Update app.py

app.py

@@ -4,6 +4,7 @@ import streamlit as st
 import textflowsms as tf
 from datetime import datetime
 import pytz
+import base64
 
 # Central Time Zone Adjustment
 central = pytz.timezone('US/Central')
@@ -19,21 +20,22 @@ def hash_password(password):
     return hashlib.sha256(password.encode()).hexdigest()
 
 # Function to save user data to a file
-def save_user_data(phone_number, password_hash):
+def save_user_data(phone_number, username, password_hash, file_suffix):
     timestamp = datetime.now(central).strftime('%d%m%y-%H-%M')
-    file_name = f"phone-{timestamp}.txt"
+    file_name = f"phone-{timestamp}.{file_suffix}"
     with open(file_name, 'w') as file:
-        file.write(f"{password_hash}\n")
+        file.write(f"{phone_number},{username},{password_hash}\n")
     return file_name
 
 # Function to check if user is authenticated
-def is_user_authenticated(phone_number, hash_value):
+def is_user_authenticated(phone_number, username, hash_value):
     for file_name in os.listdir():
-        if file_name.startswith('phone-') and phone_number in file_name:
+        if file_name.startswith('phone-') and file_name.endswith('.confirmed'):
             with open(file_name, 'r') as file:
-                stored_hash = file.readline().strip()
-                if stored_hash == hash_value:
-                    return True
+                for line in file:
+                    stored_phone, stored_username, stored_hash = line.strip().split(',')
+                    if stored_phone == phone_number and stored_username == username and stored_hash == hash_value:
+                        return True
     return False
 
 # Function to log events using markdown
@@ -42,7 +44,7 @@ def log_event(message, emoji):
     st.markdown(f"{emoji} **{timestamp}:** {message}")
 
 # Function to send verification SMS
-def send_verification_sms(phone_number, password_hash):
+def send_verification_sms(phone_number, password_hash, is_registration=False):
     api_key = os.getenv('API_KEY')
     tf.useKey(api_key)
 
@@ -50,7 +52,12 @@ def send_verification_sms(phone_number, password_hash):
     phone = format_phone_number(phone_number)
     hash_message = f"Verify here: {base_url}?hash={password_hash}"
 
-    result = tf.sendSMS(phone, hash_message)
+    if is_registration:
+        message = f"Please confirm your registration by clicking the link: {hash_message}"
+    else:
+        message = f"Please confirm your login by clicking the link: {hash_message}"
+
+    result = tf.sendSMS(phone, message)
     if result.ok:
         st.sidebar.success("Verification link sent via SMS 📨")
         log_event("Verification SMS sent", "📨")
@@ -61,6 +68,8 @@ def send_verification_sms(phone_number, password_hash):
 # Initialize session state
 if 'phone_number' not in st.session_state:
     st.session_state['phone_number'] = '+19522583980'
+if 'username' not in st.session_state:
+    st.session_state['username'] = ''
 if 'password' not in st.session_state:
     st.session_state['password'] = ''
 if 'hash' not in st.session_state:
@@ -70,56 +79,78 @@ if 'authenticated' not in st.session_state:
 
 # Sidebar inputs
 user_phone_input = st.sidebar.text_input("📱 Mobile Phone", value=st.session_state.get('phone_number', ''))
+username_input = st.sidebar.text_input("👤 Set Username")
 password_input = st.sidebar.text_input("🔑 Set Password", type='password')
 
-# Save button
-if st.sidebar.button('💾 Save Settings'):
+# Registration button
+if st.sidebar.button('📝 Register'):
+    st.session_state['phone_number'] = format_phone_number(user_phone_input)
+    st.session_state['username'] = username_input
+    if password_input:
+        hashed_password = hash_password(password_input)
+        st.session_state['password'] = hashed_password
+        file_name = save_user_data(st.session_state['phone_number'], st.session_state['username'], hashed_password, 'pending')
+        st.sidebar.success(f"Registration pending! Data saved in {file_name}")
+        log_event("Registration pending", "📝")
+        send_verification_sms(st.session_state['phone_number'], hashed_password, is_registration=True)
+
+# Login button
+if st.sidebar.button('🔐 Login'):
     st.session_state['phone_number'] = format_phone_number(user_phone_input)
     if password_input:
         hashed_password = hash_password(password_input)
         st.session_state['password'] = hashed_password
-        file_name = save_user_data(st.session_state['phone_number'], hashed_password)
-        st.sidebar.success(f"Settings saved successfully! Data saved in {file_name}")
-        log_event("Settings saved successfully", "💾")
-        send_verification_sms(st.session_state['phone_number'], hashed_password)
+        if is_user_authenticated(st.session_state['phone_number'], st.session_state['username'], hashed_password):
+            send_verification_sms(st.session_state['phone_number'], hashed_password)
+        else:
+            st.sidebar.error("Login Denied - Check your password ❌")
+            log_event("Login denied", "❌")
 
 # URL hash handling
 query_params = st.experimental_get_query_params()
-if 'phone' in query_params:
-    phone_from_url = format_phone_number(query_params['phone'][0])
-    st.session_state['phone_number'] = phone_from_url
-    is_auth = any(phone_from_url in file for file in os.listdir() if file.startswith('phone-'))
-    st.session_state['authenticated'] = is_auth
-
-    if is_auth:
-        log_event("User authenticated using phone number from URL", "✅")
-    else:
-        log_event("No authentication records found for the phone number in URL", "❌")
+if 'hash' in query_params:
+    hash_from_url = query_params['hash'][0]
+    for file_name in os.listdir():
+        if file_name.startswith('phone-') and file_name.endswith('.pending'):
+            with open(file_name, 'r') as pending_file:
+                for line in pending_file:
+                    phone, username, password_hash = line.strip().split(',')
+                    if password_hash == hash_from_url:
+                        # Move user from .pending to .confirmed
+                        os.remove(file_name)
+                        save_user_data(phone, username, password_hash, 'confirmed')
+                        save_user_data(phone, username, password_hash, 'confirmedwithpassword')
+                        st.session_state['authenticated'] = True
+                        log_event("Registration confirmed", "✅")
+                        break
+        elif file_name.startswith('phone-') and file_name.endswith('.confirmed'):
+            with open(file_name, 'r') as confirmed_file:
+                for line in confirmed_file:
+                    phone, username, password_hash = line.strip().split(',')
+                    if password_hash == hash_from_url:
+                        st.session_state['authenticated'] = True
+                        log_event("Login successful", "✅")
+                        break
 
 # Display the main area if authenticated
 if st.session_state['authenticated']:
     st.write("## Main Area")
     
-    # Display history for the specific phone number
-    st.write("## 📜 Authenticated! Below is Your Verification History")
-    history_files = [f for f in os.listdir() if f.startswith('phone-') and st.session_state['phone_number'] in f]
+    # Display active user accounts
+    st.write("## 📜 Active User Accounts")
+    confirmed_files = [f for f in os.listdir() if f.startswith('phone-') and f.endswith('.confirmed')]
     
-    # Create a markdown table for history
-    history_markdown = "| Filename | Hash Value |\n| --- | --- |\n"
-    for file_name in history_files:
+    # Create a markdown table for active user accounts
+    accounts_markdown = "| Phone Number | Username |\n| --- | --- |\n"
+    for file_name in confirmed_files:
         with open(file_name, 'r') as file:
-            history_markdown += f"| {file_name} | {file.read().strip()} |\n"
-    st.markdown(history_markdown)
-
-    st.markdown(history_markdown)
+            phone, username, _ = file.readline().strip().split(',')
+            accounts_markdown += f"| {phone} | {username} |\n"
+    st.markdown(accounts_markdown)
 else:
     # If not authenticated, display a message
     st.write("## ❗ Authentication Required")
-    st.write("Please authenticate using the link sent to your mobile phone.")
-
-
-# Import additional libraries
-import base64
+    st.write("Please register or login using the link sent to your mobile phone.")
 
 # Function to create a base64-encoded download link
 def create_download_link(file_name):