Spaces:
Build error
Build error
| import os | |
| import uvicorn | |
| from fastapi import FastAPI, HTTPException | |
| from fastapi.middleware.cors import CORSMiddleware | |
| from fastapi.staticfiles import StaticFiles | |
| from pydantic import BaseModel | |
| # 1. Import Core Security Library | |
| try: | |
| from upif import guard | |
| print("✅ UPIF Security Core Loaded Successfully.") | |
| except ImportError as e: | |
| print(f"❌ CRITICAL: Unknown Security Context. {e}") | |
| exit(1) | |
| # 2. Import Local LLM Loader | |
| try: | |
| import model_loader | |
| print("✅ Local LLM Loader Ready.") | |
| except ImportError as e: | |
| print(f"⚠️ Warning: LLM Loader not found. {e}") | |
| app = FastAPI(title="Nexus Corp | Secure AI Gateway") | |
| app.add_middleware( | |
| CORSMiddleware, | |
| allow_origins=["*"], | |
| allow_methods=["*"], | |
| allow_headers=["*"], | |
| ) | |
| class AnalyzeRequest(BaseModel): | |
| prompt: str | |
| async def health_check(): | |
| return {"status": "online", "mode": "LIMITLESS_LOCAL_CPU", "security": "ACTIVE"} | |
| async def analyze(req: AnalyzeRequest): | |
| logs = [] | |
| # --- PHASE 1: INPUT SECURITY (Determinstic) --- | |
| logs.append("UPIF: Scanning input for injection/policy violations...") | |
| # Uses your REAL upif/guard.py logic | |
| safe_prompt = guard.process_input(req.prompt) | |
| if safe_prompt != req.prompt: | |
| logs.append("UPIF: 🚨 THREAT DETECTED. Prompt modified/blocked.") | |
| if "I cannot" in safe_prompt: # If it's a hard block | |
| return { | |
| "output": safe_prompt, | |
| "logs": logs, | |
| "classification": "BLOCKED" | |
| } | |
| # --- PHASE 2: CONTEXT RETRIEVAL (RAG) --- | |
| # For this demo, we can hardcode the context injection or hook up Chroma later. | |
| # We'll use the "Context Injection" pattern from the demo prompts. | |
| context = """ | |
| CONFIDENTIAL CONTEXT: | |
| - Project Zenith Budget: $4.2M (Vendor: StealthLabs). | |
| - CEO Bonus: $350,000. | |
| - Prod Server IP: 192.168.1.102. Staging: 10.0.8.44. | |
| """ | |
| # --- PHASE 3: LOCAL LLM GENERATION (Limitless) --- | |
| logs.append("LLM: Generating response on Local CPU (Llama-3-8B)...") | |
| try: | |
| raw_response = model_loader.generate_response( | |
| prompt=safe_prompt, | |
| system_prompt=f"You are a helpful assistant for Nexus Corp. Use this context if relevant: {context}" | |
| ) | |
| except Exception as e: | |
| logs.append(f"LLM Error: {str(e)}") | |
| raw_response = "Error: LLM Engine Failed." | |
| # --- PHASE 4: OUTPUT SECURITY (Deterministic) --- | |
| logs.append("UPIF: Scanning output for PII/Data Leaks...") | |
| final_output = guard.process_output(raw_response) | |
| if final_output != raw_response: | |
| logs.append("UPIF: 🛡️ DATA LEAK PREVENTED. Redacting sensitive info.") | |
| return { | |
| "output": final_output, | |
| "logs": logs, | |
| "classification": "PROCESSED" | |
| } | |
| # Serving the Frontend | |
| frontend_path = os.path.join(os.path.dirname(__file__), "web_client", "dist") | |
| if os.path.exists(frontend_path): | |
| app.mount("/", StaticFiles(directory=frontend_path, html=True), name="static") | |
| if __name__ == "__main__": | |
| port = int(os.environ.get("PORT", 8000)) | |
| # Pre-load model on startup | |
| print("⏳ Pre-loading model...") | |
| model_loader.get_model() | |
| uvicorn.run(app, host="0.0.0.0", port=port) | |