Update and restructure the main app and dockerfile to be work with uv

Dockerfile

@@ -1,19 +1,44 @@
-FROM python:3.13-slim-bookworm
+FROM python:3.13-slim-bookworm AS builder
+
+ENV UV_COMPILE_BYTECODE=1 UV_LINK_MODE=copy CMAKE_ARGS="-DGGML_BLAS=ON -DGGML_BLAS_VENDOR=OpenBLAS -DGGML_NATIVE=OFF"
 
 RUN apt-get update \
-    && apt-get install -y --no-install-recommends gcc g++ cmake git \
+    && apt-get install -y --no-install-recommends gcc g++ cmake ninja-build git pkg-config libopenblas-dev \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/*
 
-RUN useradd -m -u 1000 user
-USER user
-ENV PATH="/home/user/.local/bin:$PATH"
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /bin/uv
 
-WORKDIR /app
+ENV PATH="/root/.local/bin/:$PATH"
+
+RUN --mount=type=cache,target=/root/.cache/uv \
+    --mount=type=bind,source=uv.lock,target=uv.lock \
+    --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
+    uv sync --frozen --no-install-project --no-group dev --no-group test
+
+FROM python:3.13-slim-bookworm AS runtime
+
+ENV \
+    PYTHONUNBUFFERED=1 \
+    PYTHONFAULTHANDLER=1 \
+    DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update \
+    && apt-get install -y libgomp1 libopenblas-dev \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN useradd -m -u 1000 arcana
+USER arcana
+
+COPY --chown=arcana --from=builder /.venv /.venv
 
-COPY --chown=user ./requirements.txt requirements.txt
-RUN pip install --no-cache-dir --upgrade -r requirements.txt
+COPY --chown=arcana ./app /app
+
+ENV PATH="/.venv/bin:$PATH"
+ENV PYTHONPATH="/app:/.venv/lib/python3.13/dist-packages"
+
+WORKDIR /app
 
-COPY --chown=user ./app.py app.py
-COPY --chown=user ./frontend.html frontend.html
-CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860"]
+EXPOSE 7860
+CMD ["uvicorn", "app.main:app", "--workers", "2", "--host", "0.0.0.0", "--port", "7860"]

app.py → app/app/main.py

@@ -2,18 +2,25 @@ import logging
 import os
 import time
 from contextlib import asynccontextmanager
+from datetime import UTC, datetime
 from enum import StrEnum
+from typing import Annotated
 
 from arcana_codex import (
     AdUnitsFetchModel,
     AdUnitsIntegrateModel,
     ArcanaCodexClient,
 )
+from bson.objectid import ObjectId
+from fastapi import Depends, FastAPI, Header, HTTPException, Request, status
+from fastapi.responses import JSONResponse
 from llama_cpp import Llama
-from fastapi import FastAPI, Request
-from pydantic import BaseModel
+from pydantic import BaseModel, EmailStr
+from pymongo.mongo_client import MongoClient
 from starlette.responses import FileResponse
 
+__version__ = "0.0.0"
+
 
 class SupportedModelPipes(StrEnum):
     Gemma3 = "gemma3"
@@ -22,9 +29,14 @@ class SupportedModelPipes(StrEnum):
     SmolLLM2Reasoning = "smollm2-reasoning"
 
 
+class LogEvent(StrEnum):
+    CHAT_INTERACTION = "chat_interaction"
+    LOGIN = "login"
+
+
 smollm2_pipeline = Llama.from_pretrained(
-    repo_id="tensorblock/SmolLM2-135M-Instruct-GGUF",
-    filename="SmolLM2-135M-Instruct-Q8_0.gguf",
+    repo_id="HuggingFaceTB/SmolLM2-360M-Instruct-GGUF",
+    filename="smollm2-360m-instruct-q8_0.gguf",
     verbose=False,
 )
 
@@ -56,16 +68,67 @@ class ChatResponse(BaseModel):
     response: str
 
 
+class LoginRequest(BaseModel):
+    email_id: EmailStr
+    access_key: str
+
+
+class LoginResponse(BaseModel):
+    verified_id: str
+
+
+class User(BaseModel):
+    _id: ObjectId
+    email_id: EmailStr
+
+
 # Configure logging
 logging.basicConfig(level=logging.INFO)
 logger = logging.getLogger(__name__)
 
 
+def verify_authorization_header(
+    request: Request, authorization: str | None = Header(None)
+) -> User:
+    if not authorization:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Authorization header is missing",
+        )
+
+    try:
+        scheme, token = authorization.split()
+        if scheme.lower() != "bearer":
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Invalid authentication scheme. Bearer required.",
+            )
+
+        user = request.app.mongo_db["users"].find_one({"_id": ObjectId(token)})
+        if not user:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Invalid verified_id",
+            )
+
+        return User(**user)
+
+    except ValueError:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid authorization header format",
+        )
+
+
 @asynccontextmanager
 async def lifespan(app: FastAPI):  # noqa: ARG001
     # Set API key in FastAPI app
     app.ARCANA_API_KEY = os.environ.get("ARCANA_API_KEY", "")
 
+    app.mongo_db = MongoClient(
+        os.environ.get("MONGO_URI", "mongodb+srv://localhost:27017/")
+    )["arcana_hf_demo"]
+
     logging.info("Application started")
 
     yield
@@ -79,11 +142,43 @@ async def lifespan(app: FastAPI):  # noqa: ARG001
 app = FastAPI(lifespan=lifespan)
 
 
+@app.get("/health")
+async def health_check():
+    return JSONResponse({"health_check": "pass"})
+
+
+@app.post("/login", response_model=LoginResponse)
+def login(payload: LoginRequest, request: Request):
+    user = request.app.mongo_db["users"].find_one(
+        {"email_id": payload.email_id, "access_key": payload.access_key}
+    )
+    if user:
+        request.app.mongo_db["logs"].insert_one(
+            {
+                "email_id": user["email_id"],
+                "timestamp": datetime.now(UTC),
+                "event": LogEvent.LOGIN,
+            }
+        )
+        verified_id = user["_id"]
+        return LoginResponse(verified_id=str(verified_id))
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid credentials"
+        )
+
+
 @app.post("/chat", response_model=ChatResponse)
-def chat(payload: ChatRequest, request: Request):
+def chat(
+    payload: ChatRequest,
+    request: Request,
+    user: Annotated[User, Depends(verify_authorization_header)],
+):
     logger.info(f"Received message: {payload.message}")
 
-    client = ArcanaCodexClient(request.app.ARCANA_API_KEY)
+    client = ArcanaCodexClient(
+        api_key=request.app.ARCANA_API_KEY, base_url="http://gateway-backend/api/public"
+    )
     fetch_payload = AdUnitsFetchModel(query=payload.message)
     ad_fetch_response = client.fetch_ad_units(fetch_payload)
 
@@ -122,9 +217,22 @@ def chat(payload: ChatRequest, request: Request):
         "integrated_content"
     )
 
+    request.app.mongo_db["logs"].insert_one(
+        {
+            "email_id": user.email_id,
+            "timestamp": datetime.now(UTC),
+            "event": LogEvent.CHAT_INTERACTION,
+        }
+    )
+
     return ChatResponse(response=integrated_content)
 
 
 @app.get("/")
-def frontend():
-    return FileResponse("frontend.html")
+async def read_index():
+    return FileResponse("./static/index.html")
+
+
+@app.get("/login")
+async def read_login():
+    return FileResponse("./static/login.html")

frontend.html → app/static/index.html

@@ -41,6 +41,7 @@
 
                 <nav class="flex items-center space-x-6">
                     <a href="https://arcana.ad/" class="text-gray-600 hover:text-gray-900 font-medium">Home</a>
+                    <button id="logout-button" class="text-gray-600 hover:text-gray-900 font-medium">Logout</button>
                 </nav>
             </div>
         </header>
@@ -297,6 +298,20 @@
 
     <script>
         document.addEventListener('DOMContentLoaded', () => {
+            // Check if user is logged in
+            const verifiedId = sessionStorage.getItem('verifiedId');
+            if (!verifiedId) {
+                window.location.href = '/login';
+                return;
+            }
+
+            // Logout functionality
+            const logoutButton = document.getElementById('logout-button');
+            logoutButton.addEventListener('click', () => {
+                sessionStorage.removeItem('verifiedId');
+                window.location.href = '/login';
+            });
+
             const chatForm = document.getElementById('chat-form');
             const userInput = document.getElementById('user-input');
             const chatContainer = document.getElementById('chat-container');
@@ -481,10 +496,12 @@
 
                 try {
                     // Send message to API
+                    const verifiedId = sessionStorage.getItem('verifiedId');
                     const response = await fetch('/chat', {
                         method: 'POST',
                         headers: {
                             'Content-Type': 'application/json',
+                            'Authorization': `Bearer ${verifiedId}`
                         },
                         body: JSON.stringify({
                             message: message,
@@ -493,6 +510,12 @@
                     });
 
                     if (!response.ok) {
+                        // If unauthorized, redirect to login
+                        if (response.status === 401) {
+                            sessionStorage.removeItem('verifiedId');
+                            window.location.href = '/login';
+                            return;
+                        }
                         throw new Error('API request failed');
                     }
 

app/static/login.html

@@ -0,0 +1,184 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login - AI Chat Assistant</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <script>
+        tailwind.config = {
+            theme: {
+                extend: {
+                    colors: {
+                        primary: {
+                            DEFAULT: '#3b82f6',
+                            foreground: '#ffffff',
+                        },
+                        secondary: {
+                            DEFAULT: '#f3f4f6',
+                            foreground: '#1f2937',
+                        },
+                    }
+                }
+            }
+        }
+    </script>
+    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap" rel="stylesheet">
+</head>
+
+<body class="bg-gray-50 text-gray-800 font-['Inter'] min-h-screen flex flex-col">
+    <!-- Header -->
+    <header class="border-b border-gray-200 p-4">
+        <div class="max-w-screen-xl mx-auto flex items-center justify-between">
+            <div class="flex items-center">
+                <h1 class="text-xl font-medium">OpenGPT with <span class="font-semibold"
+                        style="color: #067ff3;">Ar</span><span class="font-semibold"
+                        style="color: #f7cd1b;">ca</span><span class="font-semibold" style="color: #07b682;">na</span>
+                </h1>
+            </div>
+
+            <nav class="flex items-center space-x-6">
+                <a href="https://arcana.ad/" class="text-gray-600 hover:text-gray-900 font-medium">Home</a>
+            </nav>
+        </div>
+    </header>
+
+    <main class="flex-1 flex items-center justify-center p-4">
+        <div class="w-full max-w-md">
+            <div class="bg-white rounded-lg shadow-md p-5 sm:p-8">
+                <div class="text-center mb-6">
+                    <div
+                        class="w-16 h-16 rounded-full bg-gray-100 flex items-center justify-center text-2xl font-semibold mb-4 mx-auto">
+                        AR
+                    </div>
+                    <h2 class="text-xl sm:text-2xl font-semibold">Welcome</h2>
+                    <p class="text-gray-500 text-sm sm:text-base">Sign in to access the <span
+                            class="font-medium">OpenGPT with </span><span class="font-semibold"
+                            style="color: #067ff3;">Ar</span><span class="font-semibold"
+                            style="color: #f7cd1b;">ca</span><span class="font-semibold"
+                            style="color: #07b682;">na</span>
+                    </p>
+                </div>
+
+                <form id="login-form" class="space-y-4">
+                    <div id="error-message" class="hidden bg-red-50 text-red-700 p-3 rounded-md text-sm"></div>
+
+                    <div>
+                        <label for="email" class="block text-sm font-medium text-gray-700 mb-1">Email ID</label>
+                        <input type="email" id="email" name="email_id"
+                            class="w-full px-3 py-2 sm:px-4 sm:py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500 text-base"
+                            placeholder="Enter your email" required>
+                    </div>
+
+                    <div>
+                        <label for="access-key" class="block text-sm font-medium text-gray-700 mb-1">Access Key</label>
+                        <input type="password" id="access-key" name="access_key"
+                            class="w-full px-3 py-2 sm:px-4 sm:py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-blue-500 text-base"
+                            placeholder="Enter your access key" required>
+                    </div>
+
+                    <button type="submit" id="login-button"
+                        class="w-full bg-blue-600 text-white py-2.5 px-4 rounded-md hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 transition-colors text-base font-medium mt-2">
+                        Sign In
+                    </button>
+                </form>
+
+                <div class="mt-8 pt-6 border-t border-gray-200">
+                    <p class="text-gray-600 mb-3 text-center text-sm sm:text-base">Don't have an access key?</p>
+                    <a href="https://forms.google.com/request-access" id="request-access-button"
+                        class="flex items-center justify-center w-full bg-gradient-to-r from-indigo-50 to-blue-50 text-blue-600 py-3 px-4 rounded-md hover:from-indigo-100 hover:to-blue-100 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 transition-all duration-200 border border-blue-200 shadow-sm text-sm sm:text-base font-medium"
+                        target="_blank">
+                        <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none"
+                            stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"
+                            class="mr-2">
+                            <path d="M16 21v-2a4 4 0 0 0-4-4H6a4 4 0 0 0-4 4v2"></path>
+                            <circle cx="9" cy="7" r="4"></circle>
+                            <path d="M22 21v-2a4 4 0 0 0-3-3.87"></path>
+                            <path d="M16 3.13a4 4 0 0 1 0 7.75"></path>
+                        </svg>
+                        Request Access Key
+                    </a>
+                </div>
+            </div>
+        </div>
+    </main>
+
+    <footer class="text-center p-4 text-gray-500 text-sm">
+        <p>© 2025 Arcana Inc. All rights reserved.</p>
+    </footer>
+
+    <script>
+        document.addEventListener('DOMContentLoaded', () => {
+            // Check if user is already logged in
+            const verifiedId = sessionStorage.getItem('verifiedId');
+            if (verifiedId) {
+                window.location.href = '/';
+                return;
+            }
+
+            const loginForm = document.getElementById('login-form');
+            const loginButton = document.getElementById('login-button');
+            const errorMessage = document.getElementById('error-message');
+
+            loginForm.addEventListener('submit', async (e) => {
+                e.preventDefault();
+
+                // Get form data
+                const email = document.getElementById('email').value.trim();
+                const accessKey = document.getElementById('access-key').value.trim();
+
+                if (!email || !accessKey) {
+                    showError('Please enter both email and access key');
+                    return;
+                }
+
+                // Disable button and show loading state
+                loginButton.disabled = true;
+                loginButton.innerHTML = 'Signing in...';
+                errorMessage.classList.add('hidden');
+
+                try {
+                    // Send login request
+                    const response = await fetch('/login', {
+                        method: 'POST',
+                        headers: {
+                            'Content-Type': 'application/json',
+                        },
+                        body: JSON.stringify({
+                            email_id: email,
+                            access_key: accessKey
+                        }),
+                    });
+
+                    const data = await response.json();
+
+                    if (!response.ok) {
+                        throw new Error(data.message || 'Login failed. Please check your credentials.');
+                    }
+
+                    // Store auth token or user info
+                    sessionStorage.setItem('verifiedId', data.verified_id);
+
+                    // Redirect to chat page
+                    window.location.href = '/';
+
+                } catch (error) {
+                    console.error('Login error:', error);
+                    showError(error.message || 'Login failed. Please try again.');
+
+                    // Reset button state
+                    loginButton.disabled = false;
+                    loginButton.innerHTML = 'Sign In';
+                }
+            });
+
+            function showError(message) {
+                errorMessage.textContent = message;
+                errorMessage.classList.remove('hidden');
+            }
+        });
+    </script>
+</body>
+
+</html>