Spaces:

DLPO
/

mbok_dev

Sleeping

App Files Files Community

Renecto commited on Mar 2

Commit

02ee0b7

verified ·

1 Parent(s): b61607c

Deploy habadashi_login gateway

Browse files

Files changed (3) hide show

Dockerfile +16 -16
app.py +312 -296
login.py +136 -136

Dockerfile CHANGED Viewed

@@ -1,16 +1,16 @@
-FROM python:3.12-slim
-WORKDIR /app
-RUN apt-get update && apt-get install -y --no-install-recommends git && rm -rf /var/lib/apt/lists/*
-COPY requirements.txt .
-RUN pip install --no-cache-dir -r requirements.txt
-COPY app.py bootstrap.py login.py supabase_logger.py ./
-ENV PYTHONPATH=/app
-EXPOSE 7860
-CMD ["python", "app.py"]

+FROM python:3.12-slim
+WORKDIR /app
+RUN apt-get update && apt-get install -y --no-install-recommends git && rm -rf /var/lib/apt/lists/*
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+COPY app.py bootstrap.py login.py supabase_logger.py ./
+ENV PYTHONPATH=/app
+EXPOSE 7860
+CMD ["python", "app.py"]

app.py CHANGED Viewed

@@ -1,296 +1,312 @@
-#!/usr/bin/env python3
-"""
-Habadashi Login Gateway - Main entry point
-Public Space that loads private ver20 app dynamically
-"""
-import os
-import sys
-import time
-import traceback
-from pathlib import Path
-from fastapi import FastAPI, Request, Depends, HTTPException
-from fastapi.responses import RedirectResponse, JSONResponse
-from starlette.middleware.base import BaseHTTPMiddleware
-import gradio as gr
-from supabase import create_client, Client
-# Import bootstrap to download private app
-from bootstrap import download_private_app
-from login import create_login_ui
-from supabase_logger import init_logger, log_event, set_user_context, get_user_context
-# --- Startup Meta Info ---
-print("=" * 80)
-print("🚀 Starting Habadashi Login Gateway")
-print("=" * 80)
-print(f"[STARTUP_META] Python version: {sys.version}")
-print(f"[STARTUP_META] CWD: {os.getcwd()}")
-print(f"[STARTUP_META] PORT: {os.environ.get('PORT', 'not set')}")
-print(f"[STARTUP_META] SPACE_ID: {os.environ.get('SPACE_ID', 'not set')}")
-print(f"[STARTUP_META] SPACE_HOST: {os.environ.get('SPACE_HOST', 'not set')}")
-print(f"[STARTUP_META] GRADIO_SERVER_NAME: {os.environ.get('GRADIO_SERVER_NAME', 'not set')}")
-print(f"[STARTUP_META] GRADIO_SERVER_PORT: {os.environ.get('GRADIO_SERVER_PORT', 'not set')}")
-print(f"[STARTUP_META] HF_TOKEN: {'***set***' if os.environ.get('HF_TOKEN') else 'NOT SET'}")
-print(f"[STARTUP_META] SUPABASE_URL: {'***set***' if os.environ.get('SUPABASE_URL') else 'NOT SET'}")
-print(f"[STARTUP_META] SUPABASE_KEY: {'***set***' if os.environ.get('SUPABASE_KEY') else 'NOT SET'}")
-print("=" * 80)
-# --- Bootstrap: Download private app at startup ---
-print("[PHASE] bootstrap_start")
-try:
-    private_app_dir = download_private_app()
-    # Add private app to Python path so we can import it
-    private_app_path = str(private_app_dir.resolve())
-    if private_app_path not in sys.path:
-        sys.path.insert(0, private_app_path)
-    print(f"[PHASE] bootstrap_end success=true path={private_app_path}")
-except Exception as e:
-    print(f"[PHASE] bootstrap_end success=false")
-    print(f"[ERROR] Bootstrap failed: {e}")
-    print(f"[TRACEBACK]\n{traceback.format_exc()}")
-    print("⚠️  Application will start but /app/ route will not work")
-    private_app_dir = None
-# --- Supabase Setup ---
-print("[PHASE] supabase_init_start")
-SUPABASE_URL = os.environ.get("SUPABASE_URL")
-SUPABASE_KEY = os.environ.get("SUPABASE_KEY")
-if not SUPABASE_URL or not SUPABASE_KEY:
-    print("[ERROR] SUPABASE_URL and/or SUPABASE_KEY not set")
-    raise ValueError(
-        "SUPABASE_URL and SUPABASE_KEY must be set in environment variables. "
-        "Please configure them in HF Space Secrets."
-    )
-try:
-    supabase: Client = create_client(SUPABASE_URL, SUPABASE_KEY)
-    init_logger(supabase)
-    print(f"[PHASE] supabase_init_end success=true")
-except Exception as e:
-    print(f"[PHASE] supabase_init_end success=false")
-    print(f"[ERROR] Supabase init failed: {e}")
-    print(f"[TRACEBACK]\n{traceback.format_exc()}")
-    raise
-# --- FastAPI App ---
-print("[PHASE] fastapi_init_start")
-app = FastAPI()
-print("[PHASE] fastapi_init_end")
-# --- Request Logging Middleware ---
-class RequestLoggingMiddleware(BaseHTTPMiddleware):
-    async def dispatch(self, request: Request, call_next):
-        start_time = time.time()
-        path = request.url.path
-        method = request.method
-        # Resolve user from cookie and store in contextvars
-        user_info = self._resolve_user(request)
-        set_user_context(user_info)
-        user_tag = f" user={user_info['email']}" if user_info else ""
-        print(f"[REQUEST] method={method} path={path}{user_tag}")
-        log_event("request", f"{method} {path}", metadata={"method": method, "path": path})
-        try:
-            response = await call_next(request)
-            duration = time.time() - start_time
-            print(f"[RESPONSE] method={method} path={path} status={response.status_code} duration={duration:.3f}s{user_tag}")
-            if response.status_code >= 400:
-                log_event(
-                    "response_error",
-                    f"{method} {path} -> {response.status_code}",
-                    level="WARNING",
-                    metadata={"method": method, "path": path, "status": response.status_code, "duration": round(duration, 3)},
-                )
-            return response
-        except Exception as e:
-            duration = time.time() - start_time
-            print(f"[RESPONSE] method={method} path={path} status=500 duration={duration:.3f}s error={e}{user_tag}")
-            log_event(
-                "response_error",
-                f"{method} {path} -> 500: {e}",
-                level="ERROR",
-                metadata={"method": method, "path": path, "status": 500, "duration": round(duration, 3)},
-            )
-            raise
-        finally:
-            set_user_context(None)
-    @staticmethod
-    def _resolve_user(request: Request):
-        """Lightweight user resolution from cookie (no profile fetch)."""
-        token = request.cookies.get("sb_access_token")
-        if not token:
-            return None
-        try:
-            res = supabase.auth.get_user(token)
-            return {"user_id": str(res.user.id), "email": res.user.email}
-        except Exception:
-            return None
-app.add_middleware(RequestLoggingMiddleware)
-print("[MIDDLEWARE] RequestLoggingMiddleware added")
-# --- Authentication Handler (for login UI) ---
-def handle_login(email, password):
-    """Handle login attempt via Supabase"""
-    print(f"[AUTH] Login attempt for: {email}")
-    log_event("login_attempt", f"Login attempt: {email}", metadata={"email": email})
-    try:
-        res = supabase.auth.sign_in_with_password({"email": email, "password": password})
-        if res.session:
-            print(f"[AUTH] Login successful: {email}")
-            user_ctx = {"user_id": str(res.user.id), "email": email}
-            log_event(
-                "login_success", f"Login success: {email}",
-                user_override=user_ctx, metadata={"email": email},
-            )
-            return (
-                gr.update(visible=False),
-                gr.update(visible=True, value=f"### ✅ ログイン成功: {email}"),
-                res.session.access_token
-            )
-    except Exception as e:
-        print(f"[AUTH] Login failed for {email}: {e}")
-        log_event(
-            "login_failure", f"Login failed: {email} - {e}",
-            level="WARNING", metadata={"email": email, "error": str(e)},
-        )
-        return gr.update(), gr.update(value=f"❌ エラー: {str(e)}"), None
-# --- Authentication Dependency ---
-def get_current_user(request: Request):
-    """Verify token from cookie and fetch user profile"""
-    token = request.cookies.get("sb_access_token")
-    print(f"[AUTH_CHECK] Token present: {bool(token)}")
-    if not token:
-        return None
-    try:
-        # Verify token with Supabase
-        res = supabase.auth.get_user(token)
-        user_id = res.user.id
-        # Fetch profile from profiles table (with organization name)
-        profile_res = supabase.from_("profiles").select(
-            "email, org_id, role, display_name, organizations(name)"
-        ).eq("id", user_id).single().execute()
-        profile_data = profile_res.data
-        user_dict = {
-            "user_id": user_id,
-            "email": profile_data.get("email"),
-            "display_name": profile_data.get("display_name"),
-            "role": profile_data.get("role"),
-            "org_name": (profile_data.get("organizations") or {}).get("name")
-        }
-        print(f"[AUTH_CHECK] Success: user={user_dict['email']} role={user_dict['role']}")
-        log_event(
-            "auth_check", f"Authenticated: {user_dict['email']}",
-            user_override=user_dict,
-            metadata={"role": user_dict.get("role"), "org_name": user_dict.get("org_name")},
-        )
-        return user_dict
-    except Exception as e:
-        print(f"[AUTH_CHECK] Failed: {e}")
-        log_event("auth_check_fail", f"Auth check failed: {e}", level="WARNING")
-        return None
-# --- Create UI instances ---
-print("[PHASE] create_ui_start")
-login_ui = create_login_ui(handle_login)
-print("[PHASE] create_ui_end component=login_ui")
-# Import ver20 app (Gradio Blocks)
-print("[PHASE] import_ver20_start")
-ver20_app = None
-if private_app_dir:
-    try:
-        # Import app module from downloaded private app
-        from app import app as ver20_blocks
-        ver20_app = ver20_blocks
-        print(f"[PHASE] import_ver20_end success=true type={type(ver20_app)}")
-    except Exception as e:
-        print(f"[PHASE] import_ver20_end success=false")
-        print(f"[ERROR] Failed to import ver20 app: {e}")
-        print(f"[TRACEBACK]\n{traceback.format_exc()}")
-else:
-    print(f"[PHASE] import_ver20_end success=false reason=bootstrap_failed")
-# --- Routes ---
-@app.get("/")
-async def root(user=Depends(get_current_user)):
-    """Root route - redirect to login or app based on auth status"""
-    print(f"[ROUTE] / accessed, user_authenticated={isinstance(user, dict) and user.get('user_id')}")
-    if isinstance(user, dict) and user.get("user_id"):
-        return RedirectResponse(url="/app/")
-    return RedirectResponse(url="/login/")
-@app.get("/logout")
-async def logout():
-    """Logout route - clear cookie and redirect to login"""
-    user = get_user_context()
-    print(f"[ROUTE] /logout accessed")
-    log_event("logout", "User logged out", user_override=user)
-    response = RedirectResponse(url="/login/")
-    response.delete_cookie("sb_access_token")
-    return response
-@app.get("/healthz")
-async def healthz():
-    """Health check endpoint"""
-    status = {
-        "ok": True,
-        "ver20_loaded": ver20_app is not None,
-        "private_app_dir": str(private_app_dir) if private_app_dir else None
-    }
-    print(f"[HEALTHZ] {status}")
-    return JSONResponse(content=status)
-print("[ROUTES] Root, logout, and healthz routes registered")
-# --- Mount Gradio UIs ---
-print("[PHASE] mount_login_start")
-app = gr.mount_gradio_app(app, login_ui, path="/login")
-print("[PHASE] mount_login_end path=/login")
-# Ver20 App (protected)
-print("[PHASE] mount_app_start")
-if ver20_app:
-    app = gr.mount_gradio_app(app, ver20_app, path="/app", auth_dependency=get_current_user)
-    print("[PHASE] mount_app_end path=/app protected=true ver20=true")
-else:
-    # Fallback: simple placeholder if ver20 failed to load
-    with gr.Blocks() as fallback_ui:
-        gr.Markdown("# ⚠️ Application Not Available")
-        gr.Markdown("The private application failed to load. Please check logs.")
-    app = gr.mount_gradio_app(app, fallback_ui, path="/app", auth_dependency=get_current_user)
-    print("[PHASE] mount_app_end path=/app protected=true ver20=false fallback=true")
-print("=" * 80)
-print("🎉 Habadashi Login Gateway Ready!")
-print("=" * 80)
-print(f"[STARTUP_COMPLETE] All phases completed successfully")
-print(f"[STARTUP_COMPLETE] Access URLs:")
-print(f"  - Root: /")
-print(f"  - Login: /login/")
-print(f"  - App: /app/")
-print(f"  - Health: /healthz")
-print(f"  - Logout: /logout")
-print("=" * 80)
-if __name__ == "__main__":
-    import uvicorn
-    port = int(os.environ.get("PORT", 7860))
-    print(f"[ENTRYPOINT] Starting uvicorn on 0.0.0.0:{port}")
-    uvicorn.run(app, host="0.0.0.0", port=port, log_level="info")

+#!/usr/bin/env python3
+"""
+Habadashi Login Gateway - Main entry point
+Public Space that loads private ver20 app dynamically
+"""
+import os
+import sys
+import time
+import traceback
+from pathlib import Path
+from fastapi import FastAPI, Request, Depends, HTTPException
+from fastapi.responses import RedirectResponse, JSONResponse
+from starlette.middleware.base import BaseHTTPMiddleware
+import gradio as gr
+from supabase import create_client, Client
+# Import bootstrap to download private app
+from bootstrap import download_private_app
+from login import create_login_ui
+from supabase_logger import init_logger, log_event, set_user_context, get_user_context
+# --- Startup Meta Info ---
+print("=" * 80)
+print("🚀 Starting Habadashi Login Gateway")
+print("=" * 80)
+print(f"[STARTUP_META] Python version: {sys.version}")
+print(f"[STARTUP_META] CWD: {os.getcwd()}")
+print(f"[STARTUP_META] PORT: {os.environ.get('PORT', 'not set')}")
+print(f"[STARTUP_META] SPACE_ID: {os.environ.get('SPACE_ID', 'not set')}")
+print(f"[STARTUP_META] SPACE_HOST: {os.environ.get('SPACE_HOST', 'not set')}")
+print(f"[STARTUP_META] GRADIO_SERVER_NAME: {os.environ.get('GRADIO_SERVER_NAME', 'not set')}")
+print(f"[STARTUP_META] GRADIO_SERVER_PORT: {os.environ.get('GRADIO_SERVER_PORT', 'not set')}")
+print(f"[STARTUP_META] HF_TOKEN: {'***set***' if os.environ.get('HF_TOKEN') else 'NOT SET'}")
+print(f"[STARTUP_META] SUPABASE_URL: {'***set***' if os.environ.get('SUPABASE_URL') else 'NOT SET'}")
+print(f"[STARTUP_META] SUPABASE_KEY: {'***set***' if os.environ.get('SUPABASE_KEY') else 'NOT SET'}")
+print("=" * 80)
+# --- Bootstrap: Download private app at startup ---
+print("[PHASE] bootstrap_start")
+try:
+    private_app_dir = download_private_app()
+    # Add private app to Python path so we can import it
+    private_app_path = str(private_app_dir.resolve())
+    if private_app_path not in sys.path:
+        sys.path.insert(0, private_app_path)
+    print(f"[PHASE] bootstrap_end success=true path={private_app_path}")
+except Exception as e:
+    print(f"[PHASE] bootstrap_end success=false")
+    print(f"[ERROR] Bootstrap failed: {e}")
+    print(f"[TRACEBACK]\n{traceback.format_exc()}")
+    print("⚠️  Application will start but /app/ route will not work")
+    private_app_dir = None
+# --- Supabase Setup ---
+print("[PHASE] supabase_init_start")
+SUPABASE_URL = os.environ.get("SUPABASE_URL")
+SUPABASE_KEY = os.environ.get("SUPABASE_KEY")
+if not SUPABASE_URL or not SUPABASE_KEY:
+    print("[ERROR] SUPABASE_URL and/or SUPABASE_KEY not set")
+    raise ValueError(
+        "SUPABASE_URL and SUPABASE_KEY must be set in environment variables. "
+        "Please configure them in HF Space Secrets."
+    )
+try:
+    supabase: Client = create_client(SUPABASE_URL, SUPABASE_KEY)
+    init_logger(supabase)
+    print(f"[PHASE] supabase_init_end success=true")
+except Exception as e:
+    print(f"[PHASE] supabase_init_end success=false")
+    print(f"[ERROR] Supabase init failed: {e}")
+    print(f"[TRACEBACK]\n{traceback.format_exc()}")
+    raise
+# --- FastAPI App ---
+print("[PHASE] fastapi_init_start")
+app = FastAPI()
+print("[PHASE] fastapi_init_end")
+# --- Request Logging Middleware ---
+class RequestLoggingMiddleware(BaseHTTPMiddleware):
+    async def dispatch(self, request: Request, call_next):
+        start_time = time.time()
+        path = request.url.path
+        method = request.method
+        # Resolve user from cookie and store in contextvars
+        user_info = self._resolve_user(request)
+        set_user_context(user_info)
+        user_tag = f" user={user_info['email']}" if user_info else ""
+        # print(f"[REQUEST] method={method} path={path}{user_tag}")
+        # log_event("request", f"{method} {path}", metadata={"method": method, "path": path})
+        try:
+            response = await call_next(request)
+            duration = time.time() - start_time
+            # print(f"[RESPONSE] method={method} path={path} status={response.status_code} duration={duration:.3f}s{user_tag}")
+            if response.status_code >= 400:
+                log_event(
+                    "response_error",
+                    f"{method} {path} -> {response.status_code}",
+                    level="WARNING",
+                    metadata={"method": method, "path": path, "status": response.status_code, "duration": round(duration, 3)},
+                )
+            return response
+        except Exception as e:
+            duration = time.time() - start_time
+            print(f"[RESPONSE] method={method} path={path} status=500 duration={duration:.3f}s error={e}{user_tag}")
+            log_event(
+                "response_error",
+                f"{method} {path} -> 500: {e}",
+                level="ERROR",
+                metadata={"method": method, "path": path, "status": 500, "duration": round(duration, 3)},
+            )
+            raise
+        finally:
+            set_user_context(None)
+    @staticmethod
+    def _resolve_user(request: Request):
+        """Lightweight user resolution from cookie (no profile fetch)."""
+        token = request.cookies.get("sb_access_token")
+        if not token:
+            return None
+        try:
+            res = supabase.auth.get_user(token)
+            return {"user_id": str(res.user.id), "email": res.user.email}
+        except Exception:
+            return None
+app.add_middleware(RequestLoggingMiddleware)
+print("[MIDDLEWARE] RequestLoggingMiddleware added")
+# --- Authentication Handler (for login UI) ---
+def handle_login(email, password):
+    """Handle login attempt via Supabase"""
+    print(f"[AUTH] Login attempt for: {email}")
+    log_event("login_attempt", f"Login attempt: {email}", metadata={"email": email})
+    try:
+        res = supabase.auth.sign_in_with_password({"email": email, "password": password})
+        if res.session:
+            print(f"[AUTH] Login successful: {email}")
+            user_ctx = {"user_id": str(res.user.id), "email": email}
+            log_event(
+                "login_success", f"Login success: {email}",
+                user_override=user_ctx, metadata={"email": email},
+            )
+            return (
+                gr.update(visible=False),
+                gr.update(visible=True, value=f"### ✅ ログイン成功: {email}"),
+                res.session.access_token
+            )
+    except Exception as e:
+        print(f"[AUTH] Login failed for {email}: {e}")
+        log_event(
+            "login_failure", f"Login failed: {email} - {e}",
+            level="WARNING", metadata={"email": email, "error": str(e)},
+        )
+        return gr.update(), gr.update(value=f"❌ エラー: {str(e)}"), None
+# --- Authentication Dependency ---
+def get_current_user(request: Request):
+    """Verify token from cookie and fetch user profile"""
+    token = request.cookies.get("sb_access_token")
+    print(f"[AUTH_CHECK] Token present: {bool(token)}")
+    if not token:
+        return None
+    try:
+        # Verify token with Supabase
+        res = supabase.auth.get_user(token)
+        user_id = res.user.id
+        # Fetch profile from profiles table (with organization name)
+        profile_res = supabase.from_("profiles").select(
+            "email, org_id, role, display_name, organizations(name)"
+        ).eq("id", user_id).single().execute()
+        profile_data = profile_res.data
+        user_dict = {
+            "user_id": user_id,
+            "email": profile_data.get("email"),
+            "display_name": profile_data.get("display_name"),
+            "role": profile_data.get("role"),
+            "org_name": (profile_data.get("organizations") or {}).get("name")
+        }
+        print(f"[AUTH_CHECK] Success: user={user_dict['email']} role={user_dict['role']}")
+        log_event(
+            "auth_check", f"Authenticated: {user_dict['email']}",
+            user_override=user_dict,
+            metadata={"role": user_dict.get("role"), "org_name": user_dict.get("org_name")},
+        )
+        return user_dict
+    except Exception as e:
+        print(f"[AUTH_CHECK] Failed: {e}")
+        log_event("auth_check_fail", f"Auth check failed: {e}", level="WARNING")
+        return None
+# --- Create UI instances ---
+print("[PHASE] create_ui_start")
+login_ui = create_login_ui(handle_login)
+print("[PHASE] create_ui_end component=login_ui")
+# Import ver20 app (Gradio Blocks)
+print("[PHASE] import_ver20_start")
+ver20_app = None
+if private_app_dir:
+    try:
+        # Import app module from downloaded private app
+        from app import app as ver20_blocks
+        # --- Inject Logging Callback ---
+        try:
+            from lib.logging import set_logger_callback
+            def bridge_logger(event_type: str, message: str, metadata=None):
+                """Ver20からのログイベントをSupabaseに転送"""
+                # 現在のスレッド/コンテキストのuser情報を自動的に使用
+                log_event(event_type, message, metadata=metadata)
+            set_logger_callback(bridge_logger)
+            print("[LOGGING] Connected ver20 logging to Supabase")
+        except ImportError as e:
+            print(f"[LOGGING] Could not import lib.logging or set_logger_callback: {e}")
+        # -------------------------------
+        ver20_app = ver20_blocks
+        print(f"[PHASE] import_ver20_end success=true type={type(ver20_app)}")
+    except Exception as e:
+        print(f"[PHASE] import_ver20_end success=false")
+        print(f"[ERROR] Failed to import ver20 app: {e}")
+        print(f"[TRACEBACK]\n{traceback.format_exc()}")
+else:
+    print(f"[PHASE] import_ver20_end success=false reason=bootstrap_failed")
+# --- Routes ---
+@app.get("/")
+async def root(user=Depends(get_current_user)):
+    """Root route - redirect to login or app based on auth status"""
+    print(f"[ROUTE] / accessed, user_authenticated={isinstance(user, dict) and user.get('user_id')}")
+    if isinstance(user, dict) and user.get("user_id"):
+        return RedirectResponse(url="/app/")
+    return RedirectResponse(url="/login/")
+@app.get("/logout")
+async def logout():
+    """Logout route - clear cookie and redirect to login"""
+    user = get_user_context()
+    print(f"[ROUTE] /logout accessed")
+    log_event("logout", "User logged out", user_override=user)
+    response = RedirectResponse(url="/login/")
+    response.delete_cookie("sb_access_token")
+    return response
+@app.get("/healthz")
+async def healthz():
+    """Health check endpoint"""
+    status = {
+        "ok": True,
+        "ver20_loaded": ver20_app is not None,
+        "private_app_dir": str(private_app_dir) if private_app_dir else None
+    }
+    print(f"[HEALTHZ] {status}")
+    return JSONResponse(content=status)
+print("[ROUTES] Root, logout, and healthz routes registered")
+# --- Mount Gradio UIs ---
+print("[PHASE] mount_login_start")
+app = gr.mount_gradio_app(app, login_ui, path="/login")
+print("[PHASE] mount_login_end path=/login")
+# Ver20 App (protected)
+print("[PHASE] mount_app_start")
+if ver20_app:
+    app = gr.mount_gradio_app(app, ver20_app, path="/app", auth_dependency=get_current_user)
+    print("[PHASE] mount_app_end path=/app protected=true ver20=true")
+else:
+    # Fallback: simple placeholder if ver20 failed to load
+    with gr.Blocks() as fallback_ui:
+        gr.Markdown("# ⚠️ Application Not Available")
+        gr.Markdown("The private application failed to load. Please check logs.")
+    app = gr.mount_gradio_app(app, fallback_ui, path="/app", auth_dependency=get_current_user)
+    print("[PHASE] mount_app_end path=/app protected=true ver20=false fallback=true")
+print("=" * 80)
+print("🎉 Habadashi Login Gateway Ready!")
+print("=" * 80)
+print(f"[STARTUP_COMPLETE] All phases completed successfully")
+print(f"[STARTUP_COMPLETE] Access URLs:")
+print(f"  - Root: /")
+print(f"  - Login: /login/")
+print(f"  - App: /app/")
+print(f"  - Health: /healthz")
+print(f"  - Logout: /logout")
+print("=" * 80)
+if __name__ == "__main__":
+    import uvicorn
+    port = int(os.environ.get("PORT", 7860))
+    print(f"[ENTRYPOINT] Starting uvicorn on 0.0.0.0:{port}")
+    uvicorn.run(app, host="0.0.0.0", port=port, log_level="info")

@@ -1,136 +1,136 @@
-import os
-import urllib.parse
-import gradio as gr
-# Level Bridge Chat の Space URL（環境変数で上書き可能）
-CHAT_SPACE_URL = os.environ.get(
-    "LEVEL_BRIDGE_CHAT_URL",
-    "https://dlpo-level-bridge-chat.hf.space",
-)
-# チャットiframeに転送するパラメータ名一覧
-# ログインページのURLに ?url=...&industry=EC のように付けると転送される
-FORWARD_PARAMS = ["url", "industry", "campaign_name", "cvr", "ctr", "cpa"]
-def build_chat_html(params: dict) -> str:
-    """URLパラメータをチャットiframe srcに付与してHTML生成"""
-    chat_params = {k: v for k, v in params.items() if k in FORWARD_PARAMS and v}
-    if chat_params:
-        src = CHAT_SPACE_URL + "?" + urllib.parse.urlencode(chat_params)
-    else:
-        src = CHAT_SPACE_URL
-    return f"""
-<div style="
-    border: 1px solid #e0e0e0;
-    border-radius: 12px;
-    overflow: hidden;
-    height: 1000px;
-    background: #fafafa;
-">
-  <iframe
-    src="{src}"
-    style="width:100%; height:100%; border:none;"
-    allow="clipboard-write"
-  ></iframe>
-</div>
-<p style="font-size:11px; color:#999; margin-top:4px; text-align:right;">
-  Powered by Level Bridge Chat
-</p>
-"""
-def create_login_ui(handle_login_fn):
-    """
-    Create Gradio login UI with embedded Level Bridge Chat.
-    URLパラメータ (url, industry, campaign_name, cvr, ctr, cpa) をチャットに転送する。
-    例: /login/?url=https://example.com&industry=EC&cvr=2.1
-    Args:
-        handle_login_fn: Function to handle login (email, password) -> (form_update, status_update, token)
-    Returns:
-        Gradio Blocks UI for login
-    """
-    with gr.Blocks(title="Login") as ui:
-        # --- 上段: ログインフォーム ---
-        gr.Markdown("# 🔐 Habadashi Login")
-        with gr.Column(visible=True) as login_form:
-            email_input = gr.Textbox(label="Email")
-            pass_input = gr.Textbox(label="Password", type="password")
-            login_btn = gr.Button("Login", variant="primary")
-        status_msg = gr.Markdown("")
-        # Hidden textbox to store token and trigger cookie setting via JS
-        token_storage = gr.Textbox(visible=False, elem_id="token_storage")
-        # --- 中段: チャット初期化フォーム ---
-        gr.Markdown("### 🔧 チャット初期化パラメータ（任意）")
-        with gr.Row():
-            input_url = gr.Textbox(label="URL", placeholder="https://example.com", scale=3)
-            input_industry = gr.Textbox(label="業界 / カテゴリ", placeholder="EC、人材、金融など", scale=2)
-            input_cvr = gr.Number(label="CVR (%)", value=None, minimum=0, maximum=100, scale=1)
-        apply_btn = gr.Button("チャットに反映", variant="secondary")
-        # --- 下段: チャット ---
-        gr.Markdown("### 💬 広告改善提案チャット")
-        chat_frame = gr.HTML(build_chat_html({}))
-        # ページ読み込み時にURLパラメータでフォームとiframeを初期化
-        def on_load(request: gr.Request):
-            params = dict(request.query_params)
-            url_val = params.get("url", "")
-            industry_val = params.get("industry", "")
-            cvr_val = float(params["cvr"]) if params.get("cvr") else None
-            return url_val, industry_val, cvr_val, build_chat_html(params)
-        ui.load(on_load, inputs=None, outputs=[input_url, input_industry, input_cvr, chat_frame])
-        # フォーム変更時にiframeを動的更新
-        def update_chat(url, industry, cvr):
-            params = {}
-            if url:
-                params["url"] = url
-            if industry:
-                params["industry"] = industry
-            if cvr is not None:
-                params["cvr"] = cvr
-            return build_chat_html(params)
-        apply_btn.click(
-            update_chat,
-            inputs=[input_url, input_industry, input_cvr],
-            outputs=chat_frame,
-        )
-        # External login handler (from app.py) is bound here
-        login_btn.click(
-            handle_login_fn,
-            inputs=[email_input, pass_input],
-            outputs=[login_form, status_msg, token_storage],
-        )
-        # When token is set, use JavaScript to save cookie and redirect
-        token_storage.change(
-            None,
-            inputs=[token_storage],
-            js="""(token) => {
-                if (!token || token === "") return;
-                // Set cookie
-                document.cookie = `sb_access_token=${token}; path=/; max-age=3600; SameSite=None; Secure;`;
-                console.log("Cookie set, redirecting...");
-                // Wait briefly then redirect
-                setTimeout(() => {
-                    window.location.href = '/app/';
-                }, 200);
-            }""",
-        )
-    return ui

+import os
+import urllib.parse
+import gradio as gr
+# Level Bridge Chat の Space URL（環境変数で上書き可能）
+CHAT_SPACE_URL = os.environ.get(
+    "LEVEL_BRIDGE_CHAT_URL",
+    "https://dlpo-level-bridge-chat.hf.space",
+)
+# チャットiframeに転送するパラメータ名一覧
+# ログインページのURLに ?url=...&industry=EC のように付けると転送される
+FORWARD_PARAMS = ["url", "industry", "campaign_name", "cvr", "ctr", "cpa"]
+def build_chat_html(params: dict) -> str:
+    """URLパラメータをチャットiframe srcに付与してHTML生成"""
+    chat_params = {k: v for k, v in params.items() if k in FORWARD_PARAMS and v}
+    if chat_params:
+        src = CHAT_SPACE_URL + "?" + urllib.parse.urlencode(chat_params)
+    else:
+        src = CHAT_SPACE_URL
+    return f"""
+<div style="
+    border: 1px solid #e0e0e0;
+    border-radius: 12px;
+    overflow: hidden;
+    height: 1000px;
+    background: #fafafa;
+">
+  <iframe
+    src="{src}"
+    style="width:100%; height:100%; border:none;"
+    allow="clipboard-write"
+  ></iframe>
+</div>
+<p style="font-size:11px; color:#999; margin-top:4px; text-align:right;">
+  Powered by Level Bridge Chat
+</p>
+"""
+def create_login_ui(handle_login_fn):
+    """
+    Create Gradio login UI with embedded Level Bridge Chat.
+    URLパラメータ (url, industry, campaign_name, cvr, ctr, cpa) をチャットに転送する。
+    例: /login/?url=https://example.com&industry=EC&cvr=2.1
+    Args:
+        handle_login_fn: Function to handle login (email, password) -> (form_update, status_update, token)
+    Returns:
+        Gradio Blocks UI for login
+    """
+    with gr.Blocks(title="Login") as ui:
+        # --- 上段: ログインフォーム ---
+        gr.Markdown("# 🔐 Habadashi Login")
+        with gr.Column(visible=True) as login_form:
+            email_input = gr.Textbox(label="Email")
+            pass_input = gr.Textbox(label="Password", type="password")
+            login_btn = gr.Button("Login", variant="primary")
+        status_msg = gr.Markdown("")
+        # Hidden textbox to store token and trigger cookie setting via JS
+        token_storage = gr.Textbox(visible=False, elem_id="token_storage")
+        # --- 中段: チャット初期化フォーム ---
+        gr.Markdown("### 🔧 チャット初期化パラメータ（任意）")
+        with gr.Row():
+            input_url = gr.Textbox(label="URL", placeholder="https://example.com", scale=3)
+            input_industry = gr.Textbox(label="業界 / カテゴリ", placeholder="EC、人材、金融など", scale=2)
+            input_cvr = gr.Number(label="CVR (%)", value=None, minimum=0, maximum=100, scale=1)
+        apply_btn = gr.Button("チャットに反映", variant="secondary")
+        # --- 下段: チャット ---
+        gr.Markdown("### 💬 広告改善提案チャット")
+        chat_frame = gr.HTML(build_chat_html({}))
+        # ページ読み込み時にURLパラメータでフォームとiframeを初期化
+        def on_load(request: gr.Request):
+            params = dict(request.query_params)
+            url_val = params.get("url", "")
+            industry_val = params.get("industry", "")
+            cvr_val = float(params["cvr"]) if params.get("cvr") else None
+            return url_val, industry_val, cvr_val, build_chat_html(params)
+        ui.load(on_load, inputs=None, outputs=[input_url, input_industry, input_cvr, chat_frame])
+        # フォーム変更時にiframeを動的更新
+        def update_chat(url, industry, cvr):
+            params = {}
+            if url:
+                params["url"] = url
+            if industry:
+                params["industry"] = industry
+            if cvr is not None:
+                params["cvr"] = cvr
+            return build_chat_html(params)
+        apply_btn.click(
+            update_chat,
+            inputs=[input_url, input_industry, input_cvr],
+            outputs=chat_frame,
+        )
+        # External login handler (from app.py) is bound here
+        login_btn.click(
+            handle_login_fn,
+            inputs=[email_input, pass_input],
+            outputs=[login_form, status_msg, token_storage],
+        )
+        # When token is set, use JavaScript to save cookie and redirect
+        token_storage.change(
+            None,
+            inputs=[token_storage],
+            js="""(token) => {
+                if (!token || token === "") return;
+                // Set cookie
+                document.cookie = `sb_access_token=${token}; path=/; max-age=3600; SameSite=None; Secure;`;
+                console.log("Cookie set, redirecting...");
+                // Wait briefly then redirect
+                setTimeout(() => {
+                    window.location.href = '/app/';
+                }, 200);
+            }""",
+        )
+    return ui