Update app.py

app.py

@@ -8,7 +8,7 @@ import sqlite3
 import uuid
 from typing import List, Optional, Dict, Any
 
-from fastapi import FastAPI, UploadFile, File, HTTPException, Form
+from fastapi import FastAPI, UploadFile, File, HTTPException, Form, Header
 from fastapi.middleware.cors import CORSMiddleware
 from pydantic import BaseModel
 
@@ -18,6 +18,14 @@ from langdetect import detect
 from transformers import MarianMTModel, MarianTokenizer
 from openai import OpenAI
 
+# ---- Supabase ----
+from supabase import create_client, Client
+
+SUPABASE_URL = "https://bnvmqgjawtaslczewqyd.supabase.co"
+SUPABASE_ANON_KEY = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImJudm1xZ2phd3Rhc2xjemV3cXlkIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NjQ0NjM5NDAsImV4cCI6MjA4MDAzOTk0MH0.9zkyqrsm-QOSwMTUPZEWqyFeNpbbuar01rB7pmObkUI"
+
+supabase: Client = create_client(SUPABASE_URL, SUPABASE_ANON_KEY)
+
 # ======================================================
 # 0) Configuración general de paths
 # ======================================================
@@ -26,14 +34,10 @@ BASE_DIR = os.path.dirname(os.path.abspath(__file__))
 UPLOAD_DIR = os.path.join(BASE_DIR, "uploaded_dbs")
 os.makedirs(UPLOAD_DIR, exist_ok=True)
 
-# Modelo NL→SQL entrenado por ti en Hugging Face
 MODEL_DIR = os.getenv("MODEL_DIR", "stvnnnnnn/t5-large-nl2sql-spider")
-DEVICE = torch.device("cpu")  # inferencia en CPU
+DEVICE = torch.device("cpu")
 
-# Cliente OpenAI para transcripción de audio (Whisper / gpt-4o-transcribe)
 OPENAI_API_KEY = os.getenv("OPENAI_API_KEY")
-if not OPENAI_API_KEY:
-    print("⚠️ OPENAI_API_KEY no está definido. El endpoint /speech-infer no funcionará hasta configurarlo.")
 openai_client = OpenAI(api_key=OPENAI_API_KEY) if OPENAI_API_KEY else None
 
 # ======================================================
@@ -200,19 +204,13 @@ sql_manager = SQLManager()
 # ======================================================
 
 app = FastAPI(
-    title="NL2SQL T5-large Backend (SQLite engine por ahora)",
-    description=(
-        "Intérprete NL→SQL (T5-large Spider) para usuarios no expertos. "
-        "El usuario sube sus dumps .sql (o ZIP con .sql) y se crean "
-        "bases dinámicas (actualmente SQLite, futuro Postgres/MySQL)."
-    ),
-    version="2.0.0",
+    title="NL2SQL Backend (with Supabase Auth + History)",
+    version="2.1.0",
 )
 
 app.add_middleware(
     CORSMiddleware,
     allow_origins=["*"],
-    allow_credentials=True,
     allow_methods=["*"],
     allow_headers=["*"],
 )
@@ -423,6 +421,13 @@ def build_prompt(question_en: str, db_id: str, schema_str: str) -> str:
         f"note: use JOIN when foreign keys link tables"
     )
 
+def normalize_score(raw: float) -> float:
+    """Normaliza el score logit del modelo a un porcentaje 0-100."""
+    # Rango típico de logits beam-search: -20 a +5
+    norm = (raw + 20) / 25
+    norm = max(0, min(1, norm))
+    return round(norm * 100, 2)
+
 
 def nl2sql_with_rerank(question: str, conn_id: str) -> Dict[str, Any]:
     if conn_id not in sql_manager.connections:
@@ -540,6 +545,7 @@ def nl2sql_with_rerank(question: str, conn_id: str) -> Dict[str, Any]:
         "best_rows_preview": best.get("rows_preview"),
         "best_columns": best.get("columns", []),
         "candidates": candidates,
+        "score_percent": normalize_score(best["score"]),
     }
 
 
@@ -649,73 +655,54 @@ async def startup_event():
 
 
 @app.post("/upload", response_model=UploadResponse)
-async def upload_database(db_file: UploadFile = File(...)):
-    """
-    Subida de BD basada en dumps:
-      - .sql → dump (schema + data) → BD dinámica (SQLite por ahora)
-      - .zip → debe contener uno o varios .sql (se concatenan)
-    """
-    filename = db_file.filename
-    if not filename:
-        raise HTTPException(status_code=400, detail="Archivo sin nombre.")
+async def upload_database(
+    db_file: UploadFile = File(...),
+    authorization: Optional[str] = Header(None)
+):
+    if authorization is None:
+        raise HTTPException(401, "Missing Authorization header")
+
+    jwt = authorization.replace("Bearer ", "")
+    user = supabase.auth.get_user(jwt)
+    if not user or not user.user:
+        raise HTTPException(401, "Invalid Supabase token")
 
+    filename = db_file.filename
     fname_lower = filename.lower()
     contents = await db_file.read()
 
-    note: Optional[str] = None
+    if not filename:
+        raise HTTPException(400, "Archivo sin nombre.")
 
-    # Caso 1: dump .sql
+    # --- procesar SQL ---
     if fname_lower.endswith(".sql"):
         sql_text = contents.decode("utf-8", errors="ignore")
-        try:
-            conn_id = sql_manager.create_database_from_dump(label=filename, sql_text=sql_text)
-        except Exception as e:
-            raise HTTPException(
-                status_code=400,
-                detail=f"No se pudo crear la BD desde el dump SQL: {e}",
-            )
-        meta = sql_manager.connections[conn_id]
-        engine = meta["engine"]
-        db_name = meta["db_name"]
-        note = f"SQL dump imported into {engine.upper()} database '{db_name}'."
-
-    # Caso 2: ZIP con uno o varios .sql
     elif fname_lower.endswith(".zip"):
-        try:
-            sql_text = _combine_sql_files_from_zip(contents)
-        except ValueError as ve:
-            raise HTTPException(status_code=400, detail=str(ve))
-
-        try:
-            conn_id = sql_manager.create_database_from_dump(label=filename, sql_text=sql_text)
-        except Exception as e:
-            raise HTTPException(
-                status_code=400,
-                detail=f"No se pudo crear la BD desde los .sql dentro del ZIP: {e}",
-            )
-        meta = sql_manager.connections[conn_id]
-        engine = meta["engine"]
-        db_name = meta["db_name"]
-        note = f"ZIP with SQL dumps imported into {engine.upper()} database '{db_name}'."
-
+        sql_text = _combine_sql_files_from_zip(contents)
     else:
-        raise HTTPException(
-            status_code=400,
-            detail="Formato no soportado. Usa: .sql o .zip (con archivos .sql dentro).",
-        )
+        raise HTTPException(400, "Formato no soportado. Usa .sql o .zip.")
+
+    # --- crear BD dinámica (SQLite temporal) ---
+    try:
+        conn_id = sql_manager.create_database_from_dump(label=filename, sql_text=sql_text)
+    except Exception as e:
+        raise HTTPException(400, f"Error creando BD: {e}")
 
     meta = sql_manager.connections[conn_id]
-    engine = meta["engine"]
-    db_name = meta["db_name"]
 
-    # db_path pseudo para mantener compatibilidad
-    db_path = f"{engine}://{db_name}"
+    # --- guardar en Supabase ---
+    supabase.table("databases").insert({
+        "user_id": user.user.id,
+        "filename": filename,
+        "engine": meta["engine"],
+        "connection_id": conn_id
+    }).execute()
 
     return UploadResponse(
         connection_id=conn_id,
-        label=meta["label"],
-        db_path=db_path,
-        note=note,
+        label=filename,
+        db_path=f"{meta['engine']}://{meta['db_name']}",
+        note="Database stored and indexed in Supabase."
     )
 
 
@@ -772,8 +759,44 @@ async def preview_table(connection_id: str, table: str, limit: int = 20):
 
 
 @app.post("/infer", response_model=InferResponse)
-async def infer_sql(req: InferRequest):
+async def infer_sql(
+    req: InferRequest,
+    authorization: Optional[str] = Header(None)
+):
+    if authorization is None:
+        raise HTTPException(401, "Missing Authorization header")
+
+    jwt = authorization.replace("Bearer ", "")
+    user = supabase.auth.get_user(jwt)
+    if not user or not user.user:
+        raise HTTPException(401, "Invalid Supabase token")
+
     result = nl2sql_with_rerank(req.question, req.connection_id)
+    score = normalize_score(result["candidates"][0]["score"])
+
+    # buscar db_id en supabase
+    db_row = supabase.table("databases") \
+        .select("id") \
+        .eq("connection_id", req.connection_id) \
+        .eq("user_id", user.user.id) \
+        .execute()
+
+    db_id = db_row.data[0]["id"] if db_row.data else None
+
+    # guardar historial
+    supabase.table("queries").insert({
+        "user_id": user.user.id,
+        "db_id": db_id,
+        "nl": result["question_original"],
+        "sql_generated": result["best_sql"],
+        "sql_repaired": result["candidates"][0]["sql"],
+        "execution_ok": result["best_exec_ok"],
+        "error": result["best_exec_error"],
+        "rows_preview": result["best_rows_preview"],
+        "score": score
+    }).execute()
+
+    result["score_percent"] = score
     return InferResponse(**result)
 
 
@@ -826,6 +849,38 @@ async def health():
         "device": str(DEVICE),
     }
 
+@app.get("/history")
+def get_history(authorization: Optional[str] = Header(None)):
+    if authorization is None:
+        raise HTTPException(401, "Missing Authorization")
+
+    jwt = authorization.replace("Bearer ", "")
+    user = supabase.auth.get_user(jwt)
+
+    rows = supabase.table("queries") \
+        .select("*") \
+        .eq("user_id", user.user.id) \
+        .order("created_at", desc=True) \
+        .execute()
+
+    return rows.data
+
+
+@app.get("/my-databases")
+def get_my_databases(authorization: Optional[str] = Header(None)):
+    if authorization is None:
+        raise HTTPException(401, "Missing Authorization")
+
+    jwt = authorization.replace("Bearer ", "")
+    user = supabase.auth.get_user(jwt)
+
+    rows = supabase.table("databases") \
+        .select("*") \
+        .eq("user_id", user.user.id) \
+        .execute()
+
+    return rows.data
+
 
 @app.get("/")
 async def root():