spaces-dashboard

Sleeping

App Files Files Community

mrfakename commited on Dec 7, 2025

Commit

6aa12cc

1 Parent(s): 31782e0

oauth2

Browse files

Files changed (5) hide show

README.md +5 -0
app.py +126 -0
requirements.txt +2 -1
templates/dashboard.html +142 -0
templates/index.html +78 -0

README.md CHANGED Viewed

@@ -8,6 +8,11 @@ sdk_version: 6.0.2
 app_file: app.py
 pinned: false
 short_description: Manage your Hugging Face Spaces
 ---
 Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference

 app_file: app.py
 pinned: false
 short_description: Manage your Hugging Face Spaces
+hf_oauth: true
+hf_oauth_expiration_minutes: 480
+hf_oauth_scopes:
+  - read-repos
+  - manage-repos
 ---
 Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference

app.py ADDED Viewed

	@@ -0,0 +1,126 @@

+import os
+import secrets
+import urllib.parse
+from flask import Flask, redirect, request, session, render_template, url_for
+import requests
+app = Flask(__name__)
+app.secret_key = os.environ.get("SECRET_KEY", secrets.token_hex(32))
+# OAuth configuration from HF Space environment
+OAUTH_CLIENT_ID = os.environ.get("OAUTH_CLIENT_ID")
+OAUTH_CLIENT_SECRET = os.environ.get("OAUTH_CLIENT_SECRET")
+OPENID_PROVIDER_URL = os.environ.get("OPENID_PROVIDER_URL", "https://huggingface.co")
+SPACE_HOST = os.environ.get("SPACE_HOST", "localhost:7860")
+# Determine the base URL for redirects
+def get_base_url():
+    if "localhost" in SPACE_HOST or "127.0.0.1" in SPACE_HOST:
+        return f"http://{SPACE_HOST}"
+    return f"https://{SPACE_HOST}"
+@app.route("/")
+def index():
+    if "user" in session:
+        return redirect(url_for("dashboard"))
+    return render_template("index.html")
+@app.route("/login")
+def login():
+    if not OAUTH_CLIENT_ID:
+        return "OAuth not configured. Make sure hf_oauth: true is set in your Space's README.md", 500
+    # Generate state for CSRF protection
+    state = secrets.token_urlsafe(32)
+    session["oauth_state"] = state
+    # Build authorization URL
+    redirect_uri = f"{get_base_url()}/login/callback"
+    params = {
+        "client_id": OAUTH_CLIENT_ID,
+        "redirect_uri": redirect_uri,
+        "scope": "openid profile",
+        "response_type": "code",
+        "state": state,
+    }
+    auth_url = f"{OPENID_PROVIDER_URL}/oauth/authorize?{urllib.parse.urlencode(params)}"
+    return redirect(auth_url)
+@app.route("/login/callback")
+def callback():
+    # Verify state
+    state = request.args.get("state")
+    if state != session.get("oauth_state"):
+        return "Invalid state parameter", 400
+    # Get authorization code
+    code = request.args.get("code")
+    if not code:
+        error = request.args.get("error", "Unknown error")
+        return f"Authorization failed: {error}", 400
+    # Exchange code for tokens
+    redirect_uri = f"{get_base_url()}/login/callback"
+    token_url = f"{OPENID_PROVIDER_URL}/oauth/token"
+    token_response = requests.post(
+        token_url,
+        data={
+            "client_id": OAUTH_CLIENT_ID,
+            "client_secret": OAUTH_CLIENT_SECRET,
+            "code": code,
+            "grant_type": "authorization_code",
+            "redirect_uri": redirect_uri,
+        },
+        headers={
+            "Content-Type": "application/x-www-form-urlencoded",
+        },
+    )
+    if token_response.status_code != 200:
+        return f"Token exchange failed: {token_response.text}", 400
+    tokens = token_response.json()
+    access_token = tokens.get("access_token")
+    # Get user info
+    userinfo_url = f"{OPENID_PROVIDER_URL}/oauth/userinfo"
+    userinfo_response = requests.get(
+        userinfo_url,
+        headers={"Authorization": f"Bearer {access_token}"},
+    )
+    if userinfo_response.status_code != 200:
+        return f"Failed to get user info: {userinfo_response.text}", 400
+    user_info = userinfo_response.json()
+    # Store user info in session
+    session["user"] = {
+        "sub": user_info.get("sub"),
+        "username": user_info.get("preferred_username"),
+        "name": user_info.get("name"),
+        "email": user_info.get("email"),
+        "avatar_url": user_info.get("picture"),
+    }
+    session["access_token"] = access_token
+    # Clean up state
+    session.pop("oauth_state", None)
+    return redirect(url_for("dashboard"))
+@app.route("/dashboard")
+def dashboard():
+    if "user" not in session:
+        return redirect(url_for("index"))
+    return render_template("dashboard.html", user=session["user"])
+@app.route("/logout")
+def logout():
+    session.clear()
+    return redirect(url_for("index"))
+if __name__ == "__main__":
+    app.run(host="0.0.0.0", port=7860, debug=True)

requirements.txt CHANGED Viewed

	@@ -1 +1,2 @@
1	- flask


1	+ flask
2	+ requests

templates/dashboard.html ADDED Viewed

	@@ -0,0 +1,142 @@

+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Dashboard - Spaces Dashboard</title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+        body {
+            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
+            background: #f5f5f5;
+            min-height: 100vh;
+        }
+        .navbar {
+            background: white;
+            padding: 1rem 2rem;
+            box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
+            display: flex;
+            justify-content: space-between;
+            align-items: center;
+        }
+        .navbar h1 {
+            font-size: 1.4rem;
+            color: #333;
+        }
+        .user-info {
+            display: flex;
+            align-items: center;
+            gap: 1rem;
+        }
+        .avatar {
+            width: 40px;
+            height: 40px;
+            border-radius: 50%;
+            object-fit: cover;
+        }
+        .username {
+            font-weight: 600;
+            color: #333;
+        }
+        .logout-btn {
+            background: #ff4444;
+            color: white;
+            padding: 8px 16px;
+            border-radius: 6px;
+            text-decoration: none;
+            font-size: 0.9rem;
+            transition: background 0.2s;
+        }
+        .logout-btn:hover {
+            background: #cc0000;
+        }
+        .main {
+            max-width: 1200px;
+            margin: 2rem auto;
+            padding: 0 2rem;
+        }
+        .welcome {
+            background: white;
+            padding: 2rem;
+            border-radius: 12px;
+            margin-bottom: 2rem;
+            box-shadow: 0 2px 8px rgba(0, 0, 0, 0.1);
+        }
+        .welcome h2 {
+            color: #333;
+            margin-bottom: 0.5rem;
+        }
+        .welcome p {
+            color: #666;
+        }
+        .info-grid {
+            display: grid;
+            grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
+            gap: 1rem;
+        }
+        .info-card {
+            background: white;
+            padding: 1.5rem;
+            border-radius: 12px;
+            box-shadow: 0 2px 8px rgba(0, 0, 0, 0.1);
+        }
+        .info-card h3 {
+            color: #333;
+            margin-bottom: 0.5rem;
+            font-size: 0.9rem;
+            text-transform: uppercase;
+            letter-spacing: 0.5px;
+        }
+        .info-card p {
+            color: #666;
+            font-size: 1.1rem;
+        }
+    </style>
+</head>
+<body>
+    <nav class="navbar">
+        <h1>Spaces Dashboard</h1>
+        <div class="user-info">
+            {% if user.avatar_url %}
+            <img src="{{ user.avatar_url }}" alt="Avatar" class="avatar">
+            {% endif %}
+            <span class="username">{{ user.username }}</span>
+            <a href="/logout" class="logout-btn">Logout</a>
+        </div>
+    </nav>
+    <main class="main">
+        <div class="welcome">
+            <h2>Welcome, {{ user.name or user.username }}!</h2>
+            <p>You have successfully signed in with your Hugging Face account.</p>
+        </div>
+        <div class="info-grid">
+            <div class="info-card">
+                <h3>Username</h3>
+                <p>{{ user.username }}</p>
+            </div>
+            {% if user.name %}
+            <div class="info-card">
+                <h3>Name</h3>
+                <p>{{ user.name }}</p>
+            </div>
+            {% endif %}
+            {% if user.email %}
+            <div class="info-card">
+                <h3>Email</h3>
+                <p>{{ user.email }}</p>
+            </div>
+            {% endif %}
+            <div class="info-card">
+                <h3>User ID</h3>
+                <p>{{ user.sub }}</p>
+            </div>
+        </div>
+    </main>
+</body>
+</html>

templates/index.html ADDED Viewed

	@@ -0,0 +1,78 @@

+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Spaces Dashboard</title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+        body {
+            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            min-height: 100vh;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+        }
+        .container {
+            background: white;
+            padding: 3rem;
+            border-radius: 16px;
+            box-shadow: 0 20px 60px rgba(0, 0, 0, 0.3);
+            text-align: center;
+            max-width: 400px;
+            width: 90%;
+        }
+        h1 {
+            color: #333;
+            margin-bottom: 0.5rem;
+            font-size: 1.8rem;
+        }
+        .subtitle {
+            color: #666;
+            margin-bottom: 2rem;
+        }
+        .login-btn {
+            display: inline-flex;
+            align-items: center;
+            gap: 10px;
+            background: #ffcc00;
+            color: #1a1a1a;
+            padding: 14px 28px;
+            border-radius: 8px;
+            text-decoration: none;
+            font-weight: 600;
+            font-size: 1rem;
+            transition: all 0.2s ease;
+            border: none;
+            cursor: pointer;
+        }
+        .login-btn:hover {
+            background: #e6b800;
+            transform: translateY(-2px);
+            box-shadow: 0 4px 12px rgba(255, 204, 0, 0.4);
+        }
+        .login-btn svg {
+            width: 24px;
+            height: 24px;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>Spaces Dashboard</h1>
+        <p class="subtitle">Manage your Hugging Face Spaces</p>
+        <a href="/login" class="login-btn">
+            <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 100 100">
+                <path fill="#FFD21E" d="M50 5C25.1 5 5 25.1 5 50s20.1 45 45 45 45-20.1 45-45S74.9 5 50 5z"/>
+                <path fill="#1a1a1a" d="M35 40c-4.4 0-8 3.6-8 8s3.6 8 8 8 8-3.6 8-8-3.6-8-8-8zm30 0c-4.4 0-8 3.6-8 8s3.6 8 8 8 8-3.6 8-8-3.6-8-8-8z"/>
+            </svg>
+            Sign in with Hugging Face
+        </a>
+    </div>
+</body>
+</html>