Spaces:
Sleeping
Sleeping
File size: 7,072 Bytes
96cfefa ce0ea5d 6df60a2 98e205f 96cfefa 98e205f ce0ea5d 96cfefa ce0ea5d 7934a47 d27a461 ce0ea5d d27a461 ce0ea5d 6df60a2 ce0ea5d 6df60a2 ce0ea5d 6df60a2 ce0ea5d 98e205f da078b6 98e205f da078b6 98e205f da078b6 98e205f 96cfefa d26e0e5 96cfefa | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 | const express = require('express');
const path = require('path');
const cookieParser = require('cookie-parser');
const crypto = require('crypto');
const fs = require('fs');
const app = express();
const port = 7860;
app.use(express.json({ limit: '50mb' }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'dist')));
const OAUTH_CLIENT_ID = process.env.OAUTH_CLIENT_ID;
const OAUTH_CLIENT_SECRET = process.env.OAUTH_CLIENT_SECRET;
const OAUTH_SCOPES = process.env.OAUTH_SCOPES || "openid profile";
const OPENID_PROVIDER_URL = process.env.OPENID_PROVIDER_URL || "https://huggingface.co";
const SPACE_HOST = process.env.SPACE_HOST;
const REDIRECT_URI = SPACE_HOST
? `https://${SPACE_HOST}/oauth/callback`
: `http://localhost:${port}/oauth/callback`;
app.post('/api/craft', async (req, res) => {
const { content, variation } = req.body;
const apiKey = process.env.BLABLADOR_API_KEY;
if (!apiKey) {
return res.status(500).json({ error: 'BLABLADOR_API_KEY is not configured on the server.' });
}
const model = content.length > 500 ? 'alias-large' : 'alias-fast';
const prompt = `You are a professional content creator. Help me craft a ${variation || 'social media post'} based on the following content:\n\n${content}\n\nProvide 3 distinct and engaging variations.`;
try {
const response = await fetch('https://api.helmholtz-blablador.fz-juelich.de/v1/chat/completions', {
method: 'POST',
headers: {
'Authorization': `Bearer ${apiKey}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
model: model,
messages: [
{ role: 'system', content: 'You are a helpful assistant that helps craft engaging marketing and social media content.' },
{ role: 'user', content: prompt }
],
temperature: 0.7
})
});
if (!response.ok) {
const errorData = await response.json();
return res.status(response.status).json(errorData);
}
const data = await response.json();
res.json({ result: data.choices[0].message.content });
} catch (error) {
console.error('Blablador API error:', error);
res.status(500).json({ error: 'Failed to connect to Blablador API.' });
}
});
app.get('/api/config', (req, res) => {
res.json({
clientId: OAUTH_CLIENT_ID,
scopes: OAUTH_SCOPES,
});
});
app.get('/login', (req, res) => {
if (!OAUTH_CLIENT_ID) {
return res.status(500).json({ error: "OAuth is not configured (missing OAUTH_CLIENT_ID)" });
}
const state = crypto.randomBytes(16).toString('hex');
res.cookie('oauth_state', state, { httpOnly: true, maxAge: 600000 }); // 10 mins
const authUrl = `${OPENID_PROVIDER_URL}/oauth/authorize` +
`?client_id=${OAUTH_CLIENT_ID}` +
`&redirect_uri=${encodeURIComponent(REDIRECT_URI)}` +
`&scope=${encodeURIComponent(OAUTH_SCOPES)}` +
`&response_type=code` +
`&state=${state}`;
res.redirect(authUrl);
});
app.get('/oauth/callback', async (req, res) => {
const { code, state } = req.query;
const savedState = req.cookies.oauth_state;
if (!state || state !== savedState) {
console.error("State mismatch:", { state, savedState });
return res.status(403).json({ error: "Invalid OAuth state" });
}
res.clearCookie('oauth_state');
const tokenUrl = `${OPENID_PROVIDER_URL}/oauth/token`;
const authStr = Buffer.from(`${OAUTH_CLIENT_ID}:${OAUTH_CLIENT_SECRET}`).toString('base64');
try {
const tokenResp = await fetch(tokenUrl, {
method: 'POST',
headers: {
'Authorization': `Basic ${authStr}`,
'Content-Type': 'application/x-www-form-urlencoded'
},
body: new URLSearchParams({
grant_type: 'authorization_code',
code: code,
redirect_uri: REDIRECT_URI,
client_id: OAUTH_CLIENT_ID,
})
});
if (!tokenResp.ok) {
const errorText = await tokenResp.text();
console.error("Token exchange failed:", errorText);
return res.status(400).json({ error: "Failed to retrieve access token" });
}
const tokenData = await tokenResp.json();
const accessToken = tokenData.access_token;
const userResp = await fetch("https://huggingface.co/api/whoami-v2", {
headers: { "Authorization": `Bearer ${accessToken}` }
});
const userInfo = await userResp.json();
// Set cookie and redirect back to app
res.cookie('hf_user', JSON.stringify(userInfo), { path: '/', httpOnly: false });
res.redirect('/');
} catch (error) {
console.error("OAuth callback error:", error);
res.status(500).json({ error: "Authentication failed" });
}
});
app.get('/api/user', (req, res) => {
if (req.cookies.hf_user) {
try {
res.json(JSON.parse(req.cookies.hf_user));
} catch (e) {
res.status(400).json({ error: "Invalid user cookie" });
}
} else {
res.status(401).json({ error: "Not authenticated" });
}
});
app.get('/api/logout', (req, res) => {
res.clearCookie('hf_user');
res.redirect('/');
});
app.post('/api/save-data', (req, res) => {
let { type, data, user } = req.body;
// Sanitize inputs to prevent path traversal
user = String(user).replace(/[^a-z0-9]/gi, '_');
type = String(type).replace(/[^a-z0-9]/gi, '_');
const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
const filename = `${user}_${type}_${timestamp}.json`;
const dirPath = path.join(__dirname, 'data');
if (!fs.existsSync(dirPath)) {
fs.mkdirSync(dirPath, { recursive: true });
}
const filePath = path.join(dirPath, filename);
try {
fs.writeFileSync(filePath, JSON.stringify({ user, type, timestamp, data }, null, 2));
console.log(`Saved data to ${filePath}`);
res.json({ success: true, message: `Data saved as ${filename}` });
} catch (error) {
console.error('Failed to save data:', error);
res.status(500).json({ error: 'Failed to save data' });
}
});
app.get('/api/list-data', (req, res) => {
let { type, user } = req.query;
const dirPath = path.join(__dirname, 'data');
// Sanitize inputs
if (user) user = String(user).replace(/[^a-z0-9]/gi, '_');
if (type) type = String(type).replace(/[^a-z0-9]/gi, '_');
if (!fs.existsSync(dirPath)) {
return res.json([]);
}
try {
const files = fs.readdirSync(dirPath);
const results = files
.filter(f => f.endsWith('.json'))
.map(f => {
try {
const content = fs.readFileSync(path.join(dirPath, f), 'utf8');
return JSON.parse(content);
} catch (e) {
return null;
}
})
.filter(d => d && (!type || d.type === type) && (!user || d.user === user));
res.json(results);
} catch (error) {
console.error('Failed to list data:', error);
res.status(500).json({ error: 'Failed to list data' });
}
});
app.get('/health', (req, res) => {
res.status(200).send('OK');
});
app.use((req, res) => {
res.sendFile(path.join(__dirname, 'dist', 'index.html'));
});
app.listen(port, () => {
console.log(`Server running on port ${port}`);
});
|