Update app.py

app.py

@@ -2,15 +2,19 @@ import gradio as gr
 import requests
 import json
 import os
+import time
 import sqlite3
-from datetime import datetime, date
+import hashlib
+import secrets
+from datetime import datetime, timedelta
 
 # ============================================
 # 환경변수
 # ============================================
 FIREWORKS_API_KEY = os.getenv("FIREWORKS_API_KEY", "")
 FAL_KEY = os.getenv("FAL_KEY", "")
-ADMIN_PASSWORD = os.getenv("ADMIN_PASSWORD", "Time2175!@")  # 관리자 패스워드
+ADMIN_EMAIL = os.getenv("ADMIN_EMAIL", "arxivgpt@gmail.com")
+SECRET_KEY = os.getenv("SECRET_KEY", "change-this-secret-key-in-production")
 
 # Persistent Storage 경로 (HuggingFace Spaces)
 DATA_DIR = "/data" if os.path.exists("/data") else "./data"
@@ -18,7 +22,7 @@ DB_PATH = os.path.join(DATA_DIR, "app.db")
 
 # 설정
 DAILY_LIMIT_FREE = 10
-DAILY_LIMIT_ADMIN = 9999
+SESSION_EXPIRE_HOURS = 24 * 7
 
 # ============================================
 # 데이터베이스
@@ -33,12 +37,11 @@ def init_db():
     conn = get_db()
     cursor = conn.cursor()
     
-    # HF OAuth용 users 테이블 (password 필요 없음)
     cursor.execute('''
         CREATE TABLE IF NOT EXISTS users (
             id INTEGER PRIMARY KEY AUTOINCREMENT,
-            hf_username TEXT UNIQUE NOT NULL,
-            hf_name TEXT,
+            email TEXT UNIQUE NOT NULL,
+            password_hash TEXT NOT NULL,
             is_admin INTEGER DEFAULT 0,
             is_active INTEGER DEFAULT 1,
             daily_limit INTEGER DEFAULT 10,
@@ -47,6 +50,17 @@ def init_db():
         )
     ''')
     
+    cursor.execute('''
+        CREATE TABLE IF NOT EXISTS sessions (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            user_id INTEGER NOT NULL,
+            token TEXT UNIQUE NOT NULL,
+            expires_at TIMESTAMP NOT NULL,
+            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+            FOREIGN KEY (user_id) REFERENCES users (id)
+        )
+    ''')
+    
     cursor.execute('''
         CREATE TABLE IF NOT EXISTS generations (
             id INTEGER PRIMARY KEY AUTOINCREMENT,
@@ -72,80 +86,78 @@ def init_db():
     ''')
     
     conn.commit()
+    
+    # 기본 관리자 계정
+    cursor.execute("SELECT id FROM users WHERE email = ?", (ADMIN_EMAIL,))
+    if not cursor.fetchone():
+        admin_password = secrets.token_urlsafe(12)
+        password_hash = hash_password(admin_password)
+        cursor.execute(
+            "INSERT INTO users (email, password_hash, is_admin, daily_limit) VALUES (?, ?, 1, 9999)",
+            (ADMIN_EMAIL, password_hash)
+        )
+        conn.commit()
+        print(f"[ADMIN] 관리자 계정: {ADMIN_EMAIL} / {admin_password}")
+    
     conn.close()
-    print("✅ Database initialized")
 
 # ============================================
-# 사용자 관리 (HuggingFace OAuth)
+# 인증 유틸리티
 # ============================================
-def get_or_create_user(hf_username: str, hf_name: str = None) -> dict:
-    """HF 유저를 가져오거나 새로 생성"""
+def hash_password(password: str) -> str:
+    return hashlib.sha256((password + SECRET_KEY).encode()).hexdigest()
+
+def verify_password(password: str, password_hash: str) -> bool:
+    return hash_password(password) == password_hash
+
+def generate_session_token() -> str:
+    return secrets.token_urlsafe(32)
+
+def create_session(user_id: int) -> str:
     conn = get_db()
     cursor = conn.cursor()
-    
-    cursor.execute("SELECT * FROM users WHERE hf_username = ?", (hf_username,))
-    row = cursor.fetchone()
-    
-    if row:
-        # 기존 유저 - last_login 업데이트
-        cursor.execute("UPDATE users SET last_login = ? WHERE id = ?", (datetime.now(), row["id"]))
-        conn.commit()
-        user = {
-            "id": row["id"],
-            "hf_username": row["hf_username"],
-            "hf_name": row["hf_name"],
-            "is_admin": bool(row["is_admin"]),
-            "is_active": bool(row["is_active"]),
-            "daily_limit": row["daily_limit"]
-        }
-    else:
-        # 새 유저 생성 (일반 사용자로)
-        cursor.execute(
-            "INSERT INTO users (hf_username, hf_name, is_admin, daily_limit, last_login) VALUES (?, ?, ?, ?, ?)",
-            (hf_username, hf_name, 0, DAILY_LIMIT_FREE, datetime.now())
-        )
-        conn.commit()
-        user_id = cursor.lastrowid
-        user = {
-            "id": user_id,
-            "hf_username": hf_username,
-            "hf_name": hf_name,
-            "is_admin": False,
-            "is_active": True,
-            "daily_limit": DAILY_LIMIT_FREE
-        }
-        print(f"✅ New user created: {hf_username}")
-    
+    cursor.execute("DELETE FROM sessions WHERE user_id = ?", (user_id,))
+    token = generate_session_token()
+    expires_at = datetime.now() + timedelta(hours=SESSION_EXPIRE_HOURS)
+    cursor.execute(
+        "INSERT INTO sessions (user_id, token, expires_at) VALUES (?, ?, ?)",
+        (user_id, token, expires_at)
+    )
+    cursor.execute("UPDATE users SET last_login = ? WHERE id = ?", (datetime.now(), user_id))
+    conn.commit()
     conn.close()
-    return user
+    return token
 
-def get_user_by_username(hf_username: str) -> dict:
-    """유저네임으로 유저 조회"""
-    if not hf_username:
+def validate_session(token: str) -> dict:
+    if not token:
         return None
     conn = get_db()
     cursor = conn.cursor()
-    cursor.execute("SELECT * FROM users WHERE hf_username = ?", (hf_username,))
+    cursor.execute('''
+        SELECT u.id, u.email, u.is_admin, u.daily_limit, u.is_active
+        FROM sessions s JOIN users u ON s.user_id = u.id
+        WHERE s.token = ? AND s.expires_at > ? AND u.is_active = 1
+    ''', (token, datetime.now()))
     row = cursor.fetchone()
     conn.close()
     if row:
-        return {
-            "id": row["id"],
-            "hf_username": row["hf_username"],
-            "hf_name": row["hf_name"],
-            "is_admin": bool(row["is_admin"]),
-            "is_active": bool(row["is_active"]),
-            "daily_limit": row["daily_limit"]
-        }
+        return {"id": row["id"], "email": row["email"], "is_admin": bool(row["is_admin"]), "daily_limit": row["daily_limit"]}
     return None
 
+def delete_session(token: str):
+    conn = get_db()
+    cursor = conn.cursor()
+    cursor.execute("DELETE FROM sessions WHERE token = ?", (token,))
+    conn.commit()
+    conn.close()
+
 # ============================================
 # 사용량 관리
 # ============================================
 def get_daily_usage(user_id: int) -> int:
     conn = get_db()
     cursor = conn.cursor()
-    cursor.execute("SELECT count FROM daily_usage WHERE user_id = ? AND date = ?", (user_id, date.today()))
+    cursor.execute("SELECT count FROM daily_usage WHERE user_id = ? AND date = ?", (user_id, datetime.now().date()))
     row = cursor.fetchone()
     conn.close()
     return row["count"] if row else 0
@@ -153,7 +165,7 @@ def get_daily_usage(user_id: int) -> int:
 def increment_usage(user_id: int) -> int:
     conn = get_db()
     cursor = conn.cursor()
-    today = date.today()
+    today = datetime.now().date()
     cursor.execute('''
         INSERT INTO daily_usage (user_id, date, count) VALUES (?, ?, 1)
         ON CONFLICT(user_id, date) DO UPDATE SET count = count + 1
@@ -198,7 +210,7 @@ def get_user_generations(user_id: int, limit: int = 20) -> list:
 def get_all_users() -> list:
     conn = get_db()
     cursor = conn.cursor()
-    cursor.execute('SELECT id, hf_username, hf_name, is_admin, is_active, daily_limit, created_at, last_login FROM users ORDER BY created_at DESC')
+    cursor.execute('SELECT id, email, is_admin, is_active, daily_limit, created_at, last_login FROM users ORDER BY created_at DESC')
     rows = cursor.fetchall()
     conn.close()
     return [dict(row) for row in rows]
@@ -206,7 +218,7 @@ def get_all_users() -> list:
 def get_stats() -> dict:
     conn = get_db()
     cursor = conn.cursor()
-    today = date.today()
+    today = datetime.now().date()
     
     cursor.execute("SELECT COUNT(*) as count FROM users")
     total_users = cursor.fetchone()["count"]
@@ -221,12 +233,7 @@ def get_stats() -> dict:
     generations_today = cursor.fetchone()["count"]
     
     conn.close()
-    return {
-        "total_users": total_users,
-        "active_today": active_today,
-        "total_generations": total_generations,
-        "generations_today": generations_today
-    }
+    return {"total_users": total_users, "active_today": active_today, "total_generations": total_generations, "generations_today": generations_today}
 
 def update_user_limit(user_id: int, daily_limit: int) -> bool:
     conn = get_db()
@@ -236,13 +243,59 @@ def update_user_limit(user_id: int, daily_limit: int) -> bool:
     conn.close()
     return True
 
-def toggle_user_active(user_id: int) -> bool:
+# ============================================
+# 회원가입 / 로그인
+# ============================================
+def register_user(email: str, password: str, confirm_password: str) -> tuple:
+    if not email or not password:
+        return None, "❌ 이메일과 비밀번호를 입력해주세요."
+    if password != confirm_password:
+        return None, "❌ 비밀번호가 일치하지 않습니다."
+    if len(password) < 6:
+        return None, "❌ 비밀번호는 6자 이상이어야 합니다."
+    if "@" not in email:
+        return None, "❌ 올바른 이메일 형식이 아닙니다."
+    
     conn = get_db()
     cursor = conn.cursor()
-    cursor.execute("UPDATE users SET is_active = NOT is_active WHERE id = ?", (user_id,))
+    cursor.execute("SELECT id FROM users WHERE email = ?", (email,))
+    if cursor.fetchone():
+        conn.close()
+        return None, "❌ 이미 등록된 이메일입니다."
+    
+    password_hash = hash_password(password)
+    cursor.execute("INSERT INTO users (email, password_hash, daily_limit) VALUES (?, ?, ?)", (email, password_hash, DAILY_LIMIT_FREE))
     conn.commit()
+    user_id = cursor.lastrowid
     conn.close()
-    return True
+    
+    token = create_session(user_id)
+    return token, f"✅ 회원가입 완료! 환영합니다, {email}"
+
+def login_user(email: str, password: str) -> tuple:
+    if not email or not password:
+        return None, "❌ 이메일과 비밀번호를 입력해주세요."
+    
+    conn = get_db()
+    cursor = conn.cursor()
+    cursor.execute("SELECT id, password_hash, is_active FROM users WHERE email = ?", (email,))
+    row = cursor.fetchone()
+    conn.close()
+    
+    if not row:
+        return None, "❌ 등록되지 않은 이메일입니다."
+    if not row["is_active"]:
+        return None, "❌ 비활성화된 계정입니다."
+    if not verify_password(password, row["password_hash"]):
+        return None, "❌ 비밀번호가 올바르지 않습니다."
+    
+    token = create_session(row["id"])
+    return token, "✅ 로그인 성공!"
+
+def logout_user(token: str) -> str:
+    if token:
+        delete_session(token)
+    return "✅ 로그아웃되었습니다."
 
 # ============================================
 # API 함수들
@@ -292,6 +345,7 @@ def generate_image(prompt: str, fal_key: str, aspect_ratio: str = "1:1", resolut
     if not prompt.strip() or not fal_key.strip():
         return None
     
+    # FAL API - nano-banana-pro
     url = "https://fal.run/fal-ai/nano-banana-pro"
     headers = {"Authorization": f"Key {fal_key}", "Content-Type": "application/json"}
     
@@ -313,54 +367,37 @@ def generate_image(prompt: str, fal_key: str, aspect_ratio: str = "1:1", resolut
         print(f"이미지 생성 오류: {e}")
     return None
 
-def process_generation(original_prompt, aspect_ratio, resolution, request: gr.Request):
-    """이미지 생성 처리 - HF OAuth 사용"""
-    # 로그인 확인
-    if not request.username:
-        yield "❌ 로그인이 필요합니다. 상단에서 HuggingFace로 로그인해주세요.", None, None, None, "🔐 로그인이 필요합니다"
+def process_comparison_with_auth(original_prompt, session_token, fireworks_key, fal_key, aspect_ratio, resolution):
+    user = validate_session(session_token)
+    if not user:
+        yield "❌ 로그인이 필요합니다.", None, None, None, ""
         return
     
-    # 유저 정보 가져오기/생성
-    user = get_or_create_user(request.username)
-    admin_badge = " 👑 관리자" if user["is_admin"] else ""
-    
-    if not user["is_active"]:
-        yield "❌ 비활성화된 계정입니다.", None, None, None, f"**👋 {request.username}**{admin_badge} | ❌ 비활성화"
-        return
-    
-    # 사용량 확인
     allowed, current, limit = check_usage_limit(user["id"], user["daily_limit"])
     if not allowed:
-        yield f"❌ 일일 한도({limit}회) 초과", None, None, None, f"**👋 {request.username}**{admin_badge} | 사용량: {current}/{limit} ❌ 초과"
+        yield f"❌ 일일 한도({limit}회) 초과", None, None, None, f"{current}/{limit}"
         return
     
-    fw_key = FIREWORKS_API_KEY
-    fl_key = FAL_KEY
+    fw_key = fireworks_key if fireworks_key.strip() else FIREWORKS_API_KEY
+    fl_key = fal_key if fal_key.strip() else FAL_KEY
     
-    if not fw_key or not fl_key:
-        yield "❌ API 키가 설정되지 않았습니다.", None, None, None, f"**👋 {request.username}**{admin_badge} | 사용량: {current}/{limit}"
-        return
-    
-    status_base = f"**👋 {request.username}**{admin_badge}"
-    
-    yield f"⚡ 프롬프트 증강 중...", None, None, None, f"{status_base} | 사용량: {current}/{limit}"
+    yield f"⚡ 처리 중... ({current}/{limit})", None, None, None, f"{current}/{limit}"
     
     enhanced = enhance_prompt(original_prompt, fw_key)
     if enhanced.startswith("❌"):
-        yield enhanced, None, None, None, f"{status_base} | 사용량: {current}/{limit}"
+        yield enhanced, None, None, None, f"{current}/{limit}"
         return
     
-    yield "✅ 프롬프트 증강 완료\n⚡ 원본 이미지 생성 중...", enhanced, None, None, f"{status_base} | 사용량: {current}/{limit}"
+    yield "✅ 프롬프트 증강 완료\n⚡ 원본 이미지 생성 중...", enhanced, None, None, f"{current}/{limit}"
     original_image = generate_image(original_prompt, fl_key, aspect_ratio, resolution)
     
-    yield "✅ 원본 이미지 완료\n⚡ 증강 이미지 생성 중...", enhanced, original_image, None, f"{status_base} | 사용량: {current}/{limit}"
+    yield "✅ 원본 이미지 완료\n⚡ 증강 이미지 생성 중...", enhanced, original_image, None, f"{current}/{limit}"
     enhanced_image = generate_image(enhanced, fl_key, aspect_ratio, resolution)
     
-    # 사용량 증가 및 저장
     new_count = increment_usage(user["id"])
     save_generation(user["id"], original_prompt, enhanced, enhanced_image or original_image, "success" if enhanced_image else "partial")
     
-    yield f"✅ 완료! 사용량: {new_count}/{limit}", enhanced, original_image, enhanced_image, f"{status_base} | 사용량: {new_count}/{limit}"
+    yield f"✅ 완료! 사용량: {new_count}/{limit}", enhanced, original_image, enhanced_image, f"{new_count}/{limit}"
 
 # ============================================
 # CSS - 밝은 프로페셔널 테마
@@ -374,23 +411,29 @@ CUSTOM_CSS = """
     --primary-blue-dark: #1d4ed8;
     --accent-purple: #7c3aed;
     --accent-green: #10b981;
+    --accent-orange: #f59e0b;
     --bg-white: #ffffff;
     --bg-gray-50: #f9fafb;
     --bg-gray-100: #f3f4f6;
+    --bg-gray-200: #e5e7eb;
     --text-primary: #111827;
     --text-secondary: #4b5563;
     --text-muted: #9ca3af;
     --border-color: #e5e7eb;
     --shadow-sm: 0 1px 2px 0 rgba(0, 0, 0, 0.05);
-    --shadow-md: 0 4px 6px -1px rgba(0, 0, 0, 0.1);
+    --shadow-md: 0 4px 6px -1px rgba(0, 0, 0, 0.1), 0 2px 4px -1px rgba(0, 0, 0, 0.06);
+    --shadow-lg: 0 10px 15px -3px rgba(0, 0, 0, 0.1), 0 4px 6px -2px rgba(0, 0, 0, 0.05);
     --radius: 12px;
 }
 
+/* 메인 컨테이너 - 밝은 배경 */
 .gradio-container {
     background: linear-gradient(135deg, var(--bg-gray-50) 0%, var(--bg-white) 50%, var(--bg-gray-100) 100%) !important;
     font-family: 'Inter', -apple-system, BlinkMacSystemFont, sans-serif !important;
+    min-height: 100vh;
 }
 
+/* 타이틀 스타일 */
 .cyber-title {
     font-family: 'Poppins', sans-serif !important;
     font-size: 2.5rem !important;
@@ -400,50 +443,87 @@ CUSTOM_CSS = """
     -webkit-text-fill-color: transparent;
     background-clip: text;
     text-align: center;
+    letter-spacing: -0.5px;
 }
 
+/* 입력 필드 - 밝은 스타일 */
 .gradio-container textarea,
 .gradio-container input[type="text"],
-.gradio-container input[type="password"] {
+.gradio-container input[type="password"],
+.gradio-container input[type="email"] {
     background: var(--bg-white) !important;
     border: 2px solid var(--border-color) !important;
     border-radius: var(--radius) !important;
     color: var(--text-primary) !important;
     font-family: 'Inter', sans-serif !important;
+    font-size: 0.95rem !important;
+    padding: 12px 16px !important;
+    transition: all 0.2s ease !important;
 }
 
 .gradio-container textarea:focus,
 .gradio-container input:focus {
     border-color: var(--primary-blue) !important;
     box-shadow: 0 0 0 3px rgba(37, 99, 235, 0.1) !important;
+    outline: none !important;
+}
+
+.gradio-container textarea::placeholder,
+.gradio-container input::placeholder {
+    color: var(--text-muted) !important;
 }
 
+/* 라벨 스타일 */
 .gradio-container label {
     font-family: 'Inter', sans-serif !important;
     color: var(--text-primary) !important;
     font-weight: 600 !important;
+    font-size: 0.9rem !important;
+    margin-bottom: 6px !important;
+}
+
+/* 드롭다운 */
+.gradio-container select,
+.gradio-container .wrap-inner {
+    background: var(--bg-white) !important;
+    border: 2px solid var(--border-color) !important;
+    border-radius: var(--radius) !important;
+    color: var(--text-primary) !important;
 }
 
+/* 메인 버튼 - 블루 그라디언트 */
 .neon-button {
     background: linear-gradient(135deg, var(--primary-blue) 0%, var(--primary-blue-dark) 100%) !important;
     border: none !important;
     border-radius: var(--radius) !important;
     color: #ffffff !important;
     font-family: 'Inter', sans-serif !important;
+    font-size: 0.95rem !important;
     font-weight: 600 !important;
     padding: 12px 24px !important;
     box-shadow: var(--shadow-md), 0 4px 14px rgba(37, 99, 235, 0.25) !important;
+    transition: all 0.2s ease !important;
 }
 
 .neon-button:hover {
     background: linear-gradient(135deg, var(--primary-blue-light) 0%, var(--primary-blue) 100%) !important;
+    box-shadow: var(--shadow-lg), 0 6px 20px rgba(37, 99, 235, 0.35) !important;
     transform: translateY(-2px) !important;
 }
 
+/* 일반 버튼 */
+.gradio-container button {
+    border-radius: var(--radius) !important;
+    font-family: 'Inter', sans-serif !important;
+    transition: all 0.2s ease !important;
+}
+
+/* 탭 스타일 */
 .gradio-container .tabs {
     background: var(--bg-white) !important;
     border-radius: 16px !important;
     padding: 8px !important;
+    box-shadow: var(--shadow-sm) !important;
 }
 
 .gradio-container .tab-nav button {
@@ -451,6 +531,7 @@ CUSTOM_CSS = """
     color: var(--text-secondary) !important;
     border-radius: 10px !important;
     font-weight: 500 !important;
+    padding: 10px 20px !important;
 }
 
 .gradio-container .tab-nav button.selected {
@@ -458,158 +539,134 @@ CUSTOM_CSS = """
     color: #ffffff !important;
 }
 
-.user-info-box {
-    background: linear-gradient(135deg, #f0f9ff 0%, #e0f2fe 100%);
-    border: 1px solid #bae6fd;
-    border-radius: 12px;
-    padding: 16px;
-    margin-bottom: 16px;
+/* 아코디언 */
+.gradio-container .accordion {
+    background: var(--bg-white) !important;
+    border: 1px solid var(--border-color) !important;
+    border-radius: var(--radius) !important;
+    box-shadow: var(--shadow-sm) !important;
 }
 
-.admin-badge {
-    background: linear-gradient(135deg, #fef3c7 0%, #fde68a 100%);
-    color: #92400e;
-    padding: 4px 12px;
-    border-radius: 20px;
-    font-size: 0.85rem;
-    font-weight: 600;
+/* 마크다�� 텍스트 */
+.gradio-container .markdown-text {
+    color: var(--text-primary) !important;
 }
 
-/* 허깅페이스 푸터 숨기기 */
-footer {
-    display: none !important;
+.gradio-container .markdown-text h1,
+.gradio-container .markdown-text h2,
+.gradio-container .markdown-text h3 {
+    color: var(--text-primary) !important;
 }
 
-/* 허깅페이스 우측 상단 탭박스 숨기기 */
-#huggingface-space-header,
-.huggingface-space-header,
-div[id*="space-header"],
-div[class*="space-header"],
-.wrap.svelte-1rjryqp,
-div.wrap.svelte-1rjryqp,
-a[href*="huggingface.co/spaces"][target="_blank"],
-.built-with,
-.built-with-badge,
-div[style*="position: fixed"][style*="top"][style*="right"],
-div[style*="position: absolute"][style*="top: 0"][style*="right: 0"] {
-    display: none !important;
-    visibility: hidden !important;
-    opacity: 0 !important;
-    pointer-events: none !important;
+/* 테이블 */
+.gradio-container table {
+    background: var(--bg-white) !important;
+    border-radius: var(--radius) !important;
+    overflow: hidden !important;
 }
 
-/* Gradio LoginButton 스타일 오버라이드 */
-.hf-login-btn button,
-button.hf-login-btn,
-.hf-login-btn > button {
-    background: linear-gradient(135deg, #ff9d00 0%, #ffb347 100%) !important;
-    color: #000 !important;
+.gradio-container th {
+    background: var(--bg-gray-100) !important;
+    color: var(--text-primary) !important;
     font-weight: 600 !important;
-    font-size: 0.9rem !important;
-    padding: 10px 20px !important;
-    border-radius: 25px !important;
-    border: none !important;
-    cursor: pointer !important;
-    box-shadow: 0 4px 12px rgba(255, 157, 0, 0.3) !important;
-    transition: all 0.2s ease !important;
 }
 
-.hf-login-btn button:hover {
-    transform: translateY(-2px) !important;
-    box-shadow: 0 6px 16px rgba(255, 157, 0, 0.4) !important;
+.gradio-container td {
+    color: var(--text-secondary) !important;
+    border-color: var(--border-color) !important;
 }
 
-/* 로그아웃 버튼 */
-.logout-btn button,
-button.logout-btn {
-    background: #f3f4f6 !important;
-    color: #4b5563 !important;
-    font-weight: 500 !important;
-    font-size: 0.85rem !important;
-    padding: 8px 16px !important;
-    border-radius: 20px !important;
-    border: 1px solid #e5e7eb !important;
+/* 이미지 컨테이너 */
+.gradio-container .image-container {
+    background: var(--bg-white) !important;
+    border-radius: var(--radius) !important;
+    box-shadow: var(--shadow-md) !important;
+}
+
+/* 카드 스타일 박스 */
+.gradio-container .block {
+    background: var(--bg-white) !important;
+    border: 1px solid var(--border-color) !important;
+    border-radius: var(--radius) !important;
 }
 
-.logout-btn button:hover {
-    background: #e5e7eb !important;
+/* 슬라이더 */
+.gradio-container input[type="range"] {
+    accent-color: var(--primary-blue) !important;
 }
 
-/* 사용량 정보 */
-.usage-info {
-    display: flex;
-    align-items: center;
-    padding: 8px 16px;
-    background: #f0f9ff;
-    border-radius: 20px;
-    font-size: 0.9rem;
+/* 체크박스 */
+.gradio-container input[type="checkbox"] {
+    accent-color: var(--primary-blue) !important;
 }
 
-/* 헤더 Row */
-.header-row {
-    background: linear-gradient(135deg, #ffffff 0%, #f0f9ff 100%);
-    border-radius: 16px;
-    padding: 10px 20px;
-    margin-bottom: 20px;
-    box-shadow: 0 4px 6px -1px rgba(0, 0, 0, 0.1);
-    align-items: center;
+/* 상태 메시지 */
+.gradio-container .message {
+    border-radius: var(--radius) !important;
 }
 
-.hf-login-btn svg {
-    width: 20px;
-    height: 20px;
+/* 성공/에러 색상 */
+.success-text {
+    color: var(--accent-green) !important;
 }
 
-/* 로그인된 상태 배지 */
-.user-badge {
-    display: inline-flex !important;
-    visibility: visible !important;
-    opacity: 1 !important;
-    align-items: center;
-    gap: 8px;
-    background: linear-gradient(135deg, #10b981 0%, #34d399 100%);
-    color: #fff !important;
-    font-weight: 600;
-    font-size: 0.9rem;
-    padding: 10px 20px;
-    border-radius: 25px;
-    box-shadow: 0 4px 12px rgba(16, 185, 129, 0.3);
+.error-text {
+    color: #ef4444 !important;
 }
 
-.admin-crown {
-    color: #fbbf24;
+/* 데이터프레임 */
+.gradio-container .dataframe {
+    border-radius: var(--radius) !important;
+    overflow: hidden !important;
 }
 
-/* 헤더 컨테이너 */
-.header-container {
-    display: flex !important;
-    visibility: visible !important;
-    opacity: 1 !important;
-    justify-content: space-between;
-    align-items: center;
-    padding: 20px 30px;
-    background: linear-gradient(135deg, #ffffff 0%, #f0f9ff 100%);
-    border-radius: 16px;
-    margin-bottom: 20px;
-    box-shadow: 0 4px 6px -1px rgba(0, 0, 0, 0.1);
+/* 스크롤바 */
+::-webkit-scrollbar {
+    width: 8px;
+    height: 8px;
 }
 
-.header-left {
-    flex: 1;
+::-webkit-scrollbar-track {
+    background: var(--bg-gray-100);
+    border-radius: 4px;
 }
 
-.header-right {
-    display: flex;
-    align-items: center;
-    gap: 16px;
+::-webkit-scrollbar-thumb {
+    background: var(--bg-gray-300);
+    border-radius: 4px;
 }
 
-.usage-badge {
-    background: #f3f4f6;
-    padding: 8px 16px;
-    border-radius: 20px;
-    font-size: 0.85rem;
-    color: #4b5563;
+::-webkit-scrollbar-thumb:hover {
+    background: var(--text-muted);
+}
+
+/* 허깅페이스 배지 숨기기 */
+.built-with,
+.built-with-badge,
+a[href*="huggingface.co/spaces"],
+footer,
+.footer,
+#footer,
+.gradio-container > footer,
+div[class*="footer"],
+.space-info,
+.hf-space-header,
+[class*="space-header"],
+div.wrap.svelte-1rjryqp,
+.svelte-1rjryqp:has(a[href*="huggingface"]),
+a.svelte-1rjryqp[href*="huggingface"] {
+    display: none !important;
+    visibility: hidden !important;
+    opacity: 0 !important;
+    height: 0 !important;
+    width: 0 !important;
+    position: absolute !important;
+    pointer-events: none !important;
+}
+
+div[style*="position: fixed"][style*="right"],
+div[style*="position: fixed"][style*="top: 0"] {
+    display: none !important;
 }
 """
 
@@ -624,152 +681,49 @@ examples = [
     ["바다 위 일몰과 작은 돛단배"],
 ]
 
-def get_user_info(request: gr.Request):
-    """현재 로그인한 유저 정보 반환"""
-    if not request.username:
-        return "### 🔐 로그인이 필요합니다\n\n상단의 **HuggingFace로 로그인** 버튼을 클릭하세요.", ""
+with gr.Blocks(title="AI PROMPT ENHANCER", css=CUSTOM_CSS) as demo:
+    session_token = gr.State(value="")
     
-    user = get_or_create_user(request.username)
-    usage = get_daily_usage(user["id"])
-    
-    admin_badge = "👑 **관리자**" if user["is_admin"] else ""
-    
-    info = f"""### 👋 안녕하세요, **{request.username}**님! {admin_badge}
-
-| 항목 | 값 |
-|:-----|:-----|
-| 오늘 사용량 | **{usage}** / {user['daily_limit']} |
-| 계정 상태 | {'✅ 활성' if user['is_active'] else '❌ 비활성'} |
-"""
-    return info, f"{usage}/{user['daily_limit']}"
-
-def load_account_info(request: gr.Request):
-    """내 계정 정보 로드"""
-    if not request.username:
-        return "로그인이 필요합니다.", []
-    
-    user = get_or_create_user(request.username)
-    usage = get_daily_usage(user["id"])
-    
-    info = f"""### 👤 계정 정보
-
-| 항목 | 값 |
-|:-----|:-----|
-| HuggingFace ID | **{user['hf_username']}** |
-| 등급 | {'👑 관리자' if user['is_admin'] else '일반 사용자'} |
-| 일일 제한 | {user['daily_limit']}회 |
-| 오늘 사용량 | {usage}회 |
-| 계정 상태 | {'✅ 활성' if user['is_active'] else '❌ 비활성'} |
-"""
-    
-    history = get_user_generations(user["id"])
-    history_data = [[h["original_prompt"][:50]+"..." if h["original_prompt"] else "", h["created_at"], h["status"]] for h in history]
-    
-    return info, history_data
-
-def admin_login(password):
-    """관리자 패스워드 인증"""
-    if password == ADMIN_PASSWORD:
-        stats = get_stats()
-        stats_md = f"""### 📊 통계
-
-| 지표 | 값 |
-|:-----|:-----|
-| 총 사용자 | {stats['total_users']} |
-| 오늘 활성 | {stats['active_today']} |
-| 총 생성 | {stats['total_generations']} |
-| 오늘 생성 | {stats['generations_today']} |
-"""
-        users = get_all_users()
-        users_data = [[u["id"], u["hf_username"], "✅" if u["is_admin"] else "", "✅" if u["is_active"] else "❌", u["daily_limit"], str(u["created_at"])[:19] if u["created_at"] else ""] for u in users]
-        
-        return "✅ 관리자 인증 성공!", gr.update(visible=True), gr.update(visible=True), stats_md, users_data
-    else:
-        return "❌ 패스워드가 틀립니다.", gr.update(visible=False), gr.update(visible=False), "", []
-
-def load_admin_panel_refresh():
-    """관리자 패널 새로고침"""
-    stats = get_stats()
-    stats_md = f"""### 📊 통계
-
-| 지표 | 값 |
-|:-----|:-----|
-| 총 사용자 | {stats['total_users']} |
-| 오늘 활성 | {stats['active_today']} |
-| 총 생성 | {stats['total_generations']} |
-| 오늘 생성 | {stats['generations_today']} |
-"""
-    users = get_all_users()
-    users_data = [[u["id"], u["hf_username"], "✅" if u["is_admin"] else "", "✅" if u["is_active"] else "❌", u["daily_limit"], str(u["created_at"])[:19] if u["created_at"] else ""] for u in users]
-    
-    return stats_md, users_data
-
-def admin_toggle_user(user_id):
-    """유저 활성화/비활성화"""
-    toggle_user_active(int(user_id))
-    return "✅ 상태 변경됨"
-
-def admin_change_limit(user_id, new_limit):
-    """유저 일일 제한 변경"""
-    update_user_limit(int(user_id), int(new_limit))
-    return f"✅ 제한 변경됨: {int(new_limit)}"
-
-# Gradio 앱 빌드
-with gr.Blocks(title="AI PROMPT ENHANCER") as demo:
-    
-    # CSS 주입 + 커스텀 도메인 리다이렉트 스크립트
-    gr.HTML(f"""
-    <style>{CUSTOM_CSS}</style>
-    <script>
-        // 페이지 로드 즉시 실행
-        const currentHost = window.location.hostname;
-        const customDomain = '1street.ai';
-        
-        // huggingface.co 또는 hf.space 도메인이면 커스텀 도메인으로 리다이렉트
-        if (currentHost.includes('huggingface.co') || currentHost.includes('hf.space')) {{
-            window.location.href = 'https://' + customDomain;
-        }}
-        
-        // DOM 로드 후에도 체크
-        document.addEventListener('DOMContentLoaded', function() {{
-            if (window.location.hostname.includes('huggingface.co') || window.location.hostname.includes('hf.space')) {{
-                window.location.href = 'https://' + customDomain;
-            }}
-        }});
-    </script>
-    <noscript>
-        <meta http-equiv="refresh" content="0;url=https://1street.ai">
-    </noscript>
-    """)
-    
-    # 헤더 영역
-    with gr.Row():
-        with gr.Column(scale=4):
-            gr.HTML('''
-                <div style="padding: 15px 0;">
-                    <h1 class="cyber-title" style="margin:0; font-size:2rem;">🚀 PROMPT ENHANCER</h1>
-                    <p style="color: #4b5563; font-size: 0.95rem; margin: 4px 0 0 0;">AI-Powered Image Generation</p>
-                </div>
-            ''')
-        with gr.Column(scale=1, min_width=200):
-            gr.HTML('''
-                <a href="/login/huggingface?_target_url=https://1street.ai" 
-                   style="display: inline-flex; align-items: center; gap: 8px;
-                          background: linear-gradient(135deg, #ff9d00 0%, #ffb347 100%);
-                          color: #000; font-weight: 600; font-size: 0.9rem;
-                          padding: 10px 20px; border-radius: 25px; text-decoration: none;
-                          box-shadow: 0 4px 12px rgba(255, 157, 0, 0.3);">
-                    🤗 로그인
-                </a>
-            ''')
-    
-    # 유저 정보 표시
-    user_status = gr.Markdown("")
-    usage_info = gr.Markdown("")
+    gr.HTML('''
+    <div style="text-align:center; padding:40px 20px; background: linear-gradient(135deg, #ffffff 0%, #f0f9ff 100%); border-radius: 16px; margin-bottom: 20px; box-shadow: 0 4px 6px -1px rgba(0, 0, 0, 0.1);">
+        <h1 class="cyber-title">🚀 PROMPT ENHANCER</h1>
+        <p style="color: #4b5563; font-size: 1.1rem; margin-top: 8px;">AI-Powered Image Generation Platform</p>
+    </div>
+    ''')
     
     with gr.Tabs() as tabs:
-        # Tab 1: 이미지 생성
+        # Tab 1: 로그인
+        with gr.Tab("🔐 로그인"):
+            with gr.Row():
+                with gr.Column(scale=1):
+                    pass
+                with gr.Column(scale=2):
+                    with gr.Tabs():
+                        with gr.Tab("로그인"):
+                            login_email = gr.Textbox(label="이메일", placeholder="your@email.com")
+                            login_password = gr.Textbox(label="비밀번호", type="password")
+                            login_btn = gr.Button("로그인", elem_classes=["neon-button"])
+                            login_status = gr.Markdown("")
+                        with gr.Tab("회원가입"):
+                            reg_email = gr.Textbox(label="이메일", placeholder="your@email.com")
+                            reg_password = gr.Textbox(label="비밀번호", type="password", placeholder="6자 이상")
+                            reg_confirm = gr.Textbox(label="비밀번호 확인", type="password")
+                            reg_btn = gr.Button("회원가입", elem_classes=["neon-button"])
+                            reg_status = gr.Markdown("")
+                    current_user_display = gr.Markdown("로그인하지 않음")
+                    logout_btn = gr.Button("로그아웃", visible=False)
+                with gr.Column(scale=1):
+                    pass
+        
+        # Tab 2: 메인 서비스
         with gr.Tab("✨ 이미지 생성"):
+            usage_display = gr.Markdown("사용량: 로그인 필요")
+            
+            with gr.Accordion("⚙️ API 설정", open=False):
+                with gr.Row():
+                    fireworks_key_input = gr.Textbox(label="FIREWORKS API KEY", placeholder="환경변수 사용", type="password")
+                    fal_key_input = gr.Textbox(label="FAL API KEY", placeholder="환경변수 사용", type="password")
+            
             with gr.Row():
                 with gr.Column(scale=2):
                     prompt_input = gr.Textbox(label="프롬프트 입력", placeholder="생성할 이미지를 설명해주세요...", lines=4)
@@ -790,72 +744,102 @@ with gr.Blocks(title="AI PROMPT ENHANCER") as demo:
                     gr.Markdown("### ✨ 증강")
                     enhanced_image_output = gr.Image(label="", height=400)
         
-        # Tab 2: 내 계정
+        # Tab 3: 내 계정
         with gr.Tab("👤 내 계정") as account_tab:
             account_info = gr.Markdown("로그인이 필요합니다.")
             history_display = gr.Dataframe(headers=["프롬프트", "생성일시", "상태"], interactive=False)
             refresh_history_btn = gr.Button("🔄 새로고침")
         
-        # Tab 3: ���리자
+        # Tab 4: 관리자
         with gr.Tab("🛠️ 관리자") as admin_tab:
-            admin_auth_status = gr.Markdown("🔐 관리자 패스워드를 입력하세요.")
-            with gr.Row():
-                admin_password_input = gr.Textbox(label="관리자 패스워드", type="password", placeholder="패스워드 입력")
-                admin_login_btn = gr.Button("🔓 인증", size="sm")
-            
+            admin_auth_status = gr.Markdown("관리자 권한이 필요합니다.")
             with gr.Row(visible=False) as admin_panel:
                 with gr.Column():
+                    gr.Markdown("### 📊 통계")
                     stats_display = gr.Markdown("")
-                    refresh_stats_btn = gr.Button("📊 통계 새로고침")
+                    refresh_stats_btn = gr.Button("통계 새로고침")
                 with gr.Column():
                     gr.Markdown("### 👥 사용자 관리")
-                    users_table = gr.Dataframe(headers=["ID", "HF Username", "관리자", "활성", "일일제한", "가입일"], interactive=False)
-                    refresh_users_btn = gr.Button("🔄 사용자 새로고침")
+                    users_table = gr.Dataframe(headers=["ID", "이메일", "관리자", "활성", "일일제한", "가입일"], interactive=False)
+                    refresh_users_btn = gr.Button("사용자 새로고침")
             with gr.Row(visible=False) as admin_actions:
                 user_id_input = gr.Number(label="사용자 ID", precision=0)
                 toggle_active_btn = gr.Button("활성화/비활성화")
                 new_limit = gr.Number(label="새 일일 제한", value=10, precision=0)
                 update_limit_btn = gr.Button("제한 변경")
                 admin_action_status = gr.Markdown("")
-    
+
     # ========== 이벤트 핸들러 ==========
-    
-    # 페이지 로드 시 유저 상태 표시
-    def show_user_status(request: gr.Request):
-        if request.username:
-            user = get_or_create_user(request.username)
-            usage = get_daily_usage(user["id"])
-            admin_badge = " 👑 관리자" if user["is_admin"] else ""
-            return f"**👋 {request.username}**{admin_badge} | 사용량: {usage}/{user['daily_limit']}"
-        return "🔐 로그인이 필요합니다"
-    
-    def show_usage_info(request: gr.Request):
-        if request.username:
-            user = get_or_create_user(request.username)
-            usage = get_daily_usage(user["id"])
-            return f"📊 **{usage}/{user['daily_limit']}**"
-        return ""
-    
-    demo.load(show_user_status, None, [user_status])
-    demo.load(show_usage_info, None, [usage_info])
-    
-    # 이미지 생성
-    generate_btn.click(
-        process_generation,
-        [prompt_input, aspect_ratio, resolution],
-        [status_text, enhanced_output, original_image_output, enhanced_image_output, user_status]
-    )
-    
-    # 내 계정 탭
-    account_tab.select(load_account_info, None, [account_info, history_display])
-    refresh_history_btn.click(load_account_info, None, [account_info, history_display])
-    
-    # 관리자 탭 - 패스워드 인증
-    admin_login_btn.click(admin_login, [admin_password_input], [admin_auth_status, admin_panel, admin_actions, stats_display, users_table])
-    refresh_stats_btn.click(load_admin_panel_refresh, None, [stats_display, users_table])
-    refresh_users_btn.click(load_admin_panel_refresh, None, [stats_display, users_table])
-    toggle_active_btn.click(admin_toggle_user, [user_id_input], [admin_action_status])
-    update_limit_btn.click(admin_change_limit, [user_id_input, new_limit], [admin_action_status])
+    def do_login(email, password):
+        token, msg = login_user(email, password)
+        if token:
+            user = validate_session(token)
+            user_info = f"✅ **{user['email']}**" + (" (관리자)" if user['is_admin'] else "")
+            return token, msg, user_info, gr.update(visible=True)
+        return "", msg, "로그인하지 않음", gr.update(visible=False)
+    
+    def do_register(email, password, confirm):
+        token, msg = register_user(email, password, confirm)
+        if token:
+            user = validate_session(token)
+            return token, msg, f"✅ **{user['email']}**", gr.update(visible=True)
+        return "", msg, "로그인하지 않음", gr.update(visible=False)
+    
+    def do_logout(token):
+        logout_user(token)
+        return "", "로그인하지 않음", gr.update(visible=False), "✅ 로그아웃됨"
+    
+    def load_account_info(token):
+        user = validate_session(token)
+        if not user:
+            return "로그인이 필요합니다.", []
+        info = f"### 👤 계정 정보\n- **이메일**: {user['email']}\n- **등급**: {'관리자' if user['is_admin'] else '일반'}\n- **일일 제한**: {user['daily_limit']}회\n- **오늘 사용량**: {get_daily_usage(user['id'])}회"
+        history = get_user_generations(user["id"])
+        history_data = [[h["original_prompt"][:50]+"...", h["created_at"], h["status"]] for h in history]
+        return info, history_data
+    
+    def load_admin_panel(token):
+        user = validate_session(token)
+        if not user or not user["is_admin"]:
+            return "❌ 관리자 권한이 필요합니다.", gr.update(visible=False), gr.update(visible=False), "", []
+        stats = get_stats()
+        stats_md = f"| 지표 | 값 |\n|---|---|\n| 총 사용자 | {stats['total_users']} |\n| 오늘 활성 | {stats['active_today']} |\n| 총 생성 | {stats['total_generations']} |\n| 오늘 생성 | {stats['generations_today']} |"
+        users = get_all_users()
+        users_data = [[u["id"], u["email"], "✅" if u["is_admin"] else "", "✅" if u["is_active"] else "❌", u["daily_limit"], u["created_at"]] for u in users]
+        return "✅ 관리자 패널", gr.update(visible=True), gr.update(visible=True), stats_md, users_data
+    
+    def toggle_user_active(token, user_id):
+        user = validate_session(token)
+        if not user or not user["is_admin"]:
+            return "❌ 권한 없음"
+        conn = get_db()
+        cursor = conn.cursor()
+        cursor.execute("UPDATE users SET is_active = NOT is_active WHERE id = ?", (int(user_id),))
+        conn.commit()
+        conn.close()
+        return "✅ 상태 변경됨"
+    
+    def change_user_limit(token, user_id, new_limit):
+        user = validate_session(token)
+        if not user or not user["is_admin"]:
+            return "❌ 권한 없음"
+        update_user_limit(int(user_id), int(new_limit))
+        return f"✅ 제한 변경됨: {int(new_limit)}"
+
+    # 이벤트 바인딩
+    login_btn.click(do_login, [login_email, login_password], [session_token, login_status, current_user_display, logout_btn])
+    reg_btn.click(do_register, [reg_email, reg_password, reg_confirm], [session_token, reg_status, current_user_display, logout_btn])
+    logout_btn.click(do_logout, [session_token], [session_token, current_user_display, logout_btn, login_status])
+    generate_btn.click(process_comparison_with_auth, [prompt_input, session_token, fireworks_key_input, fal_key_input, aspect_ratio, resolution], [status_text, enhanced_output, original_image_output, enhanced_image_output, usage_display])
+    refresh_history_btn.click(load_account_info, [session_token], [account_info, history_display])
+    refresh_stats_btn.click(load_admin_panel, [session_token], [admin_auth_status, admin_panel, admin_actions, stats_display, users_table])
+    refresh_users_btn.click(load_admin_panel, [session_token], [admin_auth_status, admin_panel, admin_actions, stats_display, users_table])
+    toggle_active_btn.click(toggle_user_active, [session_token, user_id_input], [admin_action_status])
+    update_limit_btn.click(change_user_limit, [session_token, user_id_input, new_limit], [admin_action_status])
+    
+    # 탭 선택 시 자동 로드
+    admin_tab.select(load_admin_panel, [session_token], [admin_auth_status, admin_panel, admin_actions, stats_display, users_table])
+    account_tab.select(load_account_info, [session_token], [account_info, history_display])
 
 if __name__ == "__main__":
     demo.launch()