Spaces:

NHMUK
/

Oauth_test

Sleeping

App Files Files Community

Chris Addis commited on May 5, 2025

Commit

9e37410

1 Parent(s): 4d38d62

test

Browse files

Files changed (2) hide show

app.py +129 -0
requirements.txt +6 -0

app.py ADDED Viewed

	@@ -0,0 +1,129 @@

+import gradio as gr
+import os
+# --- Configuration ---
+# In your Hugging Face Space settings, add a Secret named `AUTHORIZED_USER_IDS`.
+# The value should be a comma-separated string of the Hugging Face User IDs
+# that you want to grant "full access" to (e.g., "user_id_123,user_id_456").
+# You can find your Hugging Face User ID in your profile URL or settings.
+# IMPORTANT: This secret should be set in the Hugging Face Space settings, NOT hardcoded here.
+# We retrieve it using os.environ.get() which accesses the Space's environment variables/secrets.
+# Provide a default empty string for local testing where the secret won't exist.
+authorized_users_str = os.environ.get("AUTHORIZED_USER_IDS", "")
+AUTHORIZED_USER_IDS = set(authorized_users_str.split(','))
+# --- Application Logic ---
+def get_user_access_level(request: gr.Request):
+    """
+    Checks the request object to determine if a user is logged in via HF OAuth
+    and their access level based on the AUTHORIZED_USER_IDS list.
+    Includes a check to prevent AssertionError if request.auth is not available.
+    """
+    user_info = None
+    # Defensive check: Only try to access request.auth if the 'auth' attribute exists
+    # and is not None. This prevents the AssertionError if the middleware hasn't run
+    # or request.auth isn't populated in this context.
+    if hasattr(request, 'auth') and request.auth is not None:
+         user_info = request.auth
+         # print(f"Accessed request.auth: {user_info}") # Debugging line
+    else:
+        # print("request.auth not available or is None.") # Debugging line
+        pass # Keep print statements minimal in final deployed code
+    if user_info is None:
+        # User is not logged in or auth info is not available in the request context
+        print("User not logged in or auth info not retrieved via request.auth.")
+        return {
+            "status_message": "Please sign in with Hugging Face to check your access.",
+            "user_identity": "Not Logged In or Auth Info Unavailable",
+            "show_login_prompt": gr.update(visible=True),
+            "show_limited_content": gr.update(visible=True),
+            "show_full_content": gr.update(visible=False)
+        }
+    else:
+        # User info is available (presumably logged in via HF OAuth)
+        user_id = user_info.get('sub') # 'sub' is the standard claim for user ID
+        username = user_info.get('preferred_username', user_id) # Use username or ID as fallback
+        print(f"Logged in user: Username={username}, ID={user_id}") # Log for debugging
+        # Check if user_id is in the authorized set and is not just an empty string from split(",")
+        if user_id in AUTHORIZED_USER_IDS and user_id != "":
+            # User is authorized for full access
+            print(f"User {user_id} is authorized for full access.")
+            return {
+                "status_message": f"Welcome, {username}! You have Full Access.",
+                "user_identity": f"Logged in as: {username} (ID: {user_id})",
+                "show_login_prompt": gr.update(visible=False),
+                "show_limited_content": gr.update(visible=False), # Hide limited content for full users
+                "show_full_content": gr.update(visible=True)
+            }
+        else:
+            # User is logged in but not authorized for full access
+            print(f"User {user_id} is logged in but not authorized.")
+            return {
+                "status_message": f"Welcome, {username}. You have Limited Access.",
+                "user_identity": f"Logged in as: {username} (ID: {user_id})",
+                "show_login_prompt": gr.update(visible=False),
+                "show_limited_content": gr.update(visible=True),
+                "show_full_content": gr.update(visible=False)
+            }
+# --- Gradio Interface ---
+with gr.Blocks() as demo:
+    gr.Markdown("# Hugging Face Spaces Tiered Access Example")
+    # Components to display status and user identity
+    status_message = gr.Markdown("Click 'Check My Access Level' after signing in.")
+    user_identity_text = gr.Textbox(label="Logged In User Info", interactive=False)
+    # Placeholder for the Login Prompt (visible by default)
+    with gr.Column(visible=True) as login_prompt_column:
+        gr.Markdown("### Please Sign in with Hugging Face")
+        gr.Markdown("*(A 'Sign in with Hugging Face' button will appear automatically above this section when deployed on HF Spaces with OAuth enabled)*")
+        # The actual login button is added by Hugging Face Spaces when hf_oauth: true is set in README.md
+    # Content for users with Limited Access (visible by default)
+    with gr.Column(visible=True) as limited_content_column:
+        gr.Markdown("## Limited Access Content")
+        gr.Textbox(value="This is content visible to everyone or users with limited access.", interactive=False)
+        gr.Markdown("*(Sign in with Hugging Face and click 'Check My Access Level' to see your status and potentially unlock full features!)*")
+        # Add other limited features here
+    # Content for users with Full Access (hidden by default)
+    with gr.Column(visible=False) as full_content_column:
+        gr.Markdown("## Full Access Content")
+        gr.Textbox(value="🥳 Congratulations! You have unlocked the full version! 🥳", interactive=False)
+        gr.Markdown("*(This content is only for authorized accounts)*")
+        # Add other full features here
+    # This button triggers the check_access_level function.
+    # The user should click this *after* potentially signing in via the HF button.
+    check_button = gr.Button("Check My Access Level")
+    # Link the button click to the access check function
+    # The outputs will update the visibility and text components
+    check_button.click(
+        fn=get_user_access_level,
+        inputs=None, # Request object is implicitly passed by Gradio
+        outputs=[
+            status_message,
+            user_identity_text,
+            login_prompt_column,
+            limited_content_column,
+            full_content_column
+        ]
+    )
+    # Removed the demo.load() call again, as it seems problematic with request.auth
+    # The initial state is controlled by component 'visible' attributes.
+# --- Launch the App ---
+# For local testing, hf_oauth won't work, request.auth will not be available,
+# but the app should now run without the AssertionError on button click due to the check.
+# It will show the login prompt and limited content.
+# For deployment on HF Spaces, configure README.md and Secrets.
+demo.launch()

requirements.txt ADDED Viewed

	@@ -0,0 +1,6 @@

+gradio==5.24.0
+numpy>=1.24.0
+Pillow>=10.0.0
+requests>=2.28.0
+python-dotenv>=1.0.0
+openai>=1.0.0