Add auth

app.py

@@ -12,6 +12,8 @@ from streamlit_pdf_viewer import pdf_viewer
 from utils import blob_service_client, upload_to_azure, download_from_azure, delete_from_azure
 from streamlit_msal import Msal
 
+from auth_middleware import app as auth_app
+
 load_dotenv()
 st.set_page_config(layout="wide")
 
@@ -182,3 +184,7 @@ else:
             file_name=f"{lang_name}-translated-files.zip",
             mime="application/zip"
         )
+
+# Proxy Streamlit through Flask
+def run():
+    os.system("streamlit run streamlit_app.py --server.port=8501 --server.address=0.0.0.0")

auth_middleware.py

@@ -0,0 +1,34 @@
+from flask import Flask, request, redirect, session
+from authlib.integrations.flask_client import OAuth
+import os
+
+# Flask app setup
+app = Flask(__name__)
+app.secret_key = os.getenv("FLASK_SECRET_KEY")
+
+# OAuth setup
+oauth = OAuth(app)
+azure = oauth.register(
+    name='azure',
+    client_id=os.getenv("AZURE_CLIENT_ID"),
+    client_secret=os.getenv("AZURE_CLIENT_SECRET"),
+    server_metadata_url=f"https://login.microsoftonline.com/{os.getenv('AZURE_TENANT_ID')}/v2.0/.well-known/openid-configuration",
+    client_kwargs={"scope": "openid email profile"},
+)
+
+@app.route("/login")
+def login():
+    redirect_uri = os.getenv("REDIRECT_URI", "http://localhost:8501")
+    return azure.authorize_redirect(redirect_uri)
+
+@app.route("/callback")
+def callback():
+    token = azure.authorize_access_token()
+    user = azure.parse_id_token(token)
+    # You can save user info or session here
+    return redirect("/")
+
+@app.before_request
+def auth_middleware():
+    if request.endpoint not in ("login", "callback") and "user" not in session:
+        return redirect("/login")

requirements.txt

@@ -1,4 +1,11 @@
+aiohappyeyeballs==2.4.4
+aiohttp==3.11.10
+aiosignal==1.3.1
 altair==5.5.0
+appscript==1.3.0
+attrs==24.2.0
+auth0-python==4.7.2
+Authlib==1.3.2
 azure-ai-translation-document==1.1.0
 azure-core==1.32.0
 azure-storage-blob==12.24.0
@@ -10,12 +17,16 @@ chardet==5.2.0
 charset-normalizer==3.4.0
 click==8.1.7
 cobble==0.1.4
-cryptography==44.0.0
+cryptography==43.0.3
 docx2pdf==0.1.8
+ecdsa==0.19.0
+Flask==3.1.0
+frozenlist==1.5.0
 gitdb==4.0.11
 GitPython==3.1.43
 idna==3.10
 isodate==0.7.2
+itsdangerous==2.2.0
 Jinja2==3.1.4
 jsonschema==4.23.0
 jsonschema-specifications==2024.10.1
@@ -24,30 +35,39 @@ mammoth==1.8.0
 markdown-it-py==3.0.0
 MarkupSafe==3.0.2
 mdurl==0.1.2
+multidict==6.1.0
 narwhals==1.16.0
 numpy==2.2.0
 packaging==24.2
 pandas==2.2.3
 pdfkit==1.0.0
+pdflatex==0.1.3
 pillow==11.0.0
+propcache==0.2.1
 protobuf==5.29.1
 pyarrow==18.1.0
+pyasn1==0.6.1
 pycparser==2.22
 pydeck==0.9.1
 Pygments==2.18.0
+PyJWT==2.10.1
 pypandoc==1.14
 python-dateutil==2.9.0.post0
 python-docx==1.1.2
 python-dotenv==1.0.1
+python-jose==3.3.0
 pytz==2024.2
 referencing==0.35.1
 reportlab==4.2.5
 requests==2.32.3
 rich==13.9.4
 rpds-py==0.22.3
+rsa==4.9
 six==1.17.0
 smmap==5.0.1
 streamlit==1.40.2
+streamlit-auth0==1.0.5
+streamlit-auth0-component==0.1.5
 streamlit-msal==0.2.0
 streamlit-pdf-viewer==0.0.19
 tenacity==9.0.0
@@ -57,3 +77,5 @@ tqdm==4.67.1
 typing_extensions==4.12.2
 tzdata==2024.2
 urllib3==2.2.3
+Werkzeug==3.1.3
+yarl==1.18.3