Update app.py

app.py

@@ -1,67 +1,91 @@
 from fastapi import FastAPI, Request, HTTPException, Response
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.responses import RedirectResponse, HTMLResponse
-from api import api_router
+from pydantic import BaseModel
 import gradio as gr
-import requests
-import logging
-import time
 import aiohttp
 import asyncio
+import logging
+import time
+import os
 from typing import Optional
+from fastapi import APIRouter
 
 # Configure logging
-logging.basicConfig(level=logging.DEBUG)
+logging.basicConfig(
+    level=logging.DEBUG,
+    format="%(asctime)s - %(levelname)s - %(name)s - %(message)s"
+)
 logger = logging.getLogger(__name__)
 logger.debug("Initializing application")
 
+# FastAPI app
 app = FastAPI()
 
-# CORS Configuration
+# CORS Configuration (restrict in production)
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=["*"],
+    allow_origins=["http://localhost:7860", "https://rocketfarmstudios-cps-api.hf.space"],
     allow_credentials=True,
     allow_methods=["*"],
     allow_headers=["*"],
 )
 
-app.include_router(api_router)
+# API Router (placeholder; replace with actual api.py content)
+api_router = APIRouter()
 
-# Constants
-BACKEND_URL = "https://rocketfarmstudios-cps-api.hf.space"
-ADMIN_EMAIL = "yakdhanali97@gmail.com"
-ADMIN_PASSWORD = "123456"
+# Constants (load from environment variables)
+BACKEND_URL = os.getenv("BACKEND_URL", "https://rocketfarmstudios-cps-api.hf.space")
+ADMIN_EMAIL = os.getenv("ADMIN_EMAIL", "yakdhanali97@gmail.com")
+ADMIN_PASSWORD = os.getenv("ADMIN_PASSWORD", "123456")
 MAX_TOKEN_RETRIES = 3
 TOKEN_RETRY_DELAY = 2  # seconds
+TOKEN_EXPIRY = 3600  # 1 hour default expiry
+
+# Pydantic models
+class LoginPayload(BaseModel):
+    username: str
+    password: str
+
+class DoctorPayload(BaseModel):
+    full_name: str
+    email: str
+    license_number: str
+    password: str
+    specialty: str
 
 class TokenManager:
     def __init__(self):
         self.token = None
         self.last_refresh = 0
-        self.expires_in = 3600  # 1 hour default expiry
+        self.expires_in = TOKEN_EXPIRY
         self.lock = asyncio.Lock()
 
     async def _make_login_request(self) -> Optional[str]:
         try:
             async with aiohttp.ClientSession() as session:
+                payload = LoginPayload(username=ADMIN_EMAIL, password=ADMIN_PASSWORD)
+                login_url = f"{BACKEND_URL}/auth/login"
+                logger.debug(f"Sending login request to {login_url} with payload: {payload.dict()}")
                 async with session.post(
-                    f"{BACKEND_URL}/auth/login",
-                    json={
-                        "username": ADMIN_EMAIL,
-                        "password": ADMIN_PASSWORD,
-                        "device_token": "admin-device-token"
-                    },
+                    login_url,
+                    json=payload.dict(),
                     timeout=10
                 ) as response:
+                    logger.debug(f"Login response status: {response.status}")
                     if response.status == 200:
                         data = await response.json()
-                        return data.get("access_token")
+                        token = data.get("access_token")
+                        if not token:
+                            logger.error("No access_token in response")
+                            return None
+                        logger.info(f"Received token: {token[:10]}...")
+                        return token
                     else:
                         error = await response.text()
                         logger.error(f"Login failed: {response.status} - {error}")
                         return None
-        except Exception as e:
+        except aiohttp.ClientError as e:
             logger.error(f"Login request error: {str(e)}")
             return None
 
@@ -75,11 +99,11 @@ class TokenManager:
                     logger.info("Successfully refreshed admin token")
                     return token
                 
-                wait_time = min(5, (attempt + 1) * 2)  # Exponential backoff with max 5s
+                wait_time = min(5, (attempt + 1) * TOKEN_RETRY_DELAY)
                 logger.warning(f"Attempt {attempt + 1} failed, retrying in {wait_time}s...")
                 await asyncio.sleep(wait_time)
 
-            raise Exception("Failed to obtain admin token after multiple attempts")
+            raise HTTPException(status_code=500, detail="Failed to obtain admin token after multiple attempts")
 
     async def get_token(self) -> str:
         if not self.token or (time.time() - self.last_refresh) > (self.expires_in - 60):
@@ -88,6 +112,9 @@ class TokenManager:
 
 token_manager = TokenManager()
 
+# Include API router
+app.include_router(api_router)
+
 @app.get("/")
 def root():
     logger.debug("Root endpoint accessed")
@@ -95,8 +122,17 @@ def root():
 
 @app.post("/login")
 async def redirect_login(request: Request):
-    logger.info("Redirecting /login to /auth/login")
-    return RedirectResponse(url="/auth/login", status_code=307)
+    logger.info("Redirecting /login to /admin-auth")
+    return RedirectResponse(url="/admin-auth", status_code=307)
+
+# Handle local /auth/login requests to prevent 422 errors
+@app.post("/auth/login")
+async def handle_local_auth_login(request: Request):
+    logger.warning(f"Local /auth/login endpoint called with body: {await request.json()}")
+    raise HTTPException(
+        status_code=400,
+        detail="This endpoint is not meant to be called locally. Use the external backend API: https://rocketfarmstudios-cps-api.hf.space/auth/login"
+    )
 
 def authenticate_admin(email: str = None, password: str = None):
     if email != ADMIN_EMAIL or password != ADMIN_PASSWORD:
@@ -106,54 +142,69 @@ def authenticate_admin(email: str = None, password: str = None):
     logger.info(f"Admin authenticated successfully: {email}")
     return True
 
-async def async_create_doctor(full_name, email, matricule, password, specialty):
+async def async_create_doctor(full_name: str, email: str, license_number: str, specialty: str, password: str):
     try:
+        # Validate inputs
+        if not all([full_name, email, license_number, specialty, password]):
+            logger.error("Doctor creation failed: All fields are required")
+            raise HTTPException(status_code=422, detail="All fields are required")
+
         token = await token_manager.get_token()
         
-        payload = {
-            "full_name": full_name,
-            "email": email,
-            "license_number": matricule,
-            "password": password,
-            "specialty": specialty,
-        }
+        payload = DoctorPayload(
+            full_name=full_name,
+            email=email,
+            license_number=license_number,
+            password=password,
+            specialty=specialty
+        )
         headers = {
             "Authorization": f"Bearer {token}",
             "Content-Type": "application/json"
         }
         
+        doctor_url = f"{BACKEND_URL}/auth/admin/doctors"
+        logger.debug(f"Sending doctor creation request to {doctor_url} with payload: {payload.dict()}")
         async with aiohttp.ClientSession() as session:
             async with session.post(
-                f"{BACKEND_URL}/auth/admin/doctors",
-                json=payload,
+                doctor_url,
+                json=payload.dict(),
                 headers=headers,
                 timeout=10
             ) as response:
+                logger.debug(f"Doctor creation response status: {response.status}")
                 if response.status == 201:
                     return "✅ Doctor created successfully!"
-                elif response.status == 401:  # Token might be expired
+                elif response.status == 401:
                     logger.warning("Token expired, attempting refresh...")
                     token = await token_manager.refresh_token()
                     headers["Authorization"] = f"Bearer {token}"
                     async with session.post(
-                        f"{BACKEND_URL}/auth/admin/doctors",
-                        json=payload,
+                        doctor_url,
+                        json=payload.dict(),
                         headers=headers,
                         timeout=10
                     ) as retry_response:
+                        logger.debug(f"Retry doctor creation response status: {retry_response.status}")
                         if retry_response.status == 201:
                             return "✅ Doctor created successfully!"
+                        error_detail = await retry_response.text()
+                        return f"❌ Error: {error_detail} (Status: {retry_response.status})"
                 
                 error_detail = await response.text()
                 return f"❌ Error: {error_detail} (Status: {response.status})"
                 
+    except HTTPException as e:
+        logger.error(f"Doctor creation failed: {str(e)}")
+        return f"❌ Error: {str(e)}"
     except Exception as e:
         logger.error(f"Doctor creation failed: {str(e)}")
         return f"❌ System Error: {str(e)}"
 
-def sync_create_doctor(*args):
-    return asyncio.run(async_create_doctor(*args))
+def sync_create_doctor(full_name: str, email: str, license_number: str, specialty: str, password: str):
+    return asyncio.run(async_create_doctor(full_name, email, license_number, specialty, password))
 
+# Gradio UI
 admin_ui = gr.Blocks(
     css="""
     .gradio-container {
@@ -186,14 +237,15 @@ with admin_ui:
     gr.Markdown("# Doctor Account Creator")
     
     with gr.Column():
-        full_name = gr.Textbox(label="Full Name")
-        email = gr.Textbox(label="Email")
-        matricule = gr.Textbox(label="License Number")
+        full_name = gr.Textbox(label="Full Name", placeholder="e.g., Dr. John Doe")
+        email = gr.Textbox(label="Email", placeholder="e.g., john.doe@example.com")
+        matricule = gr.Textbox(label="License Number", placeholder="e.g., 12345")
         specialty = gr.Dropdown(
             label="Specialty",
-            choices=["General Practice", "Cardiology", "Neurology", "Pediatrics"]
+            choices=["General Practice", "Cardiology", "Neurology", "Pediatrics"],
+            value="General Practice"
         )
-        password = gr.Textbox(label="Password", type="password")
+        password = gr.Textbox(label="Password", type="password", placeholder="Enter a secure password")
         submit_btn = gr.Button("Create Account")
         output = gr.Textbox(label="Status", interactive=False)
         
@@ -218,11 +270,21 @@ async def admin_dashboard(email: str = None, password: str = None, response: Res
             <p>Invalid admin credentials</p>
         """)
 
+@app.get("/admin-auth/gradio_api/queue/data")
+async def gradio_queue_data(session_hash: str):
+    logger.debug(f"Gradio queue data accessed with session_hash: {session_hash}")
+    return {"status": "ok", "session_hash": session_hash}
+
+@app.get("/manifest.json")
+async def manifest():
+    logger.debug("Manifest.json accessed")
+    return {"name": "Doctor Account Creator", "short_name": "Doctor App", "start_url": "/admin-auth"}
+
 @app.on_event("startup")
 async def startup_event():
-    """Initialize token but don't fail startup"""
     try:
         await token_manager.get_token()
+        logger.info("Initial token fetch successful")
     except Exception as e:
         logger.error(f"Initial token fetch failed: {str(e)}")