Spaces:

waroca
/

datapass-server

Running

App Files Files Community

waroca commited on Nov 29, 2025

Commit

add9f72

verified ·

1 Parent(s): f1b8a40

Upload folder using huggingface_hub

Browse files

Files changed (2) hide show

README.md +54 -5
server.py +138 -1

README.md CHANGED Viewed

@@ -1,10 +1,59 @@
 ---
-title: Datapass Server
-emoji: 🌖
-colorFrom: pink
-colorTo: gray
 sdk: docker
 pinned: false
 ---
-Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference

 ---
+title: DataPass Server
+emoji: 🎫
+colorFrom: indigo
+colorTo: purple
 sdk: docker
+app_file: Dockerfile
 pinned: false
 ---
+# DataPass MCP Server
+**Your pass to private data.**
+This is the MCP (Model Context Protocol) server that powers DataPass. It handles:
+- Token validation for dataset access
+- SQL and natural language query execution via DuckDB
+- Stripe payment integration
+- Subscription ledger management
+## MCP Endpoint
+Connect your MCP client (Claude Desktop, Cursor, etc.) to:
+```
+sse: https://your-space.hf.space/sse
+```
+## Available MCP Tools
+### Public Tools
+- `get_dataset_catalog` - Browse available datasets
+### Authenticated Tools (require DataPass token)
+- `get_my_datasets` - View your subscribed datasets
+- `query_dataset` - Run SQL queries on datasets
+- `query_dataset_natural_language` - Ask questions in plain English
+- `get_dataset_sample` - Preview dataset structure
+## Configuration
+This Space requires the following **Secrets** (Settings → Variables and secrets):
+| Secret | Description |
+|--------|-------------|
+| `HF_TOKEN` | HF token with write access to ledger dataset |
+| `ADMIN_API_SECRET` | Shared secret for admin API authentication |
+| `LEDGER_DATASET_ID` | Dataset ID for subscription ledger (e.g., `username/datapass-ledger`) |
+| `STRIPE_SECRET_KEY` | Stripe API key for payments |
+| `STRIPE_WEBHOOK_SECRET` | Stripe webhook signing secret |
+| `FRONTEND_URL` | URL to DataPass frontend (for landing page redirect) |
+## Security Model
+- Dataset files never leave Hugging Face
+- Every request validates the DataPass token
+- Query results are capped (no `SELECT *` dumps)
+- Access automatically expires after subscription period

server.py CHANGED Viewed

@@ -1,6 +1,6 @@
 from mcp.server.fastmcp import FastMCP, Context
 from fastapi import Request
-from fastapi.responses import JSONResponse
 from dotenv import load_dotenv
 import os
 import json
@@ -618,6 +618,143 @@ async def api_admin_detect_format(request: Request):
     return JSONResponse(result)
 # =============================================================================
 # App Initialization
 # =============================================================================

 from mcp.server.fastmcp import FastMCP, Context
 from fastapi import Request
+from fastapi.responses import JSONResponse, HTMLResponse
 from dotenv import load_dotenv
 import os
 import json
     return JSONResponse(result)
+# =============================================================================
+# Landing Page
+# =============================================================================
+FRONTEND_URL = os.getenv("FRONTEND_URL", "https://huggingface.co/spaces/waroca/datapass")
+@mcp.custom_route("/", methods=["GET"])
+async def landing_page(request: Request):
+    """Landing page with DataPass info and redirect to frontend."""
+    html = f"""
+    <!DOCTYPE html>
+    <html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <title>DataPass - MCP Server</title>
+        <style>
+            * {{ margin: 0; padding: 0; box-sizing: border-box; }}
+            body {{
+                font-family: -apple-system, BlinkMacSystemFont, 'SF Pro Display', 'Segoe UI', Roboto, sans-serif;
+                background: linear-gradient(135deg, #1a1a2e 0%, #16213e 50%, #0f3460 100%);
+                min-height: 100vh;
+                display: flex;
+                align-items: center;
+                justify-content: center;
+                color: #fff;
+            }}
+            .container {{
+                text-align: center;
+                padding: 2rem;
+                max-width: 600px;
+            }}
+            .logo {{
+                font-size: 4rem;
+                margin-bottom: 1rem;
+            }}
+            h1 {{
+                font-size: 2.5rem;
+                font-weight: 700;
+                margin-bottom: 0.5rem;
+                letter-spacing: -0.02em;
+            }}
+            .tagline {{
+                font-size: 1.25rem;
+                color: rgba(255,255,255,0.7);
+                margin-bottom: 2rem;
+            }}
+            .card {{
+                background: rgba(255,255,255,0.1);
+                backdrop-filter: blur(10px);
+                border: 1px solid rgba(255,255,255,0.2);
+                border-radius: 16px;
+                padding: 2rem;
+                margin-bottom: 2rem;
+            }}
+            .card h2 {{
+                font-size: 1.125rem;
+                margin-bottom: 1rem;
+                color: rgba(255,255,255,0.9);
+            }}
+            .features {{
+                display: grid;
+                grid-template-columns: 1fr 1fr;
+                gap: 1rem;
+                text-align: left;
+            }}
+            .feature {{
+                display: flex;
+                align-items: center;
+                gap: 0.5rem;
+                font-size: 0.9rem;
+                color: rgba(255,255,255,0.8);
+            }}
+            .btn {{
+                display: inline-block;
+                background: #fff;
+                color: #1a1a2e;
+                padding: 0.875rem 2rem;
+                border-radius: 50px;
+                text-decoration: none;
+                font-weight: 600;
+                font-size: 1rem;
+                transition: transform 0.2s, box-shadow 0.2s;
+            }}
+            .btn:hover {{
+                transform: translateY(-2px);
+                box-shadow: 0 10px 30px rgba(0,0,0,0.3);
+            }}
+            .mcp-info {{
+                margin-top: 2rem;
+                padding: 1rem;
+                background: rgba(0,0,0,0.2);
+                border-radius: 8px;
+                font-size: 0.875rem;
+                color: rgba(255,255,255,0.6);
+            }}
+            code {{
+                background: rgba(255,255,255,0.1);
+                padding: 0.125rem 0.375rem;
+                border-radius: 4px;
+                font-family: 'SF Mono', monospace;
+            }}
+            @media (max-width: 480px) {{
+                .features {{ grid-template-columns: 1fr; }}
+                h1 {{ font-size: 2rem; }}
+            }}
+        </style>
+    </head>
+    <body>
+        <div class="container">
+            <div class="logo">🎫</div>
+            <h1>DataPass</h1>
+            <p class="tagline">Your pass to private data.</p>
+            <div class="card">
+                <h2>Query private datasets without downloading them</h2>
+                <div class="features">
+                    <div class="feature">🔒 Data stays on HF</div>
+                    <div class="feature">💬 Natural language queries</div>
+                    <div class="feature">⚡ SQL via DuckDB</div>
+                    <div class="feature">🎫 Time-limited access</div>
+                </div>
+            </div>
+            <a href="{FRONTEND_URL}" class="btn">Get a DataPass →</a>
+            <div class="mcp-info">
+                <strong>MCP Server Endpoint:</strong><br>
+                <code>sse: {request.url.scheme}://{request.url.netloc}/sse</code>
+            </div>
+        </div>
+    </body>
+    </html>
+    """
+    return HTMLResponse(content=html)
 # =============================================================================
 # App Initialization
 # =============================================================================