push refactored app

README.md

@@ -6,9 +6,9 @@ colorTo: pink
 sdk: gradio
 sdk_version: 3.36.1
 python_version: 3.10.6
-app_file: start.py
+app_file: app.py
 hf_oauth: true
-hf_oauth_redirect_path: /auth/callback
+hf_oauth_redirect_path: /login/callback
 ---
 
 Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference

app.py

@@ -1,5 +1,6 @@
 import gradio as gr
-from auth import get_app
+
+from auth import attach_oauth
 
 
 TEMPLATE = """
@@ -15,13 +16,26 @@ You can manage your connected applications in your [settings](https://huggingfac
 
 
 def show_profile(request: gr.Request) -> str:
+    if "user" not in request.request.session:
+        return "Please login first"
     return TEMPLATE.format(**request.request.session["user"])
 
 
 with gr.Blocks() as demo:
-    greet_btn = gr.Button("Show profile")
+    # Taken from https://cmgdo.com/external-link-in-gradio-button/
+    login_button = gr.Button("Login")
+    login_button.click(
+        None, None, None, _js="function() {location.replace('https://wauplin-gradio-oauth-test.hf.space/login/huggingface');}"
+    )
+
+    # Taken from https://cmgdo.com/external-link-in-gradio-button/
+    logout_button = gr.Button("Logout", variant="secondary")
+    logout_button.click(None, None, None, _js="function() {location.replace('https://wauplin-gradio-oauth-test.hf.space/logout');}")
+
+    profile_btn = gr.Button("Show profile")
     output = gr.Markdown()
-    greet_btn.click(fn=show_profile, outputs=output)
+    profile_btn.click(fn=show_profile, outputs=output)
 
-fastapi_app = get_app()
-app = gr.mount_gradio_app(fastapi_app, demo, path="/gradio")
+demo.launch(prevent_thread_lock=True, server_port=5173)
+attach_oauth(demo.server_app)
+demo.block_thread()

auth.py

@@ -30,18 +30,16 @@ oauth.register(
 )
 
 
-async def landing(request: Request):
-    if request.session.get("user"):
-        return RedirectResponse("/gradio")
-    else:
-        return RedirectResponse(request.url_for("oauth_login"))
-
-
 async def oauth_login(request: Request):
     redirect_uri = request.url_for("oauth_redirect_callback")
     return await oauth.huggingface.authorize_redirect(request, redirect_uri)
 
 
+async def oauth_logout(request: Request):
+    request.session.pop("user", None)
+    return RedirectResponse("/")
+
+
 async def oauth_redirect_callback(request: Request):
     token = await oauth.huggingface.authorize_access_token(request)
 
@@ -49,21 +47,12 @@ async def oauth_redirect_callback(request: Request):
         resp = await client.get(USER_INFO_URL, headers={"Authorization": f"Bearer {token['access_token']}"})
         user_info = resp.json()
 
-    request.session["user"] = user_info # TODO: we should store token instead
+    request.session["user"] = user_info  # TODO: we should store token instead
     return RedirectResponse(request.url_for("landing"))
 
 
-async def check_oauth(request: Request, call_next):
-    if request.url.path.startswith("/gradio") and not request.session.get("user"):  # protected route but not authenticated
-        return RedirectResponse("/")
-    return await call_next(request)
-
-
-def get_app() -> FastAPI:
-    app = FastAPI()
-    app.middleware("http")(check_oauth)
+def attach_oauth(app: FastAPI) -> None:
     app.add_middleware(SessionMiddleware, secret_key="session-secret-key")  # TODO: make this is secret key
-    app.get("/")(landing)
-    app.get("/auth/huggingface")(oauth_login)
-    app.get("/auth/callback")(oauth_redirect_callback)
-    return app
+    app.get("/login/huggingface")(oauth_login)
+    app.get("/login/callback")(oauth_redirect_callback)
+    app.get("/logout")(oauth_logout)

start.py

@@ -1,3 +0,0 @@
-import subprocess
-
-subprocess.run("uvicorn app:app --host 0.0.0.0 --port 7860 --forwarded-allow-ips '*'", shell=True)