Update app.py

app.py

@@ -11,28 +11,12 @@ import secrets
 from datetime import datetime, timezone
 
 # ==================================================
-# App setup
-# ==================================================
-app = FastAPI()
-logging.basicConfig(level=logging.INFO)
-
-app.add_middleware(
-    CORSMiddleware,
-    allow_origins=["*"],
-    allow_methods=["*"],
-    allow_headers=["*"],
-)
-
-# ==================================================
-# Admin config
+# CONFIG
 # ==================================================
 ADMIN_PIN = os.environ.get("ADMIN_PIN", "4286")  # CHANGE THIS
 ADMIN_COOKIE = "admin_session"
 ADMIN_SESSIONS = set()
 
-# ==================================================
-# Storage
-# ==================================================
 DATA_ROOT = os.environ.get("PERSISTENT_DIR", "/data")
 VIDEO_DIR = os.path.join(DATA_ROOT, "videos")
 INDEX_FILE = os.path.join(DATA_ROOT, "index.json")
@@ -40,7 +24,20 @@ INDEX_FILE = os.path.join(DATA_ROOT, "index.json")
 os.makedirs(VIDEO_DIR, exist_ok=True)
 
 # ==================================================
-# Album mappings
+# APP SETUP
+# ==================================================
+app = FastAPI()
+logging.basicConfig(level=logging.INFO)
+
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"],
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
+# ==================================================
+# ALBUM METADATA
 # ==================================================
 ALBUM_PUBLISHERS = {
     "B2c5n8hH4uWRoAW": "Alex Rose",
@@ -61,33 +58,28 @@ ALBUM_CATEGORIES = {
 }
 
 # ==================================================
-# Admin helpers
-# ==================================================
-def is_admin(request: Request) -> bool:
-    return request.cookies.get(ADMIN_COOKIE) in ADMIN_SESSIONS
-
-# ==================================================
-# HTTP client
+# CLIENT
 # ==================================================
 async def get_client():
     if not hasattr(app.state, "client"):
-        app.state.client = httpx.AsyncClient(timeout=20)
+        app.state.client = httpx.AsyncClient(timeout=30)
     return app.state.client
 
 # ==================================================
-# Base62 helpers
+# BASE62
 # ==================================================
-BASE62 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
-BASE62_MAP = {c: i for i, c in enumerate(BASE62)}
+BASE_62_MAP = {c: i for i, c in enumerate(
+    "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
+)}
 
-def base62_to_int(s: str) -> int:
+def base62_to_int(token: str) -> int:
     n = 0
-    for c in s:
-        n = n * 62 + BASE62_MAP[c]
+    for c in token:
+        n = n * 62 + BASE_62_MAP[c]
     return n
 
 # ==================================================
-# iCloud helpers
+# ICLOUD HELPERS
 # ==================================================
 ICLOUD_HEADERS = {
     "Origin": "https://www.icloud.com",
@@ -96,12 +88,17 @@ ICLOUD_HEADERS = {
 ICLOUD_PAYLOAD = '{"streamCtag":null}'
 
 async def get_base_url(token: str) -> str:
-    n = base62_to_int(token[1:3] if token[0] != "A" else token[1])
+    n = base62_to_int(token[1:3])
     return f"https://p{n:02d}-sharedstreams.icloud.com/{token}/sharedstreams/"
 
 async def get_redirected_base_url(base_url: str, token: str) -> str:
     client = await get_client()
-    r = await client.post(base_url + "webstream", headers=ICLOUD_HEADERS, data=ICLOUD_PAYLOAD, follow_redirects=False)
+    r = await client.post(
+        f"{base_url}webstream",
+        headers=ICLOUD_HEADERS,
+        data=ICLOUD_PAYLOAD,
+        follow_redirects=False,
+    )
     if r.status_code == 330:
         host = r.json()["X-Apple-MMe-Host"]
         return f"https://{host}/{token}/sharedstreams/"
@@ -109,19 +106,20 @@ async def get_redirected_base_url(base_url: str, token: str) -> str:
 
 async def post_json(path: str, base_url: str, payload: str):
     client = await get_client()
-    r = await client.post(base_url + path, headers=ICLOUD_HEADERS, data=payload)
+    r = await client.post(f"{base_url}{path}", headers=ICLOUD_HEADERS, data=payload)
     r.raise_for_status()
     return r.json()
 
-async def get_metadata(base_url):
+async def get_metadata(base_url: str):
     return (await post_json("webstream", base_url, ICLOUD_PAYLOAD)).get("photos", [])
 
-async def get_asset_urls(base_url, guids):
-    payload = json.dumps({"photoGuids": guids})
-    return (await post_json("webasseturls", base_url, payload)).get("items", {})
+async def get_asset_urls(base_url: str, guids: list):
+    return (await post_json(
+        "webasseturls", base_url, json.dumps({"photoGuids": guids})
+    )).get("items", {})
 
 # ==================================================
-# Index helpers
+# INDEX HELPERS
 # ==================================================
 def load_index():
     if not os.path.exists(INDEX_FILE):
@@ -134,7 +132,7 @@ def save_index(data):
         json.dump(data, f, indent=2)
 
 # ==================================================
-# Downloader
+# DOWNLOADER
 # ==================================================
 async def download_file(url, path):
     client = await get_client()
@@ -145,12 +143,12 @@ async def download_file(url, path):
                 f.write(chunk)
 
 # ==================================================
-# Poll album
+# POLLING
 # ==================================================
 async def poll_album(token):
     base = await get_redirected_base_url(await get_base_url(token), token)
-    meta = await get_metadata(base)
-    guids = [p["photoGuid"] for p in meta]
+    metadata = await get_metadata(base)
+    guids = [p["photoGuid"] for p in metadata]
     assets = await get_asset_urls(base, guids)
 
     index = load_index()
@@ -159,15 +157,18 @@ async def poll_album(token):
     album_dir = os.path.join(VIDEO_DIR, token)
     os.makedirs(album_dir, exist_ok=True)
 
-    for p in meta:
+    for p in metadata:
         if p.get("mediaAssetType", "").lower() != "video":
             continue
         vid = p["photoGuid"]
         if vid in known:
             continue
 
-        derivatives = p.get("derivatives", {})
-        best = max((d for d in derivatives.values() if d), key=lambda d: int(d.get("fileSize") or 0), default=None)
+        best = max(
+            (d for k, d in p["derivatives"].items() if k.lower() != "posterframe"),
+            key=lambda d: int(d.get("fileSize") or 0),
+            default=None,
+        )
         if not best:
             continue
 
@@ -176,23 +177,25 @@ async def poll_album(token):
             continue
 
         video_path = os.path.join(album_dir, f"{vid}.mp4")
-        await download_file(f"https://{asset['url_location']}{asset['url_path']}", video_path)
+        await download_file(
+            f"https://{asset['url_location']}{asset['url_path']}", video_path
+        )
 
         thumb = ""
-        pf = derivatives.get("PosterFrame")
-        if pf and pf.get("checksum") in assets:
-            thumb_path = os.path.join(album_dir, f"{vid}.jpg")
-            await download_file(
-                f"https://{assets[pf['checksum']]['url_location']}{assets[pf['checksum']]['url_path']}",
-                thumb_path
-            )
-            thumb = f"/media/{token}/{vid}.jpg"
+        pf = p["derivatives"].get("PosterFrame")
+        if pf:
+            a = assets.get(pf["checksum"])
+            if a:
+                thumb = os.path.join(album_dir, f"{vid}.jpg")
+                await download_file(
+                    f"https://{a['url_location']}{a['url_path']}", thumb
+                )
 
         index["videos"].append({
             "id": vid,
             "name": p.get("caption") or "Untitled",
             "video_url": f"/media/{token}/{vid}.mp4",
-            "thumbnail": thumb,
+            "thumbnail": f"/media/{token}/{vid}.jpg" if thumb else "",
             "upload_date": p.get("creationDate") or datetime.now(timezone.utc).isoformat(),
             "category": ALBUM_CATEGORIES.get(token, "Uncategorized"),
             "publisher": ALBUM_PUBLISHERS.get(token, "Unknown"),
@@ -201,38 +204,41 @@ async def poll_album(token):
 
     save_index(index)
 
-# ==================================================
-# Startup polling
-# ==================================================
 @app.on_event("startup")
-async def start():
+async def start_polling():
     async def loop():
         while True:
-            for t in ALBUM_PUBLISHERS:
+            for token in ALBUM_PUBLISHERS:
                 try:
-                    await poll_album(t)
+                    await poll_album(token)
                 except Exception:
-                    logging.exception("Poll failed")
+                    logging.exception("Polling failed")
             await asyncio.sleep(60)
     asyncio.create_task(loop())
 
 # ==================================================
-# Feed
+# FEED
 # ==================================================
 @app.get("/feed/videos")
 async def feed():
     return load_index()
 
 # ==================================================
-# Admin login
+# ADMIN AUTH
+# ==================================================
+def is_admin(req: Request):
+    return req.cookies.get(ADMIN_COOKIE) in ADMIN_SESSIONS
+
+# ==================================================
+# ADMIN LOGIN
 # ==================================================
 @app.get("/admin/login", response_class=HTMLResponse)
 async def admin_login_page():
     return """
-    <form method="post" style="font-family:sans-serif;padding:40px">
-      <h2>Admin Login</h2>
-      <input name="pin" type="password" placeholder="PIN">
-      <button>Enter</button>
+    <form method="post">
+        <h2>Admin Login</h2>
+        <input name="pin" type="password"/>
+        <button>Enter</button>
     </form>
     """
 
@@ -240,18 +246,18 @@ async def admin_login_page():
 async def admin_login(pin: str = Form(...)):
     if pin != ADMIN_PIN:
         return HTMLResponse("Wrong PIN", status_code=401)
-    s = secrets.token_hex(16)
-    ADMIN_SESSIONS.add(s)
+    session = secrets.token_hex(16)
+    ADMIN_SESSIONS.add(session)
     r = RedirectResponse("/admin", 302)
-    r.set_cookie(ADMIN_COOKIE, s, httponly=True)
+    r.set_cookie(ADMIN_COOKIE, session, httponly=True)
     return r
 
 # ==================================================
-# Admin dashboard
+# ADMIN DASHBOARD
 # ==================================================
 @app.get("/admin", response_class=HTMLResponse)
-async def admin(request: Request):
-    if not is_admin(request):
+async def admin(req: Request):
+    if not is_admin(req):
         return RedirectResponse("/admin/login", 302)
 
     idx = load_index()
@@ -259,48 +265,52 @@ async def admin(request: Request):
     for v in idx["videos"]:
         rows += f"""
         <tr>
-          <td>{v['id']}</td>
-          <td><input value="{v['name']}" data-id="{v['id']}" data-field="name"></td>
-          <td><input value="{v['upload_date']}" data-id="{v['id']}" data-field="upload_date"></td>
-          <td><input value="{v['category']}" data-id="{v['id']}" data-field="category"></td>
-          <td><input value="{v['publisher']}" data-id="{v['id']}" data-field="publisher"></td>
-          <td><input value="{v['thumbnail']}" data-id="{v['id']}" data-field="thumbnail"></td>
+            <td>{v['id']}</td>
+            <td><input data-id="{v['id']}" data-field="name" value="{v['name']}"></td>
+            <td><input data-id="{v['id']}" data-field="upload_date" value="{v['upload_date']}"></td>
+            <td><input data-id="{v['id']}" data-field="category" value="{v['category']}"></td>
+            <td><input data-id="{v['id']}" data-field="publisher" value="{v['publisher']}"></td>
+            <td><input data-id="{v['id']}" data-field="thumbnail" value="{v['thumbnail']}"></td>
         </tr>
         """
 
     return f"""
     <table border=1>
-      <tr><th>ID</th><th>Name</th><th>Date</th><th>Category</th><th>Publisher</th><th>Thumbnail</th></tr>
-      {rows}
+        <tr><th>ID</th><th>Name</th><th>Date</th><th>Category</th><th>Publisher</th><th>Thumb</th></tr>
+        {rows}
     </table>
     <script>
     document.querySelectorAll("input").forEach(i=>{
-      i.onchange=()=>fetch("/admin/update", {{
-        method:"POST",
-        headers:{{"Content-Type":"application/json"}},
-        body:JSON.stringify({{id:i.dataset.id,field:i.dataset.field,value:i.value}})
-      }});
-    });
+        i.onchange=()=>fetch("/admin/update",{
+            method:"POST",
+            headers:{{"Content-Type":"application/json"}},
+            body:JSON.stringify({{
+                id:i.dataset.id,
+                field:i.dataset.field,
+                value:i.value
+            }})
+        })
+    })
     </script>
     """
 
 # ==================================================
-# Admin update
+# ADMIN UPDATE
 # ==================================================
 @app.post("/admin/update")
-async def admin_update(request: Request, payload: dict):
-    if not is_admin(request):
-        return JSONResponse({"error": "unauthorized"}, 403)
+async def admin_update(req: Request, payload: dict):
+    if not is_admin(req):
+        return JSONResponse({"error":"unauthorized"},403)
 
     idx = load_index()
     for v in idx["videos"]:
         if v["id"] == payload["id"]:
             v[payload["field"]] = payload["value"]
             save_index(idx)
-            return {"ok": True}
-    return {"error": "not found"}
+            return {"ok":True}
+    return {"error":"not found"}
 
 # ==================================================
-# Static media
+# MEDIA
 # ==================================================
 app.mount("/media", StaticFiles(directory=VIDEO_DIR), name="media")