Pushing to see if Streamlit works well

Dockerfile

@@ -10,4 +10,7 @@ COPY --chown=user ./requirements.txt requirements.txt
 RUN pip install --no-cache-dir --upgrade -r requirements.txt
 
 COPY --chown=user . /app
-CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "7860"]
+
+EXPOSE 7860 8000
+
+CMD ["./start.sh"]

README.md

@@ -1,11 +1,35 @@
 ---
-title: Clearance Sys
-emoji: 🏢
-colorFrom: purple
+title: Clearance System
+emoji: �
+colorFrom: blue
 colorTo: green
 sdk: docker
+sdk_version: python3.11-slim
+app_file: streamlit_app.py
 pinned: false
 license: mit
 ---
 
+# Clearance System
+
+A full-stack application for managing student clearance with RFID integration.
+
+## Features
+- Student and user management
+- RFID tag linking and status checking
+- Admin scanner activation and retrieval
+- Streamlit frontend for easy interaction
+
+## Deployment
+This app is deployed on Hugging Face Spaces using Docker.
+
+- Frontend (Streamlit): Accessible at the Space URL
+- Backend (FastAPI): Runs internally on port 8000
+
+## Usage
+1. Login with your credentials.
+2. Navigate through the sidebar to manage students, users, tags, devices, etc.
+3. Use the RFID section to check tag statuses.
+4. Activate scanners for secure scanning workflows.
+
 Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference

src/models.py

@@ -164,6 +164,7 @@ class RFIDStatusResponse(SQLModel):
 
 class TagScan(SQLModel):
     tag_id: str
+    api_key: str
 
 # Device Models
 class DeviceCreate(SQLModel):

src/routers/admin.py

@@ -14,16 +14,6 @@ from src.crud import students as student_crud
 from src.crud import tag_linking as tag_crud
 from src.crud import devices as device_crud
 
-# --- New State Management for Secure Admin Scanning ---
-
-# Maps a device's API key to the admin user ID who activated it.
-# This "activates" a scanner for a specific admin.
-activated_scanners: Dict[str, int] = {} 
-
-# Stores the last tag scanned by a device, keyed by the admin ID who was waiting.
-admin_scanned_tags: Dict[int, str] = {}
-
-
 # Define the main administrative router
 router = APIRouter(
     prefix="/admin",
@@ -31,64 +21,8 @@ router = APIRouter(
     dependencies=[Depends(get_current_active_user(required_roles=[Role.ADMIN, Role.STAFF]))],
 )
 
-# --- New Secure Scanning Workflow ---
-
-class ActivationRequest(SQLModel):
-    device_id: int
-
-@router.post("/scanners/activate", status_code=status.HTTP_204_NO_CONTENT)
-def activate_admin_scanner(
-    activation: ActivationRequest,
-    db: Session = Depends(get_session),
-    current_user: User = Depends(get_current_active_user(required_roles=[Role.ADMIN, Role.STAFF]))
-):
-    """
-    STEP 1 (Browser): Admin clicks "Scan Card" in the UI.
-    The browser calls this endpoint to 'arm' their designated desk scanner.
-    """
-    device = device_crud.get_device_by_id(db, device_id=activation.device_id)
-    if not device:
-        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Device not found.")
-    
-    # Map the device's API key to the currently logged-in admin's ID.
-    activated_scanners[device.api_key] = current_user.id
-    return
-
-
-@router.post("/scanners/scan", status_code=status.HTTP_204_NO_CONTENT)
-def receive_scan_from_activated_device(
-    scan_data: TagScan,
-    api_key: str = Depends(get_api_key) # Device authenticates with its API Key
-):
-    """
-    STEP 2 (Device): The ESP32 device sends the scanned tag to this endpoint.
-    This endpoint is protected by the device's API Key.
-    """
-    # Check if this device was activated by an admin.
-    admin_id = activated_scanners.pop(api_key, None)
-    if admin_id is None:
-        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="This scanner has not been activated for a scan.")
-
-    # Store the scanned tag against the admin who was waiting for it.
-    admin_scanned_tags[admin_id] = scan_data.tag_id
-    return
-
-@router.get("/scanners/retrieve", response_model=TagScan)
-def retrieve_scanned_tag_for_ui(
-    current_user: User = Depends(get_current_active_user(required_roles=[Role.ADMIN, Role.STAFF]))
-):
-    """
-    STEP 3 (Browser): The browser polls this endpoint to get the tag ID
-    that the device reported in STEP 2.
-    """
-    tag_id = admin_scanned_tags.pop(current_user.id, None)
-    if not tag_id:
-        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="No tag has been scanned by the activated device yet.")
-    return TagScan(tag_id=tag_id)
-
-
 # --- All other administrative endpoints remain the same ---
-# ... (Student Management, User Management, etc.) ...
+# ... (Stuent Management, User Management, etc.) ...
 @router.post("/students/", response_model=StudentReadWithClearance, status_code=status.HTTP_201_CREATED)
 def create_student(student: StudentCreate, db: Session = Depends(get_session)):
     """(Admin & Staff) Creates a new student and initializes their clearance status."""

src/routers/devices.py

@@ -66,3 +66,4 @@ def delete_device(
             detail="Device not found."
         )
     return db_device
+

src/routers/rfid.py

@@ -1,17 +1,85 @@
 from fastapi import APIRouter, Depends, HTTPException, status, Security
 from fastapi.security import APIKeyHeader
-from sqlmodel import Session
+from sqlmodel import Session, SQLModel
+from typing import Dict
 
 from src.database import get_session
-from src.auth import get_api_key
-from src.models import RFIDStatusResponse, RFIDScanRequest, ClearanceStatusEnum
+from src.auth import get_current_active_user, get_api_key
+from src.models import (
+    RFIDStatusResponse, RFIDScanRequest, ClearanceStatusEnum,
+    TagScan, Device, Role, User
+)
 from src.crud import students as student_crud
 from src.crud import users as user_crud
+from src.crud import devices as device_crud
 
 # Define the router and the API key security scheme
 router = APIRouter(prefix="/rfid", tags=["RFID"])
 api_key_header = APIKeyHeader(name="x-api-key", auto_error=False)
 
+# --- Moved from admin.py: State for secure admin scanning ---
+# Maps a device's API key to the admin user ID who activated it (changed to str key for api_key).
+activated_scanners: Dict[str, int] = {}
+
+# Stores the last tag scanned by a device, keyed by the admin ID who was waiting.
+admin_scanned_tags: Dict[int, tuple[str, str]] = {}
+
+# --- Moved from admin.py: Secure Scanning Workflow ---
+class ActivationRequest(SQLModel):
+    api_key: str
+
+@router.post("/scanners/activate", status_code=status.HTTP_204_NO_CONTENT)
+def activate_admin_scanner(
+    activation: ActivationRequest,
+    db: Session = Depends(get_session),
+    current_user: User = Depends(get_current_active_user(required_roles=[Role.ADMIN, Role.STAFF]))
+):
+    """
+    STEP 1 (Browser): Admin clicks "Scan Card" in the UI.
+    The browser calls this endpoint to 'arm' their designated desk scanner.
+    """
+    device = device_crud.get_device_by_api_key(db, api_key=activation.api_key)
+    if not device:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Device not found.")
+    
+    # Map the device's API key to the currently logged-in admin's ID.
+    activated_scanners[device.api_key] = current_user.id
+    return
+
+@router.post("/scanners/scan", status_code=status.HTTP_204_NO_CONTENT)
+def receive_scan_from_activated_device(
+    scan_data: TagScan,
+    # Removed api_key dependency for "free use" (easier RFID data submission).
+    # Assumes api_key is in scan_data for association.
+):
+    """
+    STEP 2 (Device): The ESP32 device sends the scanned tag to this endpoint.
+    No authentication required for free use.
+    """
+    # Check if this device was activated by an admin (using api_key from scan_data).
+    admin_id = activated_scanners.pop(scan_data.api_key, None)
+    if admin_id is None:
+        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="This scanner has not been activated for a scan.")
+    
+    # Store the scanned tag against the admin who was waiting for it.
+    admin_scanned_tags[admin_id] = (scan_data.tag_id, scan_data.api_key)
+    return
+
+@router.get("/scanners/retrieve", response_model=TagScan)
+def retrieve_scanned_tag_for_ui(
+    current_user: User = Depends(get_current_active_user(required_roles=[Role.ADMIN, Role.STAFF]))
+):
+    """
+    STEP 3 (Browser): The browser polls this endpoint to get the tag ID
+    that the device reported in STEP 2.
+    """
+    tag_data = admin_scanned_tags.pop(current_user.id, None)
+    if not tag_data:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="No tag has been scanned by the activated device yet.")
+    tag_id, api_key = tag_data
+    return TagScan(tag_id=tag_id, api_key=api_key)
+
+# --- Existing /check-status endpoint remains ---
 @router.post("/check-status", response_model=RFIDStatusResponse)
 def check_rfid_status(
     scan_data: RFIDScanRequest,

start.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+# Start FastAPI in background
+uvicorn main:app --host 0.0.0.0 --port 8000 &
+# Start Streamlit on port 7860
+streamlit run streamlit_app.py --server.port 7860 --server.address 0.0.0.0

streamlit_app.py

@@ -0,0 +1,320 @@
+import streamlit as st
+import requests
+import json
+
+# Backend URL
+BASE_URL = "https://testys-clearance-sys.hf.space"
+
+# Session state for auth
+if 'token' not in st.session_state:
+    st.session_state.token = None
+if 'user' not in st.session_state:
+    st.session_state.user = None
+
+def login(username, password):
+    response = requests.post(f"{BASE_URL}/token", data={"username": username, "password": password})
+    if response.status_code == 200:
+        data = response.json()
+        st.session_state.token = data['access_token']
+        st.session_state.user = username
+        st.success("Logged in successfully!")
+    else:
+        st.error("Login failed!")
+
+def logout():
+    st.session_state.token = None
+    st.session_state.user = None
+    st.success("Logged out!")
+
+def api_call(method, endpoint, data=None, headers=None):
+    url = f"{BASE_URL}{endpoint}"
+    if headers is None:
+        headers = {}
+    if st.session_state.token:
+        headers['Authorization'] = f"Bearer {st.session_state.token}"
+    if method == 'GET':
+        response = requests.get(url, headers=headers)
+    elif method == 'POST':
+        response = requests.post(url, json=data, headers=headers)
+    elif method == 'PUT':
+        response = requests.put(url, json=data, headers=headers)
+    elif method == 'DELETE':
+        response = requests.delete(url, headers=headers)
+    return response
+
+st.title("Clearance System Frontend")
+
+if st.session_state.token is None:
+    st.header("Login")
+    username = st.text_input("Username")
+    password = st.text_input("Password", type="password")
+    if st.button("Login"):
+        login(username, password)
+else:
+    st.write(f"Logged in as: {st.session_state.user}")
+    if st.button("Logout"):
+        logout()
+
+    # Navigation
+    page = st.sidebar.selectbox("Select Page", [
+        "Students", "Users", "Tags", "Devices", "Clearance", "RFID", "Scanners", "Profile"
+    ])
+
+    if page == "Students":
+        st.header("Student Management")
+        action = st.selectbox("Action", ["List", "Create", "Lookup", "Read Single", "Update", "Delete"])
+        if action == "List":
+            skip = st.number_input("Skip", min_value=0, value=0)
+            limit = st.number_input("Limit", min_value=1, value=100)
+            if st.button("Get Students"):
+                response = api_call('GET', f'/admin/students/?skip={skip}&limit={limit}')
+                if response.status_code == 200:
+                    students = response.json()
+                    st.json(students)
+                else:
+                    st.error("Failed to fetch students")
+        elif action == "Create":
+            full_name = st.text_input("Full Name")
+            matric_no = st.text_input("Matric No")
+            email = st.text_input("Email")
+            department = st.selectbox("Department", ["Computer Science", "Engineering", "Business Administration", "Law", "Medicine"])
+            password = st.text_input("Password", type="password")
+            if st.button("Create Student"):
+                data = {"full_name": full_name, "matric_no": matric_no, "email": email, "department": department, "password": password}
+                response = api_call('POST', '/admin/students/', data)
+                if response.status_code == 201:
+                    st.success("Student created!")
+                    st.json(response.json())
+                else:
+                    st.error("Failed to create student")
+        elif action == "Lookup":
+            lookup_type = st.selectbox("Lookup by", ["Matric No", "Tag ID"])
+            if lookup_type == "Matric No":
+                matric_no = st.text_input("Matric No")
+                if st.button("Lookup"):
+                    response = api_call('GET', f'/admin/students/lookup?matric_no={matric_no}')
+                    if response.status_code == 200:
+                        st.json(response.json())
+                    else:
+                        st.error("Student not found")
+            else:
+                tag_id = st.text_input("Tag ID")
+                if st.button("Lookup"):
+                    response = api_call('GET', f'/admin/students/lookup?tag_id={tag_id}')
+                    if response.status_code == 200:
+                        st.json(response.json())
+                    else:
+                        st.error("Student not found")
+        elif action == "Read Single":
+            student_id = st.number_input("Student ID", min_value=1)
+            if st.button("Read"):
+                response = api_call('GET', f'/admin/students/{student_id}')
+                if response.status_code == 200:
+                    st.json(response.json())
+                else:
+                    st.error("Student not found")
+        elif action == "Update":
+            student_id = st.number_input("Student ID", min_value=1)
+            full_name = st.text_input("Full Name")
+            department = st.selectbox("Department", ["Computer Science", "Engineering", "Business Administration", "Law", "Medicine"])
+            email = st.text_input("Email")
+            if st.button("Update"):
+                data = {"full_name": full_name, "department": department, "email": email}
+                response = api_call('PUT', f'/admin/students/{student_id}', data)
+                if response.status_code == 200:
+                    st.success("Student updated!")
+                    st.json(response.json())
+                else:
+                    st.error("Failed to update student")
+        elif action == "Delete":
+            student_id = st.number_input("Student ID", min_value=1)
+            if st.button("Delete"):
+                response = api_call('DELETE', f'/admin/students/{student_id}')
+                if response.status_code == 200:
+                    st.success("Student deleted!")
+                    st.json(response.json())
+                else:
+                    st.error("Failed to delete student")
+
+    elif page == "Users":
+        st.header("User Management")
+        action = st.selectbox("Action", ["Create", "List", "Lookup", "Update", "Delete"])
+        if action == "Create":
+            username = st.text_input("Username")
+            password = st.text_input("Password", type="password")
+            email = st.text_input("Email")
+            full_name = st.text_input("Full Name")
+            role = st.selectbox("Role", ["admin", "staff"])
+            department = st.selectbox("Department", ["Computer Science", "Engineering", "Business Administration", "Law", "Medicine"])
+            if st.button("Create User"):
+                data = {"username": username, "password": password, "email": email, "full_name": full_name, "role": role, "department": department}
+                response = api_call('POST', '/admin/users/', data)
+                if response.status_code == 201:
+                    st.success("User created!")
+                    st.json(response.json())
+                else:
+                    st.error("Failed to create user")
+        elif action == "List":
+            if st.button("Get Users"):
+                response = api_call('GET', '/admin/users/')
+                if response.status_code == 200:
+                    users = response.json()
+                    st.json(users)
+                else:
+                    st.error("Failed to fetch users")
+        elif action == "Lookup":
+            lookup_type = st.selectbox("Lookup by", ["Username", "Tag ID"])
+            if lookup_type == "Username":
+                username = st.text_input("Username")
+                if st.button("Lookup"):
+                    response = api_call('GET', f'/admin/users/lookup?username={username}')
+                    if response.status_code == 200:
+                        st.json(response.json())
+                    else:
+                        st.error("User not found")
+            else:
+                tag_id = st.text_input("Tag ID")
+                if st.button("Lookup"):
+                    response = api_call('GET', f'/admin/users/lookup?tag_id={tag_id}')
+                    if response.status_code == 200:
+                        st.json(response.json())
+                    else:
+                        st.error("User not found")
+        elif action == "Update":
+            user_id = st.number_input("User ID", min_value=1)
+            username = st.text_input("Username")
+            email = st.text_input("Email")
+            full_name = st.text_input("Full Name")
+            role = st.selectbox("Role", ["admin", "staff"])
+            department = st.selectbox("Department", ["Computer Science", "Engineering", "Business Administration", "Law", "Medicine"])
+            password = st.text_input("Password", type="password")
+            if st.button("Update"):
+                data = {"username": username, "email": email, "full_name": full_name, "role": role, "department": department, "password": password}
+                response = api_call('PUT', f'/admin/users/{user_id}', data)
+                if response.status_code == 200:
+                    st.success("User updated!")
+                    st.json(response.json())
+                else:
+                    st.error("Failed to update user")
+        elif action == "Delete":
+            user_id = st.number_input("User ID", min_value=1)
+            if st.button("Delete"):
+                response = api_call('DELETE', f'/admin/users/{user_id}')
+                if response.status_code == 200:
+                    st.success("User deleted!")
+                    st.json(response.json())
+                else:
+                    st.error("Failed to delete user")
+
+    elif page == "Tags":
+        st.header("Tag Management")
+        action = st.selectbox("Action", ["Link", "Unlink"])
+        if action == "Link":
+            tag_id = st.text_input("Tag ID")
+            matric_no = st.text_input("Matric No")
+            username = st.text_input("Username")
+            if st.button("Link Tag"):
+                data = {"tag_id": tag_id, "matric_no": matric_no, "username": username}
+                response = api_call('POST', '/admin/tags/link', data)
+                if response.status_code == 200:
+                    st.success("Tag linked!")
+                    st.json(response.json())
+                else:
+                    st.error("Failed to link tag")
+        elif action == "Unlink":
+            tag_id = st.text_input("Tag ID")
+            if st.button("Unlink Tag"):
+                response = api_call('DELETE', f'/admin/tags/{tag_id}/unlink')
+                if response.status_code == 200:
+                    st.success("Tag unlinked!")
+                    st.json(response.json())
+                else:
+                    st.error("Failed to unlink tag")
+
+    elif page == "Devices":
+        st.header("Device Management")
+        action = st.selectbox("Action", ["Create", "List", "Delete"])
+        if action == "Create":
+            device_name = st.text_input("Device Name")
+            location = st.text_input("Location")
+            department = st.selectbox("Department", ["Computer Science", "Engineering", "Business Administration", "Law", "Medicine"])
+            if st.button("Create Device"):
+                data = {"device_name": device_name, "location": location, "department": department}
+                response = api_call('POST', '/admin/devices/', data)
+                if response.status_code == 201:
+                    st.success("Device created!")
+                    st.json(response.json())
+                else:
+                    st.error("Failed to create device")
+        elif action == "List":
+            if st.button("Get Devices"):
+                response = api_call('GET', '/admin/devices/')
+                if response.status_code == 200:
+                    devices = response.json()
+                    st.json(devices)
+                else:
+                    st.error("Failed to fetch devices")
+        elif action == "Delete":
+            device_id = st.number_input("Device ID", min_value=1)
+            if st.button("Delete"):
+                response = api_call('DELETE', f'/admin/devices/{device_id}')
+                if response.status_code == 200:
+                    st.success("Device deleted!")
+                    st.json(response.json())
+                else:
+                    st.error("Failed to delete device")
+
+    elif page == "Clearance":
+        st.header("Clearance Management")
+        matric_no = st.text_input("Matric No")
+        department = st.selectbox("Department", ["Library", "Student Affairs", "Bursary", "Academic Affairs", "Health Center"])
+        status = st.selectbox("Status", ["pending", "approved", "rejected"])
+        remarks = st.text_area("Remarks")
+        if st.button("Update Clearance"):
+            data = {"matric_no": matric_no, "department": department, "status": status, "remarks": remarks}
+            response = api_call('PUT', '/clearance/update', data)
+            if response.status_code == 200:
+                st.success("Clearance updated!")
+                st.json(response.json())
+            else:
+                st.error("Failed to update clearance")
+
+    elif page == "RFID":
+        st.header("RFID Check Status")
+        tag_id = st.text_input("Tag ID")
+        if st.button("Check Status"):
+            data = {"tag_id": tag_id}
+            response = api_call('POST', '/rfid/check-status', data)
+            if response.status_code == 200:
+                st.json(response.json())
+            else:
+                st.error("Failed to check status")
+
+    elif page == "Scanners":
+        st.header("Scanner Management")
+        action = st.selectbox("Action", ["Activate", "Retrieve"])
+        if action == "Activate":
+            api_key = st.text_input("Device API Key")
+            if st.button("Activate Scanner"):
+                data = {"api_key": api_key}
+                response = api_call('POST', '/rfid/scanners/activate', data)
+                if response.status_code == 204:
+                    st.success("Scanner activated!")
+                else:
+                    st.error("Failed to activate")
+        elif action == "Retrieve":
+            if st.button("Retrieve Tag"):
+                response = api_call('GET', '/rfid/scanners/retrieve')
+                if response.status_code == 200:
+                    st.json(response.json())
+                else:
+                    st.error("No tag scanned yet")
+
+    elif page == "Profile":
+        st.header("My Profile")
+        if st.button("Get My Profile"):
+            response = api_call('GET', '/users/me')
+            if response.status_code == 200:
+                st.json(response.json())
+            else:
+                st.error("Failed to fetch profile")