Brave-chat-api

Sleeping

App Files Files Community

rairo commited on Oct 21, 2025

Commit

02e487d

verified ·

1 Parent(s): 931554c

Update main.py

Browse files

Files changed (1) hide show

main.py +97 -44

main.py CHANGED Viewed

@@ -113,62 +113,115 @@ logger.info(f"Chart export path set to: {user_defined_path}")
 # -----------------------------------------------------------------------------
 # Admin API client (client-supplied credentials; holistic admin scope)
 # -----------------------------------------------------------------------------
-SC_BASE = "https://delta-api.pricelyst.co.zw".rstrip("/")
-_TZ = "Africa/Harare"
 class SCAuth:
-    """Caches tokens keyed by admin email."""
-    _token_cache: Dict[str, Tuple[Optional[str], float]] = {}  # email -> (token, expiry_ts)
     @classmethod
-    def login(cls, email: str, password: str) -> str:
-        url = f"{SC_BASE}/api/auth/admin/login"
         try:
-            resp = requests.post(url, json={"email": email, "password": password}, timeout=20)
-            if resp.status_code >= 400:
-                raise RuntimeError(f"Login failed: {resp.status_code} {resp.text[:200]}")
-            data = resp.json() or {}
-            token = data.get("token")
-            if not token:
-                raise RuntimeError("Login did not return a token.")
-            expiry = time.time() + 50 * 60  # ~50 minutes
-            cls._token_cache[email] = (token, expiry)
-            logger.info(f"Admin login OK for {email}.")
-            return token
-        except Exception as e:
-            logger.error(f"Admin login error: {e}")
-            raise
     @classmethod
-    def ensure(cls, email: str, password: str) -> str:
-        token, expiry = cls._token_cache.get(email, (None, 0))
-        if not token or time.time() > expiry:
-            token = cls.login(email, password)
-        return token or ""
-def sc_request(method: str, path: str, email: str, password: str,
-               params: dict | None = None, data: dict | None = None) -> dict:
-    url = f"{SC_BASE}{path}"
-    headers = {}
-    try:
-        token = SCAuth.ensure(email, password)
         if token:
-            headers["Authorization"] = f"Bearer {token}"
-    except Exception:
-        pass
     try:
-        resp = requests.request(method, url, params=params, json=data, headers=headers, timeout=30)
-        if resp.status_code == 401:
-            # Retry once with fresh token
-            token = SCAuth.login(email, password)
-            headers["Authorization"] = f"Bearer {token}"
-            resp = requests.request(method, url, params=params, json=data, headers=headers, timeout=30)
         resp.raise_for_status()
-        return resp.json() if resp.content else {}
     except Exception as e:
-        logger.error(f"SC request error {method} {path}: {e}")
-        raise
 # -----------------------------------------------------------------------------
 # Temporal helpers
 # -----------------------------------------------------------------------------

 # -----------------------------------------------------------------------------
 # Admin API client (client-supplied credentials; holistic admin scope)
 # -----------------------------------------------------------------------------
+# --- Auth + Request client (robust: bearer OR cookie session) ---
+import requests
+from typing import Dict, Optional
+SC_BASE_URL = os.getenv("SC_BASE_URL", "https://delta-api.pricelyst.co.zw").rstrip("/")
 class SCAuth:
+    """Caches a requests.Session per admin email; supports bearer or cookie sessions."""
+    _cache: Dict[str, Dict[str, any]] = {}
     @classmethod
+    def invalidate(cls, email: str) -> None:
         try:
+            entry = cls._cache.pop(email, None)
+            if entry and isinstance(entry.get("session"), requests.Session):
+                entry["session"].close()
+        except Exception:
+            pass
     @classmethod
+    def _extract_token(cls, js: dict) -> Optional[str]:
+        if not isinstance(js, dict):
+            return None
+        # Try common token shapes
+        candidates = [
+            js.get("token"),
+            js.get("access_token"),
+            (js.get("data") or {}).get("token"),
+            (js.get("data") or {}).get("access_token"),
+            (js.get("authorization") or {}).get("token"),
+            (js.get("auth") or {}).get("token"),
+        ]
+        for t in candidates:
+            if isinstance(t, str) and t.strip():
+                return t.strip()
+        return None
+    @classmethod
+    def login(cls, email: str, password: str) -> Dict[str, any]:
+        s = requests.Session()
+        s.headers.update({"Accept": "application/json"})
+        url = f"{SC_BASE_URL}/api/auth/admin/login"
+        # IMPORTANT: many APIs expect JSON, not form data
+        resp = s.post(url, json={"email": email, "password": password}, timeout=30)
+        # Try JSON parse (may fail if empty body)
+        body_text = ""
+        body_json = {}
+        try:
+            body_json = resp.json() or {}
+        except Exception:
+            body_text = (resp.text or "")[:800]  # keep it short for logs
+        token = cls._extract_token(body_json)
         if token:
+            s.headers.update({"Authorization": f"Bearer {token}"})
+            entry = {"session": s, "auth": "bearer", "token": token}
+            cls._cache[email] = entry
+            return entry
+        # If no token but we got Set-Cookie, assume cookie session auth
+        if resp.cookies and (resp.status_code // 100) == 2:
+            entry = {"session": s, "auth": "cookie"}
+            cls._cache[email] = entry
+            return entry
+        # Neither token nor cookie: raise, but include short body for diagnosis
+        snippet = body_text or (str(body_json)[:800])
+        raise RuntimeError(f"Login did not return a token or cookie session. HTTP {resp.status_code}. Body≈ {snippet}")
+def sc_request(method: str, path: str, email: str, password: str, *,
+               params: dict = None, json_body: dict = None, timeout: int = 30):
+    """Authenticated request with 401 auto-refresh (once)."""
+    if not path.startswith("/"):
+        path = "/" + path
+    url = f"{SC_BASE_URL}{path}"
+    def _do(s: requests.Session):
+        return s.request(method.upper(), url, params=params, json=json_body, timeout=timeout)
+    # get or create session
+    entry = SCAuth._cache.get(email)
+    if not entry:
+        entry = SCAuth.login(email, password)
+    s = entry["session"]
+    resp = _do(s)
+    if resp.status_code == 401:
+        # refresh & retry once
+        SCAuth.invalidate(email)
+        entry = SCAuth.login(email, password)
+        s = entry["session"]
+        resp = _do(s)
+    # Raise for other errors
     try:
         resp.raise_for_status()
     except Exception as e:
+        # include small snippet to aid debugging
+        snippet = (getattr(resp, "text", "") or "")[:800]
+        raise RuntimeError(f"SC request error {method.upper()} {path}: HTTP {resp.status_code} – {snippet}") from e
+    # Return JSON or text as appropriate
+    try:
+        return resp.json()
+    except Exception:
+        return resp.text
 # -----------------------------------------------------------------------------
 # Temporal helpers
 # -----------------------------------------------------------------------------