Update app.py

app.py

@@ -1,93 +1,68 @@
-from fastapi import FastAPI, Request, HTTPException
+from fastapi import FastAPI, Request, HTTPException, Response
 from fastapi.middleware.cors import CORSMiddleware
-from fastapi.responses import RedirectResponse
-from pydantic import BaseModel
+from fastapi.responses import RedirectResponse, HTMLResponse
+from api import api_router
 import gradio as gr
-import aiohttp
-import asyncio
+import requests
 import logging
 import time
-import os
+import aiohttp
+import asyncio
 from typing import Optional
-from fastapi import APIRouter
 
 # Configure logging
-logging.basicConfig(
-    level=logging.DEBUG,
-    format="%(asctime)s - %(levelname)s - %(name)s - %(message)s"
-)
+logging.basicConfig(level=logging.DEBUG)
 logger = logging.getLogger(__name__)
 logger.debug("Initializing application")
 
-# FastAPI app
 app = FastAPI()
 
-# CORS Configuration (broadened for Hugging Face Spaces)
+# CORS Configuration
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=["http://localhost:7860", "https://*.hf.space"],
+    allow_origins=["*"],
     allow_credentials=True,
     allow_methods=["*"],
     allow_headers=["*"],
 )
 
-# API Router (placeholder; replace with actual api.py content)
-api_router = APIRouter()
+app.include_router(api_router)
 
-# Constants (load from environment variables)
-BACKEND_URL = os.getenv("BACKEND_URL", "https://rocketfarmstudios-cps-api.hf.space")
-ADMIN_EMAIL = os.getenv("ADMIN_EMAIL", "yakdhanali97@gmail.com")
-ADMIN_PASSWORD = os.getenv("ADMIN_PASSWORD", "123456")
+# Constants
+BACKEND_URL = "https://rocketfarmstudios-cps-api.hf.space"
+ADMIN_EMAIL = "yakdhanali97@gmail.com"
+ADMIN_PASSWORD = "123456"
 MAX_TOKEN_RETRIES = 3
 TOKEN_RETRY_DELAY = 2  # seconds
-TOKEN_EXPIRY = 3600  # 1 hour default expiry
-
-# Pydantic models
-class LoginPayload(BaseModel):
-    username: str
-    password: str
-
-class DoctorPayload(BaseModel):
-    full_name: str
-    email: str
-    license_number: str
-    password: str
-    specialty: str
 
 class TokenManager:
     def __init__(self):
         self.token = None
         self.last_refresh = 0
-        self.expires_in = TOKEN_EXPIRY
+        self.expires_in = 3600  # 1 hour default expiry
         self.lock = asyncio.Lock()
 
     async def _make_login_request(self) -> Optional[str]:
         try:
             async with aiohttp.ClientSession() as session:
-                payload = LoginPayload(username=ADMIN_EMAIL, password=ADMIN_PASSWORD)
-                login_url = f"{BACKEND_URL.rstrip('/')}/auth/login"
-                logger.debug(f"Sending login request to {login_url} with payload: {payload.dict()}")
                 async with session.post(
-                    login_url,
-                    json=payload.dict(),
-                    timeout=15,
-                    headers={"Content-Type": "application/json"}
+                    f"{BACKEND_URL}/auth/login",
+                    json={
+                        "username": ADMIN_EMAIL,
+                        "password": ADMIN_PASSWORD,
+                        "device_token": "admin-device-token"
+                    },
+                    timeout=10
                 ) as response:
-                    logger.debug(f"Login response status: {response.status}, URL: {response.url}")
                     if response.status == 200:
                         data = await response.json()
-                        token = data.get("access_token")
-                        if not token:
-                            logger.error("No access_token in response")
-                            return None
-                        logger.info(f"Received token: {token[:10]}...")
-                        return token
+                        return data.get("access_token")
                     else:
                         error = await response.text()
-                        logger.error(f"Login failed: {response.status} - {error}, URL: {response.url}")
+                        logger.error(f"Login failed: {response.status} - {error}")
                         return None
-        except aiohttp.ClientError as e:
-            logger.error(f"Login request error: {str(e)}, URL: {login_url}")
+        except Exception as e:
+            logger.error(f"Login request error: {str(e)}")
             return None
 
     async def refresh_token(self) -> str:
@@ -100,11 +75,11 @@ class TokenManager:
                     logger.info("Successfully refreshed admin token")
                     return token
                 
-                wait_time = min(5, (attempt + 1) * TOKEN_RETRY_DELAY)
+                wait_time = min(5, (attempt + 1) * 2)  # Exponential backoff with max 5s
                 logger.warning(f"Attempt {attempt + 1} failed, retrying in {wait_time}s...")
                 await asyncio.sleep(wait_time)
 
-            raise HTTPException(status_code=500, detail="Failed to obtain admin token after multiple attempts")
+            raise Exception("Failed to obtain admin token after multiple attempts")
 
     async def get_token(self) -> str:
         if not self.token or (time.time() - self.last_refresh) > (self.expires_in - 60):
@@ -113,9 +88,6 @@ class TokenManager:
 
 token_manager = TokenManager()
 
-# Include API router
-app.include_router(api_router)
-
 @app.get("/")
 def root():
     logger.debug("Root endpoint accessed")
@@ -123,111 +95,65 @@ def root():
 
 @app.post("/login")
 async def redirect_login(request: Request):
-    logger.info("Redirecting /login to /admin-auth")
-    return RedirectResponse(url="/admin-auth", status_code=307)
+    logger.info("Redirecting /login to /auth/login")
+    return RedirectResponse(url="/auth/login", status_code=307)
 
-# Handle local /auth/login requests
-@app.post("/auth/login")
-async def handle_local_auth_login(request: Request):
-    try:
-        body = await request.json()
-    except:
-        body = {}
-    logger.warning(f"Local /auth/login endpoint called with body: {body}")
-    raise HTTPException(
-        status_code=400,
-        detail=f"Local /auth/login called incorrectly. Use the external backend API: {BACKEND_URL}/auth/login"
-    )
-
-# Test endpoint to verify backend connectivity
-@app.get("/test-backend")
-async def test_backend():
-    try:
-        async with aiohttp.ClientSession() as session:
-            test_url = f"{BACKEND_URL.rstrip('/')}/"
-            logger.debug(f"Testing backend connectivity to {test_url}")
-            async with session.get(test_url, timeout=5) as response:
-                logger.debug(f"Test backend response status: {response.status}, URL: {response.url}")
-                return {"status": response.status, "url": str(response.url), "message": await response.text()}
-    except aiohttp.ClientError as e:
-        logger.error(f"Test backend error: {str(e)}")
-        return {"status": "error", "message": str(e)}
+def authenticate_admin(email: str = None, password: str = None):
+    if email != ADMIN_EMAIL or password != ADMIN_PASSWORD:
+        logger.warning(f"Failed admin login attempt with email: {email}")
+        raise HTTPException(status_code=401, detail="Unauthorized: Invalid email or password")
+    
+    logger.info(f"Admin authenticated successfully: {email}")
+    return True
 
-async def async_create_doctor(full_name: str, email: str, license_number: str, specialty: str, password: str):
+async def async_create_doctor(full_name, email, matricule, password, specialty):
     try:
-        # Validate inputs
-        if not all([full_name, email, license_number, specialty, password]):
-            logger.error("Doctor creation failed: All fields are required")
-            raise HTTPException(status_code=422, detail="All fields are required")
-
         token = await token_manager.get_token()
         
-        payload = DoctorPayload(
-            full_name=full_name,
-            email=email,
-            license_number=license_number,
-            password=password,
-            specialty=specialty
-        )
+        payload = {
+            "full_name": full_name,
+            "email": email,
+            "license_number": matricule,
+            "password": password,
+            "specialty": specialty,
+        }
         headers = {
             "Authorization": f"Bearer {token}",
             "Content-Type": "application/json"
         }
         
-        doctor_url = f"{BACKEND_URL.rstrip('/')}/auth/admin/doctors"
-        logger.debug(f"Sending doctor creation request to {doctor_url} with payload: {payload.dict()}")
         async with aiohttp.ClientSession() as session:
             async with session.post(
-                doctor_url,
-                json=payload.dict(),
+                f"{BACKEND_URL}/auth/admin/doctors",
+                json=payload,
                 headers=headers,
-                timeout=15
+                timeout=10
             ) as response:
-                logger.debug(f"Doctor creation response status: {response.status}, URL: {response.url}")
                 if response.status == 201:
                     return "✅ Doctor created successfully!"
-                elif response.status == 401:
+                elif response.status == 401:  # Token might be expired
                     logger.warning("Token expired, attempting refresh...")
                     token = await token_manager.refresh_token()
                     headers["Authorization"] = f"Bearer {token}"
                     async with session.post(
-                        doctor_url,
-                        json=payload.dict(),
+                        f"{BACKEND_URL}/auth/admin/doctors",
+                        json=payload,
                         headers=headers,
-                        timeout=15
+                        timeout=10
                     ) as retry_response:
-                        logger.debug(f"Retry doctor creation response status: {retry_response.status}, URL: {retry_response.url}")
                         if retry_response.status == 201:
                             return "✅ Doctor created successfully!"
-                        error_detail = await retry_response.text()
-                        return f"❌ Error: {error_detail} (Status: {retry_response.status})"
                 
                 error_detail = await response.text()
                 return f"❌ Error: {error_detail} (Status: {response.status})"
                 
-    except HTTPException as e:
-        logger.error(f"Doctor creation failed: {str(e)}")
-        return f"❌ Error: {str(e)}"
     except Exception as e:
         logger.error(f"Doctor creation failed: {str(e)}")
         return f"❌ System Error: {str(e)}"
 
-def sync_create_doctor(full_name: str, email: str, license_number: str, specialty: str, password: str):
-    return asyncio.run(async_create_doctor(full_name, email, license_number, specialty, password))
-
-# New endpoint for public doctor creation
-@app.post("/create-doctor")
-async def create_doctor(payload: DoctorPayload):
-    result = await async_create_doctor(
-        full_name=payload.full_name,
-        email=payload.email,
-        license_number=payload.license_number,
-        specialty=payload.specialty,
-        password=payload.password
-    )
-    return {"result": result}
+def sync_create_doctor(*args):
+    return asyncio.run(async_create_doctor(*args))
 
-# Gradio UI
 admin_ui = gr.Blocks(
     css="""
     .gradio-container {
@@ -260,15 +186,14 @@ with admin_ui:
     gr.Markdown("# Doctor Account Creator")
     
     with gr.Column():
-        full_name = gr.Textbox(label="Full Name", placeholder="e.g., Dr. John Doe")
-        email = gr.Textbox(label="Email", placeholder="e.g., john.doe@example.com")
-        matricule = gr.Textbox(label="License Number", placeholder="e.g., 12345")
+        full_name = gr.Textbox(label="Full Name")
+        email = gr.Textbox(label="Email")
+        matricule = gr.Textbox(label="License Number")
         specialty = gr.Dropdown(
             label="Specialty",
-            choices=["General Practice", "Cardiology", "Neurology", "Pediatrics"],
-            value="General Practice"
+            choices=["General Practice", "Cardiology", "Neurology", "Pediatrics"]
         )
-        password = gr.Textbox(label="Password", type="password", placeholder="Enter a secure password")
+        password = gr.Textbox(label="Password", type="password")
         submit_btn = gr.Button("Create Account")
         output = gr.Textbox(label="Status", interactive=False)
         
@@ -280,27 +205,24 @@ with admin_ui:
 
 app = gr.mount_gradio_app(app, admin_ui, path="/admin-auth")
 
-# Modified admin dashboard (no authentication)
 @app.get("/admin")
-async def admin_dashboard():
+async def admin_dashboard(email: str = None, password: str = None, response: Response = None):
     logger.debug("Admin dashboard accessed")
-    return RedirectResponse(url="/admin-auth", status_code=307)
-
-@app.get("/admin-auth/gradio_api/queue/data")
-async def gradio_queue_data(session_hash: str):
-    logger.debug(f"Gradio queue data accessed with session_hash: {session_hash}")
-    return {"status": "ok", "session_hash": session_hash}
-
-@app.get("/manifest.json")
-async def manifest():
-    logger.debug("Manifest.json accessed")
-    return {"name": "Doctor Account Creator", "short_name": "Doctor App", "start_url": "/admin-auth"}
+    try:
+        authenticate_admin(email, password)
+        return RedirectResponse(url="/admin-auth", status_code=307)
+    except HTTPException as e:
+        response.status_code = 401
+        return HTMLResponse(content="""
+            <h1>401 Unauthorized</h1>
+            <p>Invalid admin credentials</p>
+        """)
 
 @app.on_event("startup")
 async def startup_event():
+    """Initialize token but don't fail startup"""
     try:
         await token_manager.get_token()
-        logger.info("Initial token fetch successful")
     except Exception as e:
         logger.error(f"Initial token fetch failed: {str(e)}")