Upload 2 files

README.md

@@ -77,6 +77,37 @@ Upload Excel file with these columns:
 5. **Export Selection**: Manage export cache and download Excel reports
 6. **HTS Reference**: View Steel/Aluminum/Copper HTS lists and overlaps
 
+## Password Protection
+
+The app requires password authentication. Configure it using one of these methods:
+
+### For Hugging Face Spaces
+
+1. Go to your Space's **Settings** > **Repository secrets**
+2. Add a secret named `APP_PASSWORD` with your password value
+3. The app will automatically use this for authentication
+
+### For Local Development
+
+Set the environment variable before running:
+
+```bash
+# Windows
+set HTS_CHECKER_PASSWORD=your_password_here
+streamlit run app.py
+
+# Linux/Mac
+export HTS_CHECKER_PASSWORD=your_password_here
+streamlit run app.py
+```
+
+Or create a `.streamlit/secrets.toml` file:
+```toml
+APP_PASSWORD = "your_password_here"
+```
+
+**Note**: If no password is configured, the app runs without authentication (for development).
+
 ## Local Development
 
 ```bash
@@ -94,7 +125,8 @@ streamlit run app.py
    - `hts_validator.py`
    - `HTS_list.py`
    - `requirements.txt`
-4. The app will auto-deploy
+4. Go to **Settings** > **Repository secrets** and add `APP_PASSWORD`
+5. The app will auto-deploy with password protection
 
 ## Files
 

app.py

@@ -7,6 +7,7 @@ import streamlit as st
 import pandas as pd
 from io import BytesIO
 import hashlib
+import os
 from hts_validator import HTSValidator, validate_dataframe, SCENARIO_SUMMARIES
 from HTS_list import Steel_primary_HTS_list, Aluminum_primary_HTS_list, Copper_primary_HTS_list
 
@@ -19,6 +20,59 @@ st.set_page_config(
 )
 
 
+# =============================================================================
+# Authentication
+# =============================================================================
+def get_app_password():
+    """Get password from secrets or environment variable."""
+    # Try Streamlit secrets first (for Hugging Face Spaces)
+    try:
+        return st.secrets["APP_PASSWORD"]
+    except (KeyError, FileNotFoundError):
+        pass
+    # Fall back to environment variable
+    return os.environ.get("HTS_CHECKER_PASSWORD", "")
+
+
+def check_password():
+    """Returns True if the user has entered the correct password."""
+    app_password = get_app_password()
+
+    # If no password is set, allow access (for local development)
+    if not app_password:
+        return True
+
+    # Initialize session state for authentication
+    if "authenticated" not in st.session_state:
+        st.session_state.authenticated = False
+
+    # If already authenticated, return True
+    if st.session_state.authenticated:
+        return True
+
+    # Show login form
+    st.markdown("## HTS Checker - Login Required")
+    st.markdown("Please enter the password to access this application.")
+
+    with st.form("login_form"):
+        password_input = st.text_input("Password", type="password", key="password_input")
+        submit_button = st.form_submit_button("Login")
+
+        if submit_button:
+            if password_input == app_password:
+                st.session_state.authenticated = True
+                st.rerun()
+            else:
+                st.error("Incorrect password. Please try again.")
+
+    return False
+
+
+# Check authentication before showing main app
+if not check_password():
+    st.stop()
+
+
 @st.cache_data
 def load_and_validate_excel(file_content, file_name, keywords_hash):
     """Load Excel and run validation - cached to avoid re-running on filter changes"""