debug

Dockerfile

@@ -1,24 +1,20 @@
 # Use an official Python runtime as a parent image
-FROM python:3.12-slim
+FROM python:3.12-slim # Or 3.10/3.11 if preferred
 
-# Set the working directory in the container
 WORKDIR /code
 
-# Copy the requirements file into the container
 COPY ./requirements.txt /code/requirements.txt
 
-# Install any needed packages specified in requirements.txt
 RUN pip install --no-cache-dir --upgrade pip && \
     pip install --no-cache-dir -r requirements.txt
 
-# Copy the application code (Backend API and Streamlit app)
+# Copy application code
 COPY ./app /code/app
-COPY ./streamlit_app.py /code/streamlit_app.py # Add streamlit app file
+# Copy static files and templates
+COPY ./static /code/static
+COPY ./templates /code/templates
 
-# Make port 7860 available (Streamlit default is 8501, but HF uses specified port)
 EXPOSE 7860
 
-# Command to run the Streamlit application
-# Use --server.port to match EXPOSE and HF config
-# Use --server.address to bind correctly inside container
-CMD ["streamlit", "run", "streamlit_app.py", "--server.port=7860", "--server.address=0.0.0.0"]
+# Command to run the FastAPI application
+CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "7860"]

app/api.py

@@ -1,97 +1,60 @@
+# app/api.py
 from fastapi import APIRouter, HTTPException, status, Depends, WebSocket, WebSocketDisconnect
-from fastapi.responses import JSONResponse
+# Remove JSONResponse if not explicitly needed
 import logging
 
 from . import schemas, crud, auth, models
 from .websocket import manager
+# --- Use the new dependency ---
 from .dependencies import get_required_current_user
 
 router = APIRouter()
 logger = logging.getLogger(__name__)
 
-@router.post("/register", status_code=status.HTTP_201_CREATED, response_model=models.User)
+# --- (register and login endpoints remain the same) ---
+@router.post("/register", ...) # Keep as is
 async def register_user(user_in: schemas.UserCreate):
+    # ... same logic ...
     existing_user = await crud.get_user_by_email(user_in.email)
     if existing_user:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail="Email already registered",
-        )
+        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Email already registered")
     hashed_password = auth.get_password_hash(user_in.password)
     user_id = await crud.create_user(user_in=user_in, hashed_password=hashed_password)
-
-    # Send notification to other connected users
-    notification_msg = schemas.Notification(
-        email=user_in.email,
-        message=f"New user registered: {user_in.email}"
-    ).model_dump_json() # Use model_dump_json for Pydantic v2
-
-    # We broadcast but conceptually exclude the sender.
-    # Since the new user isn't connected via WebSocket *yet* during registration,
-    # we don't have a sender_id from the WebSocket context here.
-    # We can pass the new user_id to prevent potential self-notification if
-    # the WebSocket connection happens very quickly and maps the ID.
+    notification_msg = schemas.Notification(email=user_in.email, message=f"New user registered: {user_in.email}").model_dump_json()
     await manager.broadcast(notification_msg, sender_id=user_id)
-
-    # Return the newly created user's public info
-    # Fetch the user details to return them accurately
     created_user = await crud.get_user_by_id(user_id)
-    if not created_user:
-         # This case should ideally not happen if create_user is successful
-         raise HTTPException(status_code=500, detail="Failed to retrieve created user")
-
-    # Convert UserInDB to User model for response
+    if not created_user: raise HTTPException(status_code=500, detail="Failed to retrieve created user")
     return models.User(id=created_user.id, email=created_user.email)
 
-
-@router.post("/login", response_model=schemas.Token)
+@router.post("/login", ...) # Keep as is
 async def login_for_access_token(form_data: schemas.UserLogin):
+     # ... same logic ...
     user = await crud.get_user_by_email(form_data.email)
     if not user or not auth.verify_password(form_data.password, user.hashed_password):
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Incorrect email or password",
-            headers={"WWW-Authenticate": "Bearer"},
-        )
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect email or password", headers={"WWW-Authenticate": "Bearer"})
     access_token = auth.create_session_token(user_id=user.id)
     return {"access_token": access_token, "token_type": "bearer"}
 
+# --- UPDATE this endpoint ---
 @router.get("/users/me", response_model=models.User)
 async def read_users_me(current_user: models.User = Depends(get_required_current_user)):
-    # This endpoint now relies on the dependency correctly getting the user from the token
-    # The token needs to be passed to get_required_current_user somehow.
-    # In Gradio's case, we might call this function directly from Gradio's backend
-    # passing the token from gr.State, rather than relying on HTTP Headers/Cookies.
-    # Let's adjust the dependency call when we use it in main.py.
+    """
+    Returns the current authenticated user's details based on the
+    Authorization: Bearer <token> header.
+    """
+    # The dependency now handles getting the user from the header token
     return current_user
 
-
-# WebSocket endpoint (can be associated with the main API router or separate)
+# --- (websocket endpoint remains the same) ---
 @router.websocket("/ws/{user_id_token}")
 async def websocket_endpoint(websocket: WebSocket, user_id_token: str):
-    """
-    WebSocket endpoint. Connects user and listens for messages.
-    The user_id_token is the signed session token from login.
-    """
+    # ... same logic ...
     user_id = await auth.get_user_id_from_token(user_id_token)
     if user_id is None:
         logger.warning(f"WebSocket connection rejected: Invalid token {user_id_token}")
-        await websocket.close(code=status.WS_1008_POLICY_VIOLATION)
-        return
-
+        await websocket.close(code=status.WS_1008_POLICY_VIOLATION); return
     await manager.connect(websocket, user_id)
     try:
-        while True:
-            # Keep connection alive, maybe handle incoming messages if needed later
-            data = await websocket.receive_text()
-            # For now, we just broadcast on registration, not handle client messages
-            logger.debug(f"Received message from {user_id}: {data} (currently ignored)")
-            # Example: await websocket.send_text(f"Message text was: {data}")
-    except WebSocketDisconnect:
-        manager.disconnect(websocket)
-        logger.info(f"WebSocket disconnected for user {user_id}")
-    except Exception as e:
-        manager.disconnect(websocket)
-        logger.error(f"WebSocket error for user {user_id}: {e}")
-        # Optionally close with an error code
-        # await websocket.close(code=status.WS_1011_INTERNAL_ERROR)
+        while True: data = await websocket.receive_text(); logger.debug(f"Received WS msg from {user_id}: {data}")
+    except WebSocketDisconnect: manager.disconnect(websocket); logger.info(f"WebSocket disconnected for user {user_id}")
+    except Exception as e: manager.disconnect(websocket); logger.error(f"WebSocket error for user {user_id}: {e}")

app/dependencies.py

@@ -1,22 +1,38 @@
-from fastapi import HTTPException, status, Request # Request may not be needed if token passed directly
+from fastapi import Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordBearer # Use FastAPI's built-in helper
 from typing import Optional
-from . import auth
-from .models import User
+from . import auth, models
 
-# This dependency assumes the token is passed somehow,
-# e.g., in headers (less likely from Gradio client code) or as an argument
-# We will adapt how the token is passed from Gradio later.
-async def get_optional_current_user(token: Optional[str] = None) -> Optional[User]:
-    if token:
+# Setup OAuth2 scheme pointing to the login *API* endpoint
+# tokenUrl relative to the path where the app is mounted
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/login")
+
+async def get_optional_current_user(token: str = Depends(oauth2_scheme)) -> Optional[models.User]:
+    """
+    Dependency to get the current user from the token in the Authorization header.
+    Returns None if the token is invalid or not provided.
+    Handles potential exceptions during token decoding/validation gracefully for optional user.
+    """
+    try:
+        # OAuth2PasswordBearer already extracts the token from the header
         user = await auth.get_current_user_from_token(token)
         return user
-    return None
+    except Exception: # Catch exceptions if the token is invalid but we don't want to fail hard
+        return None
 
-async def get_required_current_user(token: Optional[str] = None) -> User:
-    user = await get_optional_current_user(token)
+async def get_required_current_user(token: str = Depends(oauth2_scheme)) -> models.User:
+    """
+    Dependency to get the current user, raising HTTP 401 if not authenticated.
+    """
+    # OAuth2PasswordBearer will raise a 401 if the header is missing/malformed
+    user = await auth.get_current_user_from_token(token)
     if user is None:
+        # This case covers valid token format but expired/invalid signature/user not found
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Not authenticated",
+            detail="Could not validate credentials", # Keep detail generic
+            headers={"WWW-Authenticate": "Bearer"},
         )
-    return user
+    return user
+
+# Modify the /users/me endpoint in api.py to use the new dependency

app/main.py

@@ -1,31 +1,41 @@
 # app/main.py
-import gradio as gr
-import httpx
-import websockets
+# Remove Gradio imports if any remain
+# import gradio as gr <--- REMOVE
+
+import httpx # Keep if needed, but not used in this version of main.py
+import websockets # Keep if needed, but not used in this version of main.py
 import asyncio
 import json
 import os
 import logging
 from contextlib import asynccontextmanager
 
-from fastapi import FastAPI, Depends # Import FastAPI itself
+from fastapi import FastAPI, Depends, Request # Add Request
+from fastapi.responses import HTMLResponse    # Add HTMLResponse
+from fastapi.staticfiles import StaticFiles     # Add StaticFiles
+from fastapi.templating import Jinja2Templates # Add Jinja2Templates (optional, but good practice)
+
+# --- Import necessary items from database.py ---
 from .database import connect_db, disconnect_db, database, metadata, users
 from .api import router as api_router
 from . import schemas, auth, dependencies
-from .websocket import manager # Import the connection manager instance
+from .websocket import manager # Keep
 
+# --- Import SQLAlchemy helpers for DDL generation ---
 from sqlalchemy.schema import CreateTable
 from sqlalchemy.dialects import sqlite
 
+# Configure logging
 logging.basicConfig(level=logging.INFO)
 logger = logging.getLogger(__name__)
 
-API_BASE_URL = "http://127.0.0.1:7860/api"
+# --- REMOVE API_BASE_URL if not needed elsewhere ---
+# API_BASE_URL = "http://127.0.0.1:7860/api"
 
-# --- Lifespan (remains the same) ---
+# --- Lifespan Event (remains the same) ---
 @asynccontextmanager
 async def lifespan(app: FastAPI):
-    # ... (same DB setup code) ...
+    # ... (same DB setup code as previous correct version) ...
     logger.info("Application startup: Connecting DB...")
     await connect_db()
     logger.info("Application startup: DB Connected. Checking/Creating tables...")
@@ -34,16 +44,16 @@ async def lifespan(app: FastAPI):
             check_query = "SELECT name FROM sqlite_master WHERE type='table' AND name=:table_name;"
             table_exists = await database.fetch_one(query=check_query, values={"table_name": users.name})
             if not table_exists:
-                logger.info(f"Table '{users.name}' not found, attempting creation using async connection...")
+                logger.info(f"Table '{users.name}' not found, creating...")
                 dialect = sqlite.dialect()
                 create_table_stmt = str(CreateTable(users).compile(dialect=dialect))
                 await database.execute(query=create_table_stmt)
-                logger.info(f"Table '{users.name}' created successfully via async connection.")
+                logger.info(f"Table '{users.name}' created.")
                 table_exists_after = await database.fetch_one(query=check_query, values={"table_name": users.name})
-                if table_exists_after: logger.info(f"Table '{users.name}' verified after creation.")
-                else: logger.error(f"Table '{users.name}' verification FAILED after creation attempt!")
+                if table_exists_after: logger.info(f"Table '{users.name}' verified.")
+                else: logger.error(f"Table '{users.name}' verification FAILED!")
             else:
-                logger.info(f"Table '{users.name}' already exists (checked via async connection).")
+                logger.info(f"Table '{users.name}' already exists.")
         except Exception as db_setup_err:
             logger.exception(f"CRITICAL error during async DB table setup: {db_setup_err}")
     else:
@@ -55,222 +65,42 @@ async def lifespan(app: FastAPI):
     logger.info("Application shutdown: DB Disconnected.")
 
 
-# --- FastAPI App Setup (remains the same) ---
+# Create the main FastAPI app instance
 app = FastAPI(lifespan=lifespan)
-app.include_router(api_router, prefix="/api")
-
-# --- Helper functions (make_api_request remains the same) ---
-async def make_api_request(method: str, endpoint: str, **kwargs):
-    async with httpx.AsyncClient() as client:
-        url = f"{API_BASE_URL}{endpoint}"
-        try: response = await client.request(method, url, **kwargs); response.raise_for_status(); return response.json()
-        except httpx.RequestError as e: logger.error(f"HTTP Request failed: {e.request.method} {e.request.url} - {e}"); return {"error": f"Network error: {e}"}
-        except httpx.HTTPStatusError as e:
-            logger.error(f"HTTP Status error: {e.response.status_code} - {e.response.text}")
-            try: detail = e.response.json().get("detail", e.response.text)
-            except json.JSONDecodeError: detail = e.response.text
-            return {"error": f"API Error: {detail}"}
-        except Exception as e: logger.error(f"Unexpected error during API call: {e}"); return {"error": f"Unexpected error: {str(e)}"}
 
-# --- WebSocket handling ---
-# <<< Pass state objects by reference >>>
-async def listen_to_websockets(token: str, notification_list_state: gr.State, notification_trigger_state: gr.State):
-    """Connects to WS and updates state list and trigger when a message arrives."""
-    ws_listener_id = f"WSListener-{os.getpid()}-{asyncio.current_task().get_name()}"
-    logger.info(f"[{ws_listener_id}] Starting WebSocket listener task.")
+# Mount API routes FIRST
+app.include_router(api_router, prefix="/api")
 
-    if not token:
-        logger.warning(f"[{ws_listener_id}] No token provided. Task exiting.")
-        return # Just exit, don't need to return state values
+# --- Mount Static files ---
+# Ensure the path exists relative to where you run uvicorn (or use absolute paths)
+# Since main.py is in app/, static/ is one level up
+# Adjust 'directory' path if needed based on your execution context
+app.mount("/static", StaticFiles(directory="static"), name="static")
 
-    ws_url_base = API_BASE_URL.replace("http", "ws")
-    ws_url = f"{ws_url_base}/ws/{token}"
-    logger.info(f"[{ws_listener_id}] Attempting to connect: {ws_url}")
+# --- Optional: Use Jinja2Templates for more flexibility ---
+# templates = Jinja2Templates(directory="templates")
 
+# --- Serve the main HTML page ---
+@app.get("/", response_class=HTMLResponse)
+async def read_root(request: Request):
+    # Simple way: Read the file directly
     try:
-        async with websockets.connect(ws_url, open_timeout=15.0) as websocket:
-            logger.info(f"[{ws_listener_id}] WebSocket connected successfully.")
-            while True:
-                try:
-                    message_str = await asyncio.wait_for(websocket.recv(), timeout=300.0)
-                    logger.info(f"[{ws_listener_id}] Received: {message_str[:100]}...")
-                    try:
-                         message_data = json.loads(message_str)
-                         if message_data.get("type") == "new_user":
-                            notification = schemas.Notification(**message_data)
-                            logger.info(f"[{ws_listener_id}] Processing 'new_user': {notification.message}")
-                            # --- Modify state values directly ---
-                            current_list = notification_list_state.value.copy() # Operate on copy
-                            current_list.insert(0, notification.message)
-                            if len(current_list) > 10: current_list.pop()
-                            notification_list_state.value = current_list # Assign back modified copy
-                            notification_trigger_state.value += 1 # Increment trigger
-                            # --- Log the update ---
-                            logger.info(f"[{ws_listener_id}] States updated: list len={len(notification_list_state.value)}, trigger={notification_trigger_state.value}")
-                         else:
-                              logger.warning(f"[{ws_listener_id}] Unknown message type: {message_data.get('type')}")
-                    # ... (error handling for parsing) ...
-                    except json.JSONDecodeError: logger.error(f"[{ws_listener_id}] JSON Decode Error: {message_str}")
-                    except Exception as parse_err: logger.error(f"[{ws_listener_id}] Message Processing Error: {parse_err}")
-                # ... (error handling for websocket recv/connection) ...
-                except asyncio.TimeoutError: logger.debug(f"[{ws_listener_id}] WebSocket recv timed out."); continue
-                except websockets.ConnectionClosedOK: logger.info(f"[{ws_listener_id}] WebSocket closed normally."); break
-                except websockets.ConnectionClosedError as e: logger.error(f"[{ws_listener_id}] WebSocket closed with error: {e}"); break
-                except Exception as e: logger.error(f"[{ws_listener_id}] Listener loop error: {e}"); await asyncio.sleep(1); break
-    # ... (error handling for websocket connect) ...
-    except asyncio.TimeoutError: logger.error(f"[{ws_listener_id}] WebSocket initial connection timed out.")
-    except websockets.exceptions.InvalidURI: logger.error(f"[{ws_listener_id}] Invalid WebSocket URI.")
-    except websockets.exceptions.WebSocketException as e: logger.error(f"[{ws_listener_id}] WebSocket connection failed: {e}")
-    except Exception as e: logger.error(f"[{ws_listener_id}] Unexpected error in listener task: {e}")
-
-    logger.info(f"[{ws_listener_id}] Listener task finished.")
-    # No need to return state values when task ends
-
-# --- Gradio Interface ---
-with gr.Blocks(theme=gr.themes.Soft()) as demo:
-    # State variables
-    auth_token = gr.State(None)
-    user_info = gr.State(None)
-    notification_list = gr.State([])
-    websocket_task = gr.State(None)
-    # Add trigger states
-    notification_trigger = gr.State(0)
-    last_polled_trigger = gr.State(0) # State to track last seen trigger
-
-    # --- UI Components ---
-    with gr.Tabs() as tabs:
-        # --- Registration/Login Tabs (remain the same) ---
-        with gr.TabItem("Register", id="register_tab"):
-            gr.Markdown("## Create a new account")
-            reg_email = gr.Textbox(label="Email", type="email")
-            reg_password = gr.Textbox(label="Password (min 8 chars)", type="password")
-            reg_confirm_password = gr.Textbox(label="Confirm Password", type="password")
-            reg_button = gr.Button("Register")
-            reg_status = gr.Textbox(label="Status", interactive=False)
-        with gr.TabItem("Login", id="login_tab"):
-            gr.Markdown("## Login to your account")
-            login_email = gr.Textbox(label="Email", type="email")
-            login_password = gr.Textbox(label="Password", type="password")
-            login_button = gr.Button("Login")
-            login_status = gr.Textbox(label="Status", interactive=False)
-
-        # --- Welcome Tab ---
-        with gr.TabItem("Welcome", id="welcome_tab", visible=False) as welcome_tab:
-            gr.Markdown("## Welcome!", elem_id="welcome_header")
-            welcome_message = gr.Markdown("", elem_id="welcome_message")
-            logout_button = gr.Button("Logout")
-            gr.Markdown("---")
-            gr.Markdown("## Real-time Notifications")
-            notification_display = gr.Textbox( # Visible display
-                label="New User Alerts", lines=5, max_lines=10, interactive=False
-            )
-            # <<< Hidden component for polling >>>
-            dummy_poller = gr.Number(label="poller", value=0, visible=False, every=1)
-
-
-    # --- Event Handlers ---
-
-    # Registration Logic (remains the same)
-    async def handle_register(email, password, confirm_password):
-        if not email or not password or not confirm_password: return gr.update(value="Please fill fields.")
-        if password != confirm_password: return gr.update(value="Passwords mismatch.")
-        if len(password) < 8: return gr.update(value="Password >= 8 chars.")
-        payload = {"email": email, "password": password}
-        result = await make_api_request("post", "/register", json=payload)
-        if "error" in result: return gr.update(value=f"Register failed: {result['error']}")
-        else: return gr.update(value=f"Register success: {result.get('email')}! Log in.")
-    reg_button.click(handle_register, inputs=[reg_email, reg_password, reg_confirm_password], outputs=[reg_status])
-
-    # Login Logic
-    # <<< MODIFIED: Pass/Reset both trigger states >>>
-    async def handle_login(email, password, current_task, current_trigger_val, current_last_poll_val):
-        # Define failure outputs matching the outputs list
-        fail_outputs = (gr.update(value="..."), None, None, None, gr.update(visible=False), None, current_task, current_trigger_val, current_last_poll_val)
-
-        if not email or not password: return fail_outputs[:1] + (gr.update(value="Enter email/password"),) + fail_outputs[2:]
-
-        payload = {"email": email, "password": password}
-        result = await make_api_request("post", "/login", json=payload)
-
-        if "error" in result: return (gr.update(value=f"Login failed: {result['error']}"),) + fail_outputs[1:]
-        else:
-            token = result.get("access_token")
-            user_data = await dependencies.get_optional_current_user(token)
-            if not user_data: return (gr.update(value="Login ok but user fetch failed."),) + fail_outputs[1:]
-
-            if current_task and not current_task.done():
-                current_task.cancel()
-                try: await current_task
-                except asyncio.CancelledError: logger.info("Previous WebSocket task cancelled.")
-
-            # <<< Pass state objects to listener >>>
-            new_task = asyncio.create_task(listen_to_websockets(token, notification_list, notification_trigger))
-
-            welcome_msg = f"Welcome, {user_data.email}!"
-            # Reset triggers on successful login
-            return (
-                gr.update(value="Login successful!"), token, user_data.model_dump(), # status, token, user_info
-                gr.update(selected="welcome_tab"), gr.update(visible=True), gr.update(value=welcome_msg), # UI changes
-                new_task, 0, 0 # websocket_task, notification_trigger, last_polled_trigger
-            )
-
-    # <<< MODIFIED: Add last_polled_trigger to inputs/outputs >>>
-    login_button.click(
-        handle_login,
-        inputs=[login_email, login_password, websocket_task, notification_trigger, last_polled_trigger],
-        outputs=[login_status, auth_token, user_info, tabs, welcome_tab, welcome_message, websocket_task, notification_trigger, last_polled_trigger]
-    )
-
-
-    # <<< Polling function >>>
-    def poll_and_update(current_trigger_value, last_known_trigger, current_notif_list):
-        """ Checks trigger state change and updates UI if needed. """
-        if current_trigger_value != last_known_trigger:
-            logger.info(f"Polling detected trigger change ({last_known_trigger} -> {current_trigger_value}). Updating UI.")
-            new_value = "\n".join(current_notif_list)
-            # Return new display value AND update last_known_trigger state value
-            return gr.update(value=new_value), current_trigger_value
-        else:
-            # No change, return NoUpdate for display AND existing last_known_trigger value
-            return gr.NoUpdate(), last_known_trigger
-
-    # <<< Attach polling function to the dummy component's change event >>>
-    dummy_poller.change(
-        fn=poll_and_update,
-        inputs=[notification_trigger, last_polled_trigger, notification_list],
-        outputs=[notification_display, last_polled_trigger], # Update display & last polled state
-        queue=False # Try immediate update
-    )
-
-
-    # Logout Logic
-    # <<< MODIFIED: Reset both trigger states >>>
-    async def handle_logout(current_task):
-        if current_task and not current_task.done():
-            current_task.cancel()
-            try: await current_task
-            except asyncio.CancelledError: logger.info("WebSocket task cancelled on logout.")
-        # Reset all relevant states
-        return ( None, None, [], None, # auth_token, user_info, notification_list, websocket_task
-                 gr.update(selected="login_tab"), gr.update(visible=False), # tabs, welcome_tab
-                 gr.update(value=""), gr.update(value=""), # welcome_message, login_status
-                 0, 0 ) # notification_trigger, last_polled_trigger (reset)
+        with open("templates/index.html", "r") as f:
+            html_content = f.read()
+        return HTMLResponse(content=html_content)
+    except FileNotFoundError:
+        logger.error("templates/index.html not found!")
+        return HTMLResponse(content="<html><body><h1>Error: Frontend not found</h1></body></html>", status_code=500)
+    # Jinja2 way (if using templates):
+    # return templates.TemplateResponse("index.html", {"request": request})
 
-    # <<< MODIFIED: Add last_polled_trigger to outputs >>>
-    logout_button.click(
-        handle_logout,
-        inputs=[websocket_task],
-        outputs=[
-            auth_token, user_info, notification_list, websocket_task,
-            tabs, welcome_tab, welcome_message, login_status,
-            notification_trigger, last_polled_trigger # Add trigger states here
-        ]
-    )
 
-# Mount Gradio App (remains the same)
-app = gr.mount_gradio_app(app, demo, path="/")
+# --- REMOVE Gradio mounting ---
+# app = gr.mount_gradio_app(app, demo, path="/")
 
-# Run Uvicorn (remains the same)
+# --- Uvicorn run command (no changes needed here) ---
 if __name__ == "__main__":
     import uvicorn
+    # Note: If running from the project root directory (fastapi_gradio_auth/),
+    # the app path is "app.main:app"
     uvicorn.run("app.main:app", host="0.0.0.0", port=7860, reload=True)

requirements.txt

@@ -1,9 +1,8 @@
 fastapi==0.111.0
 uvicorn[standard]==0.29.0
-# gradio==4.29.0 # Removed
-streamlit==1.33.0 # Added (or latest)
-passlib[bcrypt]==1.7.4
+# gradio==4.29.0 # REMOVE
 bcrypt==4.1.3
+passlib[bcrypt]==1.7.4
 python-dotenv==1.0.1
 databases[sqlite]==0.9.0
 sqlalchemy==2.0.29
@@ -11,5 +10,5 @@ pydantic==2.7.1
 python-multipart==0.0.9
 itsdangerous==2.1.2
 websockets>=11.0.3,<13.0
-httpx==0.27.0 # Needed for API calls from Streamlit
-streamlit-autorefresh==1.0.1 # Added for polling notifications
+aiofiles==23.2.1 # <-- ADD for StaticFiles
+httpx==0.27.0    # <-- ADD (useful if backend needs to call itself, good practice)

static/css/style.css

@@ -0,0 +1,94 @@
+body {
+    font-family: sans-serif;
+    line-height: 1.6;
+    margin: 20px;
+    background-color: #f4f4f4;
+}
+
+h1, h2 {
+    color: #333;
+}
+
+.auth-section {
+    background-color: #fff;
+    padding: 20px;
+    margin-bottom: 20px;
+    border: 1px solid #ddd;
+    border-radius: 5px;
+    max-width: 400px;
+}
+
+#welcome-section {
+     background-color: #e7f3fe;
+     padding: 20px;
+     border: 1px solid #c8e1f8;
+     border-radius: 5px;
+}
+
+
+label {
+    display: inline-block;
+    margin-bottom: 5px;
+}
+
+input[type="email"],
+input[type="password"] {
+    width: calc(100% - 22px); /* Account for padding/border */
+    padding: 10px;
+    margin-bottom: 10px;
+    border: 1px solid #ccc;
+    border-radius: 4px;
+}
+
+button {
+    background-color: #5cb85c;
+    color: white;
+    padding: 10px 15px;
+    border: none;
+    border-radius: 4px;
+    cursor: pointer;
+    font-size: 1em;
+}
+
+button:hover {
+    background-color: #4cae4c;
+}
+
+#logout-button {
+     background-color: #d9534f;
+}
+#logout-button:hover {
+     background-color: #c9302c;
+}
+
+.status-message {
+    margin-top: 15px;
+    color: red;
+    font-weight: bold;
+}
+.status-message.success {
+    color: green;
+}
+
+hr {
+    margin: 20px 0;
+}
+
+#notifications {
+    margin-top: 15px;
+    padding: 15px;
+    border: 1px dashed #aaa;
+    background-color: #f9f9f9;
+    min-height: 100px;
+    max-height: 300px;
+    overflow-y: auto;
+}
+
+#notifications p {
+    margin: 5px 0;
+    padding-bottom: 5px;
+    border-bottom: 1px solid #eee;
+}
+#notifications p:last-child {
+    border-bottom: none;
+}

static/js/script.js

@@ -0,0 +1,241 @@
+const registerSection = document.getElementById('register-section');
+const loginSection = document.getElementById('login-section');
+const welcomeSection = document.getElementById('welcome-section');
+const registerForm = document.getElementById('register-form');
+const loginForm = document.getElementById('login-form');
+const registerStatus = document.getElementById('register-status');
+const loginStatus = document.getElementById('login-status');
+const welcomeMessage = document.getElementById('welcome-message');
+const logoutButton = document.getElementById('logout-button');
+const notificationsDiv = document.getElementById('notifications');
+
+const API_URL = '/api'; // Use relative path
+
+let webSocket = null;
+let authToken = localStorage.getItem('authToken'); // Load token on script start
+
+// --- UI Control ---
+function showSection(sectionId) {
+    registerSection.style.display = 'none';
+    loginSection.style.display = 'none';
+    welcomeSection.style.display = 'none';
+
+    const sectionToShow = document.getElementById(sectionId);
+    if (sectionToShow) {
+        sectionToShow.style.display = 'block';
+    } else {
+        loginSection.style.display = 'block'; // Default to login
+    }
+}
+
+function setStatus(element, message, isSuccess = false) {
+    element.textContent = message;
+    element.className = isSuccess ? 'status-message success' : 'status-message';
+    element.style.display = message ? 'block' : 'none';
+}
+
+// --- API Calls ---
+async function apiRequest(endpoint, method = 'GET', body = null, token = null) {
+    const headers = { 'Content-Type': 'application/json' };
+    if (token) {
+        headers['Authorization'] = `Bearer ${token}`;
+    }
+
+    const options = {
+        method: method,
+        headers: headers,
+    };
+
+    if (body && method !== 'GET') {
+        options.body = JSON.stringify(body);
+    }
+
+    try {
+        const response = await fetch(`${API_URL}${endpoint}`, options);
+        const data = await response.json(); // Try to parse JSON regardless of status
+
+        if (!response.ok) {
+            // Use detail from JSON if available, otherwise status text
+            const errorMessage = data?.detail || response.statusText || `HTTP error ${response.status}`;
+            console.error("API Error:", errorMessage);
+            throw new Error(errorMessage);
+        }
+        return data;
+    } catch (error) {
+        console.error(`Error during API request to ${endpoint}:`, error);
+        throw error; // Re-throw to be caught by caller
+    }
+}
+
+
+// --- WebSocket Handling ---
+function connectWebSocket(token) {
+    if (!token) {
+        console.error("No token available for WebSocket connection.");
+        return;
+    }
+    if (webSocket && webSocket.readyState === WebSocket.OPEN) {
+        console.log("WebSocket already connected.");
+        return;
+    }
+
+    // Construct WebSocket URL dynamically (replace http/https with ws/wss)
+    const wsProtocol = window.location.protocol === 'https:' ? 'wss:' : 'ws:';
+    const wsUrl = `${wsProtocol}//${window.location.host}${API_URL}/ws/${token}`;
+    console.log("Attempting to connect WebSocket:", wsUrl);
+
+
+    webSocket = new WebSocket(wsUrl);
+
+    webSocket.onopen = (event) => {
+        console.log("WebSocket connection opened:", event);
+        // Clear placeholder message on successful connect
+        if (notificationsDiv.querySelector('p em')) {
+            notificationsDiv.innerHTML = '';
+        }
+    };
+
+    webSocket.onmessage = (event) => {
+        console.log("WebSocket message received:", event.data);
+        try {
+            const messageData = JSON.parse(event.data);
+            if (messageData.type === 'new_user' && messageData.message) {
+                const p = document.createElement('p');
+                p.textContent = messageData.message;
+                // Add message to the top
+                notificationsDiv.insertBefore(p, notificationsDiv.firstChild);
+                 // Limit number of messages shown (optional)
+                while (notificationsDiv.children.length > 10) {
+                    notificationsDiv.removeChild(notificationsDiv.lastChild);
+                }
+
+            }
+        } catch (error) {
+            console.error("Error parsing WebSocket message:", error);
+        }
+    };
+
+    webSocket.onerror = (event) => {
+        console.error("WebSocket error:", event);
+        const p = document.createElement('p');
+        p.textContent = `WebSocket error occurred. Notifications may stop.`;
+        p.style.color = 'red';
+        notificationsDiv.insertBefore(p, notificationsDiv.firstChild);
+    };
+
+    webSocket.onclose = (event) => {
+        console.log("WebSocket connection closed:", event);
+        webSocket = null; // Reset WebSocket variable
+        // Optionally try to reconnect or inform user
+        // Do not clear notifications on close, user might want to see history
+        if (!event.wasClean) {
+            const p = document.createElement('p');
+            p.textContent = `WebSocket disconnected unexpectedly (Code: ${event.code}). Please refresh or log out/in.`;
+            p.style.color = 'orange';
+            notificationsDiv.insertBefore(p, notificationsDiv.firstChild);
+        }
+    };
+}
+
+function disconnectWebSocket() {
+    if (webSocket) {
+        console.log("Closing WebSocket connection.");
+        webSocket.close();
+        webSocket = null;
+    }
+}
+
+// --- Authentication Logic ---
+async function handleLogin(email, password) {
+    setStatus(loginStatus, "Logging in...");
+    try {
+        const data = await apiRequest('/login', 'POST', { email, password });
+        if (data.access_token) {
+            authToken = data.access_token;
+            localStorage.setItem('authToken', authToken); // Store token
+            setStatus(loginStatus, ""); // Clear status
+            await showWelcomePage(); // Fetch user info and show welcome
+        } else {
+            throw new Error("Login failed: No token received.");
+        }
+    } catch (error) {
+        setStatus(loginStatus, `Login failed: ${error.message}`);
+    }
+}
+
+async function handleRegister(email, password) {
+     setStatus(registerStatus, "Registering...");
+     try {
+        const data = await apiRequest('/register', 'POST', { email, password });
+        setStatus(registerStatus, `Registration successful for ${data.email}! Please log in.`, true);
+        registerForm.reset(); // Clear form
+        showSection('login-section'); // Switch to login
+     } catch (error) {
+        setStatus(registerStatus, `Registration failed: ${error.message}`);
+     }
+}
+
+async function showWelcomePage() {
+    if (!authToken) {
+        showSection('login-section');
+        return;
+    }
+    try {
+        // Fetch user details using the token
+        const user = await apiRequest('/users/me', 'GET', null, authToken);
+        welcomeMessage.textContent = `Welcome, ${user.email}!`;
+        showSection('welcome-section');
+        connectWebSocket(authToken); // Connect WS after successful login and user fetch
+    } catch (error) {
+        // If fetching user fails (e.g., invalid/expired token), logout
+        console.error("Failed to fetch user details:", error);
+        handleLogout();
+    }
+}
+
+function handleLogout() {
+    authToken = null;
+    localStorage.removeItem('authToken');
+    disconnectWebSocket();
+    setStatus(loginStatus, ""); // Clear any previous login errors
+    showSection('login-section');
+}
+
+
+// --- Event Listeners ---
+registerForm.addEventListener('submit', (e) => {
+    e.preventDefault();
+    const email = document.getElementById('reg-email').value;
+    const password = document.getElementById('reg-password').value;
+    const confirmPassword = document.getElementById('reg-confirm-password').value;
+    if (password !== confirmPassword) {
+        setStatus(registerStatus, "Passwords do not match.");
+        return;
+    }
+    if (password.length < 8) {
+         setStatus(registerStatus, "Password must be at least 8 characters.");
+         return;
+    }
+    handleRegister(email, password);
+});
+
+loginForm.addEventListener('submit', (e) => {
+    e.preventDefault();
+    const email = document.getElementById('login-email').value;
+    const password = document.getElementById('login-password').value;
+    handleLogin(email, password);
+});
+
+logoutButton.addEventListener('click', handleLogout);
+
+
+// --- Initial Page Load Logic ---
+document.addEventListener('DOMContentLoaded', () => {
+    if (authToken) {
+        console.log("Token found, attempting to show welcome page.");
+        showWelcomePage(); // Try to fetch user info and show welcome
+    } else {
+        console.log("No token found, showing login page.");
+        showSection('login-section'); // Show login if no token
+    }
+});

streamlit_app.py

@@ -1,269 +0,0 @@
-# streamlit_app.py
-import streamlit as st
-from streamlit_autorefresh import st_autorefresh # For periodic refresh
-import httpx
-import asyncio
-import websockets
-import json
-import threading
-import queue
-import logging
-import time
-import os
-
-# Import backend components
-from app import crud, models, schemas, auth, dependencies
-from app.database import ensure_db_and_table_exist # Sync function
-from app.websocket import manager # Import the manager instance
-
-# FastAPI imports for mounting
-from fastapi import FastAPI, Depends, HTTPException, status
-from fastapi.routing import Mount
-from fastapi.staticfiles import StaticFiles
-from app.api import router as api_router # Import the specific API router
-
-# --- Logging ---
-logging.basicConfig(level=logging.INFO)
-logger = logging.getLogger(__name__)
-
-# --- Configuration ---
-# Use environment variable or default for local vs deployed API endpoint
-# Since we are mounting FastAPI within Streamlit for the HF Space deployment:
-API_BASE_URL = "http://127.0.0.1:7860/api" # Calls within the same process
-WS_BASE_URL = API_BASE_URL.replace("http", "ws")
-
-# --- Ensure DB exists on first run ---
-# This runs once per session/process start
-ensure_db_and_table_exist()
-
-# --- FastAPI Mounting Setup ---
-# Create a FastAPI instance (separate from the Streamlit one)
-# We won't run this directly with uvicorn, but Streamlit uses it internally
-api_app = FastAPI(title="Backend API") # Can add lifespan if needed for API-specific setup later
-api_app.include_router(api_router, prefix="/api")
-
-# Mount the FastAPI app within Streamlit's internal Tornado server
-# This requires monkey-patching or using available hooks if Streamlit allows.
-# Simpler approach for HF Space: Run FastAPI separately is cleaner if possible.
-# Reverting to the idea that for this HF Space demo, API calls will be internal HTTP requests.
-
-# --- WebSocket Listener Thread ---
-stop_event = threading.Event()
-notification_queue = queue.Queue()
-
-def websocket_listener(token: str):
-    """Runs in a background thread to listen for WebSocket messages."""
-    logger.info(f"[WS Thread] Listener started for token: {token[:10]}...")
-    ws_url = f"{WS_BASE_URL}/ws/{token}"
-
-    async def listen():
-        try:
-            async with websockets.connect(ws_url, open_timeout=10.0) as ws:
-                logger.info(f"[WS Thread] Connected to {ws_url}")
-                st.session_state['ws_connected'] = True
-                while not stop_event.is_set():
-                    try:
-                        message = await asyncio.wait_for(ws.recv(), timeout=1.0) # Check stop_event frequently
-                        logger.info(f"[WS Thread] Received message: {message[:100]}...")
-                        try:
-                             data = json.loads(message)
-                             if data.get("type") == "new_user":
-                                  notification = schemas.Notification(**data)
-                                  notification_queue.put(notification.message) # Put message in queue
-                                  logger.info("[WS Thread] Put notification in queue.")
-                        except json.JSONDecodeError:
-                             logger.error("[WS Thread] Failed to decode JSON.")
-                        except Exception as e:
-                             logger.error(f"[WS Thread] Error processing message: {e}")
-
-                    except asyncio.TimeoutError:
-                        continue # No message, check stop_event again
-                    except websockets.ConnectionClosed:
-                        logger.warning("[WS Thread] Connection closed.")
-                        break # Exit loop if closed
-        except Exception as e:
-            logger.error(f"[WS Thread] Connection failed or error: {e}")
-        finally:
-            logger.info("[WS Thread] Listener loop finished.")
-            st.session_state['ws_connected'] = False
-
-    try:
-        asyncio.run(listen())
-    except Exception as e:
-        logger.error(f"[WS Thread] asyncio.run error: {e}")
-    logger.info("[WS Thread] Listener thread exiting.")
-
-
-# --- Streamlit UI ---
-
-st.set_page_config(layout="wide")
-
-# --- Initialize Session State ---
-if 'logged_in' not in st.session_state:
-    st.session_state.logged_in = False
-if 'token' not in st.session_state:
-    st.session_state.token = None
-if 'user_email' not in st.session_state:
-    st.session_state.user_email = None
-if 'notifications' not in st.session_state:
-    st.session_state.notifications = []
-if 'ws_thread' not in st.session_state:
-    st.session_state.ws_thread = None
-if 'ws_connected' not in st.session_state:
-     st.session_state.ws_connected = False
-
-# --- Notification Processing ---
-new_notifications = []
-while not notification_queue.empty():
-    try:
-        msg = notification_queue.get_nowait()
-        new_notifications.append(msg)
-    except queue.Empty:
-        break
-
-if new_notifications:
-    logger.info(f"Processing {len(new_notifications)} notifications from queue.")
-    # Prepend new notifications to the session state list
-    current_list = st.session_state.notifications
-    st.session_state.notifications = new_notifications + current_list
-    # Limit history
-    if len(st.session_state.notifications) > 15:
-        st.session_state.notifications = st.session_state.notifications[:15]
-    # No explicit rerun needed here, Streamlit should rerun due to state change (?)
-    # or due to autorefresh below.
-
-# --- Auto Refresh ---
-# Refresh every 2 seconds to check the queue and update display
-count = st_autorefresh(interval=2000, limit=None, key="notifrefresh")
-
-# --- API Client ---
-client = httpx.AsyncClient(base_url=API_BASE_URL, timeout=10.0)
-
-# --- Helper Functions for API Calls ---
-async def api_register(email, password):
-    try:
-        response = await client.post("/register", json={"email": email, "password": password})
-        response.raise_for_status()
-        return {"success": True, "data": response.json()}
-    except httpx.HTTPStatusError as e:
-        detail = e.response.json().get("detail", e.response.text)
-        logger.error(f"API Register Error: {e.response.status_code} - {detail}")
-        return {"success": False, "error": f"API Error: {detail}"}
-    except Exception as e:
-        logger.exception("Register call failed")
-        return {"success": False, "error": f"Request failed: {e}"}
-
-async def api_login(email, password):
-    try:
-        response = await client.post("/login", json={"email": email, "password": password})
-        response.raise_for_status()
-        return {"success": True, "data": response.json()}
-    except httpx.HTTPStatusError as e:
-        detail = e.response.json().get("detail", e.response.text)
-        logger.error(f"API Login Error: {e.response.status_code} - {detail}")
-        return {"success": False, "error": f"API Error: {detail}"}
-    except Exception as e:
-        logger.exception("Login call failed")
-        return {"success": False, "error": f"Request failed: {e}"}
-
-# --- UI Rendering ---
-st.title("Authentication & Notification App (Streamlit)")
-
-if not st.session_state.logged_in:
-    st.sidebar.header("Login or Register")
-    login_tab, register_tab = st.sidebar.tabs(["Login", "Register"])
-
-    with login_tab:
-        with st.form("login_form"):
-            login_email = st.text_input("Email", key="login_email")
-            login_password = st.text_input("Password", type="password", key="login_password")
-            login_button = st.form_submit_button("Login")
-
-            if login_button:
-                if not login_email or not login_password:
-                    st.error("Please enter email and password.")
-                else:
-                    result = asyncio.run(api_login(login_email, login_password)) # Run async in sync context
-                    if result["success"]:
-                        token = result["data"]["access_token"]
-                        # Attempt to get user info immediately - needs modification if /users/me requires auth header
-                        # For simplicity, just store email from login form for now
-                        st.session_state.logged_in = True
-                        st.session_state.token = token
-                        st.session_state.user_email = login_email # Store email used for login
-                        st.session_state.notifications = [] # Clear old notifications
-
-                        # Start WebSocket listener thread
-                        stop_event.clear() # Ensure stop event is clear
-                        thread = threading.Thread(target=websocket_listener, args=(token,), daemon=True)
-                        st.session_state.ws_thread = thread
-                        thread.start()
-                        logger.info("Login successful, WS thread started.")
-                        st.rerun() # Rerun immediately to switch view
-                    else:
-                        st.error(f"Login failed: {result['error']}")
-
-    with register_tab:
-        with st.form("register_form"):
-            reg_email = st.text_input("Email", key="reg_email")
-            reg_password = st.text_input("Password", type="password", key="reg_password")
-            reg_confirm = st.text_input("Confirm Password", type="password", key="reg_confirm")
-            register_button = st.form_submit_button("Register")
-
-            if register_button:
-                if not reg_email or not reg_password or not reg_confirm:
-                    st.error("Please fill all fields.")
-                elif reg_password != reg_confirm:
-                    st.error("Passwords do not match.")
-                elif len(reg_password) < 8:
-                    st.error("Password must be at least 8 characters.")
-                else:
-                    result = asyncio.run(api_register(reg_email, reg_password))
-                    if result["success"]:
-                        st.success(f"Registration successful for {result['data']['email']}! Please log in.")
-                    else:
-                        st.error(f"Registration failed: {result['error']}")
-
-else: # Logged In View
-    st.sidebar.header(f"Welcome, {st.session_state.user_email}!")
-    if st.sidebar.button("Logout"):
-        logger.info("Logout requested.")
-        # Stop WebSocket thread
-        if st.session_state.ws_thread and st.session_state.ws_thread.is_alive():
-             logger.info("Signalling WS thread to stop.")
-             stop_event.set()
-             st.session_state.ws_thread.join(timeout=2.0) # Wait briefly for thread exit
-             if st.session_state.ws_thread.is_alive():
-                  logger.warning("WS thread did not exit cleanly.")
-        # Clear session state
-        st.session_state.logged_in = False
-        st.session_state.token = None
-        st.session_state.user_email = None
-        st.session_state.notifications = []
-        st.session_state.ws_thread = None
-        st.session_state.ws_connected = False
-        logger.info("Session cleared.")
-        st.rerun()
-
-    st.header("Dashboard")
-    # Display notifications
-    st.subheader("Real-time Notifications")
-    ws_status = "Connected" if st.session_state.ws_connected else "Disconnected"
-    st.caption(f"WebSocket Status: {ws_status}")
-
-    if st.session_state.notifications:
-        for i, msg in enumerate(st.session_state.notifications):
-            st.info(f"{msg}", icon="🔔")
-    else:
-        st.text("No new notifications.")
-
-    # Add a button to manually check queue/refresh if needed
-    # if st.button("Check for notifications"):
-    #      st.rerun() # Force rerun which includes queue check
-
-
-# --- Final Cleanup ---
-# Ensure httpx client is closed if script exits abnormally
-# (This might not always run depending on how Streamlit terminates)
-# Ideally handled within context managers if used more extensively
-# asyncio.run(client.aclose())

templates/index.html

@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Auth App</title>
+    <link rel="stylesheet" href="/static/css/style.css">
+</head>
+<body>
+    <h1>Auth & Notification App</h1>
+
+    <!-- Registration Section -->
+    <div id="register-section" class="auth-section">
+        <h2>Register</h2>
+        <form id="register-form">
+            <label for="reg-email">Email:</label>
+            <input type="email" id="reg-email" name="email" required><br><br>
+            <label for="reg-password">Password:</label>
+            <input type="password" id="reg-password" name="password" required minlength="8"><br><br>
+            <label for="reg-confirm-password">Confirm Password:</label>
+            <input type="password" id="reg-confirm-password" name="confirm_password" required minlength="8"><br><br>
+            <button type="submit">Register</button>
+        </form>
+        <p id="register-status" class="status-message"></p>
+        <p>Already have an account? <a href="#" onclick="showSection('login-section')">Login here</a></p>
+    </div>
+
+    <!-- Login Section -->
+    <div id="login-section" class="auth-section" style="display: none;">
+        <h2>Login</h2>
+        <form id="login-form">
+            <label for="login-email">Email:</label>
+            <input type="email" id="login-email" name="email" required><br><br>
+            <label for="login-password">Password:</label>
+            <input type="password" id="login-password" name="password" required><br><br>
+            <button type="submit">Login</button>
+        </form>
+        <p id="login-status" class="status-message"></p>
+        <p>Don't have an account? <a href="#" onclick="showSection('register-section')">Register here</a></p>
+    </div>
+
+    <!-- Welcome Section (shown after login) -->
+    <div id="welcome-section" style="display: none;">
+        <h2>Welcome!</h2>
+        <p id="welcome-message">Welcome, user!</p>
+        <button id="logout-button">Logout</button>
+        <hr>
+        <h2>Real-time Notifications</h2>
+        <div id="notifications">
+            <p><em>Notifications will appear here...</em></p>
+        </div>
+    </div>
+
+    <script src="/static/js/script.js"></script>
+</body>
+</html>