Spaces:

rairo
/

guards-api

Sleeping

App Files Files Community

rairo commited on Jul 25, 2025

Commit

6e0f40d

verified ·

1 Parent(s): b2b07a5

Update main.py

Browse files

Files changed (1) hide show

main.py +16 -17

main.py CHANGED Viewed

@@ -205,13 +205,13 @@ def verify_token(req):
         # Verify the token
         decoded = firebase_auth.verify_id_token(token)
         # Get user UID and email from decoded token
         uid = decoded.get('uid')
-        email = decoded.get('email') # Firebase ID tokens usually contain the email
         if not uid:
-            print("Verified token does not contain a UID.")
             return None
         # Check if user is admin by querying Firebase Realtime Database using UID
@@ -220,43 +220,42 @@ def verify_token(req):
         if admin_data and admin_data.get("is_admin", False):
             # User is already an admin in the database
             return decoded
         elif email and email in ADMIN_EMAILS:
             # User's email is in the approved list, but UID not found in DB.
             # This is likely their first time accessing the API.
             # Automatically create their admin entry using their UID.
-            print(f"First time admin access for {email} (UID: {uid}). Creating database entry.")
             admins_ref.child(uid).set({
                 "email": email,
                 "is_admin": True,
-                "first_seen": datetime.datetime.utcnow().isoformat() + 'Z' # UTC Timestamp
             })
-            print(f"Admin entry created for UID {uid}.")
             # Return the decoded token as they are now an admin
             return decoded
         else:
             # User is not in the approved admin list
-            print(f"User {uid} ({email}) is not in the approved admin list or not found in DB.")
             return None
     except firebase_auth.InvalidIdTokenError as e:
-        print(f"Invalid Firebase ID token provided: {e}")
         return None
     except firebase_auth.ExpiredIdTokenError as e:
-        print(f"Firebase ID token has expired: {e}")
         return None
     except firebase_auth.RevokedIdTokenError as e:
-        print(f"Firebase ID token has been revoked: {e}")
         return None
     except Exception as e:
-        print(f"Unexpected error during token verification: {e}")
-        # Consider logging the full traceback in production
-        # import traceback
-        # print(traceback.format_exc())
         return None
 # === Admin Setup (Legacy - kept for compatibility) ===
 def setup_admins():
     ref = db.reference("admins")

         # Verify the token
         decoded = firebase_auth.verify_id_token(token)
         # Get user UID and email from decoded token
         uid = decoded.get('uid')
+        email = decoded.get('email')  # Firebase ID tokens usually contain the email
         if not uid:
+            logger.error("Verified token does not contain a UID.")
             return None
         # Check if user is admin by querying Firebase Realtime Database using UID
         if admin_data and admin_data.get("is_admin", False):
             # User is already an admin in the database
+            logger.info(f"User {uid} ({email}) is authorized as admin.")
             return decoded
         elif email and email in ADMIN_EMAILS:
             # User's email is in the approved list, but UID not found in DB.
             # This is likely their first time accessing the API.
             # Automatically create their admin entry using their UID.
+            logger.info(f"First time admin access for {email} (UID: {uid}). Creating database entry.")
             admins_ref.child(uid).set({
                 "email": email,
                 "is_admin": True,
+                "first_seen": datetime.datetime.utcnow().isoformat() + 'Z'  # UTC Timestamp
             })
+            logger.info(f"Admin entry created for UID {uid}.")
             # Return the decoded token as they are now an admin
             return decoded
         else:
             # User is not in the approved admin list
+            logger.warning(f"User {uid} ({email}) is not in the approved admin list or not found in DB.")
             return None
     except firebase_auth.InvalidIdTokenError as e:
+        logger.error(f"Invalid Firebase ID token provided: {e}")
         return None
     except firebase_auth.ExpiredIdTokenError as e:
+        logger.error(f"Firebase ID token has expired: {e}")
         return None
     except firebase_auth.RevokedIdTokenError as e:
+        logger.error(f"Firebase ID token has been revoked: {e}")
         return None
     except Exception as e:
+        logger.error(f"Unexpected error during token verification: {e}")
         return None
 # === Admin Setup (Legacy - kept for compatibility) ===
 def setup_admins():
     ref = db.reference("admins")