Spaces:
Sleeping
Sleeping
| import os | |
| import secrets | |
| from datetime import datetime, timedelta | |
| from flask import Flask, render_template, request, redirect, url_for, session, flash | |
| from flask_limiter import Limiter | |
| from flask_limiter.util import get_remote_address | |
| from dotenv import load_dotenv | |
| import pandas as pd | |
| from huggingface_hub import HfApi, HfFolder | |
| from datasets import Dataset as HFDataset | |
| # Load environment variables | |
| load_dotenv() | |
| # --- Config --- | |
| ADMIN_USER = os.getenv("ADMIN_USER", "admin") | |
| ADMIN_PASS = os.getenv("ADMIN_PASS", "Welcome123") | |
| HF_TOKEN = os.getenv("HF_TOKEN") | |
| REPO_ID = "0vergeared/otp-logs" | |
| OTP_EXPIRY_MINUTES = 5 | |
| # --- Flask App --- | |
| app = Flask(__name__) | |
| app.secret_key = os.getenv("FLASK_SECRET", "changeme123") | |
| limiter = Limiter(get_remote_address, app=app) | |
| # --- Memory store for OTPs | |
| otp_store = {} | |
| # ---------------- ROUTES ---------------- # | |
| def index(): | |
| return redirect(url_for("admin")) | |
| def admin(): | |
| if request.method == "POST": | |
| user = request.form.get("username") | |
| pwd = request.form.get("password") | |
| if user == ADMIN_USER and pwd == ADMIN_PASS: | |
| session["logged_in"] = True | |
| return redirect(url_for("dashboard")) | |
| flash("Invalid credentials", "error") | |
| return render_template("login.html") | |
| def dashboard(): | |
| if not session.get("logged_in"): | |
| return redirect(url_for("admin")) | |
| return render_template("dashboard.html") | |
| def generate_otp(): | |
| if not session.get("logged_in"): | |
| return redirect(url_for("admin")) | |
| otp = secrets.token_urlsafe(6)[:6].upper() | |
| expiry = datetime.utcnow() + timedelta(minutes=OTP_EXPIRY_MINUTES) | |
| otp_store[otp] = {"expiry": expiry, "used": False} | |
| save_otp_to_dataset(otp, expiry.strftime("%Y-%m-%d %H:%M:%S UTC")) | |
| return render_template("otp_result.html", otp=otp, expiry=expiry.strftime("%Y-%m-%d %H:%M UTC")) | |
| def logout(): | |
| session.clear() | |
| return redirect(url_for("admin")) | |
| # ---------------- HELPERS ---------------- # | |
| def save_otp_to_dataset(otp: str, expiry: str): | |
| try: | |
| if not HF_TOKEN: | |
| print("β HF_TOKEN not set.") | |
| return | |
| HfFolder.save_token(HF_TOKEN) | |
| api = HfApi() | |
| local_file = "otp_temp.csv" | |
| if not os.path.exists(local_file): | |
| pd.DataFrame(columns=["otp", "expiry"]).to_csv(local_file, index=False) | |
| df = pd.read_csv(local_file) | |
| df = pd.concat([df, pd.DataFrame([{"otp": otp, "expiry": expiry}])], ignore_index=True) | |
| df.to_csv(local_file, index=False) | |
| dataset = HFDataset.from_pandas(df) | |
| dataset.push_to_hub(REPO_ID, token=HF_TOKEN) | |
| print(f"β OTP {otp} pushed to dataset.") | |
| except Exception as e: | |
| print("β Dataset push failed:", e) | |
| def allow_iframe(response): | |
| response.headers["X-Frame-Options"] = "SAMEORIGIN" | |
| return response | |
| # ---------------- MAIN ---------------- # | |
| if __name__ == "__main__": | |
| app.run(host="0.0.0.0", port=7860) | |