Update main.py

main.py

@@ -7,8 +7,8 @@ import tempfile
 import requests
 import json
 import pandas as pd
-import numpy as np # Added for np.nan
-from datetime import datetime, timedelta # Import timedelta for daily refresh logic
+import numpy as np
+from datetime import datetime, timedelta
 from flask import Flask, request, jsonify, send_file
 from flask_cors import CORS, cross_origin
 from firebase_admin import credentials, db, storage, auth
@@ -16,6 +16,7 @@ import firebase_admin
 import logging
 import traceback
 from bs4 import BeautifulSoup, Comment
+
 # Import BRScraper
 try:
     from BRScraper import nba
@@ -60,6 +61,7 @@ bucket = storage.bucket() if FIREBASE_INITIALIZED else None
 
 # Helper functions
 def verify_token(token):
+    """Verifies Firebase ID token and returns UID."""
     try:
         decoded_token = auth.verify_id_token(token)
         return decoded_token['uid']
@@ -68,6 +70,7 @@ def verify_token(token):
         return None
 
 def verify_admin(auth_header):
+    """Verifies admin privileges based on Firebase Realtime DB 'is_admin' flag."""
     if not auth_header or not auth_header.startswith('Bearer '):
         raise ValueError('Invalid token format')
     token = auth_header.split(' ')[1]
@@ -80,10 +83,12 @@ def verify_admin(auth_header):
         raise PermissionError('Admin access required')
     return uid
 
-
-
 # Decorator for credit deduction
 def credit_required(cost=1):
+    """
+    Decorator to check user authentication, suspension status, and deduct credits.
+    If cost is 0, it only checks authentication and suspension.
+    """
     def decorator(f):
         def wrapper(*args, **kwargs):
             auth_header = request.headers.get('Authorization', '')
@@ -107,12 +112,13 @@ def credit_required(cost=1):
                 return jsonify({'error': f'Insufficient credits. You need {cost} credits, but have {current_credits}.'}), 403
 
             try:
-                # Deduct credits
-                user_ref.update({'credits': current_credits - cost})
-                logging.info(f"Deducted {cost} credits from user {uid}. New balance: {current_credits - cost}")
+                # Deduct credits only if cost > 0
+                if cost > 0:
+                    user_ref.update({'credits': current_credits - cost})
+                    logging.info(f"Deducted {cost} credits from user {uid}. New balance: {current_credits - cost}")
                 return f(*args, **kwargs)
             except Exception as e:
-                logging.error(f"Failed to deduct credits for user {uid}: {e}")
+                logging.error(f"Failed to process credits for user {uid}: {e}")
                 return jsonify({'error': 'Failed to process credits. Please try again.'}), 500
         wrapper.__name__ = f.__name__ # Preserve original function name for Flask routing
         return wrapper
@@ -123,6 +129,7 @@ def credit_required(cost=1):
 
 @app.route('/api/auth/signup', methods=['POST'])
 def signup():
+    """Handles user signup and creates a new user entry in Firebase Auth and DB."""
     try:
         data = request.get_json()
         email = data.get('email')
@@ -134,7 +141,7 @@ def signup():
         user_ref = db.reference(f'users/{user.uid}')
         user_data = {
             'email': email,
-            'credits': 10, # Changed initial credits to 10
+            'credits': 10, # Initial credits for new users
             'is_admin': False,
             'created_at': datetime.utcnow().isoformat()
         }
@@ -152,6 +159,7 @@ def signup():
 
 @app.route('/api/user/profile', methods=['GET'])
 def get_user_profile():
+    """Retrieves the authenticated user's profile information."""
     try:
         auth_header = request.headers.get('Authorization', '')
         if not auth_header.startswith('Bearer '):
@@ -178,6 +186,7 @@ def get_user_profile():
 
 @app.route('/api/auth/google-signin', methods=['POST'])
 def google_signin():
+    """Handles Google Sign-In, creating user DB entry if it doesn't exist."""
     try:
         auth_header = request.headers.get('Authorization', '')
         if not auth_header.startswith('Bearer '):
@@ -194,7 +203,7 @@ def google_signin():
         if not user_data:
             user_data = {
                 'email': email,
-                'credits': 10,  # Changed initial credits to 10
+                'credits': 10,  # Initial credits for new users
                 'is_admin': False,
                 'created_at': datetime.utcnow().isoformat(),
             }
@@ -215,6 +224,7 @@ def google_signin():
 @app.route('/api/user/request-credits', methods=['POST'])
 @credit_required(cost=0) # This endpoint doesn't cost credits, but requires auth
 def request_credits():
+    """Allows a user to request more credits from an admin."""
     try:
         auth_header = request.headers.get('Authorization', '')
         token = auth_header.split(' ')[1]
@@ -237,11 +247,11 @@ def request_credits():
         logging.error(f"Request credits error: {e}")
         return jsonify({'error': str(e)}), 500
 
-# Add this new endpoint to your Flask app
 @app.route('/api/user/submit_feedback', methods=['POST'])
 @credit_required(cost=0) # Requires authentication but no credit cost
 @cross_origin()
 def submit_feedback():
+    """Allows a user to submit feedback to administrators."""
     try:
         auth_header = request.headers.get('Authorization', '')
         token = auth_header.split(' ')[1]
@@ -271,10 +281,11 @@ def submit_feedback():
         logging.error(f"Submit feedback error: {e}")
         return jsonify({'error': str(e)}), 500
 
-# ---------- Admin Endpoints for Credit Requests ----------
+# ---------- Admin Endpoints ----------
 
 @app.route('/api/admin/profile', methods=['GET'])
 def get_admin_profile():
+    """Retrieves admin profile and aggregated user/credit statistics."""
     try:
         admin_uid = verify_admin(request.headers.get('Authorization', ''))
         admin_data = db.reference(f'users/{admin_uid}').get()
@@ -314,6 +325,7 @@ def get_admin_profile():
 
 @app.route('/api/admin/credit_requests', methods=['GET'])
 def list_credit_requests():
+    """Lists all credit requests submitted by users."""
     try:
         verify_admin(request.headers.get('Authorization', ''))
         requests_ref = db.reference('credit_requests')
@@ -326,6 +338,7 @@ def list_credit_requests():
 
 @app.route('/api/admin/credit_requests/<string:request_id>', methods=['PUT'])
 def process_credit_request(request_id):
+    """Processes a specific credit request (approves or declines)."""
     try:
         admin_uid = verify_admin(request.headers.get('Authorization', ''))
         req_ref = db.reference(f'credit_requests/{request_id}')
@@ -364,6 +377,7 @@ def process_credit_request(request_id):
 
 @app.route('/api/admin/users', methods=['GET'])
 def admin_list_users():
+    """Lists all users in the system."""
     try:
         verify_admin(request.headers.get('Authorization', ''))
         users_ref = db.reference('users')
@@ -386,6 +400,7 @@ def admin_list_users():
 
 @app.route('/api/admin/users/search', methods=['GET'])
 def admin_search_users():
+    """Searches for users by email."""
     try:
         verify_admin(request.headers.get('Authorization', ''))
         email_query = request.args.get('email', '').lower().strip()
@@ -414,6 +429,7 @@ def admin_search_users():
 
 @app.route('/api/admin/users/<string:uid>/suspend', methods=['PUT'])
 def admin_suspend_user(uid):
+    """Suspends or unsuspends a user account."""
     try:
         verify_admin(request.headers.get('Authorization', ''))
         data = request.get_json()
@@ -436,10 +452,9 @@ def admin_suspend_user(uid):
         logging.error(f"Admin suspend user error: {e}")
         return jsonify({'error': str(e)}), 500
 
-
-
 @app.route('/api/admin/notifications', methods=['POST'])
 def send_notifications():
+    """Sends notifications to users (all, single, or list)."""
     try:
         admin_uid = verify_admin(request.headers.get('Authorization', ''))
         data = request.get_json()
@@ -487,6 +502,7 @@ def send_notifications():
 
 @app.route('/api/admin/feedback', methods=['GET'])
 def admin_view_feedback():
+    """Retrieves user feedback, with optional filtering by type and status."""
     try:
         admin_uid = verify_admin(request.headers.get('Authorization', ''))
         feedback_type = request.args.get('type')
@@ -518,6 +534,7 @@ def admin_view_feedback():
         
 @app.route('/api/admin/users/<string:uid>/credits', methods=['PUT'])
 def admin_update_credits(uid):
+    """Directly adds or subtracts credits from a user's account."""
     try:
         verify_admin(request.headers.get('Authorization', ''))
         data = request.get_json()
@@ -543,7 +560,6 @@ def admin_update_credits(uid):
 # ——————————————————————————————————————————————
 
 # Custom BeautifulSoup Data Fetching Utilities (for teams)
-# Re-added for custom BS scraping
 def fetch_html(url):
     """Fetch raw HTML for a URL (with error handling)."""
     try:
@@ -591,7 +607,6 @@ def parse_table(html, table_id=None):
         return pd.DataFrame()
 
     try:
-        # FIX 1: Wrap tbl_html in io.StringIO
         return pd.read_html(io.StringIO(tbl_html))[0]
     except ValueError:
         logging.warning("No tables found in the provided HTML string for parsing.")
@@ -700,7 +715,7 @@ def _scrape_team_stats_bs(year):
     column_mapping = {
         'G': 'GP', 'MP': 'MIN', 'FG%': 'FG_PCT', '3P%': 'FG3_PCT', 'FT%': 'FT_PCT',
         'TRB': 'REB', 'AST': 'AST', 'STL': 'STL', 'BLK': 'BLK', 'TOV': 'TO',
-        'PF': 'PF', 'PTS': 'PTS', 'Rk': 'RANK', 'W': 'WINS', 'L': 'LOSSES', 'W/L%': 'WIN_LOSS_PCT',
+        'PF': 'PF', 'PTS': 'PTS', 'Rk': 'RANK', 'W': 'WINS', 'L': 'L', 'W/L%': 'WIN_LOSS_PCT', # Corrected 'L' mapping
         'FG': 'FGM', 'FGA': 'FGA', '3P': 'FG3M', '3PA': 'FG3A',
         '2P': 'FGM2', '2PA': 'FGA2', '2P%': 'FG2_PCT', 'eFG%': 'EFG_PCT',
         'FT': 'FTM', 'FTA': 'FTA', 'ORB': 'OREB', 'DRB': 'DREB'
@@ -717,7 +732,6 @@ def _scrape_team_stats_bs(year):
         if col not in non_numeric_cols:
             df[col] = pd.to_numeric(df[col], errors="coerce")
 
-    # FIX 2: Replace NaN values with None for JSON compliance
     df = df.replace({np.nan: None})
 
     return df
@@ -826,6 +840,7 @@ PERP_KEY = os.getenv("PERPLEXITY_API_KEY")
 PERP_URL = "https://api.perplexity.ai/chat/completions"
 
 def ask_perp(prompt, system="You are a helpful NBA analyst AI.", max_tokens=500, temp=0.2):
+    """Sends a prompt to the Perplexity AI API and returns the response."""
     if not PERP_KEY:
         logging.error("PERPLEXITY_API_KEY env var not set.")
         return "Perplexity API key is not configured."
@@ -859,6 +874,7 @@ def ask_perp(prompt, system="You are a helpful NBA analyst AI.", max_tokens=500,
 @app.route('/api/nba/players', methods=['GET'])
 @cross_origin()
 def get_players():
+    """Returns a list of available NBA player names."""
     try:
         players_df = get_player_index_brscraper()
         if players_df.empty:
@@ -871,6 +887,7 @@ def get_players():
 @app.route('/api/nba/seasons', methods=['GET'])
 @cross_origin()
 def get_seasons():
+    """Returns a list of available NBA seasons."""
     try:
         seasons_list = get_available_seasons_util()
         return jsonify({'seasons': seasons_list})
@@ -880,8 +897,8 @@ def get_seasons():
 
 @app.route('/api/nba/player_stats', methods=['POST'])
 @cross_origin()
-# No credit_required decorator here, as this is data fetching, not AI interaction
 def get_player_stats():
+    """Retrieves per-game statistics for selected NBA players and seasons."""
     try:
         data = request.get_json()
         selected_players = data.get('players')
@@ -949,8 +966,8 @@ def get_player_stats():
 
 @app.route('/api/nba/team_stats', methods=['POST'])
 @cross_origin()
-# No credit_required decorator here, as this is data fetching, not AI interaction
 def get_team_stats():
+    """Retrieves per-game statistics for selected NBA teams and a specific season."""
     try:
         data = request.get_json()
         selected_teams = data.get('teams')
@@ -1000,6 +1017,9 @@ def get_team_stats():
 @credit_required(cost=1) # Costs 1 credit
 @cross_origin()
 def perplexity_explain():
+    """
+    Provides an AI explanation for a given prompt and stores it in the database.
+    """
     try:
         data = request.get_json()
         prompt = data.get('prompt')
@@ -1011,15 +1031,95 @@ def perplexity_explain():
         if "Error from AI" in explanation:
             return jsonify({'error': explanation}), 500
         
-        return jsonify({'explanation': explanation})
+        # Get UID from the authenticated request (credit_required decorator ensures it's available)
+        auth_header = request.headers.get('Authorization', '')
+        token = auth_header.split(' ')[1]
+        uid = verify_token(token)
+
+        # Store the analysis in Firebase Realtime Database
+        if FIREBASE_INITIALIZED:
+            user_analyses_ref = db.reference(f'user_analyses/{uid}')
+            analysis_id = str(uuid.uuid4()) # Generate a unique ID for this analysis
+            analysis_data = {
+                'prompt': prompt,
+                'explanation': explanation,
+                'created_at': datetime.utcnow().isoformat()
+            }
+            user_analyses_ref.child(analysis_id).set(analysis_data)
+            logging.info(f"Analysis stored for user {uid} with ID: {analysis_id}")
+        else:
+            logging.warning("Firebase not initialized. Analysis will not be saved.")
+
+        return jsonify({'explanation': explanation, 'analysis_id': analysis_id})
     except Exception as e:
         logging.error(f"Error in /api/nba/perplexity_explain: {e}")
         return jsonify({'error': str(e)}), 500
 
+@app.route('/api/user/analyses', methods=['GET'])
+@credit_required(cost=0) # No credit cost, but requires authentication
+@cross_origin()
+def get_user_analyses():
+    """Retrieves all stored AI analyses for the authenticated user."""
+    try:
+        auth_header = request.headers.get('Authorization', '')
+        token = auth_header.split(' ')[1]
+        uid = verify_token(token)
+
+        if not FIREBASE_INITIALIZED:
+            return jsonify({'error': 'Firebase not initialized. Cannot retrieve analyses.'}), 500
+
+        user_analyses_ref = db.reference(f'user_analyses/{uid}')
+        analyses_data = user_analyses_ref.get() or {}
+
+        analyses_list = []
+        for analysis_id, data in analyses_data.items():
+            analyses_list.append({
+                'analysis_id': analysis_id,
+                'prompt': data.get('prompt'),
+                'explanation': data.get('explanation'),
+                'created_at': data.get('created_at')
+            })
+        
+        # Sort by creation date, newest first
+        analyses_list.sort(key=lambda x: x.get('created_at', ''), reverse=True)
+
+        return jsonify({'analyses': analyses_list})
+    except Exception as e:
+        logging.error(f"Error in /api/user/analyses: {e}")
+        return jsonify({'error': str(e)}), 500
+
+@app.route('/api/user/analyses/<string:analysis_id>', methods=['DELETE'])
+@credit_required(cost=0) # No credit cost, but requires authentication
+@cross_origin()
+def delete_user_analysis(analysis_id):
+    """Deletes a specific AI analysis for the authenticated user."""
+    try:
+        auth_header = request.headers.get('Authorization', '')
+        token = auth_header.split(' ')[1]
+        uid = verify_token(token)
+
+        if not FIREBASE_INITIALIZED:
+            return jsonify({'error': 'Firebase not initialized. Cannot delete analysis.'}), 500
+
+        analysis_ref = db.reference(f'user_analyses/{uid}/{analysis_id}')
+        analysis_data = analysis_ref.get()
+
+        if not analysis_data:
+            return jsonify({'error': 'Analysis not found or does not belong to this user'}), 404
+        
+        analysis_ref.delete()
+        logging.info(f"Analysis {analysis_id} deleted for user {uid}.")
+        return jsonify({'success': True, 'message': 'Analysis deleted successfully'})
+    except Exception as e:
+        logging.error(f"Error in /api/user/analyses/<id> DELETE: {e}")
+        return jsonify({'error': str(e)}), 500
+
+
 @app.route('/api/nba/perplexity_chat', methods=['POST'])
 @credit_required(cost=1) # Costs 1 credit
 @cross_origin()
 def perplexity_chat():
+    """Handles AI chat interactions and stores chat history."""
     try:
         data = request.get_json()
         prompt = data.get('prompt')
@@ -1065,6 +1165,7 @@ def perplexity_chat():
 @credit_required(cost=1) # Costs 1 credit
 @cross_origin()
 def awards_predictor():
+    """Predicts NBA award candidates based on user criteria."""
     try:
         data = request.get_json()
         award_type = data.get('award_type')
@@ -1087,6 +1188,7 @@ def awards_predictor():
 @credit_required(cost=1) # Costs 1 credit
 @cross_origin()
 def young_player_projection():
+    """Projects the future potential of a young NBA player."""
     try:
         data = request.get_json()
         player_name = data.get('player_name')
@@ -1120,6 +1222,7 @@ def young_player_projection():
 @credit_required(cost=1) # Costs 1 credit
 @cross_origin()
 def similar_players():
+    """Finds similar players based on specified criteria."""
     try:
         data = request.get_json()
         target_player = data.get('target_player')
@@ -1142,6 +1245,7 @@ def similar_players():
 @credit_required(cost=1) # Costs 1 credit
 @cross_origin()
 def manual_player_compare():
+    """Compares two NBA players in detail."""
     try:
         data = request.get_json()
         player1 = data.get('player1')
@@ -1168,6 +1272,7 @@ def manual_player_compare():
 @credit_required(cost=1) # Costs 1 credit
 @cross_origin()
 def roster_suggestions():
+    """Generates NBA roster suggestions based on user-defined constraints."""
     try:
         data = request.get_json()
         salary_cap = data.get('salary_cap')
@@ -1208,6 +1313,7 @@ def roster_suggestions():
 @credit_required(cost=1) # Costs 1 credit
 @cross_origin()
 def trade_analysis():
+    """Analyzes a potential NBA trade scenario."""
     try:
         data = request.get_json()
         team1_trades = data.get('team1_trades')