Update app.py

app.py

@@ -1,44 +1,46 @@
-import os
-from fastapi import FastAPI, HTTPException, Request, Response
+from fastapi import FastAPI, Request, HTTPException, Response
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.responses import RedirectResponse, HTMLResponse
+from api import api_router
 import gradio as gr
 import requests
 import logging
 import time
 import aiohttp
 import asyncio
-from typing import Optional, Dict, Any
-from passlib.context import CryptContext
-from passlib.exc import UnknownHashError
-from pydantic import BaseModel
+from typing import Optional
 
 # Configure logging
-logging.basicConfig(
-    level=logging.INFO,
-    format='%(asctime)s - %(name)s - %(levelname)s - %(message)s'
-)
+logging.basicConfig(level=logging.DEBUG)
 logger = logging.getLogger(__name__)
+logger.debug("Initializing application")
+
+app = FastAPI()
 
-# Password hashing
-pwd_context = CryptContext(
-    schemes=["bcrypt"],
-    deprecated="auto"
+# CORS Configuration
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"],
+    allow_credentials=True,
+    allow_methods=["*"],
+    allow_headers=["*"],
 )
 
-# Configuration
-BACKEND_URL = os.getenv("BACKEND_URL", "https://rocketfarmstudios-cps-api.hf.space")
-ADMIN_EMAIL = os.getenv("ADMIN_EMAIL", "yakdhanali97@gmail.com")
-ADMIN_PASSWORD = os.getenv("ADMIN_PASSWORD", "123456")
+app.include_router(api_router)
+
+# Constants
+BACKEND_URL = "https://rocketfarmstudios-cps-api.hf.space"
+ADMIN_EMAIL = "yakdhanali97@gmail.com"
+ADMIN_PASSWORD = "123456"
+MAX_TOKEN_RETRIES = 3
+TOKEN_RETRY_DELAY = 2  # seconds
 
 class TokenManager:
     def __init__(self):
         self.token = None
         self.last_refresh = 0
-        self.expires_in = 3600
+        self.expires_in = 3600  # 1 hour default expiry
         self.lock = asyncio.Lock()
-        self.initialized = False
-        self.available = False
 
     async def _make_login_request(self) -> Optional[str]:
         try:
@@ -48,13 +50,12 @@ class TokenManager:
                     json={
                         "username": ADMIN_EMAIL,
                         "password": ADMIN_PASSWORD,
-                        "device_token": "admin-console"
+                        "device_token": "admin-device-token"
                     },
-                    timeout=aiohttp.ClientTimeout(total=10)
+                    timeout=10
                 ) as response:
                     if response.status == 200:
                         data = await response.json()
-                        self.available = True
                         return data.get("access_token")
                     else:
                         error = await response.text()
@@ -64,9 +65,9 @@ class TokenManager:
             logger.error(f"Login request error: {str(e)}")
             return None
 
-    async def refresh_token(self) -> Optional[str]:
+    async def refresh_token(self) -> str:
         async with self.lock:
-            for attempt in range(3):
+            for attempt in range(MAX_TOKEN_RETRIES):
                 token = await self._make_login_request()
                 if token:
                     self.token = token
@@ -74,181 +75,158 @@ class TokenManager:
                     logger.info("Successfully refreshed admin token")
                     return token
                 
-                wait_time = min(5, (attempt + 1) * 2)
+                wait_time = min(5, (attempt + 1) * 2)  # Exponential backoff with max 5s
                 logger.warning(f"Attempt {attempt + 1} failed, retrying in {wait_time}s...")
                 await asyncio.sleep(wait_time)
 
-            self.available = False
-            return None
+            raise Exception("Failed to obtain admin token after multiple attempts")
 
-    async def get_token(self) -> Optional[str]:
-        if not self.initialized or not self.token or (time.time() - self.last_refresh) > (self.expires_in - 60):
-            self.initialized = True
+    async def get_token(self) -> str:
+        if not self.token or (time.time() - self.last_refresh) > (self.expires_in - 60):
             return await self.refresh_token()
         return self.token
 
 token_manager = TokenManager()
 
-app = FastAPI(title="Medical Admin Portal")
-
-app.add_middleware(
-    CORSMiddleware,
-    allow_origins=["*"],
-    allow_credentials=True,
-    allow_methods=["*"],
-    allow_headers=["*"],
-)
-
 @app.get("/")
-async def root():
-    return {
-        "status": "running",
-        "admin_api_available": token_manager.available
-    }
+def root():
+    logger.debug("Root endpoint accessed")
+    return {"message": "🚀 FastAPI with MongoDB + JWT is running."}
 
 @app.post("/login")
-async def handle_login():
+async def redirect_login(request: Request):
+    logger.info("Redirecting /login to /auth/login")
     return RedirectResponse(url="/auth/login", status_code=307)
 
-@app.get("/health")
-async def health_check():
-    return {
-        "status": "healthy",
-        "admin_api": "available" if token_manager.available else "unavailable"
-    }
+def authenticate_admin(email: str = None, password: str = None):
+    if email != ADMIN_EMAIL or password != ADMIN_PASSWORD:
+        logger.warning(f"Failed admin login attempt with email: {email}")
+        raise HTTPException(status_code=401, detail="Unauthorized: Invalid email or password")
+    
+    logger.info(f"Admin authenticated successfully: {email}")
+    return True
 
-async def create_doctor_api(doctor_data: Dict[str, Any]) -> Dict[str, Any]:
-    if not token_manager.available:
-        return {
-            "success": False,
-            "error": "Admin API currently unavailable"
+async def async_create_doctor(full_name, email, matricule, password, specialty):
+    try:
+        token = await token_manager.get_token()
+        
+        payload = {
+            "full_name": full_name,
+            "email": email,
+            "license_number": matricule,
+            "password": password,
+            "specialty": specialty,
         }
-
-    token = await token_manager.get_token()
-    if not token:
-        return {
-            "success": False,
-            "error": "Failed to obtain admin token"
+        headers = {
+            "Authorization": f"Bearer {token}",
+            "Content-Type": "application/json"
         }
-
-    headers = {
-        "Authorization": f"Bearer {token}",
-        "Content-Type": "application/json"
-    }
-
-    try:
+        
         async with aiohttp.ClientSession() as session:
             async with session.post(
                 f"{BACKEND_URL}/auth/admin/doctors",
-                json=doctor_data,
+                json=payload,
                 headers=headers,
-                timeout=aiohttp.ClientTimeout(total=15)
+                timeout=10
             ) as response:
                 if response.status == 201:
-                    return {"success": True, "message": "Doctor created successfully"}
+                    return "✅ Doctor created successfully!"
+                elif response.status == 401:  # Token might be expired
+                    logger.warning("Token expired, attempting refresh...")
+                    token = await token_manager.refresh_token()
+                    headers["Authorization"] = f"Bearer {token}"
+                    async with session.post(
+                        f"{BACKEND_URL}/auth/admin/doctors",
+                        json=payload,
+                        headers=headers,
+                        timeout=10
+                    ) as retry_response:
+                        if retry_response.status == 201:
+                            return "✅ Doctor created successfully!"
                 
                 error_detail = await response.text()
-                return {
-                    "success": False,
-                    "error": f"Error {response.status}: {error_detail}"
-                }
-    except Exception as e:
-        logger.error(f"Doctor creation API error: {str(e)}")
-        return {
-            "success": False,
-            "error": f"API communication error: {str(e)}"
-        }
-
-def sync_create_doctor(full_name: str, email: str, matricule: str, password: str, specialty: str) -> str:
-    try:
-        doctor_data = {
-            "full_name": full_name,
-            "email": email,
-            "license_number": matricule,
-            "password": password,
-            "specialty": specialty
-        }
-        
-        result = asyncio.run(create_doctor_api(doctor_data))
-        
-        if result["success"]:
-            return "✅ " + result["message"]
-        return "❌ " + result.get("error", "Unknown error")
-            
+                return f"❌ Error: {error_detail} (Status: {response.status})"
+                
     except Exception as e:
         logger.error(f"Doctor creation failed: {str(e)}")
-        return f"❌ System error: {str(e)}"
+        return f"❌ System Error: {str(e)}"
+
+def sync_create_doctor(*args):
+    return asyncio.run(async_create_doctor(*args))
+
+admin_ui = gr.Blocks(
+    css="""
+    .gradio-container {
+        font-family: Arial, sans-serif;
+        max-width: 800px;
+        margin: 0 auto;
+        padding: 2rem;
+    }
+    .input-group {
+        margin-bottom: 1.5rem;
+    }
+    input, select {
+        width: 100%;
+        padding: 0.5rem;
+        margin-bottom: 1rem;
+    }
+    button {
+        background-color: #4a6fa5;
+        color: white;
+        padding: 0.75rem;
+        border: none;
+        border-radius: 4px;
+        cursor: pointer;
+        width: 100%;
+    }
+    """
+)
 
-with gr.Blocks(title="Doctor Management") as admin_ui:
-    gr.Markdown("# 👨‍⚕️ Doctor Account Creator")
-    
-    with gr.Row():
-        with gr.Column():
-            full_name = gr.Textbox(label="Full Name")
-            email = gr.Textbox(label="Email")
-            license_num = gr.Textbox(label="License Number")
-            
-        with gr.Column():
-            specialty = gr.Dropdown(
-                label="Specialty",
-                choices=[
-                    "General Practice", "Cardiology", "Neurology",
-                    "Pediatrics", "Orthopedics", "Dermatology"
-                ]
-            )
-            password = gr.Textbox(label="Password", type="password")
-    
-    submit_btn = gr.Button("Create Account")
-    output = gr.Textbox(label="Status", interactive=False)
+with admin_ui:
+    gr.Markdown("# Doctor Account Creator")
     
-    submit_btn.click(
-        fn=sync_create_doctor,
-        inputs=[full_name, email, license_num, specialty, password],
-        outputs=output
-    )
-
-app = gr.mount_gradio_app(app, admin_ui, path="/admin")
-
-@app.get("/admin-auth")
-async def admin_auth(email: str, password: str, response: Response):
-    if (email != ADMIN_EMAIL or 
-        not verify_password(password, pwd_context.hash(ADMIN_PASSWORD))):
+    with gr.Column():
+        full_name = gr.Textbox(label="Full Name")
+        email = gr.Textbox(label="Email")
+        matricule = gr.Textbox(label="License Number")
+        specialty = gr.Dropdown(
+            label="Specialty",
+            choices=["General Practice", "Cardiology", "Neurology", "Pediatrics"]
+        )
+        password = gr.Textbox(label="Password", type="password")
+        submit_btn = gr.Button("Create Account")
+        output = gr.Textbox(label="Status", interactive=False)
+        
+        submit_btn.click(
+            fn=sync_create_doctor,
+            inputs=[full_name, email, matricule, specialty, password],
+            outputs=output
+        )
+
+app = gr.mount_gradio_app(app, admin_ui, path="/admin-auth")
+
+@app.get("/admin")
+async def admin_dashboard(email: str = None, password: str = None, response: Response = None):
+    logger.debug("Admin dashboard accessed")
+    try:
+        authenticate_admin(email, password)
+        return RedirectResponse(url="/admin-auth", status_code=307)
+    except HTTPException as e:
         response.status_code = 401
-        return HTMLResponse("""
-            <h1>Access Denied</h1>
+        return HTMLResponse(content="""
+            <h1>401 Unauthorized</h1>
             <p>Invalid admin credentials</p>
         """)
-    return RedirectResponse(url="/admin")
 
 @app.on_event("startup")
 async def startup_event():
-    """Try to connect to backend but don't fail startup"""
+    """Initialize token but don't fail startup"""
     try:
-        logger.info("Testing backend connection...")
         await token_manager.get_token()
-        if token_manager.available:
-            logger.info("Backend connection successful")
-        else:
-            logger.warning("Backend connection failed - running in degraded mode")
-    except Exception as e:
-        logger.error(f"Startup connection test error: {str(e)}")
-        token_manager.available = False
-
-def verify_password(plain_password: str, hashed_password: str) -> bool:
-    try:
-        return pwd_context.verify(plain_password, hashed_password)
-    except UnknownHashError:
-        logger.error(f"Unrecognized hash format")
-        return False
     except Exception as e:
-        logger.error(f"Password verification error: {str(e)}")
-        return False
+        logger.error(f"Initial token fetch failed: {str(e)}")
 
 if __name__ == "__main__":
+    logger.info("Starting application")
     import uvicorn
-    uvicorn.run(
-        app,
-        host="0.0.0.0",
-        port=7860,
-        log_level="info"
-    )
+    uvicorn.run(app, host="0.0.0.0", port=7860)