Add password authentication and full demo application

.streamlit/secrets.toml.example

@@ -1,5 +1,14 @@
-# Copy to secrets.toml and fill in your keys
-# DO NOT commit secrets.toml!
+# SPARKNET Secrets Configuration
+# Copy this to secrets.toml (DO NOT commit secrets.toml!)
 
-GROQ_API_KEY = "example - put the real"
-HF_TOKEN = "example - put the real"
+# Authentication - set your password
+[auth]
+password = "your-secure-password-here"
+
+# Or for multiple users:
+# [auth]
+# passwords = { admin = "admin123", viewer = "viewer456" }
+
+# API Keys (free tiers)
+GROQ_API_KEY = "your-groq-key"
+HF_TOKEN = "your-huggingface-token"

demo/app.py

@@ -21,7 +21,7 @@ from datetime import datetime
 PROJECT_ROOT = Path(__file__).parent.parent
 sys.path.insert(0, str(PROJECT_ROOT))
 
-# Page configuration
+# Page configuration - MUST be first Streamlit command
 st.set_page_config(
     page_title="SPARKNET Document Intelligence",
     page_icon="🔥",
@@ -29,6 +29,15 @@ st.set_page_config(
     initial_sidebar_state="expanded",
 )
 
+# Authentication - require login before showing app
+from auth import check_password, show_logout_button
+
+if not check_password():
+    st.stop()
+
+# Show logout button in sidebar
+show_logout_button()
+
 # Custom CSS
 st.markdown("""
 <style>

demo/auth.py

@@ -0,0 +1,163 @@
+"""
+Simple Password Authentication for SPARKNET
+
+Provides password-based access control for the Streamlit app.
+"""
+
+import streamlit as st
+import hashlib
+import hmac
+from typing import Optional
+
+
+def hash_password(password: str) -> str:
+    """Hash a password for secure storage."""
+    return hashlib.sha256(password.encode()).hexdigest()
+
+
+def check_password() -> bool:
+    """
+    Show login form and verify password.
+
+    Returns True if password is correct, False otherwise.
+
+    Configure password in Streamlit secrets:
+        [auth]
+        password = "your-secure-password"
+
+    Or set multiple users:
+        [auth]
+        passwords = { admin = "admin123", user1 = "pass123" }
+    """
+
+    def password_entered():
+        """Check if entered password is correct."""
+        # Get password(s) from secrets
+        if "auth" in st.secrets:
+            # Check single password
+            if "password" in st.secrets["auth"]:
+                if hmac.compare_digest(
+                    st.session_state["password"],
+                    st.secrets["auth"]["password"]
+                ):
+                    st.session_state["authenticated"] = True
+                    st.session_state["username"] = "user"
+                    del st.session_state["password"]
+                    return
+
+            # Check multiple users
+            if "passwords" in st.secrets["auth"]:
+                username = st.session_state.get("username_input", "")
+                password = st.session_state.get("password", "")
+
+                passwords = st.secrets["auth"]["passwords"]
+                if username in passwords and hmac.compare_digest(
+                    password, passwords[username]
+                ):
+                    st.session_state["authenticated"] = True
+                    st.session_state["username"] = username
+                    del st.session_state["password"]
+                    return
+
+        st.session_state["authenticated"] = False
+        st.session_state["password_incorrect"] = True
+
+    # Check if already authenticated
+    if st.session_state.get("authenticated", False):
+        return True
+
+    # Show login form
+    st.markdown("""
+    <style>
+    .login-container {
+        max-width: 400px;
+        margin: 100px auto;
+        padding: 40px;
+        background: linear-gradient(135deg, #1a1a2e 0%, #16213e 100%);
+        border-radius: 15px;
+        box-shadow: 0 10px 40px rgba(0,0,0,0.3);
+    }
+    .login-title {
+        text-align: center;
+        color: #4ECDC4;
+        font-size: 2em;
+        margin-bottom: 10px;
+    }
+    .login-subtitle {
+        text-align: center;
+        color: #8b949e;
+        margin-bottom: 30px;
+    }
+    </style>
+    """, unsafe_allow_html=True)
+
+    col1, col2, col3 = st.columns([1, 2, 1])
+
+    with col2:
+        st.markdown('<div class="login-title">🔥 SPARKNET</div>', unsafe_allow_html=True)
+        st.markdown('<div class="login-subtitle">Document Intelligence Platform</div>', unsafe_allow_html=True)
+
+        st.markdown("---")
+
+        # Check if we have multi-user setup
+        has_multi_user = (
+            "auth" in st.secrets and
+            "passwords" in st.secrets["auth"]
+        )
+
+        if has_multi_user:
+            st.text_input(
+                "Username",
+                key="username_input",
+                placeholder="Enter username"
+            )
+
+        st.text_input(
+            "Password",
+            type="password",
+            key="password",
+            placeholder="Enter password",
+            on_change=password_entered
+        )
+
+        if st.button("🔐 Login", type="primary", use_container_width=True):
+            password_entered()
+
+        if st.session_state.get("password_incorrect", False):
+            st.error("😕 Incorrect password. Please try again.")
+
+        st.markdown("---")
+        st.caption("Contact administrator for access credentials.")
+
+    return False
+
+
+def logout():
+    """Log out the current user."""
+    st.session_state["authenticated"] = False
+    st.session_state["username"] = None
+    st.rerun()
+
+
+def get_current_user() -> Optional[str]:
+    """Get the current logged-in username."""
+    return st.session_state.get("username")
+
+
+def require_auth(func):
+    """Decorator to require authentication for a page."""
+    def wrapper(*args, **kwargs):
+        if check_password():
+            return func(*args, **kwargs)
+    return wrapper
+
+
+def show_logout_button():
+    """Show logout button in sidebar."""
+    if st.session_state.get("authenticated", False):
+        with st.sidebar:
+            st.markdown("---")
+            user = get_current_user()
+            st.caption(f"Logged in as: **{user}**")
+            if st.button("🚪 Logout", use_container_width=True):
+                logout()

demo/pages/1_🔬_Live_Processing.py

@@ -32,6 +32,12 @@ from rag_config import (
 
 st.set_page_config(page_title="Live Processing - SPARKNET", page_icon="🔬", layout="wide")
 
+# Authentication
+from auth import check_password, show_logout_button
+if not check_password():
+    st.stop()
+show_logout_button()
+
 # Custom CSS
 st.markdown("""
 <style>

demo/pages/2_💬_Interactive_RAG.py

@@ -234,6 +234,12 @@ st.set_page_config(
     layout="wide"
 )
 
+# Authentication
+from auth import check_password, show_logout_button
+if not check_password():
+    st.stop()
+show_logout_button()
+
 # Custom CSS
 st.markdown("""
 <style>

demo/pages/3_📊_Document_Comparison.py

@@ -28,6 +28,12 @@ from rag_config import (
 
 st.set_page_config(page_title="Document Comparison - SPARKNET", page_icon="📊", layout="wide")
 
+# Authentication
+from auth import check_password, show_logout_button
+if not check_password():
+    st.stop()
+show_logout_button()
+
 # Custom CSS
 st.markdown("""
 <style>

demo/pages/4_🎯_Evidence_Viewer.py

@@ -26,6 +26,12 @@ from rag_config import (
 
 st.set_page_config(page_title="Evidence Viewer - SPARKNET", page_icon="🎯", layout="wide")
 
+# Authentication
+from auth import check_password, show_logout_button
+if not check_password():
+    st.stop()
+show_logout_button()
+
 # Custom CSS with confidence-based colors
 st.markdown("""
 <style>

demo/pages/5_📄_Document_Viewer.py

@@ -37,6 +37,12 @@ st.set_page_config(
     layout="wide"
 )
 
+# Authentication
+from auth import check_password, show_logout_button
+if not check_password():
+    st.stop()
+show_logout_button()
+
 # Custom CSS
 st.markdown("""
 <style>