findface-security

The findface-security component serves as a gateway to the FindFace core. It provides interaction between the FindFace Core and the web interface, the system functioning as a whole, HTTP and web socket (along with Django), database update, and webhooks.

The findface-security component also performs the functions of findface-facerouter (part of the FindFace Core), setting processing directives for detected faces. It accepts a face bbox and normalized image along with the original image and other data (for example, the detection date and time) from the findface-video-worker service and redirect them to findface-sf-api for further processing.

The findface-security configuration is done through the /etc/ffsecurity/config.py configuration file.

sudo vi /etc/ffsecurity/config.py


# ==============================================================================
# FindFace Security configuration file
# ==============================================================================
#
# This config file is written in Python's syntax and interpreted at FindFace Security
# service startup. You have to restart the service in order to apply changes.
#
# If you have any questions or suggestions, please contact us at [email protected]
# ==============================================================================
# GENERAL SETTINGS
# ==============================================================================
# enables additional logs
DEBUG = False
# media files directory
MEDIA_ROOT = "/var/lib/ffsecurity/uploads"
# static files directory
STATIC_ROOT = "/var/lib/ffsecurity/static"
# language code
LANGUAGE_CODE = 'en-us'
# time zone
TIME_ZONE = 'UTC'
# Database is used by FindFace Security to store cameras,
# camera groups, watchlists and so on. Only PostgreSQL is supported.
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'DISABLE_SERVER_SIDE_CURSORS': True,
        'NAME': 'ffsecurity',
        'PORT': 5439, 'USER': 'ntech', 'PASSWORD': 'lY4KrQbotHVFdZ0Ed5z8EBvDUzSsmw2o'
    }
}
# Signature key for session encryption
# Use pwgen -sncy 50 1|tr "'" "." to generate your own unique key
SECRET_KEY = 'd1c22e3b368f2f8be4caa95b3540ce0c'
# ==============================================================================
# FINDFACE SECURITY SETTINGS
# ==============================================================================
# SERVICE_EXTERNAL_ADDRESS is prioritized for FFSecurity webhooks and Genetec plugin.
# EXTERNAL_ADDRESS is used instead if SERVICE_EXTERNAL_ADDRESS is not provided.
# You must provide either SERVICE_EXTERNAL_ADDRESS or EXTERNAL_ADDRESS in order
# to be able to work with FFSecurity webhooks and Genetec plugin.
SERVICE_EXTERNAL_ADDRESS = 'http://127.0.0.1'
# EXTERNAL_ADDRESS is used to access objects created inside FFSecurity via external links.
EXTERNAL_ADDRESS = ''
# - Base FFSecurity settings -
FFSECURITY = {
    # findface-video-worker authorization token
    'VIDEO_DETECTOR_TOKEN': 'fdc0fea20cf0a734c5e2de1886fc07b4',
    # base face matching confidence threshold
    'CONFIDENCE_THRESHOLD': 0.739,
    # episodes specific matching threshold that is used to join faces in an episode
    'EPISODES_THRESHOLD': 0.689,
    # minimum face quality sufficient to add it to a dossier
    'MINIMUM_DOSSIER_QUALITY': -2,
    # skip all unmatched faces
    'IGNORE_UNMATCHED': False,
    # matched events older than EVENTS_MAX_MATCHED_AGE will be automatically
    # deleted (every night at 1:17 am by default)
    'EVENTS_MAX_MATCHED_AGE': 30,
    # same as above but for unmatched events
    'EVENTS_MAX_UNMATCHED_AGE': 30,
    # same as EVENTS_MAX_MATCHED_AGE but for matched full frame images only (thumbnails won't be deleted)
    'EVENTS_MAX_FULLFRAME_UNMATCHED_AGE': 30,
    # same as above but for unmatched full frame images only (thumbnails won't be deleted)
    'EVENTS_MAX_FULLFRAME_MATCHED_AGE': 30,
    # NTLS licence server url
    'NTLS_HTTP_URL': 'http://127.0.0.1:3185',
    # findface-video-worker face posting address,
    # it must be set to either FFSecurity EXTERNAL_ADDRESS (by default)
    # or findface-facerouter url (in some specific cases)
    'ROUTER_URL': 'http://127.0.0.1',
    # send serialized dossiers, dossier-lists, camera and camera groups in webhooks
    'VERBOSE_WEBHOOKS': False,
    'THUMBNAIL_JPEG_QUALITY': 75,
    # FFServer services urls
    'VIDEO_MANAGER_ADDRESS': 'http://127.0.0.1:18810',
    'SF_API_ADDRESS': 'http://127.0.0.1:18411',
    'FFCOUNTER_ADDRESS': 'http://127.0.0.1:17300',
    # additional events features.
    # make sure that corresponding extractors
    # are licensed and enabled at findface-extraction-api config file.
    # available features are: gender, age, emotions, beard, glasses, medmask.
    'EVENTS_FEATURES': [],
    # feature specific confidence thresholds
    'LIVENESS_THRESHOLD': 0.75,
    'EMOTIONS_THRESHOLD': 0.25,
    'BEARD_THRESHOLD': 0.7,
    # -- Persons configuration --
    # rrule (recurrence rule) for scheduling persons clusterization
    'PERSONS_CLUSTERIZATION_SCHEDULE': 'RRULE:FREQ=DAILY;INTERVAL=1;WKST=MO;BYHOUR=0;BYMINUTE=0',
    # face to person matching confidence threshold
    'PERSONS_CONFIDENCE_THRESHOLD': 0.739,
    # minimum face quality for handle face in person service
    'PERSON_EVENT_MIN_QUALITY': -2,
    # counters full frame saving options:
    # `always` - save always
    # `detect` - save only if faces or silhouettes have been detected
    # `never` - never save full frames
    'COUNTERS_SAVE_FULLFRAME': 'always',
    'COUNTERS_FULLFRAME_JPEG_QUALITY': 75,
    'COUNTERS_THUMBNAIL_JPEG_QUALITY': 75,
    # -- Optional parameters --
    # Edit CUSTOM_FIELDS section to customize dossier content.
    # Below is an example for integration FindFace Security with Sigur.
    # 'CUSTOM_FIELDS': {
    #     'dossier_meta': {
    #         'items': [
    #             {
    #                 'name': 'personid',
    #                 'default': '',
    #                 'label': 'PersonID',
    #                 'display': ['list', 'form'],
    #                 'description': 'Sigur person ID'
    #             },
    #             {
    #                 'name': 'firstname',
    #                 'default': '',
    #                 'label': 'First Name',
    #                 'display': ['list', 'form'],
    #                 'description': 'Sigur first name'
    #             },
    #             {
    #                 'name': 'lastname',
    #                 'default': '',
    #                 'label': 'Last Name',
    #                 'display': ['list', 'form'],
    #                 'description': 'Sigur last name'
    #             },
    #             {
    #                 'name': 'version',
    #                 'default': '',
    #                 'label': 'Version',
    #                 'display': ['list', 'form'],
    #                 'description': 'Sigur photo version'
    #             }
    #         ],
    #         'filters': [
    #             {
    #                 'name': 'personid',
    #                 'label': 'Sigur person ID filter',
    #                 'field': 'personid'
    #             }
    #         ]
    #     }
    # },
    # maximum event age in seconds than could be added to an episode.
    # 'EPISODE_SEARCH_INTERVAL': 60,
    # If none of these events matched, new episode is created.
    # maximum episode duration (episode is closed after)
    # 'EPISODE_MAX_DURATION': 300,
    # if no new event added to an episode during this timeout, episode will be closed.
    # 'EPISODE_EVENT_TIMEOUT': 30,
    # maximum created thumbnail width
    # 'THUMBNAIL_MAX_WIDTH': 320,
    # social backend url. Contact support for additional information.
    # 'SOCIAL_BACKEND': None,
    # 'SOCIAL_HEADERS': {},
    # unacknowledged events notification interval
    # 'UNACKNOWLEDGED_NOTIFY_INTERVAL': 1,
}
# - FindFace Security user interface configuration dictionary -
FFSECURITY_UI_CONFIG = {
    "event": {
        "features": {
            "f_gender_class": ["male", "female"],
            "age": {
                "f_age_gte": "",
                "f_age_lte": ""
            },
            "f_emotions_class": ["angry", "disgust", "fear", "happy", "sad", "surprise", "neutral"],
            "f_glasses_class": ["none", "eye", "sun"],
            "f_beard_class": ["none", "beard"],
            "f_liveness_class": ["real", "fake"],
            "f_medmask_class": ["none", "correct"],
        }
    }
}
# -- ASGI-server configuration --
# consult support before changing these settings.
# per worker thread pool size.
ASGI_THREADS = 32
UVICORN_SETTINGS = {
    # worker processes count, 'auto' sets it to logical cpu count
    'workers': 'auto',
    'host': 'localhost',
    'port': 8002,
    # websocket worker processes count,
    # 'auto' sets it to logical cpu count, but not more than 8.
    'ws-workers': 'auto',
    'ws-host': 'localhost',
    'ws-port': 8003,
}
# disable unused services to increase
# overall system performance in some cases.
SERVICES = {
    "ffsecurity": {
        "episodes": True,
        "webhooks": True,
        "persons": False,
        "counters": True,
    }
}
# ==============================================================================
# FINDFACE SECURITY PLUGINS
# ==============================================================================
# Uncomment lines below to enable plugins. Please consult documentation for
# a plugin specific settings.
# =============== Axxon ================
# INSTALLED_APPS.append('ffsecurity_axxon')
# FFSECURITY['AXXON'] = [
#     {
#         'name': 'server_name',
#         'api': 'http://example.com/',
#         'rtsp': 'rtsp://example.com:554/',
#         'user': 'user',
#         'password': 'password',
#     }
# ]
# FFSECURITY_UI_CONFIG['dossier'] = {
#    'video': True,
# }
# =============== Genetec ================
# INSTALLED_APPS.append('ffsecurity_genetec')
# ================ Sova ==================
# INSTALLED_APPS.append('ffsecurity_sova')
# ======= CryptoPRO authentication =======
# INSTALLED_APPS.append('ffsecurity_cproauth')
# REST_FRAMEWORK['DEFAULT_AUTHENTICATION_CLASSES'] = [
#     'ffsecurity.auth.TokenAuthentication',
#     'ffsecurity_cproauth.auth.CryptoProOrTokenAuthentication'
# ]
# ========== DossierLists sync ===========
# INSTALLED_APPS.append('ffsecurity_sync')
# token must be identical on master and slave
# use pwgen -s 64 1
# SYNC_TOKEN = 'change_me'
# SYNC_TIME = {
#     # 24 hour format
#     'hour': 3,
#     'minute': 0,
# }

When configuring findface-security, refer to the following parameters:

Parameter Description
EXTERNAL_ADDRESS External IP address or URL that will be used to access the FindFace Security web interface.
SERVICE_EXTERNAL_ADDRESS (Optional) IP address prioritized for webhooks and Genetec integration.
VIDEO_DETECTOR_TOKEN To authorize the video face detection module, come up with a token and specify it here.
VIDEO_MANAGER_ADDRESS IP address of the findface-video-manager host.
EVENTS_MAX_MATCHED_AGE The age of matched events at which they are automatically purged from the database.
EVENTS_MAX_UNMATCHED_AGE The age of unmatched events at which they are automatically purged from the database.
EVENTS_MAX_FULLFRAME_MATCHED_AGE Same as EVENTS_MAX_MATCHED_AGE but only for full frames.
EVENTS_MAX_FULLFRAME_UNMATCHED_AGE Same as EVENTS_MAX_UNMATCHED_AGE but only for full frames.
NTLS_HTTP_URL IP address of the findface-ntls host.
ROUTER_URL IP address of the findface-security host that will receive detected faces from the findface-video-worker instance(s). Specify either external or internal IP address, subject to the network through which findface-video-worker interacts with findface-security.
EXTRACTION_API IP address of the findface-extraction-api host.
SF_API_ADDRESS IP address of the findface-sf-api host.
IGNORE_UNMATCHED Disable logging events for faces which have no match in the dossiers (negative verification result). Set true if the system has to process a large number of faces.
CONFIDENCE_THRESHOLD Face similarity threshold for verification in events.
EPISODES_THRESHOLD Face similarity threshold for verification in episodes.
MINIMUM_DOSSIER_QUALITY Minimum quality of a face in a dossier photo. Photos containing faces of worse quality will be rejected when uploading to a dossier. Upright faces in frontal position are considered the best quality. They result in values around 0, mostly negative (such as -0.00067401276, for example). Inverted faces and large face angles are estimated with negative values some -5 and less. By default, ’MINIMUM_DOSSIER_QUALITY’: -2 which is the average quality.
EVENTS_FEATURES If you enabled recognition models in the findface-extraction-api configuration file, list them here.
LIVENESS_THRESHOLD The liveness detector will estimate a face liveness with a certain level of confidence. Depending on the confidence threshold, it will return a binary result real or fake.
EMOTIONS_THRESHOLD Emotions are determined with a certain level of confidence. Depending on the confidence threshold, the system distinguishes emotional faces from neutral ones.
BEARD_THRESHOLD The presence of a beard on a face is determined with a certain level of confidence. Depending on the confidence threshold, the system returns a binary result none or beard.
EPISODE_SEARCH_INTERVAL (Add manually for Episodes) The period of time preceding an event, within which the system searches the biometric database for events with similar faces. If no such an event is found, the system creates a new episode. Otherwise, it picks up the most relevant event from a LIVE episode after sorting out the 100 most recent similar faces. See Configure Episodes.
EPISODE_MAX_DURATION (Add manually for Episodes) The maximum episode duration in seconds. After this time, an episode automatically closes.
EPISODE_EVENT_TIMEOUT (Add manually for Episodes) The maximum time in seconds since the last event has been added to an episode. After this time, an episode automatically closes.
CUSTOM_FIELDS Add this section manually to customize dossier content. See Dossier Custom Tabs, Fields, and Filters for details.
VERBOSE_WEBHOOKS Send serialized dossiers, watch lists, camera, and camera groups in webhooks.
THUMBNAIL_JPEG_QUALITY Thumbnail JPEG quality.
THUMBNAIL_MAX_WIDTH Maximum thumbnail width.
DATABASES (section) Database settings. Fill in as such: 'PORT': 5439, 'USER': 'ntech', 'PASSWORD': '<password from /etc/pgbouncer/userlist.txt>'

Warning

The FFSECURITY section must end with the EVENTS_FEATURES/ LIVENESS_THRESHOLD/ EMOTIONS_THRESHOLD / BEARD_THRESHOLD parameters which have to be given in this very order.

...
'SF_API_ADDRESS': 'http://127.0.0.1:18411',
'EVENTS_FEATURES': ['gender', 'age', 'emotions', 'beard', 'glasses', 'medmask'],
'LIVENESS_THRESHOLD': 0.945,
'EMOTIONS_THRESHOLD': 0.25
'BEARD_THRESHOLD': 0.7,