Update app.py

app.py

@@ -1,6 +1,6 @@
-from fastapi import FastAPI, HTTPException
+from fastapi import FastAPI, HTTPException, status, Request
 from fastapi.middleware.cors import CORSMiddleware
-from pydantic import BaseModel
+from pydantic import BaseModel, EmailStr, constr
 import hashlib
 import os
 import certifi
@@ -8,63 +8,62 @@ from motor.motor_asyncio import AsyncIOMotorClient
 
 app = FastAPI()
 
-# Allow frontend CORS
+# === CORS Configuration ===
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=["*"],  # Change to your frontend origin in prod
+    allow_origins=["*"],  # In production, replace with specific domains
     allow_credentials=True,
-    allow_methods=["*"],
-    allow_headers=["*"],
+    allow_methods=["POST", "GET"],
+    allow_headers=["Authorization", "Content-Type"],
 )
 
-# Secure Mongo URI from Hugging Face Secrets
+# === Secure MongoDB Setup ===
 MONGO_URI = os.getenv("MONGO_URI")
-
 if not MONGO_URI:
-    raise RuntimeError("MONGO_URI environment variable is not set!")
+    raise RuntimeError("Missing MONGO_URI in environment")
 
-# Secure SSL connection with certifi
 client = AsyncIOMotorClient(MONGO_URI, tls=True, tlsCAFile=certifi.where())
 db = client["cps_db"]
-users_collection = db["users"]
+users_collection = db.get_collection("users")
 
-# Password hashing
+# === Utility: Strong Hashing ===
 def hash_password(password: str) -> str:
     return hashlib.sha256(password.encode()).hexdigest()
 
-# Pydantic models
+# === Pydantic Models with Validation ===
 class SignupForm(BaseModel):
-    email: str
-    password: str
+    email: EmailStr
+    password: constr(min_length=8)
 
 class LoginForm(BaseModel):
-    email: str
+    email: EmailStr
     password: str
 
-# Routes
-@app.post("/signup")
+# === Signup Endpoint ===
+@app.post("/signup", status_code=status.HTTP_201_CREATED)
 async def signup(data: SignupForm):
     email = data.email.lower().strip()
-    password = hash_password(data.password)
+    hashed_password = hash_password(data.password)
 
-    existing_user = await users_collection.find_one({"email": email})
-    if existing_user:
+    if await users_collection.find_one({"email": email}):
         raise HTTPException(status_code=409, detail="Email already registered")
 
-    await users_collection.insert_one({"email": email, "password": password})
-    return {"success": True, "message": "Account created"}
+    await users_collection.insert_one({"email": email, "password": hashed_password})
+    return {"success": True, "message": "Account created successfully"}
 
+# === Login Endpoint ===
 @app.post("/login")
 async def login(data: LoginForm):
     email = data.email.lower().strip()
-    password = hash_password(data.password)
+    hashed_password = hash_password(data.password)
 
-    user = await users_collection.find_one({"email": email, "password": password})
+    user = await users_collection.find_one({"email": email, "password": hashed_password})
     if not user:
-        raise HTTPException(status_code=401, detail="Invalid credentials")
+        raise HTTPException(status_code=401, detail="Invalid email or password")
 
     return {"success": True, "message": "Login successful"}
 
+# === Health Check ===
 @app.get("/")
-def root():
-    return {"message": "✅ FastAPI MongoDB backend is running"}
+async def root():
+    return {"message": "✅ FastAPI MongoDB Auth API is live"}