Spaces:

amosnbn
/

PapuaTranslate

Sleeping

App Files Files Community

amosnbn commited on Oct 28

Commit

9031ea7

1 Parent(s): 9fd8fc8

fix(auth): dual columns pass_hash/password + sticky sessions + prenorm + lazy LoRA

Browse files

Files changed (1) hide show

app.py +87 -109

app.py CHANGED Viewed

@@ -1,99 +1,83 @@
-# app.py
-# PapuaTranslate — Flask 3 + SQLAlchemy + Supabase + mT5-LoRA (lazy load) + prenorm
-import os, re, json, logging, threading
 from datetime import datetime, timezone
 from functools import wraps
-from typing import Optional, Tuple, List
 from flask import (
     Flask, render_template, request, redirect, url_for,
     session, jsonify, flash
 )
-# ========= Logging =========
 logging.basicConfig(level=logging.INFO, format="%(asctime)s | %(levelname)s | %(message)s")
 log = logging.getLogger("papua-app")
-# ========= Flask =========
-app = Flask(
-    __name__,
-    template_folder="frontend",  # folder HTML kamu
-    static_folder="static"
-)
 app.config["SECRET_KEY"] = os.getenv("SECRET_KEY", "dev-secret-change-me")
-app.config["SESSION_COOKIE_SAMESITE"] = "Lax"     # biar fetch same-origin ikut kirim cookie
-app.config["SESSION_COOKIE_SECURE"] = False       # True kalau pakai https strict
-# ========= DB: SQLAlchemy (Supabase Postgres) =========
-from sqlalchemy import (
-    create_engine, Column, Integer, Text, DateTime, ForeignKey, func
-)
 from sqlalchemy.orm import declarative_base, sessionmaker, scoped_session, relationship
-DATABASE_URL = os.getenv("DATABASE_URL") or os.getenv("DB_URL")
-if not DATABASE_URL:
-    # fallback aman untuk run lokal
-    DATABASE_URL = "sqlite:////tmp/app.db"
-    log.warning("[DB] DATABASE_URL tidak diset; pakai SQLite /tmp/app.db")
-# tambahkan sslmode=require kalau Postgres dan belum ada
 if DATABASE_URL.startswith("postgresql") and "sslmode=" not in DATABASE_URL:
-    sep = "&" if "?" in DATABASE_URL else "?"
-    DATABASE_URL = f"{DATABASE_URL}{sep}sslmode=require"
-engine = create_engine(
-    DATABASE_URL,
-    pool_pre_ping=True,
-)
 SessionLocal = scoped_session(sessionmaker(bind=engine, autoflush=False, autocommit=False))
 Base = declarative_base()
 class User(Base):
     __tablename__ = "users"
-    id = Column(Integer, primary_key=True)
-    email = Column(Text, unique=True, nullable=False)
-    pass_hash = Column(Text, nullable=False)  # WAJIB: pakai pass_hash
     created_at = Column(DateTime(timezone=True), server_default=func.now())
 class Translation(Base):
     __tablename__ = "translations"
-    id = Column(Integer, primary_key=True)
-    user_id = Column(Integer, ForeignKey("users.id"), nullable=False)
-    src = Column(Text, nullable=False)
-    mt = Column(Text, nullable=False)
     created_at = Column(DateTime(timezone=True), server_default=func.now())
-    user = relationship("User")
-# create_all aman untuk SQLite; untuk Supabase jika tabel sudah ada, ini tidak mengubah skema
 try:
     Base.metadata.create_all(engine)
     log.info("[DB] Ready: %s", DATABASE_URL)
 except Exception as e:
     log.exception("[DB] init error: %s", e)
-# ========= Auth helpers =========
 from werkzeug.security import generate_password_hash, check_password_hash
-def set_password(user: User, raw: str):
-    user.pass_hash = generate_password_hash(raw)
-def verify_password(user: User, raw: str) -> bool:
-    try:
-        return check_password_hash(user.pass_hash, raw)
-    except Exception:
-        return False
 def login_required(fn):
     @wraps(fn)
-    def _wrap(*args, **kwargs):
         if not session.get("uid"):
             return redirect(url_for("login_get"))
-        return fn(*args, **kwargs)
-    return _wrap
-# ========= Prenorm (heuristik ringan agar input lebih bersih) =========
-# Kamu bisa kembangkan sesuai kebutuhanmu.
 PAPUA_MAP = {
     r"\bsa\b": "saya",
     r"\bko\b": "kamu",
@@ -104,27 +88,23 @@ PAPUA_MAP = {
     r"\bsu\b": "sudah",
     r"\bkong\b": "kemudian",
 }
-def prenorm(text: str) -> str:
-    t = text.strip()
     t = re.sub(r"\s+", " ", t)
-    # normalisasi tanda baca aneh
-    t = t.replace("…", "...").replace("–", "-").replace("—", "-")
-    # map kata umum dialek → baku (heuristik)
     for pat, repl in PAPUA_MAP.items():
         t = re.sub(pat, repl, t, flags=re.IGNORECASE)
     return t
-# ========= Model (lazy-load LoRA) =========
 from transformers import AutoTokenizer, AutoModelForSeq2SeqLM
 from peft import PeftModel
 BASE_MODEL_ID = os.getenv("BASE_MODEL_ID", "amosnbn/cendol-mt5-base-inst")
 ADAPTER_ID    = os.getenv("ADAPTER_ID", "amosnbn/papua-lora-ckpt-168")
-DEVICE = os.getenv("DEVICE", "cpu")  # di Spaces CPU
 TOK = None
 MODEL = None
-_MODEL_LOCK = threading.Lock()
 def _load_model():
     global TOK, MODEL
@@ -140,38 +120,46 @@ def _load_model():
 def get_model():
     global MODEL
     if MODEL is None:
-        with _MODEL_LOCK:
             if MODEL is None:
                 _load_model()
     return TOK, MODEL
-def translate_with_model(text: str, max_new_tokens: int = 48) -> str:
     tok, m = get_model()
-    inputs = tok([text], return_tensors="pt")
-    outputs = m.generate(
-        **inputs,
-        max_new_tokens=max_new_tokens,
         num_beams=4,
         length_penalty=0.9,
         no_repeat_ngram_size=3,
         early_stopping=True,
     )
-    mt = tok.decode(outputs[0], skip_special_tokens=True)
-    return mt
-# ========= Hooks & small utils =========
 @app.before_request
 def _log_req():
-    path = request.path
-    if path not in ("/health", "/ping", "/favicon.ico"):
-        log.info("[REQ] %s %s", request.method, path)
-# ========= Routes =========
 @app.get("/health")
 @app.get("/ping")
 def health():
-    return jsonify({"ok": True, "time": datetime.now(timezone.utc).isoformat()})
 @app.get("/login")
 def login_get():
     return render_template("login.html")
@@ -179,20 +167,19 @@ def login_get():
 @app.post("/login")
 def login_post():
     email = (request.form.get("email") or "").strip().lower()
-    pwd = request.form.get("password") or ""
     if not email or not pwd:
         flash("Isi email dan password", "error")
         return redirect(url_for("login_get"))
     with SessionLocal() as s:
         u = s.query(User).filter_by(email=email).first()
-        if not u or not verify_password(u, pwd):
             flash("Email atau password salah", "error")
             return redirect(url_for("login_get"))
         session["uid"] = u.id
         session["email"] = u.email
-        return redirect(url_for("index"))
 @app.get("/register")
 def register_get():
@@ -200,19 +187,22 @@ def register_get():
 @app.post("/register")
 def register_post():
     email = (request.form.get("email") or "").strip().lower()
-    pwd = request.form.get("password") or ""
     if not email or not pwd:
         flash("Isi email dan password", "error")
         return redirect(url_for("register_get"))
     with SessionLocal() as s:
         if s.query(User).filter_by(email=email).first():
             flash("Email sudah terdaftar", "error")
-            return redirect(url_for("register_get"))
         u = User(email=email)
-        set_password(u, pwd)     # SIMPAN di pass_hash
-        s.add(u); s.commit()
         session["uid"] = u.id
         session["email"] = u.email
     return redirect(url_for("index"))
@@ -222,47 +212,41 @@ def logout():
     session.clear()
     return redirect(url_for("login_get"))
 @app.get("/")
 @login_required
 def index():
     device = DEVICE
-    # ambil 10 history terakhir
     with SessionLocal() as s:
-        uid = session.get("uid")
         items = (
             s.query(Translation)
             .filter(Translation.user_id == uid)
             .order_by(Translation.id.desc())
-            .limit(10)
-            .all()
         )
         recent = [{"src": it.src, "mt": it.mt, "created_at": it.created_at} for it in items]
     return render_template("index.html", logged_in=True, device=device, recent=recent)
 @app.post("/translate")
 def api_translate():
-    # jika ingin wajib login:
-    if not session.get("uid"):
         return jsonify({"error": "Unauthorized"}), 401
     data = request.get_json(silent=True) or {}
     text = (data.get("text") or "").strip()
-    max_new = int(data.get("max_new_tokens", 48))
     if not text:
-        return jsonify({"error": "Empty text"}), 400
     try:
-        # langkah prenorm → model
         clean = prenorm(text)
-        mt = translate_with_model(clean, max_new_tokens=max_new)
-        # simpan riwayat
         with SessionLocal() as s:
             s.add(Translation(user_id=session["uid"], src=text, mt=mt))
             s.commit()
         return jsonify({"mt": mt})
     except Exception as e:
         log.exception("translate error: %s", e)
-        return jsonify({"error": "server error"}), 500
 @app.get("/history")
 def api_history():
@@ -274,16 +258,10 @@ def api_history():
             s.query(Translation)
             .filter(Translation.user_id == uid)
             .order_by(Translation.id.desc())
-            .limit(10)
-            .all()
         )
-        out = [{
-            "src": it.src,
-            "mt": it.mt,
-            "created_at": it.created_at.strftime("%Y-%m-%d %H:%M")
-        } for it in items]
     return jsonify({"items": out})
 if __name__ == "__main__":
-    # untuk run lokal: python app.py
     app.run(host="0.0.0.0", port=int(os.getenv("PORT", "7860")), debug=True)

+# app.py — PapuaTranslate (Flask 3 + SQLAlchemy + Supabase + mT5-LoRA + prenorm)
+import os, re, logging, threading
 from datetime import datetime, timezone
 from functools import wraps
 from flask import (
     Flask, render_template, request, redirect, url_for,
     session, jsonify, flash
 )
 logging.basicConfig(level=logging.INFO, format="%(asctime)s | %(levelname)s | %(message)s")
 log = logging.getLogger("papua-app")
+app = Flask(__name__, template_folder="frontend", static_folder="static")
 app.config["SECRET_KEY"] = os.getenv("SECRET_KEY", "dev-secret-change-me")
+# cookie settings — aman untuk Spaces
+app.config["SESSION_COOKIE_SAMESITE"] = "Lax"
+app.config["SESSION_COOKIE_SECURE"] = True  # Spaces via HTTPS → kirim cookie
+# ================= DB =================
+from sqlalchemy import create_engine, Column, Integer, Text, DateTime, ForeignKey, func
 from sqlalchemy.orm import declarative_base, sessionmaker, scoped_session, relationship
+DATABASE_URL = os.getenv("DATABASE_URL") or os.getenv("DB_URL") or "sqlite:////tmp/app.db"
 if DATABASE_URL.startswith("postgresql") and "sslmode=" not in DATABASE_URL:
+    DATABASE_URL += ("&" if "?" in DATABASE_URL else "?") + "sslmode=require"
+engine = create_engine(DATABASE_URL, pool_pre_ping=True)
 SessionLocal = scoped_session(sessionmaker(bind=engine, autoflush=False, autocommit=False))
 Base = declarative_base()
 class User(Base):
     __tablename__ = "users"
+    id         = Column(Integer, primary_key=True)
+    email      = Column(Text, unique=True, nullable=False)
+    # DUA kolom agar kompatibel dengan skema lamamu
+    pass_hash  = Column(Text, nullable=True)   # kolom baru (target utama)
+    password   = Column(Text, nullable=True)   # kolom lama (legacy)
     created_at = Column(DateTime(timezone=True), server_default=func.now())
 class Translation(Base):
     __tablename__ = "translations"
+    id         = Column(Integer, primary_key=True)
+    user_id    = Column(Integer, ForeignKey("users.id"), nullable=False)
+    src        = Column(Text, nullable=False)
+    mt         = Column(Text, nullable=False)
     created_at = Column(DateTime(timezone=True), server_default=func.now())
+    user       = relationship("User")
 try:
     Base.metadata.create_all(engine)
     log.info("[DB] Ready: %s", DATABASE_URL)
 except Exception as e:
     log.exception("[DB] init error: %s", e)
+# ================= Auth =================
 from werkzeug.security import generate_password_hash, check_password_hash
+def _set_hash_fields(u: User, raw: str):
+    h = generate_password_hash(raw)
+    u.pass_hash = h
+    u.password  = h  # isi juga kolom lama supaya tidak NULL
+def _get_hash(u: User) -> str | None:
+    # utamakan pass_hash, fallback ke password
+    return u.pass_hash or u.password
+def _verify(u: User, raw: str) -> bool:
+    h = _get_hash(u)
+    return check_password_hash(h, raw) if h else False
 def login_required(fn):
     @wraps(fn)
+    def wrap(*a, **kw):
         if not session.get("uid"):
             return redirect(url_for("login_get"))
+        return fn(*a, **kw)
+    return wrap
+# ================= Prenorm =================
 PAPUA_MAP = {
     r"\bsa\b": "saya",
     r"\bko\b": "kamu",
     r"\bsu\b": "sudah",
     r"\bkong\b": "kemudian",
 }
+def prenorm(t: str) -> str:
+    t = t.strip()
     t = re.sub(r"\s+", " ", t)
     for pat, repl in PAPUA_MAP.items():
         t = re.sub(pat, repl, t, flags=re.IGNORECASE)
     return t
+# ================= Model (lazy LoRA) =================
 from transformers import AutoTokenizer, AutoModelForSeq2SeqLM
 from peft import PeftModel
 BASE_MODEL_ID = os.getenv("BASE_MODEL_ID", "amosnbn/cendol-mt5-base-inst")
 ADAPTER_ID    = os.getenv("ADAPTER_ID", "amosnbn/papua-lora-ckpt-168")
+DEVICE        = os.getenv("DEVICE", "cpu")
 TOK = None
 MODEL = None
+_LOCK = threading.Lock()
 def _load_model():
     global TOK, MODEL
 def get_model():
     global MODEL
     if MODEL is None:
+        with _LOCK:
             if MODEL is None:
                 _load_model()
     return TOK, MODEL
+def translate_core(text: str, max_new: int = 48) -> str:
     tok, m = get_model()
+    inp = tok([text], return_tensors="pt")
+    out = m.generate(
+        **inp,
+        max_new_tokens=max_new,
         num_beams=4,
         length_penalty=0.9,
         no_repeat_ngram_size=3,
         early_stopping=True,
     )
+    return tok.decode(out[0], skip_special_tokens=True)
+# ================ Utils & Hooks ================
 @app.before_request
 def _log_req():
+    p = request.path
+    if p not in ("/health", "/ping", "/favicon.ico"):
+        log.info("[REQ] %s %s", request.method, p)
 @app.get("/health")
 @app.get("/ping")
 def health():
+    return jsonify(ok=True, time=datetime.now(timezone.utc).isoformat())
+@app.get("/debug/session")
+def debug_session():
+    return jsonify({
+        "uid": session.get("uid"),
+        "email": session.get("email"),
+        "cookie_secure": app.config["SESSION_COOKIE_SECURE"],
+        "cookie_samesite": app.config["SESSION_COOKIE_SAMESITE"],
+    })
+# ================ Auth routes ================
 @app.get("/login")
 def login_get():
     return render_template("login.html")
 @app.post("/login")
 def login_post():
     email = (request.form.get("email") or "").strip().lower()
+    pwd   = request.form.get("password") or request.form.get("pass") or ""
+    log.info("[AUTH] login attempt email=%s len(pwd)=%d", email, len(pwd))
     if not email or not pwd:
         flash("Isi email dan password", "error")
         return redirect(url_for("login_get"))
     with SessionLocal() as s:
         u = s.query(User).filter_by(email=email).first()
+        if not u or not _verify(u, pwd):
             flash("Email atau password salah", "error")
             return redirect(url_for("login_get"))
         session["uid"] = u.id
         session["email"] = u.email
+    return redirect(url_for("index"))
 @app.get("/register")
 def register_get():
 @app.post("/register")
 def register_post():
+    # TERIMA beberapa kemungkinan nama field agar match file HTML-mu
     email = (request.form.get("email") or "").strip().lower()
+    pwd   = (request.form.get("password") or request.form.get("pass") or "").strip()
+    log.info("[AUTH] register email=%s len(pwd)=%d", email, len(pwd))
     if not email or not pwd:
         flash("Isi email dan password", "error")
         return redirect(url_for("register_get"))
     with SessionLocal() as s:
         if s.query(User).filter_by(email=email).first():
             flash("Email sudah terdaftar", "error")
+            return redirect(url_for("login_get"))
         u = User(email=email)
+        _set_hash_fields(u, pwd)              # isi pass_hash & password
+        s.add(u); s.commit(); s.refresh(u)
+        log.info("[AUTH] user created id=%s pass_hash_set=%s password_set=%s",
+                 u.id, bool(u.pass_hash), bool(u.password))
         session["uid"] = u.id
         session["email"] = u.email
     return redirect(url_for("index"))
     session.clear()
     return redirect(url_for("login_get"))
+# ================ App routes ================
 @app.get("/")
 @login_required
 def index():
     device = DEVICE
     with SessionLocal() as s:
+        uid = session["uid"]
         items = (
             s.query(Translation)
             .filter(Translation.user_id == uid)
             .order_by(Translation.id.desc())
+            .limit(10).all()
         )
         recent = [{"src": it.src, "mt": it.mt, "created_at": it.created_at} for it in items]
     return render_template("index.html", logged_in=True, device=device, recent=recent)
 @app.post("/translate")
 def api_translate():
+    if not session.get("uid"):  # keamanan
         return jsonify({"error": "Unauthorized"}), 401
     data = request.get_json(silent=True) or {}
     text = (data.get("text") or "").strip()
+    maxn = int(data.get("max_new_tokens", 48))
     if not text:
+        return jsonify({"error":"Empty text"}), 400
     try:
         clean = prenorm(text)
+        mt = translate_core(clean, max_new=maxn)
         with SessionLocal() as s:
             s.add(Translation(user_id=session["uid"], src=text, mt=mt))
             s.commit()
         return jsonify({"mt": mt})
     except Exception as e:
         log.exception("translate error: %s", e)
+        return jsonify({"error":"server error"}), 500
 @app.get("/history")
 def api_history():
             s.query(Translation)
             .filter(Translation.user_id == uid)
             .order_by(Translation.id.desc())
+            .limit(10).all()
         )
+    out = [{"src": i.src, "mt": i.mt, "created_at": i.created_at.strftime("%Y-%m-%d %H:%M")} for i in items]
     return jsonify({"items": out})
 if __name__ == "__main__":
     app.run(host="0.0.0.0", port=int(os.getenv("PORT", "7860")), debug=True)