PENDING,
+                )
+                return render(
+                    request,
+                    'register.html',
+                    {
+                        'error': None,
+                        'success': "Account created. Waiting for department manager approval.",
+                        'department_choices': department_choices,
+                    },
+                )
             request.session["user_id"] = user.user_id
             request.session["user_email"] = user.email
+            request.session["user_name"] = user.full_name
+            request.session["department"] = user.department
+            request.session["user_role"] = user.role
             return redirect('dashboard')
 
-    return render(request, 'register.html', {'error': error})
+    return render(request, 'register.html', {'error': error, 'department_choices': department_choices})
 
+@require_http_methods(["GET", "HEAD"])
 def report_detail_view(request, submission_id):
-    user_id = request.session.get("user_id")
-    if not user_id:
+    current_user = _get_session_user(request)
+    if not current_user:
         return redirect("/login/")
 
     submission = get_object_or_404(
         CodeSubmission,
         submission_id=submission_id,
-        user_id=user_id
+        user__department=current_user.department
     )
 
     ai_data = submission.report_data or {}
@@ -440,4 +760,51 @@ def report_detail_view(request, submission_id):
     ctx["disclaimer"] = DISCLAIMER_TEXT
     ctx["submission"] = submission
 
-    return render(request, "incident_report.html", ctx)
\ No newline at end of file
+    return render(request, "incident_report.html", ctx)
+
+
+def approval_queue_view(request):
+    current_user = _get_session_user(request)
+    if not current_user:
+        return redirect("login")
+    if current_user.role != User.ROLE_MANAGER:
+        return redirect("dashboard")
+
+    if request.method == "POST":
+        request_id = request.POST.get("request_id")
+        action = request.POST.get("action")
+        join_req = get_object_or_404(
+            DepartmentJoinRequest,
+            request_id=request_id,
+            requested_department=current_user.department,
+            status=DepartmentJoinRequest.STATUS_PENDING,
+        )
+        if action == "approve":
+            join_req.status = DepartmentJoinRequest.STATUS_APPROVED
+            join_req.reviewed_by = current_user
+            join_req.reviewed_at = timezone.now()
+            join_req.save()
+            join_req.user.account_status = User.STATUS_ACTIVE
+            join_req.user.department = join_req.requested_department
+            join_req.user.save()
+        elif action == "reject":
+            join_req.status = DepartmentJoinRequest.STATUS_REJECTED
+            join_req.reviewed_by = current_user
+            join_req.reviewed_at = timezone.now()
+            join_req.save()
+            join_req.user.account_status = User.STATUS_REJECTED
+            join_req.user.save()
+        return redirect("approval_queue")
+
+    pending_requests = DepartmentJoinRequest.objects.filter(
+        requested_department=current_user.department,
+        status=DepartmentJoinRequest.STATUS_PENDING,
+    ).select_related("user").order_by("-created_at")
+    return render(
+        request,
+        "approval_queue.html",
+        {
+            "pending_requests": pending_requests,
+            "department_label": current_user.get_department_display(),
+        },
+    )
\ No newline at end of file
diff --git a/config/settings.py b/config/settings.py
index d1fcc39..74ea462 100644
--- a/config/settings.py
+++ b/config/settings.py
@@ -69,6 +69,7 @@
                 'django.template.context_processors.request',
                 'django.contrib.auth.context_processors.auth',
                 'django.contrib.messages.context_processors.messages',
+                'api.context_processors.session_user',
             ],
         },
     },
diff --git a/front-end/approval_queue.html b/front-end/approval_queue.html
new file mode 100644
index 0000000..bf01452
--- /dev/null
+++ b/front-end/approval_queue.html
@@ -0,0 +1,57 @@
+<!DOCTYPE html>
+{% load static %}
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Department Approvals — AutoPen</title>
+    <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+    <script src="{% static 'scripts/main.js' %}" defer></script>
+</head>
+<body class="theme-{{ user_theme|default:'dark' }}">
+{% include "includes/app_sidebar.html" %}
+
+<div class="main">
+    <div class="header">
+        <h1>Department Approvals</h1>
+        <div class="status">{{ department_label }}</div>
+    </div>
+
+    <div class="recent-scans">
+        <h3>Pending Requests</h3>
+        <table>
+            <thead>
+            <tr>
+                <th>Name</th>
+                <th>Email</th>
+                <th>Requested At</th>
+                <th>Action</th>
+            </tr>
+            </thead>
+            <tbody>
+            {% for req in pending_requests %}
+            <tr>
+                <td>{{ req.user.full_name }}</td>
+                <td>{{ req.user.email }}</td>
+                <td>{{ req.created_at|date:"m/d/Y H:i" }}</td>
+                <td>
+                    <form method="POST" style="display:inline;">
+                        {% csrf_token %}
+                        <input type="hidden" name="request_id" value="{{ req.request_id }}">
+                        <button class="scan-btn" type="submit" name="action" value="approve">Approve</button>
+                        <button class="logout-btn" type="submit" name="action" value="reject">Reject</button>
+                    </form>
+                </td>
+            </tr>
+            {% empty %}
+            <tr>
+                <td colspan="4">No pending department requests.</td>
+            </tr>
+            {% endfor %}
+            </tbody>
+        </table>
+    </div>
+</div>
+{% include "includes/ai_assistant.html" %}
+</body>
+</html>
diff --git a/front-end/images/ai-assistant.png b/front-end/images/ai-assistant.png
new file mode 100644
index 0000000000000000000000000000000000000000..60c2e8a3e26729ec49efda9ca3b55e66d0c17a75
GIT binary patch
literal 87793
zcmeFZ^;a9+7dHw)N|8d*LW>l4io3KFC@#U>-7UD3;!qrldvFWx?hsns-6a%vxasr0
zcipw_-|+omR)$Fyle5p+`y*#h!j%-Hu+T}+5fBitq`!StK|la(|2xo7;a8*zD9qq5
zh%PEpUl1yx9}eJud^OXQHkX%2V1%EeAs~iYAt3+z2>c*{9|#CYIfw{I@K?lt*Kz>=
z@4JBQ9Hjs6{ND#{#~o@B5X2CqzkXKrKs;V~<?~_Bm+sMG@mk_EllogMvV;s^#x5K}
zlfu{F@-wlPG-ZxE{DiL|K~V7L(`tW>Ns+<hZpMAq1+C|nX2&w!USG1Tt+KN+6-_*4
zA1W@wpC#j(d6Avw7tUHF0EHNS-U-a1V8b>w({ooaGWF$oFLlod6A76D0TE3M0e};L
z@W0dl#o>R8;D5>Rze@1GiugY`_#Z6(j}!d=xe)~&#b>~OVL4Y0SX;kkIrCYjOeBV1
z5vxI8UJuYOr=GX}2O#M*hOhqMdSAX*nM+zZSM^YrmS9Y*7A-8;N-ky6otcbJ{>0or
z$rbz_oHrbAo|<MoEH|1~IwIHGE3d}Mr$L-z8Z3<qEN;Wy8{1B%9;Qu@OQ1z<uau22
z{g(XeFvQl=Rcn+4Quzxa#Un&JC5+e~R)h<t+vXJB&?<B0vCUfc?KfWYP({AtqHJ0#
zcR)(UfS0r`0x>a|j3GMw)NmZojL>>iFew6LoPdVR*nY}AlpZx1iJzFP6^W$l6_G|y
z6H=@6sx<>Am8wjuqU?o}a5ANgsx<sie_!`&gA+1lliDJA#uq%F%q*=>(#*`n_$2j_
zN5d@DDV0+Ktf}>(ljc6=xqhDkWgA~~s`IkbES%v<+(D_p-YH>~Bh^aldO9A{tDNa`
zmO8ipNd7Nrt=9uI!(r?UT;rxz1Jyon<)^5IU568yM>)+Qrpe!L3r6Zqg_z8KtyR^Y
zTLr1b=p5g&Yh!;0adiF5R6{)g+R$8o2=-?LKtENNnfr0m^7Ph>`A)3j8FkP?ROi^b
zdQxSmO>@aKC#R|du@}o|>C9MI3J@$Xq&YdEIWYQ53Mfv-jgMa3jjM)n+m4Sk8nL#Q
zU^c;rGTZ#y>$OsN$Q>J7W$0!H|BKrV_l=9o=>lTw!{HThs-QSi^6ki!B?&607aND3
zVyag1wOMLEM0JwOPBEU{B$=Imq-_8h!+PuT!EiF4W{^Hcv}8D3de`I+#VAz9iIaam
z>rZBY-lO$@LqPz@zGfD2XXD1!4}#M%r7nOwSj+rG*t(v#tk7+ysECtBg;vK-dYExE
z&5q~Fm9v)8E;*Nn-2@zBMeuQ)?m?!vUcb{|O2|3-@X8v(m?TXW6DsW-R>C+#{Z>u7
zSSEZ(4``pJ6|Vq{RGA4$_^m!@r_qWmDCVL3IHB1v4)q3R`Lb3vMlwucP~x!}tf!XS
zo8c*QCQV+MGA0k3N7coJ(?un66(*U6;umhj?*iFIRn$aTMB|~wQ)!#&SQnGi)kD=F
za;^;gmp2GvZ~tYHZ2|(|-0u6J^+$xj6P$HtZ|@i$vvDOBT!(O)(WH`s*<Zt@cFa_#
z<_xoAmj|@FuhpvqKD<Gt?p!PK0w9WGAV10!Q&Ziw=?`x*D0`sS(a=@zrU`SqOh|An
zl1Zp6WO2$G@srxqOnEB2MC@e%0eYC1cck27YVV6QwJ<Nmd$N9CFD!kYnd?`L|B7{O
z11y!LYS6*Feypt}V<J;b<K*<BO={ps)#Mph(KVeLOjQ@?0+eT4$z;zZbd;7Xd^Gq(
zV5Cm3UzV0?k9^qh@i`CyIYJx((bMVJ!j=X(LN0)E&}1+vB$6~slj3cnXTvlE7fVvx
z!Dx0S=-}%enR(P{Jkmm%lF}P*A-fL9WGo?CJ=5oip46RTPwDs}OW+lrd0HOHbt0)H
zXX%#{O!sKK(t(pPhni)Vw?2^{iH10avBs)Uwl`0FFoz_XiBYzp>$Yqt^Vh()v1}h0
zoe^8-6l$h?ixsNvX^ypF;oCGe=Cn!S5}}hN$T93T&KYOtWr34jG-_pD3uRUssmJ8f
zOu3ePBIzGidD9CI*?#cdL>g@z{>A)P%d*fZC?=*zLyg4|0F?+RYsc@Mfxv{&&_prX
zqY63VtYlSMpRP1zY>2BfugSC5ZXDz2dyncip?#LJUw>3vMB`i4q>4Gh(b`U|Y1|R)
z7Xqo(IELkSB&L>I`b!<S%5iw1zCN(-Xu^iz)8^F2W^&wS%;u!geH~R{zwUKaY*4RD
z#QX`Uf}ad7h|^)F(<jU=!*&|-wVbfakKtyu0@>ljUd+idF<CdX?=BSBC&q9t)NVY)
zQ(a2a+V?NaL-2zn3aSan%fd`?3fSg}JphPk+qqrK8ywi9KPlmZl3)<~V>2gR?~{ho
zB*l=z!8yKA4jKIv`sPnv=8=i_V_-5#rvduh^y*%2%Syypkh?s_!p{e4^S>g3TP&rq
z^A6hpheq@ew7$&l%$8iR;COqx3Pp5)Pn-$tKv#051VF_~&-c*nY3~%{OY^11`lM+k
zp7z$3*+>#>FeXWv+GGl*b7gX^FZkL*U!t~BO43B>G7&I$ntE;~6rPpkevcBE{!PzL
z4xTKTYykm2d#6;1H~<M&F=aM2QHD;EH`b6wMygS}+Se0rnc`Y9B{;oP*K~*~jS2|}
zJ~~KiPWFu_L5w-9OJjOAqDbeRlHI|&HAQ2X+j2xG^DdM26tIqJkB<I{mAe%ym`fzm
zxdh^4UJ-1h!Cyeb9^{=-vaPPB1zw*kWA^L!g)u9FQEfB2^<pmMAPyu1b8N-RL?o)E
zxCOsSA<g7+(<D&}sjj_g8NZ`SN)}WZ)1v=Wk{K16rT8NHH%_DoFflERifEByXr42p
z?5kQ>+UI8^tsDG9Nx^Rjh<9%miRsaiDJYQX7xOVa`sGRtfMX+dBJFgk-^d_iWsT`m
z<>IXDBsL`2$+NSnw@uBm4GCo&+}U>6*W=0f-u!CJl`|{uM?QOpB2*NeXBu{_?rums
z6<9+n=>{wd&BW>r8BeqTXLhAl?rYTv^)PjtraZ4=wfE6QTkVMwF&1=#Y)~*bDo!cd
zXLZZYdvy=HjoM~a#C~K-dogAI$OaFwrPb*g@)sL!j|86Ji-~n)-fQwAQ^ew}tG;@)
za)2=FCdrq1$2(Pw%4q2^o17R~gKHpA9c>^Gh80XBlQ=RxA{{~;@|l}-UvgA8lI$oi
zWAu_WvqaA?b#zRWXo&S?_`9D4)a6XQMIUy=)YoHAdaXM{cmtG`&n#u7{FW`48J?A3
z8GAb>*A=Ber(%*Yi<zzv&EC0JO7}qoxS8qsC;uCfu-WjR4v1w2ssE?Bj4>6PE}MT8
zp2xrthSqRb)<g2I2sZ(A508DcBGa5T8&%}PqgGQDGTSFIuE>*pYAe*ZrI^yv58Lz=
z+vO_KmCDU5nrM2{#%G>pPZ%+y_7*SPiCSk5bP*0vqnMB*Tt*Gd{gAg^zF?3y>BGvH
z_^LiqfKvGU1?CnpstD9lit|;nn~YL)4iK$pXj0`RpnZ~q5US@E)5bj5z4UJ#=aKUf
z-@?>$D^-V7w(vomfG+jd6clTWR^_h%5^P;G)=0~EGneR`<4aRs`yJCw&Y~Bi-ZCTO
zr6cEJ#pRSGrPESEDHg|!^n^ukC?(41T-;Jt+*@7Lh%(YJD2cT%TM(M`4Ou@;v={z9
z1>C#QrMc&x671n^Mey?z$c{@+CCD*!ZoVFxu<jTG>eD<phrdldJ`$AdL_XVT(I>2e
zFV6QY@WjiPs1bsbi!6i`8|>_}DJ&3o>g8ocjn-3=`gM<9ltw)dSCYmwugEbw7VUfW
zkxH*TFIt)rOAf6_K{e$9UDOYVcS1lR-HNWwfQ%l;hkO^&HTob{fUCmHFkW~8Hy*#;
zSMZgUu(zk!_3@LFwDdwkDXu_oo2}3Bm{H4T#4D(VP0Ss9-POZ`V~|d?8-jqWj=%2g
zwl|8%WW=M)dkF$_WQ7*D4zTWW9v&VE=eD$1bH9r(u;m%$SSTP3i1fbtN@@se_|Bn`
zWSW|^6Q4Y!$GQc)WD`{D**Qw98tYc7jWDjJpKN&5@>=r|N0oZz=M3ioLUx2)I^Nc^
zhd|-aPg=snn8a(ZJ@6)mKb!pcenHK#_lER27{0h9;pscTXUu>@?~F)?ryy*^qqC4}
zQp0dD!_n!Q-gyjNgs60O)<MLtJ&F$m_zzsWdP_QqNS1d`zJ^Q^J6GhuVaC%CA`)2t
zYTH<t!^KOrz8v>~3<X$~H>+cs6@jh!q%nv$+&9&$yKo`*so?21Ua_aTO5H{{EQpd1
z)Y)~!#43V<h=$(|Cl`4y=m-daBZ76@`l!v(`yQ;+f)`6hlMWF<yr!a-n)2KZyRp+V
zC5>MYnJYxTS~*W68+ug&2~1rmw<2H4u&&R=+U6d{R+bI%dH+QPDE)8q7u+UwGqa7G
zft3Lp;qcuK(c}rw(UVV%b3S0HKVJi&(NWp`The8X2I=xqeXq1iuA=Cu{U=U&4gR9U
z=NHdzju^wKcDWinNZS3MM3E!317z*&d{?8m^lTXZP{j?WhF;y4JdBp<|EVjh;L%n0
z{3cIbED+(-U-_NV`RDceEF$OxC$<&$mwjH>IP$i8jWc4ioQCb!B*xT~MK+5o=VS$!
zN|gI3m%RrQukB+s8lUaKX9{nbIBSKF@%8<6L%b_%*Au!eT6<bTEO?Xx;86n1htDIU
z**1t-STtIU4XGY580^`8Z(mG<{4CkY5`J)qlPy-pPckNm(AZx)3ehD<Y{qO73`(dO
z<9;X4#+uokfw8|5Gd{kDe2)g&HT-M%I?x93Zj(3jbV)ZP1E#0R*QBBAye4}S*-*@w
zWQ8ihnXx>H#0=+-tE+$LBZpHollETa#-531XB(6!-Kl~=ML;6+4VnLlM^{D{F5U0u
zo4;^7n%+E6iX6DedV*EtW@12@)hx>Iy?X`LZ|<zGfaF0Qe+}*>6xJ;?_OK%(db0Zm
zH+V1c3R3I|9oyy+Ly9ib6C-!=izpS%Q12=6<j6#IRNNnKzWYrmw)rV4u9fImFxc4J
zH)70UBcdG(1rjKL1*^K~-y%~~rvemoHfm)c-5fK5U|OWA+RdjM)b||n57)4~RkcTm
zC6R8N+rxafOZeB8U!8Kf$=<$BAwH=wRevGrO}a)rZF&WO(O27V!usvc@%e~!bljO(
zAjdUj4ewgAfr^l^{2%36qd{i}8}m6IY#*ehJr7$Ellk7p3Y!QEd!MXUM!3!y*1~aL
z0>JCZrCrA*1W&Yc)php5lG<9;iGmyA`+nZ97E!OBR!e@iq=m{J9oeYrMFTSzxVX1I
z)Hy&40+v@5kheWsS|bbQb%<jH3rb02bySlimd7&WwU|G=xd_lO>+RjTpZ|*u&ab7h
zkY%dypQ{sIYovZsDcGyz)3#!WXQSr91MuRAiTNRYXhRA7LWJYiOO>pe9pw#EpxNOy
zF9O3V9jZzk7I&`hee@SpBu}n;DohKfOu%wCC4VTS6?W72N~77de3!Faf-#%Dk+m&K
zy)(&cWkdYY4Gb@koEsx^mkG$xd-^E^kO+cA-x;RLg_vD&O>sqg7NBPhn^tt|b8@c|
zomg}q(jl1*I|OqbY<t+e;0r$IOg+XvSv?}b*K<OEw*WKPZlK{y&OS<78tNl6*GiVc
zcn58Q7i{lcXM28ObDrERiCR^Pfb7{A-$^i2zB^bEIxAp~HWc~XnxKfFLmF#PJB+dq
zBc8Pb>tZhuyDk)ikp(Q`hKg60c=;>o*)pa9jnA@tIZxD<Nm!RxC(eF%`Z^S3aFvO|
zx=zN5?!#H*2?yHxdlqHvw9hk2*NRdjs~K7E{Kd5*msclMh|q$89QA}BwS-u-qjR(}
zvoMM0KJcZ&B=C?xi&pNO+s!=m#}vJ(Ms_byZtWVV>WzSCL&FziSR27SEWoF-Ge>uY
zHLDfUR}gg}p7IQ(cY#_^nwcBC+{$_N2u%QX*50U^l4FP9rW8+oJp7EYcHZ^`$XmzJ
z41y;+x1o_b+IA6w2FbM^^PY2^4K0a(ZK~&)TJ+Vay}f1e<$=nVNw-YsZGwUl%Z|2%
zxL8(pD@ma~MRfv_v+}qsgiG*~g*m5&T2iW35cV5I>cPR6iWpgMe<fwG2pQU}i0HiU
zrwFfI40o0+v7B{eoLHh|)_&B_6m);-HA)Tqnit1z4Wx;iq{bGQK)lCs)}RyXSxim_
zWhR_>iImCA`!$H3)T6eZBkxVSE~%ph>D;b?q%SK<$G$K16Jg-Gl@VH#KW}8?z>}bJ
z8Du+4M*$=3!k;g!g?ZU{`BU@r<UzQy`K&N;<<=V7x01a9R)b&0$3(wvH;wg$Ld6i#
zC@9zhGQ;Epy1pQegq`v)8Op@X$w^Gc{0Q38V_|V%#SR5T4Ab_>o8!N+$Q1Lb6vgK?
zbWHAR_J$hV-uGOErO&DJ{eT0nT*w{@i{k}i^C;D(vqYKknaAV@*b7vZS@}xWD)o9o
z+i?y=*V0Od^Q%?m*O#16$m)FQgaeYsOcY8V0J@dd9ZD$;)4T&zg{OZXwi=I5n6W&C
z(=xd4X|$44sRg6?zKtDJ501#wSg~@jy<vpQNgfG9C$Wwm>_y#>M{Q+7=xIX&^dOYQ
zY`j7?rN|-yxJu-^v+9qQ1oiPg*PVM;3elbFr9#`Th0nRqsyDqL@{g_>y6K4S2m!ES
z8xM!jbtPEc-Nxo<>FZpeDwU8?V{%WS(V&d;BDRzm%n?q;ZOglMk+-7+R&h1*`LH=!
z_JX7avSl!_zZHom9g2FjovcMA9-16)EAPd4oA9E^!i|ZBf8?F;vk5oOydxrd-_e83
z`+WAD=#p>Ob~6=$L02r+;cKV)K#(LvN7e|uVjbbaQPdFUGF~M;HXNqYOohO){k{WK
zErwQ3Pf@`k&I)k0a0F*$0cSWxI4Jt_sg5NomLKX3KV5s&QSwK1`AE2rAq0{#z)6`D
zj1V6kUY>Hq+8(XtgOW&mR>p?LmfTOSR`r+8)0AivlJN~jD${x@5~qAVqHJTJB5z~x
z{Y3^WF*tG}HtX59e}C{15t)Bkxn1wS#K`r!%I12>8Y~(GQlX7Cx=a|a;ApnOLs_4`
zfrm3si&&}ZrdupOK2#+i1@`{~G+LhZw6QBGrm8%8E6tTYz!I!{#E_^oTL0cYI1_TN
zOX@WI`u9o}a@@x?uwMAgmjLA1_pum4PKseN7LHCdV@FpmE1xQ0DHayEy^|Lm+G}%2
zxnnm}@<I9gPk090XxpLidq2)A(wiw`I2M}EEil@D{V5+M*ID0Yz1xwzBC4}-;b{uY
zA{Zx{9OmDs^XOrqCt3kfQLr64VDgBFBHPna5b4lQWoALwRn3ME3w7t@ZM+`o;%f8{
zO2ALuRc4$sqGYGST+$mad81~{F~)Fte2j*Oye(+Vn}dU+DH9;e!lE(C0dafj`#Q`f
zGkfd%5cBtNWQ2peqBYQi6`?2#;Y2Khu(q0^M|WikuHC%>An3TR<PoFn@D?|kZE)A)
z^<d^zg`*7g>Xu=b!2cAs*5X|_sz=s7$lzpunXMrOrYkHeO^>ef6c4v34$8F>`0|_0
z9TP4C6!0`Rs{D%xh;{<SoY1&jGtsIK7M6;NgdKP<r$k%JPDE$9c@oR4cqq(jwFb<J
zq{f@m+4nMwiO@e%80-gH;LP&_>=Aq`zA|ORr`!n|e28rwz0hG1BFUWb4(;T5r`X`z
zSjqa=ZA!<}Ij@xy1`T3>qdq6H`t8vgaqw3L3MFPhX68zkhx!sHDOS5M5Bu4-3lRsM
zhb;9fC~BcCZLeJA0)Ac+3VV}V_X(Zsa{|UtmG{JOB9*uwDW-lvSMqCHRWU!kKo?#I
zo#g&L?Ax5GsKKoT*PG!55k-o}2?Fl>ImY&dEEr5-FXhP%qYLAo_`!gSA8V&_Y=A7f
zW3$~$NwTHT9oTaF3{*ekYx|P5Lf|JZJzSz1;bhkLoY*gPjgNR2ALj8E;7L=xfY@9-
zNjV@F-+};C(=X*d>&`9N?(gUn0xCb<cV3}Bt-UWHecuzE?Ri!I*$6`wZdwJxG;P(N
z(Og|Ku%&88f=rO6$gONvKy{T31z)eT6Bt@)w3=n7g^0phxw}@#4(75yf_$2y#KoR{
zfJ&2J@aF3RmV;HOpj5TfsWMh+GRqMl&8@9kU=US`pSC{mp0{u(Jo_@U#SQgpRF6;Y
zWAzn)@4Z7i|127!PEOg;51!<!;}`{@i(HSoD~r>P2eC|BE(X^mt<9|3YayYzKx}}s
zj}?WI2Ve;=Ho@c^p{S1^*dso`sc7(ScDma^V{ZA5H!JaFr=vrU(t7ZpyI2EH85Y#R
zLkh7Is-cQk(3zi76^-D5yi;LUo1@hb^-c@(5L{Je+VEMtuS5&b^=U*9=T;>d$95$$
z7-z^Jko(oP&5A1jflm*!6F43wSCXn~LBFM6l_HVPyz+G1kMVqeSf!q5_B^LFxbgNH
zi!0%mcn>l_hZ0_nWPjD*qVWM-r_3!Wg`a=lYM%GX%kQqVrjwy5!D~TczWbmEe(Vw_
zCB+~wDj=AxdIgbxuQ1P^f93W7Zb}WZ8QiZP_kG)!QoHKtY|!jI`!=D!7od9E3eZ6d
zv?GEW4kxV$DD>!vhp>*1Dm4}!6t{2H(mgK!vYe<Tn~g-^H@=|KnDd{Y@0AuS=|Mk?
z_Rt2cj5XPW2(14b9X%kh|5ZQ|&%$_^i-SFMxt^zy!C5<NC7E9sR5|9Pptd_UTyi|5
zq_}BtxLDWup(3>-AYDY``@jQElPBU$x&MW14=!AS(jYgff|erH7K)$2eaA5(lPwQ%
zNLbO_S(aS12Q5&atf(jAx3NpTx`Ms1Y+ArMjnWw|as<#258(WM66?21X`V^0Z8DHM
zx$~6O#^)r(*X;Q;s>36F|HNejv4rmi&_Du6r(Dmv;x*gQq(_d>%4vU!2hAq5x!HcY
zI(m*hSF+fHsf@}EQ&Q24a^Tq^1A|Q6%_9zzsv^;e&)sS^#Nm0wh^*S&=W{lFCoOF6
z*9iIZkW`%|vNCr=VSle1Ollt3rHz6UTcw71A#Nyv$Xf57S)LxP`_w-acE9>0MY70L
zCOEChOnc`WK^hh*@oT!Vp1JwS8O{LW2sq)EfDWVKA<4y^k5DGbA4O3&n9qs+%ggVA
z!xw&!GqS^XALkx^CnuvZ1&M9I4OF&e-$<4v)WC)YI-hXE+x<R*XJrS^>y3Op(n4kH
zo`6aO*$u~E99tozVMRazIP?AP(#u*Hg?Yzw%u<dEz|o{|)JuA|Cqt(9CqF8%&p?D%
zB=hIcT9tkB^RiBopWojDZy<(93>|#bE&m3U{)YTVmk%N<FR5pXpO>~j^;^%)pa<;E
z*7lkjh4<v-ahSb0TC}a!5qZDlxH#dCm=hks=nScpn8+G#3|w&7z15_oAlkthWPI3F
zBwSC8N<HzrW@EiAGkBUKP|NZs7I2yS1ld`FG*(Xn@WjOQ4F&PjYp(z&Cu`ROK5BYf
zy~74rNnYe4O`Y|+b5olRku81s)(ol!y72_o+RUS>X%XF9GryWj5?VIvva4>$r#~80
zeGqwth^9+dEhh$pTBPYx<6E*OL3VucYL$=9MzpWkMm!Hnva;Htq=&GvUtbUaHn{L~
zpk*Dy47>y6p(K&373TLkME@*16?QCuiD^l+TDZF>FXDq(udGXr8!ysj1os#v;#2eJ
zRX_JT+aJQk(Xi0C0ql^Rio&3sVD|^yPQlUqNMSK{P#ks7gEz=hSwuH!kwwf0H)Wsd
z2Z7JyxfdYGuVlu-_3L(UBj`08C1rEgY2c*g@4ku5Q}eDbmG5p<y_;%BVYzBq!2odo
z1C2mImVY>CBYs)7Q^AcupnYY#1OxHzi-8cFHQ9ezZwc@@gA_Zj=w1;xJ;pa%IUQ{l
z)@;auk8QZIIA2Vf@*6{aw}{62v-@1o#MTGk`&tgiL7<P0nPTE|;bM$weugcl@3UcT
zd%b#ORmUz!XGiAx8z`z;T8L;4aBo|Ot~w&X$IpnKqOt0)a;&|)Vo`j`gwIpzc|+*S
zJRYVHxBKol<L5RHOhmM0O*n^(_WjF>Oo%pJFRDhGdgVv)KC<)luih(de43JS-giV8
zl42bJM2i2JpPF#GNSN|7NcDx)Qskv?Sfrlga*lv|@`cy$8peL(`_Hg`4~MeO8tm0z
zF@=Cp?gu}g(c9v)bQY|$xw*y_BAFr}ByUxhoEUBB3<Vw!_oyy;<Za{kkd~e=8`az*
zkG%^_Pu&jOGxyK8hb&Y@O2KA>$42<3ul@mKx8N&@CF1|!Ik4%<v0U_d$*wVp)ZV%r
zIJF=x?Rwn%%L~YBMoF<o{P3<2ZhwATr$ushnkw24)SSZ4k~!K<&3==~Xv6yQC5Pj#
zeIr3C;S=0ZOa515+ptyx5tiB?z8<U}2OB^KuwO=mZ^&$SwZD#-a>SPl>=8mU%`xX>
zg9Cipoo_$DIl~6vJx**ShZAghiWq%bQ}kK-rg{woD^p8q^e?Pxb#d(-jY9d7BL<g6
zRi0ALB^4)4AeFPkA>zVm)8rTkAf7Sx_2?LM8darMSXeaZT66BWWlE%LXYnUzg^9+9
z$SS1qoajAhJaHU4U>cKh=o=ZL+GI`iOJKdN<U8EzW)Sgt2f&&C7RXID;T%n&&xE+L
z&F>#Oleiz+O>(ftz2xtCn0=%z`D|HNv<EP;3^wZk>Wjbxa+4GlUrkymh8J>11TnLE
zYo@i#he-u-OV9c$N#XsnS*qnFk}tQ@^AzDtVO-3{qQjevb8XvmW42m>7HHxDh5f+5
zn>}*@sHP_yhRwvQk;RVF3q~SJVbJ&{Myh{n`@gy!AH9lqau+(`zIwHGdKRv(>ht6t
zlOA8bMEV3b{W_l_aN$dp3C-3~47&Xzvug+n+jC7DYkQn5%4Vs0xLdo>kXFn?A4PvK
z4((X^?MV5FN@@uYs9`X!l9eA7-N?C%t$ZaPS;N&Y6evPiz*lU16C)G>zoj5g5TB)+
zARgjfX~ur2!OG}EZGJd*jo7|ht6<tunGJ`2WO}?zz9usF_y~)2jGISK3W-n24dVrE
zCqXI8UF$9E0OR;J2*1W;=v82{4m2@F@h}ElBqQpz#sqSsF3@i!AaHey!}i8DgBK4T
zHACetg^GB#+7_GK;3@m&eY9w3yn4c2572_u>!^-RL&LO#ecqSNjrzw&QRJp$8~#7Z
zWC|Uj#0R`H?sW~SGmM|Lz<$LvMT7MA?Di_Yg|3To(Te7;jD2h90P@eB@*%!#H87~H
zpY7gt()psn_;r$zMb+IrUg>FuC$liv{}3AbW^L3{ST8MChVig~`VAMvY@U>+>3!T#
zV(p}gXpEF!qQKMTOp$E*dq0100gSIBs`9r&rgO>l-_(YZ?#n9GWCP#9RXtIIvZMHn
zE8QB5r~scL7;hp5d~I<Ax*=~XEMy4mEVy!KlFOF6tQe4|MsYps$=j{Jke(hK7Gg4*
zX|Nyb1`gu;n_Q8W<d!JbgJ#-GYigL@h094t@R|(9%4U)?h-~U>L4_WIYKtDPM##b6
zAD*MHjwRey-yfSIZ}WB;9kWYR2s@9x<Mcb-x9JI;I`~oQwe>Sq+1_8pe4{yQ^y`YT
z+Hg~ay`%MyUXSNjd-`Y%(~s)LplxZ>5r?pLUk8zqq(xxL&!1P{vaMT%FAncpAW9s$
zOAlIL#yIy(r`Mztc582X(*EtJ(Nh3rT-}0PE?TV|&EKJNN55M)*{YdOBDy?PKT&@+
zgqWS<Lu1MkmhYRJK3Iy(Bz<`IwE5(4>?I)}e8kQyjazXL)-58si(dct4ZutJr_=Zr
zXZD@@W?p0WOM2@4^cGwvm+Jg9VhBvPp)@X`A^dIA4OU!<Cmw$OgCy!At1%l@tY4*}
zB8&=DORAhe&S0aQI}Xq_9qk|Tn6<wSCj+9cBp$iX&FTry%xUJT3uQ+<?tDc&!|wx!
z(PBk+k5*+LD|b%2t-&-xMj(Cyzm+~!e)?0Mo45UjUA7Pb{R_f-#D6UjzJN)HnmQrd
z#K9k6ys0&=vPr6~_PG~<gRJ+`sw~^3TQXBt9C$<#>nr68HV1j+LBpM=)q{=u;De<9
z-oAKa8)HJaw}fqe@#1%}WtPoH%qp~LGl>-DsaOYoADjN*z0eyJ)vX_759vlAKRF_F
z-J2lujivsF^1LS%X-eFOu5Jxf`xrA;#zeGOxn5&)9^06BIkw;QqfY3HxGq%V5~9TN
z0&>drPT_|sz*dh3*rLCNDaUizzH_^W1ZXw6vHt3wRl+Am;bzp|W8yudeTq00nbzb!
z!k18jaP3z)WuzI(^}Me|_d%<x;^A<BdVHJXLdm<IaS#=;YZjmPC;I&D#0oZOSx{K%
z{-K?HEq^9+#npu(B$M*D>xAMHC-6Y(+SRQsUPoX?><>Luop^@0sDRpSj8XeTI&WA;
zv!IHe^T4IKcSeS<R>w}#Vea<dzE%la?o%ocK1Dck3Ps&vKOwp+sq6a%4N`gT%hHA1
zIS4NNU1r*B-;uOFmoBBhd9`qSz-wyW%Ys4poo<P?y7kEUz~jEpU**?x;nL~K99hgD
zzEiNcZU`QbeX^q!7Eo)4G7#|*E^4-$1H7XM(&Gd>WEO0-g}n?OK36gOioEr_Gr@Xb
zRo%HWCzLz07yyhjKW|RdH>jsXFbx=IGej6?(`nSk8T&_mMpmLsp6t;uc#o$2pmDKa
zobd|r4%b_c%bS;L+h5J)qO6Q&ILC4c>K+-zJI+EP_cs4RP$^zQQn#(s(ltf4N=JxF
z<Fv(lZo1C->$EIrt;bamxoLXYsbgbA>tzp+^&skZ`^}09Xkn%$|C=l`*EcE8mjQ;P
zbgaCMnBgQi65$4?Y&i5nh~bbOj(h~gTxKRcE1txZ9V97mdKr`7^;YlGPPW~Co7`}j
z1Spn}toO}Y-eBT_)6T4zn}!WDSpq?fq?UACId07a<0}UFJs?SmlnqJYz+$%52U2ul
z3gdD$*4$!qaj}j*7>sxVbzyq`&&YZ8O5Vt$*79+QVCKuJN=(1cCT;S4OS}qCQgczR
z5pPGB>}R`S8(sT(P>qS<`dQV7w!-_T%vWWjlLvLTXZA0LAkNLrW<h)DnrhsC+td=Y
z>*k96P8v~(fl2A<Z9A{*OMKS$*Fn!Ym9={aC;?&04M*O8rnilpE)=YntEcn4GN#3^
zbfuSld2f0c$*1SkyrYM2h25j-M<(#6Y;PfK^^GP|_+b;%9#1=v9xiFHKCwhhgt6;I
zq3a;{$>WX<obZ|GDyD=CQeY+TnmK5jZDur0WiaAXYmlF;dU&lTB;dpTkfh`A^!unM
zDdkD}qOE{|5}05VL0}9aHih{m9mu4=V^H+#b*hbw-hm@6&U`ZfM(k7p+<W|nMgAN7
zr(M%L>}R)8@}GwSv0`4w{ogigT<r1BPmAqrYu&{M8=0+7!8#C?=D1A?hcb<mY33~R
zycBB%ZUD2>Ot$mRrUE~E({Nev)G~p2>UR%zfeU3)q&Tw}?&@EGd_(G5x7dL5V6tWl
zf#z>ng{!!Tw~tOGo`jvdKFSOb6X)OO9*&M$n03Pwt;LaR5qL!g!UB&ooh?rUq*a%9
zs)~$BkaRoThXK;$7pEO)Al#t&r|}B{yqDc#`V(1*uA<vRu~GCnc^*4o%Dr+nKdL&-
ze><CD8Rd|`Gf6W552#qK=?W@O4zBn%w9t&FkB0L-P3IT!oT>?p{o6=AFUyIGOd(k;
zAP?J&Sa>Wmhg~FrVa_yvWTcWg5H3kg{bn5ehgW#nS8NemX_B1QsNxV$Q%(i$TSFhs
zo~(QLBvQ}N4^^05pT-$rek;e{jqd(!wnwOo{UGCtcn+|{uNZ+kXsIIylrma@)*b?v
zXeEvPxy%avI<Eg782)j#>kV<CQ-3QM5wc9+zc<YI?6yawA=bB#386WUBhv;iWmP}C
z0e_(g#fqwU+a=Gavvpivn7`%Yv6$wo!T9W8(DIN(>P;Y_vU%3D^0UoSR=+Nk3HI)v
z6#`$cf{Fp9b@WvpIWGQ;_ooI!P|Z{O)~kL<rpCy3);J)WnF+7c=LTOBqRcf}c<O9F
z<J~w<5+q^0Fh-zOvfBoW0WCoNmLvBB;WjTjKLtgm`|8V_zjTU;Ubat%Fsd0OlyDP}
z%=sSJG4TM7{xyrkTht;sw=Q_qKBTi$a`wuN>VZ01Y2t<+cQ5N61AX-@37tBoXhro6
z#x`N|%LK8_9E<D(@rEvBk!0}MKz2SkF#jC}eM>mo-_jr=v`8PQ7ph+x{WZRm>^l2i
zF*8%%t+tk3YtBuOlNGYL`P0v-TIy4W@}}mSe=Ql&1UNIv{p{LxD(3H6d<IFq-+x~$
zS$mfr<zIf+Kt#ghZl}4(0XV`KO3`|!-%-<L{xy?V-(<B-)-CfZcQF>Jt4}lU^u>K}
zy?eW^C|~m3c=g&1)5CRp35N~Xv|sjkny@tQkSoG{t3+QE^<Q{#=G76E!!IQBbwCSs
zllX~rJ3*l@;`ODP<UgadUz*SU9)Rswd~&On706i2X{+z4lXXIuGogdHMs(W#S!|mk
zlJG7}=3kS({pnoPyjIPc%qH?u3f$K>UqzNCxvsMs8qy$^T#U+sTkev&)5IW7*6Q#7
z9?J-P#KjSokfeNjptJ{@)Eft$l9Hx9xe9(iA72emC&aLG@4j%lv;59RenT?i16PX{
zpwYi#myJ508DSOmKV)+6iLJ|}mnY=gyB8WyBdr-XO`v8<jd*;(I!Vu7BcqV@klIc8
z{|X*8#bSO(>Sy;iBNv1<j)BR=LCmO)uL%Xf6X3jf!d1M*#_Z0EkwWFv@8=UY8T=gk
zV`2WhG65IVCsDyz%3+wz-)zURV1B9Ih}ia$2*l^<e{?P^nzyA$&$-JgE(2$Ki$GY|
zQXNhH4);W*jN+e5UA{d%IJTk?G!hV;Et6_!ldXpSH{?tvvCp~N7t-BNCnX^LW|BL$
z);DdxTU=x#<3Ag^!KJar-j8PY0)!N8?CiA}QJj|*q=%(vap}7XKhE^rEH#$htNvfR
z;VR}5Ajw0!q;Yc4_H~ZZf5|E(W;##wa~gtfrnhp|f;!^DMd`rA04cb;xfOgf-T8Fb
zH)f&iYsT5ZJ7+P(Yr>)lrV0r7u=YcUU|nUYVo&Gc71)38H{$bdJZ`7rWd{R~q-no|
zEaSU>wMs1K6G|U}B1r+lRU_!=^K-*$_q+uOwrJ3MVP0#{mi4owbfp)6n6|onFfk~;
zt8&Rp2Njhn`)GdY(Is#l(SRp2mfHT4bmS+n0()ed4-pkn`;X=;9MB|c4)eb+Pf^W^
zsO+W{McE21F#*ZioSh14-uxUYxU+I{d1)bxz_v>Y$mClpP1>3A!in9RTK%GBhj>^~
zVdv<0>5}=t>A=8nhQg5=RjksKvnM}IG?;?&ukX(ZZQgC9U1hy1YpgY-YQPWU^W6Xp
z^q}20z~UT4)aZn=1fzkw?9SL@ozWh{#D6z=UUQLkOmlroyt4(0UrnSWFOv<CaK;xD
zq#j1IYelN0Gvrk^?Z1}eqM#<5($J0izrhhhVYYq>I@Gje2}F8zxW>;NcVDr)1kJz5
zNuOWZ@B2&pclJ*CE923R-oXa_oDi?|55!?U5EI46KM)mvv1wwWtNwm^j_v>Z-#k!`
z<@oD6oDCHZGm+X&vdaY=^Ey1Zt9R~b0|JEBt~KM58;#b2OD(DI!)F`P3{-`^#UZ%K
zzwk{XOy{Y1edVGknG~#WM-qXt3RM3m!|AyYi(Y*ThT%F(?uAX1ti1+n#vj{Z!j6hP
zEo|fcn~c`NOTR36*(w_SGy2A!w3T#b+-)2d%CjB~wT5L+v4RUY4&8v%Uv?Y*RIp{W
z9{IuCg#OJNLf|GI4qaG$wXXVG*pne8smB_ua<s6&D1ZgZ3-^|E+6O)EwW*tDj-b6)
zY9RN}0m=iAv+(UkatKJ>QeQ8AhKr_WFhjX6hoh5#V48TMw>|1#LnBVp>%e7CF=Q@#
zC93b|*FQtcR7$p`BttD$XMej<I^x;TAI4BxE~KrT`hgnF?Ib!0FF9M2tHhRS^bKfF
z{3BEOpO0SM@Xj81C8rS$YPhq6{37~4UF`)^RtFv4Z@4rU=tSePSUr8cA7~tEv<+K9
z9RZdR03>Ah3^9$l*C*#<*H<-0TaB=`8(;aBX_hiX^a0NyhO%^mMkPg`Zm7<D&Eoe)
z_$C|<{inbrXCWq1Z1sDe4##E|tLD96-DVoMkbWTNIjNMt-Hl=v@ok-UcBWa(IeE3i
zH`Rp?@Y^IKOh)Uph^h++*jpL7{~c-a;a7K3yd24XQJB;7zBc8s3a%94Xso<_!^#(d
z`hS2>jv}2qQPAE&NXYM?EW1pY+XLTj16ED?V{;xb6zgz6l&duPHa&cxFwIxIG0I@f
z=M1Xx>=c@-ug+Y_IbLd(*Mgn`bT`!Zv5SmUN9n7+bg+D!c5(g7hK#O-U=d4jU7601
zoj(5BiP<bx*#zNGxa!_#ZfZ^R=I&mciky^x6goa0@`@K9NBAy>><%lOXM4PG0`?wa
z$&3uJA);U6p5$1)!S3|G?D#3j9LWH-f*5|XWcw!6urC4M3;S=q)T6-_YFyd3!*0PF
zp-;}RGJ|4U5=-6Dy+}`e<Sm`ro42tJ(VVjobU4oTs@2B*wRl5%KlG$htWp1%QVfph
zaa}Rhl~H#7rLB?MUDEQUVnQV*<5Iys(X!>*iJ*TGtd-&JZf4JJQ7~S_75tFFzULc9
z+*rHig56Nkq{#v=H3tA#_T6&gPfwp!OLENJ)x>@JZU;WrEdTKdUf;+Roj^3bZO_5S
z9Vim)2+C!pYqa_|cG2@x$AFh${BaLeV2`;GwXGu+z+wDI;{oqh4%}?}5g9Z(Y1{LD
zCUYw{F4w{@KbP?iqmah0%4k1thS4e232!z;;-7X15MxLGZ6$H;(Nxu*&}rkmPe)#I
z$Vbj9`O5YJiYHcAdvPuOC+QoP1VQSCL(1jS+R|@!JcWaV_%iwte0TwClSW_G6Q
zH7WZe#JQO`*A7-nh7d&fBD4)O7R9umUL{z_atuqd?%2g9iSJBFn}70JJJW;G%tvd#
zPDTpkMyC+(ko+{(@du#$GwsiuWC)$8=jC;>jNV-8P?SxYxrY4b%(Lk0f%E^$z8KmE
zp?TH!qz8Alu7>Mw$MbmKls0W@Dgd_tdnW&ystnl~yOcMImkR#7(7BnqfpYynQ4yKM
zMAA;JB2+VhZD-ZJ{=mw_mX6`Xx#hu?S4<VB1HU}rnK<A5ZxZU6LN>+t{WX`_dSwO&
zlYUlRq_iiHSJh==jM|gaGF+ILH@n{WHr5GWoRIs2RRuqN>b=Ei`q26teWF1Du2*NZ
zOynbx53w_Bh?}`C{MTOo=2AIP8IdcSNi=Y7CpX`It=;dHcvjVwz{zhKpYoHl=W^VW
z!W3SIhR;4XDnXkCeY4rr>?~;>3PozC8mCy+WR`ZJp$8cO7rg1-G7o;;E?%BzF6?`c
zRYSOl&D+lvk?O@wG_p;lzb^FpziQIpI_><NBNaG*JlmMy{s8qezQt^<j)*ZPM6+#z
z@8Dt4^#e4hlse!h?9j}9s1CM<5dJurTVf}^82qKtiDN29VLGv?_8n(+TK~zdXR@qr
zE1k~GQ!^e6SLZ98einQB38-mfdS4n0O*=@;;>PVwH68g@1gxnu(<C-Gg^VRaqS8@o
z@&CM&ucYh<n|Aqgk9(wf8xQ$9RDWB0k<F%cPm|2fyM}wp!ra|vVZ6#;=^3*(?mUIP
zvcpzG0m9b1nZ?c4veti?n`*;m^MiGmvDOIP2!mRdEmm%LZ3O(=FK${jvmaJB=QM!H
z^*-h$rv;jW(aAN--Y#psp251-Yt0U=OZy^3Q~gyetNs^j**BVLIx)4K4A^lxjPm{7
zTveo*I-6I^Cf4dQd0+|ZN{(O~$XL6+LpU4G@5gwDMqXXqNx%lr!ro1!;$mP+94TRB
z-16g@icW@(gZ(D-pd(E-s{HZu4bmMujq&?%R(j3NqmN096`7CS&siHWD4_OB1HAUe
zsGY%(oWx-2fPl8xYx6AI$fj@?Ig6M?b)gq%OPb#22u_;Fq70q^{{Ekv2+hm<T#5}&
z`4J4?9c!4=G!qe~9;y^*&5Lk>%(T&;cF9c(3!mgJF1>{V-)gbbsjZEbA9E+TvhXlj
zG=Cf>W~#I#OmOw)XKwg1ToAyyhF-hiAUhDf=Qh_o2`Ts;ol-lw2ReTcf}v{jYRFXD
zjXB#_;$KRrW;%!Yo{DrVm{s0fF!{dBwk{WnG_Kn13?JR-4C696-c%LNUxYS&L3CTZ
zW3EU~^C%o74)^9RowXQQPE?&ax=6KBCy`H{{WWDhwVeYZ8pY&hX95oT$P}uA)nQgQ
zDIQ#~!m#DaQOX{r8uzzRyKh)z@xgrhxC>4jVx88Sj7jmOr7}Lr&y)Fa9=(N!P*`W$
zK5Wb^IHDIxr}+uaJ{$eX@wHwz2^nRz`!}rJ_6b*c+sH5O*8(}>Eltx=|KvsRedB<E
zvZ|Cqm-$T=YGG0S&f!%OcU7KdI==!T7Y3J=Ur)*-@d`j57sLPWZvogREy@eac=6wO
zsM;7Gt^uEr{;<33?l3V=U*`?#I8$n>cxK(TZM`N_s8)%AdR6`+c9$!Fpw;|V(Yo0G
zivtLz_|$qXS<ZrsFV9ArqNS5QvPm4xz#z)$*=#J|cr8TK8C|p5np$<$1@m>o+Bg?{
z%t%M)&ENE(Vu&}o31F_26A1G5apu^9)$Y9Mg`L^#uq<l1%vUrn(P2+@P#&GB_!CKf
zu`c(Pz3aMBe1a79`iHw^-o6p^R9(}ek+MS9>Uv^g-nLu*ycAOBF!RiGlCbx3&IuB_
zEb^YRl69Xzx~S!bn($h+Y<+>r--+ySs4wqbT!e>PnpcYoTmKwXsEq(`1sWbHnibZF
z!X^eFzJn00-G;z#5~=fvn})e?R9HouA4H10Vh@U7PJ`ineBqn1ZXIe-5a}M!?q%-P
zsnlg{PL~IXcJ-|4EMAA|kQ_1rz*(^p?wVly7CzK)-ETEm*LNWb;}Ln)a*`>h9#<8u
zS^kH$*`<q5-5b&a1_jhom8%Lh!-n3C+VH}u9!Yd|e`w#TD(v;~vPS&o=|H(sPd$~{
z{!5;9+{FX{cZQs;%ZSya!*Xe|1P3Gdi%`PYd3Wyc{N=i6hS}uv;8XoM-eCtswl+;P
z`4~3DdjBr#AG~RP4ya7dG^Ol)Uo%*Vw_*nD@Ru>&^uC9_X=^#XOIg*d*^7hz^tGc2
zd7H$Uis=@W;m)xe8Phv@=}+M`IySMP9mS#`n)ep*ZEX6pee$&1&h^7Ha1Nu$INNf+
z<vhKYZeiwec_5mp{#y*ehC_WclI~7Cd^-vky>=x-OuX08(0p^-Tc)(d@3XR;=*(I^
zUj_#UhgvxEB*v?{mA1O_<(6em4q;EfM}Bp!b2o!taYgXmyk_aCChCl$JxnlE5zaj?
zkc;mn64~#w)2?k!`H!ZSI^Gh;#|Zo0ZR?a?t9@8$Eoxx2`GtOk@;TIuPOLEKq74Nf
zCho+_fw}h#IwaN3TUr<1*$L+@pk?cngWt>Zyysa>m5b3ZyJw}2wBGFQ{=!}AW8Nnw
zG@+5CVnu&7O6@z@XnFPKg0Cg$<i1zQ<1OXYZEapUkKz1Oh1tKpq=YnEDFcJaY+R||
z`d$kfJg#m}&tRiySKQR<pgyy&cvoj%34cq;R3;Lta_2<H2yA<sV<J1TD%bMzjjh#t
z|MW?Il1))T&gb!9@Z~TR56_wFU2!8dr&wd^<Vw+WPNXo@F5O!w-TR{=`F2B)O`Y#_
z3z1#X7*~s>4)mA)2s1xpeVx_Df%JiIMj5u7TV@V1yO^O1N?#)`5`4=jXLoD?YWlKY
z6tn75J+pT)a#2={4|LC{L=STx@!&9{(f27my`8VV$q&4jTAiRpebIot?4!Y3UyG3<
z;M66cYZmP{I~}*jDUP7=v*HVk*Khq$;wVAU|DjLOY#|$8<L@qcStD3%sgbaz!WkA(
zvCp2Cwvj~cQC#L$T6L4qt99^60@kl-lmD*KbE)G;F$7|F*<Z5>(J^3te@gl^|J-`B
zVz2#LOWmzC0=?1MpuOLX03*0x-f^$;HZ3^@$fRR_lS+4QK2Y`ouH(L(mwQ?l!~N`$
zd+cQU3i(_^40$)|PzIEFyY#!@WsuJQ@>ozd-F&s9^#m#zp-h0Te$q8&r$#eJPiR-A
zLnNr^;vK&f7Ewz&T}chJ3c`}Lprp?pKRnMB)Nv5>zMmXCwD&&4%V#6pv%4%7@8I@d
z^t{)o<L1*G9e@2n@cPF{LZB3*O{gFA6ezrzBO*#A@^Us_VYTO{oiSLfKxvlN77n9h
z^|7J#zV$7ieA!9G09{d1b-3KTmq888!_V>BJ$v?ss@19aGsN*<%Ccq3`tv5#s8H&#
z3iX|pzx%ml57w1q8j-CV2-$ys<*{#PH|XWtf7>pW=3{d$064F3VjZb(<I;845wQ1Z
ztK98YIjjq5iOeS<R@G3fE2l(tawG~jwZJF+&BEPs$|k(xt|>#H+$bp*H)`4XMO9DN
zIBib+>TUb=zR72i<!mz1iz$Z}X$kKIsrjKm^4e~12IAoVrX7kOcDYQ-Df!b!RC7ec
z>pIx~<#4`$Fiu!))6fD$XswdNIMDO{D|q<;qxa3o!H1;0Sqp0tKM^7BUr&z4e9lsF
z>Us=qdhJM!#W*i{?i4O(1SL){%_APi>DhM0z?(ZCk>=mEj0dh>tS;1E0i!B58yrvQ
zp0Mq%)Lf^X6ze7IC;fuGA&RGR$Eq{JwG@C3yoF#pF2HnLSIDQZ?fI&cd*0@Gz-8h}
z{}bj^0h6C+9o7+BX*vy&n#TSuEBWDKy|?py%>>t)d#>M;Y(L${>NYs*+p*)>AiZza
zLl%cWlRy{$x2?4j_Jpmj{!rW@84qDZH;bhi5mt&xjJN#yWAT0CQA}i&A(<am|C2CR
zX=!MS9`w_=Vuf+Z+g)rAP1^MB&j!BNcc;-lY&hS1V^=0`Drz{Ta3!jbYQo{T5%^lp
zV1ct&o8zU}YtaAd@~n1ZxKxq17~?fbs)Po2i7YAYVWL5qMwTK1>`v-&DCbYRsqDm8
zT<H(HEQ?<p48xMt6iTD(JMTxrhr1p~T0)TS>XPVf{Lr?Is1wPnWm6#UNZfWNHNEaT
zrvDCw+LX!$fvuo3g08jOd8IPBn3Q-5EJb5(_V|(gO?kJI6FxV6oj;ZU<S|&QE&#WF
z3^NB4K?<b;z)Gf;$!)#pwDyhfcB(_><HtRjfo5Lt-=oCHH$i>PkzQP8SXVP0mzUEI
zSGU0r45n;px5FKQhFcx?!FUL^8R6{(d3Rszs+R=dzH;0?2S5$p6DNOdaMxEc=-#-$
z%e6zOI+FJrF&eUI%>2txC`G!4ImpW+L6d{H$hKLIWs#>y|M7W!u6_Kx$iiEYH7{a>
z!vMeS-+ZSAm>xX6Qa}L(i+EmptZhk#keJ62C~#M%TKY;v-K8@aG%-<2hEscQa}_!!
zrhF1UvIyb-xbhUS8xoEo-l^`tu6xm=NU+T*=pl*R&iz0L*Cl*J{n{ig3dqK1ectH;
zGq3h>DwIftB08(gl+bD46}2-oNJLGmR|sD{JP9Q=;IavMKHHc*F!>8|I>Mjoy0=h1
z_Ohjh`_TA+_@sT`e%V}Mc(>z$l=#{t7J~$_sr6)iwL|pVtKk(F;ytiRtATgF>#~Q%
z$;MQ7-u%h@5X)P50|?Dne>E=aU{T#eZSU$$-ApI<{#9|j*`X^A-btG|27*|IV`Zi*
zv$d37RGRKEvv8m6Q>)5~BBtoB4NoVIaAzlZH~d$eoNWPc$^0Y0wBLJiBBkED)A4$^
zY>nHEiKT?hezIMR_Q@jrVb<klp80G;$W!`<Bv;zBGhy^}D_6n{acO~Zb$M$1qBhx^
z0;+IO;Z|yEWXYjS)^S@K3%sL_W!23Uv7DmnIcyYEGqjc6bg~*$5&pxdk(c#wmB4HF
z2drz4P=izP@hH{5Or-iq_TX9Y0Vm4gjGRCn-ezT66JRP4v+UVWo_`I33OQ{wO%RQ#
zpr)2;PesR~c$NJ>M7)Dvru+9joZU3pwrx$eZQFKDw(Xg0Om<DS?e1**uBUU(_w##R
z`!Bez_vTt_@05{*XrY{W%M>I6d+Y4X=jC_~0)hFu!DpQ|9-l(a)^FUYf;tIKGn1EC
zUz9y<YsqwUqtGtm-k(iXlIO>;rR5Fsmp3$aHc<)lcF651s%Q?q!F(46fa9iXxDQrp
zOr%l)$HHL7_&b*b^{MunV$8gPD<RU7ltB(x%NtA34Su(v(m%^~CJ^1knX~EZ(;*(|
zz{~k<-xmnZVAr4bN_>~a{bWtuB;p-V9BMj6;O6>yKvQcxnHUQ83gN;P5@sB_A-=$>
zwVB%`Xp;He&lT6{p8+O{(MHse*id#OabH{qam--n_xAaXjJEX=gsz6}Zaz^h2xg|)
zc4=aZVKJHr6!ODSOlXB?TpfXQtabo7+)(YJ74=~)L^J*uW`F`ZnnSOVuZD~Bd3JL2
zIxYRjIMRd^5wZig_f7%jRA6IO16x`mv1KwC)_!|WDbaUX>bt@8h3a)IQ@QABs;OIl
z%dIBB&3)<p@Jscf5>8dk)K+DtRz83-6BTvWy&uaQHehuN$|@~ZYIG!D+h}5IU(Z`3
zOdoqWNuDKG<$Uoe|1%)P!xt?B_AmB{mfkyB*shf4KW2ae>}p^ne>GK?pXF-WqOVDs
zvRUr<uEb)cBH$=<wza!;^0Z7KprR+aPGwEhwjP|*Ok3YJ&li`%fe9sJp!LHQBt`0m
zb9r%q0PdL|XAv7S73Si+^|>)yO4Cc~g*AMIVzyvxMAJ7!Yq7`1+NWo@EOzUC6)Xkq
zpMC@ieulYD`SQ6W4<X>>bTO0JIyIz&U(fzJ%Y9?dS6_{`Htt>4o#Q&IrUrE_j+O{6
zh4X88x--|f=nN7kvzeYSz3oDjLrPKM5G_diO~uOKOnUFbW57ace<1GBp0QdjVsG(c
z1zwFJfPXU;^G)z39sObJa}p|BC0a1(=wCEn&M+Y^R1I-$xm3Id*ut7P);f`WoJGQp
zBy$Ae(K$81f62hvbqUT3fRwVujtwi0rtO>S20GN_5XAI+TDMoZS)@2prVF3jBFOy1
z5K4!R-iP+3n@eSFMDK}D9k0yyH2OHK(*GT^QxaRi#njpto`_p#Cv8jWb~S#!^3CJ@
zB$-pe?np%5`uApoELbvTg@uS460l{QGMun*oe=(G?Dx8W7e{uYJAMTZ59`f2uV?_?
zVB_?1Q}vdcU&W4K$WLDz52wI)mi?s6)VLCqScjUj>sPbYUl&Oy6!LJBgLbhm?>grC
zB|~g<);T96tSJN~Sr-%i>#>;mpJT~xZ?qp|0`2KEX(s<6hc93^;}-z4x2}9aulHy{
zj=@P$<6m1@7fv5BUO>&9V><C8fm1wrwug)aYimAGF)M#wnQ({ctK^*^{DxWPadAcm
zA)`AW?AK1ocJR95#}MzdhUn00czfKXO+ghid4IWqe5u`%9o6JvwX!L&OP}#e8mmf}
zls)}%eK4<meI&r|-CYxKw-iPG4?;cS5P1Be=V#VI2z(gVxJOMhYYEKW#%&Zm5p&m#
zS-=eCFHRdQT90G9!1;o@uJgb;zIN;;hh?&fzBJaTits*(x_S7~T^v|2ozm*r=uW7m
zSoBI>Ie*4o+@R<yn*T&OjaMI<^@@4b@)u*Mp1ZrKS(~Madry=NVzFYIXQ@rTy%G>A
z({$x8f2j!X!W!%UqYn(Z1CJB^EaX&Pf@govi~Kg^X74CaO7dO8o^-a3t@Le+*Y^Rg
zfv!pMF#7x3O-*|3tNVMDwlzicO0fwGH;rTpBifFlEKcoOtx@DF>l5>{G2{ENo5V*_
z48i$mb_#ABg?24wH@m@%aK^fiLLLDRaAs+>Y)^FvSC_Xm8I%DeB0J5T3@itsY!P;a
z2;5g^`5D-`6~Otm=AEb28|Yk_y3oeoD;WRqa=7$A@S#&xQ+z#G)?SamgH@P$@-S3M
zL~@=)S)|pd14UGrXKa**yN7N?_rrTO+-+R$#FOoTw;X^XhO{>9@lEgCSbfs3j!O)l
zwq4hsR|6PlIcMcwah}L;N60_G2b4~GU{ac1lV`2<rhZ{Alzw{fRt@#uL$C<b=OBPj
z^ZESTO-3Ajr{b4}{YPN*201jfK+YxyeA~ht`iRwW7Uvj0$<Q9k5Ps^9W}b#>DV66r
znG8)SK;={FQi3?3Xlf@JO;etK4y%crJ(XBn^Y-&<j$FpXOq_Y3$i9aIyOj&l^R9mZ
zRyvYRc?^q}eAY(YDk|dr6oqP=f#MujSRb|kNC7edM**6PN{^J0TRKB<b~^R^|D*s8
z9U^v5)7Fy0M<jUxw->Kdswvm_`s}W)YVB^AfkBQ{P;SVhuQkJq)lED}QSa^Kn+JD$
zHEs?Ie$^|q{xn!LebFW}*E3zEyvGG<9#EWoJRgOJEz@wktdutW(F~;~`H<Xu<{Qc%
zq)pVc;!?^de+mcC=m!jVn7tSljNf<nL-qK1%Ll07|D|e?6P`V(oNF2rKTje{AGQ)&
zR#~dB+v{*j<wo!W(sM7Xs?l~&-e;?|8Rq#_wJ-UMm7t4LsMFVY&mKjG0axGUAg-#a
zTQlcc-_Fd_0;d@$iCmd&13`d4O9agroE-ekM+@n^XCyzKtE=e|_2u1;5c=y_!9vq6
zzNZtG6A<<IdbuWH%NaywS5GVYaq<ip|CbZoU~~8?XtgJwu#w&e54KE2H?jd+K8-a8
z7j;OHcE}nro3HyMGWt3?C$m)z4zO6_1f0Pc`8Q+V-n^^YxxVODIX4&9Lx%VLg9F0Z
z*}f6SMd&ZO;Q>mm&}WRky;ez{3!rNbIP`5kpSPFp*E3>ZWtcz9l4ggXkEC@b;`e^g
z`NXMOo<%J^3;9RY5t#iw;{H5Vjl;Z0!1KeQhZfron^q+ND3_;O+=(8$Fx0}jH2}xC
zTe#P}@KU&579o|GB6Rd!s^oQ_rin*<Q4_%$%1Pl38Yc`&<Z8R;vn@*QOU6YvXU}Cv
zs~+OUwH&?kC7X6{0JE^J<K3pwcaf5@xNJ5r-9m$dR854XDw+r@d!iIi-2DEqC-S?_
z?X<LOn)A|YJfHk^P0``Ky$7-LA2#<(NvDFDEq;pBebU4Kd9_(8{2S$MtdQ#iV~%Kw
zbZ@MFBuPUxh1T2p_CbsN=BElHOMLS}xuwal@ZHl4)Oqb>RP8N{$4LQ+NO$8njy`(G
zc>Eu&u>na=v-zFhI||dZcek6AGOus10-igTI(lKHWJ<;T1fulcIw*#xCQP|Pbzcl3
zS@zMQ8dPaSSjU$_T?FyWwMX+2sZ}-$idR$9e{%mzKYTIbN$h_urkM<O#!D6W1<vRB
zFhXlx5lUzXjf)8QFA^~hbEwjJTMm~FOUg7_ZnN`j{DC(cYFBM$Q9n{~gd1`3QNNan
zx>=I(6E8ahJO)$80aq0^pU9h@se<5~=zkSvE`JRTPT*LZ<ciN~g!9j(NxNPe_zrRh
za5zY$vDF6k<5Rbe2}g?3`T0;2Jsr;0iZEohd$m;P`qvc{OkD2&n)w4DVXd*kx%1@X
z%VR>RHwA2`t9kWImrVg^Jm}5;DV`vKi*T+U<}#HJS49++-2xmKa#0x797JdBYfTQL
zzL#BU#vNdwJ?DsVo7r<BPe&>iLOCdoXpsiXZA!l{D(PQ@tDMQdTotzIa&;g3wOqj?
zWj*phSthAflG<Un?gLGDy}DG|WIphTfa|(1YSomn376OEh~*ru_Z71vbiMnwg3ex1
zuZQmL?eCI|g1%>SJ@dQAY`5NQs$k^*{b+tLRt+SD<trNC=>cZp^jOtjwiT=+SN}}h
z*6<pd`Ha$FGMX$ED6N|ey2LzlyAHzgh(X`06_-}0TrFp(zngo3JbQ*!()BSQCa0~e
zQ|NtNEMMzjTbc*p8+7exXkfR+svOVkuVPlk%6wu0ze^{pEZl=JdnWc;|9lAutu8)j
z!z*~E&UJi%>|=2j$w*Yrr|4>G=x}=e$)fJQHD9ZGHj}04Vi+Q(BPVeIXA39YLh4)3
z!(Ei(3`g@EzpDO8n72xXMNYRUw6!1em<msbp~A%0-&d^0c?nw%#Lbr6^eQT<68N<b
z1#(LXHHX_YYb*mk4E=`TC2$}0%8ZBezI$}pzwR)rMyaKgnl$iH*yFFSpku7Wg5!n+
z|MU$eO4mk!+|xCQUCK<piM+%7JgN14D4!-DvN<k2JVY$8sLOhk@%dW~yuv1+`W#z%
zaR3HZg_XB3Dec-kh>&ig3oxPh`Hbf|x}^=0+kgHjt%YC2MrA*^?Y_+LljuA?T^TMd
znMlcNyKkz%`7jwGD55ZB`bVAfv$q5eFJPvu%v7NyS@7MQ#+xZO(#=^Wl2rwRo7M?y
z>PUpyY~)0idb|KyVaU}_n`c2w#sA@SqR`cz-XOcu)Jj_tr|o(JbEt4FKm2t~K-HtJ
zqoMqy^rMO1!p>z{*Dlvw?PmL;>-{Of{qXs?OroNp^`v-SFcj51lGT~fu4K99iZN)k
zEwNckm#nvr<BQg}xzm2wAi*kqBYY^$Kjz-0Ee{BA+nKSLC+&F4m2_W>*4m7@k8XQ(
zRFIQ<W39!OiTAUAKka$1Ow4!&%sHMLse4aLk(xZ#*b80i>dKn~Jzf@mYp}5|R+g)d
z*?VkEQgu84Hrnpoq&p&BfS_l8BNHvGZLU7DN8#UEj!(t9qkeDvTO;Lvu!XMFz0rRH
zLrY)v=@_4YgpXU`@^OH6)S9^Y<o+q!Aqu*`#(`p*AY{D|$|+Q1>UDHuf8LW7{`kh-
zQm*oZPcOaLj#Iw9uikE2Xno^3bN%qM7*8VC8cm^63K@_EBSXgMH3sJx9`)k!zj}~G
z;s9gCwQ%qFxpsM?_;6~ls8*}r^#s=mdDzAUXm#SYQ;=@0h|$+@G{f#pVdgM8{K%pE
znz5v7%I>KMxn8|<1s@}_I$jJc?EMZZjksS=*18lvLwe4H`%9!IgTqU{Bx<EAYfJe)
zFDJh>ShU1K+Not)TflC=5(gNSr<F{afcj_$4<jQoTcI5nlnF;hvg+int99auMsh#k
zv38+p(bwC(>_9uHv8Dx?u^+y8SF2+qkpO**4YNV8Mry8JBs{CLxyHn>a3mQsubmlS
zyOW22<eoNY*^Jk=mzUAh<zR5M4*mxN!hpu=Se34ww$x0N&Q0_WVuk&<rS=IJ`C)C4
zK8gEd=z-G3>taAY`IO10$@^(uVyZrCZ6-{{zh+ASrqZ1)GO+omp;7z3z7;GHw;b5<
z1Ix^)GcX|J*Hfi6g4Y8sdh^9T*9uTeCdrgX+^zA`cV{j3<cWX}I0nzDPyAb12IE{X
z;l5emvwu`4GvEJuHavUY*ujDf#fGpQ<6TPFhk;wU#sLnR!B6A5c!)xu5B{_s7mH%b
z+z_|-YVo{>Yc0U+*~HBa^~%aBpp^6L+8<qbSiT3`xM?>9t3PzBY}os^ofMZ!rov@i
z`}o)Q292TWX8!z|YPrw+$nL^j=ef4G2As`VpV{(=``@~IgB}wI+*=zn#+%#j$Hdv|
z7r*Dr>B`c}v}xqf3SJB(i&)IsujZ-3dOW2kiwImh&Q^696h7pWqHx{FrN}TNmp_tw
z)VT>`js@_pzV*C>ME?BOdWVQXDrhfB3l&1&@V2AaC<P1~0@+~Glid17hs+ulsdqCX
zOQK&dr*{@XH;J@!=nA7Up&Pgl$RtPeY5WFr<_0EGmnEleovHBbintT&wY@GERtW;g
zQ2fYnymn<BbKap9vOb<(fwckshpP7949+2iHc(*qvV?vu%*Z+SdtD!FM-RqzKc2#K
z3a<HFefU+R8TNgHw;(ht(p~B|E7AeRGh}zG1|)J+LD06;{hf*vXK3{#m4QPxt4%}q
zo4Zr^jF$=2o~~WENt~9u&)wuQe~)BjhE_1Bwc-}I9@${KJ1PuLV`O@4@!el(D;&02
z=f!7X{X6i76wM4VNO~Esjr}p6Scdcg9mNKeld%~3zKVq%$ETocT#d1uc%==69KEa}
zOs+WO(D<30{y~$+%Ent+g>PpUiiG|okx46~ya-0_rLmH6;^ATy@UmS}F_!g<-GBv|
z>C0BWLl|pllOn#o2Y3M4KX``Ep%YQAJqMXfL!2x`%2r}T5%g0b^HPbmxP>3?U(bfb
zi(B4!4BXR_O{^KP_H67vdH7#tSB7pwz++6k!kl>;T+i}QA5lx=2|avx{Y}hC?n4ui
zuS%^S^?8?__gRiB9X9^B?G5q&_Kv<I<Oe;}VC=sB>@3*t<R)qRRgu(7@Pn-r@bdw$
zuhkgj@Rv5GfI8jukY3ecTDKEb6)AZRaP7kVz98wcBj>}~?ye)i{^RiGDlUdEM^EBU
zivgs#ufuflT3q%UVZ4|DaJ;@R{j<A}|1q!u$?d|Wqsl!Y%miQgM{rGLntbVQe`$*7
z8c<tA<#zGbd;}*|+KQjd<8C$!hZ6}Us)J5qlcGU;N>Lir+fSP;Ee^T+rU8(%U_jrP
z?V9y(AfKy3oJZZkwXVK}XRf+}y&dN&%BS2GQZlBboh3QXP(OL*<j}<ONwdA}-ew$x
zAN-*ABF1y+Oq+}vgR5Lpjh(jQ_j0h%uyHx<|9x}PBPUwx`)7CN;B7sw>ynzWc5#*v
z+iF@|0xIuespm|CK``Kqw!RfXxW}37Mzg6T#g{xpF3gu)6{bhn;-{jKsNl<YwFDfI
z#+zL0Z8Lfn)`y2rz2&s`&9>}e#`I+_4Kff0YqTl*>^Gk+Jej$Cf^H!J+%n+FQyv%4
z6W4<OZ?vi)`PYFw?OB*`*FZr#cqE@ZX8nspLpm+gx`3`pfj_<VXVxzp-2}%14)Nl-
zf=b)(fQKYL5h|XXe4YL%)kVl08AH=wwY@NNurY0o`K{-hV~(GKf)=$ZJ$CjWs&4Ey
zD7GYqBz54(Sa=)h;0hWB_-*%s26eEAaK(GymbsdDTXnjGG`a%y+NmSxFv%kKK^C`e
zOsa2MFYq@vmv3<w(ltB1?ah~t4!T+SFceribwt+LHxIa(-bbF#PDy)zdIA|f2EcQ3
z*#n0K*!)ypvsZrspH4e!bKzW{xTPmf8REM%A~$%Pip!IMxx0N|L%!=T|1gzr!H_nZ
z!7y&-k|P@TX$`xNt{%kA*7h16GTY`EePp_RC!xPja!fx>TJFxTru79p;k!f8GhS|C
zF2dqVfCC3_>?dpavIyO;nc7ziKJuH}^AmRn@q~ENHM8Ehr2ZjP50D0>-W06>Q)@Ej
zr16DZL8NxCgMC}f5PRx8|El8R$ne$9JPGbAjsAu@+S13<(7x3*{;Sush3ZE+Hz6%V
z&kVNzTuv1Ztk3B)rV^kR;P-Mnz!oF)su_h~#}1uK3>}6YAIhA4`^Mjihq+C$CTYQK
z)&avS8Lir{5?TKuly;zDW-H`f1Fb36lIQ!Yqmr8Gj+S+~_7k7<+lTtyE-k;^k$vFR
z-v=n^Y&<?5rS0n_L0GZ*fX6)-a8e>*&?M3w-;DHwdk2LEig!(V-f6(L>4-*kKNwpp
zN@4BLuRtg|eyeXYQq9O|j}^6DT&$-L+wZ6ytj{l_xO(I|vb9;{5nzvb$7cxCe}^45
zCq8nA^51*=07y;i@04CcEK;-YT#c?PqDf$pwL#rKAQOy5tQ}LqhIGTe(IIybqgDbW
zBFT8$yamRuT;0EE7Bs95gZmsTA+U=mMdcnNlU<<=RKTxL8W#2K;1z<+VMMG>bdo`j
za*D<Iaew|;Or0QG5$*jl!*G%x<pjJB!shz#9OHw|I3qu)D_;E+uw=O*w@ld3mm1q(
zt*5(XdCvoHVB)$CRLxoB;!&F~Pjvcgf1NS;iI4;Q48z<WuyE*#nNaMr=2oQE^yaPk
zoj>advd<PIC~JlU(=!wW8;_o2hhjDTGupj~j&Gtr$F=4^w;6mHd5;a-(W77kJz(mD
zbi7y~Wf!LurC1!d%L+#mY9sc?Vj*!gII<W0G<saSKT8^FZUFAZM|a0EZiA*{tr5yM
zQ^|}ye$L*ntj>>Z+pSj{Uwiov?CLG+#SI$;R49(n#c$x8MF7cor#Ojw4;~JJOqUk#
zZlOb@;<1rD(>6sJmisZ@we>7WD$-D^i$)O7azD%=duO-DX|Zj~V69keS&09P1~#ys
zmR_kQ?K6Bi54X)6Mo!)6oF?*|cP{82V9miY;mI)0qGoW_6k4k9EfEyQv3YY)%xPrn
z!KTyA%8HR4sM8WUC6ll7p1tQ4_vmFe<wL-`RB2}LzJI>5@wx7O{#WPBn<2HBqk(Jn
zopC=9VtXsVnaxY^W+GXmCTJ@vCdrxZ>h@<63rHWr_;)7kTeE~6NLxC~gDxUVCYkW#
zJI{rqZjTdlKb<|n7OuVRyo{9wf&6^K##N{3CO?%Vz!TKlUjFLx?2V+x(|S(i0D^Ci
zmNW(_L}5kLH8ZXE0RF@eEAm=CDDT-n5QJP4?F}S_n#VWGKmvHIVZ%a3`kdg{&?M~3
zkF23&{JLx<|Gr4Da;~9*Vjn9jwJDX>tZ-zbpOMk$%Pdv_YsfJE^);z&`rianRVb2C
zP(i;eFgFgQm|ZKSa)2K=C@C9TjsqTp4;PW3$Nc(m+7E*5<d=${*2GSNoTWt7x9G){
zTsWQ5Qjb);=yM>D&gm?q+^6n}>=IoGi<O8h&Rg*=pEc59xF8vnl*%;U{t0SuwzcLF
z^GN<d!E*J1U#D^Q6MAV7Y3j+1@~nD{li%m?^ZM@-Wz7h8K7yJ4KsXgoK-@BhL2dWi
z242*%8fdnNa&b|+uXQO+)@%QjZr7oWJy0`w{pF#%+g_JN+vPYg)9P%euO);s@13tQ
zRN!_-=hCiGQxk)H;n$gNN<?iMXtP^NOyLLDaiR?Xa0lDx_gX0;=Vn$u9b^8^-bUx8
z;iD6bKL>V^o;y$H7*_KZfbLoSS*%m*g=f*tcC*JrsZ^;J;kEg1P=1BwCd@C&`1YaX
zPaYPs?il@kratn{&Gx&M8i<%1^ozzgyh~S$hGvgT#5doA8P=6m?B=&Pf6`24q41`6
z5VoHkqPRYvI`W(y_@f5#6N12(*BV-f!PM7Vl@4H-eTI#d-`woNYj&+5?|oQR0*Q)$
z$43ITffoF(yL88$?UAECu6{s@0Hy|6njsoj>Fe5EOV}yTzCy@)Se`f_s>z~U>211m
z77guXd+hMI$9nbi(I;C6?@`n`O<gN7$?7^o@`TlL1`#^4m&Rv_sG+=q3-_=u<!@nV
zE#+Z>(T&^ffttQ%qT%rc%bbxIn*4||ZDE-rot_0j`Z7W}1RH9<&FCB;%1XU=Fet>J
zP-twLYVCdnX>VW@2!OyRtOhxiMfqQ3UjFQ*!^{Dh3=cq@?jf+yME6Y&zO(M<IR18}
zc1mw5iCB^Xwr!a;_MK_QR5X;o`g-s8JCP2_1Je+t%Bn^<BSQRo6@eV&XahkXI3884
zaM6RNY<25iY~@z#YcBYfaFKHxw)dw%dUZMQ<}JzUp!U%8z+_Tl8w4E(?|2y_fm*>k
z<*2GDQn1TaV98<kTc9v+_2|x+vWa3C?8n$-9SInPNH+-`Mn>PkI_a^um3*m;-(_aE
zl8)T?utj#NLo!QOI^7tUsw$5UBSAia%)3Wm_icTccXzHC6-I^)zX%|hJuY-SI!W^x
zJYQs*=FUYZRP&LavKUATf3<zlS#$J<9>W{hWk=rxx?sa<e&yj)i*rfpe*Bgiw&nY-
z{t9WJ_u65aTZyx%XrC<pUocikfQ0A^I6Ri$bnnyRStvPHu?`JdGvda{Vg2S))$y_0
zv^`#I;e6B|z<-wh7Re?kME4fJ#*3LmgukP;gwZR2Sajh2sHkC=t<rkEUVl7c!Q*Yv
zjijcvoJP_K39v=H@=1bS04~9AdleF%BDFdNi}E2aPh8h#me6?4epSjUGF^F4r0t(^
zde>IdKu5!|%RFFVqu|}<0~5efZqxVS*d#dJIbeSF#HXX@B_i1f<1Bmw17u?<bv&SR
z#{`dTsl}w5U*$(pD5@mYeSb))+8aisYl@j6P08Pjdapx&AGtIYuX{o`eYIYm?77}(
z`13ifl$hEGl>_|&HTft|!izoTi(8pIM>+V<K}Q#?Si=d!uXgMoQ-p*Gd4edt@S*#h
z3&4k>EEW+#m*d9*FLtU5`a?&COxFY>o`p~TfaoM+-uyUgOSjd1o!OB${aBPMw||m(
zBg2f|nPo|LjvHj`Y^n>#188T%Bj0=V4glqqZQY^dW0aGK^p2vk4zgdlbMNRWc^M9?
zozL&Ww)ZyXhssAqwP2ODyR;e-d@0Aw&%!q@r%+4w8sP((wPxAZM3M;_O<)8y-Bpm9
z+o#o_G{>&FLF!Bk3($&pMbB{32qS!(8R)$a==t2O(T@(@`fjj&j3|aiPEYx2|BPD<
z|H9rCTHM;tJ@Iof2N*Lw-K0s^`4LET*Mka{23`!D38>7>+;Bm2xqds#l)ZqEonZNI
zOjkt*tHZHt!uO(KL-UR-!QQ9yh)LNfgTBrahs?tFLFK*@Il%FF?JSQTMF@~n`cZ5F
z?#_uA-mfYb8{Y952)?Nj+z>#Ka1zh)`1ppXJuVPbq>F6bE$+EZ*zN9Qi-%FwM*!l5
zm_6!K15yGz2KQ^9QR#d@)14*xdDdWkQOBTfb*mzN>p=YICa~95{W*0s`%xjs&&5JQ
zKAL4`JV)7#)|Fudgs}>Wug8ZC0vyL~xx{?lICl9p#Y{kbNu2Y-a3WK>W4o>NL8(%l
zlKSsHKlx#%vu?FE)|K)|R9o(HVqrx1Oo~Q_!1d=Os=;M`kXy?kZJ22C_kSbitAHha
zhv7LqjMM<mjjU+=Wg`vh2EU{QZ4Sq(WZQX0RM%$u_&Rzwp7aBlU8P*HYv(h_Z-(vh
zD#de*Bso11dogL9iE79Q`MQclJ+nB}sttn6-l#$=zT%cMXFFi6AtetNoc2WidY}C~
zG@I?#lZUV_xU}X|ZPZkB>5cD2xxT_F`8qhgfg>A>y4N3r$-?g;XWYVP81%<jj<&A3
zaNuw_$UyxB5I`6!&`BX<o-wWxyD36HJJOJk)^HQQ{WLNPrIm(tPaW4jIr3biK@xj4
zJy9b3XYRSnxvTry`7$8~5g!#IPn_`Rtk_J9s%4kt%OL>2J{T>6FD*{9$_X>)ZtTin
zSY`gpAP*!U?fV~V_pGxzYj+{Wvo^zV2}vg0j#a|()_7P+$P_-ZsV>lCfil}|tUl+w
zF05_XJ2$(ZYr#TDD@7-+#mZ8zf#LB>jyO-1qsQa<)&k5ck$jU`&KUt*QdPs<-}7Vr
zVLfSQVnc(njj;bop$I6QOyCG#*RLo{udk$T``D$`*(+XF9;Q~c&aT#Tk$P&slq=~Y
zkF&<|#0at8s*u#JyG^EIJnB7?00i8EiXk?3ipOYCJYC?)frnx~KL;;xshvM9D+Z-d
zbryO`7mUdQy8Yha+ruQ&A^Fs}N?8gmRIZozOeNf4fw^w%QUE`z#=6#L@hZ5_xHGsG
zH970aKbXNkMntyqJ=>+pyNAVfo?l_~txpFUVceEUP<=B}LKpDdzM5fk9E}$`Ky*;b
zj(J_0tSTZ>VD9aHDCEc=fgp?>h)Xs)!!Cw9OG(pyQ?wi4+oWpviBcf(E$%y_RU4F+
zNKtWD$nv*@5Z_>H{_jp5xeA>gdudnkI&txCec(1GC8$p!5oWh{A@BI-$t)Eee{^Fz
zH@!Fi$+BK>2&B{gX$cZx8l8U2(IYWP9$_Ut&*_t~tNFLyo*ER%B}&^qg~c;2hDLI_
zft1NUf0@qc_(yIHMJVpyO)f6z`J|IMvuft3S63+O@vxLM=$UZ>LYV?F$6dhN>hCkk
z|A*sMp@Pnkd%#0a4Ie#YmItNy=2ELqob7DNS`=mDfctXXz60jl+SZ&Sq7~SNBbT3Y
zS63~ehMe`JYgi8wU<j_zu2PWV3ZEG+<-mA-wV$q<x>#ABngkvAnf)9mWxX!*h<B<#
za=zO?%6nZc`F#0<@uVQs*aDKM;aY16`LCh84<M?@X(`WIz)4~j&ft_Ic2o((j8#}f
zO;_JEr&#b9oTz3QSSFioC4AcKOGdgcF3PppKDzlkjvR8I{k(9)Hr$1k@>F_h(r+cD
zRX<&4flf-w!Ct3mNh}W7`vJE}hMd;I&pY3NyF~!YYx4=1^y34JvVX#(O>n<K%=g;c
zRPN6*YW(dI9_9x2f4yRb3SvkoJ;&*=n}h4!G{wS(4UTM_i-R7g<f??XOKAXYPU#D5
zmMLPxG9aFVP!(fe@qqBHva!ZMpiv-5QGL|(LSQ84<gA>g2&$cQPKlk_!JpirjH11%
zOnKvIh@0RP)pT4U?dwu>-m#gIi`XaQu84Pr9HNtp?YSR0mfKa(j+_2j<Vz3A$=!xz
zyLqWlb#RgU5jUFP;E34rxM3MT@o|^$aS8CBIBA4o8rNOFm4|gTW6@eP7rf3IuIa04
zxS!edo6N)5yt1^t=1mlUDelqztzbMHbkGYUPrEqs>prU~?8C?lH5HCNM=I?<gwkFD
z#C6n5Vb9lCw==@O+T(9)s9F^50#>gK+~OLFV>I<RulM-9l)VQmsrp+td}}53TB)7t
zj~Jy=ykU)dD1hVjdmqC(AaRuuD5i6@utt7>E4K4ZX4rIuvrc#x#miOoS=4V6nxNc9
z5mG8wFK}LL2$@xE_bm(JnrE;;TgE=thGbH^C*YthEyKTlKoFaElgfObm0|lsEbg=N
zPcW<NuBPV9&ynx>9NgwoTx(f9{v-66<HqF8uy@S=r8a2^qIoWM8yjbTKS!=Sq7-<j
z`5;bY6TBHeM{pgJ_nHMT^o=57@F5V9AArj&ma3Gy>N*!nKaO!7+;QTrPp^P6b3i^e
z?sO4%4U{LsKK%l3MI}+P9)gV91^oT*6kTwuwos_)a7d}Pe!(Gj4&dK@QqHOX)n(Ro
zb=iJCEzW<kojuGQEL(23K5BgD?VBC_sSg-v3%W&e_TY|j`%bx7bj*|lYi4`8p&e{m
zpfn;5IfXfatC!dHb3un2{lj2X07Gq|LStLtHG6I08Fk~2TF(MGFuDJmWu-;Fo=7jy
zZ#%OC`vTw<-K=F|Yc*iIp(4($D1GV7GFiWJ&(Bmz6)ae|Ai4zHxWD$DF|M}^TktES
z5<Sc{)6&a|?~I){+I_-r{NPG%yN-P9Z*ap+owipfje*;~P^{MX-<YJ~+kN)Z=6w+T
zrSDpy`aPxIF<mC&*J@6DWlzs@+>P(9<%BN$t6rJQ6f>I>yi?thVwj~mzTW#sZomr?
z-&IC_ba#_W?Ywv*mAUdJsQW&|6VrEotR~6l7rOFMzho(z<V8KEWbgk~=VF)z$rI{5
zH=quiFRR?_4rJo59=jANA=N%kZt(=}BT~EyA}kcU0t!i==uKv34j@;|;-j-<DZ5>i
z<i@0`v$_d4)|!*9t_{=kH-O&)rA3h#&%xyyGjU;Kj|HD7P+Q{aJ5_eJQ5Q@G!V3?w
z=u@CG%`-7G@58KLF5;Hh_>VJLpOZ7L=%M>rhm-sJ9NWsXcmIkohH*=!Nz<p1wm_9{
z9kIv|MphVVZ@BeB@OK}T^CsWoZ>tj%-Rq>8ga3!{%L{`%tvm9lY<E5ie-eq!^2$qJ
zx_4Mc;qVt8kjNb@=ycvGZYVEb2alG&RQ1uO+<k23iEV+;>y@c&&2Am54$d0HiAe<1
zS6?hm8BtwA4N+`zV&6W1yoC(?tnCXIR!NJ0%)4KrHvL8pfIQ(Uv#^O)ZCp-HzI;KY
ztj7AmE;64~Ta;zJh$*RMjlENxee>{odihY$E=|#JI4N-#qWafhhPcQwlF7OYBkw?U
zjr%TVlVP(0Vonz4e-jx8K_Jf%hw#R|hjS!HA_{NQ-nUd&90<U7#GbV<hWnx9y5H0!
zq(ebYl$XB}lT~SEW^}R_-@DApt8+^C+r4jvS=`wR%6Cc;?~mDM%m-VIKph9sVMR)H
z(^OQiA~_T+^Ij##hPrZde9QqEd5EO#-Y6{Cx9rQQ;)@2}52Buqx5-^k=MKY2(B=sX
z=F%gG%Ck{Cq-_#<1Qpw@>SOhHc|zf2t6SO{8YVKu%4pJSPD45upbrO%0lubmEQHsB
zuZ#`pKEEV5{{Kf2HFR_|sQLY|uQ4=?s?y351z<QfxQZyCK!KfGP_+SQ9u?+3b;i7M
zl0#Fb6DYHPf_NIPFQkGG;J!d3;5dFhZTZw$eQ0k}f~joz>`FhdqLY($*CS;iyx`ny
zxODaqr;YfY9|I>PsA=R;Av1K)-CMzOo&1!)@#-pnhu^B#;KxDr1Xw1h%tQp2=&j7c
zE6)H!{&28hj*fM%zX(fC1qx2jf%ntYVJlvS^tTZ<pFjr7$Ee{TpmPpLD66i(L@YTs
zypu~`>x12lfZg5D(EpNZ{-4WLz_dm*3GyX%85Vk0kHoO<Y~d8{`k5`Z(B6p)JtR5$
z@}lR;<e77O_-Un-%p0XA`&lt$pi-|T9*Hfn<B&wRGGTC`CZq&^2%JaZ6T|gQPHejB
zO!w7Dvb~-?42x@z7p(fWM*JL2!2C@Ggox!zM!p1Z+B#|JBTEdAx0E3RND@y;OAME=
zV%J|vkRGi&7pqh&DO<l5ZCaEM=e8(T#5Cx}EaKJS8LG)cg%3Fo7=5;2d+<LCvi<)L
zB>t;sJD()yKnEQBH(5+HPEFEf$WIfTnxGErkT6-_4@quoT0g(=q8Q~TTc#9gBAq{(
zo<vuM*T_2$v21J$f9&6`b>^IIi4Bf^+OXbjm0M*ac&)O-S5RAhbdN|r9<8lyoe7)!
zI-xuxR-s`EHmxy=DBDj+ImiU<BCh13K0S?v7AaB;>oZEAY^=P|pG}-^0O=>I<kSuy
z@P%hhWM+B%*n?>9y^$%SC=u*t|GEfbxxEA{pw1LlDkjPO`G28<04m)C6(pFG_3{W(
z*lcZG0~*G9Z5uXwEzxb{WhW;*A_6Y>jpYQw%6<pGPxAg_Xe-(bO9m`}$Vy~2fv<)8
zFGnydHJ%Zr!pd9lh<1YHDPL0yAh`LtdIOqG%^QTq$YLU)x#aXg_q!TvN?`An%5I73
z>G<c#0Jxr=m1BEj3?U<FwKL)1swGACVniXJeef`s<_PGjiBOcRA^+k_fZ>;GPri9D
zqjlMEjLV)VNj)(4(x^}`m-5#A()oWL^}~&1W|y2*bmeJNl8m8H)ypMgrg|6(+OlPR
zv?$rnf+f*vCAIWE!GzyM^zNy2ewALSLSn)RFD%uAD5(G`&vrXmF5qD~J5K(RKG*tA
zO0?H>WZV*Z(qgEZHTm|<x5j|W%n8A{v6wD<48?_|=<H<}QHqIW2FqkuV05>+Ywqvp
z4GL<=@DDw)n~R23c@Ao8Fcje{8Y+Tt%@f|N&EkZLg`&;Q%P0tI`km7{JoLN{GTSYV
z|Lf+<EFoqfjs2=G-bgu<jo>dr`{omN3L4^1U7iCM08_am`+EtsqZieYDQ<#syW|=n
zteGSNm&Ka<+SoMJ<fZzaGc)Ajq~1=yRYHvCL`lF0ba=;M-ly|2^Uws&1(~ksI1e`8
zJ4X}Jb>DEvrzPY|505@YOp=Eo2`AD{Vo4)MVuDR|;6s(EJ7jzj-3Fz}yQ(ib#Z<ta
zmY%B^Ts>M<TrcY0XB@2Bun)4L%l!})|E|XTKb+bf77PKmm1JmToNdy!!XmLc1Qpvk
zg=?Afg^x|gr=;Ods(b%Ekh83IvKuFEzaU{MEjDsQ<Chctak9$W6Q|DN^ZQ%T#Ky@V
z3RH4TXA1#KmVNT2vyZKlEL)DJUDB?}T(sh?yz0GkM^d0KLvd*xDmlyk>u|BWtf!sU
z_sR4r-&^+BIM=^k@zVjdV(Nd;CU?%8*TCjFb1o&{B}mF)Ki?7@@O1xX_x%s)<RoVD
zDx{XC+uuGa-5LQ=_$ESnsn~YwsYKtpziJs(VZ${gl>|hvTG0qgBr9I69!sE!j}!5_
zLujjC(AO2BLWcz(E*}0X9rC-fmd6O-D52ygW@27eXmNqa()Q4o_BL#YYsZ=r^p$_o
zgHUWiQl@T@tZ&caS1<UcR2^9Ni#vOSrX~MWXkLUfj3n`>$S3iQv!hV2S+(f6l?$*u
zE#e`(It8)JaB`1xHz*|DA!QHcEb5k1Tu^}hV>ZG+mCy4Qkiwu3DUEDbSR${pB<b(S
zOXr1b%G>0l3sReGN;k9N)^l<(g{u8!hQ-iE3XAZ%YBa0)#$D10lam)jm>8M7CQ(ke
zAj%;UIx$PLDQe6GoDHw07iV<wd_5(E1SZdvLZKq~dxagSaGmn<SAqyKp}GZ#turZD
z{A9j+8F%cZnV8wum(M1e8uu)YFYS|UC}ASz|6YsDw1Yj^PLqHm0t5TWD5@Dc<AIlK
z15*tZ0r!hH$3AsGtVY;^?+-m&R_1?<S_X_QFPJ)#pz!lEq`Dn=ZlriYUmj7N&13U?
z69HI4n_Tgq5D(Z7NjfhkLCf^CJu?r5wBkWd3h{EfM4Mgm{c+6e!?1yO`(d>P+M;mz
zN!MX>@z=ULxN9u7*a})JYlU$Mo08WBgQljqrRuB{ufqSzg66?~&d}U#YW@v`GbJQw
zmX;AG)4OKOo!Zt$-8dDpIPhk~mM>L)y+*HdrDJEj-G$?rg_@w<w}fLSNROv4GayxF
zxV|xh-#Z5zKYNttl+cr<-GRV8i0S_o2zybYl>j2MTJG1)+1X6|dYQW*r!2VV+(*mf
zTR%5`1udDHbw(9winBHpY^1>i52}|gME?Xc?6Fm{T%*j7d@2j!`aV-tIcEwH|MZH}
zDa58h(!X!t9<3ikyb-%m>nOs?3bL}g;et^tVzSYGu*izsc8ZaSCLW<>VKYhu=;pxt
zpeVhRO*;TA#X$vQskqC)&hCm?pTIh^9(WR8DhEhftW1`9EWqRZrV|-^Fm3t~{_`&i
zunrVZ=?5OWS_MR?5-r5e>R*)1o7tLfK}MFgsPyuu*7UYK6$EmkR36;LiEKw`WpfHD
zq7ZxtQjc?JQQY)hiJx7rc>1qC=z4y-JL+sJLOS@xj~As?<ya4WQ$A3*8dC$E)<lLZ
z`%oyfc)YyObgaos9xWWakAd+jV|66rqg>KfEhIa#*mtQv0&}=@YP|6BR_E>(%NkSc
zNXA@whySp>!ikMKH$e~Ri|7$&UL;4LQc#)y4;xvTgefvxr%DW67FAMl|H~Eb7TF1P
zoY;@@@=gFde9IEFI3xkPy#npMza9o1x45$!Yj1ZLAEU6oEjPul0y)>q@?&d9LeB9L
z#Bxda0v1v3)3$$<LrATFM?^j%!(!;fc6Smi1ed{W3Ri!QMg}W(KFFmuO8%%`MwlVH
z9egy};o*Znn_$f+!sWr6ivqOy=vrY*)aqkzgYytm)BY?_>J(bKiWE<l#vFw)qU!3p
z!7YfFxt^Ijvpgjfgbpc}SHVNx6icfaqdG*3qfm>kT01{sc4W}#dk-Hd@*vIEhnBfR
z#Bgj+6wNb>-?(^p9Q~zEHFL?@)USMmJXCf5z-#tG<IggJM}|RqRUXLoHFy5_8}G3q
zzhb6Uz{b!Vie@XUKC|zv70GoP=b2>H9-UyJPg%qU4Q1p(*Z*RNIb^QyGwr`DpuT8&
zZQH$|^Jmr#chW5vj2A6dq_^jnoV;nm#91=jRdCuy@$dY*wntyYjo+EVZ1}|o0kUDf
z+!Ud-({+h2*;n@qEiLP|9ERq738+Pj&q%l#TYKt$9sv7eFX3*L`QNH4mA-D*&PQ{M
z){7Hht8etgS=_S=DGf$EJe%$7g=z-nQMg1W%i>VxK}$GC4Va7s^w{wgRJw!6u)GpY
zv5um})k`7gDVY%lNh*_~Kyi34_5}_}OC&ifu-{@(g78^0a7KrJc96NMS8R>spHExG
zftI2>A=q;D;mVCUL=F6{!75_&|GNcX1X+fi8RI>u)*|(t2t-%xiG3;?xoXvN4RWgb
z9VfSJKIN*B$w5*MbzzW4%s5w>idL~x(o#K<T@GE!lW$a>*{I^MV;=7g7}>a&hob2w
zU{fDdG?zsYyyB4^^Loh6j8zgk&NziMIqBMH?Ze5KUoFGk!^5ET;3lv>Qq-{QLUh|?
zC`dhN4re>LAwlsP1jwX{`TQ0P-3w5Mn1I%xNx0hKirPEl%iWFS+(Ou1#+<k^Jiz&)
zW>cMrC*N?-C`zV2_xUY4Af#|8`Nn^m>IMx#CY*HWVCd6vT*hL6Va$QcIKkyq-RfE{
z?S2m*w;E~U*vnXc1}9M9FSXji7his2so2Ost_Ay1tZNR3n^f=(4<hy_ue$V%r13e0
z-aJcz0o$i79atA8m&C+{l8dztkHDgcc{M+o$i;YqAuF;jL1o9(<;_UY^4UI>xTuii
zZ##M-@Wv>#9c2=i7&JKY`B5$EZ_V&Rf4#yY`CT(L2cp3OfF&wQ!FPAzz2C=8RWW{9
z<k@qB;ou*4o6A77X-i=rD~G*z)zywM7qn@^PQFz6$8VmXS20+`wP+f~#-;yU9^v$3
znh10X1ohKW8$VQK&zzvzjYuJvV$PH+{gDL7AmVuCxryr<a_LX67Ix;t_@2DKC#8~6
zH~WwSAB$@DZmnLlh8<S>=U`{u5X;#beI29Bk10)FJ<T}WS0J2LQrdJxXvYY(7n2)5
zb4e9ScNzo$#%mp9imVChL(CfN!0g;9*Y7>WMw3ra-EP>UnkqTQ#=X(6ZQ#T4p)YYX
z!I>Ov>d$|2wcvqxX<M4+Aa~#m_8w=@$?jdtipmXRm(FrO>$++7%+<_dn8(zodL9?&
zAGkX<LkO*+(lM`q(lCjjA`<wmv&K63#BLG6i`DUOd&Hm$iIbZ^x^Zyg<cNt!$qV_=
z;>HDqZo5i$wl^CxK|sQYiQa=8l2@Nd{0}F3gmI`Sxo{&FG-(00vUp!jr=a0hZR^%%
z4&z{V4e;qERCZSuv^e0vhH3x_b22XF);{g!;lPvUNAb9BT5e9(shCYwHE_h;A~d@g
zO3Kp&(5Qw|AeXr@XmV2?DB<GNonB9&lcgQcv%dc1coL%Fu!B}<+yiSOr2pd=h(ZHX
zFCx=LDeSOIOurGp`iu^&(W^ynCri0pwS{WSTZM(%q6Eqy7n8NxL6iJdtKwkK1w$P-
z2H`1aU_K{-VZdebNGXYINklLw7rw_#!KJ!-tr}S0KRDt<Csy#=JQfZDBzsi(X4i^&
zL<`5^hlU@*)@m9oT-<5_8K6WcWm0hK%w6e;Eb`H=A>Tkh`U~vBL%rP_2=TFA_{i(m
zBXpt}i}?@&ISYi(tfS~DqTDit(o^p=btWTg!<%puO1q0%pq=S_PZBRp2IAZC``3y~
zP{VptAa?yldjq0lmmQ4S-l31p5Hli#WSuXDy-E}|#eQHO+UI~SvzlvSf)OD;iB}=s
zq&OP*%KKm{9m;dMc`Os0?m~odi<u>HTYgf35{|#EGnzu-`wCzUt3@bM8yeo8H+}3X
zB8asCQwG&sKsZ+_5>=W>O#pqAhvDT$B+orpc6cAn**$J<rbUQf0luWB%*mJyQw0ec
z>rRO6LK~TwSMD`#Vk+%3uxY!w?sh(`n?pWo)?i2|dQ?`0M;5b~ad$+SHzZrng-DM8
zJyd3h2cLsPK8{!alh-zHyPrE34YTaR_0ZXvS8`^Xhch=%T4rpVjOiJ%(r0HdhL^)e
zdU9Dg|BG+ceB|tU9r9I-J3njGR+;gm@6@3`8nkbkft;g*nR~~mO-a-FEz<RMk0-(>
z4T4YAz;r9`&eIlea2N#1au6pyyrAy3bGB7+#|RSKviB&SD07);8c5%B?g!9*jEvhF
zY3Rq4N~L{16I-7V{CYeD`Pe9VgA1kPeS%6ykO$)jBpmYbb!0>LDlwDQm`!~Tpt^?3
zD1xQM5m9>N=BX3Zx7HsnAd=ezube2XUjjj)(u|$qD#TdMN$f|S8A$OBbfdLB(pw#p
z*?><g;_Jhj8Wlu)c`jj>U)QBp$Vrn?y)n2|!#uaz*A+MTLLEyUvFH$a7d)-QGTQiE
zvzo6Xy}d14xWxF|9*gmQn`-k<bE4bCI}x&xFJLf}^X#O*X62wAJm>fBo<!}Vu1F@1
zNf8kp>}?&c{#dF;jU70rfK9a4M1kd1-`53hQZ)NXW}`sBFV5`z;bdEIox63F*nYSf
zW(}^@C+U9s99;c4MLNTp9@*LH=A&#l{Bya5sdrhjyOYAjFs=%a{{c$AzhdvJpG}%d
zaAnUs?C-J9$J{BsQ6JH2A+^~ZXmeK=3R~8})oe2e!rvL#f<AV(_fsNYfR{CM9Vw*8
zTVl^+S1y^@K>K78RhR?YtLS%ia~!~#%)&LAN^eQT=~DZ-s}0pLtv*3kHyWP9JLG4>
zr*Me}f5Z~DjwR3Lg$)^ossGRNwliMz2awYf6Q-)aM(&8;h$0JqVuHtQ>{LxDet_ON
zc)?gUe*OsXyH2}q_Vm28(6fund(1=PJ)dH;^@c=<%nCjbt4pPl1v(NFWGncGYmAf|
ziW%tV(F(?%(AY}1To!Ho(!QifbAcwbL4q<N?0l?vpufRh_rOC0|D<cR?<6=E)XXBD
zAJfXz@ZbjPo&rrTh}mT2R=o2!ZplCEW?a~D=5T`GV4OM>|K$>rHYJn~{y6Hb2#+Fa
z;?Y0Xu{9`(`N|kIhD6rlW3(~*y`)1ojoW+UN`}n;{C8X1K;*UJrSzBrkkCP5J2^3}
zjoSHRH;FS)C+Fr8Xy*3ENSJz=<)lr24XjX%9Wr>DiVbasDBLNYgf5vV5M*$>6XODf
z9<^0SQ3`<@j@8+C+mwWAxI7rKNo=&0xf|!gXP#;7P6naszLKeCzZF|~8LvD)cZ^Sz
z2buxZWv>m!D|lSj)rs@d@^0KM>wYd<M+cWKQF7n?vrX<-ue?S`QKJ_7Nd`@Lh$qwK
z*pN6c7S3b+CNXGNWys%11dFDw72B>(Qg_q!v5FhQ*4;+7uE*w`8Nq;>AxdCNLp&k(
z`sU`PF;>>7DT^vkE>yXvdP|f<`)$ngk}nt)|3HQ$8C7)XVLXAA9lvwcp~&bpk^m-N
z#)qE6U22|w!l?tfzPbKl{0|QgLW6a`2TM<Z+kBHg%FpJzj5lDZ0%waeU44<V6i)Hp
z@hBKT9lCH*q&ubG$byIGbkl->-@AEh_+xqGm{af!%eAM$DWE4n#G+3}Z^Ukd@dudJ
z+LS>C($JruH&8WBwthwkw>QVmtJv(!3u!V#eGNh<#FSb=WR%cCCuTbJy$*DlvdX!+
zlj>3aCpYFDaCYkm@W@Q$`|z_MsO;()7r$Qs7j*eWUbIY<VNG?+E_(NTA1fOi4CaMQ
zgN?GoE3#WzmRcXQ1`#DHGb?@qX!bSlqM`cq(uSC|qP+=HbUC52@&dSf)ld370Ux@f
zm5}J#bM#~~CV08a-yp(WdMq6rI~y+c18kkWO({yJ6r)noH%3`jl#PFE3R|+V*(1S&
znzFt+^=G#cJJCsglj>9dp{Dd4j5mfiSXps!4}P_hE-BsP4lE9Y-X3v%kG<P@phV?t
zpIA)vt<DIz`uW4<skPQY9O#77{tyj)dBJyhcLDvB18AfQsuV6y{K*aOTHVloMXhY<
z(Fg~(jfDWa7xs`RV`dQgF==__MMD*eZ=A&&QQLi~vCYDq$;Zde{p98_9Q%oF<#pIj
zO+T$Mx%rVNsDNf;vUj_`e_&__sQ)XD5!w=SW9H*EzZk8^maX->%hFI<_Qks4MwFh6
zsok3-`pQ(<s*c}e$YnKBrK<M`l|wxbQ?T8s2f;U*R*tKxxAm_WY=8eDVB&)T_vkbb
z2@xW8s2?}ouc@T5ajCKi4_Da3<Ehiml@6Hp*sP5t4X2du*dfA}rWi5ED$3>&XhIWO
zAP91lzhz!ItiB}Mo|4jXhW(y_F1DCbhk!pj(E5U$u8!))pMJh{c=e&`?0D<q6JPe}
zw5{&|FR865m858a@$d?wQA~x%SroeR*wO&RO(NbPUjF}R`Ub{Yqg~tDwr$((u5H`4
z-Cei4wr$(CZQHi>dd@xX53Fw{E15GHNk(jqti|w8J4cSBzcmbZKXW`c>>g9OyOUIZ
zIvyya%GTKDSsf0%a_-#?eLXMZx?WbVDp^w|@`bfSK|T^BVOFmR0~WJut7xN>vlAv~
z#6t9bDt#zEK+1n<8>W)PkQv+`HzC3%g!F-%)$5f!2Djt#1-&TvjGnl=gr8fG?u+JA
zoHMs+_O=3dvtWE&Y^y=)#LvdbOQql{>Wpu;!FCR%&*QSQCz_LTHnY@ZAm0K!@g;?=
ziYT88jdl=a6~OXlM5~Uj&RhFxpo5f=ngyNlI?JS46Rl?@+TrVr`&)Ld9*%~hpvTqk
zN+!rAJOo<HJ;kX=se+<)-2Rbh4qq1TM|5g{aB+bHHLSeq8E9YU{CQ$41I(P6mrO3Q
zKVb)YMx+2)S@ixWhJb+ghonCb#}=lof*0yH-qd@jV^~{y6`?Ezt?<Pn;ovgykRWBC
zpz12oD7CZkn3?IkE5HV~ZVTzTebjy3UK~m&KA$H7aeIk5K6be1<oUEWCwRRhHv4<8
zJDuG~q$HGDxSdIXI_zsKaViL}7%Pviz^rP`wwl_O`uA?o{0FpqJT`JXSjGFVaLLLL
zyG9J}W!FoTnxM=sW8u`Y=N|Og+%~2XfdYu*5OV1j17RI?eC5^*Lus?c?NQM~9W_~}
z3_7KDUTF8a(t`Dbc=DHxZU{D}z(WR7zi@-FcY{#bqkXk5Hx+_PUm+Vi%1D?Xcj%Y!
z{a2fx5!}%o?(RFiE*JOk{pm1bW<drZB1NuA0ALqOQq*8H0{9k?xwWekE#|GVWE9ud
zJV2-X`Up6@Yl3YyLv<ivkKC*oD(Q)88a!H|h9*h6gafOXZu$+~Qf?8`M8li1MPkF(
zu>avB`k#euosYW(a;<b083X+#@XcD<W<(*f&Dd~s`)%+0<yhcZiM$u|5Y?cDn5WF5
zB(onwOa4z#c>{r;<6oG7fI=V}V#Zf~qVx4k=_H!Re2>z2xDL89^}BP^Qg8zfjBl=h
zoO?sF{i`P{+vj=)mo`v`K{w6lC95}+Bf;p?2Ax@hH8`M(n^%+erIz-?iU%#a<(eE%
zuJ65-<Qz3r3Md4}6@2qp4)9@w5#0KKVjpEaKd)_I)GJ9jT<13SO#z*%t;%LlaA8a-
z3tWZWpcn!+o>QGQsDq<G*GDyqdFn|-T?zP1oDnt^`jD4)esIs(DoogS@F1>uBJSTU
z1t$E0jj)YQ)-9FACQGaJ;OIOZ6SqvT4`5H3l*dT>0)?BHuid`t>5c5x3-*m8_%N=9
z4Fp@rd@k}K<dDccBA4hT4raK>4^r+B_`Cz}u@)B8a0=AOlXVpK1uq@#?~9KCeRkXf
z`ATOVd#o=ENz`bHN|J@?k-hEqy7&D2^}Qn%N&Xi+QpGLEtDz`1wMR+}V1wVC<1wsw
znfK>tcCY0|>6KEnX;OeV6p}(z+rs}JH^e#OdSVFTx;Ec&RQMj0I3EMnPvj0Ye%y+d
z+@j7E_PhfP-TAZOU=|8vy+S0)2smZWpX2lMuicIWqr4tx7nm18|H(VAB{IP>z#O~X
z<tXVOB!{Kns15^>>7S@Ca8EOH>FiDwirs=%uB?$jJ<M05V{Ay&zy>Z|NrQ7c<<tS8
z(%P!@;Mrpzj0>>M!3`4}%7=qbkL+ec0x6VtsD(o!4wvNvVsuvtCeKEaZgSRF;hO;Z
z`HH5H2Wa<C<I?zTZ>jQNq|9Vky1rGaYwa#ddnCa)8+%?=Yn7o$Vgby23a@7eM6OV_
zp{Y$W0L@Cefe8qUsCoCjzV#vW&&A{c`8E2`WPNj{n$#HcK}($uXOm<{cqIHh3?lHA
z!vd?0*r6WWcKWOFR@?;cn?mz^DcjkaHi-UBf3?*|z*o!n<*LP1%K2xqW;VFqNbj;?
z_pB@%`v<Kg?gn2qQe7ljru*aRz+G95&+kXyb1kImJVEW1w?HIHl{m~azsk<rlumyr
z`Zs*a_h~1x`R(f!L`yTqj~#Ov>brJ=6yUN;IH0+mm$%dJRpn@{>59mNst+m@poT8T
zBw4Ri1wxt<Sssrm6ad{LTic#$X<SqqVvQx0tX(~*q!R0ui=Ec2{Wwrk=rE}y!C)Z$
z9cYX#Chb!c<TcQhS>f^>O*G?dOgu8mDiy7XSWmJIuCCa(6SH#pypHGOT#62*U}!hn
zvk1l2Aw(fo2?tCkJv+a8*>Y&DLRVR7PqULZ#Q@P^C$d$=GOl*VzW(rfnY<@dM_*)-
zDRoahwHB>eDa%|e1wO2l{9KL(g6~YVVc{k=<irP81UCm>nMwGXed?+RS~hYYw61{)
z>N*%`XX00>=WYaw`=?hW6A(~_f|Ip2#C)!YT?$_=Jns#MN*8-Gnhw*WQ}?RxVW=u^
zmb7~UGu2|;j?U_99msE%69rtevhB|Y1RF5Hfv1U+^fCjjLfdHY+i8Y~(ef^A?4ZI3
zHIl3}9T`hWahj|#t+x;o3!ANkZf{3eb4lStE<&`6MBM>elQZxGmsS*-q(ep`>KXj3
z#Y4=WW@1>naA~ODY;p?3tEAmlV|$x!v+QeW{?>%y*|Vgkd><BKIvYOpX~_IF-IuJW
zX=#t@cTRCdRa9naSAquMS$eqnc)q}!LTg-Uyk<LVi4jY=9gBEbu-*#1@Gm`ZRM{e)
znKozvH>GRqeg{}d80_V0&G7!Xkg$Fy{c(w0+_7UinovLws>5-3w;hEd-E(jM3_I@#
z7`k<L7h~gIaJ}Bdb+$-Bv-zuAn6{4i*a*}@1qSWQ4?(iOdFOO8ee(%uWsy~RyJ0*E
zn5aH!lZ9b+<Ipa<K_MFCp#@j?uha|_No4V6!R6DQsa;VUaH*co0F|Fc()zxKbxJay
zag{4>HX$&2dMMf5O}wY$0}ER&<k_>cJjqm%bSC#E_K<A{s7o$tSyW7SN<FKLIxsM6
zH7~V~e-|?9PI@^@CW_M6@p#gg3t<XoKGP@_0n-|n5zW~wY9s|8`pWJtD!g0Je-5;&
zVm2QOI?sIFhSUD$+iglG=Uc{ih4q%gC?qS=??2<cmq~d$yza|CY*X30tYEHbMf!w@
znUEHSyb!~EIjz@9or}*p=T2Htmi~0B0*OSbwMBqRP};OaO0{7t0A4#WzL(~X#@{hM
z2TvuCkDyvII;1Dy8^hFt={Tv-dQt<9gpa{E_W9;Yeu`SX@*{PEQnf*RMtps>l;cOq
z!RkbtoT*-Q#wNGj-9k)_S!Lqth;c2YK>)~R<#}g~2<gSLI+Bf-6oC7hcSAKkE1_eJ
zr-XH9LarT2tXSW!0fyr4`FqZi3OEOc6YpGB5+qY`oP1e0myfMinQ^ib^s2W)>e06(
zuj*qma02w<R<owFh_e(kMH!(513!;t3o(~}z^WfG6La&jUu_{**`O)_YX`_pc-<x4
zeeKB};+l<Gcsf7>w^XN_jcUC5mB#eAeR>{vWyx#26#bLp^Bs<4hk<)+ZrKW3JZPMl
z5RK&ixIQ|&pYD7|yo^T)d5lfVisok4_o?Si?LYxxhkw^NSl2u=B2Mf&tG8L3780{&
zXkIcuN6*Ta=W~%6-C1j#*SJYL0^6R`Q5GPBGbwR4^nmfW&5Zhl4kt(mXXFxFq0qod
zf=)p|nU#oyJ>lwZ4r*ZmLdr=;1?rq=b1J=AlTeB~l#LxJW28&^LGh?J?&<;zM|zz(
zAWzh07e?HkxV-ia^&QeEAo&Gj!u)bnZ<|MLOMCB+uI*f#;3mM>U;{}w>?N={zx?iL
z)GdEDsx#2%Bt+{pXDG#kXPQs%H4wAux*9N2%6n;Q+FBPh8M6d$<~qH(#Hp2*mH%VX
z!tOnK?zsv&<saWyQ(w%lQXuCrPyzLhIb!Y&zNFCEp`=j@nukGcz`@OMjN~pK-Y|my
zb_7nu&fK#$>w^2}FeNX{A2Auf=q|rNlU{s-6?UHqm3)TrmEi!Q*=IuAXoOh!QR@gl
z*H7(CMz`$$2%34Gf`<|eo6wq0q>Sn9eKuBeCLwt+yQHSWh8k!>OY?XQM<xWvt;;A~
zIiY%Tmz%6nBtGhomP?i*J?31QNk(OnpC#S^h$o#|p@XHL$lbG%ZWd{dxsclc0QIh&
zo%S&&wjR^cy>`^7IjeUk8w-Hx(w$5!Ij&TOvNVSWfpAt7Lk9Y$`<g$+XG^QEddQ81
zOM2NQ?ESS8^K@AiHF7|}KgO)K`m7d?su2lG1oh!Y(?AiBP8t_9O!vZVT0-{~P;%v>
zv~I31?Z99<d%$3)gjit-uMV~q+LCxnny9T|iKn3wg{T75bD2~ibZxI5CVz5!CuoUJ
zsJH#(^HdF<`!<Q0ZE{BJ66IP^X_99oBu;=8Khzn-_NSVjhrRo9UwXM!et*t=hJ(%>
zmRs|eCn0wrn&`Sd62ssIojmWtCLZSeL>{aF13JDYTq)2N^f8wiGe%nbQ)a(OZP9U~
z84yx5Q~&TCq9E&CB8L8W@?Sx1>42b4U@C@lh1xy&-;J5pJv$!X&1R-bR-*y~6p|d2
z*V2*H6wf}+*EFyK_ILT2jTca}di)x0rrGA@%E=chXu#O-Ye+aSU$31#axTY72-*i^
z{Y9w@2UbZn!+CUFt*b7{p6H0|_kMEP{^$-QeS{()z@;Ha^1q^rmodK?qDnM|Gk2f0
z!|}fXMuZrr+Sq*%4`yjYXT3*Msu<d5JNZ878CV$D47R!R0Nj*`bazG#Fn37WVaMGv
z(1mKhqyUuGu$roas@i&&*18s<6VJ%}>*0fHvr*7wm)b?)mI2!%dvu}8$`-Bq$hW{A
z`B%eFL_?=TNxRhEEh}66tLBY59ByKHO`2qx4P0CwW8-a>(;!J3i1uevQPb}lFF7~X
zfth`#o$0cNrzY*if))+Xb_@8g+t0-ce7N6{*yWV`w`W)4*;V&GHeRRil$WgQc0B|R
zwv>spW+dpei=^q6jO(ds{1GT^%>Md;xO2Y6%}lJEpV7|5fi0d0p8?Yag}O7n%Op^@
zk127Iv?7b*b8wM@DCCq~g2b-m*gq6$p+=yjQvaAU{ja22GDaBJp{woJtkI(LircN(
z+%%AUiKBjb7TcKI6!XxNK?nC)>-TLMIgK@ev#g*h*B+MNPFF#Q1sk6j#`ZG>aW=hm
zhBe`kCH-{`sy0;UbGtEzua<-L{yk|<Q?3gVF_P{*zYjxr<Od}EEGxF(?+6?_zAtZr
zb46cqrXd%=I9FD{v~MifPSDSB?NErvQLJvs$IKpE%(kG2gjw2FH<jhTe1-Stu=2`R
zBA?j!;A*#d;=U+8cIQ;yfnVi&BR4aH`8Y(1&<hSzN%+ejyhBmPZfGXLPHa-pS3{jm
za`c5!h{QXuoJAKnCCt5iaDh*(PB{!fRMZCPr%0A~(I6!yz*q%u(dFqaZh$#ws4(hL
zE;{AqEX>NHYD>3u$^hkUO&x9ukusB`u_J~};Y}8u7_>~QghbJnckP>%nf{yTo6SG9
z*r&*&3Hw2dYcE<$)K1fqTuL@6Rv?mLHMiUhO}^mJ+PDtUq-al;G(%lC&2i;I=Afpa
z^rM$cFXD}&E3p}&`O1AH&r&^*tw44ioLyOy>^C&y1KCOyjz&IeB0sm>a@}mJ5nQ(#
z>WgYM?z@^i`)JP?NVwBmWnR@&a}Z7kNebfs*sJiLojTKNe|hvrtDP*URMj7xs)Yb#
zIUZ(%M^YZwJ7`3_y6@1C>;P|_*5MmQHgtL`Zm^&Y&sHsG#b`!y7p836xT?LaG?UA?
z&S+~?TvK98Q>T3xQwFOPrWT69X+pa7DlRjoEn?`{u61(rt(5Z{xkLHIQ=?bSsf5+R
zTuVc7nV!_G4?;-t-3<ceYN3)xtjW@mE5{%8oyh<4kOqf^nW`r^Eo#s-;Y4c9atpPK
z&;yHdCgVv-dUE5>i-!;PHS*MD2`dY3(~4EQAD0B>aM~ZDr?XOl*2gDqbJ7=2nM*~~
zT&L@agmJ$51@VHSERAz~eSXF1?+e@yrbz#pQdvRh9-JIJfM0A}-WL0p6^w`7S-xAH
zv>Sj~Pz@g8vu+F9(&LszXqG@i3@%}|BG)o0<8Wie<!-cMCuO_z${|6`xcgo%ZZd>X
zg5F|<u>#3~O62P0H%C!DN5q<V8R1<>R%oy4LY4q2l`E=;c~6VQ<_1ieFtBtjeVqF2
zbY$(?h>?za2VG&Z5;DC4zGfeE?aWyTMDrrx3kK$ZKuuVv*cKT~&V1;7mW*!OlBK}1
z-=fa3o~ocGsIe>r9JNHKfSA4S+9psUI%GJ8Ov3w8x^r_RP@n6iB481QsVW9Q%7Ba8
z#5y)Bbz{@947(wdk(Z9Jy5W>d#{BR&<9b~MUs?`C_x-q~QBek=C0ap93SMA3e)HlG
zB$qQWHb%_gR2C^<GZCwvsW3ccst*&^Pt@OBVM$Y5*{KKp;aMA(*J~G<gVZ=5<z`So
z0!=Pk!t99YYH>8De!b8N6m66?bAq&w*z6P(seHpE+7_(0_og!yJ3?bihetw7XNOBX
zMxYQ_EWgOe+{;v%o`M(kVa1C^;xR$O11d+CCQUT}=?D=|pLP&lho*|ii9h6N0qOH_
zzImw$SsD4_Xb4ovw@QFI6P_e6_biY2Tk(wv7Q9*YYVBgo68B#~LB%Og>~yc^6}B^~
z)=!7Uhr2wMh)C2|!05QS9ZNLjgv(i|zJ6$~lU$B%5+x_Ora0kV6Pm*mU1Cb4fv%+j
zY1Y$c&K=o5-^YrtIajO2q>p^-pQTw<WFQ(VnqM3%_`vGVyBopsqQADp#UII}KrUfT
zl@VjD^$LDg+WI16I;J@(8N@korV<=Oax^DQSCKy%)aEIenQL~){-w`nSqvqK7&Npn
zC@^T|<q~v#+D7c~v`@!}))1#szIg%yrp{APHxVBdn9rlkPe(Kd^Da&9o;1x9kdT$`
z0EO0joY7h`f<wp|Gc|}I`H0L98fUbvdN!ml*eQ=wP49ZLS5l&FJu`lK-=eG_n1Jf&
zL$?P2-Z^Y~aB36#0)KbwBK-jy=&%@DdeUy5o;ty^+dBBo0&OKnq=d0Zk1$wO8cXj^
zwx#1Yvyt?+;$n&xAk&)H1H+7wFz&PRn!xakC~CFA)lia|E{7<l`sEd9ON#tgC^cqV
z(xQMo=nlJPsnH~au?9(+D#&9x(h14KKrWq8K__(8zbLI46s)~L!#FSy`y#pQ#QlLk
zu2Oq+A5k^E>pGE*$fp9HSSAfPPo?J;q^PW#<W1fP(ADPz3p2A!Cem0^#BNmiVAZYC
z9t))##?HEhLd&%(>+p87XHzpL@v5uZN(i$$Bo;PNY@PBx2-!XnYslZSUTt;xqW`|`
zajO_Jfba~)=WbHRW%`mQyOAeTBFnPI?jBn7sSZ>m!dwV2kh6D|pty`Y=!!0D{~g#G
zaK&AbcK;T!hXwlr5PmHaOCp7dBt&6{cZhZb+1^P;r7dl)w;J(m;Vv%MwC2l7k5%A{
zh8_|9sg-?gxpFxa5~s6OVR435^Q_%y1<5<WOkRbkO75FT$rf3YGt@915=7)Yk|94J
z6Vhc1;64Tg{X}NoZO~dGg-TMSfla0D=bjHT8lQhs<V+^7>^^KTat1>Vi!7xI!@NJ5
zS8<~%!ebAQ&i<YdWD>|Kt9e-$$j`lqHd?39VHns#>>X>)A7yc<w<$9(1x`gqZtWOo
zo{}?H=0ZOsvHcsfWSOVnrfnt&rM$=4?E8SN-j)uvDo;!MH0{3WS>E7eZzgV`N_UN0
zqYJWSkxy1!uVErq%4@i>(gT{kr_v@}osQf`Ux`|oPffo09by5lu+ZT-^G}D{YB{4o
z#Q{0HzVCS8jS*|aLa0sR<i}oRq}Fx#A=se{c3pgh<9MNf0xlI?@_;j5!Mu%z6_zuh
z4hfo=CgHgzWzoj_Pg4365-7`;09j|0v9;Cmtk=4dlO_6qi~a5r4A+6TaN6qCw6&H*
z<?f`x8Q!g8BFf#;y)9?f6~S+29qDobCF-+P_@rxWfY;R1-8NiBsZXEh`^BJ*YHdB~
z+Jn`<+Gxjam(dWHWOScbDY80Lu9-N_RF-DV1`-Xp+?HRDb*W|VW00}(wCfQ*Q_fU*
z|C=MEC#Yx32CDKpM{N8N1J<C>d_NQ+!4dz!g!MilCT`{)pferKo7X7IcG9pO?WME6
z+}J{q#~Qq!E(}B*HyjlqJ<#U>;~lnkLu8}*(Uz1%q=NjWaI=FLu6NBJJokguJLD~i
zU$-V*k<}HfmTzj(^)KCfJ{FjGjuB3RQ3st>C3oOa2>7u4(uICB8&V+*WNEm<7T<h>
zP!%bKnoS)abZa_PSf1~bCQ4xAncKu{8t=9eAJs^Vjle8jna5PG0ITF^-2ueKOQcg3
z?zPiMdEM~vuQh~4Fkw1GRbbYV989rDSHr%Pm6bO*spxD(B!!M3U2dUWYYE|agdq$x
z#1N_&izG=I(g*}B#8!2y@_>AsceIB6!p@fR<dIo)cN|!#$_HtP2dS=N@i$BZjU0n3
z+mWdO=c3nHs&6I65ke`~MflIW&{=B@Jur2ZWBKHYhBXfGms9o$e>d<nB}=9{ntXGk
zqV}_XunzzBf$V3fgKv`&<WQbPXysUkCVR>u6J&fis!hE!SS`pY)fM7zD#`9=*&Gmj
zFc^8-E(NTq929vdPlHBAOW7NDF+GaDwf&Bd)!q!;0Zt~%xycE=x2P#NeWNLGS552g
z=EhE3yCxdC1(b2BoE(Jn>1YXKCC5>(hzZjsYBFz-Bcd;#udIOd)AaYKlnNX>j<hei
zVl}RswaW4@eack7blj4djZnJ2B!pCr0**IyHo19xRI9Mn@pJm$v$0e;TS6eBf?8pT
zjod8y)F7Y>%k!ud73g*xl;r?c(w2%ZZe-3Buoh+wa{-mB2psAjhO}J2x?>W`V^TTq
zH(BO(k*gs?73J{eA{6~!K~{_L)zLnS?@pZ|I;YYtPp_-Dn!L|`#h5%YR9CI|rN?ru
z)0;1fA1Uf#Z#hy#fw)taG@_tFt&mCTi~S*dC6##vg>F};^ntW;l4?LKE13_HNi^AP
zM{HA7#6rVrW)7rPa}iTn^+*!LVe<z?RMTakgBGblowz=vN10cTUF<iO;-fFNB~k9I
z9S^(PtS7#m2b+3#aNtZq1R1-S<bd8m)s%XuoV+LcyJ%Xf5279y%2pFDZ}#@A8(VnP
z)g<tQYU3kGGgyD(a7yj_%A9T#)>gfUqvnk&ELge)^O8J_icepCfK`wHwfy<!?iJOt
zI;ujX<cVMJsM)bkB@~#4@j6S(;J2i1YOEdQcLZQ$Mwcb?F={V12FsZ|LCGVf7!LxO
z8_`k)Hw<o!6NO4oC7MYmZ)bMKFAPA=(7}?Z9mfre&n``G&;Ut)X;~(vkH+?VMMLdv
zo=!4eE($5}qHR_u*F`OJf|pOqc?pcZ#L&0;esfv<Sak(R0g*!#iTb$hYM09aE$+Gq
zbNys2j_gX0Rg|*X3l)Q5f>{ZSIRoRTk!&M+#+fc>ivq+ciEJS?l}NO+Jp_7D8xQo{
z;1;nVQ)4SD%t#r+Fnj6dpszon+iylC!qmB(&d?2L?S=+DQSP|7ftf*_7K6;AaY!pK
zsLN$nr)oIiPOpcT4U|1;X0+9jOt{kodLkYU%Gn64%wvwo19((KiaNU&NCM%?2i5{a
za^Rdy2D7x`vrm>JqlDKn)ozr0@bCbo6>dLYZ94kJCueAwE<Kv=o>*ejy2QW&4`yt!
zs{0T@(U`0!%)n)>p0b!BqCgdmBnpA`N}-EEQC|D%hXf6we^ZS=R}Lh!$219k&u8UA
z>GPfZTWz=N`(2DUo5-jingJiY6RhXqv3=#;i!b;syVtdE6r51>hJL2C7gBwvY`kwy
zi#B5t*1MDHNah;!(NMH{S-8{CZ9mOK2tO&KQ4i<~D|br3(scCopvb#wGQ|&dXs~Dc
zL|lZTT;@<B2T>kJ1`Ef52BL}jD1igJ1KX^l-8SeKLGy~;B{VzS0lm#En*<aQgl8CQ
zyJ-eAVDt4dv;%70Rq-dK$FflIU10%=ujourO#>i6F(0e-Gou!ITDbA?&~-cE9fRn1
zJvJ%Nzkg3qgWpaTfn@>l7gzA>xhk~)H$+?w%Js$}n@nVuG_YKUM6RP7y;K<P=v=m+
zVS221SE|%m6XJB#BX+<BNeXwr|4)hjgocLHFFrkvMs4jrEj8Nq_{NV3<FO3A_1&0N
zOx>qwG=SA2iUIgpr?tW*YlA_!krtZ~duXjQ1<#~$L@1D}!(|49tDdc}sy!Z?Hfz-V
zupIgQ=vqy!JvM`KA46lH$$!MJ7bhqJVx->(?sEL*nvd-n@;Go^yndV1=b$x}ow9Hu
zcXbZA9TL!?5tj9*WHt(&PC6?1I0MTna~C^5R|*amzdzoz$&{+r=Jc#@I(f*cRdiqw
z!53IaS3QY}Cv-)h+(f-<o_zSt4xuN`n+c3ilpbc~iF-7*psuStuZNT7w;6625Pw{c
zU9p$x7`e-*sFPV-E`pp1vpVk%9FHtHmFDIt>xm_rFhI!-&X1!8eM1reeAsi=X?&fu
ztlKz*2Z5tdHl{1!o9I41Q<6g5AI$n1Yivzja`V488wVnZeOwJB3#lSP9;tpt2%19T
zqzy7W1aBKjAdYBWy@^dog5+HIcyF~%aP)Snr|K+t3z?!jA8-bVjgm=a*gmXpSxt>r
z<wg6W^G}8ET?0A(TTcuU6bZy8KOcV8Zip(acz2Y*CdLGGJaZKRXF;j3KOaISU|{Z;
zc6Qy$rT*D;Zxfb22gYu?LCYU;Ap^UzFk#8C;84dsb0%8y0E>8)cww3RJX&EC)_$_^
zp^#8~L@GDt)fRp)<;&fH1yPWeDbNdcIJ2r<M{f6ug6L+=Dv~Vc{apxcSs3qN>fUE`
zl4oau{h0EchyccCl=L8l>3ugV9++s0$6P6jy$f0K+|v6-eWeiBrr=sYxgmVYC>QNh
z@`kV!VTXKBRi-v$CJBex#9z3r$z9bPJ_H0SJ-*L=FHXJYFbDnRRBU#8HjNR?xw>x6
zg5)M!D?w`xJ7(J>->xFlT}Xzk!H|h9E^27O0(GOSye}Dm=-<4HLp#KkCQvobyodw-
zzgbLJZPsBwehq-Twj_vJgN~YwW9L=t!Fl7l4V%W`E#P5ywAbtV!`aVLS$fG$7f%5q
zJBA2xzA9hMHzJx(Ep1GyN_SLWr@T+2HaLoy;;qg{IbfG7c;2m*m4-(l&D724KX!qP
z#)DY0`Rh61<qH!>5U3#n-8u)d0~q(zG^=ZU;}nfrtAA4&dgG)xHRR7y=b+DLw$Elf
zS~Y~2H53AZpey*?JpWc)qptIiPBe-b^Gmi%4OE+q4n+=*J1%21QJ24qKrSzd`x8?p
zF|ENBNGbc-H66w@EEcw0aH3EkuE!HSuLHd_=_FeFcK=Q9;=J%&*pZbM{c)FTAP3+P
zs>^=z@8r*SsCGhw9%ZW*lC$Lr!|fP$%%tO8M)4<!w;<(U&Vd$Vf+QUd4U?2ZO5u{G
zSV4HTz#yyi4PVVf+&7pf$sR`%O@hn{iQWRVl_uG}ZR3&AL~`Btj~jr}jU@$Kgr(q~
zb9bY<sERRbZ7$Og<BmhJ5l*)x311la(4OWGynOVqnf?1vFXA&QEU`TAh=y6Wp-4xA
z9j&lhb~1C9N>BDV+;J`?r_+AAwetqQ_YFK8X$;79Y(YvC+q#DRjEnPmS(Fk2$NRcm
zAVw;YpJ!LdVcu~13>z5k4XWBbS6v58Biso;9O(|QUC=w~H>uT=OFwHaT&vlXmX_;n
zr7kHUK`9{2Cd{${;=mOOd4gqZ?if*5)<AU=t)W7fFg8RY2#gNL)<5JL11Y%iQp%}W
zS7$94=_p(e(W&oN$mDDzX=(HEv*v}|+Zz2KUAw*I#{NDCivS|`@0Yl?-C8Q~N<BI2
z&fR(<Lt=l*bhvGKnsMw>mZ>AnJzj!rJ#CWYfFmqxRRV|Hq4I9f)q0|yHlm(H37k-o
zqz@Pb5P^M`e`lrR<wwsgkN_ff3jk{iR#{@mw)1bzc}>l^%GcA1FM`Zz=%!R+ux$P@
zP_Er>vzM^jkAPu{@Gk$Z3ZM#$D5#gwDuvb!A{KE5X$Ve_5mocjd;2GRwEd^uksZfn
z0wt~NpivH-<7QHR|MWd^$Mr-jvt=zMC3wbP<Pac$wM>M{OQQ<ZNGgqjy7}YYvJTfQ
zzy#UZBFkQ5b0+bOMxBY2>-7+5o(U|3=I}j~)Jiodc=^>9rX&&uYWk%|?ua<9zJidV
zL-phAYwZF}fVp-Veu=UA#=~hj)@$5ka9DK<5U-Hc`=o=}R@!wGljKD2n+&~-4jzx1
z4b&g=+@sckc~W%IaH$A5z-d)7KGQFgM3R$Iqwt8v2~K^;r$p~QWfYl=wC}%Em<cBm
zuFe4vdxUdW9!m8cbVzFM({XNv=)~>PA<z9%bD+rXNrpv>k^%A?xMIf(G=M1uh_c9z
z;akJUPIw|&=c(CDaI$(mj+uo;1A?(vkKoZD#CvGq6_<hN2&pu5BkD*#w%Gy_?HYXV
zW_z^&7%a<J^rN+Y)AXlrQ1<7+S4Ty$9_NR_6WYC>U+x>1B92G9)%a5EFOtMRLl}&<
z=JMtm@A!XSub*~2Z|6F^oM{DEhV<RN8pT_|LfBRdW`EEcfZ`o_&IHEtm*(yTke85L
zwm=I2Np{XrjT{)0BFICMp%_h~R}U3*ExQOLvmfFYxGn3eQ;8EsMF$YNJx&=QCb;Ff
zha}mp(o*QEUu&Hk)hH~fB|hs|j$>Zxt{Q|#Td&xb7&5WOf>3NMcivJSy}~&EvNL|^
zOvf^>t~<1_qd-C6oRHO5_AV2_UNQ4Knn#(rBi|lE=@!%n!u-t>2DDb(#ZLJH2172S
zI3C>ps{e_<`JvUr#p0}g1f<sPo8l8B2-Z=Xx*)(~`&&D2%ZE~E$oC7x3<XrcAe=5w
zVy2WEcwC(*4+*goI*PGDm)$jxmDjMEXw*?*Q|A4RFVyxJ@Zf8(%Go6c%?SuYMT*)b
zltWYIl|^C;{p3q2NG%7ORfLeGG07%2>W6pDg|3e)EGASpxqYw97u{~}mDJ>B;x7AM
zL*Ji+K0zBOxPU_z=j(>Tu$UQY(EjZEEjYezEVA^0s8Bq82A4UTdV{Gtj8G8L)*#xg
zP!A48HU??!Gt{9c#*r(p=4-lZmE%Te33#-@MC7fEA<PLFh8|!m13+ZfWgPUD=2+VG
z{M^KM2WiE1T|F#p&b`HbehK68fgJN0=*8e&UqiL((1rQ|$#ZN`F&*dHn<l}b5En$3
z$Mx2x=0|}VgM5YV_#6=3iGJ(x?tj5?a`L;3(AK7(;>)i<HRb&E6t$ew^*CPg{n<sf
zJ5x*Id5z!C%h=-p?e|4zHy43qjCN^-5rX0{sLf48)yc`!oSca<%NM4TM&S0!hUgRM
z^Ek~X&Y$YPh|@hZGqyQ(z`!1IhzX2OeEpgtR>67*6waaaeCb<(a+^rtKh&82nN;Hq
z1}u@j^tWD~^SzRO?zYl=#E3k`o8O1IIeU2Bq?<DZ2Ih-kq+ie1ylE#D2o1;`b63>w
zy3s{9(r%CcM+-yVy*Q8lS#!4sto06NhZn<@WY1)2`By-cHG6*3d<y$t7OU>Luqx{k
zQB|ts0rn9}tjlUxk}O%3-pwbxelBo?0?p-g%gSSP(kproHcyRwNM~^_yWw6y9>EIK
zCQN2$U<o9c>{3J-4SX5$Qmzn$r*duRN`(;~Oc)`RH530t!E3Q5k4hF+U7Y2_Bif62
zZRNhQ1q6>Cg$1fz;VkYmj1d`K!rk*%iLaBX=WA2igx;t6iOvnrrGpe5H-2w{cWQ+J
z2ERUKTP&la2d&%QXM}?fCA-{e5u>3MH*uSgnYEYpK(H~JtYI#ChPN~^!C1r!Y8lZ2
z6SEPhpI`{+tILDT{GWSLH@@R|=sI~KRgT!y?{lrNWk>cpbkEK_e|s&f*}jOsv+aPP
z5}gqY2;34R7R(7_mUnwADaEGsGY^C_W{tKh)W)~nMAS+vuJhyU0lkxxKAiJERX=0U
z=l#?(-rpr!?}G5bz%jz!d@TeSxqqNFWnm<F{OM)rCMo8IoT>1GWl9XC>+l|+$U&yL
zfVv4qkxIIla<bDfla?06oN*AIn#lcNdm-ZX2p~&1^yjA#9ldY8j3Zk%gr{rDpnZ(c
z$*u{H4;c;L->(46w$L{ZURqvB6z;XsXDdAy=Y7;3p+$)_#Iw0y7D4yDcj<Yvn(YR~
zz{5w3u>pNXcppeI6TMmC*ZDEP5thABw0DoYIG2)Wk5SP**ZhbDtGN2|AswL~D>wa+
z979k!qL$Jdl$v+5)|!wUabraEh4&fViAjx1cTE^E;>3*F#@*_`BuCv+uTdLygH+VX
z<W!@Dh+Ryh%+oNt?c#9$e2MJLd*$R{q2rOXd;S><w53w${f7ix{!hXXne5+bCq?VC
zZk<b7!<sjb%&~}uEHLmkO4(?oUq3q&HH8R1*;lY#2NPY4;Xj)(n3g{t0z4qYMO(tA
zpM#OVM7|j0-bji20!PQA5!ut9!HbJ~9AT<=c&wmo9kHWvFXOv8hn#LBR(696&;GBS
zp9o{a@cuG&6Y1m{LSR{?7!IB_h*}e|+=tl!tjQP@jz=_LnLLIPnlxu_1O4C!&a?M%
zH319uy9-kn2%?|hefq1}h{iqTZ|!E}!GR5GiNL~Hmc+t9l!{QPjA#KR5=Mh`*+f}#
zF!A57-sgt{GWXebdS>>Wut2~XNEKHV&JkAig$G4U5lBw@qf-H-S2c}PqTtOXul7YT
zi=W+&9lML6pf-l%u`4)tU=_WMB!{q~%4s;Y5(^B%I!%z<jasCKOE%dRRgMEMDX3d&
z50Xb0r%zz3)LZ<(YU#ED03_YH)m*l;zkQoMg2y`g{Ab2}v-2d;iL#=_&Wap)6=k+g
zX8%GWV7Ojsg-n1($=YZ11;VEj8nOE;$@!(rjT&LHq;*sz_8DoL1an@{K2L+mg#8$M
z-SBOvbxFu&zhfgGp$lVap^`XK$v5GmA~Wa2pCyQOkW5)xKx<ezEh8dw#bp^XkZ<3Z
zFk43xI5I=Z86?uFaG*V$nHmb?A046!_tMJ9F4t`c(hl6^chF^`LCrY0WZ@`IEZDZ;
zQwAKHU+rJPqrob~^>e{KU(bVE!htN^sWY|x;{TjyUQIVzkscOZ>t4U+f6w3NJmJD(
z8wkiC9)5MW5v;TfoNI7PSCW=#@|LZBw^xCJvf&Y+(@M^@<bY@zWg+-=|B;Xf@@_zJ
zAL&4<8}5W;!!Y+%$cj?P@+{9QH_;z~gDk3pB_r5|k%sMWv@V8Z=j~WncTzgIejNEl
zSgS@&Z$knU5FiQ&mx1+FCWj6Z@{KWBrmlkwX#a*v1lCj=PSh4OI*E37n&*JXSjt1b
z(UvB;5t@XFoOKx|nOgMH(&nR60HFYe1Bm1bAk-#{slO0HQSXg=wPg^avqKb7k5bV2
zn)n_j6P|?Yu|GE%<F?m@TD_yx(&_Uwdx1uDWUXl=oY{<TF}I>son<K2^s9{wSEJ)L
z>i+(s9}z#Ixh9A+awjQ3%St2cDpS83{XmBa!g6V@&O~gW7>#ozs5FhBJvEHXSmJ<y
zw#K-x&`hN$amnydK#xu;hXDI@5XQ0`pA7jN)`3h!34}Zd1rRqD;O!wl!#(}*Ca|5U
zs%<(L`WuQmf`B;O1W&e~(ROZ}WdU8OxihrqA-7VidY^hn5^~jUUY0#{Q1p;&kIl$R
z9AzkBnaayF0~E{=m=k8hm_HDJzBfr2PuEz$>A`=M;YU>4fykhec-vd=xM9+>#_*d5
zc1fwk-7aFPE>mT%PHXvdjmO%N@4_me4?v&^>53J5`QY%!KxG!FwP*;2;0%sU#5<sT
zYq9ZPs4blK<npCe3rN2p=ZR+VVBrc%;{R7Uxex$A`g4$kJ|^lavk6q`GX^1~4V1iu
z`S>oz+Jvz*TzfS{b%Xpb@UU&g0iXC?d@Gz7(y02jcU4P_K3duyyb%X=3sd<=#L*X`
zhLe4ziF*X+><p_(JuH#PS8}Y$8=N|pGFTy(IR8T2WDCwYPc63oE1kX?5rAb(BpDkO
zar+$|U`_MVdW?UL9o&EiyS$(nRw|)(+_Z(D3U(xz<#4gYT2o}SZJ?igCS)C%zP6@!
z4WRT}6?TIs!+HLo69XMBI|J%VEdVymcF@%y(cOT%&dus@Df3qBy)R=}9k=oOr;v0W
zEI0~Dg#XE08Pj{mhbE}W!6C)8$@7T^ec{d+c;4Ystaq%YpA=dP9TZ2f*!q|Hpq>v2
zW&(pqn7x|%M$J^t)*I*t^j<+|s=Qr>x}#U42bKFVrQKDMml2h)mt$t__VT<~86M1=
z6i~fq%l4r6a}aQa+DsTULjZ)(EO>WafJ!|*-3=A0TZda#EgJSc>(@MUe@%+bkKZ7X
z@v$)_kRjF`sLLPe{98QD`g5@IJeQk}^C8Hp$~)8n2+u^OL)|RIo0frgI|A9{aBBJ8
zhh2N)S2r5F$_gyTt9csHv9_0swh$>5ZOtZupsr!@gT0-7s})oW$4vi5kEMlx>F``L
za`8jk%8(_Ql?Teo&wfvm(f&hm_kRwEh%g$Wo=<@%;0NGo<*s4{f}}R@H*YURWQ&=b
zZ{C?Y4kQG;3akOl&EXFkf)nI`T6}=epG?@Ug8%}DVnpq2iERrESqLUj3>t>wESd}R
z#>T%buX1Xuap3NCJuKfNpzATa(^~JdQ)?@5NHAWr$K{Y8o+dP&%40S&8m@RZ(dJXN
zt}c^|AvDFUtYVj&W@KcOC#Uf1bHC@~&q5fb#!<MZ%RcD~T+^)hn{~R*-((`uR(u9V
z&rvTduG)Ew4n?88f|IYVmz30$UUk8B&%g=WjAixJja_}EIaUyX%BrAWUkj-7<Vr-c
z0Vvg$Jx}f~T=!YtOE*UsmT5p$ZQckaC`cH1)RtIH1!g6JOs^SNpsPCO+SE7Vgc*aB
zmfTeZnBg&8d;w-Mirx7_;qiZpGeG3egFB54<Ry-U$j9UO2D`cpAw^f^Qy-dJ1CfW0
z1T4+hbWTx|2t*9acLbvk#|$VrKrOa5$EoCWA*c5P9|e<a9rJ?)Lj;Xi!iZx!gk5Cc
z5R}xN@$Vqe!UFrG3h~w|*K3HMpU$e=AVHg6;c;Z2#z8GkP*6h2a`@dijk7sL2ip4E
z97S8!AXDw-RKWU({Xb*3W(Lv(TaN9--HcG~F1BS3TT(4K51DqjCb<itHXTiB1kvp_
zDd}Yo;ciaqgo4<H*&S1Kt&)$5vuvtmef)~*5UFIerW`70sLWoJ!2uafI7qE_*ItR_
zGA<NR02n}?I?^Ff5f8~>Q5T4`D$f_p^}`OoO-9MZ?7(af9{ScNVdz4$1mmDh{hzVB
zvH`V&SwWZu0^rxO32NhLYo#9Vf2cCmfVfo4h#HAdN`Q$`n`&>e0m|;E$ZsL~QI_r;
z8*@rSJp&s5o0L&r;zE-%4h#H^uAVpCtuBDhNOhL3q;|PRJ*gdP*#!kdG7q3bw&eal
z7eMdQpD{1@ZmtUHIJXhhB|nTp_t_?5B<FD3Q2q9$Hor|onUbjgIN`62`O^vjxbXZl
zwM%sQ+h7ymn!1Z4kIbPK5KB(2dvisAWhTBob|3~!dWkNw%p#MNKbpacV6h=7$s8`*
z0+QR;cfj>}klE!et1u-PGu9W4*_a9eJg%i0LKxk_fySbV0pZv7mu_2)Re=<p?kH>D
z@vR?Z&!&MSZMu!QTN$++E0U6nXRIhyjcpQ-0K5Z@_|P`CyBu5j2-u{5yxLk->RyW5
zOt8N<)~T9Gs-#8f|J>sD-Tdcg>xMjUXeK~4=@*0(0D}5(?ouLgE2#5oO_R57-HZ|o
zQ{inwDaN6jgzG902`I#;w<groTG9AD&<y0sPhN>dR>xT)C~X1e-Vjdu-9%88ZE~#{
zg2T^_ZWK*PDtEuTP?+swFSS(+*#X3MMB)hJ`jkW-_E7R~`ot|9rPs1;VvnS9L5&mY
zQTBhYZZ1S6zn=@}zYT*O%FvNztQySvUHg&>#5M;{X@;o8hB)Q3I@(!!Q?i2NBf$xp
zM=X<3HJB}(d(>ugCVbL2!H`h#s$2=Uv*GVTU3$8AFcD1_k$TKZjihogYDmslvJ*9y
zg0K%H?m+@Ny-`^Vui8?Sox!QR!v86S9~a@3M9ST*f_!$bl@PNA7*k8VXeg&tI8K;P
zO{T7xN&+;=VHXqd)wj}@-%cJolwU*y(N}WHA|12FG*CfiBV%tH8^@ekzGI2yTpDM8
zrdUBxmmbXfiY!fd<pGX%#ISKXJVD73g&<b8dmlV~S2SjW3~_ozc66b`tCCGXPXUSY
zzjxLEq5Zys@hEo}Ug)Cw#piGwP|lWlrsl4C9aRX9Hs!hu?Fo%U5xZ<J+8>QZ&xMA<
zUjISgm*U^<HG4y}!dlFMAcRJ;QY)kF>&8kUol1-XCq^*c#tqgffG+k=U5$Nb1u#@j
z2v-nLmW+!56^>kIoaWoeKdZF-J<jkjFf7Ts3MM*&H~IgwZ!V%)?rms;3LRWFFY=&f
znqDAk^c7F5F8b`j<+#q@s#}-aWRWpOZ|uV}jg|Rqsw8r&$(-{pB?&iOOR^$=QOxo=
zpE<H;_ndMC{`@YlsTd?mMevm<yxPa1Y^xr^-c=(lDpdVgz{!oML~8^(h~WzBG&GCK
zWNb!eF_Nz2fRq{IVbpx~)NG%CpWbSobF6$RmCyUsqC`&7|4x|Y@3(Mv7?$6(PU1`s
zb1?=d&h?8j?nyEuse%5owrJ~jb&{+C1cdYfzTw_3!{D?z#oZE_jJox{ZmJ_&7XxJs
zwFw%`BlrP#b1s>kXh)A9IeT2zPri;NB=vBFP*e;~4@wimVe8*!LA0&KoWc|bgXW3K
z&rqtIE$nQjJktLs4D|$|`jb`BZT$`+qMw0qJ4!?;4(K1@w}(-Aak@9a)F?=(&1r{B
ztD>rOEXd$klC<a1Iec0?W*?oHHqc6pT1*a^q1Ng*aFi@>hYh0R^3p$y7?+AAN|eR$
zPbZZyUSkQYpg);?%Eo1O&YZwHpp)u;dd%5U!S2c&(YTFq7>H>OFJ&v4%6{*lAn=kv
zbgqivsI`#{%KuG}uwdg7C+4X3>ETNcaLBD2^c37K@eFP0v4HPuJ}W2JO&$ab7BJz-
zRnDC=-a={0ou3&)=1|AUcIyv2>(Y`uQeJZRg6_hiS6@ichH*DJ)F=Eg2O~#2Mp{gK
zLd?~=A8r&|J_T<QaW1Mgn;}^z1+JYbAnJTH(BDZeVU{2}DdG4;$vBKw_qdMg(0)35
zPxUkArf&ERV+@3H2%h0vK7+!QF-qcyrs^h#iJdK&x4i*RefK?2I=-q~Y5c*&qe^*&
zqid=jfTNz4gN0sPZfo7FX;lML2^iWlz{RX;bM(!$oOyB&2eO2;W$$k|M4E8{G<oH&
z5H)x1(VcrPb+q(rM4sX}p_R}CEnPs`SR#2Lkk2nQ-m$}>kp$$v9FVOk!2Ls<pra@6
z^e8gOA6&DOww@_joo?|_vGb3BZ1?OIy{Aod{3jor=dPI5^+39T+0@B=db#>xP9)eb
z7pa{lv;6|E1lFJkG#SKIM-UWQ2V}Kvn|cYD7X_vX&7wL3iK&*(^K)n#T**D~@w>hs
z#!u)uc>=o7C*)J@0{DCHy#O*vALM#oJw!XdAQE0YS&7>!wov><K*{=-dqVZB^%^Uf
zJ&&--nH=g@VED)wob#1Y2*nQWg=^E%9I}ub10O>R(TRRK*hpL~;yu}IQ*=(5Wa2e|
z(;k&n*=!zzf4C>6^Jkqf8DZr-jmqjGI<^Ts`Em*kxC|mX6j|)c!El<CBDq)~-d#rB
ztFKQvO`+4@`*|&2irD5ub;1x@BE9eHgcHYo%r(AyHr}UoKZU`e-EtvdRLQO?LL<00
zxEM%n6Jhvc<Ue;W?>8S&LRU6kuhx7Mx#ZxXr*~yk7QD=lVqymkBOQ4%IWmzq{-=H{
z3LxpgfFcsk|L`X8D#}zi6qsy#qk%g6)5er#$tL#)#rbsaMETHNAS898SFMR8&s49(
z&lgfC9)&-6<z>Z1GlwUEZjGPv3K=bju2$$|5w_-SCmAONwN>3QE}w~d%&yR+xJU10
z9W&&CY^c<m<_5%rNGbP~8rH%w9SP=GA|JikcyriU@stO5jV(F%kJwoCBP#aNfGqAX
zs+HLqZU(~=L>zw5Rs<pnAgnooM&zKw4*R{X@@_|BwjSzSbvzR$((M?6`-uuD7)6h#
z8H&FuulmG%-vDXLd5*?Q|EzC(@L*}#SYZK}Ze~sK=Fzw1c)kw$^5Fc7d>Grr6kV9Z
zwNEcRge1$xHjRP#tWX_WdA<|2euf0H*-$02FhTK$CDyNBlWt!*Vcn$B0tmseuE4<Q
zCf#z-zPKR4tuB;EF2pH1n!t1iRtI$|8w#K_I~f~8MrA&vf^L5-^A<+}-dzX5YjE^g
z*RzH1`zGK)K-2<41(jE|*qtsd9ANX9p)(uZYf^6Im<c6sSkoSGC+o|qE#j^s=hf7$
z5!`_Wnj25UkU*Pneb|JAEJ%LW+BD>I`P#K#*8xT2&U<QvoeJm2x3D0-OZoeJ8aM5V
zsg0dG$I-p=s@rd&O?j~!BE7f$-5m<HI4RYG%shY(h1c3?L++9V|24}Ox3r@r-u>zY
zpV@k$Pn3O9zgAgf7U66-i~+k_1T<uE+4q&_8t?f=zJAoaY<h(*`Eo6o+v6)dYFrH0
z+}KJWSu(fCb$FC56jmRn;#8j;r83ZauemAE7^H^~{Cm}J<Xg5At_dm;&D?mpwCc>n
zUPzFgxZWF`p_DL#bipJmS%B+oOVoU5bo(~s9KDAhopOm^^m$l{s@_VWmc<g0Ag;iw
z%lQME+XMEtUs2uUV*YbFbg9csPxM-FLZi6g6Y|Z4U;zUnt4Q59kek{1(6C4*?x!)3
z`IBn;K|qC@$s%OhghzcrGHwiwe5rN)@dli3{ZXhm%eU@utC+idb=q|jNzb<TUFO{H
ze(vA$cb{J%&6w0H6LA${7K?-j<ZEaWlJQm;Y~E3PHz3hS6ArdEa#byHZ7E$+lTSq7
z31V<GzHsP}F9rFL2j<psv$E_kH1kN`Dl)>8E}clToC-{J3R~8Fb&7fPB#{;199TS!
z9&jg$B#lKmGz*59UKQUGt7Q3CF*y%<@h$~dhD329=+v;ps-n7B$^7g%)K#0Ln;wU!
z-XRD#nZLP<<Y78*UZO05dol%dTqE8F+nGVbf#_KcJ`lNVZ(qjn<(+5Y(OvifhSJ?5
zG;9NbJHd<=k~zeE-=QPs^XgnR-?sPD&J4ZqkIu*33VbYik2WwWZNgRi#p8CE#M{o=
zn^TX+t$wMV0u;?`J&y)~PHLR!q)Gc7Glugk6w?aWwYuBax&ffjkA*pi;azElxsy&j
zMeUJNP6*j6+~D3PpsYmi7S!t{8>adNwH%F=J0vw%Y)h|FyQugqo|7$K9PMac!)OF6
zkjzt|zifGKASv~wy`h9uAmtIPNtH?1>$4lYEDp@MTUhZ78Cvfz$})sX*3tuzF-=*k
z3)XOXe53o=r77RHJhg^L!s%5ih;nL!;@?gfD+?c>L=5LVWWrJGsJZ5ee&;ht;h)OM
zF&Y5#jr?yEc*iD3pXnXJYh})NZhL3v>w)>i@rU>JSSLm#x*Jlls!BpV*=^>?O$N^7
zPm`V9A^J0}d*#vvv${$IQ+gce2|a>Z<={VL;LUF>%x4t+8(XLcRj?s9QM07u9Q9@}
zMNP>9;@Fnpuqy7-@?D2XP0=|g^5b{Oe-$B7|Bt9|V9aD&x{f{J#I|kQ*2K1-Xktw?
zv2EM7ZQHi3H}~9gzwZ}xSMS}mYp+_X){K6kf&m?pM2<dIc~*+mjcaK%h43Ec;8cqj
z8wYQ&1D5b(G3M{sOjcyh1pG2F{7%dF)O}#Cn%<YF^rS%vu?)YAyb!Lqi0JFUnl~G~
zwB%DTcdDx*Zw(XN3nRp57+yA(L9Hf9ftfY`F}vV9Zx?))5(gSK4SKJ1qG}{C2*{|j
z*tzz^skCnAE%kSW)%Hap^>yF8H+sDGAH(5uBQ1E|@7-;QVntsRxNXmNA0Ku&mlwEe
z)ji~V*nEIbbIZ$H9|^h%pVLp53okW>?Q8SYLBn(K_*ThSW686dx6^<tJ<fsMlX_#d
zq7k~MAcaAHZ#E{7>R;xYUXf^N2!pSwSGvT?U8!uI?DmzzN2m*?XIOVwo~+0wi3hMq
zMSY>OD-7!Dv)&yHd1%dU(JJRq-X_jns(0)rwm`HaWHiV{PLxSq<*?n+TG{al$xWI{
zo!YiFY1iOdDTK$oJu=Ohvu#Ndp$2DQeet8b6~6ua$Z&dHe6~N;XWJXqOmLa&!OYbC
zEy8##$zL+trX`9}f#t3Wpse{p!e@FhgiB7Y^w?A-&3>er^lPX91KY__<S=b3AN@5=
zzV7VX!ji~!Mu-udS^#oPOpo2W@;=-2&xk?kLQ5mk!-%5n+Bw5*C1+vSFSS;-tffGD
zx@ZABxiUSa!79J%HM#KJ!Ujh{yfMFUWQ~hs1{!Z~{Mq0;Eubr^-H#4-gC_bo6)1ub
zf?+VR4>b@TgU@*48ZUFY(S`{3won0spzGcKfpcle4*`)ekj+KrdO@V$S7WW+V98tQ
zp)3W9U%i=K=kCvMBEV&9($J@!{(#DZH#PjMm5cgDAdc5N|L~}<H7XVWo-DMT(a6;P
z_E)e2nYj#Q#3QBpGB-!6<Jdgfo!aakD_~nQ8mTcvgLj{gmz(<?IBD+oO=k$HbzKNT
zu2%5IrX(1w7nx(M3cwB*JbJkzX(T1)AGPgZA^Q$a3YrZvj3mly?FvdkS&kS+X3Ij_
zQG&!_*2P5*vGuev=TH1Gba`^2qB<~Z(69m?4KM)6UGtbq=8c8f+8aeC5|bYK0Y90B
zPgyy3T=e%C!Oqn5^_dNMr~hR(<NVrfB0Wi{%RXZwPBs)A4snG*5Jcq=le7O#MAK+e
zSGCT}?|#TDV#WLW+1$)bdb^l5MTUXLRlQqTps}3EHXFNHtB5<lhYIC4LURldbnDCP
znD89@7qO3fK?iKU#&`XLh3)69Q6GUZ3Y<1USxr+~-kq##RL*Wm9g2K&@X}3$LTpDK
z=TPV(zx2F57qxxalG`upq==odLM&MUva8_TMeW`!#t!`BaNdc9Jb+7AnfT5PgwN==
zM=l&^xNl61x5*W#<B=FWJZXUNhaAtQ<{~mBt;_?5tYBKHOs2)2D|Ei$c0zmaKH@oJ
ztXdLW#=Rfd`Qk!juLITrTRM-(2ykt?c~J^8qoJAV;z7hLywnh#5K!+p_nVv#H(vs_
zdU)qc*v?{Gdp8vG_OIyW3&3(*k~9_30cCS@V<lg`s$@7Y3e4b1ob`|#&Uszk)vBYH
z;bF*0Sq;artG~)fCMj4{rCS6|PvOG2`(Nr^*e1qL{cB(8dJ_%2Q`He?3Q%KP#5ABS
za+HDFXxjt%X<n3O(|(J-*DV70;EnV&H)7fNZoTFAOmqkNJU>|3pMHa40>ArOElM|X
zw}Y6;U1b$^tyciu-E7i$PHJ6%h}rzuc`R$ZFsGzrp+H&Iyh4$*CaSEBKV)3B8hOIK
z9~?%1#N6FBORmar^f>U(Ht<^*_+0e{W<SMFay6$FFB3H5H$+UB3T2a92BBjZr!6e~
z1LK&bV1Myq`N8HUT+d5sSdO8oIQg?FQ_{u`lZDVt_E~V?NwInfg#iS8CFg}#joG%q
zf3$AiN96ukzJcl&zmjfz)ccr!zD_5uqWe7CysRGD0r-k1;21S=(@1ijMyMrkgA;U5
z7fG6l53j6kgl!^ov25=tf)~<IQOo1f1h?)`hzay5DTGm;`BgFWP)HBnJms>$lc(oq
zTBaxmpP4eHOv#QnzN_X>J*B)jexSlaP+6mQL=Y*UfT?eolhToelM89S3=~VsHqg$y
z^9wTBlFl2&Oo-}MtC7YlIgg0XtGB7&vMFnY+UdEwRr=BSRp)&&DykIPe)V6zH0&<u
z4+$ej4Yljuz2943`bmHhX;`f6VguEZ%A8a2mfeCho5bF!9vEd%Y?#{g2+$4rGc|L9
zsU?;TY%NKbCXYD++s85{D$H-q^Kb@`)udX~!pf*+t=886><UYF{X_*p9)4JruTloX
z0{3f)@tRS%n)b=)YVE%^e*HQ==Q{)~O#hkUfUQVK_pv%sYwVXLl_ho)=PZX*znB;@
z2_QfuS15f5EnjutN~YN6Odf&j(AK?4!iFdmHEoyi4}INL&?k#y)1gDBG_EqH%P{z)
zT0ZlDNw!zuD+nQ)hJ#ABrn-6E>FlKIGRO^8x4>lS@j&cEJW$bf!Io9(l#vhlbuIRX
z%Q}_Mf`e<oiicY(a7;K((zH+$TpT-n)=%}9o1?9PLMFN;Jte)}dyVFpR(QE3E$yzp
zSkCL-!H)W6#O+qwqoesTfG)$1+s(@pZ5_YT)!;1r?+~r~oJC`BI){e6-pRL?W~wA_
zW*`8BUQlvf_bAA^)?I}d2E0Rw&iQ3ifu-Fb3MGxipHB{{7|ZYYxm!Db?QQ<P_$i7W
zVQMPd7%JJJPGQ+K8#z7CR^**V{8RhOk#*)w7B)0Dy9gZ_UVJ=cq`$WS=?lLe@A5Tc
zfcoi|r%+QX-7CAOejC#9IS=Uo`j+SNiLnmDViK`3+w7_?Etx<YW>k?$+#KCcQ`qLQ
zVwRea`sF<hB=nqF$fny)rbmvazq#g-;W9-IwO0cvJ&h6a0a}v!pz*4VaZ5n;i^*Vv
z3MvknB;k~zin7ynAS?4fIF%!)_3B(Py2HojOw{6(_%TnamfN7L=?I9P_K$nl0jS<m
zOC&jw==SED7@4U-Tus}zgnP?LvID%%B;mhg{}cR+l?%P=liMdl3WN9C0(z&Xs-o)#
zLq99qSb=?1DQU9w=V%f&7=QmZ;y0M)-@$em+XX<0oU<LxCbrDYq&OYbe64lGX#Mn~
zaAkw|aDe*NA5u7WvLN4a|5Br(^zzi>`_VO#v4XBsndO}W#R3ds&v!}MGSEg^G<Zhi
ziXsGSF?{eea7&|<7|Cwz5&cB5>PX;rZK}!H3LrExk4p*;%B*}3Xm*sM$xrd3(`);Y
zvircc*AN7J#wvTA3elcmU?~!IqFgIfsp5XCXZ4De^Nx)pPpqJ9hNamaqp`dE#8oVM
z49K_It+91eQ=^~N^u){DpY>w!<De??V{{_*){)J33EyCn0;M(5;#)}@OS4HZ61>X)
z&vj+wPJFMQ&?n~UeRycg)%IB<$Ufg7rgW^btDRzxyi;pn069_GKS9sqaW<@ckC(p)
zqJW-GmowQG?w$hmr{5@&0!*VV<G72zphKTXL3#SC)>Z!#id)RO6AzskdLi_S@xWcs
z+BnBw<Slf#XNBS>PfdUoZ9~_e3xN|?ri7Wl^ADw4OI&JinrTH4qtR8zWv(uIY_k)*
zT^vtRsRlD&4e)JB@$pHt8FrqDRdoPp#{p>PzF)?kBes*zyBovl+mJ*1Qrt643zC7j
zDBG#$4V=M!Kj`Ux-?_IKjyAmv<_73vQt?zUI2XQc*8t7*f(FbJl|Qqw$NXw~Lriw(
zsG7j%vp941-hId3dY+$dInIx8IYT~TkVT!`cTz~IyYEr7fv;Uu8sBD3*Qb+gPckE#
zCS+HPTGvjXwcwB%>A8V1jV{$n=_WUp9{u)Bo`Z;_a4lA3qSHwZ)8%?Q*K2tK^U+P?
zd*{K#5^#1-r2vr)>Q3ThopZL!KIrK5MAP=_<(l*}B4B{?moJRpxgK#JkUF#PYq&mq
zSnYmFk^mexFo=H_+BTu3FA{_+eGIk&LgWz1xhVzVO3#LyL_pW`2BKnX++&~ce2Vwo
z-IVE?)5Gii)FXhTXKU;HE*PC>+T0qyupGFT(Miq`^UvznR+=_3&dA^i?T-)VKU<1H
z%lA-rRQk&rqK4~~hG*@Gawb-G6^h^**d3^}2QwI?Kkt`AVm%lf?tvDFw<wbDTeyh3
zF#>PC$B#xrW-&ca(`UX;4qOcy1_sQXFe$hP?BN_`YLcwK?~UkD?onm~Q|+y&b#dPd
zN7%ffnk{jEW!*0ex`%7SUR$KB{SnwdCPoYi^CG~wU%uw;W!xGsp{bTGVB$jJ7Kgr3
zJ2-(Na{AMRNeA@_U!e}wkg9bVz_=JzWFKqHtW0^MX*KMMqH)j7+mz;A1ou+9iH6)8
zK4ta}_^qpIya2yQz+h}y$5vVDcEOK%U9=77$d_j9)VEk?Ox5|=!LD<08CM{%eXB%M
z&^`I{HyZnu_P0m*Nsib%=+=@U0NFD~loBev#i8HE#rHUxEL7l*$oG`s^*z(>MSzIc
z)A^OZ{e68aBQsfIALkLxe-8|01JlwJjzkmMRi_6h0Gyldn!ws5ob4}W5!f)9Yg993
zo)c~#;E(Y%gX;C9LUnBpGy!G3Kd)H7jG6W*HF=lQ$>{a?RnViDx8{n^#mT(FQlz4z
z)n<$!<rW->To06h>k4pF*$=Q?QBxfLP(6Fbs=Ys*JwcfL7Gg<G8USwk=tdb-v1qd4
z+IzaTB>O#R?Bym9@CTzenOz2Sqtf%I)h=vh&eF<SOP+GOgSykfjoYJd_&fdQ<?G<=
z`#$8A&%Q)(iJ^esD@nSHFSN<(>U-q!>;h;9`C#Bp9N<tz5{sv@0f$msh6MIRV)>|i
zKSr#xh^HnOuZ5T5f^s;;J6T;YsWNk|Kuj!rb`b}P!QBw<{q#xi!!hag+3`+!@@Yb^
z<=JmhxU-LU!+?DUMtdeLbZ~olNVepGuDhDP3uSpSVXNYI-@4z@cK+0@%cVoBtRSMV
ze9d<sm$_vnY)LF6@5^d362XVmxKwSh>Vh)bYQhhrAeN|_4<tKWvDs6?fm!Fd@;tpi
z+Lb8ju@MI&^v6a=X4Sk_Y8a2OC6WE`<*73f-a{|g*?=;qVr`sbQ81dD+F6rP5m(u=
z`uc1=uA3jzev=cmk;5#uFv&#bL5c`=xTiE#N9si#Tk7}xmj?7udU?O*jBpNCLVPGk
z5T->`c*8*_?y0D$A5-+vUgub+bOmv_4#L0K0aj_Xqy>cj2Fa49U*1hV$GgY=Ls1Bw
zJRA~KndyxIP?}Jp*=SJV=W&85x5x~KdAb8PU5BPeco}W?=fTes$C(n#nAaY7=sI*U
zF(wR@Gf;giRT{83GaYEGVks{I2sF`f*IMD{Q1lLk{gj8j_ZBABhW0TOOF@4xj@h+&
zcOCgU82DHh6RNU?dx#P~g^`w-z#t&#VARZ#He0U*vZfezDbV$b&dCfGd*+b+$#n=8
z7Vosjw=U8nRS5%Xfu|Uflo2jgtRP*a-K6>R+xM$L#}Da}UjC{k=))>p#A86mnKwGJ
z4gN;;++vX=w}y|k%q;x&6*9+#!JaYbys$zK3fk)I>KXzK-*&fqz>>H7Af5l1onP@L
zcA)?(pjXudJ=#bAOU_eDvFc0l3lF(^_O|Jb?;OHOicqpWe<I86xfF0;CjiQ8xOEws
z{jdNJtUpc&wnYKfl?ssU_`pudchYzN<L1hh;s#52_a@LkZ}`NWk@HwTv1k7`yK6xG
zH`!tvu;4pPZOR1dy$BOwkrJT2DPEmOX3Zoz=qtKen7-{ISZwai3^^q(%5pxn^!J8@
zbR_}^$_;o_Z0qYUpRo-?zAXO?E3f0_Q_Y^reu8kvSwaTY76Q~CWW~dCZ|9FqfWP9B
zoy`mTsw#LA!xK9@CE;})Uneql;^Dq)(5bd!zD)b<dj=n@9IjdJ$9`7yaC%tnQW8@g
zfEbO<>l}FU!dQ~hU$5o|uj=<}&{+AcmzK(?@DIbme(ABUZ4#sIU#1R~I3lN=@nZ#9
zKt?r6dPy5ei4Vh6RF)l7mOdTrArN9Xa_uxr!5H4@0GnWCOfz&u0nFRgCy)w*HY8t(
z`fi53U06(_xu9uWm}9@w5CX8;t4xfs2Sm~pS=WIdjv(?*$&7Hn0`J;ckhIKvm9vnO
zhrzabrVbKZ|A?T&kh~?EzA)qydN;PQTX?Mn2ypGK3Fl9G^{*B$S~^#H83_<ps6$_4
z)0AcmRGG`!U6&I~sntZWrHB}|##Q%3mlo3`JNAuW#)sYfpfVzC%+E1l#Y8Ml8Cj-Q
zdqi-`Y6pX7Y0SUI{RL$*ymX?#rreBY=`)mMJiuceS9$~7Dd(5g9Nwy?TXj74v)OAX
zD(*;7HjjwT{ZysM`V6xrS!#?kYl_m3j!I&VO;7?CpY|-<qO|~W=)9$^$i{m4gP@te
zU0_(8YObt`_@mx3w0jWARR**X2i<VIE_w=GZJ`L$A-AL1AuFKlS7<NewTDbW{jQQ%
zB@^Af;}J2?;>7v4jn0~5k2c-VvNc<-IjW^A8wH0e6<jIa;jSUq7~<#n_V!IEcEBlj
z9OW0`-{})Y)deMc>P#lPszRvBjp9mVd1KhlZ6iIvFe4SRx>-9brAMQjRpa$7;`8=I
zVSrt_4<{$xUk@2kSwA^bJRJ1wBv8~3?|3GtLI8Uh(M80*v$<FggJ~RPcTHMvedDHG
zm@fJymh|BH8Bgt?2^3<y$KCGkwVDwRxu5~S8?s)j<-Dm`dj?CMy_fV}C$#xbAIX>n
z*v>3T6-{*XhYefo${Vql*Odb+NJczFX!j$LFA?4H-#;W9qhNd$;c0U=KYeWM@+`g~
zO=qO*r=fI`9iQ<t4~h9^H$x~zb=FYbM!OH~2HPqv%M5Rds<CQ0W<+)ZOkQl}`kNTb
z%?rxK0~yhTrh1oklQ?TS3Zz|RAjfbSH_oL}=V5h2Hs}B*piE&B-opd6dP>eCS9n%L
zOI5qNBx%gswR`>59Sriy=_Hh!@^golarbk&7#`0M>)7rXq5J5ZG1Zp0I1Z!G=x)};
zgYE>)JIZ;&LuzF=q8_)v>PQbJ(?+v{t9$N$nJedfU~sfs;$Xjl$_v!B&lITE&!LyN
zRTtoLxd#7cZ=a|SNGdcSDw@J`rX!OJR|DTKsziakhhc^tp!U9flI@w5&=;*aftU>2
zfx-iWmPw%BC4`xM>Wd`w73MVfm6AyfD$a)gDZZGFXCNSeKW7kS7p@mlV@oQgvi2N2
zkV0bT#E<f`gV+UOLnD2U#^%dmQ)NseSQ&ywV<#)$1m15#=|eMWg_o~Cgjwy|m;CuL
zC-M)Sivpw#1vqX39mdXz+o@9(fWRESDGXOoXOTkzJB&GKF}Ry5rG1XgsS4(CB^5Vf
zTq}89nP|D!LoLFaY_DB~$t$q_h<7)-P$c$8XMB$3_3Gj+>ibX|3U2l|D68<`e;2(5
zP7M~cksP_Y9!~rU2gUv**9IaAGQWciZ6!zj#e5sEYqN5<`Y^ImcxU@7F~~?-F>2Fr
zcn78GyUKxSu}Rr?$vp1l*(pK%;r>6G&^ZH``xWO|Ox>23or}wK=%fY$L_J#ct|ofa
zQJw8orrPj$)UR@WIk|K&<>?k+v*okiXYgk4MPkA!7VftA?{`efy1HqKTJ#SxEv@70
zm=}SH;Hi^u<P4~afEx@J*+j6mm&Bd`%CH`1m0o6zW(3IsrW0wgH=Wun2MstF5(1sE
zydRde%l0ZpR5NwMOVRjA#xC5H_Y<E<Ga!%t7l6PoW>6suK0_+`9j>Njk7nm_y(3xX
zaiJXByyqVhmM_utG!)IZwmE#>Er9U`3L8uvgMW&tpu54gVx3?@!^WjCl%{P=7MVF@
z0KmYcWI0{Rz4%$jzjeakbh(_l$p#5k>s!^8!`^xOwkmJ;Sqi<W-HnsbtgU-@nsPGM
zTFJ}I@fX6HWdj}<r-Wq#*v~$;Q*3>6Dzl3LGq~r6%*!KrIU6!GRIKYo@)oAB&ps-7
zSCfg@wX+UbPOUEaEp_389D8N{7K2mamx8#Jt)k~29DbefzYawp$5;PGQ0<TS%#@TC
zx4AKg3)TAy#N##tu>XdI(WEg9&979WItr+&Hp&SgLip^%k1+9W)LU$AiRlhsV2LGn
zBRvmWC7p+;doq~z6SBd6_2k$dq`4hb$&ZEzQ;pyT$u?<^o0wEdjjl}diiYr*E25+k
zFp`~JENGBpFzqh3*7g@9)zb1kE*$q#hgNb3xB^v%rHLk`Pk>IkDJTktaO(Gv3h3jJ
zm!FUamPZ6=!iSKUdC03jzEKPNZ;JlA^SQzOCjEfvM_RX#EZr35ofOQ#;)sI4FW?~-
zBTY_R?;6mO&6#UB@|$%IOX{iPO54G=(_{}HkHxGY`*Mr17AF>3JZJUXa+<nOCYq%R
zwTIvLB-?W_xTJNx=$0pa;!Y#C@H%g+;tA=A?SrR|6|RKDhrT|^^NdazibXMt;~FyD
zEnUY05@&(CCbGsQ#Ak+%aV2y=R~(p)<=UATTYmO2G1!n_j0LE?fa_V0C;#$Eyy-q{
z=2{QNpoNWrqu$C_k%Z~^A2AaP(T}ItewC;b7}xN4r!~k*n7Jt7erl3DE|u-!beQ>L
zo4>j?pk0uRa(&P7&RnaZLZ9H1)XUk?Ru}sYV)HX)An%(w{zPqcFxejVJ=fuh+GyY8
z$s#a>4>vArf+^hilne4rMjy+HX@9KsG@H(LIb?Exki$Iorh&&aEV2ec1{Pj?Aipm{
z!^E_IIJ4`}0m4sz<aXUqGQEs4U+!ra%mk|$6f`YuRWa;&RlqX$J6$H*PNzvFIZ
z+=ClGwRRyyM3eUaQvp9d)C!EldGO3tK_Jw86PnG*!RbbPQD`$t>7@Ootx6wULZ(x*
z097DhDS@bN153Lm9MER!z}mPDB1<B3e>=Q&X7VsH+6+}!pf}DUWls>miJm0;fplJ3
znSVmIKK`mnK<_AJ^krkoPVQMEshk30e77l#OS%oI|9mPRZWqhkM00U!nqCY?rx4Z^
ztr`$}KM^2*c?$_UrS8T!Jr0!*wt4xTUt6#K(=Boz?P`=35n!R>Hp;cnfyAXdiEfN~
zT={%Z*&g(|UP1v=!%dQSRM|<KAmOqY45LZ?zcATB!gvsDed+n|pj=-}IUXv&@U_oK
zC7D!l?^y;i<J>q~)JGf-JoaS@{VBqNt=VF<C~fG!bj#%PvE7JdneTTLKL+%ZU)o~S
z-sT!g?Z^|qkG4|x1V%{D45N)V559-hyAj5uiZOjm;NP{Xs7gB%-wADuYhDU=#snXU
zWO@eBPb@_?qm~dlI4%BDzWQT;TCJ8+^ak-d1gvfEVns$}dE42RdPm__GLl^*EiN|O
zua6A_1_g>|HZHY}S5A&6iZ(Cge|$+65VEvnhAmY1FA02lZ8MG?E*kjbKv)Nj+lVt^
z<#NY@ND#`pN<jvK4f)E55)1j}JxJrzk<ks@Kj}JCg$S^;V#y|oE}nruJu9x#@bD?t
z`od+R#c&L(><<eHYC1Y-eQLM(Jt`!+3#nIF!3mm#l~JM6c}C3LIxgIHZ#-YeSIoyx
zoHS<-FP1ZsPW8E-8r{`R_bc*!z}^XeW%7JmfM{xC2kX?02y@hBL<7V##||VswA4xL
z_xvZ%c>OY_=~f~BWd*9^1KT|XB<;`pAi=nw6XXLU{iyblt>lli5%5E)oRJDmd2G7Z
zEe|S*z~McrUK_-}IECTp`DzY?PSh9+xX<0>nDsolb&YLa{rWbIbNk#M8L}iQEjQ6R
z)nPLkW}gO~$pMi4H2os1@;XTw05|hv<dR_^_3J2MrC?Xs)r^Y2-$-<MXF3-)$g|#;
zFl*BS>6;CH47ToR$ke{V+S=9m79cAJ*)Ir)HKveP-I`_@iTqh%xRbf|bxrDz%VQ|8
z8560;o4n`xcc;yx0cRLR0+3!X=t=c&z&}j>D)#t(*^f`ejgof{$Oln~Z2P4#Or~8T
zI*y{)hWwgC>!SXt@^h_5!Pg&%>?Bv$T~<xl7f&R%5Q&W$GmGe`>%-cE{O*1?!CytS
zAT^SD<9p}*@C}L*2^PBBnTGWCd0uEq>VXm#?l_;Nv-c<6d|_M<K`YoNBMyaqgC2X>
zcqzel3C~(r26!A?g-1+nj~Pln+P$x~Zy~x&ADC$pM<$BwLgI(uWK@lAH@IoZQT|ub
z(1zeQ8BBKJ@H!ubfMbbZn?&N;rVun|<!EfowD%h=lk+J<qB7OJhu)#9Tg(I857JFb
zmeW40T!zd)YkRwQp1zCiBbNL6b1SQ5nosq|#Qi2VltR!u1e&V1(RfSFCG}-TFZopG
zt(Gub%@~0g(4_4)X?HtUf@o_QzuH#Q>s2khHm4!^ao~t$<_&n{%Mp5iuv|LOi~#D0
zg6UL&nGZvO1<|>68Pv0eDDIkj8KG|>FBE7qXYU#sXWua=;gRxNV*-RG=KnGPHpq&I
zdsS(({B<LEBr2NklL&oxlLpM#*=3`mx`Akc#5~~s2ZHYun?5c^B<V>?)zr!D@{8rX
z>h#{YjEZa9*jKg|tMT^4PCZb+ZL(Fuxlq!H^CPBR`>R$`$42894{j@$${Lo{LhK+#
z64QR#DWup{qlvDI%lkgLJTJdf!V$P<8H3zKp;X64pE{d6+REAzE$NXNz85i9V5b<h
z93xqqKyzf$>`8eiuKN`#O5+H2n36-p{gus$)HpW&=>={c9U^-O<#+S_KN<lR91z3=
zPQIb`uVDf4CSdZsAL3hNP`%DHaU)j!=kAeXGE=I`Du3cYLIUUeVgLd{csYrlP_y9V
zkA)kT40@jSuJw6WdtJE55lK)B*j0sNwk_YU-6Wv25tx$$Jg^hpMP3j1I_Q1rN=KFe
zV=Dw!(CgXYf>k7aFbuK)b?GX*yG3hkPtbW7@eOEC4!euA5by+2CQT8_tZ{1qb*EcV
zMI9i%N)WZX=4PI2sV`Xzm76~+ap)-RXxg?99wekn*60Htyq6<eo~8fp%!@NCl^(%I
z&1U^WlKrM!jv$)TFRw|YzZY-$h#3ALr-{nW`D?istypna2uH-kaNQcC_R)DEtJkra
zL(V$hJlS{B6l=veBvxPlljr$-e0<8VcqUYtDd~z}<sR7orX~n_a~T6QlU8bT>8rfj
z6?fk|d4)ydnwcaH`7cR*>Rg=<BR$uh55?JwT~zqFzm&x)97sIj7My#5+0oQShI7M8
zXD%bcS5uwYkeQ&8?Md98txFxWON%-@mO&*ALjGF#l(bMd+XtYb@>8h7tH`m|YuvVJ
z>6*c+j<)LZrIw|e<p)_U|9sYzj@OobbiRrjOh?+k866AFk6iZKVes1?c(YNsrJOX(
zLS3nh6s};^wkeGw)o2u*Q#+v*#;+lAX=v-@3bskV<KUrM6YJ86|CS(7$gf$O?(TH>
zU5V=L8XppLeM^~mlABO%<tpt6gSyOYXbTm8JuST6^;3*(o<Akkoo<wYh$6r*J{>$0
z{jQaJVNKY-%}a%L#u=55@D+pM_>XU!atxSOdZZBDW2M~pqgO*a`j8StE(c^x+h5j^
zHyrvE?tMo81OV3+il$`Z&BSCVc{`zzQhv9+{}E<%M+y))-564ElD^+%Zq}z&qrg>0
zu@`792B&%3r1OtDF;#mTKu~f{g^?t6<=*`HG%P|arCRsows<N{eKfaYH#=Gu9pt*#
z9ZRfG0+R_3?;vty6e1|vg(te<J)G@j4l%Yokq0OLY6<!7cqE`nU$yamFIE>XpXvvf
zeJA<mDv|eZhsF>2D!8d{Y@B_Rd*Rkh6})%i+YT4CCE<o!PJn_IT{MORhfQw3Fft_7
z#*XzM@;{f8ws<?8P9~(_+g}sr3-R;nPeg-%QKuYbn)RBwTl@KgV*LkmW0i#et!)>G
z^&Ms~-`a>e4($PM9eJ+k+HKZsX>K>S5AkyeZ;RXdTB@g1zjcop=gUB8!nE%f3lrMI
zwyxO8$@ZkBOZ?=)H4EhFwK<d)1`Vtz*W3y&iUl{IHkg?`^=lf2-s40{ug&s^=|!9)
z0?jiAo_VPuAH~c?H(SQz{nPl3CsQgj#fk0|-?Yk9r}R^f-DsT+hFNHlKE;MD{+a=R
zl9>CUgLHW1;WA9P+BPp#k9P5)^EY;a2;z|i{|x|Jj9}T3S7!I{YjN?DE~{tXm$WL>
zYy;52>Q-GYtxJ{8m@cA5qAZ!&X?$E~_h-4?P;jNYI~pS*#qR9Xt$o0l;1@J?pCs4q
zL7M*6c0K09s>zRM8#+O_mWbu%j>Gf)JL!<`>EYVINBI7wmqN1DD+7VHxkJAhEnUoC
z*Hb+5Ds*~_@@g{q+X42!g%Cw>ovTKBk1a7A+tITIw7uaAx{K||#+YhW+_Zilp0-ty
zfJwWY!{^g}wI2g$kdOTA4({Alz2%Z%&8O*I-F=&VLlMqSZ#zU2lJF{i4Rs2piH-c1
z>E8AeI8HhKnOi%iTdP|FWql1zK5WctR}RR;mJb5<b*GBHr9+jmbx$LhpB2}mX~;+`
zQoR+`m7r1I%oO#&sU;j1-OSV|r0q-EO5ruGh54-%M!g>O{yd23yK2qT6)S9Sn|s8p
z>i)PqK>vEhGO$jy1$4)uS9B+l$JWxVSaL}%-E=Yuciy6SW$e+iadT+Q90;elwo^5r
zGP!20uA;s77;0xh2zq>URFvC(L41mpZ&S?8Hjs;@uPm8aN$Pan?<lZntBTD1P?5#Y
z`Ij4yMTppGMU$MG@p|3Um#Rk|2gkUcJq6uzf+BJdz$(4Ob2tvyw!As>%2YYAz(SoS
zeUHTHvP|a81mUV*$J1!7BGmZ@Ur;x2?g=@`wV%W1#$}Mzbhk-3rr)eE2tptyy-<_j
z8+g>r)}%s-z~x9fk~Z89(c|}Wc%~UzVbRB$xV`LLEe(SsH#&(HW}%mk!qLSl+*2@9
z*f*8a*Y~v?t%r^*yCMB>uE!iWs(v?><M7kR9>qo%)aUf6dR>&!<`x`IYSM11OsUDO
z|3|3dcPP-kj~up}*9reXm^^22(k2U(eP}+-lyJbh!62iowqB&8r0@DNB-PoSdWB5B
zx$!%jw!5}lyBn)n6?*hfulhxxT_&%U<9mPCL!h+}GncELL)mE2!FnjrH|#TDEL|lM
z48epq_(H2z^tCkU`81^~Mb~(!;YAPU9DnG5*o8-i{+G!#wb4+F)qEU)%ZxLwfvMVI
zH+tLv?y^`YCu9(%Gg5s;0*qW5^nBx`HuvfKe$g^=l~0-myV*&We4IVO{z9df*MlY;
zdCqRcpyT1q7M&Hths6V6sU57iNB*}UVPOC%=B^w+@UH#phJ43r>PJL!O7+tnpU9Ny
z69?myNkr?6`O#q7HFKFMsWMmCK^qA$4dGebHM?j{0mlQ`OZ3$*t(U3PL#y@97K6<s
z9$WD>gR6#K_@NMEvO2E4Sk(Ud>f_DXob|PUNc}x0;JOpHV6&Bv?cptuX@AX^muq}V
zoA=g1f18}2&t37W><lHOxNnC=zsT-|dMM&JBY)0yN)t2F2w-*&hXtv+;haA_skU5P
z#GhN|exC4hmV$Jj5qWSG;3RwsG#a$sxv_cT%@CL3#SV<$$erU=|KlJ0LSKyl(7W&W
zy8Nc;E`*R9AO-xE&0Uc&5foNhil{H%X2=vqpHWUWOImK`rqM1AC_-r7kV88kjmBMO
z;CrUw3IlN93^vTX>?gqPJ6>$?KRJepN45t5Bc}aWGR^-kSk@M;!aJP|z6u^QU$&IO
z@!u~IvND<tsdROIrWbY#=QCCtH#%?<{Yt5HZfwm?Hn`d3Qg8PCnE_qThtbSO+DXiU
z=$wdOu|FrgPidIc$<EvcMvv39lhhL1+IWBmArFrjmkSnXLYD0RW@2X``5E#UmWR70
z1X>aB@6pW`As}v@&&r<mSws9}`VPa1(5t6T9g&-3Py^suu=x|W;T+8%6GB6CsH&@y
zRcCTP;%uvRSNkP1&dE&OUes`rp*!I_P2Me>%|4tfK70$)e3%EQx#u2~>M4IKAFm0w
zKizMER`%HAZ@3KmwuI0gLcL{a)y}ctM*LP&{?2aCg?9=&w(=Ou^6&u7a{btUxRRBl
zD-;~G@zt|O;SEqp9i6p)2g`6O%;P1BZOIYOt8uHoE$4{{=gAQvdh-5Q9Vo$!Usn4x
zc3cm6eMJ@#JUwQ|Pfr>5^7RcXKFm&6lKkha_{|7{C~WxK@4fER!}H06iE>(G-R&F(
zPkL&??8s}AcuGc=7mN><T0Z682_XcY9|!(TG}@Y8dT6X&uz-~CN1*{$sP*AgX1dqr
zTFsFW-{GdbvOHA+QM2>YMLSZb^YVOoeu=Wqi}Bh%!k>>9JzW{O&z+RIEG)G;50;P>
zghpI9qLpk*wDJPRB$wJV1%D7Hg?FODLWW9RJ$l91CpC1qV8*~`k7Q?8c}z`hdg;xj
zl1dA@z3#zsOvDZp2eqL+_*i7V)5%*e**PdFihq8?<pQYYy-D6d?eij%6TBozmgxbY
zk7F&8{Q-%I37D81k{_}MdJi5M!lHY{Fj^pKsG_p`=4T9C&>Ho-aocf;pUne5*IRH@
z6n6yF*6ExvkEVQn+ZrC;7X5h(j3N()l#h(MDzS6~9IYPXCj2LpN-2~M@Mcpty1smt
zMK)IQSGVv#OZ(HydLO+91_n$VPWMc?ie{>havQ|sWb55#US=;@q`6MvZC+Ic?UzjE
z7-tWBHdy7=*}F>0dMdg|^(sU5Q^qN-e7?COm@y0EpLm)(9Hbn{Sy0(P{x?D-sQbsr
zmHqu;@uzi<Z92i9>O3dwl4r=jkzoqWj^ZS<rrw8kIzLncvxZo8cY`*4o)wzJRm+xe
zhgyM^_g)`f&P&h>v+lt7?j7~DU)#deE<x$(@pGuCoZZ8|k3RD4umvX5^98RGm7(1_
z8xJG=rHCv3hf@SyuC$5BLmTa?oCDBqsa(?gP+Ot4{xoZpAAmdYzon=cc3~Mw3*C%y
zHTbnZ$Ej_wF<frXXRSh3!j6nF*IO6}a`hg?-N|+8rKndn-+)j#w1D)l?*$+mP(6a4
zLBZQ{Ts~YaLm>CmzBw5Gq?&9bq~Ysv15szM;(;z>^7Eg4$B0rwu<DP3=ENcx3~s&a
z$0hBNiTrBQuwiX2EMKo_Y<!On&hD#Z7yt(sO3OE(u|v0@7|dy$CZ4i&3Ou(UR8Qd(
zNS0NnwvED4q=)g68S2uT-7oYN?61IQUbC!_h;wP+Vs1H`2MDr=uZu-IE6-FHyg&ll
ztPZCuXFKCBd=D=7uPJG}+boZV7ucjZ4O&<(8m>#zu?XFp2G5b#?>X&-r7}J~*+!O9
z9_5;QlfQ#mjGnf>76uBOAPV*=VwNePNvW6d{%((~d&rCHS(4l_(|Rqna~F8k<Ni0j
z77_S5-tDTt8$ERuG$F`w(BhepOAVO}jIZ#5>OIxXTC;kgV>KWDon*dRX<|nf`&O5{
zA>r@;SlmOX_I#cQSW7_H<>0s90lDLJahV#z>Gbkp@cBHZ0M5~7WtsM{^8Y?Gt^Ch|
zq(u3%N_N`hJ>2i*-P>ln>KUG%e7r6b&X(?Zh}+I>g2>hg3QcE1QyE1Ne+rmR_ofr$
zoOjErnzcvf{kE~Z5n<wkY&A(J68sB~2E{->uALx$VTj?`1cU;MseB{4v~#zp?e=5M
z!|Z!JbL`LL{A$wP*aX>*gd?xVr$dLsKGh5&Yx<XZwtrBgYFMQ1>X{Z7vDdZDDF-AZ
zG$Qpt{RyK4rNwO&W^M6HaPZc&kp>}G4Wh`iyU=m^-mEYYeeU6co_TYU{H*fD0)3`Q
z7b<3H^7Bbhwm~QV=W$te(Dye(vCnP_NM-{lh7S?M3`D2l=}EZAaov{djVcJxNqMIL
z!>*K0&ui3Et@dA_`bGyzL7qm<3)hr`5<hrxq$4LY_O<QaqGIXa%h2TtI^TEig!6Kb
zX#hCi+Tn3EWW_{~v(`Zv!69Jfme0ph-q2<u;z<1=_N2sF1%&EnZh@rsa9D4&E|kN|
zybC1G&vWwapMDUqnw)=+UH*w$K^)8-a*#M=rRrVEuBiyMpv$$k1!XZOAv!nzTL3*$
zxftnli!r;9(6w>H?FzkjKSOR^v8x+tr2aE82Mfkj=D-=gia1NZu4SItY{+yAXZ(Y{
zt?3KBBPaN4!Z7&#;$#egre}lu2;)7nn|0_%JfYpP_v_zG%ocX4D=kkpSAj3*;GyS)
z9<|Q<fjRojE(oHnKVzE~3_<w)UDa<v<EcW7%+L-`NL6|hC-V1>n*i2{G_D1W>*q?J
zkKGmitmz37gJx?K`5+F#69O$tU(yyCI8>G!!KY07bn@6MthKhQJiDk!?62BWS!q_^
zS&#og0YqRBzAHFc4)4ZOn|gd=0hrf}Y&C<9q*YX7$j7X<B}WBX$3mGdqCp(Qt-B<|
zeLn0v4sbpn>n(YzqFv`MAv=GpdF=NA-8SZogZpMsW?BS1X2Ee_9E?l;g;Nbf`?5N1
zo|miZ+a+BeL1UF4rCqY04eyyJRrI<oE<q|Np2eB!m%XhwG=YU;Vn7`=h)mLQJYUwv
zw>e8FrGTfFrH3b!m-mnk@ivcj+Cr4Tu4eW@)9%S+;HEXtF#easKXg2R-2hIPTN3{|
zb?^}2g7_nPWZSDcL>}uX0tO{;1lD(23RWQgvc%ILeM}@-Q_K}eNsjNm`%|1sgJBHB
znYPbj3LyV{jBa=_eWtPvX{DL06LbFa=mxjs#;`j!@5}gr*UiG75|Oj_%)*+a&{wvE
z2KYsX&(q#@VO#NcimAGE=sz5wyj%hx796XRDGq#9?Vqp1AcVcrkBJ{&%-iN3&Lb7H
zhzgRV#0d++SEcwM+-CVp2z@q{EBo!@lOE&s?gAq^-gX8(pHr;}jpwl9cnx95U}uI7
za5#D?FFaM5ZnRG>J8~aO=z~Oe2`JEt{7*g?8PX`ASsrUf9&NRw!!|=u^XhIhtj%$v
zA^oWqEAWf23-$LGge(k6O`mAsLE}^OrF%(CK65Qa7hkDZSbr-t;5sD!y{EE@W<O;z
zZapu=e9gE}TpPtmC{P$PVnC9xdA%uX&g0t+*Eh03m7TN7XXz%xxpdty!zN`t+p@yB
zxlWlI6Ow%xe0hKP=Va>$kb_HQhra!9764t&h75^`Bju<3?RYyEn&n8=etu__Rr=Y4
zIYpa9!Ojm(jz!W?so|x-LPa0_`~7bQzVw6|vG~g!ThRrz@?EBjeE1Z<T>Wv5pHYnO
z)X`5KJZ$lLD}+L&a~*(Py@MAc1Co6@X9tOUSC&j{*7k*nxe7^X&RA^YI^dVEiYjSE
z1>xrKz!rZSNjp?e{O4jUk%}@!N7Da_%i!*iqn8osRY)(tfp0@5+}#~8lu>HN{WR*9
zoy;H;aWm1OCmW%ovjv8|0M8U@<03pF%v*h}HPH0J!fvbN!VI?u!_oQoBhsslul)y$
zsg~sT<>Q0BlhLKOAb)c;l=@6pdo}-A>xdx&7??EJqJxq=he$7#5%^Bx<=05Q#F{c#
z*pR6gqRJxVy&>d;CfNLa&???U_4iLbJj`ePB<J7F@7EKikPm!v+Im8|WX<~%ArqQZ
z)Y~yQ?~Q#mIkv<+Qz%6kjG13WJ?z>#nOT!Ec%2H~q25aW1&RbNkiNNn+_4!_UON?6
zEpNrSq~Ga^f#*6tc^mA$(MqOIYB+4aDjXB!H2-j6Y%A5-74KaQHt9<A<ayQbem0Mq
zp9fUfo3r)WW2gG5Z^c^b@5HD6F9%%j9+RX@M$)AdHp+H|il)SbgSo2+KcIwYb}@eI
z&`_mht!iIJa$@l*-YhN8U3w<B%O0V{FM^S-#Y$AX6JMB8{b54QqQ}`Y_sS2>Y44X}
zk{i#JP!HvR#TNrB!(bG-dV!$;wD%X!$d;!Vf0qoey_BfFnv-wGjSXdRIcHnMip>AQ
zw2UAh2sCbkm7jZ6cy7-_2uBX!*8ugL7G;#i6$T96xX|`(gniwzAk3k{RC_uSdTnUg
zL-}`NGncMyTc3AU@kKUX{t&SoMEz>$n{1M;(C-koLPy|R3>{*IIklv!U$ol`#fK35
z@!VK<!Q!AVzD_;R_A;{gz0U<ih>ZqnKz{8GsI0I1FU{>{E&S{VgsP$^q(4KeL>7t<
zKn~KVS6hI~kcc(b?P#rzo&@`f@IGFhQ@OH*<^GHI-wy7g(6(e8ieB3%aMRB>C$%Q>
zaPk@qRks2W9Ixmtwgrog7Ft=WcXJAx!-Jg^w<@dMqa$&=H}?iBd+9Cxqz!oQKD5As
zmzTWkIpr27uOAM_1rVaXQp4EwMr`tEc~etyH1Tn?sf@q0h>W;!&E!P$CeeEYM<9E|
zp~Fy28wyxnKYj%$%NjwzI|u824sO$Pf?px}{;r%kDZKv&ZS*r0%Qm^5-+6v0`0}_y
zc>*JJ#rDq>`n~;4f2#$MjbVfyes&_RJ`rJ-{6_CdzENZX4l-i70DxUqf2{9R6iu|z
zg6x@HNxt@-Od;qz*OBJ>F2Wwx%B!X;|2kYtRGGrJ|67G|h&TfGh$g^&oG2^?&Ck}S
zU~;&e7aTR}_Mzvp?n9{{ANs#JM&!iP&|EV&q@O4*ybj03rNiZwAk4bo?oPlz=-Y_R
z8qlVDEeM5$zq}ZavA;n2U$Z?Q;E%U7Sq;F8l**{gTPDJQWMW!hg*g{KL9B1oPP|#{
z$`*5Roc1x(A{v?+2KktHP2cZ6Kg+m#A>TA@3YPvm3a10HyT#di=3!@2;?@6;K)1%#
zB)1!_QCO|LsG_s%=AD=5Schi3VS-OV)=$4Qr0=`qgzI$IFG56YH-Zi1o6m)oI%3A6
zF%NM}2w0c$@v=~>Wd1Q0w1Oj={(Ix?>3EaZ*DWNnnPqwz^!PTx_|82QC#*tH3c~L?
zw3|+(+xW<2&)eDiGU*A|eY`6bQ+(6Y#Mae!H23<}EM)t3r$$cXZuh!3mw)#~$nagH
zc4ti(x}5qOv#p|jpHSd53R)AmlC^$w=gL_4UCIDTido#3Jd&T17j@o7jqh`U-WDm_
z$SRDWi1ptg8q5UK><nuuk=}Pp`0nq|d{E<!dEj^h4Y7fJYFF&<Js<q}vp1#~IS&Qj
zqjMexx+pEXZf|>>#E<Ur^;&P|!G@&tx1bxl$wZFpnZ`?GNhJmeqcE31#*0Ig#|ukP
zp!miC?KBUUK1Xk4!7KP-I2n$;KmH%MO@;`C_qSEN3L1aS=NWygGHuB<i5#BCDo(Qh
zYW@>7)&b7M=kZ}H3%*It%X|O(YQ)Ve<@4QD3rdgl3q`yx=?qH;O!4O{X{79NP&dno
zBCxH<9;e}eKrqHsuMI69`4FPxe<J<eZ6VH0VAD`jaQKedFXK-)blg;7ReKVkBn#%5
z6Mgkuy;J;m@@q4y6TF-jBW0*!bxV|wqP4-~WxQ?vMKSGvJ}zx1ccD`_$f0xKm-qAf
zI}{_BzZnT&zu(`4hr_8Ct`muIkED(1>+50z(o=iMYx~V{>|XGSK*Fy>AeSO0)?}pC
zMEbFg-DK{3gXAsNdh?R}?f2fqm^9zYhJ5>EWrpl7M-58TQU7nl0aD$u$T^%b`@A$R
z(HJ6iL1Yp^#Ex<OSK6y|Zbw0V2}A;DU*_&BsXp$5M8{4Sz?IJ=??6>q$MpMeKO7B>
zt5*b#OIq0ODn2JwanH%KUH4Lz_GgMhtvKE)4msU@Smsq;Ugxwp(37oV{HlwR+BKl2
zvC&s30^jah=y^SktvJl_&sE;1H0;~Ugq2u(=ZfOe5qe<yi80;Lw5p)?t<n%c^X7%u
z<L=2~;b9k^>*J2rnOk$IzQnl$6k;@e@GjSim|Fc|yzbmf$v5RQz7@9#t**j0r&P&-
z^`vzg-_vu=U-?7LyUy(?<gp=H?=}Dk1gbp0doY8XyNE9GWAQAr`Rx<HQCvo#oj_7G
zAQ@p!dsQ7eXZFf$I;7*Hn#Y>15%xkNPfc9S_C@t;&~n4>VLAsiaDw(S33BrDgK*>T
zD2SPcRHf8Vhj;_K#?4tQIzk=Q3!(!>zRV!Jb$i>*(4ZXL=UZap=5y;8GLY~0^Jx^b
z>l_)}Pdrbz>{gmy#OLHlDEjkFQzcs(VR+|_KHXeG(kg}r=A**(38+9!=P|LpUjb$w
zhjt4Y2ca@FA*B+)Ah)4BGzn?Nb!~ch*5*DNkaFqG46VPUM~+U*UiU9-8dxLJf<CYE
zPu>Gu&$+{GxzYa~{pYJYgW<(J44VB}?6SVXdPiL$D-uf#_fS=>tUFG1mEO=$UFs(m
zmzQN}?7ZwlZ<E(mN5LdUDI*gQ=(L=-G8UKb=!+D!@=3-S<<%LMS3htD`uJ4)cv;Xc
zBRXn{D$7#YW#<3rX(qijlv-;zJJPHZp0pE}Tk0xAo|8^R6ae}bs{k5=k0v|G7&E<|
z7Bl!~P1lZC`<iLuibk0$)e03!Ne?~)bHFM_6tfok=x?U>#WKdj-KOD!;9=Y<XlMuF
z{79j{*F7X8@DK*>{xZdS6X(VJY7Bj9^l8ah$AP~qMP{%JC3#}?^=#|+)Z_T}k#|>P
znM>Lirz6;Zp8o<us|DFeM$h-q6O6yo$eS^F;@y^h3zGg~rFuoZ@JN9J-!`Pn$2~od
z`Sm<pvlOmkXDjiNflNTqrF^T}p*In6G#D9Zl$RxMmX7Hbn}HHP_Bj&h{v4-Ab=g%}
z=|(b5d9Gan=o1&6<+48a>AU)l6vJI@ZL@RnbQHQo6bKmXm#+TaWLQSt2g;Sl@y%ED
z)bBSqwX?Vg4q1(AByH{pPBZDzu!6nRVtaD3b!!s7kAXvoy+BJl#fIB0<VOJS_u8M8
zTyN%rd`q*(7g;Y~*H1cA%v2XR8+zNDJ!fcDK0&DXSF9J?{>Gm|h6*SkY%VC@G53*o
z-JM0OP0s)FrjsB9fg-5p0&z}@WYa!<TWz~?tG=iR6r#%(<Bt@}+niKIAn}%bIn6gc
zc*?!a8$1{`b-XMwlj~YWyn2CUjouu+O5rUR{eF=KR~5DIsmdA5=-AkXS?#W$FEi>q
z1Z`R)9uI0N_AO_F9pd&XQ)dg9GzsZ%xGj}RsdlF9r)>F!M+e6lm<G+XLh2DjN7_GW
zaZk+G5+Qxuh>%`ZCO`ZK$|fePlTDDmSB#Y`dos|i?Inrrsr|(aB*(fR&0>cOSaI0O
zp;GL3;u5gN)@p*k@H0Z!<->xTbM|u*Eo)HVIptsmmbWR*Z?&PUAB#|`5pmFdTK`!^
zQnp{WVDOzYmX=Okyea1ItNX@8^wKcv4U1jnFr%uHEmY8oZpsBbw+)Lego`*~@E=Jb
zJKr#_%~}fL7S#71((iyNcHF){P`*N3oUUSJ560ea5P$^((LK4*WQ$n>V^6AsQ5($F
zJ2Ovz35wPMtvYy*ZAw5TAkfp;V(of}qd!kwURL}X$>W#Ehz$NctaSSar(7lx>o{ar
zxX##_>!o;AG7_HTjQ@4P9*&nn+7rhB3)t&!Ftx3A<Z!Fi(8BKLn;wjc4Vom!_bLLy
zK;8~o>_|{ti4v?|CcNHSTa`{QH-0+^@k)^nH#HxO>P%D#=@NT5^1P0hFkeitW}S0;
zZmAy>CdaG#0|C3S;uM6+<sGgvV<QBwuJSp*jwb|Ak*XDpTG`x652<d>-+A)UpNWap
zgCbb3WSn;0az7}qEX|0&XmX$KLjr@@(rjaW#J!%OB#C<;<v=!FI_Zcf36?4xNvbw!
zW>7Efs<b+uW^#EkVw!KfQu0>d=Mo-i^30Z{6*asp)wTwmdE0@4Vl!7{v=q@Hct3iy
zc8ttk*s3)nY3M2N?yH@<M}?{>`(QbK^3<m@$VjV$yXDOEZMHP&AF#T8FkbrXeSRpL
zHEc0XIq?!Ob2o*hgiet{i+ulPwzAy|R_s}u{N8k5m%&@D&RI}0*pYnsE32qg7ZH{|
zds`aq4Hs&cnyqNj9fKkl{lf@dT{Yh(@_v57%n50lO22499El<=C7DjjMf{|LUEmx3
zuf4Z=YlC~Dg$spJpcE@mq`0(b3&kzPi@RHKcXtYu;_mM5u0dMd3WVSeL4!-MeBphb
z^PRuo-2HNq%RJe8&#YN9v-WKFhj|KN=h~ahaP`OdxF$Cdb(pdsTIn=}T1}_o#~~!P
zU{CngJ$W;046wxV{@+WKoupeVIyr=|`5;%X)*XWG@gVpof~R{c*b8o}st^&-zyL6!
z)#tvvlckKmm(A~@NG5IoO~?g0l^r-DL-na#0^ws;0#*cRX5(MjIoS?eH`&la;q<n9
z#WugIF(ngxsr7HDNTu%x&SpEO>E-5vG_Y$VB^N3R@NdY|<Kj^v9Q7$LcttYE9OW@{
zh<F`EIL0h5x(B%h`TPdF6kN9U?;~1J8Cg^c5hsb$s)wXuKkwx>nUv55_gt4FUCTu+
zdAZORyK8}ep180p7)+X20)S}-B`}*fNtWDk<Xc`O1WIiad*+?CKk5Z((aBUWBO=Af
zy0xc!`N7C9x!%d4Gk#!-w7J?>ejVlR<nt=&VYOjkdc`y)=Z+JvmNN9!jd0z4-DOdk
zu*E!V+WONc0~yJzPRf7)z9M%!{zm)rqj?IU%lSD5W+u`^2!I7I%)=e)@nS<eSvkut
zOOX9K=vw|_c%$HE1doIsC0R1yu6lH9NL?B^EDyV6u~`;73#jO!XKn3UK+ZgLZm)$5
z#h!0l*Ck{hWBI}+m?9WhQ(6^XQUj0mPNwjHm$lgqhqiyP_P|d1XfL?1*1jtdQZX##
zF8*!i>gQ@((~qq-B7DJ(YS|oDxB}MiCx%bowEh(g4d4O{cTjZ;nh!4n>z?9ngfEk`
zViu@Lr;wXFajizl)l@&?#zMX=uv8wY$y~qDAxjX+rZr`PhfuJ$cWpGTUx`#V)u+5-
z(`r8)S{a(??}Tqp;#RB(I+@tyR&||1^Rk~({+^W(4)<U=4~D)T!_N)&AxC4gGXOYK
z!=fpydVj^}k(0^X(+#%(S4I~5mg6a}bd!=R?h?w$i^#qW`J9e>>nCJM`;}G;!)I1j
zAf`-;^av=+<wI2!-a5lFfbahqnjNI@y?9w8LrX8`*?l2m<Qi>&oxnGU{WjXfRG6K@
zokkArugZy{dte%lCKtjiO$$s!y8-_2-J@jr!v=&D9ccQ>2zBLkJ1RfhST3WuQpn$E
z<}aUw9>7oS1l%_=$D{bWK(>3mn>&5P{OQ^4+^l-;<e!`cym!CPdJ3WhVMoa~Hwt?|
zW#EaAFO1$J3PF@q+k1+=qq#1z(4G?PTAuy|)tq#4tG(xbNhLEgp4ll=`t$5?`NidA
zOj35+-)RQP9CaE+{t&x3>Bgm*FgBlyYP*{mRW+?Q(UbP#h6HwZ%hL6l<}9xpugN;x
z3+>k%ybW5MV+6{EkzeV(*RFeNdNbI?>;<_XHBr9?I|V5)?G-57hejt~c^N3_(We)G
z`U%y8hC~$1Xt4TjjB*~^-}i5~>6z~kXU8XD@VU^UBB4~%oVtN6gndlFw?p7H&_CD~
z+{oG8TaKN7|L+^KS`UnbEuxfmuFj?lm!g#FL+Zm`9+=+5=wuH6>aywM^!&m~{iGwp
zkPQL?d|+}5`D~Pu4w#Yeh1YQS9|l)+)}}vmauyBux|o!OKP<M%M0~HHr@Xmfe(CHQ
zS7*y>RQ7;GT~Yhn@blj8Oh$dzWR|DUyyb(XK)JtnzI_MTNFqAI&r1aYp}wJqgA)1n
zS#9i>q-gp;Yx}|h^pRhO=TL)op7|L3^WAbZ7JKbV6VpIubsvCTDCkO>u-wO$I?i*&
z-fT%F2S4=f&{DqaYi8gJB-nXI{a;?>gFmanpKsAtbhsWxm`UD@#w|B0N@b7jpzB_3
zb<L|rA+?Ppkg#j(*&wuuS07EdS~nbecpY~+f;dEN6+rIXe#Hy6JpaHgf-R{?IW!2K
zTtSt)*kKY>aPtPM*srb0beqBL*vs0QJuNoqvC!m)wCXly*+PJB(I80XY7lG(fXd5{
zZQr4>`8jR<vW0iSlg3pl9LeSf@7^JTZ_c2vn)6EIR+`>cNvKdW96o<zL7%}5%H`V#
z*x>w`7<FdPqoxOdLW&c=fS4jM#>N%rFvnagR^=wPIR>*kJXB|!1+><Zy}TIB42oy}
zh8jmB{vpfM%nT`+V`GN|T97bR{7Yfr*3(2578WPfU|a$2=tYX%J4_<7g=lBHvSw>$
z{Zglb&asubsAQeG$q_cdjxaL@6=dfm8*Vq~b|I|Cd$EYml>C+}GT@yiEm_~|z#W|1
zeB9OP3(f2EHtZAc#})nySSC5UYfYhe7Ph^Ma`kRNXKIbI!OlP=+NYOJSE7HgBo9^^
zAiwA(CLXRL0w)H6I8kW8HPZpMo9pW#buroJ9AE^q6z|N(q0`%^_%wNWz1P2~3{nDx
z9$1Af$;<zJb^gQCogGW%9j4-TfQ55O)BD(acTSciH?Nq;9L!%Ct7#<jcUX&0V}j=b
z2IvSNNK!P-0KazWx>ly;b~|6&UtD!>Y8lWLt2Ib)t=RdU@|S8)jb^BcXV}iBE8bDq
z-Y+nc@pl|j$5B4FP0k6$hYW#3azd;+U<7!#TSI3^?>*UaPMmcz6z$%cL-IM0YxID0
zyrLzWes;LpFkZHDI9)UFpR7(bm^w?^(kD!t0?J{KPomj9s=Yt0u(#B{xR{z$(=UKq
z)6GT)?ax%zm>W;In%d!sBpU|KD{);WWdXW8<IuJX(FCN6KPQ$OEEFXgNgzRiLsxs0
z?Zc~~wLqU1d;S@A7uHMY3L1$&@B5RKpbqh`6|(|n=%C>fKzPcJl&7Ss#!v7f|HtXZ
zfcB}j5ZMAjp}4emC+LMQb?c*H<)_Q4)PL6pQpR>a512<C$mUUy54C$h&9;Y_^2Ec%
zK5hrye@vdx<M^-UqwoD}oSDl9P2U`#Zt8z#%zC&;geG!!8}uW!-Sut|daF6wR&aVB
zwG9Jp7Gix*Ec_>@+Mf<$VQTmY!{)SdE0n*;@<wxilYKiRiJ0ExZjdvng(UcO8>FNf
zbWk}w46J8KZQIO3V&U0LN(~JfpV;aBw_G%%M<Y)SFSlSOiws_Y7<2AloGo99`NNIt
zaZ4#C*jkl@5bWEPZT&z`Z}QjlhNcRiwf(pmHFm_=@SvEA!(=j4(^*DFv{q570@;xm
zEpbBhU_bM_Ghyp@jRU<RFPWi7pJeF=8Pmt~2Bl~|MvNMP8?-g(@|iPya=l`uglBC6
zCUWW`j*55;C>$CbMdP5>!+Fq5?%#j8@PJ0{<8!h?{n_xgg{2D*!_(VEPEO{{kho#1
zX3A<<nND$a@&b*_L<q;%>+!K6iywdFbGkl8PS9*<uK#tYJk#vO!je>}OZ%rDN7Us#
zTSJV>K!I{-eQ+;ohNGzpcsqAG|E;S7xRg1UrO1^NdFWZ9#UbfFE^AJK2Xnp&yWQ=8
zF3!$RFSjd1lN{}(#|EVg<41Dw)ArrH9Wsp~tC5a|+Bxapxt%bbMb#PPv^By)&wbh@
zWWos_mFs#w;2`phmwSi4DOvYu1v4~l?mP=84^Tn0>^+ApBbmG_;@JDOS2LJHrp(Z;
zjS(Il(9)YBD3+?8H`N=4G^qu1wnB5fm&OHsPQOAdfV4(|Ow>57WMPEAUVby5b}%y|
zQ<=1COC+NLvAko}S}jP6=F*vUwT(+j23`vatAVquzoiWoUCzCauUH#vHqBgTso9lD
z{Rt~#X$eM*sim&2fIjh`yYJ#%IF9n)wA4gCLS)wF4~m@kEw!WQYMxkh{q4D3mzVpf
z*Lv%zA=9k(jWO0UkQC+83&1z$m+cRjUtL5oQ8}7RM~SSKE<$=<#r^9LA2`ON{zorX
z`DKpK_Fy$T3N6Ts5=W7$<P96B#<z`k!Rs&oS}EkbO1Zo`Ydo84M7aDK?|k7w^ZfEt
z1=jA;?DFy9ec!t3K^(mP)2>e#tEG9IN4+#MCY-KX8F_yE?%m$OzHO$|wqI8f-Q`3z
z7FN@~%OX>q(zm@RRvfjGCJXeooB~*je299b?uq+Fh21A6BFWid>ry6@6>si1srERB
zxrrTSrW9h<u`!d2GSz&;9Tpi)-UZzDT2mjU6UGWmuTRrAp;A}wI?P(YC(m3>3pdx{
zC4aZaM_u=hh~Duq>Ro%+rwZ$qu6YQ!I&U>@WjIAh5t#Y_DQZdP(_vOHU25CV-`xh<
zG;PY9q#BrG9z0@XcB-<>tb8E0Uln_6Z>HtnFyadJ0y|z4bsfW&9}~IgW4bCYSV9H4
zj5(w7O3Bu!aE{&#7~yi@t>&Qxt-6c8T0M^-X=nDIAH`Yw#MRfCo?i6mShEwLn<c5n
z#=aVZ*D)hkl(oH{6o}nyzxM!GyO4Xc>~=NU*Pw={IgCHdXd1YpS^-#@pvfpvkOSJU
zZDsiBwua=s8L082cvL?H`3*V@f6-h(b>gDDS!0_n%`1QWegz@_Y;r~D`sf<|5@$G$
zFMQ?uNQB(kPYyPRQ;n)d7-&o1@)M2VYt_I2CYj2ewT{S~h?RHA44%!^?l827&g=X;
zQf7{h6`cnbH9pA|L+sIqIDet*8EbI)MUi!CPzVJ0<q4S441%|u&D^uHUFa{6A<N*c
zi?q_x6KWGbXCc0BliOjdF^JdI?kSS{$4UQsMV(uJ2SDQv*?U;!{|bZJklMTq+$46B
zGAo`IyLx=wVAED(i0phEvov5i<H7UOpkEI^DbHGAu>ZA|MbpCZ9THRoll8ParyEsB
z|EXmZ*{KAFXv5);AM|kT_6J1p296QMlaiCk!m5YhUi<3IZPdusN=uJH+zhP0gl`vH
zmVq?pIqGZQwf=q4X53)OJ|}Ab%+umQr5RVbJR$Lj83K%=+m&IfYB3{wctAw1Ksrp_
zszr5O@zu{4#R~`iJCGDQJI@Wgb0awte_@&B<t&}CXrh~{5^2jR(AD3ly$?{1H31*K
zxlf1?>$A6XKFx7Yx-~(UELfuv7_ympb?~iQLl4k^Z+7o4=6rYpJe}UpQ~bD{wXZfj
zeDv1@H1p@}bHU_*ND=aH$x{{B6Xkq*zL8*@@3(bQL}CS${Oo7UB&6s09J9I2up`hf
zZ6})=#h&O*$YI-QtMe{B3!e(kGAkc4v-DI5bSn4rG1aJrZoXt(kP0i&Z6!vp&Hq-w
z)jUKlFZ6<Lr9Vsvwk(f1*Pw?p(tPsQZ3rFl5lxD$2>qhsvsdr_5$14QnjtTqkarrV
zV7HV8<NvpmP&4)>w)~0~kt1eDyP-l{8(UllO8r+t2VMm!L`Txjl;=em)T{Ik(_12V
z$_r!y)^%)w5@>rlrcB=Yu6$SKBPPT3F7~w`FpFG`@!_^AWg9oPCWS^16(*Z~L~^od
z3jYUl&VgI8)^Rd9@psaPAIKaCtFlqA7GRu<;vqH%QGHVafRb|V6<r5*`W+iYW-vwA
zjvRuZ)gmW#lYXxKc3UwCCH#ZxUtEtc0!c9v)BTnmh=s%q2~c&b%=&kZhex6J*Im^Y
zwi2}l*X4&-6*{s(YY|dq$5<dv^|Ps3CKMb^4dk6D@lg%~$0$A`i%zQ!%Y}?^vcj*x
zw$lf01s}mis&mq|QJsl*hv><WaPaG8VkGIIlSqDVJw<?XLJId~lg(&1B#GkT2EwBA
zuCtv9lXVj9zx_DWGPKKUB}%xz+LpOd7rmqB9kL94eBe0ot@G3vhf}^cm|RO98Rtjx
z+#%0!&14@ZJ|^*KG96^=KD<nOaBgOi%rp@}>;Vp7oe<?se`5}OfJt&}G3V*H?%G-M
zBQX$FOkK+nVIBkwW@s(64yRG-);(TAWL&HM=X+p<4mYW{FDc?Plnu0Cr-$+P;xsLd
z`0D@tAY#PRG)&*EpYGnb?Jl*7TYuzt0dYN;ShV{CLAugb=fgQ<Qi9v9d(dh+2lsqY
znG;5rcPNeUGrbScgAtpWqj1LQ*xP1Y-%D)$;}1~mkiNu34KNjL(=%WFfFFA`kR=*A
zVbItJ?k@Sq2~UG!oy_MM4$2@RtpPG##4>MSuPEAdoX5I7C+_W38oolzP+-uUi~F{_
ze7fLsE&=+qzV`775>1NJs~EN9ex4&4jO%aU+;P?NTzvwi@hf-fqeNcCE1hd~A@85X
zZ1Z!$57N%c`1sRgS7sKKDO|}$52=RKqTFZ2{J)8#Jv~=)lfN6*&6HyVXt*;TPvs21
zZQV{KScUo9nd{~`Ec<Stu_+XDRGrw{{Py)a`a{mkj)RY!!~#I~G^L<W*1&tecbsNn
zhm(_<Sr4~yIV~y+Aa=!Yvf<RY9xWn&Dja3{^AK9;$SSPAw^1`l_Izr&eW(wsD%-jj
z`9xPSKCQ(LHhLx;$)7J{`F&vb-xqfG3S9N#6yz_zoGOG+sKsmG<pyWgh=5+x4#EXi
znm2?m^*c>|xy-b7l-1GOgmr4DZxYQ~aBHb{-_Z%E^~;GM${1Ogw-8Xsd+0oDMj=%;
zV2h`(8Prc$r#bfFgG}+SK^lL;Dr_H0$Ib4rkm-s0*Q)6+=(dyG#H1#%P=DP)DUPAl
z@PxqLFouTx8FXHhC7Y@w((0km|EyPyH8&lHx6jo@i@F+pw5}`k$9#U>7ie*DObOdt
zS-7dU^Y+W(8MOBy4I?qvUNS;RFfaa1Yf9i_mmp$l(JlqK-@;vm%YfWxhba=CQWGS^
zj%elwl(Vr;-mgyo`tdtCnXskiM7jOM=%^<B@TI@Q##A<w%<{VkD#b6zs#;~KqTfX9
zBq#;1&C4dTI0jj-6lPoICXd(~cXOeywxeWS<JE6CBCxgkI~%q9tEDw(FE&L}uCQxZ
zk87GPVIMk7bw&s{o(sT5D6_C*iI}9tlfEUE?5YnM*I!r_Hj4Md9eDPlb$R2Vz>h*J
zZM@gsqBYCht*3WBKLI-!h$pAp27e{4AbcDxW<_vH-QfPdhRjhYWxSmuF>wti68pbm
zH<h7QGPpzfD~anMLwp(sQNBNDnG9y|auV9nNzX1tKUajvx7!7dtm$UhKMH%_^dxtr
z`@#S0_fG1-{D>1P%x-<Ez$3Wy6o@Skz*7XN+Hik#Le)b-uC}nPx{)53%p^&s+mZwF
zyKTMzsos{WHU+f9`-1^Vn6287Ib*#b4SIiTh+xK(oIp9qQoD{ljOn3QP>q0qbDTm$
zDxsfgZDRYB$c5jhGUB<B#hClkQH>G$J63~zby54U+v{jdmc8szoOZK2#?VJegs>DD
zsV|I?M~c?*6Egcp;JqezPw^Uja*+8@G?(n_T8|N-KZU2im4gc0L)n(;H6?!DU;@;K
zp9z~Q@@nkW?VPh$orq-&NXXOPp&h_Gtwk?iKC)fEsWR%DCqQPRuQkl9H}W>=e_fdx
zP+`05S-v&BGYr?%z`p}tug<KbHxG1j-2F6gL4X=RiOqY2(X?^~!jRg^i;dEYORKQj
zOD5k$D=2hO)L4HO67acPjni2YvZhk>M8+KWl$4^X9NaUFve?qK%%0`o_k~ahR*}&x
zFjaKO{kz@%^q=yzL{d`G$GSJqrT7m>zzjyvrTGNy;Kt=a<meaw&T_`$BS1x4(O=$&
z&0Z#sHWvTsS(1lK#3NFd972PUB_K8cK>u+tmP}VNx8vU7QE}k0ti62-zO?WII_t`t
zUmrOJDzz&Y+B^~i2+8!~KktqjsvS;jg>#cl;R%S?-p;bo|8_a8+oKbPeXO}5gFk7n
zP-(@tK#W{L32=W`5irK8ZjcLvcbBE_P7yVv^?Ap1o?qdA^UWw)$j}|HH37DJE?~An
z1y#}A&o+i&O)($^Uhn4u`dnJT2O<%{hv6hFp5xBXS0uP^ITzL*4obX5d-wdYf(N<*
zpP@8g46Koz!!f|xb3@q3A};PZ*a{smZuz(KCtiD49d9l28jwaAEuueMdg!je@lOw#
zCp2bONa1EhBO^X+`cw#LmLWWq8OqXhBrqPZ4z^!H#l;BGow2CPc{DqbaV0f6frcNf
z9UmVLvw1Et{{|$XFY_#x){n*NqKu&4-E*7sZ_Txkv}dh(LGR%gX|hH#tHZ}mnDwy&
z?^Nm78F7GqpY^+0^q*tEYvzK0a{g-a-QXJsGMVdQWt=!bO9j8)T*KPag*gfL+~dHd
zp79#hdjkn~F10vhzcWK|`e-q#S{vjT-$9$!`EKuX-HnwSf!T{W2cM4z^U1q=yjn#*
z8^SN8hf<DT*HR&lXPpGe^~qIy!g|S=Ao%xRBRj@_sr={DdthyDGx*?8SymUj)eTx=
ztC{aAz_98yGg(+=5?MSpiW#bIm*djEiLi?`cn$yc(^5`VnDv$2-g#$-m`2dW=2E@3
zr)ByYW&oU3P2C55_c<_*qgzxPsF_N?|3%f<XXft2o^-$uXE3m}hlQ;X3pCxh)V+S(
zZ62L|ty=Kh=^^Kw_R&Gk;+N;d)~|ltnY&)+@8D8!Emsl*6>>46;WOH11UxjyY7svp
zt87o07erSu7U!2GA4K6VgG6Xw&T{QlpClW_ig%i!&liA@febRrw)MV6d<q?A<FO!K
z#(ROA3)GSwFu8}rR<sW*O$}NxQ3_Fz6Y@EoaXsa;i{K;s>BxiCT?cG&(VG@)$hzk3
z-$R5JRe|@zfve<NWtr%KS9Az^*d5K?mPJ#GXu3@Sdi`j<^G*b@yIt2_R%c)jb=%AM
z<D+almwJRhpJ_$_MXdSEr<T0B1+QHS`EDy0J3o7!!CPT$a=uvo<_~pLDCJTC0iEG*
z3BT*1BXWzC$CbgEG(n1$h62wDx(Nar#|4EpZkD;kQk&qmBq^$;XX7uI&VA?D;kA!a
zZXP~7X?wMsE>u)r-r8)t9piWM;BLi*Xlq1r39#+W)t0~I2-DL?a`xmNoWm*QLK;V(
zGvNE`M8(ZFleR#T&A}z!v=e+u{Y*kAbAO&8B3QPU-R<aENBUZh0Pr!fl1*qSxSQl0
zK!U4jhag`&gr?pghTK;_nhTPDNR+c37e1p_=~pE9M4lOeiW#SuGsr}UESiTw!Pm@#
zu?;qv;nwJD^l*9ojl^Dk5s6mNT_hmjLB6zMG92$UF_Ox*bFp90(-0G5FYT-6Ut&j6
zV<Zog$TSB!Z?-A{;g48Ni)%4CtK52~3zTgLAO)1=ABEfIV9_X^A$#_J4nYj<HgP2Y
z|APnyYouffCxi?Cro}<f9|HggHRrx{L9n%cOhIVbr^DKm?|kxU#{cPCrSSupd+-3r
z;|YDydpqt`|Bz0I=vv58=(D%H3yg(|1(%JIt0&ig9epPHubI^VgpvGZjTr*YjQ8O2
zj;9s0LHTT<B?f(<rZcR_E_(+@ljGUib`|5}bO?ql?Zi;7a*y7o=!e=7#9bj!@fh>=
zks#Sg`&v00@E8aR#}pg0gZw3$e3RN+BDC0C1exiVyosvxrFHt<Q-zQatfiA$S5YBV
z#g-EVDoVZDuDAV1GV)&Q8{+KMH33*o%rd<p=@o7~PRwXEGNQZ<Ik34fA|t)46HA8<
zAh*Nis`6SWQzj)>3?K;uCst!WkY-_&A-3W8&d`K9pVaZkDBt$#_TAOMqZjj&wLh@v
z=8>8jsDT7Ge)e2I6Z$QrLAiZY-|MOuVmi!(0~VvoA?h^*aJ7Yn1Ew5U4fs;YTHnKz
zx8{b>=<npSrNi76#ZAe{*l=3a5r?adzpABxZ10W*NjkBQ1~>oO0htNzWOhDVSqojR
z^nhBJ2Qwi)qC|pa(dW01)@6Q`&O!mT8HJzp&Y%t0S))}(_VD3-WV_ap)MBW3{krbh
zAtz00a#_vb<d-XrTnIt;yJv*KL+!L;Y-g?K9b}o`xEx)3*aL5|v>EJwHGleP=o9vv
z`4`|j;w9B?j6-e1<+QgD_WqSCS8utc3bF2L-XVc!nL%!Vfrc)NVmUwbm&gyu-xOBe
zIu0y<wU$TQoOB`IT>oE6+(ciuU!o8qy7LB7ziz-Gfa=(&F!TzQnJz@Nt%|^oq$=X2
z0zIzgBr;g_t-)*KCz#@lT9c5*lR1W@1Vr7A+W$7KH)V4?BqlYBLqVbIJoQK?^A#ti
z<+%_t_jAub?rlz$XQ0csufJ253P;}}la<HTz_#RG;R4p@P+YV)#Ra#s#JKUo+6JQy
z$iC~2_!i|kZw)e#Iy3x1NPTpc*sZA$WQvj!;$0h!YVt+tY3dcns&<9MwrY#9Im7sg
z_}>##)9Zvyd?1d+FrA#~;RW8apYa63=r(tT8;%1q#;sueYd$v>uE+LwiuVJ>C82lZ
zWcZLrd?Of1r^JiEB7_aGsfF*%<@TtsV*tH%R79D}y)X>_ORieg0fg$U<tCl*zM<{e
z+^3dt9e*g|LA^!et}a2Cb;|As1gRlFAcu~UaTX^PqL{F_-V?k!Ge7^nzADqEpb%Y6
z(n<e&Th2@fMgXDLnn4UN;$Rd%A%mCyF)`t~Lqbu~YsEgkbFyVp^4M4pTeUEL!e`0o
z0J1OMPYu1t;%3?@jgRJ}{tU0Nk1`3jp{#uuC}LbK@rKq7HHcJ>AUMSfOLL^0ISAp%
zm7alypSQ{QT)b$7abZq2{nrZ3zvB`fyRgl`J_Ey)$nF4y`M%9<7#+c>t^X%M#r`3E
zwXma_1f-Qj2vgILzF5F>fIpr$rX+n%@*lHCMAY0(RB1?^@)9xl%Zkr86N9IxoGu(&
z&)b*(uqJMb?<g{*)qI4cD3L)-2rkt%7@fFQ96&r~!?Ad9h$Z@4<cECF#L_Zr#eZ2K
zwPGj##|Rn|Y{qleJSOi9Cw;#%c)kO_&`R?TgD{8B!R+5gk5D}p7**D5)e1z=Y$E5K
z_SHeYzX87E;beC@*@YHs%K>%UXk7GFAPvk*4Rp7rC(p+{*WELoO|hHFrb-~VLBjqz
zg@a+2#H&Zp`;KBdA#B&au_e{t%B-gIv%|p;*TYyuA5Q%nBL5|bT@c?vkK7G9o4t$+
zJ@8(oCw1A~5f3Y8NODh<!bNOoZ~!<!kJBinY94e^CdTT2SEMp1`T^S~KX2iwBTt1t
zbo+%cCTK<{jJ8e=Wv=TvJ%D3WDg=Z@&g}1!G>;<F^t-Ae@q)9jU~-h;*QzxDPb63-
zvICpS69nAJMp`#ot#1nRnDaZE+NTobzfWrZaO0D|FqD(e)PL|O6nlO^NJ&`(-I6@8
z|Gpj}K~KE0G*4(LS2EKVn>3{M`2D$&Y*>X}`h_r(*ZqZQmZO^Oa@u!Z72g_JvdWeD
zNA!M6PrKXgr$3+jS8JO375x5hG$s#h?yAAYzG;t{I~K&j`lX!S&S$x3WSgx1$?ztk
zQCf?|`_tOh%tp#yN;xovD3B%YfKWqcb583GBKWA~x`=!fX1lFf;SFqAw5N>4Z_}0M
zvCAMi*Z)IvHE}wmy1QIKA&h71eWWtJ(pxepf1K|%Qcq6H_3Qr+0BUss#pc?<f?Ytw
zyqzAxPsEWGxykzK<+ri%E(o8B4#4OGedv+;cn}>azpF2J>yu+~@Z>X|oO9<i{ra+m
z*z$tUsxzb~3l{-09MGeyX!O?fETKBdubQM-Gz>CP5AnPF$&_x92*+5C4=`Ydat0~s
zd}PviJ>Rix!fu~M{xAz*Y};WP=eK_1%WR+KcZgqAu|v;H!qNQpT!#5$I+MgO)dp8I
zxpabWd7pUZ%g<4O#}s#p9PPrxi*C;Om?}UXoWe31x}a}AwdFy+8byZf)t;kcdMOCG
zU#$@8Y+Ik>*ZbT3xVYKWrznr57=eX(U7oLQRyxYp*~)~?H3~FNQGg;uK-5^or4nRf
zG$cZ{4N<z_+|9O;LamQ}<Iu(0!?=UT3DMr?{F?MgS!$>YmUBluOw%z1-?aFOhjFs{
zNQ1>r$c?cWE89&I<OIs84WHKFq4A5$^iSL^1p7xI(55mOP$u_%e^Mwbs+Ed&`EjbK
zMlKS2?t{&uCLHY5xPL!9!%x3A;LsF}e*X;t%CCp)$D^9cmDeK%PLrkr7o&UBi6b>s
z$@~Q6LHs{sk!l%_Nj`j+m1VHbuC!e~OR|};@ZKQpf}7`Zo=#<V)$Ia$W}O#)nxz-V
zqV5#&oq?CAPpATVwBIR0UK1yDKqj&2j;QVzZj;fnBRLg(+#kf?r8wAZb4I=_@v#gj
z<?^|+;-a9U3=|rNng3*RvIdo~tquyyM_$3tgo(IqWJCq)wvyrya7Hrl&q7UuKJ!Am
zQeZ>-z%LP3DB^ZBS@<tBVda_n6a1i1w@A#hMDnH1j<#4*KW5=CPnaLFV4<Wfokaun
zEP{n}YSkvH`pjQ$E?nfG()`&h>)F1WHFZ4?66pGd1gnVXz#b?LkKWB;7?~sV%W@R`
z+EIUy#n1aFYgIZaG+W<x*1!>xTw~r&|LadLxAxBA83_^!qsDsrq00_^QX-WDKXUb4
z?an0)Vz5Ds@ZH=>M~OM>KBGg`c7Sg5(nja`QOHb{PILF@n;2i))2YBqfxy9TV~JOy
zwy@!K{A*PxQ9o(Hy_<biSpwazHmiM7yR&M+*|4y4&0>UKQ#LOWOh8(nvNj%BALeR_
zw(4o#d_Qe;AKM0M2i0ruqt(;<YZ4g{v4Ni4Q~|6x9YpsR90@Pm`Z=?ja+?2ax3FVv
zhV!`OYL3*#6B{idjP?k@^G4-IUNI@<-q&4hoL!{3zZ#pjKbfz~<I3t<_q`z^#g<}g
z&gz6QC$W~EPiyOfSwL?&l>dU=Dlh$VdAQ9w+qQzmKfiauS23?rnSA?LYbtr%A!&V(
z)3G70j=JlMWn1mNfxdz(yriAuQQEw3FdHoLZQRZL>u7y2`6Wq+7f7n>MOQ1B*AY-B
zR^6G~*-2T`xOi0Q16#mOzT0l*uATi*M}}O%^!esQR!#UK$nvV2^`$LmSsi;<+mNU8
z21@6z#db2HUTaZmxR7c~h<f+?RLqVU%s+zz!1!*DUf#vk4IftXl}GG^42f5taM|$A
z*^ohui1<|{8SS!`2)OBHT6uhgUk=|x;V>}2{5SPxau(kknZQy;@$QMnMI_IUv+LRW
z9f_HlI5}0eW8MA-+oD7!@4EgZryG1tcek@1Eo|i8b+Q%Kz?TuM^^~y{6+onau)^eF
zlkE>k8l~;KPcE*bDBIoW&M3*EhIWAJ<`QHl;g1@&qO;p*+vx}mK)nm@IkKbZQ@wh^
zv8KpluG?|$a=`8z{kO#utV?VlxA!?1yhPoci!}$ofkAwm*@SRP#T8_5j7T}ZLLoUq
zX<Lp0Th<fSlDhFf?G1$<O3~xD+ued|2{49aJ~`~5&SgZFZ7x&bHcoAJxxK8vc*)z=
zCRa@p+Te#6x_fsugzvAqMEKA*%XE{Zeom-$C(I6HDX1C`8Jq79OS_y5Mt-!nu)jZ>
zo0xE;F_6L_PPOjKJeOYGPS|vlp}TEBYFF2PZ1f49+O%pIWfOG0Na;Mr8e1c)!6|(g
zc#e>bjAD<NzjPkIM65BwJFu1T{YAVz#9BO0(E-am=)rrOPX*r~tJR6_+Gpw45G1(k
zY^mS8WdzmqMjD}_s5L`i6nHF;mIf2OarMz^X(;T0V(ngPMFFkvES5}KyP_~aS3h&b
z#!2O1wk*v4YcoB(^dAPr!QqmAduW$pb@F+41^Ak*W^(fVjaf;$zl6!%TD_zD*01X7
z=Gdwz%W?`gg4hb3t@MxTS!q!*=tC*UW9+Y)KYr$>)Ie$lTgU5acb)i~jgG7zaDd+u
z$qWT;9h@ksn^+Pq*yNoaG;9@6cfv@kY||#qBg0Y>7~JLXezQqUpuJXYLeLsD3L!jT
zY0r{g!I{GeK0eV5h2Nf>cgt?pH@#$m@wtsl@C{omB5&~<Ra2KHb+}Ug-uZ#88=s7M
z0`vGlgxOvfEvtW$oV3zb_{N0!;gq2!bKchy#@1T??XYdJQm~65Ar+<+=d~}%*ZkBs
z7o``4D>LsUl#`;SH9#9!xny;F+#BwyWB$^GqR^(gtwl?!W&Z8R^`Hz&xp<FoNojyi
zlxObl>RRdpQe}BmS^GxwP`IjeGm~Swn4DZxg;vw%bP>}+*>(x5=0vx@orM)V!=`>`
zNY($QQGkuP?m)Zgb(}m3PAY;C3TXsEtmShnN?IIGM=*ilE|@Kxo*YxGsYk5tCXTm@
ztW@@%XwoTQ=k1U))bph8aCd2CBW^zpvxI$8VyO~)kh=FI`uh5vj$1N=(SrWyEzp`$
z7hlR&TE3-IO;+~FqIRa$dvrIsIDIkk(_y(4s`Ws_=QmpBYVr{wFAzZH<}g1+f}iRw
z-&U+t@@52-RrWK1@Snx3939QXf^!fD$CfL@mBWMmVR{4n{TtbA3ZZt5>&nJ?gAI}(
z8vfUnDhM9n>a`A*Y}V`gF}NSfzy>^p3!WEKtO*JVTJD+6Ve+WC8?CBZ>AFTq?vu1?
z0$A?>sV(Icx$X65CXS4tzsYKVS=7akN6K67@7@CMRvY5xw-h9-53)(@NPw*eg0z>H
zuV`k>WL77HEg0UyD*!f!)+Yz$*7i25#*61dUaRS+6Ic=sehLvgd4V|wU+!NHvV8&i
zWnFk`9*DzU)o2B9<FqCqWBTSi;<C%6Ox2&%QAAe2mLZIvHKM-CV1pUAD<g;o2K(~5
zHI{px*g|LmPyQ-Ly?lJkXmDo-ACV%c@Uz_QYJ6df5q<WAUsu?b3%1m8z3nHCZ4)&b
z|B={2ekCqonE+KoKjOH6E!B7<eV~Smi~dO@xLCif*#1ndzO9`UT)N;;-%a`RzW)2;
zp!l4Zo}RhK=$vhnqgH^qCUm>gIXImELFdGZ)tigWwp`!^o4>DX%tdw*D*J`d7Ams4
z?)n@80T&qGW1}E92$GilO5b-GNXwKidBtiziS|=&4fB^1{JkrOq-4hB8L6B7fqmjL
zv-uwANwmb7Cd%F<kE*(Viy33muz?MoCs`=TsP8Mz)a}qz_9ZBK&vRF#sj<c;lpq+D
zw0aJC!t+B<Gnm$|+}vQRvHo<D+{n~!LdlAD%5(2x<Wml9+oeAvrm2Tz^h+{TrJ!io
z@AHz6kD+kwvZs(UnVj2$A_E_n+<;|mWo4|2v7j+E8pRn0>0a?+<GGT({DU4Zl`;cY
zs@<Ep&Cvbsd{F>Y<#P=naDmi9yE~Py<<`CW4)ew@b;Ml_gs-Ci9d!8fi1GWloZM4-
zQb}g#PI<sG=Vfdq6_>3ZAN=^NbH%N&dBAHC%iV9(Ve8Sj#BD@++tgo*z~Wmxg8ZAJ
zz8=z;OQ~9;3Y5Dcvu$O+oc89j_ueKlQmT?@R%iADe*kv$8}*r0R5QoQ3-=^fRgWaM
za#3m!88vlU)e^kf)?H}HzqhidPm6tg1$LS9S&gIx@)A#|K1q4i^T{yNk?h<q-xN+`
zDf~WKFKDXDJJxA&n?;jbQgj_p3dImpCEMWEQ~{uDn;PKjt2gyTAv+~~aaC3l-rcDc
zTwP8+@hIAC=Z=lZ7}37&>6st<Q|hh$dye93bE|^&z-<MVyp4^gmvXt4K3>cVWM>4h
zLkv${qF#4CMo4Vc`Pz>}n?AV=3dVhCCnKB$*6Qm}>gb#Cuk{$%KXn|a)or_9JGacQ
zwHkvv&VL@sM*-QLH$ZX5O)Hz2UbT>ulKlPNgN_f!2e#fZ66~KEXfo0~KMOk_4F><a
zOou{$MGq8viynlA+HH4A)c47G2euVp6O>iXZTb+F-q!18;GO4V!qtldbnZF`<qI!S
zCp?_T-(N`gxVHSeUnM&Ki`0S~$Vb(o<|_G1e?pI3N*5iq1UoG+3;wPQU8o@K-)KRX
zw<^u}xxr0Rnx}FILbQnB8QtZ}M>d=&+Fo8ulHOT2S7g6|f|?qyM_*`NZ1p9*9#RX_
zq^jviHs#l-wwRfLG_av@eH9|Wdh2VgJ&X0*bYI1XbK9;lhK-~NalI=faX$MyYBo+n
z8h3`=;>37{anzXyEzVodD3HkvsCTo<r=v>qr~Xe3ckEd)fFF&qP{r3kgnr|W-@VC*
z#vBpmh9|(krD!+PB{X%r1yox-J_(vK6x5_+ajv~i4LeDNjxB6oUtX4TFIIn*nnsiv
zBA&}7(tnWE=xX6bfYbQ1w_uFNr>+~D`E`^5=`ZUdA<Cvy`4ouRh{q%Cxfk>;x7sYl
z<u-e6B^hk5OHLjb=%)+*5%sfduvrF<uZ@UNi{`hKsGhm35|%%NjCoF;0ho`!YF=OJ
z^XGU(Bzaz)Y5KsEkC(UxUJkgS(=s8W4$l70?VB>)aV8$}0O^=aJoYS0<_0gP7<Mxw
zKdqfK0XyyOE}SgLIm^sOt)?S4bLy)@I!_uB)^fW??WoocFAd(y)0af&aP;#7!I~5v
zi=Sr6KSW3lh@X%zl);bb|11f@5#=|&=l(Vtnx~*?ovk^1cca1JVb)q7J|T$_A`1w9
z&=*N&pqw<t{Ok9}^vA-jSiZw`tDm@L)mn7339v9j<L$UjW~!!e(U0o672nTa399WU
z=?=+<Xq|-_&&RR<kVH*D$A>*sRJx#imU37E+gL(h89v_t6A-iz<-!zKGcQ1Q?{A=U
zK^&jEmDS?0FgWu&7VRssuInJfuQ%BL6gQGASOxibS`FMZq>>U%d6R8W0$rc)icP$|
z)t<1^02dAQc<c$Uf%GnPqOyocO!Q4LE2dv?JIQv!W<c?FS5H58H09@Y#+}l;@al3s
z=h_^8xOn*-p+S)2?t$bnpr-;H+d+oA=HYL?a~C1=AU=L<apixC%9~HIFJ2H*d>8ws
z8k$7v|2bnAI6f6EJUw-*=&fTdTAG)qpAsd^sRf)n3|e60WWydZ-}=N`*qZ)eM<Byy
z8fUuj$-4I?q-sLgT0Hlml`XkOyqoB0mrz^Qx4OF^9mH}Nj>(<I2hk^aKQSTuv@T8A
zeIMfR@pLkM^{HP<m%`*U`|sOV2$6D+GRjD`os3q9DNd;vl14?x;Vo$iTd>giBDdW_
z93exL5gTO-VQj_HKgN_Ziw0&~86Kin%P#r;ckvdLFu#wR526BAA1obQyrf&98hP^}
z`IV}`A7=Cq={D;ABHOP{tgRwkY>up|%gUnCn~%!GQ6crOrjB@rXuuI{oWy|@;G%9v
zlTfyz53smI;93YZBiwn{TJ*m)Rs6T65uyt?bO%z+!jHqZ!o=QI=%*$2a}u@xdS>Hv
ze)Jm$hk%=vqB_05B&_D)ukv3+)gYkfC-Rf2T`%hGi$E(Ji>`a!rJ=g+m}5VW$(SKW
zo}cZ^tIBk`(I4l2xLq05eDr%L5mLeaf!29sDWN)~bZLU4&-PW%IUy|Jx@V_O%<Cbo
z7hnV4NKapP$Atc(keD$t^zf)Tvic#I@@s93yAQ;FLxEvl@-nKL!_VHS{4~`%$NLW_
z9~URLIEnTWc5wc`-<69-VK!V9sN<RLx({*kGQf!Kx1$wgNnNZlmC~b!MSSplRR#~P
z9qlj4+MlO#^c><Cz(?+JJFwdUWYf5MxRYCv^=j(lA8)5Chj%9dN!&Ea292Ift@&DA
zZnm(L9O<I0vSAv}1-;u=9iBCcD0}~ZQ^spV+Wi}?1Qg`&_u{YAZ##0(hA<I*vHx@R
z!CgAn8E)uus=KMd?WzZ}j~eGcRHYTV|I3QH*%vE_g1Aqr@6pxf!zweSrxGy)SavPJ
z^JK`HfZQv{DTF1qQXc5!5ao^aDo*jK<2OkT$bTpjJ8H(Rt#EY}B%PQ;Idn$t;!m>i
zh~mihSLK=M_{q|H4TUy)7-!kN3PKupVgY4kf{XGoM)bhy!l}E3hEQkNHAt$mQTEIk
z`JC4TbUKUODl<6a&zo`ie->};@ED+bMZ{XN@bffIX(c;Vw#a-Si|WT$3jDas8|u8i
z3(mkWKVGk0muD3)C&RZ}A5%n&wnzH)*Z>PtonvztLOb3nu`;J(pGyAzZoa^N1;~=|
z-6Le{$xn|L5SnQs0N(5>GU8t%v}5%j_)g2wmKUg!aGl6sIOq%!sjI3%5#7zpEEUX3
z!fHgpYV;XMN*g72B%v3d#WT~fD|U!6&hng<&bV({pG{7V_9o@y(>C!fpoevQkM=4p
zG11fav=E=G7*T#R-L*dA&4OK*GO&Pmq8#p8@-@Ev^XR!^r}5^pU8O50GV_uUo4rEr
zZP0<$!!i8D#Y<cN!y>Q-(WTIo?#%s$?SYf*XV_z1RVh)h`AkY?SeTfb)8@9AS6|yZ
zyXhFz{tQ2h)U*C-V}taA>~t;RsCr*fMB_#g9Z{P|a(E}z&+^>yZ1cQbc7NLLp@H9_
zi?;OlB?(3ie+Rutf%9|hXL8Vlj>^b_cFmNjEld8iN?G<()8B~$$S@_3x2lCazf`v2
z&-6-ZU)rkB8U5XZCae4n=SGOF>n{Zoqe4jQd7bZN`R;OSBk%wIndef%x3E8+J=D=T
z6y^M)*Nipwm6NZO`Ad%T6C*i0OlK5x>d~7v{TR(b<E0b9*eHv~cUnpyjHZdtT349T
zT_&)_-^aY7a14D&ZMzEDiPO?<xtsl~_WSlt`jucVN~5|}#W5eD(ikA#??s}>SYFP>
zC8mm8B?=$cXeRG(F9JhQc6Fx+wS#YPOBDl~X})~Pe2m$UKU}jis{fK8jUJ}}G3h!j
zoSIhYV;>Z^H5_`=^hT@?CiCl`=Qr@>My8%Hd6b!Q!G^3n*&<tnG<pxy;p@>oD>zld
zk9w+uR~J}wW18-Wa)>Qt;>f-7HrnB9M_sq0x2UtT9?!eO*`UAxftaEQr1pf1^5)Xq
zrHo7qM{=^u-G&nge*{HJdqW4wIsuWvInc*7S+=PV6@oHn1*=b~M|E)g?FD3PwYtwM
z&qin2O$ufxxj#A!GqLm8zHH=FdSAXjHAxy6T~MrkA3n9oV5`I-u<$u;_r&kJWKal#
z*b+PwTigsimIlBPh$}8!@MFGLhEmEn#!A-o@=>9kmC6}FNa^#XEDz4`+|JLC?rJ0*
zG9OvO2)u7B7fPBT<HNN_bwLsrNq|2ilBBky^NAxNP&a1ZoYd@9x{NJXaeid1m6hXv
zi>W`#caa!-xZa4$j81&)Dr2SuV~}>Xd_X?OQw$j!p>}{5mAmCfTbALIYk*B`9XvTq
zTm)>Rq8OaQelSrfPvn+X3A0kyrS$L4))@}9sp5|*pw#cbbM0l?zKwr_KrKZ?e)Ww+
zsMH6^wN2<F6FPVZ=I0utLl7~7_RW2VqGRd%k1qgwVp}Z!5D`5p!GCHFl`QT29twN~
z$N&E9ajn=`THA#WE@_jaqr5C8fBO|<;XXPwy}rvi+f3dI-667&+rSFFje_#7Ea$O!
zT<DV@^{7pkrCkw;f0pOPIo8Cz1A#$ek^ivwwPfRL&DzU#7JGGaI#`gjMTlIr)o8{j
zLNwC3vt2)Uk%Bg;-0b>8;NAXSj6_pHpUshLrc}<B1X`nrp-=mO)UXmeD2ola35##&
z|M?uOvhYq><=w3yM?{F8TdOY;TRGyA#l1EqX?ct(hlKM0hK)<(-AbC+DY?>+ZAzDc
z8wr(ChpCJPE!i}+nFV96W%VxFc0G#QcSzs)ttZzyv!GI7S2>|5Kwkjy{)r6F(De8{
zae;KVsfYbi@<%fNh4J5+tp0*&DZxtae2eiOYBLxmBE9?HW+q~+Ipfkc090%hxuqQj
zDC;r~X1Itppll$WUN9raejx_p4{A#FU}jx4cS-ik_f<MB1A>aj8%G9mv#Q@Orl-2O
z@ufBB1kcTplw-|-=iI~(4veX^4$4DK|5P73HvRDQbLr&Uk50HmwiVUX*E1bwo->`}
z<ZV^@5`Brc$@3S=sb;JM_vLi|0Ccp3`Q%;JOx$bS?_AHQ5zZtV>H3R-7AQy>ws;A^
z&N5x|w@9sd1DZ)NR-QOzwFGUDjC>hZ@gboJR)Z`(O-CruqQs=&(8TF8O$U;~;@n=T
zgB9z*W^Y6B!mRmk3t$BrS`@%Xm*W`aSV$e>-K&rAm#b%gS<4ipMrby1KPDI6T#|8z
zvd|<>O#Cqw-oaAuF6Pvkg5tS7a>X??m+|e_M>fl$9FgShP_x)Z<rUM<L=F~sNnID0
z#M?#uEWQ)J>G;u^o@Jz$biS&y`)d0yU<Es%rrMJsn}w6|W>A9>dx%pjWvK#MfZEwc
z5qnslgP%m9^Jm$_X&@`J_IO{cI5v&ZL`-7th6_;*({<N!^IBlDXUN1%OMr|8ynjQS
zuvKkLf0$`f4fI!aOS^P~VfL;aWZ@X)JloX)V!lL8G{-aig%ie7L7IiMW^{v{l8Hf>
z3)))7`NPdlRn-aed+qz<?WxP!wMP>G!1aSs#+Qw4>JP^qq8qWqpMzN1ElHeW!Dc_w
zi>IPenQ`YD1CD$ZK!NK2EbAzJ2bg%>nvDDp>f>F$?^q2t8q{~k>-rh8RQ!DR@<3V7
zK`uDF!!-h_c}rrKPE_x+NflXIj**>>qkObOno|NtLVY2>F@#+O=JT!a15=#Sd0<)k
z-EwV(`{k(4TL??VjxHsw4p`gOI5|!MwMoiMdMJ9Qql3j!5vxi%DZz8T^Z9<yv)ZQm
zEq9vui@*&0kLtd-f`d_9{TPK83l6!t;up!dVA-xO+$u9g`@L8pB2h=pe-C26m6AmW
z&U|FI)8$#Ht)2OX8~LhWyqXvtb=+c%{U=iYYYDQIL|kv$a%3X{d?J}SNO4tXUYU>Y
z62zML$eUjo$<xufm;_f%6IDYqnU0Kqy}ZqI-;OK6UD<NwJ3WUwE7Re@cGk}+WZpbU
zlNbqY?fKorg<P!BV_i4S`|v|~gSUIvxn&TEBSX8zH?8}%aT879b3XR=HI-X(mN&~=
zqtCM*46A!=bJihtk^fQJJN($9!+H`~h)GZyx;b((G5S0))82MgEKRYod~Y@SE9a~9
z><X}Jg#-^wTdSje&XN5p`FPeUUooL&TQNRFSCdN!3u6TxV?0)T*2#rbk3g+r)4C0N
z;V{Q%$jKd6gRyBU%Tfh$J_)<geWEe8)e6vK{(Y0pU%&g?2FSP;N3gl$&+bJSZNqJ8
zo&0<IB2Q6(>E(W;<=ohwgwT&YSM-G@cM*D9<vG-xkp)hCr<Jl!e7PZ%!f^*?J%^^u
zA89Z}y^q3-5*PIv_@HqNkPIy{{<ETr3BgEO@(1{yO;!%`-C-@F*L0-OC4NY33sNb=
z6<kxLu^ysz<tO@g?9=Oz&%44R_GYjit7SdiZt9Ef(wAWTuevG|dJBBhN}{nNPOcgg
zrZvm;l9Ie-@AaaU%XsbdQ>%-0nr#BDLS6d*Rb>_p=h-+H*EatAacDL$7nxgNE~kTd
z6+z<T7D^wdyo130AEPRHnbF_Qr|YGWkTq5c#sQ!_Zg-2q)3dY&F@ocNU;o>K|JlL+
u+~9vu@INH{9}@l#3ICrUAwpUI0RQo$@yvh_2k!;q^IcqCtXjnI=l=)TMq9D~

literal 0
HcmV?d00001

diff --git a/front-end/incident_report.html b/front-end/incident_report.html
index 6eff57a..d4afbc1 100644
--- a/front-end/incident_report.html
+++ b/front-end/incident_report.html
@@ -5,10 +5,16 @@
   <meta charset="UTF-8">
   <meta name="viewport" content="width=device-width, initial-scale=1.0">
   <title>Incident Report — AutoPen</title>
+  <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+  <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap" rel="stylesheet">
   <link rel="stylesheet" href="{% static 'styles/incident_report.css' %}">
+  <script src="{% static 'scripts/main.js' %}" defer></script>
 </head>
-<body class="incident-report-body">
+<body class="incident-report-body theme-{{ user_theme|default:'dark' }}">
 
+{% include "includes/app_sidebar.html" %}
+
+<div class="main main--report">
 <div class="ir-wrap">
   <div class="ir-actions">
     <a class="ir-back" href="{% url 'dashboard' %}">← Back to dashboard</a>
@@ -21,10 +27,19 @@
   <div class="ir-parse-error">{{ parse_error }}</div>
   {% endif %}
 
+  {% if messages %}
+  {% for message in messages %}
+  <div class="ir-parse-error" role="status">{{ message }}</div>
+  {% endfor %}
+  {% endif %}
+
   <header class="ir-header">
     <p class="ir-kicker">{{ report_kicker }}</p>
     <h1 class="ir-title">{{ report_title }}</h1>
     <p class="ir-subtitle">{{ report_subtitle }}</p>
+    {% if submission.report_title %}
+    <p class="ir-user-report-name">Your report name: {{ submission.report_title }}</p>
+    {% endif %}
   </header>
 
   <h2 class="ir-section-title">Incident overview</h2>
@@ -119,6 +134,7 @@ <h2 class="ir-section-title">Response &amp; resolution</h2>
     <div class="ir-sign-row"><strong>Date:</strong></div>
   </div>
 </div>
+</div>
 
 <script>
 (function () {
@@ -135,36 +151,41 @@ <h2 class="ir-section-title">Response &amp; resolution</h2>
 
   btn.addEventListener("click", async function () {
     let inlineCss = "";
-    const link = document.querySelector('link[rel="stylesheet"]');
-    if (link && link.href) {
+    const irLink = document.querySelector('link[href*="incident_report"]');
+    const linkHref = irLink && irLink.href ? irLink.href : "";
+    if (linkHref) {
       try {
-        const res = await fetch(link.href, { credentials: "same-origin" });
+        const res = await fetch(linkHref, { credentials: "same-origin" });
         if (res.ok) {
           inlineCss = "<style>\n" + (await res.text()) + "\n</style>";
         }
       } catch (_) {
-        /* offline / CORS: file will still download without inlined CSS */
       }
     }
 
-    const bodyClone = document.body.cloneNode(true);
-    bodyClone.querySelectorAll("script").forEach(function (el) {
-      el.remove();
-    });
-    const cloneBtn = bodyClone.querySelector("#ir-download-html");
-    if (cloneBtn) {
-      const actions = cloneBtn.closest(".ir-actions");
-      if (actions) {
-        const backOnly = document.createElement("div");
-        backOnly.className = "ir-actions";
-        const back = actions.querySelector(".ir-back");
-        if (back) {
-          backOnly.appendChild(back.cloneNode(true));
+    var irWrap = document.querySelector(".ir-wrap");
+    var innerMarkup = "";
+    if (irWrap) {
+      var clone = irWrap.cloneNode(true);
+      clone.querySelectorAll("script").forEach(function (el) {
+        el.remove();
+      });
+      var dlBtn = clone.querySelector("#ir-download-html");
+      if (dlBtn) {
+        var actions = dlBtn.closest(".ir-actions");
+        if (actions) {
+          var backOnly = document.createElement("div");
+          backOnly.className = "ir-actions";
+          var backEl = actions.querySelector(".ir-back");
+          if (backEl) {
+            backOnly.appendChild(backEl.cloneNode(true));
+          }
+          actions.replaceWith(backOnly);
         }
-        actions.replaceWith(backOnly);
-      } else {
-        cloneBtn.remove();
       }
+      innerMarkup = clone.innerHTML;
+    } else {
+      innerMarkup = "";
     }
 
     const title = document.title || "Incident Report";
@@ -182,7 +203,7 @@ <h2 class="ir-section-title">Response &amp; resolution</h2>
       inlineCss +
       "\n</head>\n" +
       '<body class="incident-report-body">\n' +
-      bodyClone.innerHTML +
+      innerMarkup +
       "\n</body>\n</html>";
 
     const blob = new Blob([doc], { type: "text/html;charset=utf-8" });
@@ -199,5 +220,6 @@ <h2 class="ir-section-title">Response &amp; resolution</h2>
 })();
 </script>
 
+{% include "includes/ai_assistant.html" %}
 </body>
 </html>
diff --git a/front-end/includes/ai_assistant.html b/front-end/includes/ai_assistant.html
new file mode 100644
index 0000000..0411bd5
--- /dev/null
+++ b/front-end/includes/ai_assistant.html
@@ -0,0 +1,180 @@
+{% load static %}
+{# FAB dock + panel are siblings; both appended to body so nothing clips fixed panel. Visibility via inline display !important (survives CSS cache issues). #}
+<div id="ai-assistant" class="ai-assistant-dock" aria-live="polite">
+  <button type="button" class="ai-assistant-fab" id="ai-assistant-toggle" aria-expanded="false" aria-controls="ai-assistant-panel" title="AI assistant">
+    <img src="{% static 'images/ai-assistant.png' %}" alt="" width="48" height="48" loading="lazy">
+  </button>
+</div>
+<div class="ai-assistant-panel" id="ai-assistant-panel" role="dialog" aria-modal="true" aria-hidden="true" aria-labelledby="ai-assistant-panel-title" style="display:none !important;">
+  <div class="ai-assistant-panel-header">
+    <span id="ai-assistant-panel-title">AI assistant</span>
+    <button type="button" class="ai-assistant-close" id="ai-assistant-close" aria-label="Close">&times;</button>
+  </div>
+  <div class="ai-assistant-messages" id="ai-assistant-messages"></div>
+  <form class="ai-assistant-form" id="ai-assistant-form" autocomplete="off">
+    {% csrf_token %}
+    <input type="text" id="ai-assistant-input" name="message" placeholder="Ask a question…" maxlength="4000" required>
+    <button type="submit" class="ai-assistant-send">Send</button>
+  </form>
+</div>
+<script>
+(function () {
+  const root = document.getElementById("ai-assistant");
+  const panel = document.getElementById("ai-assistant-panel");
+  const toggle = document.getElementById("ai-assistant-toggle");
+  const closeBtn = document.getElementById("ai-assistant-close");
+  const form = document.getElementById("ai-assistant-form");
+  const input = document.getElementById("ai-assistant-input");
+  const messages = document.getElementById("ai-assistant-messages");
+  const chatUrl = "{% url 'assistant_chat' %}";
+
+  if (!root || !panel || !toggle) return;
+
+  function assistantContains(node) {
+    if (!node) return false;
+    return root.contains(node) || panel.contains(node);
+  }
+
+  if (root.parentNode !== document.body) {
+    document.body.appendChild(root);
+  }
+  if (panel.parentNode !== document.body) {
+    document.body.appendChild(panel);
+  }
+
+  root.style.setProperty("position", "fixed", "important");
+  root.style.setProperty("right", "calc(16px + env(safe-area-inset-right, 0px))", "important");
+  root.style.setProperty("bottom", "calc(16px + env(safe-area-inset-bottom, 0px))", "important");
+  root.style.setProperty("top", "auto", "important");
+  root.style.setProperty("left", "auto", "important");
+  root.style.setProperty("margin", "0", "important");
+  root.style.setProperty("z-index", "2147483000", "important");
+
+  panel.style.setProperty("position", "fixed", "important");
+  panel.style.setProperty("right", "calc(16px + env(safe-area-inset-right, 0px))", "important");
+  panel.style.setProperty("bottom", "calc(80px + env(safe-area-inset-bottom, 0px))", "important");
+  panel.style.setProperty("top", "auto", "important");
+  panel.style.setProperty("left", "auto", "important");
+  panel.style.setProperty("z-index", "2147483001", "important");
+  panel.style.setProperty("display", "none", "important");
+
+  function isPanelOpen() {
+    return panel.classList.contains("ai-assistant-panel--open");
+  }
+
+  function setOpen(open) {
+    var wantOpen = !!open;
+    panel.classList.toggle("ai-assistant-panel--open", wantOpen);
+    panel.setAttribute("aria-hidden", wantOpen ? "false" : "true");
+    toggle.setAttribute("aria-expanded", wantOpen ? "true" : "false");
+    if (wantOpen) {
+      panel.style.setProperty("display", "flex", "important");
+      panel.style.setProperty("flex-direction", "column", "important");
+    } else {
+      panel.style.setProperty("display", "none", "important");
+    }
+    if (wantOpen && input) {
+      window.setTimeout(function () {
+        try {
+          input.focus();
+        } catch (e) {}
+      }, 0);
+    }
+  }
+
+  setOpen(false);
+
+  toggle.addEventListener("click", function (e) {
+    e.preventDefault();
+    e.stopPropagation();
+    setOpen(!isPanelOpen());
+  });
+
+  panel.addEventListener("click", function (e) {
+    if (e.target && e.target.closest && e.target.closest("#ai-assistant-close")) {
+      e.preventDefault();
+      e.stopPropagation();
+      setOpen(false);
+    }
+  });
+
+  if (closeBtn) {
+    closeBtn.addEventListener("click", function (e) {
+      e.preventDefault();
+      e.stopPropagation();
+      setOpen(false);
+    });
+  }
+
+  document.addEventListener(
+    "mousedown",
+    function (e) {
+      if (!isPanelOpen()) return;
+      if (assistantContains(e.target)) return;
+      setOpen(false);
+    },
+    true
+  );
+
+  document.addEventListener("keydown", function (e) {
+    if (e.key !== "Escape") return;
+    if (!isPanelOpen()) return;
+    setOpen(false);
+  });
+
+  function getCookie(name) {
+    const value = "; " + document.cookie;
+    const parts = value.split("; " + name + "=");
+    if (parts.length === 2) return parts.pop().split(";").shift();
+    return "";
+  }
+
+  function appendBubble(role, text) {
+    if (!messages) return;
+    const row = document.createElement("div");
+    row.className = "ai-assistant-msg ai-assistant-msg--" + role;
+    const bubble = document.createElement("div");
+    bubble.className = "ai-assistant-bubble";
+    bubble.textContent = text;
+    row.appendChild(bubble);
+    messages.appendChild(row);
+    messages.scrollTop = messages.scrollHeight;
+  }
+
+  if (form) {
+    form.addEventListener("submit", async function (ev) {
+      ev.preventDefault();
+      const text = (input && input.value ? input.value : "").trim();
+      if (!text) return;
+      input.value = "";
+      appendBubble("user", text);
+      appendBubble("assistant", "…");
+      const pending = messages ? messages.lastElementChild : null;
+
+      try {
+        const res = await fetch(chatUrl, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            "X-CSRFToken": getCookie("csrftoken") || form.querySelector("[name=csrfmiddlewaretoken]").value,
+          },
+          credentials: "same-origin",
+          body: JSON.stringify({ message: text }),
+        });
+        const data = await res.json().catch(function () {
+          return {};
+        });
+        if (pending) pending.remove();
+        if (!res.ok) {
+          appendBubble("assistant", data.error || "Error (" + res.status + ")");
+          return;
+        }
+        appendBubble("assistant", data.reply || "(empty response)");
+      } catch (err) {
+        if (pending) pending.remove();
+        appendBubble("assistant", "Network error. Try again.");
+      }
+    });
+  }
+})();
+</script>
diff --git a/front-end/includes/app_sidebar.html b/front-end/includes/app_sidebar.html
new file mode 100644
index 0000000..22a9ec0
--- /dev/null
+++ b/front-end/includes/app_sidebar.html
@@ -0,0 +1,50 @@
+{% load static %}
+{% with u=request.resolver_match.url_name|default_if_none:"" %}
+<!-- ☰ Hamburger -->
+<div class="hamburger" id="hamburger" role="button" tabindex="0" aria-label="Toggle navigation menu" aria-controls="app-sidebar" aria-expanded="false">
+    <span></span>
+    <span></span>
+    <span></span>
+</div>
+
+<aside class="sidebar" id="app-sidebar" aria-label="Main navigation">
+    <h2 class="sidebar-brand">AutoPen</h2>
+    <nav class="sidebar-nav">
+        <ul>
+            <li>
+                <a href="{% url 'dashboard' %}" class="sidebar-link {% if u == 'dashboard' %}active{% endif %}">Dashboard</a>
+            </li>
+            <li>
+                <a href="{% url 'start_scan' %}" class="sidebar-link {% if u == 'start_scan' %}active{% endif %}">Start Scan</a>
+            </li>
+            <li>
+                <a href="{% url 'reports' %}" class="sidebar-link {% if u == 'reports' or u == 'report_detail' %}active{% endif %}">Reports</a>
+            </li>
+            <li>
+                <a href="{% url 'vulnerability_list' %}" class="sidebar-link {% if u == 'vulnerability_list' %}active{% endif %}">Vulnerabilities</a>
+            </li>
+            {% if user_role == "manager" %}
+            <li>
+                <a href="{% url 'approval_queue' %}" class="sidebar-link {% if u == 'approval_queue' %}active{% endif %}">Department Approvals</a>
+            </li>
+            {% endif %}
+            <li>
+                <a href="{% url 'targets' %}" class="sidebar-link {% if u == 'targets' %}active{% endif %}">Targets</a>
+            </li>
+            <li>
+                <a href="{% url 'settings' %}" class="sidebar-link {% if u == 'settings' %}active{% endif %}">Settings</a>
+            </li>
+        </ul>
+    </nav>
+
+    <div class="sidebar-footer">
+        <span class="user-name" title="Signed-in user">{{ user_name|default:user_email|default:"—" }}</span>
+        <form method="POST" action="{% url 'logout' %}">
+            {% csrf_token %}
+            <button type="submit" class="logout-btn">
+                Logout
+            </button>
+        </form>
+    </div>
+</aside>
+{% endwith %}
diff --git a/front-end/index.html b/front-end/index.html
index b69130a..42e3570 100644
--- a/front-end/index.html
+++ b/front-end/index.html
@@ -1,159 +1,127 @@
-<!DOCTYPE html>
-{% load static %}
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-
-    <title>AutoPen Dashboard</title>
-
-    <!-- CSS -->
-    <link rel="stylesheet" href="{% static 'styles/style.css' %}">
-    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap" rel="stylesheet">
-
-    <!-- JS -->
-    <script type="text/javascript" src="{% static 'scripts/upload.js' %}"></script>
-    <script src="{% static 'scripts/main.js' %}"></script>
-</head>
-<body>
-
-<!-- ☰ Hamburger -->
-<div class="hamburger" id="hamburger">
-    <span></span>
-    <span></span>
-    <span></span>
-</div>
-
-<div class="sidebar">
-    <h2>AutoPen</h2>
-    <ul>
-        <li>Dashboard</li>
-        <li>Start Scan</li>
-        <li>Reports</li>
-        <li>Targets</li>
-        <li>Settings</li>
-        <li><a href="{% url 'vulnerability_list' %}">Vulnerabilities</a></li>
-    </ul>
-
-    <!-- 👇 Sidebar Footer (User + Logout) -->
-    <div class="sidebar-footer">
-        <span class="user-name">{{ request.user }}</span>
-
-        <form method="POST" action="{% url 'logout' %}">
-            {% csrf_token %}
-            <button type="submit" class="logout-btn">
-                Logout
-            </button>
-        </form>
-    </div>
-</div>
-
-<div class="main">
-    <div class="header">
-        <h1>Penetration Testing Dashboard</h1>
-        <p>User: {{ user_email|default:"Unknown User" }}</p>
-        <div class="status">System Status: Active</div>
-        <form method="POST" action="{% url 'logout' %}" style="display:inline;">
-            {% csrf_token %}
-            <button type="submit" style="
-        background-color:#ff4d4d;
-        color:white;
-        border:none;
-        padding:8px 12px;
-        border-radius:5px;
-        cursor:pointer;
-    ">
-                Logout
-            </button>
-        </form>
-    </div>
-
-    <div class="cards">
-        <div class="card">
-            <h3>Total Scans</h3>
-            <p>{{scans|length}}</p>
-        </div>
-        <div class="card">
-            <h3>Critical Vulnerabilities</h3>
-            <p>12</p>
-        </div>
-        <div class="card">
-            <h3>Medium Vulnerabilities</h3>
-            <p>34</p>
-        </div>
-        <div class="card">
-            <h3>Low Vulnerabilities</h3>
-            <p>56</p>
-        </div>
-    </div>
-
-    <div class="code-center">
-        <div class="code-box">
-            <h2>Upload Code for Analysis</h2>
-
-            <form method="POST" action="{% url 'submit_code' %}" enctype="multipart/form-data">
-                {% csrf_token %}
-
-                <div class="upload-tabs">
-                    <button type="button" class="tab-btn active" data-tab="file">Upload File</button>
-                    <button type="button" class="tab-btn" data-tab="paste">Paste Code</button>
-                </div>
-
-                <!-- Upload File -->
-                <div class="tab-content active" id="file">
-                    <label class="drop-zone">
-                        <input type="file" name="file" accept=".py,.js,.ts,.tsx,.jsx,.java,.go,.rs,.c,.cpp,.h,.cs,.php,.rb,.swift,.kt,.sql,.sh,.yaml,.yml,.json,.xml,.html,.css,.md,.txt">
-                        <p>Drop your code file here<br>or <span>click to browse</span></p>
-                    </label>
-                </div>
-
-                <!-- Paste Code -->
-                <div class="tab-content" id="paste">
-                    <textarea name="code" placeholder="Paste your code here..."></textarea>
-                </div>
-
-                <button type="submit" class="scan-btn">Start Scan</button>
-            </form>
-
-            {% if result %}
-            <div style="margin-top:20px; color:green;">
-                {{ result }}
-            </div>
-            {% endif %}
-        </div>
-    </div>
-
-    <div class="recent-scans">
-        <h3>Recent Scan Results</h3>
-        <table>
-            <thead>
-            <tr>
-                <th>Target</th>
-                <th>Date</th>
-                <th>Risk Level</th>
-                <th>Status</th>
-            </tr>
-            </thead>
-            <tbody>
-            {% for scan in scans %}
-            <tr onclick="window.location='{% url 'report_detail' scan.submission_id %}'" style="cursor:pointer;">
-                <td>{{ scan.submission_name|default:"Unnamed submission" }}</td>
-                <td>{{ scan.uploaded_at|date:"m/d/Y" }}</td>
-                <td class="{% if scan.risk_level == 'Critical' %}critical{% elif scan.risk_level == 'High' %}high{% elif scan.risk_level == 'Medium' %}medium{% elif scan.risk_level == 'Low' %}low{% else %}info{% endif %}">
-                    {{ scan.risk_level|default:"N/A" }}
-                </td>
-                <td>{{ scan.scan_status|default:"Unknown" }}</td>
-            </tr>
-            {% empty %}
-            <tr>
-                <td colspan="4">No recent scans yet.</td>
-            </tr>
-            {% endfor %}
-            </tbody>
-        </table>
-    </div>
-</div>
-
-</body>
-</html>
+<!DOCTYPE html>
+{% load static %}
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+
+    <title>AutoPen Dashboard</title>
+
+    <!-- CSS -->
+    <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap" rel="stylesheet">
+
+    <!-- JS -->
+    <script type="text/javascript" src="{% static 'scripts/upload.js' %}" defer></script>
+    <script src="{% static 'scripts/main.js' %}" defer></script>
+</head>
+<body class="theme-{{ user_theme|default:'dark' }}">
+
+{% include "includes/app_sidebar.html" %}
+
+<div class="main">
+    <div class="header">
+        <h1>Penetration Testing Dashboard</h1>
+        <p>User: {{ user_name|default:user_email|default:"Unknown User" }}</p>
+        <div class="status">System Status: Active</div>
+    </div>
+
+    <div class="cards">
+        <div class="card">
+            <h3>Department Reports</h3>
+            <p>{{ total_scans }}</p>
+        </div>
+        <div class="card">
+            <h3>My Reports</h3>
+            <p>{{ my_count }}</p>
+        </div>
+        <div class="card">
+            <h3>Urgent Targets</h3>
+            <p>{{ urgent_count }}</p>
+        </div>
+        <div class="card">
+            <h3>Department</h3>
+            <p>{{ user_department|default:"N/A" }}</p>
+        </div>
+    </div>
+
+    <div class="code-center" id="scan-panel">
+        <div class="code-box">
+            <h2>Quick Scan</h2>
+
+            <form method="POST" action="{% url 'submit_code' %}" enctype="multipart/form-data">
+                {% csrf_token %}
+
+                <div class="quick-report-name">
+                    <input type="text" name="report_title" maxlength="200" placeholder="Report name (optional)">
+                </div>
+
+                <div class="upload-tabs">
+                    <button type="button" class="tab-btn active" data-tab="file">Upload File</button>
+                    <button type="button" class="tab-btn" data-tab="paste">Paste Code</button>
+                </div>
+
+                <!-- Upload File -->
+                <div class="tab-content active" id="file">
+                    <label class="drop-zone">
+                        <input type="file" name="file" accept=".py,.js,.ts,.tsx,.jsx,.java,.go,.rs,.c,.cpp,.h,.cs,.php,.rb,.swift,.kt,.sql,.sh,.yaml,.yml,.json,.xml,.html,.css,.md,.txt">
+                        <p>Drop your code file here<br>or <span>click to browse</span></p>
+                    </label>
+                </div>
+
+                <!-- Paste Code -->
+                <div class="tab-content" id="paste">
+                    <textarea name="code" placeholder="Paste your code here..."></textarea>
+                </div>
+
+                <button type="submit" class="scan-btn">Start Scan</button>
+                <a class="secondary-link" href="{% url 'start_scan' %}">Open advanced scan options</a>
+            </form>
+
+            {% if result %}
+            <div style="margin-top:20px; color:green;">
+                {{ result }}
+            </div>
+            {% endif %}
+        </div>
+    </div>
+
+    <div class="recent-scans" id="recent-scans">
+        <h3>Recent Department Reports</h3>
+        <table>
+            <thead>
+            <tr>
+                <th>Target</th>
+                <th>Date</th>
+                <th>Owner</th>
+                <th>Risk Level</th>
+                <th>Priority</th>
+                <th>Status</th>
+            </tr>
+            </thead>
+            <tbody>
+            {% for scan in scans %}
+            <tr onclick="window.location='{% url 'report_detail' scan.submission_id %}'" style="cursor:pointer;">
+                <td>{% if scan.report_title %}{{ scan.report_title }}{% else %}{{ scan.submission_name|default:"Unnamed submission" }}{% endif %}</td>
+                <td>{{ scan.uploaded_at|date:"m/d/Y" }}</td>
+                <td>{{ scan.user.full_name|default:scan.user.email }}</td>
+                <td class="{% if scan.risk_level == 'Critical' %}critical{% elif scan.risk_level == 'High' %}high{% elif scan.risk_level == 'Medium' %}medium{% elif scan.risk_level == 'Low' %}low{% else %}info{% endif %}">
+                    {{ scan.risk_level|default:"N/A" }}
+                </td>
+                <td class="priority-{{ scan.priority }}">{{ scan.get_priority_display }}</td>
+                <td>{{ scan.scan_status|default:"Unknown" }}</td>
+            </tr>
+            {% empty %}
+            <tr>
+                <td colspan="6">No recent scans yet.</td>
+            </tr>
+            {% endfor %}
+            </tbody>
+        </table>
+    </div>
+</div>
+
+{% include "includes/ai_assistant.html" %}
+</body>
+</html>
diff --git a/front-end/register.html b/front-end/register.html
index 21bb538..8c1847f 100644
--- a/front-end/register.html
+++ b/front-end/register.html
@@ -13,6 +13,10 @@
 
   <h2>Create Account</h2>
 
+  {% if success %}
+  <p class="success">{{ success }}</p>
+  {% endif %}
+
   {% if error %}
   <p class="error">{{ error }}</p>
   {% endif %}
@@ -20,6 +24,10 @@ <h2>Create Account</h2>
   <form method="POST">
     {% csrf_token %}
 
+    <div class="input-group">
+      <input type="text" name="full_name" placeholder="Full name" required>
+    </div>
+
     <div class="input-group">
       <input type="text" name="email" placeholder="Email" required>
     </div>
@@ -28,6 +36,19 @@ <h2>Create Account</h2>
       <input type="password" name="password" placeholder="Password" required>
     </div>
 
+    <div class="input-group">
+      <select name="department" required>
+        <option value="">Select department</option>
+        {% for value, label in department_choices %}
+        <option value="{{ value }}">{{ label }}</option>
+        {% endfor %}
+      </select>
+    </div>
+
+    <div class="input-group">
+      <input type="text" name="manager_code" placeholder="Manager setup code (optional)">
+    </div>
+
     <button type="submit" class="login-btn">Register</button>
   </form>
 
diff --git a/front-end/reports.html b/front-end/reports.html
new file mode 100644
index 0000000..308bfa3
--- /dev/null
+++ b/front-end/reports.html
@@ -0,0 +1,100 @@
+<!DOCTYPE html>
+{% load static %}
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>My Reports — AutoPen</title>
+    <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+    <script src="{% static 'scripts/main.js' %}" defer></script>
+</head>
+<body class="theme-{{ user_theme|default:'dark' }}">
+{% include "includes/app_sidebar.html" %}
+
+<div class="main">
+    <div class="header">
+        <h1>My Reports</h1>
+        <div class="status">Your scans only · newest first</div>
+    </div>
+
+    <div class="recent-scans reports-table-wrap">
+        <table class="reports-table">
+            <thead>
+            <tr>
+                <th>Report name</th>
+                <th>Time</th>
+                <th>Risk</th>
+                <th>Urgency</th>
+                <th>Status</th>
+                <th>Type</th>
+                <th></th>
+            </tr>
+            </thead>
+            <tbody>
+            {% for report in reports %}
+            <tr class="reports-row-main priority-border-{{ report.priority }}">
+                <td class="reports-name-cell">
+                    <a class="reports-title-link" href="{% url 'report_detail' report.submission_id %}">
+                        {% if report.report_title %}{{ report.report_title }}{% else %}{{ report.submission_name|default:"Untitled" }}{% endif %}
+                    </a>
+                    <form method="POST" class="reports-rename-form" onclick="event.stopPropagation();">
+                        {% csrf_token %}
+                        <input type="hidden" name="action" value="rename">
+                        <input type="hidden" name="submission_id" value="{{ report.submission_id }}">
+                        <input type="text" name="report_title" value="{{ report.report_title }}" maxlength="200" placeholder="Name this report…">
+                        <button type="submit" class="scan-btn compact-btn">Save name</button>
+                    </form>
+                </td>
+                <td>{{ report.uploaded_at|date:"m/d/Y H:i" }}</td>
+                <td class="{% if report.risk_level == 'Critical' %}critical{% elif report.risk_level == 'High' %}high{% elif report.risk_level == 'Medium' %}medium{% elif report.risk_level == 'Low' %}low{% else %}info{% endif %}">
+                    {{ report.risk_level|default:"—" }}
+                </td>
+                <td>
+                    <form method="POST" class="reports-inline-priority" onclick="event.stopPropagation();">
+                        {% csrf_token %}
+                        <input type="hidden" name="action" value="priority">
+                        <input type="hidden" name="submission_id" value="{{ report.submission_id }}">
+                        <select name="priority">
+                            {% for value, label in priority_choices %}
+                            <option value="{{ value }}" {% if report.priority == value %}selected{% endif %}>{{ label }}</option>
+                            {% endfor %}
+                        </select>
+                        <button type="submit" class="scan-btn compact-btn">Set</button>
+                    </form>
+                </td>
+                <td>{{ report.scan_status|default:"—" }}</td>
+                <td>{{ report.get_scan_input_type_display }}</td>
+                <td>
+                    <a class="secondary-link" href="{% url 'report_detail' report.submission_id %}">Open</a>
+                </td>
+            </tr>
+            <tr class="reports-row-comments">
+                <td colspan="7">
+                    <div class="reports-comments-thread">
+                        {% for comment in report.comments.all %}
+                        <p class="comment-line"><strong>{{ comment.user.full_name|default:comment.user.email }}:</strong> {{ comment.comment }}</p>
+                        {% empty %}
+                        <p class="muted">No comments yet.</p>
+                        {% endfor %}
+                    </div>
+                    <form method="POST" class="reports-comment-bar">
+                        {% csrf_token %}
+                        <input type="hidden" name="action" value="comment">
+                        <input type="hidden" name="submission_id" value="{{ report.submission_id }}">
+                        <input type="text" name="comment" class="reports-comment-input" placeholder="Add a note on this report…" autocomplete="off" required>
+                        <button type="submit" class="scan-btn compact-btn">Post</button>
+                    </form>
+                </td>
+            </tr>
+            {% empty %}
+            <tr>
+                <td colspan="7" class="muted">No reports yet. Start a scan from Dashboard or Start Scan.</td>
+            </tr>
+            {% endfor %}
+            </tbody>
+        </table>
+    </div>
+</div>
+{% include "includes/ai_assistant.html" %}
+</body>
+</html>
diff --git a/front-end/scan.html b/front-end/scan.html
new file mode 100644
index 0000000..65ea849
--- /dev/null
+++ b/front-end/scan.html
@@ -0,0 +1,75 @@
+<!DOCTYPE html>
+{% load static %}
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Start Scan — AutoPen</title>
+    <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+    <script type="text/javascript" src="{% static 'scripts/upload.js' %}" defer></script>
+    <script src="{% static 'scripts/main.js' %}" defer></script>
+</head>
+<body class="theme-{{ user_theme|default:'dark' }}">
+{% include "includes/app_sidebar.html" %}
+
+<div class="main">
+    <div class="header">
+        <h1>Start Scan</h1>
+        <div class="status">Advanced Analysis</div>
+    </div>
+
+    <div class="code-box wide-box">
+        <h2>Submit Code or Ask AI</h2>
+        <form method="POST" action="{% url 'start_scan' %}" enctype="multipart/form-data">
+            {% csrf_token %}
+
+            <div class="line-range">
+                <label>
+                    Report name (optional)
+                    <input type="text" name="report_title" maxlength="200" placeholder="e.g. Auth service review">
+                </label>
+            </div>
+
+            <div class="upload-tabs">
+                <button type="button" class="tab-btn active" data-tab="file">Upload File</button>
+                <button type="button" class="tab-btn" data-tab="paste">Paste Code</button>
+                <button type="button" class="tab-btn" data-tab="question">Ask AI</button>
+            </div>
+
+            <div class="tab-content active" id="file">
+                <label class="drop-zone">
+                    <input type="file" name="file" accept=".py,.js,.ts,.tsx,.jsx,.java,.go,.rs,.c,.cpp,.h,.cs,.php,.rb,.swift,.kt,.sql,.sh,.yaml,.yml,.json,.xml,.html,.css,.md,.txt">
+                    <p>Upload code for a full report<br><span>Optional: add line range below</span></p>
+                </label>
+            </div>
+
+            <div class="tab-content" id="paste">
+                <textarea name="code" placeholder="Paste raw code here..."></textarea>
+            </div>
+
+            <div class="tab-content" id="question">
+                <textarea name="text_question" placeholder="Describe the security concern or paste architecture notes for AI analysis..."></textarea>
+            </div>
+
+            <div class="line-range">
+                <label>
+                    Focus start line
+                    <input type="number" min="1" name="focus_start_line" placeholder="Optional">
+                </label>
+                <label>
+                    Focus end line
+                    <input type="number" min="1" name="focus_end_line" placeholder="Optional">
+                </label>
+            </div>
+
+            <button type="submit" class="scan-btn">Generate Report</button>
+        </form>
+
+        {% if result %}
+        <div class="form-message">{{ result }}</div>
+        {% endif %}
+    </div>
+</div>
+{% include "includes/ai_assistant.html" %}
+</body>
+</html>
diff --git a/front-end/scripts/main.js b/front-end/scripts/main.js
index 1385644..ef04ed0 100644
--- a/front-end/scripts/main.js
+++ b/front-end/scripts/main.js
@@ -4,15 +4,49 @@ window.addEventListener("load", () => {
 });
 
 window.addEventListener("DOMContentLoaded", () => {
-
     const hamburger = document.getElementById("hamburger");
     const sidebar = document.querySelector(".sidebar");
     const main = document.querySelector(".main");
 
+    if (!hamburger || !sidebar) {
+        return;
+    }
+
+    const syncAria = () => {
+        const open = sidebar.classList.contains("active");
+        hamburger.setAttribute("aria-expanded", open ? "true" : "false");
+    };
+
+    syncAria();
+
     hamburger.addEventListener("click", () => {
         hamburger.classList.toggle("active");
         sidebar.classList.toggle("active");
-        main.classList.toggle("shift");
+        if (main) {
+            main.classList.toggle("shift");
+        }
+        syncAria();
     });
 
-});
\ No newline at end of file
+    hamburger.addEventListener("keydown", (ev) => {
+        if (ev.key === "Enter" || ev.key === " ") {
+            ev.preventDefault();
+            hamburger.click();
+        }
+    });
+
+    const closeSidebar = () => {
+        hamburger.classList.remove("active");
+        sidebar.classList.remove("active");
+        if (main) {
+            main.classList.remove("shift");
+        }
+        syncAria();
+    };
+
+    sidebar.addEventListener("click", (ev) => {
+        if (ev.target.closest("a.sidebar-link")) {
+            closeSidebar();
+        }
+    });
+});
diff --git a/front-end/settings.html b/front-end/settings.html
new file mode 100644
index 0000000..97077d2
--- /dev/null
+++ b/front-end/settings.html
@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+{% load static %}
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Settings — AutoPen</title>
+    <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+    <script src="{% static 'scripts/main.js' %}" defer></script>
+</head>
+<body class="theme-{{ user_theme|default:'dark' }}">
+{% include "includes/app_sidebar.html" %}
+
+<div class="main">
+    <div class="header">
+        <h1>Settings</h1>
+        <div class="status">Personal Preferences</div>
+    </div>
+
+    <div class="code-box">
+        {% if messages %}
+        {% for message in messages %}
+        <div class="form-message">{{ message }}</div>
+        {% endfor %}
+        {% endif %}
+
+        <form method="POST">
+            {% csrf_token %}
+            <div class="settings-grid">
+                <label>
+                    Background theme
+                    <select name="theme">
+                        {% for value, label in theme_choices %}
+                        <option value="{{ value }}" {% if settings.theme == value %}selected{% endif %}>{{ label }}</option>
+                        {% endfor %}
+                    </select>
+                </label>
+
+                <label>
+                    AI model
+                    <select name="ai_model">
+                        {% for model in ai_models %}
+                        <option value="{{ model }}" {% if settings.ai_model == model %}selected{% endif %}>{{ model }}</option>
+                        {% endfor %}
+                    </select>
+                </label>
+            </div>
+
+            <p class="muted">Model choices come from your environment: `OPENAI_MODEL_CHOICES`, with `OPENAI_REPORT_MODEL` as the fallback.</p>
+            <button class="scan-btn" type="submit">Save Settings</button>
+        </form>
+    </div>
+</div>
+{% include "includes/ai_assistant.html" %}
+</body>
+</html>
diff --git a/front-end/styles/incident_report.css b/front-end/styles/incident_report.css
index 29edcb1..a2aa1c2 100644
--- a/front-end/styles/incident_report.css
+++ b/front-end/styles/incident_report.css
@@ -24,6 +24,14 @@ body.incident-report-body {
   line-height: 1.5;
 }
 
+body.incident-report-body.theme-purple {
+  background: #f7f0ff;
+}
+
+body.incident-report-body.theme-blue {
+  background: #eff6ff;
+}
+
 .ir-wrap {
   max-width: 900px;
   margin: 0 auto;
@@ -77,6 +85,12 @@ body.incident-report-body {
   font-size: 0.9rem;
 }
 
+.ir-user-report-name {
+  margin-top: 0.5rem;
+  font-size: 0.95rem;
+  color: var(--muted);
+}
+
 .ir-header {
   border-left: 4px solid var(--seafoam);
   padding-left: 1.25rem;
@@ -202,3 +216,11 @@ body.incident-report-body {
   padding-bottom: 0.35rem;
   min-height: 2rem;
 }
+
+/* Sidebar layout: incident report stays light; `.main--report` stretches full width inside flex body */
+body.incident-report-body .main.main--report {
+  width: 100%;
+  flex: 1;
+  padding-top: 3rem;
+  background: transparent;
+}
diff --git a/front-end/styles/login.css b/front-end/styles/login.css
index 97025e1..cff6018 100644
--- a/front-end/styles/login.css
+++ b/front-end/styles/login.css
@@ -79,6 +79,15 @@ body.loaded {
     transition: 0.25s;
 }
 
+.input-group select {
+    width: 100%;
+    padding: 12px;
+    border-radius: 8px;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    background: rgba(17, 24, 39, 0.6);
+    color: #e5e7eb;
+}
+
 .input-group input:focus {
     outline: none;
     border-color: #a855f7;
@@ -119,6 +128,12 @@ body.loaded {
     margin-bottom: 10px;
 }
 
+.success {
+    color: #86efac;
+    text-align: center;
+    margin-bottom: 10px;
+}
+
 /* ================= REGISTER LINK ================= */
 .register {
     text-align: center;
diff --git a/front-end/styles/style.css b/front-end/styles/style.css
index 08a5ded..142191a 100644
--- a/front-end/styles/style.css
+++ b/front-end/styles/style.css
@@ -44,23 +44,55 @@ body.loaded {
     left: 0;
 }
 
-.sidebar h2 {
-    letter-spacing: 1px;
-    font-weight: 600;
-}
 
-.sidebar ul {
+.sidebar-nav ul {
     list-style: none;
 }
 
-.sidebar ul li {
+.sidebar-nav ul li {
     letter-spacing: 0.5px;
     font-weight: 500;
+    margin-bottom: 4px;
+}
+
+.sidebar-link {
+    display: block;
+    padding: 10px 12px;
+    border-radius: 8px;
+    color: #e5e7eb;
+    text-decoration: none;
+    transition: color 0.2s ease, background 0.2s ease;
 }
 
-.sidebar ul li:hover {
+.sidebar-link:hover {
     color: #c084fc;
-    text-shadow: 0 0 8px rgba(168, 85, 247, 0.6);
+    background: rgba(168, 85, 247, 0.12);
+    text-shadow: 0 0 8px rgba(168, 85, 247, 0.35);
+}
+
+.sidebar-link.active {
+    color: #fdf4ff;
+    background: rgba(168, 85, 247, 0.22);
+    border-left: 3px solid #c084fc;
+    padding-left: 9px;
+}
+
+.sidebar-disabled {
+    display: block;
+    padding: 10px 12px;
+    border-radius: 8px;
+    color: #6b7280;
+    cursor: not-allowed;
+    font-size: 0.95rem;
+}
+
+.sidebar-brand {
+    letter-spacing: 1px;
+    font-weight: 600;
+}
+
+.logout-btn-inline {
+    margin-left: auto;
 }
 
 /* ================= SIDEBAR FOOTER ================= */
@@ -382,3 +414,514 @@ input, select {
     border-radius: 8px;
     padding: 10px;
 }
+
+/* ================= NEW WORKFLOW PAGES ================= */
+body.theme-purple {
+    background:
+            radial-gradient(circle at top left, rgba(236, 72, 153, 0.18), transparent 40%),
+            radial-gradient(circle at bottom right, rgba(168, 85, 247, 0.16), transparent 50%),
+            linear-gradient(135deg, #090012, #1e1b4b);
+}
+
+body.theme-blue {
+    background:
+            radial-gradient(circle at top left, rgba(59, 130, 246, 0.18), transparent 40%),
+            radial-gradient(circle at bottom right, rgba(14, 165, 233, 0.14), transparent 50%),
+            linear-gradient(135deg, #020617, #0f172a);
+}
+
+.wide-box {
+    max-width: 1100px;
+}
+
+.secondary-link {
+    display: inline-block;
+    margin-left: 14px;
+    color: #c084fc;
+    text-decoration: none;
+}
+
+.line-range,
+.settings-grid {
+    display: grid;
+    grid-template-columns: repeat(auto-fit, minmax(220px, 1fr));
+    gap: 16px;
+    margin-top: 18px;
+}
+
+.line-range label,
+.settings-grid label {
+    display: grid;
+    gap: 8px;
+    color: #e9d5ff;
+}
+
+.form-message {
+    margin-top: 18px;
+    color: #86efac;
+}
+
+.muted {
+    color: #94a3b8;
+}
+
+.report-list {
+    display: grid;
+    gap: 18px;
+}
+
+.report-card {
+    background: rgba(17, 24, 39, 0.8);
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    border-radius: 12px;
+    padding: 20px;
+}
+
+.report-card-header {
+    display: flex;
+    justify-content: space-between;
+    gap: 20px;
+    align-items: flex-start;
+    margin-bottom: 14px;
+}
+
+.report-card h3 a {
+    color: #ffffff;
+    text-decoration: none;
+}
+
+.compact-btn {
+    margin-top: 0;
+    padding: 8px 16px;
+}
+
+.comment-line {
+    margin-top: 8px;
+    color: #d1d5db;
+}
+
+.priority-pill {
+    border-radius: 999px;
+    padding: 6px 12px;
+    background: rgba(255, 255, 255, 0.08);
+    white-space: nowrap;
+}
+
+.priority-urgent {
+    color: #fb7185;
+    font-weight: 700;
+}
+
+.priority-medium {
+    color: #facc15;
+    font-weight: 700;
+}
+
+.priority-low {
+    color: #34d399;
+    font-weight: 700;
+}
+
+.priority-border-urgent {
+    border-color: rgba(251, 113, 133, 0.65);
+}
+
+.priority-border-medium {
+    border-color: rgba(250, 204, 21, 0.55);
+}
+
+.priority-border-low {
+    border-color: rgba(52, 211, 153, 0.45);
+}
+
+/* ================= DEPARTMENT REPORTS TABLE ================= */
+.reports-table-wrap {
+    overflow-x: auto;
+}
+
+.reports-table {
+    width: 100%;
+    border-collapse: collapse;
+}
+
+.reports-table th,
+.reports-table td {
+    vertical-align: top;
+}
+
+.reports-row-main td {
+    border-bottom: 1px solid rgba(148, 163, 184, 0.25);
+    padding-top: 14px;
+    padding-bottom: 14px;
+}
+
+.reports-row-comments td {
+    border-bottom: 1px solid rgba(168, 85, 247, 0.25);
+    padding-top: 10px;
+    padding-bottom: 18px;
+    background: rgba(15, 23, 42, 0.45);
+}
+
+.reports-title-link {
+    color: #f8fafc;
+    font-weight: 600;
+    text-decoration: none;
+}
+
+.reports-title-link:hover {
+    text-decoration: underline;
+}
+
+.reports-name-cell {
+    min-width: 200px;
+}
+
+.reports-rename-form {
+    display: flex;
+    flex-wrap: wrap;
+    gap: 8px;
+    margin-top: 8px;
+    align-items: center;
+}
+
+.reports-rename-form input[type="text"] {
+    flex: 1 1 180px;
+    min-width: 140px;
+}
+
+.reports-inline-priority {
+    display: flex;
+    flex-wrap: wrap;
+    gap: 6px;
+    align-items: center;
+}
+
+.reports-comments-thread {
+    margin-bottom: 10px;
+    max-height: 140px;
+    overflow-y: auto;
+}
+
+.reports-comment-bar {
+    display: flex;
+    gap: 10px;
+    align-items: center;
+    flex-wrap: wrap;
+}
+
+.reports-comment-input {
+    flex: 1 1 240px;
+    min-width: 200px;
+    padding: 10px 12px;
+    border-radius: 8px;
+    border: 1px solid rgba(168, 85, 247, 0.35);
+    background: rgba(17, 24, 39, 0.85);
+    color: #f8fafc;
+}
+
+.sr-only {
+    position: absolute;
+    width: 1px;
+    height: 1px;
+    padding: 0;
+    margin: -1px;
+    overflow: hidden;
+    clip: rect(0, 0, 0, 0);
+    white-space: nowrap;
+    border: 0;
+}
+
+/* Targets: department queue + discussion board */
+.targets-table .targets-board-row td {
+    border-bottom: 1px solid rgba(168, 85, 247, 0.28);
+    padding: 14px 16px 18px;
+    background: rgba(15, 23, 42, 0.55);
+}
+
+.targets-board {
+    max-width: 920px;
+}
+
+.targets-board-header {
+    font-size: 0.75rem;
+    font-weight: 700;
+    letter-spacing: 0.06em;
+    text-transform: uppercase;
+    color: #c4b5fd;
+    margin-bottom: 12px;
+}
+
+.targets-board-thread {
+    display: flex;
+    flex-direction: column;
+    gap: 12px;
+    max-height: 320px;
+    overflow-y: auto;
+    padding-right: 6px;
+    margin-bottom: 14px;
+}
+
+.targets-board-post {
+    border-radius: 12px;
+    padding: 12px 14px;
+    background: rgba(30, 41, 59, 0.9);
+    border: 1px solid rgba(148, 163, 184, 0.2);
+    box-shadow: 0 4px 14px rgba(0, 0, 0, 0.2);
+}
+
+.targets-board-post-meta {
+    display: flex;
+    flex-wrap: wrap;
+    align-items: baseline;
+    gap: 10px;
+    margin-bottom: 8px;
+    font-size: 0.8rem;
+    color: #94a3b8;
+}
+
+.targets-board-author {
+    font-weight: 600;
+    color: #e2e8f0;
+}
+
+.targets-board-post-meta time {
+    font-variant-numeric: tabular-nums;
+}
+
+.targets-board-body {
+    color: #f1f5f9;
+    font-size: 0.95rem;
+    line-height: 1.5;
+    white-space: pre-wrap;
+    word-break: break-word;
+}
+
+.targets-board-empty {
+    margin: 0;
+    padding: 8px 0;
+}
+
+.targets-board-compose {
+    display: flex;
+    flex-direction: column;
+    gap: 10px;
+}
+
+.targets-board-textarea {
+    width: 100%;
+    min-height: 72px;
+    resize: vertical;
+    padding: 12px 14px;
+    border-radius: 10px;
+    border: 1px solid rgba(168, 85, 247, 0.35);
+    background: rgba(17, 24, 39, 0.92);
+    color: #f8fafc;
+    font-family: inherit;
+    font-size: 0.95rem;
+    line-height: 1.45;
+}
+
+.targets-board-textarea:focus {
+    outline: none;
+    border-color: rgba(192, 132, 252, 0.65);
+    box-shadow: 0 0 0 2px rgba(168, 85, 247, 0.2);
+}
+
+.targets-board-actions {
+    display: flex;
+    justify-content: flex-end;
+}
+
+.quick-report-name {
+    margin-bottom: 12px;
+}
+
+.quick-report-name input {
+    width: 100%;
+    padding: 10px 12px;
+    border-radius: 8px;
+    border: 1px solid rgba(168, 85, 247, 0.2);
+    background: rgba(17, 24, 39, 0.6);
+    color: #f8fafc;
+}
+
+/* ================= FLOATING AI ASSISTANT ================= */
+/* Dock + panel: fixed to viewport; out of document flow (no layout shift). */
+/* Final position also enforced via inline !important in includes/ai_assistant.html */
+.ai-assistant-dock {
+    position: fixed !important;
+    top: auto !important;
+    left: auto !important;
+    right: calc(16px + env(safe-area-inset-right, 0px)) !important;
+    bottom: calc(16px + env(safe-area-inset-bottom, 0px)) !important;
+    width: 56px;
+    height: 56px;
+    margin: 0 !important;
+    padding: 0 !important;
+    border: none;
+    background: transparent;
+    box-shadow: none;
+    z-index: 2147483000;
+    font-size: 14px;
+    display: block;
+    pointer-events: none;
+}
+
+.ai-assistant-dock .ai-assistant-fab {
+    pointer-events: auto;
+}
+
+.ai-assistant-fab {
+    width: 56px;
+    height: 56px;
+    border-radius: 50%;
+    border: 2px solid rgba(192, 132, 252, 0.85);
+    padding: 0;
+    cursor: pointer;
+    background: rgba(17, 24, 39, 0.95);
+    box-shadow: 0 8px 28px rgba(0, 0, 0, 0.45), 0 0 0 1px rgba(168, 85, 247, 0.25);
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    overflow: hidden;
+    transition: transform 0.2s ease, box-shadow 0.2s ease;
+}
+
+.ai-assistant-fab:hover {
+    transform: scale(1.06);
+    box-shadow: 0 10px 32px rgba(168, 85, 247, 0.35), 0 0 0 1px rgba(192, 132, 252, 0.5);
+}
+
+.ai-assistant-fab img {
+    width: 100%;
+    height: 100%;
+    object-fit: cover;
+    display: block;
+}
+
+/* Panel is a body sibling (see ai_assistant.html). Open state also sets display via inline !important in script. */
+.ai-assistant-panel {
+    position: fixed !important;
+    top: auto !important;
+    left: auto !important;
+    right: calc(16px + env(safe-area-inset-right, 0px)) !important;
+    bottom: calc(80px + env(safe-area-inset-bottom, 0px)) !important;
+    width: min(360px, calc(100vw - 36px));
+    max-height: min(480px, 70vh);
+    display: none !important;
+    flex-direction: column;
+    background: rgba(15, 23, 42, 0.97);
+    border: 1px solid rgba(168, 85, 247, 0.35);
+    border-radius: 14px;
+    box-shadow: 0 16px 48px rgba(0, 0, 0, 0.55);
+    overflow: hidden;
+    z-index: 2147483001;
+    pointer-events: auto;
+}
+
+.ai-assistant-panel.ai-assistant-panel--open {
+    display: flex !important;
+}
+
+.ai-assistant-panel-header {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    padding: 10px 12px;
+    background: rgba(30, 27, 75, 0.6);
+    color: #f3e8ff;
+    font-weight: 600;
+    border-bottom: 1px solid rgba(168, 85, 247, 0.25);
+    position: relative;
+    z-index: 2;
+}
+
+.ai-assistant-close {
+    background: transparent;
+    border: none;
+    color: #e9d5ff;
+    font-size: 22px;
+    line-height: 1;
+    cursor: pointer;
+    padding: 4px 8px;
+    border-radius: 6px;
+    position: relative;
+    z-index: 3;
+}
+
+.ai-assistant-close:hover {
+    background: rgba(168, 85, 247, 0.2);
+}
+
+.ai-assistant-messages {
+    flex: 1;
+    min-height: 200px;
+    max-height: 320px;
+    overflow-y: auto;
+    padding: 12px;
+    display: flex;
+    flex-direction: column;
+    gap: 10px;
+}
+
+.ai-assistant-msg {
+    display: flex;
+    width: 100%;
+}
+
+.ai-assistant-msg--user {
+    justify-content: flex-end;
+}
+
+.ai-assistant-msg--assistant {
+    justify-content: flex-start;
+}
+
+.ai-assistant-bubble {
+    max-width: 88%;
+    padding: 8px 12px;
+    border-radius: 12px;
+    line-height: 1.45;
+    white-space: pre-wrap;
+    word-break: break-word;
+}
+
+.ai-assistant-msg--user .ai-assistant-bubble {
+    background: rgba(168, 85, 247, 0.35);
+    color: #fdf4ff;
+    border: 1px solid rgba(192, 132, 252, 0.45);
+}
+
+.ai-assistant-msg--assistant .ai-assistant-bubble {
+    background: rgba(30, 41, 59, 0.95);
+    color: #e2e8f0;
+    border: 1px solid rgba(148, 163, 184, 0.35);
+}
+
+.ai-assistant-form {
+    display: flex;
+    gap: 8px;
+    padding: 10px;
+    border-top: 1px solid rgba(168, 85, 247, 0.2);
+    background: rgba(2, 6, 23, 0.6);
+}
+
+.ai-assistant-form input[type="text"] {
+    flex: 1;
+    min-width: 0;
+}
+
+.ai-assistant-send {
+    border: none;
+    border-radius: 999px;
+    padding: 8px 14px;
+    background: rgba(168, 85, 247, 0.9);
+    color: #fff;
+    cursor: pointer;
+    font-weight: 600;
+    white-space: nowrap;
+}
+
+.ai-assistant-send:hover {
+    background: rgba(168, 85, 247, 1);
+}
diff --git a/front-end/targets.html b/front-end/targets.html
new file mode 100644
index 0000000..b8c7880
--- /dev/null
+++ b/front-end/targets.html
@@ -0,0 +1,111 @@
+<!DOCTYPE html>
+{% load static %}
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Targets — AutoPen</title>
+    <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+    <script src="{% static 'scripts/main.js' %}" defer></script>
+</head>
+<body class="theme-{{ user_theme|default:'dark' }}">
+{% include "includes/app_sidebar.html" %}
+
+<div class="main">
+    <div class="header">
+        <h1>Targets</h1>
+        <div class="status">Department queue · urgency first, then newest</div>
+    </div>
+
+    <div class="recent-scans reports-table-wrap">
+        <table class="reports-table targets-table">
+            <thead>
+            <tr>
+                <th>Report name</th>
+                <th>Time</th>
+                <th>Owner</th>
+                <th>Risk</th>
+                <th>Urgency</th>
+                <th>Status</th>
+                <th>Type</th>
+                <th></th>
+            </tr>
+            </thead>
+            <tbody>
+            {% for report in reports %}
+            <tr class="reports-row-main priority-border-{{ report.priority }}">
+                <td class="reports-name-cell">
+                    <a class="reports-title-link" href="{% url 'report_detail' report.submission_id %}">
+                        {% if report.report_title %}{{ report.report_title }}{% else %}{{ report.submission_name|default:"Untitled" }}{% endif %}
+                    </a>
+                </td>
+                <td>{{ report.uploaded_at|date:"m/d/Y H:i" }}</td>
+                <td>{{ report.user.full_name|default:report.user.email }}</td>
+                <td class="{% if report.risk_level == 'Critical' %}critical{% elif report.risk_level == 'High' %}high{% elif report.risk_level == 'Medium' %}medium{% elif report.risk_level == 'Low' %}low{% else %}info{% endif %}">
+                    {{ report.risk_level|default:"—" }}
+                </td>
+                <td>
+                    {% if report.user_id == current_user.user_id or current_user.role == "manager" %}
+                    <form method="POST" class="reports-inline-priority" onclick="event.stopPropagation();">
+                        {% csrf_token %}
+                        <input type="hidden" name="action" value="priority">
+                        <input type="hidden" name="submission_id" value="{{ report.submission_id }}">
+                        <select name="priority">
+                            {% for value, label in priority_choices %}
+                            <option value="{{ value }}" {% if report.priority == value %}selected{% endif %}>{{ label }}</option>
+                            {% endfor %}
+                        </select>
+                        <button type="submit" class="scan-btn compact-btn">Set</button>
+                    </form>
+                    {% else %}
+                    <span class="priority-pill priority-{{ report.priority }}">{{ report.get_priority_display }}</span>
+                    {% endif %}
+                </td>
+                <td>{{ report.scan_status|default:"—" }}</td>
+                <td>{{ report.get_scan_input_type_display }}</td>
+                <td>
+                    <a class="secondary-link" href="{% url 'report_detail' report.submission_id %}">Open</a>
+                </td>
+            </tr>
+            <tr class="targets-board-row">
+                <td colspan="8">
+                    <div class="targets-board">
+                        <div class="targets-board-header">Discussion</div>
+                        <div class="targets-board-thread">
+                            {% for comment in report.comments.all %}
+                            <article class="targets-board-post">
+                                <div class="targets-board-post-meta">
+                                    <span class="targets-board-author">{{ comment.user.full_name|default:comment.user.email }}</span>
+                                    <time datetime="{{ comment.created_at|date:'c' }}">{{ comment.created_at|date:"m/d/Y H:i" }}</time>
+                                </div>
+                                <div class="targets-board-body">{{ comment.comment }}</div>
+                            </article>
+                            {% empty %}
+                            <p class="targets-board-empty muted">No messages yet — be the first to leave a note.</p>
+                            {% endfor %}
+                        </div>
+                        <form method="POST" class="targets-board-compose" onclick="event.stopPropagation();">
+                            {% csrf_token %}
+                            <input type="hidden" name="action" value="comment">
+                            <input type="hidden" name="submission_id" value="{{ report.submission_id }}">
+                            <label class="sr-only" for="target-comment-{{ report.submission_id }}">Message</label>
+                            <textarea id="target-comment-{{ report.submission_id }}" name="comment" class="targets-board-textarea" rows="3" maxlength="8000" placeholder="Write a message for the team…" required></textarea>
+                            <div class="targets-board-actions">
+                                <button type="submit" class="scan-btn compact-btn">Post message</button>
+                            </div>
+                        </form>
+                    </div>
+                </td>
+            </tr>
+            {% empty %}
+            <tr>
+                <td colspan="8" class="muted">No department reports yet.</td>
+            </tr>
+            {% endfor %}
+            </tbody>
+        </table>
+    </div>
+</div>
+{% include "includes/ai_assistant.html" %}
+</body>
+</html>
diff --git a/front-end/vulnerabilities.html b/front-end/vulnerabilities.html
index 9cec22b..116f78f 100644
--- a/front-end/vulnerabilities.html
+++ b/front-end/vulnerabilities.html
@@ -1,44 +1,18 @@
 <!DOCTYPE html>
 {% load static %}
-<html>
+<html lang="en">
 <head>
-    <title>Vulnerabilities</title>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Vulnerabilities — AutoPen</title>
     <link rel="stylesheet" href="{% static 'styles/style.css' %}">
-    <script src="{% static 'scripts/main.js' %}"></script>
+    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap" rel="stylesheet">
+    <script src="{% static 'scripts/main.js' %}" defer></script>
 </head>
 
-<body>
+<body class="theme-{{ user_theme|default:'dark' }}">
 
-<!-- ☰ Hamburger -->
-<div class="hamburger" id="hamburger">
-    <span></span>
-    <span></span>
-    <span></span>
-</div>
-
-<div class="sidebar">
-    <h2>AutoPen</h2>
-    <ul>
-        <li><a href="{% url 'dashboard' %}">Dashboard</a></li>
-        <li>Start Scan</li>
-        <li>Reports</li>
-        <li>Targets</li>
-        <li>Settings</li>
-        <li><a href="{% url 'vulnerability_list' %}">Vulnerabilities</a></li>
-    </ul>
-
-    <!-- 👇 Sidebar Footer (User + Logout) -->
-    <div class="sidebar-footer">
-        <span class="user-name">{{ request.user }}</span>
-
-        <form method="POST" action="{% url 'logout' %}">
-            {% csrf_token %}
-            <button type="submit" class="logout-btn">
-                Logout
-            </button>
-        </form>
-    </div>
-</div>
+{% include "includes/app_sidebar.html" %}
 
 <!-- ================= MAIN CONTENT ================= -->
 <div class="main">
@@ -120,5 +94,6 @@ <h2>All Vulnerabilities</h2>
 
 </div>
 
+{% include "includes/ai_assistant.html" %}
 </body>
-</html>
\ No newline at end of file
+</html>

From d429083dfcfeaf5a9f63d046344271fb784f7d24 Mon Sep 17 00:00:00 2001
From: zhangtingen <else8072@gmail.com>
Date: Sun, 3 May 2026 21:57:25 -0500
Subject: [PATCH 41/41] Update:personal information

---
 api/migrations/0005_user_llm_token_totals.py | 23 ++++++
 api/models.py                                |  2 +
 api/services/ai_service.py                   |  4 +-
 api/services/incident_report_ai.py           | 10 ++-
 api/tests.py                                 | 18 ++++-
 api/urls.py                                  |  1 +
 api/utils/incident_report.py                 | 25 ++++++-
 api/utils/openai_usage.py                    | 23 ++++++
 api/views.py                                 | 74 ++++++++++++++++++-
 front-end/includes/app_sidebar.html          |  2 +-
 front-end/personal_info.html                 | 77 ++++++++++++++++++++
 front-end/styles/style.css                   | 72 ++++++++++++++++++
 12 files changed, 320 insertions(+), 11 deletions(-)
 create mode 100644 api/migrations/0005_user_llm_token_totals.py
 create mode 100644 api/utils/openai_usage.py
 create mode 100644 front-end/personal_info.html

diff --git a/api/migrations/0005_user_llm_token_totals.py b/api/migrations/0005_user_llm_token_totals.py
new file mode 100644
index 0000000..a873870
--- /dev/null
+++ b/api/migrations/0005_user_llm_token_totals.py
@@ -0,0 +1,23 @@
+# Generated manually for OpenAI usage totals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("api", "0004_codesubmission_report_title"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="user",
+            name="total_llm_prompt_tokens",
+            field=models.BigIntegerField(default=0),
+        ),
+        migrations.AddField(
+            model_name="user",
+            name="total_llm_completion_tokens",
+            field=models.BigIntegerField(default=0),
+        ),
+    ]
diff --git a/api/models.py b/api/models.py
index e3ba9b8..b354ea4 100644
--- a/api/models.py
+++ b/api/models.py
@@ -39,6 +39,8 @@ class User(models.Model):
     role = models.CharField(max_length=16, choices=ROLE_CHOICES, default=ROLE_MEMBER)
     account_status = models.CharField(max_length=16, choices=STATUS_CHOICES, default=STATUS_PENDING)
     created_at = models.DateTimeField(auto_now_add=True)
+    total_llm_prompt_tokens = models.BigIntegerField(default=0)
+    total_llm_completion_tokens = models.BigIntegerField(default=0)
 
     def __str__(self):
         return self.email
diff --git a/api/services/ai_service.py b/api/services/ai_service.py
index fad18ea..f38c435 100644
--- a/api/services/ai_service.py
+++ b/api/services/ai_service.py
@@ -10,4 +10,6 @@ def ask_ai(user_text, model=None):
         messages=[{"role": "user", "content": str(user_text)}],
     )
 
-    return resp.choices[0].message.content
\ No newline at end of file
+    text = resp.choices[0].message.content
+    usage = getattr(resp, "usage", None)
+    return text, usage
\ No newline at end of file
diff --git a/api/services/incident_report_ai.py b/api/services/incident_report_ai.py
index 9760f8f..90d4632 100644
--- a/api/services/incident_report_ai.py
+++ b/api/services/incident_report_ai.py
@@ -46,9 +46,11 @@ def build_incident_report_user_prompt(passage: dict[str, Any]) -> str:
     return schema.strip() + "\n" + passage_json
 
 
-def generate_incident_report_ai_payload(passage: dict[str, Any], model: str | None = None) -> str:
+def generate_incident_report_ai_payload(
+    passage: dict[str, Any], model: str | None = None
+) -> tuple[str, Any]:
     """
-    Calls the chat completion API and returns raw message content (expected JSON object).
+    Calls the chat completion API and returns (message content, usage or None).
     """
     user_prompt = build_incident_report_user_prompt(passage)
     kwargs: dict[str, Any] = {
@@ -66,4 +68,6 @@ def generate_incident_report_ai_payload(passage: dict[str, Any], model: str | No
         kwargs.pop("response_format", None)
         resp = client.chat.completions.create(**kwargs)
 
-    return (resp.choices[0].message.content or "").strip()
+    content = (resp.choices[0].message.content or "").strip()
+    usage = getattr(resp, "usage", None)
+    return content, usage
diff --git a/api/tests.py b/api/tests.py
index d248458..535b359 100644
--- a/api/tests.py
+++ b/api/tests.py
@@ -1,14 +1,30 @@
-from django.test import TestCase
+from datetime import datetime
+
+from django.test import SimpleTestCase
 
 # Create your tests here.
 from rest_framework.test import APITestCase
 from django.contrib.auth import get_user_model
 from rest_framework import status
+from zoneinfo import ZoneInfo
+
 from .models import CodeSubmission, File, Threat
 from .tasks import run_analysis_sync
+from .utils.incident_report import format_report_datetime_chicago
 
 User = get_user_model()
 
+
+class ReportDatetimeChicagoTests(SimpleTestCase):
+    def test_formats_utc_in_chicago(self):
+        dt = datetime(2026, 1, 15, 18, 0, tzinfo=ZoneInfo("UTC"))
+        s = format_report_datetime_chicago(dt)
+        self.assertIn("January", s)
+        self.assertIn("2026", s)
+        self.assertIn("15", s)
+        self.assertIn("12:00", s)
+
+
 class CodeSubmissionTests(APITestCase):
 
     def setUp(self):
diff --git a/api/urls.py b/api/urls.py
index 5efc2e7..3bfbaba 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -18,6 +18,7 @@
     path('reports/', views.reports_view, name='reports'),
     path('targets/', views.targets_view, name='targets'),
     path('settings/', views.settings_view, name='settings'),
+    path("personal/", views.personal_info_view, name="personal_info"),
 
     # Check status / get results of a submission
     path('submission/<int:submission_id>/', SubmissionStatusView.as_view(), name='submission_status'),
diff --git a/api/utils/incident_report.py b/api/utils/incident_report.py
index de378bb..df21a54 100644
--- a/api/utils/incident_report.py
+++ b/api/utils/incident_report.py
@@ -7,9 +7,25 @@
 import re
 import uuid
 from typing import Any
+from zoneinfo import ZoneInfo
 
 from django.utils import timezone
 
+_CHICAGO_TZ = ZoneInfo("America/Chicago")
+
+
+def format_report_datetime_chicago(dt) -> str:
+    """
+    Format a datetime for incident reports in America/Chicago.
+    Naive datetimes are treated as UTC (typical when reading legacy rows).
+    """
+    if dt is None:
+        return ""
+    if timezone.is_naive(dt):
+        dt = timezone.make_aware(dt, timezone=ZoneInfo("UTC"))
+    local = dt.astimezone(_CHICAGO_TZ)
+    return local.strftime("%d %B %Y, %H:%M %Z").strip() or local.isoformat()
+
 
 def parse_llm_json(raw: str) -> dict[str, Any]:
     """
@@ -97,7 +113,14 @@ def merge_incident_report_context(
     if user is not None and getattr(user, "is_authenticated", False):
         reported_by = user.get_username() or _as_str(getattr(user, "email", ""), "Unknown")
     else:
-        reported_by = "Unknown"
+        # Custom session auth: views may override with submitter from CodeSubmission.
+        session = getattr(request, "session", None)
+        if session is not None:
+            name = (session.get("user_name") or "").strip()
+            email = (session.get("user_email") or "").strip()
+            reported_by = name or email or "Unknown"
+        else:
+            reported_by = "Unknown"
 
     cvss = _normalize_cvss(ai)
     impact = _as_str_list(ai.get("impact"))
diff --git a/api/utils/openai_usage.py b/api/utils/openai_usage.py
new file mode 100644
index 0000000..bc41da3
--- /dev/null
+++ b/api/utils/openai_usage.py
@@ -0,0 +1,23 @@
+"""Accumulate OpenAI completion.usage onto the custom User model."""
+from __future__ import annotations
+
+from typing import Any
+
+from django.db.models import F
+
+
+def record_openai_usage_for_user(user_id: int | None, usage: Any) -> None:
+    if not user_id or usage is None:
+        return
+    from ..models import User
+    try:
+        p = int(getattr(usage, "prompt_tokens", 0) or 0)
+        c = int(getattr(usage, "completion_tokens", 0) or 0)
+    except (TypeError, ValueError):
+        return
+    if p <= 0 and c <= 0:
+        return
+    User.objects.filter(user_id=user_id).update(
+        total_llm_prompt_tokens=F("total_llm_prompt_tokens") + p,
+        total_llm_completion_tokens=F("total_llm_completion_tokens") + c,
+    )
diff --git a/api/views.py b/api/views.py
index b88b770..b984e27 100644
--- a/api/views.py
+++ b/api/views.py
@@ -22,9 +22,11 @@
 from .services.incident_report_ai import generate_incident_report_ai_payload
 from .utils.incident_report import (
     DISCLAIMER_TEXT,
+    format_report_datetime_chicago,
     merge_incident_report_context,
     parse_llm_json,
 )
+from .utils.openai_usage import record_openai_usage_for_user
 from .utils.prescan import run_semgrep, run_gitleaks
 
 from .models import CodeSubmission, File, Threat, CWE, User, DepartmentJoinRequest, ReportComment, UserSetting
@@ -226,7 +228,10 @@ def _run_incident_scan(
             },
         }
 
-        raw_json = generate_incident_report_ai_payload(passage, model=user_settings.ai_model)
+        raw_json, llm_usage = generate_incident_report_ai_payload(passage, model=user_settings.ai_model)
+
+        record_openai_usage_for_user(user_id, llm_usage)
+
         ai_data = parse_llm_json(raw_json)
 
         parse_error = None
@@ -304,10 +309,11 @@ def assistant_chat_view(request):
         user = User.objects.get(user_id=request.session["user_id"])
         user_settings = _get_or_create_settings(user)
         model = user_settings.ai_model or None
-        reply = ask_ai(user_text, model=model)
+        reply, usage = ask_ai(user_text, model=model)
+        record_openai_usage_for_user(request.session.get("user_id"), usage)
     except Exception as exc:
         return JsonResponse({"error": str(exc)}, status=502)
-    return JsonResponse({"reply": reply})
+    return JsonResponse({"reply": reply or ""})
 
 def scan_view(request):
     target_path = "/path/to/code"  # you could get this from request.POST
@@ -679,6 +685,60 @@ def settings_view(request):
             "ai_models": _available_ai_models(),
         },
     )
+
+
+def personal_info_view(request):
+    """Display name, password change, and accumulated OpenAI token usage."""
+    current_user, auth_redirect = _active_user_or_redirect(request)
+    if auth_redirect:
+        return auth_redirect
+
+    if request.method == "POST":
+        action = request.POST.get("action", "").strip()
+        if action == "profile":
+            full_name = request.POST.get("full_name", "").strip()
+            if not full_name:
+                messages.error(request, "Display name cannot be empty.")
+            elif len(full_name) > 120:
+                messages.error(request, "Display name is too long (max 120 characters).")
+            else:
+                current_user.full_name = full_name
+                current_user.save(update_fields=["full_name"])
+                request.session["user_name"] = full_name
+                messages.success(request, "Display name updated.")
+            return redirect("personal_info")
+        if action == "password":
+            current_pw = request.POST.get("current_password", "")
+            new_pw = request.POST.get("new_password", "")
+            confirm_pw = request.POST.get("confirm_password", "")
+            if not check_password(current_pw, current_user.password_hash):
+                messages.error(request, "Current password is incorrect.")
+            elif len(new_pw) < 8:
+                messages.error(request, "New password must be at least 8 characters.")
+            elif new_pw != confirm_pw:
+                messages.error(request, "New password and confirmation do not match.")
+            else:
+                current_user.password_hash = make_password(new_pw)
+                current_user.save(update_fields=["password_hash"])
+                messages.success(request, "Password changed.")
+            return redirect("personal_info")
+        return redirect("personal_info")
+
+    db_user = User.objects.get(user_id=current_user.user_id)
+    p = int(db_user.total_llm_prompt_tokens or 0)
+    c = int(db_user.total_llm_completion_tokens or 0)
+    return render(
+        request,
+        "personal_info.html",
+        {
+            "profile_user": db_user,
+            "llm_prompt_tokens": p,
+            "llm_completion_tokens": c,
+            "llm_total_tokens": p + c,
+        },
+    )
+
+
 # -----------------
 # User Registration
 # -----------------
@@ -744,7 +804,7 @@ def report_detail_view(request, submission_id):
         return redirect("/login/")
 
     submission = get_object_or_404(
-        CodeSubmission,
+        CodeSubmission.objects.select_related("user"),
         submission_id=submission_id,
         user__department=current_user.department
     )
@@ -757,6 +817,12 @@ def report_detail_view(request, submission_id):
         parse_error=None,
     )
 
+    submitter = submission.user
+    ctx["reported_by"] = (submitter.full_name or "").strip() or submitter.email or "Unknown"
+    ctx["report_datetime"] = format_report_datetime_chicago(submission.uploaded_at)
+    if submission.incident_id:
+        ctx["incident_id"] = submission.incident_id
+
     ctx["disclaimer"] = DISCLAIMER_TEXT
     ctx["submission"] = submission
 
diff --git a/front-end/includes/app_sidebar.html b/front-end/includes/app_sidebar.html
index 22a9ec0..b10db2c 100644
--- a/front-end/includes/app_sidebar.html
+++ b/front-end/includes/app_sidebar.html
@@ -38,7 +38,7 @@ <h2 class="sidebar-brand">AutoPen</h2>
     </nav>
 
     <div class="sidebar-footer">
-        <span class="user-name" title="Signed-in user">{{ user_name|default:user_email|default:"—" }}</span>
+        <a href="{% url 'personal_info' %}" class="user-name sidebar-profile-link{% if u == 'personal_info' %} active{% endif %}" title="Personal information">{{ user_name|default:user_email|default:"—" }}</a>
         <form method="POST" action="{% url 'logout' %}">
             {% csrf_token %}
             <button type="submit" class="logout-btn">
diff --git a/front-end/personal_info.html b/front-end/personal_info.html
new file mode 100644
index 0000000..6fc6bae
--- /dev/null
+++ b/front-end/personal_info.html
@@ -0,0 +1,77 @@
+<!DOCTYPE html>
+{% load static %}
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Personal information — AutoPen</title>
+    <link rel="stylesheet" href="{% static 'styles/style.css' %}">
+    <script src="{% static 'scripts/main.js' %}" defer></script>
+</head>
+<body class="theme-{{ user_theme|default:'dark' }}">
+{% include "includes/app_sidebar.html" %}
+
+<div class="main">
+    <div class="header">
+        <h1>Personal information</h1>
+        <div class="status">Account &amp; usage</div>
+    </div>
+
+    <div class="code-box personal-info-page">
+        {% if messages %}
+        {% for message in messages %}
+        <div class="form-message">{{ message }}</div>
+        {% endfor %}
+        {% endif %}
+
+        <section class="personal-section">
+            <h2 class="personal-section-title">Account</h2>
+            <p class="muted"><strong>Email</strong> (sign-in): {{ profile_user.email }}</p>
+            <form method="POST" class="personal-form">
+                {% csrf_token %}
+                <input type="hidden" name="action" value="profile">
+                <label>
+                    Display name
+                    <input type="text" name="full_name" maxlength="120" value="{{ profile_user.full_name }}" required>
+                </label>
+                <button class="scan-btn" type="submit">Save display name</button>
+            </form>
+        </section>
+
+        <section class="personal-section">
+            <h2 class="personal-section-title">Change password</h2>
+            <form method="POST" class="personal-form">
+                {% csrf_token %}
+                <input type="hidden" name="action" value="password">
+                <label>
+                    Current password
+                    <input type="password" name="current_password" autocomplete="current-password" required>
+                </label>
+                <label>
+                    New password (min 8 characters)
+                    <input type="password" name="new_password" autocomplete="new-password" required minlength="8">
+                </label>
+                <label>
+                    Confirm new password
+                    <input type="password" name="confirm_password" autocomplete="new-password" required minlength="8">
+                </label>
+                <button class="scan-btn" type="submit">Update password</button>
+            </form>
+        </section>
+
+        <section class="personal-section">
+            <h2 class="personal-section-title">OpenAI token usage (this account)</h2>
+            <p class="muted">Totals accumulate from report scans and the in-app assistant when the API returns usage data. Older activity may show as zero.</p>
+            <table class="personal-token-table">
+                <tbody>
+                    <tr><th scope="row">Prompt tokens (cumulative)</th><td>{{ llm_prompt_tokens }}</td></tr>
+                    <tr><th scope="row">Completion tokens (cumulative)</th><td>{{ llm_completion_tokens }}</td></tr>
+                    <tr><th scope="row">Total (prompt + completion)</th><td><strong>{{ llm_total_tokens }}</strong></td></tr>
+                </tbody>
+            </table>
+        </section>
+    </div>
+</div>
+{% include "includes/ai_assistant.html" %}
+</body>
+</html>
diff --git a/front-end/styles/style.css b/front-end/styles/style.css
index 142191a..e49342a 100644
--- a/front-end/styles/style.css
+++ b/front-end/styles/style.css
@@ -112,6 +112,78 @@ body.loaded {
     font-weight: 500;
 }
 
+a.sidebar-profile-link {
+    text-decoration: none;
+    max-width: 55%;
+    overflow: hidden;
+    text-overflow: ellipsis;
+    white-space: nowrap;
+}
+
+a.sidebar-profile-link.active {
+    color: #f5d0fe;
+}
+
+a.sidebar-profile-link:hover {
+    text-decoration: underline;
+    color: #e9d5ff;
+}
+
+/* Personal information page */
+.personal-info-page .personal-section {
+    margin-bottom: 2rem;
+    padding-bottom: 1.5rem;
+    border-bottom: 1px solid rgba(168, 85, 247, 0.2);
+}
+
+.personal-info-page .personal-section:last-child {
+    border-bottom: none;
+}
+
+.personal-section-title {
+    font-size: 1.1rem;
+    margin: 0 0 0.75rem;
+    color: #e9d5ff;
+}
+
+.personal-form label {
+    display: block;
+    margin-bottom: 0.75rem;
+}
+
+.personal-form input[type="text"],
+.personal-form input[type="password"] {
+    display: block;
+    width: 100%;
+    max-width: 420px;
+    margin-top: 0.35rem;
+    padding: 0.5rem 0.65rem;
+    border-radius: 6px;
+    border: 1px solid rgba(148, 163, 184, 0.4);
+    background: rgba(15, 23, 42, 0.6);
+    color: #f1f5f9;
+}
+
+.personal-token-table {
+    width: 100%;
+    max-width: 480px;
+    border-collapse: collapse;
+    font-size: 0.95rem;
+}
+
+.personal-token-table th,
+.personal-token-table td {
+    text-align: left;
+    padding: 0.5rem 0.75rem;
+    border: 1px solid rgba(148, 163, 184, 0.25);
+}
+
+.personal-token-table th {
+    width: 55%;
+    font-weight: 600;
+    background: rgba(30, 41, 59, 0.5);
+}
+
 .logout-btn {
     background-color: #ff4d4d;
     color: white;

Target	Date	Risk Level	Status
example.com	02/14/2026	Critical	Completed
test-server.net	02/12/2026	Low	Completed
CWE	Name	Category	CVSS	Score	Severity
{{ v.cwe_id }}	+ {{ v.name }} +	{{ v.categories }}	{{ v.cvss_version }}	{{ v.average_score }}	+ {{ v.severity }} +
No vulnerabilities found.
Incident ID	{{ incident_id }}
Date & time	{{ report_datetime }}
Reported by	{{ reported_by }}
Severity level	{{ severity_level }}
Incident type	{{ incident_type }}
Systems affected	{{ systems_affected }}
Discovery method	{{ discovery_method }}
Status	{{ status }}
Action	Details
{{ row.action }}	{{ row.details }}
No remediation steps were returned by the model.