Spaces:

Domify
/

signup

Running

App Files Files Community

Domify commited on Apr 12

Commit

f4a5f4a

verified ·

1 Parent(s): d14d883

Update main.py

Browse files

Files changed (1) hide show

main.py +103 -78

main.py CHANGED Viewed

@@ -1,13 +1,13 @@
-# main.py - Domify Academy Backend (Complete)
 from fastapi import FastAPI, Request, HTTPException
 from fastapi.middleware.cors import CORSMiddleware
 import sqlite3
 from datetime import datetime, timedelta
-import os
 import asyncio
 import aiohttp
-import threading
 import time
 app = FastAPI()
@@ -19,7 +19,7 @@ app.add_middleware(
     allow_origins=[
         "https://domify-academy.free.nf",
         "https://*.free.nf",
-        "http://localhost:3000"  # for local testing
     ],
     allow_credentials=True,
     allow_methods=["*"],
@@ -54,7 +54,21 @@ conn.commit()
 # ============================================
 # ADMIN IPS (add your own IP addresses here)
 # ============================================
-ADMIN_IPS = ["fe80::f26d:78ff:fe61:be53", "192.168.7.71" ,"10.92.98.240"]  # <-- REPLACE WITH YOUR IPs
 # ============================================
 # HELPER: get real client IP
@@ -66,14 +80,13 @@ def get_client_ip(request: Request) -> str:
     return request.client.host
 # ============================================
-# ENDPOINT 1: SIGNUP (receives data from frontend)
 # ============================================
 @app.post("/signup")
 async def signup(request: Request):
     try:
         data = await request.json()
-        # Required fields
         required = ['userId', 'fullName', 'email', 'signupDate', 'country', 'source', 'ip', 'timestamp']
         for field in required:
             if field not in data:
@@ -95,13 +108,13 @@ async def signup(request: Request):
         raise HTTPException(status_code=500, detail=str(e))
 # ============================================
-# ENDPOINT 2: GET USER DATA (by email, user_id, or IP)
 # ============================================
 @app.get("/user")
 async def get_user(request: Request, email: str = None, user_id: str = None):
     client_ip = get_client_ip(request)
-    # Admin override – full access
     if client_ip in ADMIN_IPS:
         return {
             "userId": "admin",
@@ -114,7 +127,7 @@ async def get_user(request: Request, email: str = None, user_id: str = None):
             "isAdmin": True
         }
-    # Try to find user by email, user_id, or IP
     c.execute("""
         SELECT user_id, full_name, email, tier, expiry, cert_paid, cert_generated
         FROM users WHERE email=? OR user_id=? OR ip=?
@@ -133,102 +146,114 @@ async def get_user(request: Request, email: str = None, user_id: str = None):
             "isAdmin": False
         }
-    # No user found – frontend will redirect to signup
     raise HTTPException(status_code=404, detail="User not found")
 # ============================================
-# ENDPOINT 3: PADDLE WEBHOOK (payment confirmation)
 # ============================================
-# ----- REPLACE THESE WITH YOUR ACTUAL PADDLE PRICE IDs -----
-PRICE_PROFESSIONAL = 'pri_01kn5rz5ezzb7b75b13g2pcwm3'
-PRICE_MASTER = 'pri_01kn5rqntftqhwsc8e0xfcek9v'
-PRICE_CERT_ADDON = 'pri_01kn5rce56k7pxrsr6fvs1g7xq'
-@app.post("/paddle-webhook")
-async def paddle_webhook(request: Request):
     try:
         data = await request.json()
-        event_type = data.get('event_type')
-        # Only process successful payments
-        if event_type != 'transaction.completed':
-            return {"status": "ignored", "reason": f"Event {event_type} not processed"}
-        # Extract customer email
-        email = data.get('data', {}).get('customer_email')
-        if not email:
-            return {"status": "ignored", "reason": "No email in webhook"}
-        # Extract price ID
-        items = data.get('data', {}).get('items', [])
-        if not items:
-            return {"status": "ignored", "reason": "No items in webhook"}
-        price_id = items[0].get('price', {}).get('id')
-        if not price_id:
-            return {"status": "ignored", "reason": "No price_id"}
-        # Determine upgrade
-        new_tier = None
-        expiry_days = 0
-        cert_paid = False
-        if price_id == PRICE_PROFESSIONAL:
-            new_tier = 'Professional'
-            expiry_days = 30
-        elif price_id == PRICE_MASTER:
-            new_tier = 'Master'
-            expiry_days = 30
-            cert_paid = True
-        elif price_id == PRICE_CERT_ADDON:
-            cert_paid = True
-        else:
-            return {"status": "ignored", "reason": f"Unknown price_id: {price_id}"}
-        # Update database
-        expiry_date = (datetime.now() + timedelta(days=expiry_days)).isoformat() if expiry_days else None
         c.execute("SELECT * FROM users WHERE email = ?", (email,))
         user = c.fetchone()
-        if not user:
-            return {"status": "error", "message": f"User {email} not found in database"}
-        if new_tier:
-            c.execute("UPDATE users SET tier = ?, expiry = ? WHERE email = ?", (new_tier, expiry_date, email))
-        if cert_paid:
-            c.execute("UPDATE users SET cert_paid = 1 WHERE email = ?", (email,))
         conn.commit()
-        return {"status": "ok", "message": f"Updated {email} to {new_tier or 'cert_paid'}"}
     except Exception as e:
-        print(f"Webhook error: {e}")
-        raise HTTPException(status_code=500, detail=str(e))
 # ============================================
 # HEALTH CHECK
 # ============================================
 @app.get("/")
 def health():
-    return {"status": "alive", "service": "Domify Academy Backend", "version": "2.0"}
 async def keep_alive_self():
-    """Keep the HF Space awake by pinging itself every 5 minutes"""
-    url = "https://domify-signup.hf.space/"  # Your space URL
     while True:
         try:
             async with aiohttp.ClientSession() as session:
                 async with session.get(url) as response:
-                    print(f"Self-ping at {time.ctime()}: {response.status}")
         except Exception as e:
-            print(f"Self-ping failed: {e}")
-        await asyncio.sleep(300)  # Wait 5 minutes
-# Start the keep-alive task when the app starts
 @app.on_event("startup")
 async def startup_event():
-    asyncio.create_task(keep_alive_self())

+  # main.py - Domify Academy Backend with Lemon Squeezy
 from fastapi import FastAPI, Request, HTTPException
 from fastapi.middleware.cors import CORSMiddleware
 import sqlite3
 from datetime import datetime, timedelta
 import asyncio
 import aiohttp
 import time
+import hmac
+import hashlib
 app = FastAPI()
     allow_origins=[
         "https://domify-academy.free.nf",
         "https://*.free.nf",
+        "http://localhost:3000"
     ],
     allow_credentials=True,
     allow_methods=["*"],
 # ============================================
 # ADMIN IPS (add your own IP addresses here)
 # ============================================
+ADMIN_IPS = ["fe80::f26d:78ff:fe61:be53", "192.168.7.71", "10.92.98.240"]
+# ============================================
+# LEMON SQUEEZY CONFIGURATION
+# ============================================
+LEMON_STORE_ID = 342813
+LEMON_API_KEY = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI5NGQ1OWNlZi1kYmI4LTRlYTUtYjE3OC1kMjU0MGZjZDY5MTkiLCJqdGkiOiIyM2Q5MTk2NGQ2ZDk4OTc5ZGUyY2NmNGViYTNkZTA5ODMyZWFiNGIwZDk5MmI3MWVkY2E3NDExODU4ZmMzODA4NjVlMWZhNzlkNTUyNTY2NiIsImlhdCI6MTc3NTk2MzY4NS4zMjk5NjksIm5iZiI6MTc3NTk2MzY4NS4zMjk5NzIsImV4cCI6NDk0OTA3ODQwMC4wMzk4NjQsInN1YiI6IjY4Nzc3MzkiLCJzY29wZXMiOltdfQ.RqMkdIptrE52m_Dr_sI674lUae-FksX-Ey4metBS6QY4r33yyoYvD5DVOCLTa4q6dnKo2b5hhWl_hONYnNyjLwkFemsWOkyy6c17jWn4IC1S59co-iHaz5vYa3PTttWF9nSHQpoyRFhd9dNxGfBH7z4x06PoqDGUVEd3Am60xwXAoe5oXILrpigdC81Z0sk9pnw4gJXrzKlP88bKfjGmqHawowpXwvqNoiKjPSZCcYLQKWy2GJ6yPdO-z3SqWKP8RJ64lp3nHDLcfJGmJLlRMTLCubLdRvX_LXi6EE5bzMWBdOvbszL9h00NZE9DL_7Qd6tufh_uYgqg3b8LQK-Ur-i6E60DSAktke3wwI46MCXyl8zl-lMeuGYUq98TIV8eTGvSKroNYs-dwI068iFePI8qgt1YeF4MAQendj1vJlIVQqB3C79D7O0OlVLAkibJ50yCAf6B63q9F1leVOpfhXlJWZvZuLMkQy4vOGu7DYUPRRP0SRq3g_e_ozFgzbzb51e-hUUiU4Q_1lEWlsFuaSoXen0iJ4K2llrKmfR0FTKep2JYoRWQ473IvrL7Uxh_K87Z9SQzDUSHDL4b4tGqSwWrElT1kDFxHCDeKFjloYFHkfoAHgpeqstTj_PgdOpwaVvgTWDIj6Vw5sREEvamheEb6e9pRyg90fJlmLGdygo"
+LEMON_WEBHOOK_SECRET = "whsec_8f3a9d2c5e1b7a4d6f8e2c9b5a7d3f1e"
+# Map variant IDs to tiers
+LEMON_PRODUCTS = {
+    1519026: {"tier": "Professional", "days": 30},
+    1519043: {"tier": "Master", "days": 30},
+    1519056: {"tier": "Certificate", "days": 0},
+}
 # ============================================
 # HELPER: get real client IP
     return request.client.host
 # ============================================
+# ENDPOINT 1: SIGNUP
 # ============================================
 @app.post("/signup")
 async def signup(request: Request):
     try:
         data = await request.json()
         required = ['userId', 'fullName', 'email', 'signupDate', 'country', 'source', 'ip', 'timestamp']
         for field in required:
             if field not in data:
         raise HTTPException(status_code=500, detail=str(e))
 # ============================================
+# ENDPOINT 2: GET USER DATA
 # ============================================
 @app.get("/user")
 async def get_user(request: Request, email: str = None, user_id: str = None):
     client_ip = get_client_ip(request)
+    # Admin override
     if client_ip in ADMIN_IPS:
         return {
             "userId": "admin",
             "isAdmin": True
         }
+    # Find user
     c.execute("""
         SELECT user_id, full_name, email, tier, expiry, cert_paid, cert_generated
         FROM users WHERE email=? OR user_id=? OR ip=?
             "isAdmin": False
         }
     raise HTTPException(status_code=404, detail="User not found")
 # ============================================
+# ENDPOINT 3: LEMON SQUEEZY WEBHOOK
 # ============================================
+@app.post("/webhook/lemonsqueezy")
+async def lemon_webhook(request: Request):
     try:
+        # Get raw body and signature
+        body = await request.body()
+        signature = request.headers.get("X-Signature")
+        if not signature:
+            print("❌ No signature in webhook")
+            return {"status": "ignored", "reason": "no signature"}
+        # Verify signature
+        expected = hmac.new(
+            LEMON_WEBHOOK_SECRET.encode(),
+            body,
+            hashlib.sha256
+        ).hexdigest()
+        if not hmac.compare_digest(signature, expected):
+            print("❌ Invalid signature")
+            return {"status": "ignored", "reason": "invalid signature"}
+        # Parse data
         data = await request.json()
+        event_name = data.get("meta", {}).get("event_name")
+        if event_name != "order_created":
+            return {"status": "ignored", "reason": f"event {event_name}"}
+        # Extract customer email and variant
+        order_data = data.get("data", {}).get("attributes", {})
+        email = order_data.get("user_email")
+        first_item = order_data.get("first_order_item", {})
+        variant_id = first_item.get("variant_id")
+        if not email or not variant_id:
+            print(f"❌ Missing email or variant")
+            return {"status": "ignored", "reason": "missing email or variant"}
+        # Map variant to product
+        product = LEMON_PRODUCTS.get(variant_id)
+        if not product:
+            print(f"❌ Unknown variant: {variant_id}")
+            return {"status": "ignored", "reason": f"unknown variant {variant_id}"}
+        print(f"✅ Processing payment: {email} -> {product['tier']}")
+        # Calculate expiry
+        expiry = None
+        if product["days"] > 0:
+            expiry = (datetime.now() + timedelta(days=product["days"])).isoformat()
+        # Update database
         c.execute("SELECT * FROM users WHERE email = ?", (email,))
         user = c.fetchone()
+        if user:
+            c.execute("UPDATE users SET tier = ?, expiry = ? WHERE email = ?",
+                     (product["tier"], expiry, email))
+            if product["tier"] == "Master":
+                c.execute("UPDATE users SET cert_paid = 1 WHERE email = ?", (email,))
+            print(f"✅ Updated existing user: {email}")
+        else:
+            c.execute("""
+                INSERT INTO users (user_id, full_name, email, tier, expiry, cert_paid, timestamp)
+                VALUES (?, ?, ?, ?, ?, ?, ?)
+            """, (
+                f"auto_{int(time.time())}", email, email, product["tier"], expiry,
+                1 if product["tier"] == "Master" else 0,
+                datetime.now().isoformat()
+            ))
+            print(f"✅ Created new user: {email}")
         conn.commit()
+        return {"status": "ok", "message": f"Updated {email} to {product['tier']}"}
     except Exception as e:
+        print(f"❌ Webhook error: {e}")
+        return {"status": "error", "reason": str(e)}
 # ============================================
 # HEALTH CHECK
 # ============================================
 @app.get("/")
 def health():
+    return {"status": "alive", "service": "Domify Academy Backend", "version": "3.0"}
+# ============================================
+# KEEP-ALIVE FUNCTION (Prevents HF Space from sleeping)
+# ============================================
 async def keep_alive_self():
+    url = "https://domify-signup.hf.space"
     while True:
         try:
             async with aiohttp.ClientSession() as session:
                 async with session.get(url) as response:
+                    print(f"✅ Self-ping at {time.ctime()}: {response.status}")
         except Exception as e:
+            print(f"❌ Self-ping failed: {e}")
+        await asyncio.sleep(300)
 @app.on_event("startup")
 async def startup_event():
+    print("🚀 Domify Academy Backend Starting...")
+    asyncio.create_task(keep_alive_self())
+    print("✅ Keep-alive task started (pings every 5 minutes)")