Update app.py

app.py

@@ -1,4 +1,4 @@
-# app.py (Smoke Test - Now with URL fix and Error handling fix)
+# app.py (Smoke Test - Now with Authentication)
 import gradio as gr
 import httpx
 import os
@@ -6,42 +6,49 @@ import os
 # --- Config ---
 # Read the BASE URL from Hugging Face secrets
 BLAXEL_BASE_URL = os.getenv("BLAXEL_BACKEND_URL")
+# Read the API KEY from Hugging Face secrets
+BLAXEL_API_KEY = os.getenv("BLAXEL_API_KEY") 
 
 # --- Backend Client ---
 def call_blaxel_backend(user_problem):
     
-    # 1. Check if the secret was loaded
+    # 1. Check if the URL secret was loaded
     if not BLAXEL_BASE_URL:
         yield "Configuration Error: BLAXEL_BACKEND_URL secret is not set in Hugging Face."
-        yield "Please add your Blaxel URL to the 'Secrets' section of your Space settings."
         return 
 
-    # ---
-    # FIX 1: Construct the correct, full URL
-    # We add "/solve_problem" to the base URL from your secret
-    # rstrip('/') handles cases where you might or might not have a trailing slash
-    # ---
+    # 2. Check if the API KEY secret was loaded
+    if not BLAXEL_API_KEY:
+        yield "Configuration Error: BLAXEL_API_KEY secret is not set in Hugging Face."
+        yield "Please add your Blaxel API Key to the 'Secrets' section."
+        return
+
+    # 3. Construct the correct, full URL
     full_endpoint_url = f"{BLAXEL_BASE_URL.rstrip('/')}/solve_problem"
     
+    # 4. Create the authentication headers
+    headers = {
+        "Authorization": f"Bearer {BLAXEL_API_KEY}",
+        "Content-Type": "application/json"
+    }
+
     yield f"Attempting to connect to MudabbirAI (at {full_endpoint_url})..."
     
     try:
-        # We will use this client to make the streaming request
-        with httpx.stream("POST", full_endpoint_url, json={"problem": user_problem}, timeout=60) as response:
+        # 5. Pass the headers to the request
+        with httpx.stream("POST", full_endpoint_url, json={"problem": user_problem}, headers=headers, timeout=60) as response:
             
-            # ---
-            # FIX 2: Manually check for errors *before* iterating
-            # This avoids the `raise_for_status()` bug with `ResponseNotRead`
-            # ---
             if response.status_code != 200:
                 # Manually read the error response text
                 error_details = response.read().decode()
-                yield f"HTTP Error: Received status code {response.status_code} from Blaxel."
-                yield "This means the backend is running but rejected the request."
+                if response.status_code == 401 or response.status_code == 403:
+                    yield f"Authentication Error (HTTP {response.status_code}): Incorrect or invalid BLAXEL_API_KEY secret."
+                else:
+                    yield f"HTTP Error: Received status code {response.status_code} from Blaxel."
                 yield f"Details: {error_details}"
-                return # Stop the generator
+                return 
 
-            # If we get here, the status is 200, so we can safely stream the "happy path"
+            # If we get here, the status is 200!
             for chunk in response.iter_text():
                 # Each chunk is a status update
                 yield chunk