Hugging Face's logo

Spaces:
ai4data
/
data-use-annotation
Sleeping

App Files Community
rafmacalaba commited on
Commit
cddccaa
Β·
1 Parent(s): fabd779

security: gate app behind HF OAuth login

Browse files

- Unauthenticated users see a login screen instead of the app
- Document fetch skipped when no hf_user cookie
- Login card with centered 'Sign in with Hugging Face' button
- No data visible without signing in

Files changed (2) hide show
  1. app/globals.css +49 -0
  2. app/page.js +22 -5
app/globals.css CHANGED
@@ -94,6 +94,55 @@ h4 {
94
  background: var(--accent-hover);
95
  }
96
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
97
  .container {
98
  display: flex;
99
  width: 100%;
 
94
  background: var(--accent-hover);
95
  }
96
 
97
+ /* ── Login Gate ───────────────────────────────── */
98
+
99
+ .login-gate {
100
+ display: flex;
101
+ align-items: center;
102
+ justify-content: center;
103
+ width: 100%;
104
+ height: 100vh;
105
+ background: var(--bg-color);
106
+ }
107
+
108
+ .login-card {
109
+ text-align: center;
110
+ background: var(--pane-bg);
111
+ border: 1px solid var(--border-color);
112
+ border-radius: 16px;
113
+ padding: 48px 40px;
114
+ max-width: 420px;
115
+ box-shadow: 0 8px 32px rgba(0, 0, 0, 0.4);
116
+ }
117
+
118
+ .login-card h1 {
119
+ font-size: 1.6rem;
120
+ margin-bottom: 12px;
121
+ }
122
+
123
+ .login-card p {
124
+ color: #94a3b8;
125
+ margin-bottom: 28px;
126
+ line-height: 1.5;
127
+ }
128
+
129
+ .btn-login-large {
130
+ display: inline-block;
131
+ font-size: 1rem;
132
+ font-weight: 700;
133
+ color: #fff;
134
+ background: var(--accent);
135
+ padding: 12px 28px;
136
+ border-radius: 10px;
137
+ text-decoration: none;
138
+ transition: background 0.2s, transform 0.1s;
139
+ }
140
+
141
+ .btn-login-large:hover {
142
+ background: var(--accent-hover);
143
+ transform: translateY(-1px);
144
+ }
145
+
146
  .container {
147
  display: flex;
148
  width: 100%;
app/page.js CHANGED
@@ -62,12 +62,14 @@ export default function Home() {
62
  console.warn('Could not read hf_user cookie', e);
63
  }
64
 
65
- // 2. Fetch documents (filtered by user if logged in)
66
- const url = username
67
- ? `/api/documents?user=${encodeURIComponent(username)}`
68
- : '/api/documents';
 
69
 
70
- fetch(url)
 
71
  .then(res => res.json())
72
  .then(data => {
73
  setDocuments(data);
@@ -358,6 +360,21 @@ export default function Home() {
358
  );
359
  }
360
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
361
  return (
362
  <div className="app-wrapper">
363
  {/* Top bar with user identity */}
 
62
  console.warn('Could not read hf_user cookie', e);
63
  }
64
 
65
+ // Not signed in β€” don't fetch anything, show login screen
66
+ if (!username) {
67
+ setLoading(false);
68
+ return;
69
+ }
70
 
71
+ // 2. Fetch documents (filtered by user)
72
+ fetch(`/api/documents?user=${encodeURIComponent(username)}`)
73
  .then(res => res.json())
74
  .then(data => {
75
  setDocuments(data);
 
360
  );
361
  }
362
 
363
+ // Gate: require login
364
+ if (!annotatorName) {
365
+ return (
366
+ <div className="login-gate">
367
+ <div className="login-card">
368
+ <h1>🏷️ Annotation Tool</h1>
369
+ <p>Sign in with your Hugging Face account to start annotating.</p>
370
+ <a href="/api/auth/login" className="btn btn-login-large">
371
+ πŸ€— Sign in with Hugging Face
372
+ </a>
373
+ </div>
374
+ </div>
375
+ );
376
+ }
377
+
378
  return (
379
  <div className="app-wrapper">
380
  {/* Top bar with user identity */}