Update app.py

app.py

@@ -1,19 +1,20 @@
+import os
+import json
+import requests
+import bcrypt
 import gradio as gr
-from flask import Flask, jsonify, request
+from flask import Flask, request, jsonify
 from flask_jwt_extended import (
-    JWTManager, create_access_token, 
+    JWTManager, create_access_token,
     jwt_required, get_jwt_identity
 )
-from passlib.hash import pbkdf2_sha256
-import json
-import os
 
-# Initialize Flask
+# Flask setup
 flask_app = Flask(__name__)
 flask_app.config["JWT_SECRET_KEY"] = os.getenv("JWT_SECRET_KEY", "super-secret-key")
 jwt = JWTManager(flask_app)
 
-# Simple JSON-based user storage
+# File-based user storage
 USERS_FILE = "users.json"
 
 def load_users():
@@ -27,40 +28,43 @@ def save_users(users):
     with open(USERS_FILE, "w") as f:
         json.dump(users, f)
 
-# Flask API Routes
+# ============================
+# Flask API routes
+# ============================
+
 @flask_app.route("/register", methods=["POST"])
 def register():
     data = request.get_json()
     username = data.get("username")
     password = data.get("password")
-    
-    users = load_users()
-    
+
     if not username or not password:
         return jsonify({"error": "Username and password required"}), 400
-    
+
+    users = load_users()
     if username in users:
         return jsonify({"error": "Username already exists"}), 400
-    
-    users[username] = {"password": pbkdf2_sha256.hash(password)}
+
+    hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
+    users[username] = {"password": hashed}
     save_users(users)
-    
-    return jsonify({"message": "User created successfully"}), 201
+
+    return jsonify({"message": "User registered successfully"}), 201
 
 @flask_app.route("/login", methods=["POST"])
 def login():
     data = request.get_json()
     username = data.get("username")
     password = data.get("password")
-    
+
     users = load_users()
     user = users.get(username)
-    
-    if not user or not pbkdf2_sha256.verify(password, user["password"]):
+
+    if not user or not bcrypt.checkpw(password.encode(), user["password"].encode()):
         return jsonify({"error": "Invalid credentials"}), 401
-    
+
     access_token = create_access_token(identity=username)
-    return jsonify({"access_token": access_token, "username": username})
+    return jsonify({"access_token": access_token, "username": username}), 200
 
 @flask_app.route("/protected", methods=["GET"])
 @jwt_required()
@@ -68,52 +72,63 @@ def protected():
     current_user = get_jwt_identity()
     return jsonify(logged_in_as=current_user), 200
 
-# Gradio Interface
+# ============================
+# Gradio UI
+# ============================
+
+# IMPORTANT: Replace with your actual space URL
+SPACE_URL = os.getenv("SPACE_URL", "https://your-username-your-space.hf.space")
+
 def register_interface(username, password):
-    response = requests.post(
-        "http://localhost:7860/register",
-        json={"username": username, "password": password}
-    )
-    return response.json().get("message", response.json().get("error", "Unknown error"))
+    try:
+        response = requests.post(
+            f"{SPACE_URL}/register",
+            json={"username": username, "password": password}
+        )
+        return response.json().get("message", response.json().get("error", "Unknown error"))
+    except Exception as e:
+        return f"Error: {str(e)}"
 
 def login_interface(username, password):
-    response = requests.post(
-        "http://localhost:7860/login",
-        json={"username": username, "password": password}
-    )
-    if response.status_code == 200:
-        token = response.json().get("access_token")
-        return f"Login successful! Token: {token[:15]}... (truncated)"
-    return response.json().get("error", "Login failed")
+    try:
+        response = requests.post(
+            f"{SPACE_URL}/login",
+            json={"username": username, "password": password}
+        )
+        if response.status_code == 200:
+            token = response.json().get("access_token")
+            return f"Login successful! Token: {token[:15]}... (truncated)"
+        return response.json().get("error", "Login failed")
+    except Exception as e:
+        return f"Error: {str(e)}"
 
 with gr.Blocks() as demo:
-    gr.Markdown("# Secure Authentication System")
+    gr.Markdown("# 🔐 Secure Auth System (Gradio + Flask + JWT + bcrypt)")
     
     with gr.Tab("Register"):
         reg_username = gr.Textbox(label="Username")
         reg_password = gr.Textbox(label="Password", type="password")
         reg_output = gr.Textbox(label="Output")
         reg_button = gr.Button("Register")
-    
+        reg_button.click(
+            register_interface,
+            inputs=[reg_username, reg_password],
+            outputs=reg_output
+        )
+
     with gr.Tab("Login"):
         login_username = gr.Textbox(label="Username")
         login_password = gr.Textbox(label="Password", type="password")
         login_output = gr.Textbox(label="Output")
         login_button = gr.Button("Login")
-    
-    reg_button.click(
-        register_interface,
-        inputs=[reg_username, reg_password],
-        outputs=reg_output
-    )
-    login_button.click(
-        login_interface,
-        inputs=[login_username, login_password],
-        outputs=login_output
-    )
-
-# Combined app for HuggingFace Spaces
+        login_button.click(
+            login_interface,
+            inputs=[login_username, login_password],
+            outputs=login_output
+        )
+
+# Mount Gradio to Flask app
 app = gr.mount_gradio_app(flask_app, demo, path="/")
 
 if __name__ == "__main__":
-    app.run()
+    app.run()