ok

app.py

@@ -1,202 +1,149 @@
-# app.py — PapuaTranslate (HuggingFace Spaces + Supabase + mT5-LoRA + prenorm)
-
-import os, re, logging, threading
-from datetime import datetime, timezone
-from functools import wraps
+# app.py — PapuaTranslate (HF Spaces, Flask)
+import os, logging
+from functools import lru_cache
+from typing import Optional
 from flask import (
     Flask, render_template, request, redirect, url_for,
-    session, jsonify, flash
+    session, flash, jsonify
 )
-from werkzeug.security import generate_password_hash, check_password_hash
+from werkzeug.security import check_password_hash, generate_password_hash
 
-logging.basicConfig(level=logging.INFO, format="%(asctime)s | %(levelname)s | %(message)s")
-log = logging.getLogger("papuatranslate")
-
-# ================= APP CONFIG =================
-app = Flask(__name__, template_folder="frontend", static_folder="static")
-app.config["SECRET_KEY"] = os.getenv("SECRET_KEY", "dev-secret-key")
-app.config["SESSION_COOKIE_SAMESITE"] = "Lax"
-app.config["SESSION_COOKIE_SECURE"] = False  # penting di Spaces biar cookie disimpan
-app.config["PERMANENT_SESSION_LIFETIME"] = 3600 * 24
-
-# ================= DATABASE =================
-from sqlalchemy import create_engine, Column, Integer, Text, DateTime, ForeignKey, func
-from sqlalchemy.orm import declarative_base, sessionmaker, scoped_session, relationship
-
-DATABASE_URL = os.getenv("DATABASE_URL", "sqlite:///local.db")
-if DATABASE_URL.startswith("postgresql") and "sslmode" not in DATABASE_URL:
-    DATABASE_URL += "?sslmode=require"
-
-engine = create_engine(DATABASE_URL, pool_pre_ping=True)
-SessionLocal = scoped_session(sessionmaker(bind=engine))
-Base = declarative_base()
-
-class User(Base):
-    __tablename__ = "users"
-    id         = Column(Integer, primary_key=True)
-    email      = Column(Text, unique=True, nullable=False)
-    pass_hash  = Column(Text, nullable=True)
-    password   = Column(Text, nullable=True)
-    created_at = Column(DateTime(timezone=True), server_default=func.now())
-
-class Translation(Base):
-    __tablename__ = "translations"
-    id         = Column(Integer, primary_key=True)
-    user_id    = Column(Integer, ForeignKey("users.id"))
-    src        = Column(Text)
-    mt         = Column(Text)
-    created_at = Column(DateTime(timezone=True), server_default=func.now())
-
-Base.metadata.create_all(engine)
-log.info("[DB] Ready: %s", DATABASE_URL)
-
-# ================= PRENORM =================
-PAPUA_MAP = {
-    r"\bsa\b": "saya",
-    r"\bko\b": "kamu",
-    r"\btra\b": "tidak",
-    r"\bndak\b": "tidak",
-    r"\bmo\b": "mau",
-    r"\bpu\b": "punya",
-    r"\bsu\b": "sudah",
-    r"\bkong\b": "kemudian",
-}
-def prenorm(t: str) -> str:
-    t = re.sub(r"\s+", " ", t.strip())
-    for pat, rep in PAPUA_MAP.items():
-        t = re.sub(pat, rep, t, flags=re.IGNORECASE)
-    return t
-
-# ================= AUTH UTILS =================
-def _set_hash(user: User, raw_pwd: str):
-    h = generate_password_hash(raw_pwd)
-    user.pass_hash = h
-    user.password = h
-
-def _verify(user: User, raw_pwd: str) -> bool:
-    return check_password_hash(user.pass_hash or user.password, raw_pwd)
-
-def login_required(f):
-    @wraps(f)
-    def decorated(*args, **kwargs):
-        if not session.get("uid"):
-            return redirect(url_for("login_get"))
-        return f(*args, **kwargs)
-    return decorated
-
-# ================= MODEL (lazy-load) =================
+# --- SQLAlchemy (opsional: Supabase Postgres) ---
+from sqlalchemy import create_engine, text
+from sqlalchemy.exc import SQLAlchemyError
+
+# --- Model (lazy load) ---
+import torch
 from transformers import AutoTokenizer, AutoModelForSeq2SeqLM
 from peft import PeftModel
 
-BASE_MODEL_ID = os.getenv("BASE_MODEL_ID", "amosnbn/cendol-mt5-base-inst")
-ADAPTER_ID = os.getenv("ADAPTER_ID", "amosnbn/papua-lora-ckpt-168")
-DEVICE = os.getenv("DEVICE", "cpu")
-_tok, _model, _lock = None, None, threading.Lock()
-
-def get_model():
-    global _tok, _model
-    if _model is None:
-        with _lock:
-            if _model is None:
-                log.info("[MODEL] Loading base=%s adapter=%s", BASE_MODEL_ID, ADAPTER_ID)
-                _tok = AutoTokenizer.from_pretrained(BASE_MODEL_ID)
-                base = AutoModelForSeq2SeqLM.from_pretrained(BASE_MODEL_ID)
-                _model = PeftModel.from_pretrained(base, ADAPTER_ID)
-                _model.eval()
-                if DEVICE == "cpu": _model.to("cpu")
-                log.info("[MODEL] Loaded successfully")
-    return _tok, _model
-
-def translate_mt(text: str, max_new=48) -> str:
-    tok, model = get_model()
-    inputs = tok([text], return_tensors="pt")
-    output = model.generate(**inputs, max_new_tokens=max_new, num_beams=4)
-    return tok.decode(output[0], skip_special_tokens=True)
-
-# ================= ROUTES =================
-@app.before_request
-def _req():
-    log.info("[REQ] %s %s", request.method, request.path)
-
-@app.get("/")
-@login_required
-def index():
-    with SessionLocal() as s:
-        uid = session["uid"]
-        hist = s.query(Translation).filter(Translation.user_id == uid).all()
-        data = [{"src": h.src, "mt": h.mt} for h in hist]
-    return render_template("index.html", user=session.get("email"), data=data)
-
-@app.get("/login")
-def login_get():
+logging.basicConfig(level=logging.INFO, format="%(asctime)s | %(levelname)s | %(message)s")
+log = logging.getLogger("papua-translate")
+
+# ================== ENV ==================
+SECRET_KEY     = os.getenv("SECRET_KEY", "dev-secret-please-set")
+DATABASE_URL   = os.getenv("DATABASE_URL", "")  # e.g. postgresql+psycopg2://user:pass@host:6543/postgres?sslmode=require
+BASE_MODEL_ID  = os.getenv("BASE_MODEL_ID", "google/mt5-small")
+ADAPTER_ID     = os.getenv("ADAPTER_ID", "")    # e.g. your LoRA on HF
+DISABLE_AUTH   = os.getenv("DISABLE_AUTH", "false").lower() in ("1", "true", "yes")
+
+# ================== APP ==================
+app = Flask(__name__, template_folder="templates", static_folder="static")
+app.secret_key = SECRET_KEY
+
+# Cookie settings aman untuk HF (HTTPS)
+app.config.update(
+    SESSION_COOKIE_HTTPONLY=True,
+    SESSION_COOKIE_SAMESITE="Lax",
+    SESSION_COOKIE_SECURE=True,  # HF pakai HTTPS
+    PERMANENT_SESSION_LIFETIME=60*60*8,  # 8 jam
+)
+
+# ================== DB (opsional) ==================
+engine = None
+if DATABASE_URL:
+    try:
+        engine = create_engine(DATABASE_URL, pool_pre_ping=True, pool_recycle=1800)
+        with engine.connect() as conn:
+            conn.execute(text("SELECT 1"))
+        log.info("[DB] Connected OK")
+    except SQLAlchemyError as e:
+        log.error(f"[DB] Failed: {e}")
+
+# ================== AUTH MOCK ==================
+# Untuk demo: 1 user statis via ENV (atau bisa kamu simpan di DB)
+ADMIN_USER = os.getenv("ADMIN_USER", "admin@example.com")
+ADMIN_PASS_HASH = os.getenv("ADMIN_PASS_HASH", generate_password_hash(os.getenv("ADMIN_PASS", "admin123")))
+
+def is_logged_in() -> bool:
+    return bool(session.get("uid"))
+
+# ================== LAZY MODEL ==================
+@lru_cache(maxsize=1)
+def _load_model():
+    """
+    Load base mT5 + attach LoRA (jika ada). Diload sekali saat dipakai pertama kali.
+    """
+    log.info(f"[MODEL] Loading base: {BASE_MODEL_ID}")
+    tok = AutoTokenizer.from_pretrained(BASE_MODEL_ID)
+    base = AutoModelForSeq2SeqLM.from_pretrained(BASE_MODEL_ID)
+    if ADAPTER_ID:
+        log.info(f"[MODEL] Attaching LoRA: {ADAPTER_ID}")
+        base = PeftModel.from_pretrained(base, ADAPTER_ID)
+    device = "cuda" if torch.cuda.is_available() else "cpu"
+    base.to(device)
+    base.eval()
+    log.info(f"[MODEL] Ready on {device}")
+    return tok, base, device
+
+def translate_text(input_text: str, max_new_tokens: int = 64) -> str:
+    tok, model, device = _load_model()
+    inputs = tok(input_text, return_tensors="pt", truncation=True).to(device)
+    with torch.no_grad():
+        out = model.generate(
+            **inputs,
+            max_new_tokens=max_new_tokens,
+            num_beams=4,
+            length_penalty=1.0
+        )
+    return tok.decode(out[0], skip_special_tokens=True)
+
+# ================== ROUTES ==================
+@app.route("/")
+def home():
+    # Jika auth dimatikan, langsung ke dashboard
+    if DISABLE_AUTH or is_logged_in():
+        return redirect(url_for("dashboard"))
+    return redirect(url_for("login"))
+
+@app.route("/login", methods=["GET", "POST"])
+def login():
+    if DISABLE_AUTH:
+        session["uid"] = "debug-user"
+        return redirect(url_for("dashboard"))
+
+    if request.method == "POST":
+        email = request.form.get("email", "").strip().lower()
+        password = request.form.get("password", "")
+        if email == ADMIN_USER and check_password_hash(ADMIN_PASS_HASH, password):
+            session["uid"] = email
+            return redirect(url_for("dashboard"))
+        flash("Email atau password salah.", "error")
+        return render_template("login.html")
     return render_template("login.html")
 
-@app.post("/login")
-def login_post():
-    email = (request.form.get("email") or "").strip().lower()
-    pwd   = request.form.get("password") or ""
-    log.info("[AUTH] login attempt %s", email)
-    if not email or not pwd:
-        flash("Email atau password kosong", "error")
-        return redirect(url_for("login_get"))
-
-    with SessionLocal() as s:
-        u = s.query(User).filter_by(email=email).first()
-        if not u or not _verify(u, pwd):
-            flash("Email/password salah", "error")
-            return redirect(url_for("login_get"))
-        session["uid"] = u.id
-        session["email"] = u.email
-        log.info("[AUTH] Login OK uid=%s", u.id)
-    return redirect(url_for("index"))
-
-@app.get("/register")
-def register_get():
-    return render_template("register.html")
-
-@app.post("/register")
-def register_post():
-    email = (request.form.get("email") or "").strip().lower()
-    pwd   = request.form.get("password") or ""
-    log.info("[AUTH] register %s", email)
-    if not email or not pwd:
-        flash("Lengkapi data", "error")
-        return redirect(url_for("register_get"))
-
-    with SessionLocal() as s:
-        if s.query(User).filter_by(email=email).first():
-            flash("Email sudah terdaftar", "error")
-            return redirect(url_for("login_get"))
-        u = User(email=email)
-        _set_hash(u, pwd)
-        s.add(u); s.commit()
-        log.info("[AUTH] created id=%s", u.id)
-        session["uid"], session["email"] = u.id, u.email
-    return redirect(url_for("index"))
-
-@app.get("/logout")
+@app.route("/logout")
 def logout():
     session.clear()
-    return redirect(url_for("login_get"))
-
-@app.post("/translate")
-def translate_api():
-    if not session.get("uid"):
-        return jsonify({"error": "not logged in"}), 401
+    flash("Anda telah keluar.", "info")
+    return redirect(url_for("login"))
+
+@app.route("/dashboard")
+def dashboard():
+    if not (DISABLE_AUTH or is_logged_in()):
+        return redirect(url_for("login"))
+    return render_template("dashboard.html")
+
+@app.route("/translate", methods=["POST"])
+def api_translate():
+    if not (DISABLE_AUTH or is_logged_in()):
+        return jsonify({"ok": False, "error": "Unauthorized"}), 401
     data = request.get_json(silent=True) or {}
     text = (data.get("text") or "").strip()
     if not text:
-        return jsonify({"error": "empty text"}), 400
-    norm = prenorm(text)
-    result = translate_mt(norm)
-    with SessionLocal() as s:
-        s.add(Translation(user_id=session["uid"], src=text, mt=result))
-        s.commit()
-    return jsonify({"mt": result})
-
-@app.get("/debug")
-def debug():
-    return jsonify(dict(session=session, cookies=request.cookies))
-
+        return jsonify({"ok": False, "error": "Text kosong"}), 400
+    try:
+        result = translate_text(text)
+        return jsonify({"ok": True, "result": result})
+    except Exception as e:
+        log.exception("Translate error")
+        return jsonify({"ok": False, "error": str(e)}), 500
+
+@app.route("/about")
+def about():
+    return render_template("about.html")
+
+# --- local run (Spaces akan pakai gunicorn) ---
 if __name__ == "__main__":
-    app.run(host="0.0.0.0", port=7860, debug=True)
+    port = int(os.environ.get("PORT", 7860))
+    app.run(host="0.0.0.0", port=port, debug=False)