Update app.py

app.py

@@ -8,27 +8,37 @@ from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
 
 # File where encrypted data is stored
 VAULT_FILE = "passwords.json"
+FAILED_ATTEMPTS = 0
+MAX_ATTEMPTS = 5
 
-# --- Encryption Logic ---
+# --- Core Security Logic ---
 
 def get_cipher(master_password):
-    salt = b'nutech_hassan_salt_123' 
+    """Derives a strong AES-256 key from the master password."""
+    # Salt adds randomness to the key derivation
+    salt = b'hassan_naseer_secure_salt_2026' 
     kdf = PBKDF2HMAC(
         algorithm=hashes.SHA256(),
         length=32,
         salt=salt,
-        iterations=100000,
+        iterations=150000, # Increased iterations for better security
     )
     key = base64.urlsafe_b64encode(kdf.derive(master_password.encode()))
     return Fernet(key)
 
 def process_vault(action, master_pwd, service=None, secret=None):
+    global FAILED_ATTEMPTS
+    
+    if FAILED_ATTEMPTS >= MAX_ATTEMPTS:
+        return "🛑 SECURITY LOCKOUT: Too many failed attempts. Access disabled."
+
     if not master_pwd:
-        return "⚠️ Please enter your Master Password first!"
+        return "⚠️ Master Password required to access Vault."
 
     try:
         cipher = get_cipher(master_pwd)
         
+        # Load the encrypted vault
         if os.path.exists(VAULT_FILE):
             with open(VAULT_FILE, "r") as f:
                 vault = json.load(f)
@@ -38,59 +48,75 @@ def process_vault(action, master_pwd, service=None, secret=None):
         if action == "Save":
             if not service or not secret:
                 return "⚠️ Service name and Password are required!"
+            
+            # Encrypt the password before saving
             encrypted_data = cipher.encrypt(secret.encode()).decode()
             vault[service] = encrypted_data
+            
             with open(VAULT_FILE, "w") as f:
                 json.dump(vault, f)
-            return f"✅ Successfully encrypted and saved password for {service}."
+            
+            FAILED_ATTEMPTS = 0 # Reset on success
+            return f"✅ Encrypted & Saved: {service}"
 
         elif action == "Retrieve":
             if not service:
-                return "⚠️ Enter a service name to search."
+                return "⚠️ Enter a service name to decrypt."
             if service not in vault:
                 return f"❌ No record found for '{service}'."
+            
+            # Decrypt the password
             decrypted_data = cipher.decrypt(vault[service].encode()).decode()
+            
+            FAILED_ATTEMPTS = 0 # Reset on success
             return f"🔑 Password for {service}: {decrypted_data}"
 
     except Exception:
-        return "🚫 Access Denied: Incorrect Master Password or corrupted data."
+        FAILED_ATTEMPTS += 1
+        remaining = MAX_ATTEMPTS - FAILED_ATTEMPTS
+        return f"🚫 Access Denied! {remaining} attempts remaining."
 
-# --- UI Setup ---
+# --- UI Styling ---
 
 custom_css = """
-.gradio-container { max-width: 700px; margin: auto; }
-.header-text { text-align: center; margin-bottom: 20px; }
+.gradio-container { max-width: 750px; margin: auto; padding: 20px; }
+.header-box { text-align: center; margin-bottom: 25px; border-bottom: 1px solid #ddd; padding-bottom: 10px; }
+@media (max-width: 768px) {
+    .gradio-container { padding: 10px; }
+    h1 { font-size: 1.5em !important; }
+}
 """
 
 with gr.Blocks() as demo:
     gr.HTML("""
-        <div class="header-text">
-            <h1 style="display:inline;">🔐 SecureVault Manager</h1>
-            <span style="font-size: 14px; color: grey;"> | Developed by Hassan Naseer</span>
+        <div class="header-box">
+            <h1 style="display:inline; color: #2d3436;">🔐 SecureVault Manager</h1>
+            <p style="font-size: 0.9em; color: #636e72;">Developed by Hassan Naseer | AES-256 Encryption</p>
         </div>
     """)
 
     with gr.Row():
         master_key = gr.Textbox(
-            label="Master Password", 
+            label="Unlock Vault with Master Password", 
             type="password", 
-            placeholder="Enter your Master Password to unlock"
+            placeholder="Enter Master Password..."
         )
 
     with gr.Tabs():
-        with gr.Tab(label="➕ Add New"):
-            svc = gr.Textbox(label="Service Name", placeholder="e.g., GitHub")
-            pwd = gr.Textbox(label="Password", type="password", placeholder="Enter password")
-            save_btn = gr.Button("Encrypt & Save", variant="primary")
+        with gr.Tab(label="📥 Add Password"):
+            with gr.Column():
+                svc = gr.Textbox(label="Service", placeholder="e.g., Google, Bank, GitHub")
+                pwd = gr.Textbox(label="Password to Protect", type="password")
+                save_btn = gr.Button("🔒 Encrypt & Store", variant="primary")
 
-        with gr.Tab(label="🔍 Retrieve"):
-            search_svc = gr.Textbox(label="Service Name", placeholder="e.g., GitHub")
-            get_btn = gr.Button("Decrypt & Reveal", variant="secondary")
+        with gr.Tab(label="🔓 Retrieve Password"):
+            with gr.Column():
+                search_svc = gr.Textbox(label="Service Name", placeholder="Enter service to search")
+                get_btn = gr.Button("🔑 Decrypt & Show", variant="secondary")
 
-    status_output = gr.Textbox(label="Vault Status", interactive=False)
+    status_output = gr.Textbox(label="Operation Status", interactive=False)
 
-    # --- FIXED EVENT HANDLERS ---
-    # We use lambda to pass the "Save" and "Retrieve" strings correctly
+    # --- Event Handlers using Lambda to fix the AttributeError ---
     save_btn.click(
         fn=lambda m, s, p: process_vault("Save", m, s, p),
         inputs=[master_key, svc, pwd],
@@ -104,4 +130,5 @@ with gr.Blocks() as demo:
     )
 
 if __name__ == "__main__":
-    demo.launch(css=custom_css)
+    # Launch with Gradio 6 compatibility
+    demo.launch(css=custom_css, title="SecureVault | Hassan Naseer")