Update app.py

app.py

@@ -1,7 +1,7 @@
 from fastapi import FastAPI, HTTPException, Depends
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.security import OAuth2PasswordRequestForm
-from pydantic import BaseModel
+from pydantic import BaseModel, EmailStr
 from jose import JWTError, jwt
 from passlib.context import CryptContext
 from motor.motor_asyncio import AsyncIOMotorClient
@@ -9,8 +9,8 @@ import certifi
 import os
 import datetime
 
-# ENV
-SECRET_KEY = os.getenv("SECRET_KEY", "your-secret-key")  # 🔐 Use HuggingFace secrets
+# === Environment and config ===
+SECRET_KEY = os.getenv("SECRET_KEY", "your-secret-key")
 ALGORITHM = "HS256"
 ACCESS_TOKEN_EXPIRE_MINUTES = 30
 
@@ -18,47 +18,47 @@ MONGO_URI = os.getenv("MONGO_URI")
 if not MONGO_URI:
     raise RuntimeError("MONGO_URI not set")
 
-# MongoDB
+# === MongoDB client ===
 client = AsyncIOMotorClient(MONGO_URI, tls=True, tlsCAFile=certifi.where())
 db = client["cps_db"]
 users_collection = db["users"]
 
-# App setup
+# === App setup ===
 app = FastAPI()
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=["*"],  # Limit in production
+    allow_origins=["*"],  # Replace with frontend origin in prod
     allow_credentials=True,
     allow_methods=["*"],
     allow_headers=["*"],
 )
 
-# Hashing
+# === Password hashing ===
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
 
-def verify_password(plain, hashed):
+def verify_password(plain: str, hashed: str) -> bool:
     return pwd_context.verify(plain, hashed)
 
-def hash_password(password):
+def hash_password(password: str) -> str:
     return pwd_context.hash(password)
 
-# JWT utils
+# === JWT ===
 def create_access_token(data: dict, expires_delta: datetime.timedelta = None):
     to_encode = data.copy()
     expire = datetime.datetime.utcnow() + (expires_delta or datetime.timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES))
     to_encode.update({"exp": expire})
     return jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
 
-# Schemas
+# === Schemas ===
 class SignupForm(BaseModel):
-    email: str
+    email: EmailStr
     password: str
 
 class TokenResponse(BaseModel):
     access_token: str
     token_type: str
 
-# Routes
+# === Routes ===
 @app.post("/signup")
 async def signup(data: SignupForm):
     email = data.email.lower().strip()
@@ -67,11 +67,12 @@ async def signup(data: SignupForm):
         raise HTTPException(status_code=409, detail="Email already exists")
     hashed_pw = hash_password(data.password)
     await users_collection.insert_one({"email": email, "password": hashed_pw})
-    return {"success": True, "message": "Account created"}
+    return {"success": True, "message": "Account created successfully"}
 
 @app.post("/login", response_model=TokenResponse)
 async def login(form_data: OAuth2PasswordRequestForm = Depends()):
-    user = await users_collection.find_one({"email": form_data.username.lower().strip()})
+    email = form_data.username.lower().strip()
+    user = await users_collection.find_one({"email": email})
     if not user or not verify_password(form_data.password, user["password"]):
         raise HTTPException(status_code=401, detail="Invalid credentials")
 
@@ -80,4 +81,4 @@ async def login(form_data: OAuth2PasswordRequestForm = Depends()):
 
 @app.get("/")
 def root():
-    return {"message": "🛡️ Auth-secured FastAPI + MongoDB running"}
+    return {"message": "✅ Auth-secured FastAPI + MongoDB backend is running"}