Update main.py

main.py

@@ -17,28 +17,51 @@ import random
 from datetime import datetime as dt_class, timezone
 from zoneinfo import ZoneInfo
 import pandas as pd
-import certifi
-import requests # <-- ADDED IMPORT
-import functools # <-- ADDED IMPORT
+import dns.resolver # <-- ADDED IMPORT
+import socket      # <-- ADDED IMPORT
 
-# === MONKEY-PATCH FOR SSL CERTIFICATE FIX ===
-# This is the definitive solution to the SSL/TLS verification issue.
-# It intercepts any web request made by the `requests` library (which `resend` uses)
-# and forces it to use the modern certificate bundle from `certifi`.
+# === DNS RESOLUTION FIX ===
+# This is the definitive solution for networking issues in restricted environments.
+# It intercepts DNS lookups for 'api.resend.com' and forces them through a
+# reliable public DNS resolver, bypassing any potential issues with the
+# container's default DNS settings.
 
-# 1. Store the original `request` method
-original_request = requests.request
+def setup_dns_override():
+    """Overrides the default socket address resolver for a specific domain."""
+    try:
+        # Use reliable public DNS servers
+        resolver = dns.resolver.Resolver()
+        resolver.nameservers = ['8.8.8.8', '8.8.4.4']
+
+        # Store the original resolver function
+        original_getaddrinfo = socket.getaddrinfo
+
+        def new_getaddrinfo(*args, **kwargs):
+            # Check if the domain we're looking up is the one we want to override
+            if args and isinstance(args[0], str) and 'api.resend.com' in args[0]:
+                try:
+                    # Resolve the domain to an IP address using our custom resolver
+                    answers = resolver.resolve(args[0], 'A')
+                    ip_address = str(answers[0])
+                    logger.info(f"DNS Override: Resolved {args[0]} to {ip_address}")
+                    # Call the original function with the IP address instead of the domain
+                    return original_getaddrinfo(ip_address, *args[1:], **kwargs)
+                except Exception as e:
+                    logger.error(f"DNS Override Failed for {args[0]}: {e}. Falling back to default resolver.")
+            
+            # For all other domains, use the original resolver
+            return original_getaddrinfo(*args, **kwargs)
+
+        # Replace the system's default resolver with our new one
+        socket.getaddrinfo = new_getaddrinfo
+        logger.info("Custom DNS resolver for 'api.resend.com' has been successfully set up.")
+    except Exception as e:
+        logger.error(f"Failed to set up custom DNS resolver: {e}")
 
-# 2. Create a new patched method
-@functools.wraps(original_request)
-def patched_request(*args, **kwargs):
-    # 3. If 'verify' is not already set, set it to the certifi bundle path
-    kwargs.setdefault('verify', certifi.where())
-    # 4. Call the original method with the potentially modified arguments
-    return original_request(*args, **kwargs)
+# Apply the fix at startup
+setup_dns_override()
+# === END DNS FIX ===
 
-# 5. Replace the original method in the `requests` library with our patched version
-requests.request = patched_request
 
 # === Logging Configuration ===
 if not os.path.exists('logs'):
@@ -60,7 +83,7 @@ root_logger.addHandler(console_handler)
 
 # === ENV Config & Admin Setup ===
 ADMIN_EMAILS = ["rairorr@gmail.com", "nharingosheperd@gmail.com"]
-SEND_TO_EMAILS = ["rairorr@gmail.com", "nharingosheperd+guard@gmail.com", "initiumzim@gmail.com"]
+SEND_TO_EMAILS = ["rairorr@gmail.com", "nharingosheperd+guard@gmail.com"]
 
 RESEND_API_KEY = os.getenv("RESEND_API_KEY")
 FIREBASE_CRED_JSON = json.loads(os.getenv("FIREBASE"))
@@ -250,6 +273,7 @@ def log_response_info(response):
 def home():
     return jsonify({"message": "Rairo Guards API is running.", "status": "ok"}), 200
 
+# (All other routes follow)
 @app.route("/upload_members", methods=["POST"])
 def upload_members():
     if not verify_token(request): return jsonify({"error": "Unauthorized"}), 401