Update app.py

app.py

@@ -2,6 +2,7 @@
 import json
 import base64
 import os
+import re
 
 import streamlit as st
 from langchain.llms import OpenAI
@@ -15,6 +16,14 @@ from langchain.text_splitter import CharacterTextSplitter
 from langchain_community.vectorstores import Chroma
 from langchain_community.embeddings import OpenAIEmbeddings
 import pandas as pd
+from textwrap import dedent
+from streamlit_oauth import OAuth2Component
+
+
+openai_api_key = os.environ.get('OPENAI_API_KEY')
+CLIENT_ID = os.environ.get("CLIENT_ID")
+CLIENT_SECRET = os.environ.get("CLIENT_SECRET")
+REDIRECT_URI = os.environ.get("REDIRECT_URI")
 
 
 # Initialize session states
@@ -30,7 +39,6 @@ if "rfp_details" not in st.session_state:
     st.session_state["rfp_details"] = ""
 if "is_data_processed" not in st.session_state:
     st.session_state["is_data_processed"] = False
-
 if "user_stories" not in st.session_state:
     st.session_state["user_stories"] = ""
 if "user_stories_json" not in st.session_state:
@@ -49,6 +57,52 @@ Incorporate the provided context and any relevant information from the chat hist
 Human: {input}
 Assistant:"""
 
+# user_story_template = """Given the project details with the following parameters:
+
+# **Project Name:** {project_name}
+
+# **RFP details:**
+# {rfp_details}
+
+# As a business analyst, analyze the given RFP details to delineate epics for the project. Break down the epics into features and features into individual requirements, adhering to the agile software development INVEST principles. Subsequently, generate user stories for each requirement. Ensure each story follows the "As a, I want to, So that" format and strictly avoid combining stories together.
+
+# **Examples**
+
+# 1. Epic: User Authentication and Account Security Enhancements
+
+#   1. Feature 1: User Registration
+#     - Story 1:
+#      - As a user, I want to provide my basic information, such as name and email address during sign-up, so that the platform can create a personalized account for me.
+#     - Story 2:
+#      - As a user, I want the sign-up form to include a CAPTCHA verification step, so that the system can prevent automated bots from creating fake accounts.
+#     - Story 3:
+#      - As a user, I want the sign-up form to include optional fields for additional profile information, so that I can customize my account based on my interests.
+#     - Story 4:
+#      - As a user, I want the platform to clearly communicate its data usage and privacy policy during the sign-up process, so that I can make an informed decision before creating an account.
+     
+#   2. Feature 2: User Authentication
+#     - Story 1:
+#      - As a registered user, I want to log in securely with my credentials, so that I can access personalized account information.
+#     - Story 2:
+#      - As a registered user, I want the login page to feature a "Forgot Password" link, so that I can easily initiate the password recovery process if needed.
+#     - Story 3:
+#      - As a user concerned about account security, I want the platform to send a notification email whenever my account is accessed from a new device, so that I can be aware of any potential unauthorized access.
+#     - Story 4:
+#      - As a returning user, I want the option to enable two-factor authentication (2FA) for an extra layer of security during the login process, so that my account remains protected.
+#     - Story 5:
+#      - As a user striving for a seamless experience, I want the platform to offer a "Stay Logged In" option during login, so that I don't have to enter my credentials every time I revisit the site.
+#     - Story 6:
+#      - As a user with multiple devices, I want the ability to log out remotely from any active sessions through the account settings, so that I can maintain control over my account access.
+     
+#   3. Feature 3: Account Security Enhancements
+#     - Story 1:
+#       - As a security-conscious user, I want the platform to regularly prompt me to update my password and provide guidance on creating a secure password to enhance the overall security of my account.
+#     - Story 2:
+#       - As a user who values privacy, I want the platform to automatically log me out after a period of inactivity, ensuring that my account is secure even if I forget to log out manually.
+#     - Story 3:
+#       - As a user concerned about account recovery, I want the platform to offer multiple secure account recovery options, such as email verification and phone number verification, to ensure I can regain access to my account if needed.
+# """
+
 user_story_template = """Given the project details with the following parameters:
 
 **Project Name:** {project_name}
@@ -56,7 +110,7 @@ user_story_template = """Given the project details with the following parameters
 **RFP details:**
 {rfp_details}
 
-As a business analyst, analyze the given RFP details to delineate epics for the project. Break down the epics into features and features into individual requirements, adhering to the agile software development INVEST principles. Subsequently, generate user stories for each requirement. Ensure each story follows the "As a, I want to, So that" format and strictly avoid combining stories together.
+As a business analyst, analyze the given RFP details to delineate epics for the project. Break down the epics into features and features into individual requirements, adhering to the agile software development INVEST principles (where I refers to Independent (not dependent on other work deliverables), N refers to Negotiable (allows for best practices),  V refers to valuable (provides working functionality), E refers to Estimable (allows clear work estimates), S refers to Small (sized for the team's sprint), T refers to Testable (can be measured to ensure it meets customer expectations)). Subsequently, generate user stories for each requirement. Ensure each story follows the "As a, I want to, So that" format and strictly avoid combining stories together.
 
 **Examples**
 
@@ -88,11 +142,11 @@ As a business analyst, analyze the given RFP details to delineate epics for the
      
   3. Feature 3: Account Security Enhancements
     - Story 1:
-      - As a security-conscious user, I want the platform to regularly prompt me to update my password and provide guidance on creating a secure password to enhance the overall security of my account.
+      - As a security-conscious user, I want the platform to prompt me every 15 days to update my password and provide guidance on creating a secure password to enhance the overall security of my account.
     - Story 2:
-      - As a user who values privacy, I want the platform to automatically log me out after a period of inactivity, ensuring that my account is secure even if I forget to log out manually.
+      - As a user who values privacy, I want the platform to automatically log me out after 5 minutes of inactivity, ensuring that my account is secure even if I forget to log out manually.
     - Story 3:
-      - As a user concerned about account recovery, I want the platform to offer multiple secure account recovery options, such as email verification and phone number verification, to ensure I can regain access to my account if needed.
+      - As a user concerned about account recovery, I want the platform to offer  email verification and phone number verification  account recovery options, to ensure I can regain access to my account if needed.
 """
 
 summary_template = """Given the project details with the following parameters:
@@ -142,8 +196,28 @@ json_structure = {
 }
 
 
+#function to create a new rfp and clear the existing rfp data
+
 def clear_rfp_data():
     st.session_state.clear()
+    
+#function to logout user from app    
+    
+def log_out_user():
+    st.session_state.clear()
+    st.rerun()
+    
+#function to validate the email     
+    
+def validate_email(email):
+    # Define the pattern for the company email
+    pattern = r'^[a-zA-Z]+@coffeebeans\.io$'
+
+    # Use the re.match function to check if the email matches the pattern
+    match = re.match(pattern, email)
+
+    # Return True if there is a match, indicating a valid email
+    return match is not None
 
 
 # rfp summary creater
@@ -155,14 +229,13 @@ summary_prompt = PromptTemplate(
 
 summary_chain = LLMChain(
     llm=OpenAI(model_name='gpt-3.5-turbo-16k', temperature=0.7,
-               api_key= os.environ.get('OPENAI_API_KEY')),
+               api_key= openai_api_key),
     prompt=summary_prompt,
     verbose="true",
 )
 
 # process rfp data from pdf file
 
-
 def process_rfp_data(project_name, file):
     if project_name and file:
         loader = PdfReader(file)
@@ -176,7 +249,7 @@ def process_rfp_data(project_name, file):
         texts = text_splitter.split_text(
             st.session_state["rfp_details"])
         st.session_state["vectorstore"] = Chroma().from_texts(texts, embedding=OpenAIEmbeddings(
-            openai_api_key=''))
+            openai_api_key=openai_api_key))
         st.session_state.project_name = project_name
         st.session_state["rfp_summary"] = summary_chain.run(
             {"project_name": st.session_state["project_name"], "rfp_details": st.session_state["rfp_details"]})
@@ -193,7 +266,7 @@ bot_prompt = PromptTemplate(
 
 bot_chain = LLMChain(
     llm=OpenAI(model_name='gpt-3.5-turbo-16k', temperature=0.7,
-               api_key= os.environ.get('OPENAI_API_KEY')),
+               api_key= openai_api_key),
     prompt=bot_prompt,
     verbose="true",
 )
@@ -222,7 +295,7 @@ user_story_prompt = PromptTemplate(
 
 user_story_chain = LLMChain(
     llm=OpenAI(model_name='gpt-3.5-turbo-16k', temperature=0.7,
-               api_key= os.environ.get('OPENAI_API_KEY')),
+               api_key= openai_api_key),
     prompt=user_story_prompt,
     verbose="true",
 )
@@ -236,7 +309,7 @@ json_prompt_template = PromptTemplate(
 
 json_chain = LLMChain(
     llm=OpenAI(model_name='gpt-3.5-turbo-16k', temperature=0.7,
-               api_key= os.environ.get('OPENAI_API_KEY')),
+               api_key= openai_api_key),
     prompt=json_prompt_template,
     verbose="true",
 )
@@ -284,6 +357,8 @@ def main():
                                   'Home', 'RFP Bot', 'User Stories', "Summary"], icons=['house','list-task', 'book', 'book'])
         if st.session_state["is_data_processed"] == True:
             st.button('Clear RFP Data', on_click=clear_rfp_data)
+        if "auth"  in st.session_state:
+         st.button('Log out', on_click=log_out_user)
 
     if menu_choice == 'Home':
         with st.form("my_form"):
@@ -342,5 +417,53 @@ def main():
                 'Plesase Process RFP Details to access this feature', icon="⚠️")
 
 
-if __name__ == '__main__':
-    main()
+if __name__ == "__main__":
+    if "auth" not in st.session_state:
+        st.title("SIGN UP TO ACCESS THE APP!")
+        AUTHORIZE_ENDPOINT = "https://accounts.google.com/o/oauth2/v2/auth"
+        TOKEN_ENDPOINT = "https://oauth2.googleapis.com/token"
+        REVOKE_ENDPOINT = "https://oauth2.googleapis.com/revoke"
+
+        # create a button to start the OAuth2 flow
+        oauth2 = OAuth2Component(
+            CLIENT_ID,
+            CLIENT_SECRET,
+            AUTHORIZE_ENDPOINT,
+            TOKEN_ENDPOINT,
+            TOKEN_ENDPOINT,
+            REVOKE_ENDPOINT,
+        )
+        result = oauth2.authorize_button(
+            name="Continue with Google",
+            icon="https://www.google.com.tw/favicon.ico",
+            redirect_uri="https://huggingface.co/spaces/coffeebeans-ai/rfp_to_story",
+            scope="openid email profile",
+            key="google",
+            height=600,
+            width=500,
+            extras_params={"prompt": "consent", "access_type": "offline"},
+            use_container_width=False,
+            pkce="S256",
+        )
+
+        if result:
+            # decode the id_token jwt and get the user's email address
+            id_token = result["token"]["id_token"]
+            # verify the signature is an optional step for security
+            payload = id_token.split(".")[1]
+            # add padding to the payload if needed
+            payload += "=" * (-len(payload) % 4)
+            payload = json.loads(base64.b64decode(payload))
+            email = payload["email"]
+            st.session_state["auth"] = email
+            st.session_state["token"] = result["token"]
+            is_valid = validate_email(st.session_state["auth"])
+            
+            if is_valid:
+             st.rerun()
+            else:
+             st.warning("Unauthorized. you are not authorized to access this app.")
+        
+    else:
+        main()
+