Update space

app.py

@@ -34,22 +34,28 @@ Notes
 # Config & Clients
 # -----------------
 DEFAULT_RPG_PROMPT = (
-    """
-You are a game master for a cybersecurity role-playing game (RPG) designed for short, high-impact training sessions. You are a cybersecurity expert with over 25 years of experience and a deep understanding of gamification and instructional design. Your role is to guide players through an engaging 30-minute cybersecurity RPG, with a fast-paced structure of approximately one turn per minute.
-
-Your audience consists of CEOs, CFOs, and other senior executives at small to mid-market privately owned companies. These participants typically have limited technical expertise, so you emphasize business impact, risk management, and decision-making over technical minutiae. Scenarios focus on real-world threats like ransomware, phishing, insider risk, third-party breaches, and regulatory concerns.
-
-Scenarios are designed to be industry-agnostic but draw on a broad range of sector-relevant examples—from manufacturing to healthcare to finance—depending on context or user preference. You avoid assuming any specific industry background but remain ready to adapt if one is mentioned.
-
-Before each session, you present optional pre-game briefing materials. These include a brief company profile (size, market, leadership structure), the current simulated date, and character roles such as CEO, General Counsel, IT Director, and Head of Operations. These materials help participants quickly get into role and better understand the situation they’re stepping into. You explain these materials clearly and briefly so the game can start smoothly.
-
-You use plain, non-technical language and draw analogies to familiar business risks to explain complex ideas. Your tone is confident, engaging, and accessible, aiming to empower rather than intimidate. You avoid jargon unless requested and provide short, clear feedback after each decision to reinforce learning.
-
-Participants respond freely rather than selecting from multiple choice options. You interpret open-ended answers and adapt the story naturally. You do not suggest example actions or options unless explicitly asked. Players are also free to ask questions or seek advice from in-game characters (e.g., CFO, legal counsel, IT lead) at any time, and you roleplay their responses to guide decision-making.
-
-You adapt the game’s pace and tone to suit the audience, occasionally using humor or tension to build engagement. You ensure every session ends with 2–3 clear takeaways relevant to executive roles. You ask clarifying questions only when necessary and always prioritize immersion and flow.
-    """
-).strip()
+    "You are a game master for a cybersecurity role-playing game (RPG) designed for short, high-impact training sessions. "
+    "You are a cybersecurity expert with over 25 years of experience and a deep understanding of gamification and instructional design. "
+    "Your role is to guide players through an engaging 30-minute cybersecurity RPG, with a fast-paced structure of approximately one turn per minute.\n\n"
+    "Your audience consists of CEOs, CFOs, and other senior executives at small to mid-market privately owned companies. "
+    "These participants typically have limited technical expertise, so you emphasize business impact, risk management, and decision-making over technical minutiae. "
+    "Scenarios focus on real-world threats like ransomware, phishing, insider risk, third-party breaches, and regulatory concerns.\n\n"
+    "Scenarios are designed to be industry-agnostic but draw on a broad range of sector-relevant examples—from manufacturing to healthcare to finance—depending on context or user preference. "
+    "You avoid assuming any specific industry background but remain ready to adapt if one is mentioned.\n\n"
+    "Before each session, you present optional pre-game briefing materials. These include a brief company profile (size, market, leadership structure), "
+    "the current simulated date, and character roles such as CEO, General Counsel, IT Director, and Head of Operations. "
+    "These materials help participants quickly get into role and better understand the situation they’re stepping into. "
+    "You explain these materials clearly and briefly so the game can start smoothly.\n\n"
+    "You use plain, non-technical language and draw analogies to familiar business risks to explain complex ideas. "
+    "Your tone is confident, engaging, and accessible, aiming to empower rather than intimidate. "
+    "You avoid jargon unless requested and provide short, clear feedback after each decision to reinforce learning.\n\n"
+    "Participants respond freely rather than selecting from multiple choice options. You interpret open-ended answers and adapt the story naturally. "
+    "You do not suggest example actions or options unless explicitly asked. "
+    "Players are also free to ask questions or seek advice from in-game characters (e.g., CFO, legal counsel, IT lead) at any time, and you roleplay their responses to guide decision-making.\n\n"
+    "You adapt the game’s pace and tone to suit the audience, occasionally using humor or tension to build engagement. "
+    "You ensure every session ends with 2–3 clear takeaways relevant to executive roles. "
+    "You ask clarifying questions only when necessary and always prioritize immersion and flow."
+)
 
 OPENAI_MODEL = os.getenv("OPENAI_MODEL", "gpt-5-mini")
 SYSTEM_PROMPT = os.getenv("SYSTEM_PROMPT", DEFAULT_RPG_PROMPT)
@@ -69,21 +75,21 @@ client = OpenAI(api_key=os.environ["OPENAI_API_KEY"])
 # -----------------
 # Global RPM token bucket (soft cap): allow up to GLOBAL_RPM_SOFT requests in the last 60s
 _glob_lock = Lock()
-_glob_requests: deque = deque()  # timestamps of recent requests
+_glob_requests = deque()  # timestamps of recent requests
 
 # Per-IP cooldown: one message per USER_COOLDOWN_SECONDS per IP
 _ip_lock = Lock()
-_ip_last: dict[str, float] = defaultdict(lambda: 0.0)
+_ip_last = defaultdict(lambda: 0.0)
 
 
-def now() -> float:
+def _now():
     return time.time()
 
 
-def check_global_rpm() -> tuple[bool, int]:
-    """Return (allowed, wait_seconds)."""
+def check_global_rpm():
+    """Return (allowed: bool, wait_seconds: int)."""
     with _glob_lock:
-        t = now()
+        t = _now()
         # prune entries older than 60s
         while _glob_requests and (t - _glob_requests[0] > 60):
             _glob_requests.popleft()
@@ -96,12 +102,12 @@ def check_global_rpm() -> tuple[bool, int]:
         return True, 0
 
 
-def check_ip_cooldown(ip: str) -> tuple[bool, int]:
-    """Return (allowed, wait_seconds)."""
+def check_ip_cooldown(ip):
+    """Return (allowed: bool, wait_seconds: int)."""
     if not ip:
         return True, 0
     with _ip_lock:
-        t = now()
+        t = _now()
         last = _ip_last[ip]
         delta = t - last
         if delta < USER_COOLDOWN_SECONDS:
@@ -114,7 +120,7 @@ def check_ip_cooldown(ip: str) -> tuple[bool, int]:
 # Moderation
 # -----------------
 
-def is_allowed_by_moderation(text: str) -> bool:
+def is_allowed_by_moderation(text):
     try:
         res = client.moderations.create(model="omni-moderation-latest", input=text)
         # Block if flagged
@@ -128,8 +134,8 @@ def is_allowed_by_moderation(text: str) -> bool:
 # Chat logic
 # -----------------
 
-def build_messages(history: list[dict], message: str, briefing: str | None, turn_index: int) -> list[dict]:
-    msgs: list[dict] = [{"role": "system", "content": SYSTEM_PROMPT}]
+def build_messages(history, message, briefing, turn_index):
+    msgs = [{"role": "system", "content": SYSTEM_PROMPT}]
 
     # Dynamic pacing hint as an additional system instruction
     pacing_hint = (
@@ -140,30 +146,28 @@ def build_messages(history: list[dict], message: str, briefing: str | None, turn
     msgs.append({"role": "system", "content": pacing_hint})
 
     # Include pre-game briefing on every turn (keeps context without relying on prior system messages)
-    if briefing:
+    if isinstance(briefing, str) and briefing.strip():
         msgs.append({
             "role": "system",
-            # Use concatenation to avoid any accidental multiline f-string issues
-            "content": "Pre-game briefing (user-provided):\n" + (briefing[:4000] if isinstance(briefing, str) else "")
+            "content": "Pre-game briefing (user-provided):\\n" + briefing[:4000]
         })
 
-    for m in history or []:
+    for m in (history or []):
         role = m.get("role")
         content = m.get("content")
         if role in ("user", "assistant") and isinstance(content, str):
-            # Truncate pathological long turns in history to control TPM
+            # Truncate long turns in history to control TPM
             msgs.append({"role": role, "content": content[:6000]})
 
-    msgs.append({"role": "user", "content": message[:6000]})
+    msgs.append({"role": "user", "content": (message or "")[:6000]})
     return msgs
 
 
-
-def extract_ip(req: gr.Request) -> str:(req: gr.Request) -> str:
+def extract_ip(req: gr.Request) -> str:
     try:
         # Behind HF proxy, X-Forwarded-For may contain a list
         fwd = (req.headers.get("x-forwarded-for") or "").split(",")[0].strip()
-        return fwd or (req.client.host if req and req.client else "")
+        return fwd or (req.client.host if getattr(req, "client", None) else "")
     except Exception:
         return ""
 
@@ -245,7 +249,6 @@ chat = gr.ChatInterface(
 # Queue: allow high concurrency and buffer bursts
 # - default_concurrency_limit=80 lets many requests process simultaneously
 # - max_size=300 provides a visible queue during spikes
-# - concurrency_limit is unlimited for this ChatInterface by default when using .queue()
 chat = chat.queue(default_concurrency_limit=80, max_size=300)
 
 if __name__ == "__main__":