feat(ui-api): collect user answer metrics and persist them

[hoangsonww]

App now collects the user’s interaction timings: when they opened the case review, when they navigated to the answer page, and when they submitted their answers—and sends these metrics to the backend analytics endpoint.

This involves creating a new analytics table in our Postgres database. Developers and researchers can view/export data in this table for more analysis of the users' data.

[Copilot]

Pull Request Overview

This PR adds end-to-end support for capturing and persisting user answer metrics (case open, answer open, answer submit times) into a new analytics table and exposes a POST endpoint for clients to submit these metrics.

• Introduces a new Alembic migration to create the analytics table with timing fields and a unique constraint.
• Implements AnalyticsService, AnalyticsRepository, SQLAlchemy model, and Flask controller to record metrics.
• Registers the analytics blueprint in app setup and updates documentation (README, shields, deployment section).

Reviewed Changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
src/migrations/versions/cc1f971840fc_create_analytics_table.py	Defines the new analytics table schema and unique constraint.
src/cases/service/case_service.py	Minor comment cleanup (removed ellipsis).
src/analytics/service/analytics_service.py	New service class to validate ownership and compute/store metrics.
src/analytics/repository/analytics_repository.py	New repository to persist Analytics entities.
src/analytics/model/analytics.py	SQLAlchemy model mapping for the analytics table.
src/analytics/controller/analytics_controller.py	New POST /api/analytics endpoint with payload validation.
src/init.py	Registers the analytics blueprint; commented-out CORS code.
README.md	Adds AWS and Terraform badges plus a deployment section.
.github/SECURITY.md	Introduces project security best practices document.
.github/PULL_REQUEST_TEMPLATE.md	Adds a pull request template checklist.

Comments suppressed due to low confidence (4)

src/analytics/service/analytics_service.py:17

• The record_metrics method is marked # pragma: no cover and lacks unit tests. Consider adding tests to cover both success and failure branches (e.g., unauthorized access).

def record_metrics(self, case_config_id: str, case_open: datetime,

src/analytics/controller/analytics_controller.py:28

• [nitpick] Using BusinessExceptionEnum.RenderTemplateError for missing analytics fields is misleading. Define a dedicated enum (e.g., InvalidAnalyticsPayload) to clarify the error’s context.

ex = BusinessException(

README.md:158

• The README hasn’t been updated to describe the new /api/analytics endpoint or its request/response schema. Add an API reference section to document payload fields and expected responses.

## Deployment

src/analytics/controller/analytics_controller.py:39

• [nitpick] The error message "Bad timestamp format for analytics" is generic. Include the expected timestamp format in the response to help clients debug payload issues.

except ValueError: