File size: 11,970 Bytes
8afaf1e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
a6fe431
 
 
 
 
 
 
 
 
 
 
8afaf1e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
a6fe431
 
 
 
 
8afaf1e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
a6fe431
 
 
 
 
 
 
8afaf1e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
a6fe431
 
 
 
 
 
 
8afaf1e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
a6fe431
 
 
 
 
 
 
8afaf1e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2a7139e
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
"""
Main API server for LLM Deployment System.

This module implements the Flask API server that handles student requests,
task generation, and repository submissions.
"""

import time
import secrets
import threading
from datetime import datetime, timezone

from flask import Flask, request
from flask_cors import CORS
from flask_restx import Api, Resource, fields

from coreapp.database import db_manager, TaskStatus
from utils.logger import get_logger
from utils.task_generator import get_task_generator
from utils.github_utils import get_github_manager, GitHubUtils
from utils.config import config

logger = get_logger(__name__)


class APIServer:
    """Main API server class."""

    def __init__(self):
        self.app = Flask(__name__)
        self.app.config['SECRET_KEY'] = config.SECRET_KEY
        self.app.config['MAX_CONTENT_LENGTH'] = config.MAX_CONTENT_LENGTH

        # Enable CORS
        CORS(self.app, origins=config.CORS_ORIGINS)

        # Initialize API with Swagger
        self.api = Api(
            self.app,
            version='1.0',
            title='LLM Deployment System API',
            description='API for student task generation and repository evaluation',
            doc='/docs'
        )

        # Rate limit store
        self.rate_limits = {}

        # Managers
        self.task_generator = get_task_generator()
        self.github_manager = None
        if config.ENABLE_GITHUB_INTEGRATION:
            try:
                self.github_manager = get_github_manager()
            except Exception as e:
                logger.warning(f"Failed to initialize GitHub manager: {e}")

        # Define models
        self._define_models()

        # Setup namespaces
        self._setup_namespaces()

        # Add root route for HF SDK
        @self.app.route("/")
        def index():
            """
            Root route for Hugging Face SDK Docker deployment.
            Returns basic info and link to Swagger docs.
            Example GET:
                curl http://localhost:$PORT/
            """
            return "LLM Deployment API running. Use /api/request or /docs for Swagger UI."

        # Start cleanup thread for rate limits
        self.cleanup_rate_limits()

    def _define_models(self):
        """Define API models for Swagger."""
        self.models = {}

        self.models['task_request'] = self.api.model('TaskRequest', {
            'email': fields.String(required=True),
            'secret': fields.String(required=True)
        })

        self.models['task_response'] = self.api.model('TaskResponse', {
            'email': fields.String,
            'task': fields.String,
            'round': fields.Integer,
            'nonce': fields.String,
            'brief': fields.String,
            'checks': fields.List(fields.String),
            'attachments': fields.List(fields.Raw)
        })

        self.models['repo_submission'] = self.api.model('RepositorySubmission', {
            'email': fields.String(required=True),
            'task': fields.String(required=True),
            'round': fields.Integer(required=True),
            'nonce': fields.String(required=True),
            'repo_url': fields.String(required=True),
            'commit_sha': fields.String(required=True),
            'pages_url': fields.String
        })

        self.models['repo_validation'] = self.api.model('RepositoryValidation', {
            'repo_url': fields.String(required=True)
        })

    def _setup_namespaces(self):
        """Setup API namespaces and endpoints."""
        validate_secret = self._validate_secret
        check_rate_limit = self._check_rate_limit
        task_generator = self.task_generator
        github_manager = self.github_manager
        api_models = self.models

        # Health namespace
        health_ns = self.api.namespace('health', description='Health check operations')

        @health_ns.route('')
        class HealthCheck(Resource):
            def get(self):
                """
                Returns health status.
                Example GET:
                    curl http://localhost:$PORT/health
                """
                return {
                    'status': 'healthy',
                    'timestamp': datetime.now(timezone.utc).isoformat(),
                    'version': '1.0.0'
                }

        # Main API namespace
        api_ns = self.api.namespace('api', description='Main API operations')

        @api_ns.route('/request')
        class TaskRequest(Resource):
            @api_ns.expect(api_models['task_request'])
            @api_ns.response(200, 'Success', api_models['task_response'])
            @api_ns.response(400, 'Bad Request')
            @api_ns.response(401, 'Unauthorized')
            @api_ns.response(429, 'Rate Limited')
            def post(self):
                """
                Generate a task for a student.
                Example POST:
                    curl -X POST http://localhost:$PORT/api/request \
                         -H "Content-Type: application/json" \
                         -d '{"email":"test@example.com","secret":"12345678"}'
                """
                data = request.get_json()
                if not data:
                    return {'error': 'No JSON data provided'}, 400

                email = data.get('email')
                secret = data.get('secret')

                if not email or not secret:
                    return {'error': 'Missing required fields'}, 400

                if not validate_secret(email, secret):
                    return {'error': 'Invalid secret'}, 401

                if not check_rate_limit(email):
                    return {'error': 'Rate limit exceeded'}, 429

                try:
                    task = task_generator.generate_task(email)
                    task_data = {k: v for k, v in task.items() if k != 'evaluation_url'}

                    submission = db_manager.get_submission_by_email(email)
                    if not submission:
                        submission = db_manager.create_submission(
                            email=email,
                            endpoint=data.get('endpoint', ''),
                            secret=secret
                        )

                    db_task = db_manager.create_task(submission.id, task_data)
                    db_manager.update_task_status(db_task.task_id, TaskStatus.SENT)

                    response_data = {
                        'email': email,
                        'task': db_task.task_id,
                        'round': db_task.round,
                        'nonce': db_task.nonce,
                        'brief': db_task.brief,
                        'checks': db_task.checks,
                        'attachments': db_task.attachments
                    }

                    logger.info(f"Generated task {db_task.task_id} for {email}")
                    return response_data, 200

                except Exception as e:
                    logger.exception(f"Failed to generate task for {email}")
                    return {'error': 'Failed to generate task'}, 500

        @api_ns.route('/evaluate')
        class RepositoryEvaluation(Resource):
            @api_ns.expect(api_models['repo_submission'])
            def post(self):
                """
                Submit repository for evaluation.
                Example POST:
                    curl -X POST http://localhost:$PORT/api/evaluate \
                         -H "Content-Type: application/json" \
                         -d '{"email":"test@example.com","task":"task_id","round":1,"nonce":"nonce_val","repo_url":"https://github.com/user/repo","commit_sha":"abc123"}'
                """
                data = request.get_json()
                if not data:
                    return {'error': 'No JSON data provided'}, 400

                required_fields = ['email', 'task', 'round', 'nonce', 'repo_url', 'commit_sha']
                for f in required_fields:
                    if f not in data:
                        return {'error': f'Missing required field: {f}'}, 400

                task = db_manager.get_task_by_id(data['task'])
                if not task:
                    return {'error': 'Invalid task ID'}, 400

                if task.nonce != data['nonce']:
                    return {'error': 'Invalid nonce'}, 400

                if task.status != TaskStatus.SENT:
                    return {'error': 'Task not in correct state'}, 400

                db_manager.update_task_status(task.task_id, TaskStatus.RECEIVED)

                repo_data = {
                    'repo_url': data['repo_url'],
                    'commit_sha': data['commit_sha'],
                    'pages_url': data.get('pages_url')
                }
                db_manager.create_repository(task.id, repo_data)

                logger.info(f"Received repository submission for task {task.task_id}")
                return {'status': 'received'}, 200

        @api_ns.route('/validate-repo')
        class RepositoryValidation(Resource):
            @api_ns.expect(api_models['repo_validation'])
            def post(self):
                """
                Validate a GitHub repository URL.
                Example POST:
                    curl -X POST http://localhost:$PORT/api/validate-repo \
                         -H "Content-Type: application/json" \
                         -d '{"repo_url":"https://github.com/user/repo"}'
                """
                data = request.get_json()
                if not data or 'repo_url' not in data:
                    return {'error': 'Missing repo_url'}, 400

                repo_url = data['repo_url']

                if not GitHubUtils.is_valid_github_url(repo_url):
                    return {'error': 'Invalid GitHub URL'}, 400

                if not github_manager:
                    return {'error': 'GitHub integration not available'}, 503

                validation = github_manager.validate_repository(repo_url)
                return validation, 200

    def _validate_secret(self, email: str, secret: str) -> bool:
        try:
            student = db_manager.get_submission_by_email(email)
            if student and student.secret:
                return secrets.compare_digest(student.secret, secret)
        except Exception:
            logger.exception('Error validating secret')
        return bool(secret and len(secret) >= 8)

    def _check_rate_limit(self, email: str) -> bool:
        current_time = time.time()
        window_start = current_time - 60
        self.rate_limits = {k: v for k, v in self.rate_limits.items() if v['timestamp'] > window_start}
        entry = self.rate_limits.get(email)
        if entry:
            if entry['count'] >= config.RATE_LIMIT_PER_MINUTE:
                return False
            entry['count'] += 1
            entry['timestamp'] = current_time
        else:
            self.rate_limits[email] = {'count': 1, 'timestamp': current_time}
        return True

    def cleanup_rate_limits(self):
        def cleanup():
            while True:
                time.sleep(300)
                current_time = time.time()
                window_start = current_time - 60
                self.rate_limits = {k: v for k, v in self.rate_limits.items() if v['timestamp'] > window_start}
        threading.Thread(target=cleanup, daemon=True).start()

    def run(self, host=None, port=None, debug=None):
        host = host or config.API_HOST
        port = port or config.API_PORT
        debug = debug if debug is not None else config.FLASK_DEBUG
        logger.info(f"Starting API server on {host}:{port}")
        self.app.run(host=host, port=port, debug=debug)


# Global API server instance
api_server = APIServer()


def create_app():
    return api_server.app


if __name__ == '__main__':
    import os
    port = int(os.environ.get("PORT", 7860))
    api_server.run(host="0.0.0.0", port=port)