Update app.py

app.py

@@ -1,48 +1,124 @@
-from fastapi import FastAPI, Request, HTTPException, Response
+import os
+from fastapi import FastAPI, HTTPException, Request, Response
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.responses import RedirectResponse, HTMLResponse
-from api import api_router
 import gradio as gr
 import requests
 import logging
 import time
+import aiohttp
+import asyncio
 from typing import Optional, Dict, Any
 from passlib.context import CryptContext
 from passlib.exc import UnknownHashError
+from pydantic import BaseModel
 
 # ======================
 # Configuration
 # ======================
 
-# Configure logging
 logging.basicConfig(
-    level=logging.DEBUG,
+    level=logging.INFO,
     format='%(asctime)s - %(name)s - %(levelname)s - %(message)s'
 )
 logger = logging.getLogger(__name__)
 
-# Password hashing context
+# Password hashing
 pwd_context = CryptContext(
-    schemes=["bcrypt", "sha256_crypt"],  # Supported schemes
-    deprecated="auto",
-    bcrypt__rounds=12,
-    sha256_crypt__rounds=10000
+    schemes=["bcrypt"],
+    deprecated="auto"
 )
 
-# Constants
-BACKEND_URL = "https://rocketfarmstudios-cps-api.hf.space"
-ADMIN_CREDENTIALS = {
-    "email": "yakdhanali97@gmail.com",
-    "password": "123456"
-}
-MAX_TOKEN_RETRIES = 3
-TOKEN_RETRY_DELAY = 2  # seconds with exponential backoff
+# Environment variables (fallback to hardcoded values if not set)
+BACKEND_URL = os.getenv("BACKEND_URL", "https://rocketfarmstudios-cps-api.hf.space")
+ADMIN_EMAIL = os.getenv("ADMIN_EMAIL", "yakdhanali97@gmail.com")
+ADMIN_PASSWORD = os.getenv("ADMIN_PASSWORD", "123456")
 
 # ======================
-# Application Setup
+# Models
 # ======================
 
-app = FastAPI(title="Medical Admin Portal")
+class DoctorCreate(BaseModel):
+    full_name: str
+    email: str
+    license_number: str
+    password: str
+    specialty: str
+
+# ======================
+# Token Management
+# ======================
+
+class TokenManager:
+    def __init__(self):
+        self.token: Optional[str] = None
+        self.last_refresh: float = 0
+        self.expires_in: int = 3600  # Default expiry
+        self.lock = asyncio.Lock()
+
+    async def _make_login_request(self) -> Optional[str]:
+        """Make the login request with proper error handling"""
+        login_payload = {
+            "username": ADMIN_EMAIL,
+            "password": ADMIN_PASSWORD,
+            "device_token": "admin-console"
+        }
+
+        try:
+            async with aiohttp.ClientSession() as session:
+                async with session.post(
+                    f"{BACKEND_URL}/auth/login",
+                    json=login_payload,
+                    timeout=aiohttp.ClientTimeout(total=10)
+                ) as response:
+                    if response.status == 200:
+                        data = await response.json()
+                        return data.get("access_token")
+                    else:
+                        error = await response.text()
+                        logger.error(f"Login failed: {response.status} - {error}")
+                        return None
+        except Exception as e:
+            logger.error(f"Login request error: {str(e)}")
+            return None
+
+    async def refresh_token(self) -> str:
+        """Obtain a new token with retry logic"""
+        async with self.lock:  # Prevent multiple concurrent refreshes
+            for attempt in range(3):
+                token = await self._make_login_request()
+                if token:
+                    self.token = token
+                    self.last_refresh = time.time()
+                    logger.info("Successfully refreshed admin token")
+                    return token
+                
+                wait_time = min(5, (attempt + 1) * 2)  # Exponential backoff with max 5s
+                logger.warning(f"Attempt {attempt + 1} failed, retrying in {wait_time}s...")
+                await asyncio.sleep(wait_time)
+
+            raise HTTPException(
+                status_code=500,
+                detail="Failed to obtain admin token after multiple attempts"
+            )
+
+    async def get_token(self) -> str:
+        """Get current valid token, refreshing if needed"""
+        if not self.token or (time.time() - self.last_refresh) > (self.expires_in - 60):
+            return await self.refresh_token()
+        return self.token
+
+token_manager = TokenManager()
+
+# ======================
+# FastAPI App
+# ======================
+
+app = FastAPI(
+    title="Medical Admin Portal",
+    description="Doctor account management system",
+    version="1.0.0"
+)
 
 # CORS Configuration
 app.add_middleware(
@@ -53,81 +129,22 @@ app.add_middleware(
     allow_headers=["*"],
 )
 
-app.include_router(api_router)
-
 # ======================
 # Security Utilities
 # ======================
 
 def verify_password(plain_password: str, hashed_password: str) -> bool:
-    """Safely verify password against stored hash with multiple fallbacks"""
     try:
         return pwd_context.verify(plain_password, hashed_password)
     except UnknownHashError:
-        logger.warning(f"Unrecognized hash format: {hashed_password[:15]}...")
-        # Try common legacy formats if needed
-        if hashed_password.startswith("$2a$") or hashed_password.startswith("$2b$"):
-            try:
-                return pwd_context.verify(plain_password, hashed_password.replace("$2a$", "$2b$"))
-            except Exception:
-                pass
+        logger.error(f"Unrecognized hash format: {hashed_password[:15]}...")
         return False
     except Exception as e:
         logger.error(f"Password verification error: {str(e)}")
         return False
 
 # ======================
-# Token Management
-# ======================
-
-class TokenManager:
-    def __init__(self):
-        self.token = None
-        self.last_refresh = 0
-        self.expires_in = 3600
-        self.backend_url = "https://rocketfarmstudios-cps-api.hf.space"
-        self.credentials = {
-            "username": "yakdhanali97@gmail.com",
-            "password": "123456",
-            "device_token": "admin-device-token"
-        }
-
-    async def _try_login(self, session):
-        try:
-            async with session.post(
-                f"{self.backend_url}/auth/login",
-                json=self.credentials,
-                timeout=10
-            ) as response:
-                if response.status == 200:
-                    data = await response.json()
-                    return data.get("access_token")
-                else:
-                    error = await response.text()
-                    logger.error(f"Login failed: {response.status} - {error}")
-                    return None
-        except Exception as e:
-            logger.error(f"Login error: {str(e)}")
-            return None
-
-    async def refresh_token(self):
-        async with aiohttp.ClientSession() as session:
-            for attempt in range(3):
-                token = await self._try_login(session)
-                if token:
-                    return token
-                await asyncio.sleep(2 ** attempt)  # Exponential backoff
-        raise Exception("Failed to obtain admin token after multiple attempts")
-
-    async def get_token(self):
-        if not self.token or (time.time() - self.last_refresh) > (self.expires_in - 60):
-            self.token = await self.refresh_token()
-            self.last_refresh = time.time()
-        return self.token
-token_manager = TokenManager()
-
-# ======================
-# Core Routes
+# API Endpoints
 # ======================
 
 @app.get("/")
@@ -135,94 +152,83 @@ async def root():
     return {"status": "active", "service": "Medical Admin Portal"}
 
 @app.post("/login")
-async def handle_login(request: Request):
+async def handle_login():
     return RedirectResponse(url="/auth/login", status_code=307)
 
+@app.get("/health")
+async def health_check():
+    try:
+        # Verify we can get a token
+        await token_manager.get_token()
+        return {"status": "healthy"}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
 # ======================
-# Admin Functions
+# Doctor Management
 # ======================
 
-def create_doctor(
-    full_name: str,
-    email: str,
-    matricule: str,
-    password: str,
-    specialty: str
-) -> str:
-    """Create new doctor account with error handling"""
-    try:
-        token = token_manager.get_token()
-        headers = {
-            "Authorization": f"Bearer {token}",
-            "Content-Type": "application/json"
-        }
-        
-        payload = {
-            "full_name": full_name,
-            "email": email,
-            "license_number": matricule,
-            "password": password,
-            "specialty": specialty
-        }
+async def create_doctor_api(doctor_data: DoctorCreate) -> Dict[str, Any]:
+    """Core doctor creation logic"""
+    token = await token_manager.get_token()
+    
+    headers = {
+        "Authorization": f"Bearer {token}",
+        "Content-Type": "application/json"
+    }
 
-        response = requests.post(
+    async with aiohttp.ClientSession() as session:
+        async with session.post(
             f"{BACKEND_URL}/auth/admin/doctors",
-            json=payload,
+            json=doctor_data.dict(),
             headers=headers,
-            timeout=15
-        )
-
-        if response.status_code == 201:
-            return "✅ Doctor created successfully!"
-        
-        # Handle token expiration
-        if response.status_code == 401:
-            token = token_manager.refresh_token()
-            headers["Authorization"] = f"Bearer {token}"
-            response = requests.post(
-                f"{BACKEND_URL}/auth/admin/doctors",
-                json=payload,
-                headers=headers,
-                timeout=15
-            )
-            if response.status_code == 201:
-                return "✅ Doctor created successfully!"
-
-        error_detail = response.json().get("detail", "Unknown error")
-        return f"❌ Error: {error_detail} (Code: {response.status_code})"
-
-    except requests.exceptions.RequestException as e:
-        return f"❌ Network error: {str(e)}"
-    except Exception as e:
-        logger.error(f"Doctor creation failed: {str(e)}")
-        return f"❌ System error: {str(e)}"
+            timeout=aiohttp.ClientTimeout(total=15)
+        ) as response:
+            
+            if response.status == 201:
+                return {"success": True, "message": "Doctor created successfully"}
+            
+            error_detail = await response.text()
+            return {
+                "success": False,
+                "error": f"Error {response.status}: {error_detail}"
+            }
 
 # ======================
 # Gradio Interface
 # ======================
 
-admin_ui = gr.Blocks(
-    css="""
-    .gradio-container {
-        font-family: 'Segoe UI', sans-serif;
-        max-width: 800px;
-        margin: 0 auto;
-    }
-    .input-group {
-        margin-bottom: 1.5rem;
-    }
-    """
-)
+def sync_create_doctor(full_name: str, email: str, matricule: str, password: str, specialty: str) -> str:
+    """Wrapper to run async code in Gradio's sync context"""
+    try:
+        doctor_data = DoctorCreate(
+            full_name=full_name,
+            email=email,
+            license_number=matricule,
+            password=password,
+            specialty=specialty
+        )
+        
+        # Run async code in sync context
+        result = asyncio.run(create_doctor_api(doctor_data))
+        
+        if result["success"]:
+            return "✅ " + result["message"]
+        else:
+            return "❌ " + result["error"]
+            
+    except Exception as e:
+        logger.error(f"Doctor creation failed: {str(e)}")
+        return f"❌ System error: {str(e)}"
 
-with admin_ui:
-    gr.Markdown("# 👨‍⚕️ Doctor Account Management")
-    gr.Markdown("Create new doctor accounts with appropriate specialties")
+with gr.Blocks(title="Doctor Management", css=".gradio-container {max-width: 800px}") as admin_ui:
+    gr.Markdown("# 👨‍⚕️ Doctor Account Creator")
     
     with gr.Row():
         with gr.Column():
             full_name = gr.Textbox(label="Full Name", placeholder="Dr. First Last")
             email = gr.Textbox(label="Email", placeholder="doctor@hospital.org")
-            matricule = gr.Textbox(label="License Number")
+            license_num = gr.Textbox(label="License Number")
             
         with gr.Column():
             specialty = gr.Dropdown(
@@ -242,8 +248,8 @@ with admin_ui:
     output = gr.Textbox(label="Status", interactive=False)
     
     submit_btn.click(
-        fn=create_doctor,
-        inputs=[full_name, email, matricule, specialty, password],
+        fn=sync_create_doctor,
+        inputs=[full_name, email, license_num, specialty, password],
         outputs=output
     )
 
@@ -261,8 +267,8 @@ async def admin_auth(
     response: Response
 ):
     """Secure admin dashboard entry point"""
-    if (email != ADMIN_CREDENTIALS["email"] or 
-        not verify_password(password, pwd_context.hash(ADMIN_CREDENTIALS["password"]))):
+    if (email != ADMIN_EMAIL or 
+        not verify_password(password, pwd_context.hash(ADMIN_PASSWORD))):
         response.status_code = 401
         return HTMLResponse("""
             <h1>Access Denied</h1>
@@ -271,7 +277,22 @@ async def admin_auth(
     return RedirectResponse(url="/admin")
 
 # ======================
-# Application Entry
+# Startup Event
+# ======================
+
+@app.on_event("startup")
+async def startup_event():
+    """Verify we can connect to the backend on startup"""
+    try:
+        logger.info("Testing backend connection...")
+        await token_manager.get_token()
+        logger.info("Backend connection successful")
+    except Exception as e:
+        logger.error(f"Startup connection test failed: {str(e)}")
+        raise
+
+# ======================
+# Main Application
 # ======================
 
 if __name__ == "__main__":