Spaces:
Running
on
CPU Upgrade
Running
on
CPU Upgrade
Commit
·
a749315
1
Parent(s):
79389ec
allow for it to work from the main space
Browse files- app.py +31 -14
- index.html +1 -1
app.py
CHANGED
|
@@ -82,6 +82,17 @@ def can_start_generation(username: str, is_pro: bool) -> tuple[bool, int, int]:
|
|
| 82 |
limit = 15 if is_pro else 1
|
| 83 |
return used < limit, used, limit
|
| 84 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 85 |
async def exchange_code_for_token(code: str, redirect_uri: str) -> dict:
|
| 86 |
"""Exchange OAuth code for access token"""
|
| 87 |
token_url = f"{OPENID_PROVIDER_URL}/oauth/token"
|
|
@@ -124,16 +135,20 @@ async def get_user_info(access_token: str) -> dict:
|
|
| 124 |
@app.get("/", response_class=HTMLResponse)
|
| 125 |
async def home(request: Request, access_token: Optional[str] = Cookie(None)):
|
| 126 |
"""Home page - check auth and show app or login"""
|
| 127 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 128 |
if not access_token:
|
| 129 |
return templates.TemplateResponse("index.html", {
|
| 130 |
"request": request,
|
| 131 |
"authenticated": False,
|
| 132 |
"oauth_client_id": OAUTH_CLIENT_ID,
|
| 133 |
-
"redirect_uri":
|
| 134 |
"space_host": SPACE_HOST
|
| 135 |
})
|
| 136 |
-
|
| 137 |
try:
|
| 138 |
user_info = await get_user_info(access_token)
|
| 139 |
except:
|
|
@@ -141,15 +156,15 @@ async def home(request: Request, access_token: Optional[str] = Cookie(None)):
|
|
| 141 |
"request": request,
|
| 142 |
"authenticated": False,
|
| 143 |
"oauth_client_id": OAUTH_CLIENT_ID,
|
| 144 |
-
"redirect_uri":
|
| 145 |
"space_host": SPACE_HOST,
|
| 146 |
"error": "Session expired. Please login again."
|
| 147 |
})
|
| 148 |
response.delete_cookie("access_token")
|
| 149 |
return response
|
| 150 |
-
|
| 151 |
can_start, used, limit = can_start_generation(user_info["username"], user_info["is_pro"])
|
| 152 |
-
|
| 153 |
return templates.TemplateResponse("index.html", {
|
| 154 |
"request": request,
|
| 155 |
"authenticated": True,
|
|
@@ -160,20 +175,22 @@ async def home(request: Request, access_token: Optional[str] = Cookie(None)):
|
|
| 160 |
})
|
| 161 |
|
| 162 |
@app.get("/oauth/callback")
|
| 163 |
-
async def oauth_callback(code: str, state: Optional[str] = None):
|
| 164 |
"""Handle OAuth callback from Hugging Face"""
|
| 165 |
if not code:
|
| 166 |
raise HTTPException(status_code=400, detail="Missing authorization code")
|
| 167 |
-
|
| 168 |
-
|
| 169 |
-
|
|
|
|
|
|
|
| 170 |
try:
|
| 171 |
token_data = await exchange_code_for_token(code, redirect_uri)
|
| 172 |
access_token = token_data.get("access_token")
|
| 173 |
-
|
| 174 |
if not access_token:
|
| 175 |
raise HTTPException(status_code=400, detail="No access token received")
|
| 176 |
-
|
| 177 |
response = RedirectResponse(url="/", status_code=302)
|
| 178 |
response.set_cookie(
|
| 179 |
key="access_token",
|
|
@@ -183,9 +200,9 @@ async def oauth_callback(code: str, state: Optional[str] = None):
|
|
| 183 |
samesite="lax",
|
| 184 |
max_age=30 * 24 * 60 * 60
|
| 185 |
)
|
| 186 |
-
|
| 187 |
return response
|
| 188 |
-
|
| 189 |
except Exception as e:
|
| 190 |
print(f"OAuth callback error: {e}")
|
| 191 |
raise HTTPException(status_code=400, detail=f"Authentication failed: {str(e)}")
|
|
|
|
| 82 |
limit = 15 if is_pro else 1
|
| 83 |
return used < limit, used, limit
|
| 84 |
|
| 85 |
+
def get_origin_from_request(request: Request) -> str:
|
| 86 |
+
"""Get the origin (scheme + host) from the request, with fallback to SPACE_HOST"""
|
| 87 |
+
# Try to get from request URL (works for both huggingface.co/spaces and .hf.space)
|
| 88 |
+
base_url = str(request.base_url).rstrip('/')
|
| 89 |
+
if base_url and base_url != "http://":
|
| 90 |
+
return base_url
|
| 91 |
+
|
| 92 |
+
# Fallback to SPACE_HOST environment variable
|
| 93 |
+
scheme = request.url.scheme or "https"
|
| 94 |
+
return f"{scheme}://{SPACE_HOST}"
|
| 95 |
+
|
| 96 |
async def exchange_code_for_token(code: str, redirect_uri: str) -> dict:
|
| 97 |
"""Exchange OAuth code for access token"""
|
| 98 |
token_url = f"{OPENID_PROVIDER_URL}/oauth/token"
|
|
|
|
| 135 |
@app.get("/", response_class=HTMLResponse)
|
| 136 |
async def home(request: Request, access_token: Optional[str] = Cookie(None)):
|
| 137 |
"""Home page - check auth and show app or login"""
|
| 138 |
+
|
| 139 |
+
# Dynamically detect origin from request
|
| 140 |
+
origin = get_origin_from_request(request)
|
| 141 |
+
redirect_uri = f"{origin}/oauth/callback"
|
| 142 |
+
|
| 143 |
if not access_token:
|
| 144 |
return templates.TemplateResponse("index.html", {
|
| 145 |
"request": request,
|
| 146 |
"authenticated": False,
|
| 147 |
"oauth_client_id": OAUTH_CLIENT_ID,
|
| 148 |
+
"redirect_uri": redirect_uri,
|
| 149 |
"space_host": SPACE_HOST
|
| 150 |
})
|
| 151 |
+
|
| 152 |
try:
|
| 153 |
user_info = await get_user_info(access_token)
|
| 154 |
except:
|
|
|
|
| 156 |
"request": request,
|
| 157 |
"authenticated": False,
|
| 158 |
"oauth_client_id": OAUTH_CLIENT_ID,
|
| 159 |
+
"redirect_uri": redirect_uri,
|
| 160 |
"space_host": SPACE_HOST,
|
| 161 |
"error": "Session expired. Please login again."
|
| 162 |
})
|
| 163 |
response.delete_cookie("access_token")
|
| 164 |
return response
|
| 165 |
+
|
| 166 |
can_start, used, limit = can_start_generation(user_info["username"], user_info["is_pro"])
|
| 167 |
+
|
| 168 |
return templates.TemplateResponse("index.html", {
|
| 169 |
"request": request,
|
| 170 |
"authenticated": True,
|
|
|
|
| 175 |
})
|
| 176 |
|
| 177 |
@app.get("/oauth/callback")
|
| 178 |
+
async def oauth_callback(request: Request, code: str, state: Optional[str] = None):
|
| 179 |
"""Handle OAuth callback from Hugging Face"""
|
| 180 |
if not code:
|
| 181 |
raise HTTPException(status_code=400, detail="Missing authorization code")
|
| 182 |
+
|
| 183 |
+
# Dynamically detect origin to match the authorization request
|
| 184 |
+
origin = get_origin_from_request(request)
|
| 185 |
+
redirect_uri = f"{origin}/oauth/callback"
|
| 186 |
+
|
| 187 |
try:
|
| 188 |
token_data = await exchange_code_for_token(code, redirect_uri)
|
| 189 |
access_token = token_data.get("access_token")
|
| 190 |
+
|
| 191 |
if not access_token:
|
| 192 |
raise HTTPException(status_code=400, detail="No access token received")
|
| 193 |
+
|
| 194 |
response = RedirectResponse(url="/", status_code=302)
|
| 195 |
response.set_cookie(
|
| 196 |
key="access_token",
|
|
|
|
| 200 |
samesite="lax",
|
| 201 |
max_age=30 * 24 * 60 * 60
|
| 202 |
)
|
| 203 |
+
|
| 204 |
return response
|
| 205 |
+
|
| 206 |
except Exception as e:
|
| 207 |
print(f"OAuth callback error: {e}")
|
| 208 |
raise HTTPException(status_code=400, detail=f"Authentication failed: {str(e)}")
|
index.html
CHANGED
|
@@ -545,7 +545,7 @@
|
|
| 545 |
<div class="login-message">
|
| 546 |
Sign in with Hugging Face to start generating videos
|
| 547 |
</div>
|
| 548 |
-
<a href="https://huggingface.co/oauth/authorize?response_type=code&client_id={{ oauth_client_id }}&redirect_uri=
|
| 549 |
class="btn btn-primary"
|
| 550 |
target="_blank">
|
| 551 |
Sign in with Hugging Face
|
|
|
|
| 545 |
<div class="login-message">
|
| 546 |
Sign in with Hugging Face to start generating videos
|
| 547 |
</div>
|
| 548 |
+
<a href="https://huggingface.co/oauth/authorize?response_type=code&client_id={{ oauth_client_id }}&redirect_uri={{ redirect_uri }}&scope=openid%20profile&state={{ range(10000, 99999) | random }}"
|
| 549 |
class="btn btn-primary"
|
| 550 |
target="_blank">
|
| 551 |
Sign in with Hugging Face
|