Update main.py

main.py

@@ -4,13 +4,13 @@ import json
 import hashlib
 from datetime import datetime, time
 from PIL import Image
-
+import pytz
 from flask import Flask, request, jsonify
 from flask_cors import CORS
 import google.generativeai as genai
 import firebase_admin
 from firebase_admin import credentials, db, storage, auth
-import pytz
+import pandas as pd
 
 app = Flask(__name__)
 CORS(app)
@@ -18,93 +18,18 @@ CORS(app)
 # Firebase initialization
 cred = credentials.Certificate('mydateproject-e7994-firebase-adminsdk-mpa9a-2fd9c32a98.json')
 firebase_admin.initialize_app(cred, {
-    'databaseURL': 'your-database-url',
-    'storageBucket': 'your-bucket-name.appspot.com'
+    'databaseURL': 'https://mydateproject-e7994.firebaseio.com',
+    'storageBucket': 'mydateproject-e7994.firebasestorage.app'
 })
 
-# Initialize Firebase storage bucket
 bucket = storage.bucket()
-
-# Gemini API configuration
 api_key = os.environ['Gemini']
 
-
-
-
-# admin create user.
-@app.route('/api/admin/create-user', methods=['POST'])
-def create_user():
-    try:
-        # Verify admin token
-        auth_header = request.headers.get('Authorization')
-        if not auth_header or not auth_header.startswith('Bearer '):
-            return jsonify({'error': 'No token provided'}), 401
-        
-        token = auth_header.split('Bearer ')[1]
-        admin_uid = verify_token(token)
-        if not admin_uid:
-            return jsonify({'error': 'Invalid token'}), 401
-
-        # Verify admin status
-        admin = auth.get_user(admin_uid)
-        if not admin.custom_claims or not admin.custom_claims.get('admin'):
-            return jsonify({'error': 'Unauthorized'}), 403
-
-        # Get user creation data
-        data = request.json
-        email = data.get('email')
-        password = data.get('password')
-        daily_cash = data.get('daily_cash', 0.0)
-        is_admin = data.get('is_admin', False)
-
-        if not email or not password:
-            return jsonify({'error': 'Email and password required'}), 400
-
-        # Create user in Firebase Auth
-        user = auth.create_user(
-            email=email,
-            password=password
-        )
-
-        # Set admin claim if requested
-        if is_admin:
-            auth.set_custom_user_claims(user.uid, {'admin': True})
-
-        # Create user data in Realtime Database
-        user_ref = db.reference(f'users/{user.uid}')
-        user_ref.set({
-            'email': email,
-            'daily_cash': 100,
-            'remaining_cash': daily_cash,
-            'last_reset': datetime.now(pytz.UTC).isoformat(),
-            'is_admin': is_admin
-        })
-
-        return jsonify({
-            'success': True,
-            'uid': user.uid,
-            'email': email
-        })
-
-    except Exception as e:
-        return jsonify({'error': str(e)}), 500
-
-def configure_gemini(api_key):
+# Helper functions
+def configure_gemini():
     genai.configure(api_key=api_key)
     return genai.GenerativeModel('gemini-2.0-flash-thinking-exp')
 
-def process_receipt(model, image):
-    prompt = """Analyze this image and determine if it's a receipt. If it is a receipt, extract:
-    - Total amount (as float)
-    - List of items purchased (array of strings)
-    - Date of transaction (DD/MM/YYYY format)
-    - Receipt number (as string)
-    Return JSON format with keys: is_receipt (boolean), total, items, date, receipt_number.
-    If not a receipt, return {"is_receipt": false}"""
-    
-    response = model.generate_content([prompt, image])
-    return response.text
-
 def verify_token(token):
     try:
         decoded_token = auth.verify_id_token(token)
@@ -115,9 +40,6 @@ def verify_token(token):
 def check_daily_reset(user_ref):
     try:
         user_data = user_ref.get()
-        if not user_data:
-            return False
-        
         now = datetime.now(pytz.UTC)
         last_reset = datetime.fromisoformat(user_data.get('last_reset', '2000-01-01T00:00:00+00:00'))
         
@@ -132,204 +54,200 @@ def check_daily_reset(user_ref):
         print(f"Reset error: {str(e)}")
         return False
 
-@app.route('/api/login', methods=['POST'])
-def login():
-    try:
-        data = request.json
-        email = data.get('email')
-        password = data.get('password')
-        
-        # Use Firebase Auth REST API to sign in
-        user = auth.get_user_by_email(email)
-        return jsonify({
-            'uid': user.uid,
-            'email': user.email
-        })
-    except Exception as e:
-        return jsonify({'error': str(e)}), 401
-
+# Enhanced receipt processing endpoint
 @app.route('/api/process-receipt', methods=['POST'])
 def process_receipt_endpoint():
     try:
-        # Verify authentication
         auth_header = request.headers.get('Authorization')
-        if not auth_header or not auth_header.startswith('Bearer '):
-            return jsonify({'error': 'No token provided'}), 401
+        token = auth_header.split('Bearer ')[1] if auth_header else None
+        uid = verify_token(token) if token else None
         
-        token = auth_header.split('Bearer ')[1]
-        uid = verify_token(token)
         if not uid:
             return jsonify({'error': 'Invalid token'}), 401
 
-        if 'receipt' not in request.files:
-            return jsonify({'error': 'No file uploaded'}), 400
-
-        file = request.files['receipt']
-        if file.filename == '':
-            return jsonify({'error': 'No file selected'}), 400
-
-        # Get user reference
         user_ref = db.reference(f'users/{uid}')
         user_data = user_ref.get()
-        
-        if not user_data:
-            return jsonify({'error': 'User not found'}), 404
-
-        # Check daily reset
         check_daily_reset(user_ref)
-        
-        # Read file and compute hash
+
+        # Handle manual entry
+        if request.form.get('manual_entry') == 'true':
+            return handle_manual_entry(uid, user_ref, user_data)
+
+        # Handle image processing
+        file = request.files.get('receipt')
+        if not file:
+            return jsonify({'error': 'No file uploaded'}), 400
+
         image_bytes = file.read()
         file_hash = hashlib.md5(image_bytes).hexdigest()
 
-        # Check for duplicate receipt
         transactions_ref = db.reference('transactions')
-        existing_transactions = transactions_ref.order_by_child('hash').equal_to(file_hash).get()
-        if existing_transactions:
+        existing = transactions_ref.order_by_child('hash').equal_to(file_hash).get()
+        if existing:
             return jsonify({'error': 'Receipt already processed'}), 400
 
-        # Process image with Gemini
         image = Image.open(io.BytesIO(image_bytes))
-        model = configure_gemini(api_key)
+        model = configure_gemini()
         result_text = process_receipt(model, image)
 
-        # Parse Gemini response
-        json_str = result_text[result_text.find('{'):result_text.rfind('}')+1]
-        data = json.loads(json_str)
+        try:
+            json_str = result_text[result_text.find('{'):result_text.rfind('}')+1]
+            data = json.loads(json_str)
+        except json.JSONDecodeError:
+            return jsonify({'error': 'Failed to parse receipt data', 'raw_response': result_text}), 400
 
         if not data.get('is_receipt', False):
             return jsonify({'error': 'Not a valid receipt'}), 400
 
-        # Validate total against remaining cash
-        total = float(data.get('total', 0))
-        if total > user_data['remaining_cash']:
-            return jsonify({'error': 'Insufficient funds'}), 400
-
-        # Upload image to Firebase Storage
-        timestamp = datetime.now().strftime('%Y%m%d_%H%M%S')
-        blob = bucket.blob(f'receipts/{uid}/{timestamp}_{file_hash}.jpg')
-        blob.upload_from_string(image_bytes, content_type='image/jpeg')
+        return validate_and_save_transaction(
+            uid=uid,
+            user_data=user_data,
+            data=data,
+            file_hash=file_hash,
+            image_bytes=image_bytes,
+            manual=False
+        )
 
-        # Update user's remaining cash
-        new_remaining = user_data['remaining_cash'] - total
-        user_ref.update({'remaining_cash': new_remaining})
+    except Exception as e:
+        return jsonify({'error': str(e)}), 500
 
-        # Save transaction
-        transaction_data = {
-            'uid': uid,
-            'total': total,
-            'items': data.get('items', []),
-            'date': data.get('date'),
-            'receipt_number': data.get('receipt_number'),
-            'timestamp': datetime.now().isoformat(),
-            'hash': file_hash,
-            'image_url': blob.public_url
+def handle_manual_entry(uid, user_ref, user_data):
+    try:
+        data = {
+            'total': float(request.form.get('total')),
+            'items': [item.strip() for item in request.form.get('items', '').split(',')],
+            'date': request.form.get('date'),
+            'receipt_number': request.form.get('receipt_number'),
+            'is_receipt': True
         }
-        
-        new_transaction_ref = transactions_ref.push(transaction_data)
-
-        return jsonify({
-            'success': True,
-            'transaction_id': new_transaction_ref.key,
-            'remaining_cash': new_remaining,
-            **transaction_data
-        })
 
+        return validate_and_save_transaction(
+            uid=uid,
+            user_data=user_data,
+            data=data,
+            file_hash=hashlib.md5(str(datetime.now()).encode()).hexdigest(),
+            image_bytes=None,
+            manual=True
+        )
     except Exception as e:
-        return jsonify({'error': str(e)}), 500
+        return jsonify({'error': str(e)}), 400
+
+def validate_and_save_transaction(uid, user_data, data, file_hash, image_bytes, manual=False):
+    transactions_ref = db.reference('transactions')
+    existing = transactions_ref.order_by_child('receipt_number').equal_to(data['receipt_number']).get()
+    
+    if existing:
+        return jsonify({'error': f"Receipt #{data['receipt_number']} already exists"}), 400
+
+    total = float(data.get('total', 0))
+    if total > user_data['remaining_cash']:
+        return jsonify({'error': 'Insufficient funds'}), 400
 
-@app.route('/api/user/transactions', methods=['GET'])
-def get_user_transactions():
+    # Upload image if available
+    image_url = None
+    if image_bytes and not manual:
+        timestamp = datetime.now().strftime('%Y%m%d_%H%M%S')
+        blob = bucket.blob(f'receipts/{uid}/{timestamp}_{file_hash}.jpg')
+        blob.upload_from_string(image_bytes, content_type='image/jpeg')
+        image_url = blob.public_url
+
+    # Update user cash
+    new_remaining = user_data['remaining_cash'] - total
+    db.reference(f'users/{uid}').update({'remaining_cash': new_remaining})
+
+    # Save transaction
+    transaction_data = {
+        'uid': uid,
+        'total': total,
+        'items': data.get('items', []),
+        'date': data.get('date'),
+        'receipt_number': data.get('receipt_number'),
+        'timestamp': datetime.now(pytz.UTC).isoformat(),
+        'hash': file_hash,
+        'image_url': image_url,
+        'manual_entry': manual
+    }
+    
+    new_transaction_ref = transactions_ref.push(transaction_data)
+    return jsonify({
+        'success': True,
+        'transaction': {**transaction_data, 'id': new_transaction_ref.key},
+        'remaining_cash': new_remaining
+    })
+
+# Enhanced data endpoints for visualizations
+@app.route('/api/user/spending-overview', methods=['GET'])
+def get_spending_overview():
     try:
-        auth_header = request.headers.get('Authorization')
-        if not auth_header or not auth_header.startswith('Bearer '):
-            return jsonify({'error': 'No token provided'}), 401
+        uid = verify_token(request.headers.get('Authorization', '').split(' ')[1])
+        transactions_ref = db.reference('transactions')
+        transactions = transactions_ref.order_by_child('uid').equal_to(uid).get()
         
-        token = auth_header.split('Bearer ')[1]
-        uid = verify_token(token)
-        if not uid:
-            return jsonify({'error': 'Invalid token'}), 401
+        df = pd.DataFrame(transactions.values())
+        if df.empty:
+            return jsonify({'error': 'No transactions found'}), 404
 
-        transactions_ref = db.reference('transactions')
-        user_transactions = transactions_ref.order_by_child('uid').equal_to(uid).get()
+        df['date'] = pd.to_datetime(df['date'], format='%d/%m/%Y', errors='coerce')
+        daily_spending = df.groupby(df['date'].dt.date)['total'].sum().reset_index()
         
-        return jsonify(user_transactions)
+        return jsonify({
+            'daily_spending': daily_spending.to_dict(orient='records'),
+            'recent_transactions': df.sort_values(by='timestamp', ascending=False)
+                .head(10)
+                .to_dict(orient='records')
+        })
     except Exception as e:
         return jsonify({'error': str(e)}), 500
 
-@app.route('/api/admin/users', methods=['GET'])
-def get_all_users():
+@app.route('/api/admin/global-overview', methods=['GET'])
+def get_global_overview():
     try:
-        auth_header = request.headers.get('Authorization')
-        if not auth_header or not auth_header.startswith('Bearer '):
-            return jsonify({'error': 'No token provided'}), 401
+        verify_admin(request.headers.get('Authorization', ''))
         
-        token = auth_header.split('Bearer ')[1]
-        uid = verify_token(token)
-        if not uid:
-            return jsonify({'error': 'Invalid token'}), 401
-
-        # Verify admin status
-        user = auth.get_user(uid)
-        if not user.custom_claims or not user.custom_claims.get('admin'):
-            return jsonify({'error': 'Unauthorized'}), 403
-
+        transactions_ref = db.reference('transactions')
         users_ref = db.reference('users')
-        users = users_ref.get()
         
-        return jsonify(users)
-    except Exception as e:
-        return jsonify({'error': str(e)}), 500
-
-@app.route('/api/admin/update-user', methods=['POST'])
-def update_user():
-    try:
-        auth_header = request.headers.get('Authorization')
-        if not auth_header or not auth_header.startswith('Bearer '):
-            return jsonify({'error': 'No token provided'}), 401
+        transactions = pd.DataFrame(transactions_ref.get().values())
+        users = pd.DataFrame(users_ref.get().values())
         
-        token = auth_header.split('Bearer ')[1]
-        admin_uid = verify_token(token)
-        if not admin_uid:
-            return jsonify({'error': 'Invalid token'}), 401
-
-        # Verify admin status
-        admin = auth.get_user(admin_uid)
-        if not admin.custom_claims or not admin.custom_claims.get('admin'):
-            return jsonify({'error': 'Unauthorized'}), 403
-
-        data = request.json
-        user_id = data.get('uid')
-        updates = data.get('updates', {})
-
-        user_ref = db.reference(f'users/{user_id}')
-        user_ref.update(updates)
-
-        return jsonify({'success': True})
+        merged = pd.merge(transactions, users, left_on='uid', right_on='uid')
+        
+        return jsonify({
+            'user_spending': merged.groupby('uid')['total'].sum().to_dict(),
+            'all_transactions': transactions.sort_values(by='timestamp', ascending=False)
+                .to_dict(orient='records')
+        })
     except Exception as e:
         return jsonify({'error': str(e)}), 500
 
-@app.route('/api/admin/transactions', methods=['GET'])
-def get_all_transactions():
-    try:
-        auth_header = request.headers.get('Authorization')
-        if not auth_header or not auth_header.startswith('Bearer '):
-            return jsonify({'error': 'No token provided'}), 401
-        
-        token = auth_header.split('Bearer ')[1]
-        uid = verify_token(token)
-        if not uid:
-            return jsonify({'error': 'Invalid token'}), 401
+# Helper function to verify admin status
+def verify_admin(auth_header):
+    if not auth_header.startswith('Bearer '):
+        raise ValueError('Invalid token')
+    
+    token = auth_header.split(' ')[1]
+    uid = verify_token(token)
+    user = auth.get_user(uid)
+    
+    if not user.custom_claims or not user.custom_claims.get('admin'):
+        raise PermissionError('Admin access required')
 
-        # Verify admin status
+# User management endpoints
+@app.route('/api/user/profile', methods=['GET'])
+def get_user_profile():
+    try:
+        uid = verify_token(request.headers.get('Authorization', '').split(' ')[1])
         user = auth.get_user(uid)
-        if not user.custom_claims or not user.custom_claims.get('admin'):
-            return jsonify({'error': 'Unauthorized'}), 403
-
-        transactions_ref = db.reference('transactions')
-        transactions = transactions_ref.get()
+        user_data = db.reference(f'users/{uid}').get()
         
-        return jsonify(transactions)
+        return jsonify({
+            'uid': uid,
+            'email': user.email,
+            'daily_cash': user_data.get('daily_cash', 0),
+            'remaining_cash': user_data.get('remaining_cash', 0),
+            'last_reset': user_data.get('last_reset'),
+            'is_admin': user_data.get('is_admin', False)
+        })
     except Exception as e:
         return jsonify({'error': str(e)}), 500