deploy

Dockerfile

@@ -1,30 +1,26 @@
-# Minimal Dockerfile for Flask app on Hugging Face Spaces (no DB/ODBC bits)
-
+# Dockerfile
 FROM python:3.11-slim
 
-# Avoid interactive prompts
 ENV DEBIAN_FRONTEND=noninteractive
+ENV ACCEPT_EULA=Y
 
-# (Optional) system tools you may want; safe to keep
+# unixODBC + Microsoft repo + ODBC 17
 RUN apt-get update && apt-get install -y --no-install-recommends \
-    curl ca-certificates \
+    curl gnupg apt-transport-https ca-certificates build-essential unixodbc unixodbc-dev \
+ && curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add - \
+ && curl https://packages.microsoft.com/config/debian/12/prod.list > /etc/apt/sources.list.d/mssql-release.list \
+ && apt-get update \
+ && apt-get install -y --no-install-recommends msodbcsql17 \
  && rm -rf /var/lib/apt/lists/*
 
-# Workdir
 WORKDIR /app
 
-# Install Python deps
 COPY requirements.txt /app/
 RUN pip install --no-cache-dir -r requirements.txt
 
-# Copy app
 COPY server.py /app/
 
-# HF injects PORT; default for local run
 ENV PORT=7860
-
-# Expose for clarity (optional)
 EXPOSE 7860
 
-# Start the app
 CMD ["python", "server.py"]

requirements.txt

@@ -3,4 +3,5 @@ flask-cors==4.0.1
 pyodbc==5.1.0
 pydantic==2.8.2
 langchain-core==0.3.29    # any >=0.3.12,<0.4.0 works
-langchain-openai==0.2.3
+langchain-openai==0.2.3
+python-dotenv==1.0.1

server.py

@@ -1,12 +1,24 @@
 # server.py
+# -----------------------------------------------------------------------------
+# Unified Py-Match Service (Flask)
+# - Local Windows: Trusted_Connection to SQL Server (e.g., localhost\SQLEXPRESS)
+# - Cloud (AWS RDS / Hugging Face): SQL auth via UID/PWD + Encrypt
+# - ODBC driver name defaults to {ODBC Driver 17 for SQL Server}
+# -----------------------------------------------------------------------------
+
 import os, uuid, json, random, threading, hashlib
 from typing import Dict, List, Optional, Literal
 from datetime import datetime
 
-from flask import Flask, request, jsonify
+from flask import Flask, request, jsonify, make_response
 from flask_cors import CORS
+from dotenv import load_dotenv
 import pyodbc
 
+# Load .env first
+BASEDIR = os.path.abspath(os.path.dirname(__file__))
+load_dotenv(os.path.join(BASEDIR, ".env"))
+
 # ---------- Optional LLM deps (fallback if missing) ----------
 try:
     from pydantic import BaseModel, Field
@@ -20,26 +32,47 @@ except Exception:
 # ==============================
 # Configuration / DB Connection
 # ==============================
-SQL_DRIVER   = os.getenv("PYMATCH_SQL_DRIVER", "{SQL Server}")
-SQL_SERVER   = os.getenv("PYMATCH_SQL_SERVER", "localhost\SQLEXPRESS")
-SQL_DB       = os.getenv("PYMATCH_SQL_DB", "PyMatch")
-SQL_TRUSTED  = os.getenv("PYMATCH_SQL_TRUSTED", "yes")  # yes/no
+# Server / DB
+DB_SERVER   = os.getenv("PYMATCH_SQL_SERVER", "localhost\\SQLEXPRESS")
+DB_DATABASE = os.getenv("PYMATCH_SQL_DB", "PyMatch")
+
+# Credentials (prefer the names you used in the other project)
+DB_USER     = os.getenv("DB_USER") or os.getenv("PYMATCH_SQL_USER")
+DB_PASSWORD = os.getenv("DB_PASSWORD") or os.getenv("PYMATCH_SQL_PASSWORD")
+
+# Driver (use v17 string to match your other app)
+ODBC_DRIVER = os.getenv("PYMATCH_ODBC_DRIVER", "{ODBC Driver 17 for SQL Server}")
+
+# Build a single connection string like your verification service:
+# - If localhost or an instance name is present -> Trusted_Connection (Windows only)
+# - Else -> SQL auth with Encrypt + TrustServerCertificate (for RDS/HF)
+if DB_SERVER.lower().startswith("localhost") or "\\" in DB_SERVER:
+    CONN_STR = f"DRIVER={{SQL Server}};SERVER={DB_SERVER};DATABASE={DB_DATABASE};Trusted_Connection=yes"
+else:
+    CONN_STR = (
+        f"DRIVER={ODBC_DRIVER};"
+        f"SERVER={DB_SERVER};DATABASE={DB_DATABASE};"
+        f"UID={DB_USER};PWD={DB_PASSWORD};"
+        "Encrypt=yes;TrustServerCertificate=yes"
+    )
 
 PROGRESS_TBL = os.getenv("PYMATCH_PROGRESS_TABLE", "LLMGeneratedQuestions")
 
 def get_db_connection():
-    return pyodbc.connect(
-        f"DRIVER={SQL_DRIVER};"
-        f"SERVER={SQL_SERVER};"
-        f"DATABASE={SQL_DB};"
-        f"Trusted_Connection={SQL_TRUSTED};"
-    )
+    """Make a short-timeout connection. Fail clearly if secrets are missing."""
+    if "Trusted_Connection=yes" not in CONN_STR:
+        if not DB_USER or not DB_PASSWORD:
+            raise RuntimeError("DB_USER/DB_PASSWORD are not set for SQL authentication.")
+    return pyodbc.connect(CONN_STR, timeout=5)
 
 # ==========
 # Flask App
 # ==========
 app = Flask(__name__)
-CORS(app, resources={r"/*": {"origins": "*"}})
+# CORS: allow your dev UI by default; override with ALLOWED_ORIGINS in .env
+_origins = os.getenv("ALLOWED_ORIGINS", "http://localhost:4200")
+ALLOWED_ORIGINS = [o.strip() for o in _origins.split(",") if o.strip()]
+CORS(app, supports_credentials=True, origins=ALLOWED_ORIGINS)
 
 # ==========
 # Utilities
@@ -54,13 +87,13 @@ def row_to_dict(cursor, row) -> Dict:
     return {cols[i]: row[i] for i in range(len(cols))}
 
 # =======================
-# 1) AUTH / SIGNUP (auth)
+# 1) AUTH / SIGNUP & LOGIN
 # =======================
 @app.post("/api/signup")
 def signup():
     data = request.get_json(force=True) or {}
     name = data.get("name")
-    email = data.get("email")
+    email = (data.get("email") or "").strip()
     password = data.get("password")
 
     if not name or not email or not password:
@@ -71,21 +104,52 @@ def signup():
     try:
         conn = get_db_connection()
         cur = conn.cursor()
+
+        # prevent duplicate email
+        cur.execute("SELECT 1 FROM Users WHERE email = ?", (email,))
+        if cur.fetchone():
+            conn.close()
+            return jsonify({"error": "Email already registered."}), 409
+
         cur.execute("""
             INSERT INTO Users (name, email, password)
             VALUES (?, ?, ?)
         """, (name, email, password_hash))
         conn.commit()
+        conn.close()
         return jsonify({"message": "User created successfully."}), 201
     except pyodbc.Error as e:
         return jsonify({"error": f"DB error: {e}"}), 500
-    finally:
-        try: conn.close()
-        except: pass
+
+@app.post("/api/login")
+def login():
+    data = request.get_json(force=True) or {}
+    email = (data.get("email") or "").strip()
+    password = data.get("password") or ""
+    if not email or not password:
+        return jsonify({"error": "Email and password are required."}), 400
+
+    try:
+        conn = get_db_connection()
+        cur = conn.cursor()
+        cur.execute("SELECT id, name, password FROM Users WHERE email = ?", (email,))
+        row = cur.fetchone()
+        conn.close()
+    except pyodbc.Error as e:
+        return jsonify({"error": f"DB error: {e}"}), 500
+
+    if not row:
+        return jsonify({"error": "Invalid credentials."}), 401
+
+    user_id, name, stored_hash = int(row[0]), str(row[1]), str(row[2])
+    if hash_password(password) != stored_hash:
+        return jsonify({"error": "Invalid credentials."}), 401
+
+    # Simple session payload (your UI likely just needs these)
+    return jsonify({"user_id": user_id, "name": name, "email": email}), 200
 
 # ==================================================
 # 2) ROLE SELECTION + STATIC QUESTION FETCH + SAVE
-#    (from app.py)
 # ==================================================
 @app.post("/api/questions/select-role")
 def select_role():
@@ -105,12 +169,10 @@ def select_role():
             VALUES (?, ?, ?)
         """, (user_id, role_name, assigned_at))
         conn.commit()
+        conn.close()
         return jsonify({"message": "Role assigned successfully."}), 201
     except pyodbc.Error as e:
         return jsonify({"error": str(e)}), 500
-    finally:
-        try: conn.close()
-        except: pass
 
 @app.get("/api/questions/<role>")
 def get_questions(role):
@@ -127,6 +189,8 @@ def get_questions(role):
             ORDER BY id
         """, (role,))
         rows = cur.fetchall()
+        conn.close()
+
         out = []
         for r in rows:
             label = r[0]
@@ -142,9 +206,6 @@ def get_questions(role):
         return jsonify(out), 200
     except pyodbc.Error as e:
         return jsonify({"error": str(e)}), 500
-    finally:
-        try: conn.close()
-        except: pass
 
 @app.post("/api/questions/submit-answers/<role>")
 def submit_answers(role):
@@ -194,12 +255,10 @@ def submit_answers(role):
         cur = conn.cursor()
         cur.execute(query, values)
         conn.commit()
+        conn.close()
         return jsonify({"message": f"{role.capitalize()} record added successfully."}), 201
     except pyodbc.Error as e:
         return jsonify({"error": str(e)}), 500
-    finally:
-        try: conn.close()
-        except: pass
 
 # ===========================================
 # 3) LLM BATCH Q-GEN + COLOR % PERSIST (LLM)
@@ -230,7 +289,7 @@ DEFAULT_BATCH_SIZE = int(os.getenv("PYMATCH_BATCH_SIZE", "10"))
 
 # ---- LLM chain (optional) ----
 PARSER_BATCH = None
-CHAIN_BATCH = None
+CHAIN_BATCH  = None
 if HAS_LLM_STACK and os.getenv("OPENAI_API_KEY"):
     class Option(BaseModel):
         text: str
@@ -274,7 +333,6 @@ if HAS_LLM_STACK and os.getenv("OPENAI_API_KEY"):
             ("system", SYSTEM_PROMPT),
             ("user", USER_PROMPT_BATCH),
         ])
-        # prompt | llm | parser  => RunnableSequence (no .right attribute)
         return prompt | llm | PARSER_BATCH
 
     CHAIN_BATCH = build_batch_chain()
@@ -330,7 +388,6 @@ def offline_generate_batch(themes: List[str], state: Dict) -> List[Dict]:
     return items
 
 def generate_batch_questions(themes: List[str], state: Dict) -> List[Dict]:
-    # Try LLM path first
     if CHAIN_BATCH is not None and PARSER_BATCH is not None:
         try:
             payload = {
@@ -338,11 +395,10 @@ def generate_batch_questions(themes: List[str], state: Dict) -> List[Dict]:
                 "themes_json": json.dumps(themes, ensure_ascii=False),
                 "format_instructions": PARSER_BATCH.get_format_instructions(),
             }
-            # CHAIN_BATCH = prompt | llm | PARSER_BATCH  -> returns parsed object (BatchQA or dict)
             result = CHAIN_BATCH.invoke(payload)
 
             if hasattr(result, "items"):
-                items_raw = result.items  # Pydantic BatchQA.items
+                items_raw = result.items
             elif isinstance(result, dict) and "items" in result:
                 items_raw = result["items"]
             else:
@@ -360,7 +416,6 @@ def generate_batch_questions(themes: List[str], state: Dict) -> List[Dict]:
         except Exception as e:
             print("LLM batch generation failed:", e)
 
-    # Fallback generator (always returns items if themes not empty)
     return offline_generate_batch(themes, state)
 
 class SessionState:
@@ -401,9 +456,16 @@ def save_sessions():
     try:
         with _sessions_lock:
             serializable = {sid: s.__dict__ for sid, s in SESSIONS.items()}
+
+            # Convert datetime objects to string to avoid JSON issues
+            for s in serializable.values():
+                for k, v in list(s.items()):
+                    if isinstance(v, datetime):
+                        s[k] = v.isoformat()
+
             tmp = SESSIONS_FILE + ".tmp"
             with open(tmp, "w", encoding="utf-8") as f:
-                json.dump(serializable, f, ensure_ascii=False, indent=2, default=str)
+                json.dump(serializable, f, ensure_ascii=False, indent=2)
             os.replace(tmp, SESSIONS_FILE)
     except Exception as e:
         print("Failed to save sessions:", e)
@@ -417,7 +479,6 @@ def persist_final_progress(user_id: Optional[str], role: str, mix: Dict[str, flo
     try:
         conn = get_db_connection()
         cur = conn.cursor()
-        # Try with llm_id; if identity error, retry without it
         try:
             cur.execute(f"""
                 INSERT INTO [dbo].[{PROGRESS_TBL}]
@@ -425,6 +486,7 @@ def persist_final_progress(user_id: Optional[str], role: str, mix: Dict[str, flo
                 VALUES (?,?,?,?,?,?,?,SYSUTCDATETIME())
             """, (llm_id, str(user_id) if user_id is not None else None, role, blue, green, yellow, red))
             conn.commit()
+            conn.close()
             return True
         except pyodbc.Error as e:
             if "IDENTITY_INSERT" in str(e) or "(544)" in str(e):
@@ -434,49 +496,40 @@ def persist_final_progress(user_id: Optional[str], role: str, mix: Dict[str, flo
                     VALUES (?,?,?,?,?,?,SYSUTCDATETIME())
                 """, (str(user_id) if user_id is not None else None, role, blue, green, yellow, red))
                 conn.commit()
+                conn.close()
                 return True
             else:
                 print("Persist failed:", e)
+                conn.close()
                 return False
     except Exception as ex:
         print("Persist final progress failed:", ex)
         return False
-    finally:
-        try: conn.close()
-        except: pass
 
-# -------------------------
-# Profile fetch by role/id
-# -------------------------
 def fetch_profile_for_role(user_id: str, role: str) -> Dict:
-    """
-    Reads the correct table based on role and returns a dict of the latest row for that user.
-    Tables: Marriage | Interview | Partnership
-    """
     table = {
         "marriage": "Marriage",
         "interview": "Interview",
         "partnership": "Partnership"
     }.get(role.lower())
-
     if not table:
         return {}
 
     try:
         conn = get_db_connection()
         cur = conn.cursor()
-        # Prefer latest by created_at if present
         cur.execute(f"""
-            SELECT TOP 1 *
-            FROM {table}
+            SELECT TOP 1 * FROM {table}
             WHERE user_id = ?
             ORDER BY created_at DESC
         """, (user_id,))
         row = cur.fetchone()
         if row is None:
+            conn.close()
             return {}
         prof = row_to_dict(cur, row)
-        # Normalize hobbies_interests if it exists
+        conn.close()
+
         if "hobbies_interests" in prof and isinstance(prof["hobbies_interests"], str):
             if prof["hobbies_interests"].strip().startswith("["):
                 try:
@@ -490,19 +543,12 @@ def fetch_profile_for_role(user_id: str, role: str) -> Dict:
     except pyodbc.Error as e:
         print("Profile fetch error:", e)
         return {}
-    finally:
-        try: conn.close()
-        except: pass
-
-# -------------------
-# Theme chooser
-# -------------------
-def choose_themes(sess: SessionState, k: int) -> List[str]:
+
+def choose_themes(sess: 'SessionState', k: int) -> List[str]:
     topics = TOPIC_BANK_BY_DOMAIN.get(sess.role, TOPIC_BANK_BY_DOMAIN["general"])
     phrases = COLOR_PHRASES_BY_DOMAIN.get(sess.role, COLOR_PHRASES_BY_DOMAIN["general"])
     themes: List[str] = []
     for _ in range(k):
-        # bias to least-chosen color to balance
         target = min(sess.color_counts, key=lambda c: sess.color_counts[c])
         topic = random.choice(topics)
         phrase = phrases[target]
@@ -518,7 +564,7 @@ def health():
         "status": "ok",
         "llm": ("openai" if CHAIN_BATCH is not None else "offline-fallback"),
         "has_openai_key": bool(os.getenv("OPENAI_API_KEY")),
-        "db": {"server": SQL_SERVER, "database": SQL_DB, "table": PROGRESS_TBL},
+        "db": {"server": DB_SERVER, "database": DB_DATABASE, "table": PROGRESS_TBL},
     }
 
 @app.get("/")
@@ -527,6 +573,7 @@ def home():
         "message": "Unified Py-Match Service",
         "try": [
             "POST /api/signup",
+            "POST /api/login",
             "POST /api/questions/select-role",
             "GET  /api/questions/<role>",
             "POST /api/questions/submit-answers/<role>",
@@ -540,12 +587,6 @@ def home():
 # -------------------------
 @app.post("/llm/start")
 def llm_start():
-    """
-    Starts a session by fetching the profile for (user_id, role),
-    then generating the first question batch. No need to send profile in body.
-    Body:
-      { "user_id": "1", "role": "marriage", "n_questions": 5, "batch_size": 5 }
-    """
     data = request.get_json(force=True) or {}
     user_id = str(data.get("user_id") or "").strip()
     role_in = (data.get("role") or "general").lower()
@@ -557,10 +598,8 @@ def llm_start():
     if role_in not in DOMAINS:
         return jsonify({"error": f"Invalid role. Allowed: {', '.join(DOMAINS)}"}), 400
 
-    # Fetch profile from the correct table based on role
     profile = fetch_profile_for_role(user_id, role_in)
 
-    # Create session
     sid = str(uuid.uuid4())
     sess = SessionState(n_questions=n_req, batch_size=b_req, domain=role_in, role=role_in, profile=profile)
     SESSIONS[sid] = sess
@@ -572,7 +611,6 @@ def llm_start():
         return jsonify({"error": "Question generation failed"}), 500
     sess.queue = queue
 
-    # Serve first question
     first = sess.queue.pop(0)
     sess.asked += 1
     save_sessions()
@@ -585,16 +623,11 @@ def llm_start():
         "options": first["options"],
         "source": first.get("source", "unknown"),
         "role": sess.role,
-        "profile_used": bool(profile)  # helpful flag
+        "profile_used": bool(profile)
     })
 
 @app.post("/llm/next")
 def llm_next():
-    """
-    Continue a running session with user's selected color.
-    Body:
-      { "session_id": "...", "selected_color": "blue|green|red|yellow" }
-    """
     data = request.get_json(force=True) or {}
     sid = data.get("session_id")
     color = str(data.get("selected_color") or "").lower()
@@ -608,11 +641,9 @@ def llm_next():
     if sess.finished:
         return jsonify({"done": True, "message": "Session already finished."})
 
-    # record answer
     sess.color_counts[color] += 1
     sess.history.append({"selected_color": color})
 
-    # finished?
     if sess.asked >= sess.n_questions:
         sess.finished = True
         mix = sess.to_min_state()["mix"]
@@ -621,7 +652,6 @@ def llm_next():
         save_sessions()
         return jsonify({"done": True, "message": "No more questions.", "mix": mix, "db_write": "ok" if db_ok else "failed"})
 
-    # ensure queue; refill if needed
     if not sess.queue:
         to_generate = min(sess.batch_size, sess.remaining())
         themes = choose_themes(sess, to_generate)
@@ -644,15 +674,22 @@ def llm_next():
         "role": sess.role
     })
 
+# ---------- Diagnostics ----------
+@app.get("/db/ping")
+def db_ping():
+    try:
+        conn = get_db_connection()
+        cur = conn.cursor()
+        cur.execute("SELECT 1")
+        v = cur.fetchone()[0]
+        conn.close()
+        return {"ok": True, "value": int(v)}
+    except Exception as e:
+        return {"ok": False, "error": str(e)}, 500
+
 # =========
 # Run app
 # =========
-# if __name__ == "__main__":
-#     app.run(host="0.0.0.0", port=5000, debug=True)
-
 if __name__ == "__main__":
-    import os
-    # Default to 5000 for local runs; HF Spaces injects PORT=7860 automatically
     port = int(os.getenv("PORT", "5000"))
     app.run(host="0.0.0.0", port=port, debug=False)
-