Spaces:
Running
Running
Anirudh Esthuri
commited on
Commit
·
4a28790
1
Parent(s):
d759549
Require username input on HF Spaces - prevent unauthorized memory access
Browse files
app.py
CHANGED
|
@@ -356,13 +356,38 @@ with st.sidebar:
|
|
| 356 |
st.markdown("#### User Identity")
|
| 357 |
|
| 358 |
# Get Hugging Face user ID if available (in HF Spaces)
|
| 359 |
-
hf_user_id = os.getenv("SPACE_USER") or os.getenv("HF_USERNAME")
|
| 360 |
|
| 361 |
-
if
|
| 362 |
-
|
| 363 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 364 |
persona_name = hf_user_id
|
| 365 |
-
|
| 366 |
st.caption("Your memories are personalized to your account.")
|
| 367 |
else:
|
| 368 |
# Local/testing mode - allow persona selection
|
|
|
|
| 356 |
st.markdown("#### User Identity")
|
| 357 |
|
| 358 |
# Get Hugging Face user ID if available (in HF Spaces)
|
| 359 |
+
hf_user_id = os.getenv("SPACE_USER") or os.getenv("HF_USERNAME") or os.getenv("HF_USER")
|
| 360 |
|
| 361 |
+
# Check if we're on Hugging Face Spaces (not local)
|
| 362 |
+
is_hf_space = os.getenv("SPACE_ID") is not None or os.getenv("HF_ENDPOINT") is not None
|
| 363 |
+
|
| 364 |
+
if is_hf_space:
|
| 365 |
+
# On HF Spaces - require username input for security
|
| 366 |
+
if "hf_username" not in st.session_state:
|
| 367 |
+
st.warning("⚠️ Please enter your Hugging Face username to access your personalized memories.")
|
| 368 |
+
username_input = st.text_input(
|
| 369 |
+
"Enter your Hugging Face username",
|
| 370 |
+
key="hf_username_input",
|
| 371 |
+
placeholder="your-hf-username"
|
| 372 |
+
)
|
| 373 |
+
if st.button("Set Username", use_container_width=True):
|
| 374 |
+
if username_input.strip():
|
| 375 |
+
st.session_state.hf_username = username_input.strip()
|
| 376 |
+
st.rerun()
|
| 377 |
+
else:
|
| 378 |
+
st.error("Please enter a valid username")
|
| 379 |
+
st.stop()
|
| 380 |
+
else:
|
| 381 |
+
# Username is set - lock it
|
| 382 |
+
persona_name = st.session_state.hf_username
|
| 383 |
+
st.info(f"👤 Using account: **{persona_name}**")
|
| 384 |
+
if st.button("Change Username", use_container_width=True):
|
| 385 |
+
del st.session_state.hf_username
|
| 386 |
+
st.rerun()
|
| 387 |
+
elif hf_user_id:
|
| 388 |
+
# HF user ID detected automatically
|
| 389 |
persona_name = hf_user_id
|
| 390 |
+
st.info(f"👤 Signed in as: **{hf_user_id}**")
|
| 391 |
st.caption("Your memories are personalized to your account.")
|
| 392 |
else:
|
| 393 |
# Local/testing mode - allow persona selection
|