Update app.py

app.py

@@ -1,363 +1,116 @@
-# app.py - COMPLETE Google OAuth Version with Backward Compatibility
+# app.py - WORKING VERSION WITH ERROR HANDLING
 import streamlit as st
-import requests
-import json
-import hashlib
-import hmac
-import secrets
-from datetime import datetime, timedelta
-import urllib.parse
+import os
+import sys
 
-# ============================================
-# SECURITY MODULES
-# ============================================
+# Debug: Force print to see what's happening
+print("=== STARTING APP ===", file=sys.stderr)
+print(f"Current directory: {os.getcwd()}", file=sys.stderr)
+print(f"Files: {os.listdir('.')}", file=sys.stderr)
 
-class GoogleAuth:
-    def __init__(self):
-        # Load from secrets
-        self.client_id = st.secrets["google"]["client_id"]
-        self.client_secret = st.secrets["google"]["client_secret"]
-        self.redirect_uri = "https://refat81-social-media-data-extractor-chatbot.hf.space/oauth_callback"
-        
-        # Google OAuth endpoints
-        self.auth_url = "https://accounts.google.com/o/oauth2/v2/auth"
-        self.token_url = "https://oauth2.googleapis.com/token"
-        self.userinfo_url = "https://www.googleapis.com/oauth2/v3/userinfo"
-    
-    def get_login_url(self):
-        """Generate Google login URL"""
-        params = {
-            "client_id": self.client_id,
-            "redirect_uri": self.redirect_uri,
-            "response_type": "code",
-            "scope": "openid email profile",
-            "access_type": "offline",
-            "prompt": "consent",
-            "state": secrets.token_urlsafe(16)
-        }
-        
-        url = f"{self.auth_url}?{urllib.parse.urlencode(params)}"
-        return url
+# Check for .streamlit folder
+if os.path.exists('.streamlit'):
+    print(f".streamlit contents: {os.listdir('.streamlit')}", file=sys.stderr)
 
-class SessionManager:
-    def __init__(self):
-        self.secret_key = st.secrets["session"]["secret_key"]
+# Simple app that works even without secrets
+def main():
+    st.set_page_config(
+        page_title="Social Media Data Extractor",
+        page_icon="🔍",
+        layout="wide"
+    )
     
-    def create_session(self, user_info):
-        """Create secure session"""
-        session_data = {
-            "session_id": secrets.token_urlsafe(32),
-            "user_id": user_info.get("sub"),
-            "email": user_info.get("email"),
-            "name": user_info.get("name", "User"),
-            "picture": user_info.get("picture", ""),
-            "created_at": datetime.now().isoformat(),
-            "expires_at": (datetime.now() + timedelta(hours=2)).isoformat(),
-            "last_activity": datetime.now().isoformat()
-        }
-        
-        # Add role (admin if email in admin list)
-        admin_emails = st.secrets.get("admin_users", {}).get("users", [])
-        session_data["role"] = "admin" if session_data["email"] in admin_emails else "user"
-        
-        # Sign the session
-        session_data["signature"] = self._sign_session(session_data)
-        return session_data
+    # Try to load secrets
+    try:
+        # This will fail if secrets aren't loaded
+        test = st.secrets
+        print(f"Secrets loaded: {list(test.keys())}", file=sys.stderr)
+        secrets_loaded = True
+    except:
+        print("Secrets NOT loaded", file=sys.stderr)
+        secrets_loaded = False
     
-    def _sign_session(self, session_data):
-        """Create HMAC signature"""
-        data_str = json.dumps(session_data, sort_keys=True)
-        return hmac.new(
-            self.secret_key.encode(),
-            data_str.encode(),
-            hashlib.sha256
-        ).hexdigest()
+    # Header
+    st.title("🔐 Social Media Data Extractor")
+    st.markdown("---")
     
-    def verify_session(self, session_data):
-        """Verify session is valid"""
-        if not session_data:
-            return False
+    if not secrets_loaded:
+        st.error("""
+        ⚠️ **Configuration Error - Secrets Not Loaded**
         
-        # Check expiration
-        expires_at = datetime.fromisoformat(session_data.get("expires_at", "2000-01-01"))
-        if datetime.now() > expires_at:
-            return False
+        **Please check:**
         
-        # Verify signature
-        signature = session_data.pop("signature", None)
-        expected_signature = self._sign_session(session_data)
-        session_data["signature"] = signature
+        1. **HuggingFace Secrets** are configured in Space Settings
+        2. Secret name is exactly: `STREAMLIT_SECRETS_TOML`
+        3. The secret contains valid TOML format
         
-        return hmac.compare_digest(signature, expected_signature)
-    
-    def update_activity(self, session_data):
-        """Update last activity time"""
-        session_data["last_activity"] = datetime.now().isoformat()
-        session_data["signature"] = self._sign_session(session_data)
-
-# ============================================
-# OAUTH CALLBACK HANDLER (FIXED)
-# ============================================
-
-def handle_oauth_callback():
-    """Handle OAuth callback - compatible with all Streamlit versions"""
-    # Get query params (backward compatible)
-    try:
-        # Streamlit 1.28+ method
-        query_params = st.query_params
-        is_new_streamlit = True
-    except AttributeError:
-        # Streamlit <1.28 method
-        query_params = st.experimental_get_query_params()
-        is_new_streamlit = False
-    
-    if "code" in query_params:
-        # Extract code (different format in old vs new API)
-        if is_new_streamlit:
-            code = query_params.get("code", "")
-        else:
-            code_list = query_params.get("code", [])
-            code = code_list[0] if code_list else ""
+        **To fix this:**
         
-        if not code:
-            return
+        1. Go to your Space: https://huggingface.co/spaces/Refat81/Social_Media_Data_Extractor_Chatbot/settings
+        2. Click "Repository secrets"
+        3. Add a secret named: `STREAMLIT_SECRETS_TOML`
+        4. Paste this (with your actual values):
         
-        with st.spinner("🔐 Authenticating..."):
-            # Exchange code for tokens
-            auth = GoogleAuth()
-            token_url = "https://oauth2.googleapis.com/token"
-            data = {
-                "client_id": auth.client_id,
-                "client_secret": auth.client_secret,
-                "code": code,
-                "redirect_uri": auth.redirect_uri,
-                "grant_type": "authorization_code"
-            }
-            
-            response = requests.post(token_url, data=data)
-            tokens = response.json()
-            
-            if "access_token" in tokens:
-                # Get user info
-                headers = {"Authorization": f"Bearer {tokens['access_token']}"}
-                user_response = requests.get(auth.userinfo_url, headers=headers)
-                user_info = user_response.json()
-                
-                # Create session
-                session_mgr = SessionManager()
-                session_data = session_mgr.create_session(user_info)
-                st.session_state.session = session_data
-                st.session_state.authenticated = True
-                
-                # Clear URL parameters
-                if is_new_streamlit:
-                    st.query_params.clear()
-                else:
-                    st.experimental_set_query_params()
-                
-                st.rerun()
-            else:
-                st.error("❌ Authentication failed")
-
-def is_authenticated():
-    """Check if user is authenticated"""
-    if "session" not in st.session_state:
-        return False
-    
-    session_mgr = SessionManager()
-    return session_mgr.verify_session(st.session_state.session)
-
-# ============================================
-# PAGE FUNCTIONS
-# ============================================
-
-def login_page():
-    """Display login page"""
-    st.set_page_config(page_title="Login", page_icon="🔒", layout="centered")
-    
-    # Center content
-    col1, col2, col3 = st.columns([1, 2, 1])
-    
-    with col2:
-        st.image("https://cdn-icons-png.flaticon.com/512/2991/2991148.png", width=100)
-        st.title("🔐 Social Media Data Extractor")
-        st.markdown("---")
-        st.markdown("### Welcome! Please login to continue")
+        ```toml
+        [google]
+        client_id = "your-client-id.apps.googleusercontent.com"
+        client_secret = "your-client-secret"
         
-        # Google Login Button
-        auth = GoogleAuth()
-        login_url = auth.get_login_url()
+        [session]
+        secret_key = "LXr9Q2v8bPp1Yt6zMk5w7x0aS3dFg4hJ7n8cV2bN5m8q9T1y3U6i0o"
         
-        st.markdown(f"""
-        <a href="{login_url}" style="text-decoration: none;">
-            <div style="
-                background-color: #4285F4;
-                color: white;
-                padding: 12px 24px;
-                border-radius: 4px;
-                border: none;
-                cursor: pointer;
-                font-size: 16px;
-                font-weight: 500;
-                display: flex;
-                align-items: center;
-                justify-content: center;
-                gap: 10px;
-                margin: 20px 0;
-            ">
-                <img src="https://cdn-icons-png.flaticon.com/512/2991/2991148.png" width="20" height="20">
-                Sign in with Google
-            </div>
-        </a>
-        """, unsafe_allow_html=True)
+        [api_keys]
+        huggingface_token = "your-hf-token"
+        ```
         
-        st.markdown("---")
-        st.info("""
-        **Why login is required:**
-        - Securely store your extracted data
-        - Prevent unauthorized access  
-        - Track your usage history
-        - Personalized experience
+        5. Click "Save"
+        6. Restart the Space
         """)
-
-def main_app():
-    """Main app after authentication"""
-    st.set_page_config(
-        page_title="Social Media Data Extractor",
-        page_icon="🔍",
-        layout="wide"
-    )
+        return
     
-    # Update session activity
-    session_mgr = SessionManager()
-    session_mgr.update_activity(st.session_state.session)
+    # If secrets are loaded, check if Google OAuth is configured
+    try:
+        client_id = st.secrets["google"]["client_id"]
+        if client_id == "placeholder-client-id":
+            st.warning("⚠️ Using placeholder credentials. Please add real Google OAuth credentials.")
+            return
+    except:
+        st.error("Google OAuth not configured in secrets")
+        return
     
-    user = st.session_state.session
+    # Show login button
+    st.markdown("### Welcome! Please login to continue")
     
-    # Sidebar with user info
-    with st.sidebar:
-        if user.get("picture"):
-            st.image(user["picture"], width=80)
-        else:
-            st.image("https://cdn-icons-png.flaticon.com/512/149/149071.png", width=80)
-        
-        st.write(f"**👤 {user['name']}**")
-        st.write(f"📧 {user['email']}")
-        st.write(f"🎭 Role: {user['role']}")
-        
-        st.markdown("---")
-        
-        if st.button("🚪 Logout", use_container_width=True):
-            for key in list(st.session_state.keys()):
-                del st.session_state[key]
-            st.rerun()
+    # Create login URL
+    redirect_uri = "https://refat81-social-media-data-extractor-chatbot.hf.space/oauth_callback"
+    login_url = f"https://accounts.google.com/o/oauth2/v2/auth?client_id={client_id}&redirect_uri={redirect_uri}&response_type=code&scope=openid%20email%20profile&access_type=offline&prompt=consent"
     
-    # Main content - YOUR ORIGINAL DASHBOARD
-    st.markdown("""
-    <style>
-        .stApp { background-color: #0e1117; color: white; }
-        .main-header { background: linear-gradient(135deg, #1a2a6c, #b21f1f); color: white; padding: 2rem; border-radius: 10px; text-align: center; margin-bottom: 2rem; }
-        .platform-card { background-color: #262730; padding: 1.5rem; border-radius: 10px; border-left: 4px solid; margin: 1rem 0; height: 280px; }
-        .linkedin-card { border-left-color: #0077B5; }
-        .facebook-card { border-left-color: #1877F2; }
-        .facebook-pro-card { border-left-color: #FF6B35; }
-        .feature-list { margin: 1rem 0; padding-left: 1.5rem; flex-grow: 1; }
-        .api-key-section { background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); padding: 1.5rem; border-radius: 10px; margin-bottom: 2rem; }
-    </style>
-    """, unsafe_allow_html=True)
-    
-    # Header
     st.markdown(f"""
-    <div class="main-header">
-        <h1 style="margin:0;">🔍 Social Media Data Extractor</h1>
-        <p style="margin:0; opacity: 0.9;">Welcome back, {user['name']}! 👋</p>
-    </div>
-    """, unsafe_allow_html=True)
-
-    # Platform selection
-    st.markdown("## 🚀 Launch Extractors")
-    
-    col1, col2, col3 = st.columns(3)
-    
-    with col1:
-        st.markdown("""
-        <div class="platform-card linkedin-card">
-            <h3>💼 LinkedIn Extractor</h3>
-            <ul class="feature-list">
-                <li>No login required</li>
-                <li>Profile, company, and post analysis</li>
-                <li>Quick data extraction</li>
-                <li>AI-powered insights</li>
-                <li>100% Free</li>
-            </ul>
+    <a href="{login_url}" target="_self">
+        <div style="
+            background-color: #4285F4;
+            color: white;
+            padding: 15px 30px;
+            border-radius: 8px;
+            border: none;
+            cursor: pointer;
+            font-size: 16px;
+            font-weight: 500;
+            text-align: center;
+            margin: 20px 0;
+            display: inline-block;
+        ">
+            <img src="https://cdn-icons-png.flaticon.com/512/2991/2991148.png" width="20" height="20" style="vertical-align: middle; margin-right: 10px;">
+            Sign in with Google
         </div>
-        """, unsafe_allow_html=True)
-        
-        if st.button("🚀 Launch LinkedIn Extractor", key="linkedin_btn", use_container_width=True):
-            st.switch_page("pages/linkedin_extractor.py")
-
-    with col2:
-        st.markdown("""
-        <div class="platform-card facebook-card">
-            <h3>📘 Facebook Extractor</h3>
-            <ul class="feature-list">
-                <li>Manual login required</li>
-                <li>Group post extraction</li>
-                <li>Works with private groups</li>
-                <li>AI conversation analysis</li>
-                <li>100% Free</li>
-            </ul>
-        </div>
-        """, unsafe_allow_html=True)
-        
-        if st.button("🚀 Launch Facebook Extractor", key="facebook_btn", use_container_width=True):
-            st.switch_page("pages/facebook_extractor.py")
-    
-    with col3:
-        st.markdown("""
-        <div class="platform-card facebook-pro-card">
-            <h3>🔥 Facebook Extractor 2.0</h3>
-            <ul class="feature-list">
-                <li>Enhanced Facebook data extraction</li>
-                <li>More powerful algorithms</li>
-                <li>Faster processing speed</li>
-                <li>Advanced AI analysis</li>
-                <li>100% Free</li>
-            </ul>
-        </div>
-        """, unsafe_allow_html=True)
-        
-        if st.button("🚀 Launch Facebook Extractor 2.0", key="facebook_pro_btn", use_container_width=True):
-            st.switch_page("pages/facebook_extractor_pro.py")
-
-    # Instructions
-    with st.expander("📋 How to Use", expanded=True):
-        st.markdown(f"""
-        1. **Click any extractor to launch**
-        2. **For LinkedIn:** Enter any LinkedIn URL
-        3. **For Facebook:** Public data extraction available
-        4. **AI Analysis:** Chat with extracted data
-        
-        **Note:** All extractors are 100% free and require no local setup.
-        
-        **Logged in as:** {user['email']}
-        **Session expires:** {datetime.fromisoformat(user['expires_at']).strftime('%I:%M %p')}
-        """)
-
-# ============================================
-# MAIN APP ROUTING
-# ============================================
-
-def main():
-    """Main routing function"""
-    # Handle OAuth callback if coming from Google
-    handle_oauth_callback()
+    </a>
+    """, unsafe_allow_html=True)
     
-    # Check authentication
-    if not is_authenticated():
-        login_page()
-    else:
-        main_app()
+    st.markdown("---")
+    st.info("""
+    **Note:** First-time login might show "App not verified" warning.
+    Click "Continue" to proceed (this is normal for testing).
+    """)
 
 if __name__ == "__main__":
     main()