Deploy Signal Generator app

src/main.py

@@ -200,23 +200,19 @@ async def health_check():
     logger.info(f"Health Check: {vitals}")
     return vitals
 
-from fastapi import FastAPI, HTTPException, Header, BackgroundTasks, Depends, Request
+# --- HTML & Public API ---
+
 from fastapi.responses import HTMLResponse
 from fastapi.templating import Jinja2Templates
 from fastapi.staticfiles import StaticFiles
-
-# ... imports ...
-
-app = FastAPI(title="Stock Alchemist Signal Generator")
+from fastapi import Request
 
 # Setup templates
 templates = Jinja2Templates(directory="src/templates")
 
-# ... existing code ...
-
-@app.get("/api/signals", dependencies=[Depends(verify_api_secret)])
+@app.get("/api/signals")
 async def get_signals():
-    """Get recent signals"""
+    """Get recent signals (Public Read-Only)"""
     try:
         db = LocalDatabase()
         signals = db.get_recent_signals(limit=50)

src/templates/index.html

@@ -140,28 +140,16 @@
             color: var(--text-secondary);
         }
         
-        /* Modal for secrets */
-        #secretModal {
-            display: flex; 
-            position: fixed; top: 0; left: 0; width: 100%; height: 100%;
-            background: rgba(0,0,0,0.8);
-            justify-content: center; align-items: center;
-            z-index: 100;
+        /* Scale down for mobile */
+        @media (max-width: 600px) {
+            .actions { grid-template-columns: 1fr; }
+            h1 { font-size: 1.5rem; }
         }
     </style>
 </head>
 <body>
 
-<div id="secretModal">
-    <div class="card" style="width: 400px; text-align: center;">
-        <h2>🔐 Enter API Secret</h2>
-        <p style="margin-bottom: 1rem; color: var(--text-secondary); font-size: 0.9rem;">Required to perform actions.</p>
-        <input type="password" id="apiSecretInput" placeholder="API_SECRET" />
-        <button class="btn" onclick="saveSecret()">Access Dashboard</button>
-    </div>
-</div>
-
-<div class="container" id="mainContent" style="display:none; filter: blur(5px);">
+<div class="container" id="mainContent">
     <header>
         <h1>🧪 Stock Alchemist</h1>
         <div class="status-badge" id="systemStatus">● System Online</div>
@@ -227,32 +215,30 @@
 </div>
 
 <script>
+    // Try to get secret from storage, but don't block UI if missing
     let API_SECRET = localStorage.getItem('api_secret');
 
-    function saveSecret() {
-        const input = document.getElementById('apiSecretInput').value;
-        if (input) {
-            localStorage.setItem('api_secret', input);
-            API_SECRET = input;
-            document.getElementById('secretModal').style.display = 'none';
-            document.getElementById('mainContent').style.display = 'block';
-            document.getElementById('mainContent').style.filter = 'none';
-            init();
-        }
-    }
-
-    if (API_SECRET) {
-        document.getElementById('secretModal').style.display = 'none';
-        document.getElementById('mainContent').style.display = 'block';
-        document.getElementById('mainContent').style.filter = 'none';
-        init();
-    }
+    // Initialize immediately
+    init();
 
     async function init() {
         checkHealth();
         loadSignals();
     }
 
+    function getSecretOrPrompt() {
+        if (!API_SECRET) {
+            const input = prompt("🔐 Enter API Secret to perform this action:");
+            if (input) {
+                API_SECRET = input;
+                localStorage.setItem('api_secret', input);
+            } else {
+                return null;
+            }
+        }
+        return API_SECRET;
+    }
+
     async function checkHealth() {
         try {
             const res = await fetch('/health');
@@ -274,10 +260,10 @@
     async function loadSignals() {
         const tbody = document.getElementById('signalsBody');
         try {
-            const res = await fetch('/api/signals', {
-                headers: { 'X-API-Secret': API_SECRET }
-            });
-            if (!res.ok) throw new Error('Auth failed');
+            // No secret needed for viewing now
+            const res = await fetch('/api/signals'); 
+            
+            if (!res.ok) throw new Error('Failed to fetch');
             
             const signals = await res.json();
             
@@ -290,26 +276,33 @@
                 const pos = s.signal_position || 'HOLD';
                 const cls = pos === 'BUY' ? 'tag-buy' : (pos === 'SELL' ? 'tag-sell' : 'tag-hold');
                 const sentiment = s.sentiment ? (s.sentiment.confidence ? `${(s.sentiment.confidence * 100).toFixed(0)}%` : '-') : '-';
-                // Try format date
-                const date = new Date(s.created_at).toLocaleString();
                 
+                // Format date safely
+                let dateStr = s.created_at;
+                try { 
+                    dateStr = new Date(s.created_at).toLocaleString(); 
+                } catch(e) {}
+
                 return `
                     <tr>
                         <td style="font-weight:600; color:white;">${s.ticker}</td>
                         <td>${s.signal_date}</td>
                         <td><span class="tag ${cls}">${pos}</span></td>
                         <td>${sentiment}</td>
-                        <td style="color:var(--text-secondary); font-size: 0.85rem;">${date}</td>
+                        <td style="color:var(--text-secondary); font-size: 0.85rem;">${dateStr}</td>
                     </tr>
                 `;
             }).join('');
             
         } catch (e) {
-            tbody.innerHTML = '<tr><td colspan="5" class="empty-state" style="color:#EF4444">Failed to load signals. Check API Secret.</td></tr>';
+            tbody.innerHTML = '<tr><td colspan="5" class="empty-state" style="color:#EF4444">Failed to load signals.</td></tr>';
         }
     }
 
     async function generateSignal() {
+        const secret = getSecretOrPrompt();
+        if (!secret) return;
+
         const ticker = document.getElementById('tickerInput').value.toUpperCase();
         const btn = document.getElementById('genBtn');
         if (!ticker) return alert('Please enter a ticker');
@@ -322,7 +315,7 @@
                 method: 'POST',
                 headers: {
                     'Content-Type': 'application/json',
-                    'X-API-Secret': API_SECRET
+                    'X-API-Secret': secret
                 },
                 body: JSON.stringify({ ticker: ticker })
             });
@@ -332,7 +325,13 @@
                 setTimeout(loadSignals, 2000);
             } else {
                 const err = await res.json();
-                alert('Error: ' + err.detail);
+                if (res.status === 403) {
+                     alert("Invalid API Secret. Please try again.");
+                     localStorage.removeItem('api_secret');
+                     API_SECRET = null;
+                } else {
+                     alert('Error: ' + (err.detail || 'Request failed'));
+                }
             }
         } catch (e) {
             alert('Request failed');
@@ -343,20 +342,37 @@
     }
 
     async function runAnalysis() {
+        const secret = getSecretOrPrompt();
+        if (!secret) return;
+        
         if (!confirm('Run Saturday Analysis? This is a heavy background task.')) return;
         
         try {
              const res = await fetch('/saturday-analysis', {
                 method: 'POST',
-                headers: { 'X-API-Secret': API_SECRET }
+                headers: { 'X-API-Secret': secret }
             });
-            alert('Analysis started in background.');
+            
+            if (res.ok) {
+                 alert('Analysis started in background.');
+            } else {
+                 if (res.status === 403) {
+                     alert("Invalid API Secret.");
+                     localStorage.removeItem('api_secret');
+                     API_SECRET = null;
+                 } else {
+                    alert('Failed to start analysis');
+                 }
+            }
         } catch (e) {
             alert('Failed to start analysis');
         }
     }
 
     async function testDb() {
+        const secret = getSecretOrPrompt();
+        if (!secret) return;
+
         const btn = event.target;
         const ogText = btn.innerText;
         btn.innerText = 'Testing...';
@@ -365,10 +381,17 @@
         try {
             const res = await fetch('/test-db', {
                 method: 'POST',
-                headers: { 'X-API-Secret': API_SECRET }
+                headers: { 'X-API-Secret': secret }
             });
             const data = await res.json();
             
+            if (res.status === 403) {
+                 alert("Invalid API Secret.");
+                 localStorage.removeItem('api_secret');
+                 API_SECRET = null;
+                 return;
+            }
+
             let msg = `Status: ${data.status.toUpperCase()}\n\n`;
             if (data.details) msg += data.details.join('\n');
             if (data.config) msg += `\n\nHost: ${data.config.host}\nSSL Set: ${data.config.ssl_ca_set}`;
@@ -387,6 +410,9 @@
     }
 
     async function testOllama() {
+        const secret = getSecretOrPrompt();
+        if (!secret) return;
+
         const btn = event.target;
         const ogText = btn.innerText;
         btn.innerText = 'Testing...';
@@ -395,10 +421,17 @@
         try {
             const res = await fetch('/test-ollama', {
                 method: 'POST',
-                headers: { 'X-API-Secret': API_SECRET }
+                headers: { 'X-API-Secret': secret }
             });
             const data = await res.json();
             
+            if (res.status === 403) {
+                 alert("Invalid API Secret.");
+                 localStorage.removeItem('api_secret');
+                 API_SECRET = null;
+                 return;
+            }
+
             let msg = `Status: ${data.status.toUpperCase()}\n\n`;
             if (data.details) msg += data.details.join('\n');