Updated files + Dockerfile

.gitattributes

@@ -1,35 +0,0 @@
-*.7z filter=lfs diff=lfs merge=lfs -text
-*.arrow filter=lfs diff=lfs merge=lfs -text
-*.bin filter=lfs diff=lfs merge=lfs -text
-*.bz2 filter=lfs diff=lfs merge=lfs -text
-*.ckpt filter=lfs diff=lfs merge=lfs -text
-*.ftz filter=lfs diff=lfs merge=lfs -text
-*.gz filter=lfs diff=lfs merge=lfs -text
-*.h5 filter=lfs diff=lfs merge=lfs -text
-*.joblib filter=lfs diff=lfs merge=lfs -text
-*.lfs.* filter=lfs diff=lfs merge=lfs -text
-*.mlmodel filter=lfs diff=lfs merge=lfs -text
-*.model filter=lfs diff=lfs merge=lfs -text
-*.msgpack filter=lfs diff=lfs merge=lfs -text
-*.npy filter=lfs diff=lfs merge=lfs -text
-*.npz filter=lfs diff=lfs merge=lfs -text
-*.onnx filter=lfs diff=lfs merge=lfs -text
-*.ot filter=lfs diff=lfs merge=lfs -text
-*.parquet filter=lfs diff=lfs merge=lfs -text
-*.pb filter=lfs diff=lfs merge=lfs -text
-*.pickle filter=lfs diff=lfs merge=lfs -text
-*.pkl filter=lfs diff=lfs merge=lfs -text
-*.pt filter=lfs diff=lfs merge=lfs -text
-*.pth filter=lfs diff=lfs merge=lfs -text
-*.rar filter=lfs diff=lfs merge=lfs -text
-*.safetensors filter=lfs diff=lfs merge=lfs -text
-saved_model/**/* filter=lfs diff=lfs merge=lfs -text
-*.tar.* filter=lfs diff=lfs merge=lfs -text
-*.tar filter=lfs diff=lfs merge=lfs -text
-*.tflite filter=lfs diff=lfs merge=lfs -text
-*.tgz filter=lfs diff=lfs merge=lfs -text
-*.wasm filter=lfs diff=lfs merge=lfs -text
-*.xz filter=lfs diff=lfs merge=lfs -text
-*.zip filter=lfs diff=lfs merge=lfs -text
-*.zst filter=lfs diff=lfs merge=lfs -text
-*tfevents* filter=lfs diff=lfs merge=lfs -text

Dockerfile

@@ -0,0 +1,43 @@
+FROM python:3.11-slim
+
+WORKDIR /app
+
+ENV TRANSFORMERS_CACHE=/tmp/cache
+ENV HF_HOME=/tmp/cache
+ENV TORCH_HOME=/tmp/cache
+ENV EASYOCR_MODULE_PATH=/tmp/cache
+ENV PYTHONUNBUFFERED=1
+
+RUN mkdir -p /tmp/cache && chmod 777 /tmp/cache
+
+RUN apt-get update && apt-get install -y \
+    libgl1 libglib2.0-0 libsm6 libxext6 libxrender-dev libgomp1 \
+    poppler-utils tesseract-ocr tesseract-ocr-eng libmagic1 \
+    git git-lfs curl wget && \
+    rm -rf /var/lib/apt/lists/*
+
+COPY requirements.txt .
+RUN pip install --no-cache-dir --upgrade pip && \
+    pip install --no-cache-dir -r requirements.txt
+
+RUN python -c "import easyocr; easyocr.Reader(['en'], gpu=False, download_enabled=True)"
+
+COPY app/ ./app/
+
+# Download NER model from your HuggingFace repo
+RUN mkdir -p models/radiolo_clinic_ner && \
+    git clone https://huggingface.co/MakPr016/clinical-ner-model models/radiolo_clinic_ner && \
+    echo "✓ NER model downloaded from HuggingFace"
+
+ENV HOST=0.0.0.0
+ENV PORT=7860
+ENV LAB_NER_MODEL_PATH=/app/models/radiolo_clinic_ner
+
+RUN mkdir -p logs
+
+EXPOSE 7860
+
+HEALTHCHECK --interval=30s --timeout=10s --start-period=90s --retries=3 \
+    CMD curl -f http://localhost:7860/health || exit 1
+
+CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "7860", "--workers", "1"]

app/crypto_utils.py

@@ -16,15 +16,11 @@ class CryptoManager:
         if not secret_key_hex:
             raise ValueError("Secret key is required")
         
-        # Check if it's already the right length
         if len(secret_key_hex) == 64:
-            # 64 hex chars = 32 bytes (correct)
             self.secret_key = bytes.fromhex(secret_key_hex)
         elif len(secret_key_hex) == 32:
-            # If someone passes 32 chars thinking it's bytes, warn them
             print(f"⚠️  WARNING: Key is only 32 characters (16 bytes)")
             print(f"   Should be 64 hex characters for 32 bytes")
-            # Try to use as-is but it will fail
             self.secret_key = secret_key_hex.encode('utf-8')
         else:
             raise ValueError(f"Secret key must be 64 hex characters (got {len(secret_key_hex)})")
@@ -55,12 +51,10 @@ class CryptoManager:
         Encrypt JSON data with compression
         Returns dict with base64-encoded ciphertext and nonce
         """
-        # Convert to JSON and compress
         json_data = json.dumps(data).encode('utf-8')
         compressed = gzip.compress(json_data, compresslevel=6)
         compressed_b64 = base64.b64encode(compressed).decode('utf-8')
         
-        # Encrypt
         nonce = random(SecretBox.NONCE_SIZE)
         ciphertext = self.box.encrypt(compressed_b64.encode('utf-8'), nonce)
         
@@ -74,15 +68,12 @@ class CryptoManager:
         Decrypt and decompress JSON data
         """
         try:
-            # Decrypt
             decrypted = self.decrypt(ciphertext, nonce)
             
-            # Decompress
             compressed_b64 = decrypted.decode('utf-8')
             compressed_bytes = base64.b64decode(compressed_b64)
             decompressed = gzip.decompress(compressed_bytes)
             
-            # Parse JSON
             return json.loads(decompressed.decode('utf-8'))
         except Exception as e:
             raise ValueError(f"Decryption/decompression failed. {e}")

app/main.py

@@ -107,9 +107,6 @@ async def health_check():
         "supported_tests": 16
     }
 
-# ============================================================================
-# NEW: UNENCRYPTED TEST ENDPOINT (for testing only)
-# ============================================================================
 
 @app.post("/test-analyze", tags=["Testing"])
 async def test_analyze(file: UploadFile = File(...)):
@@ -123,13 +120,11 @@ async def test_analyze(file: UploadFile = File(...)):
         if not lab_processor:
             raise HTTPException(status_code=503, detail="Lab processor not loaded")
         
-        # Read uploaded file
         file_bytes = await file.read()
         filename = file.filename
         
-        print(f"\n📄 Processing test file: {filename} ({len(file_bytes)} bytes)")
+        # print(f"\n📄 Processing test file: {filename} ({len(file_bytes)} bytes)")
         
-        # Determine file type from extension
         if filename.lower().endswith('.pdf'):
             file_type = "pdf"
             extracted_text, ocr_used = extract_text_from_pdf(file_bytes)
@@ -145,10 +140,9 @@ async def test_analyze(file: UploadFile = File(...)):
         if not extracted_text or len(extracted_text.strip()) < 10:
             raise HTTPException(status_code=400, detail="Could not extract sufficient text from file")
         
-        print(f"✓ Extracted {len(extracted_text)} characters (OCR: {ocr_used})")
+        # print(f"✓ Extracted {len(extracted_text)} characters (OCR: {ocr_used})")
         
-        # Process with lab processor
-        print("🧠 Processing with NER + ClinicalDistilBERT...")
+        # print("🧠 Processing with NER + ClinicalDistilBERT...")
         lab_analysis = lab_processor.extract_and_format(
             extracted_text,
             report_id=f"test_{int(time.time())}",
@@ -157,10 +151,9 @@ async def test_analyze(file: UploadFile = File(...)):
         
         processing_time = time.time() - start_time
         
-        print(f"✅ Processing complete in {processing_time:.2f}s")
-        print(f"   Tests extracted: {lab_analysis.get('metadata', {}).get('tests_extracted', 0)}\n")
+        # print(f"✅ Processing complete in {processing_time:.2f}s")
+        # print(f"   Tests extracted: {lab_analysis.get('metadata', {}).get('tests_extracted', 0)}\n")
         
-        # Return unencrypted response
         response_data = {
             "status": "success",
             "processing_time": round(processing_time, 3),
@@ -184,9 +177,6 @@ async def test_analyze(file: UploadFile = File(...)):
         traceback.print_exc()
         raise HTTPException(status_code=500, detail=f"Internal error: {str(e)}")
 
-# ============================================================================
-# ENCRYPTED ENDPOINT (production)
-# ============================================================================
 
 @app.post("/analyze-lab-secure", tags=["Lab Analysis"])
 async def analyze_lab_secure(request: EncryptedRequest):
@@ -196,7 +186,6 @@ async def analyze_lab_secure(request: EncryptedRequest):
         if not lab_processor:
             raise HTTPException(status_code=503, detail="Lab processor not loaded")
         
-        # Decrypt request
         decrypted_data = crypto_manager.decrypt(request.ciphertext, request.nonce)
         compressed_b64 = decrypted_data.decode('utf-8')
         compressed_bytes = base64.b64decode(compressed_b64)
@@ -208,7 +197,6 @@ async def analyze_lab_secure(request: EncryptedRequest):
         file_type = payload['file_type']
         file_bytes = base64.b64decode(file_data_b64)
         
-        # Extract text
         if file_type == "pdf":
             extracted_text, ocr_used = extract_text_from_pdf(file_bytes)
             if not extracted_text or len(extracted_text.strip()) < 10:
@@ -223,7 +211,6 @@ async def analyze_lab_secure(request: EncryptedRequest):
         else:
             raise HTTPException(status_code=400, detail="Invalid file_type. Must be 'pdf' or 'image'")
         
-        # Process with lab processor
         lab_analysis = lab_processor.extract_and_format(
             extracted_text,
             report_id=f"lab_{int(time.time())}",
@@ -245,7 +232,6 @@ async def analyze_lab_secure(request: EncryptedRequest):
             **lab_analysis
         }
         
-        # Encrypt response
         encrypted_response = crypto_manager.encrypt_json(response_data)
         
         return {

decrypt_response.py

@@ -0,0 +1,125 @@
+"""
+Decrypt and analyze API response from Postman
+"""
+import base64
+import gzip
+import json
+import sys
+import os
+from nacl.secret import SecretBox
+
+# Your hex key from .env
+SECRET_KEY_HEX = "9aa68717fafd68f30b6bdd7f8af0f273b4ddb31aadc0f7a3a42db86dfdde0195"
+
+# Convert hex to bytes (32 bytes)
+SECRET_KEY = bytes.fromhex(SECRET_KEY_HEX)
+
+print(f"✓ Key length: {len(SECRET_KEY)} bytes")
+
+def decrypt_response(ciphertext, nonce):
+    """Decrypt the encrypted response"""
+    try:
+        box = SecretBox(SECRET_KEY)  # Use bytes directly, not .encode()
+        ciphertext_bytes = base64.b64decode(ciphertext)
+        nonce_bytes = base64.b64decode(nonce)
+        
+        decrypted = box.decrypt(ciphertext_bytes, nonce_bytes)
+        decompressed = gzip.decompress(base64.b64decode(decrypted))
+        return json.loads(decompressed.decode('utf-8'))
+    except Exception as e:
+        print(f"❌ Decryption error: {e}")
+        import traceback
+        traceback.print_exc()
+        return None
+
+def print_summary(result):
+    """Print a nice summary of the results"""
+    print("\n" + "="*70)
+    print("LAB REPORT ANALYSIS SUMMARY")
+    print("="*70)
+    
+    # Basic info
+    print(f"\n📋 Report Information:")
+    print(f"  Report ID: {result.get('report_id', 'N/A')}")
+    print(f"  Report Type: {result.get('report_type', 'N/A')}")
+    print(f"  Processing Time: {result.get('processing_time', 'N/A')}s")
+    print(f"  OCR Used: {result.get('ocr_used', 'N/A')}")
+    print(f"  OCR Engine: {result.get('ocr_engine', 'N/A')}")
+    
+    # Test results
+    test_results = result.get('test_results', [])
+    print(f"\n🧪 Test Results: {len(test_results)} tests")
+    
+    if test_results:
+        for i, test in enumerate(test_results, 1):
+            status_icon = "✓" if test['status'] == 'normal' else "⚠️"
+            print(f"\n{status_icon} {i}. {test['test_name']}")
+            print(f"   Value: {test['value']} {test['unit']}")
+            print(f"   Status: {test['status'].upper()}")
+            if test['status'] != 'normal':
+                print(f"   → {test['clinical_significance']}")
+    
+    # Abnormal results
+    abnormal = result.get('abnormal_results', [])
+    if abnormal:
+        print(f"\n⚠️  ABNORMAL RESULTS ({len(abnormal)}):")
+        for abn in abnormal:
+            print(f"  • {abn['test_name']} ({abn['severity']})")
+    
+    # Clinical Insights
+    clinical_insights = result.get('clinical_insights', {})
+    if clinical_insights:
+        print(f"\n🧬 CLINICAL INSIGHTS:")
+        print(f"  Relevance Score: {clinical_insights.get('clinical_relevance_score', 0)}/100")
+        if clinical_insights.get('abnormality_patterns'):
+            for pattern in clinical_insights['abnormality_patterns']:
+                print(f"  • {pattern}")
+    
+    print("\n" + "="*70)
+
+def main():
+    print("="*70)
+    print("LAB REPORT API RESPONSE DECRYPTOR")
+    print("="*70)
+    
+    response_file = sys.argv[1] if len(sys.argv) > 1 else "tests/samples/response.json"
+    
+    if not os.path.exists(response_file):
+        print(f"❌ File not found: {response_file}")
+        return
+    
+    print(f"\n📂 Reading: {response_file}")
+    
+    with open(response_file, 'r') as f:
+        encrypted_response = json.load(f)
+    
+    if 'ciphertext' not in encrypted_response or 'nonce' not in encrypted_response:
+        print("❌ Invalid response format")
+        return
+    
+    print("🔓 Decrypting...")
+    
+    decrypted = decrypt_response(
+        encrypted_response['ciphertext'],
+        encrypted_response['nonce']
+    )
+    
+    if not decrypted:
+        return
+    
+    print("✅ Successfully decrypted!")
+    
+    # Save
+    output_file = response_file.replace('.json', '_decrypted.json')
+    with open(output_file, 'w') as f:
+        json.dump(decrypted, f, indent=2)
+    
+    print(f"💾 Saved to: {output_file}")
+    
+    # Print summary
+    print_summary(decrypted)
+    
+    print("\n✅ Done!")
+
+if __name__ == "__main__":
+    main()

generate_postman_request.py

@@ -0,0 +1,96 @@
+"""
+Generate encrypted request payload for Postman
+"""
+import base64
+import gzip
+import json
+import sys
+import os
+from nacl.secret import SecretBox
+from nacl.utils import random
+
+# Your 64-character hex key from .env
+SECRET_KEY_HEX = "9aa68717fafd68f30b6bdd7f8af0f273b4ddb31aadc0f7a3a42db86dfdde0195"
+
+# Convert hex to bytes (32 bytes)
+SECRET_KEY = bytes.fromhex(SECRET_KEY_HEX)
+
+if len(SECRET_KEY) != 32:
+    print(f"❌ ERROR: Key must be 32 bytes, got {len(SECRET_KEY)}")
+    sys.exit(1)
+
+print(f"✓ Key length: {len(SECRET_KEY)} bytes")
+
+# Get file path
+if len(sys.argv) > 1:
+    file_path = sys.argv[1]
+else:
+    file_path = "tests/samples/sample1.pdf"
+
+if not os.path.exists(file_path):
+    print(f"❌ File not found: {file_path}")
+    sys.exit(1)
+
+print(f"📄 Reading: {file_path}")
+
+# Read your test file
+with open(file_path, 'rb') as f:
+    file_data = f.read()
+
+print(f"✓ Read {len(file_data):,} bytes")
+
+# Determine file type
+if file_path.lower().endswith('.pdf'):
+    file_type = "pdf"
+elif file_path.lower().endswith(('.jpg', '.jpeg', '.png', '.tiff', '.bmp')):
+    file_type = "image"
+else:
+    file_type = "image"  # default
+
+print(f"📋 File type: {file_type}")
+
+# Prepare payload
+payload = {
+    "filename": os.path.basename(file_path),
+    "file_type": file_type,
+    "file_data": base64.b64encode(file_data).decode('utf-8'),
+    "patient_id": "TEST_001"
+}
+
+print("🔐 Encrypting...")
+
+# Encrypt
+json_data = json.dumps(payload).encode('utf-8')
+compressed = gzip.compress(json_data, compresslevel=6)
+compressed_b64 = base64.b64encode(compressed).decode('utf-8')
+
+box = SecretBox(SECRET_KEY)  # Use bytes directly, not .encode()
+nonce = random(SecretBox.NONCE_SIZE)
+ciphertext = box.encrypt(compressed_b64.encode('utf-8'), nonce)
+
+encrypted_request = {
+    "ciphertext": base64.b64encode(ciphertext.ciphertext).decode('utf-8'),
+    "nonce": base64.b64encode(nonce).decode('utf-8')
+}
+
+# Save for Postman
+with open('postman_request.json', 'w') as f:
+    json.dump(encrypted_request, f, indent=2)
+
+print("\n" + "="*70)
+print("✓ Generated postman_request.json")
+print("="*70)
+
+print("\n📋 COPY THIS JSON FOR POSTMAN:")
+print("-"*70)
+print(json.dumps(encrypted_request, indent=2))
+print("-"*70)
+
+print("\n📝 POSTMAN INSTRUCTIONS:")
+print("1. Method: POST")
+print("2. URL: http://localhost:8000/analyze-lab-secure")
+print("3. Headers: Content-Type = application/json")
+print("4. Body → raw → JSON")
+print("5. Paste the JSON above")
+print("6. Click Send")
+print("\n✅ Done!")