Upload 7 files

create_test_users.py

@@ -0,0 +1,99 @@
+"""
+Script to create test users for Plus and Pro tiers.
+Run with: python3 create_test_users.py
+"""
+import os
+import sys
+from datetime import datetime
+import hashlib
+from dotenv import load_dotenv
+
+load_dotenv()
+
+# Add parent directory to path to import MongoDBService
+sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
+
+from services.mongodb_service import MongoDBService
+
+def hash_password(password: str) -> str:
+    """Hash password using SHA256 (matches backend login logic)"""
+    return hashlib.sha256(password.encode()).hexdigest()
+
+def create_test_users():
+    """Create Plus and Pro test users"""
+    try:
+        mongodb = MongoDBService()
+        
+        # Test user credentials
+        test_users = [
+            {
+                "email": "[email protected]",
+                "plain_password": "PlusTester!123",
+                "password": hash_password("PlusTester!123"),
+                "name": "Plus Test User",
+                "subscription_tier": "Pro",  # Maps to Plus tier
+                "domain_preferences": ["Technology", "Science"],
+                "phone_number": "+1234567890",
+                "age": 25,
+            },
+            {
+                "email": "[email protected]",
+                "plain_password": "ProTester!123",
+                "password": hash_password("ProTester!123"),
+                "name": "Pro Test User",
+                "subscription_tier": "Enterprise",  # Maps to Pro tier
+                "domain_preferences": ["Technology", "Science", "Politics", "Health"],
+                "phone_number": "+1234567891",
+                "age": 30,
+            }
+        ]
+        
+        print("🔍 Creating test users...")
+        
+        for user_data in test_users:
+            email = user_data["email"]
+            
+            # Check if user already exists
+            existing = mongodb.users.find_one({"email": email})
+            if existing:
+                print(f"⚠️  User {email} already exists. Updating subscription tier...")
+                mongodb.update_user_subscription_tier(
+                    str(existing["_id"]),
+                    user_data["subscription_tier"]
+                )
+                print(f"✅ Updated {email} to {user_data['subscription_tier']} tier")
+            else:
+                # Create new user - remove plain_password before inserting
+                user_insert_data = {k: v for k, v in user_data.items() if k != "plain_password"}
+                user_insert_data["created_at"] = datetime.utcnow()
+                user_insert_data["updated_at"] = datetime.utcnow()
+                
+                result = mongodb.users.insert_one(user_insert_data)
+                user_data["_id"] = str(result.inserted_id)
+                user_data["id"] = str(result.inserted_id)
+                
+                print(f"✅ Created {email} with tier: {user_data['subscription_tier']}")
+        
+        print("\n✅ Test users created/updated successfully!")
+        print("\n📋 Login credentials:")
+        print("=" * 60)
+        for user_data in test_users:
+            print(f"\nEmail: {user_data['email']}")
+            print(f"Password: {user_data['plain_password']}")
+            if user_data['subscription_tier'] == "Pro":
+                print("Tier: Plus (subscription_tier: Pro)")
+            elif user_data['subscription_tier'] == "Enterprise":
+                print("Tier: Pro (subscription_tier: Enterprise)")
+        print("=" * 60)
+        
+        mongodb.close()
+        
+    except Exception as e:
+        print(f"❌ Error creating test users: {e}")
+        import traceback
+        traceback.print_exc()
+        sys.exit(1)
+
+if __name__ == "__main__":
+    create_test_users()
+

main.py

@@ -1,6 +1,6 @@
 from fastapi import FastAPI, File, UploadFile, HTTPException, Form, WebSocket, WebSocketDisconnect, Request
 from typing import Optional, List, Dict, Any
-from fastapi.responses import FileResponse
+from fastapi.responses import FileResponse, JSONResponse
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.staticfiles import StaticFiles
 import uvicorn
@@ -64,6 +64,64 @@ app.mount("/static", StaticFiles(directory="public"), name="static")
 app.mount("/frames", StaticFiles(directory="public/frames"), name="frames")
 
 
+# ---------- Tier configuration ----------
+
+# Public-facing tiers used across the product
+NORMALIZED_TIERS = ("Free", "Plus", "Pro")
+
+# Map stored subscription_tier / plan_name values to normalized tiers.
+# This keeps backward compatibility with any existing users whose tier
+# might still be stored as \"Pro\" or \"Enterprise\".
+SUBSCRIPTION_TIER_MAPPING = {
+    "free": "Free",
+    "plus": "Plus",
+    "pro": "Plus",          # legacy Pro maps to Plus
+    "enterprise": "Pro",    # highest tier maps to Pro
+}
+
+# Central limits per tier so they can be tuned in one place.
+# These values are intentionally conservative to protect API costs.
+TIER_LIMITS = {
+    "Free": {
+        "daily_verifications": 5,
+        "monthly_verifications": 25,
+        "max_chat_sessions": 1,
+        "max_messages_per_session": 10,
+    },
+    "Plus": {
+        "daily_verifications": 10,
+        "monthly_verifications": 50,
+        "max_chat_sessions": 5,
+        "max_messages_per_session": 50,
+    },
+    "Pro": {
+        "daily_verifications": 25,
+        "monthly_verifications": 200,
+        "max_chat_sessions": 20,
+        "max_messages_per_session": 200,
+    },
+}
+
+
+def get_normalized_tier(raw_tier: str | None) -> str:
+    """
+    Normalize any stored subscription_tier / plan_name to one of
+    the public-facing tiers: Free, Plus, Pro.
+    """
+    if not raw_tier:
+        return "Free"
+    key = str(raw_tier).strip().lower()
+    return SUBSCRIPTION_TIER_MAPPING.get(key, "Free")
+
+
+def get_tier_limits(raw_tier: str | None) -> dict:
+    """
+    Return the limits dict for a given stored tier value.
+    """
+    normalized = get_normalized_tier(raw_tier)
+    return TIER_LIMITS.get(normalized, TIER_LIMITS["Free"])
+
+
 # Initialize verifiers and input processor
 image_verifier = ImageVerifier()
 video_verifier = VideoVerifier()
@@ -770,8 +828,11 @@ async def _verify_youtube_video(url: str, claim_context: str, claim_date: str) -
 
 @app.post("/chatbot/verify")
 async def chatbot_verify(
+    request: Request,
     text_input: Optional[str] = Form(None),
-    files: Optional[List[UploadFile]] = File(None)
+    files: Optional[List[UploadFile]] = File(None),
+    anonymous_id: Optional[str] = Form(None),
+    user_id: Optional[str] = Form(None),
 ):
     """
     Chatbot-friendly endpoint that intelligently processes input and routes to appropriate verification
@@ -781,6 +842,60 @@ async def chatbot_verify(
         print(f"🔍 DEBUG: text_input = {text_input}")
         print(f"🔍 DEBUG: files = {files}")
         print(f"🔍 DEBUG: files type = {type(files)}")
+        print(f"🔍 DEBUG: anonymous_id = {anonymous_id}")
+        print(f"🔍 DEBUG: user_id = {user_id}")
+
+        # Determine logical user key and tier for rate limiting
+        user_doc = None
+        raw_tier = "Free"
+        if user_id and mongodb_service:
+            try:
+                user_doc = mongodb_service.get_user_by_id(user_id)
+            except Exception as e:
+                logger.warning(
+                    f"⚠️ Failed to load user {user_id} for tier resolution: {e}"
+                )
+
+        if user_doc:
+            raw_tier = user_doc.get("subscription_tier") or "Free"
+        else:
+            raw_tier = "Free"
+
+        limits = get_tier_limits(raw_tier)
+        key_host = getattr(request.client, "host", "unknown")
+        key = user_id or anonymous_id or f"ip:{key_host}"
+
+        if mongodb_service:
+            usage_info = mongodb_service.increment_usage_and_check_limits(
+                key=key,
+                feature="verification",
+                daily_limit=limits.get("daily_verifications"),
+                monthly_limit=limits.get("monthly_verifications"),
+            )
+        else:
+            usage_info = {
+                "allowed": True,
+                "tier_limits": {
+                    "daily": limits.get("daily_verifications"),
+                    "monthly": limits.get("monthly_verifications"),
+                },
+            }
+
+        if not usage_info.get("allowed", True):
+            normalized_tier = get_normalized_tier(raw_tier)
+            return JSONResponse(
+                status_code=429,
+                content={
+                    "error": "verification_limit_reached",
+                    "tier": normalized_tier,
+                    "key": key,
+                    "limits": usage_info.get("tier_limits"),
+                    "usage": {
+                        "daily": usage_info.get("daily"),
+                        "monthly": usage_info.get("monthly"),
+                    },
+                },
+            )
         received_files_meta: List[Dict[str, Any]] = []
         if files:
             for i, file in enumerate(files):
@@ -1298,28 +1413,61 @@ async def speech_to_text(
         raise HTTPException(status_code=500, detail=str(e))
 
 
-# Educational Content API Endpoints
+# Educational Content API Endpoints - Now fetching from MongoDB weekly_posts
 @app.get("/educational/modules")
 async def get_educational_modules():
-    """Get list of available educational modules"""
+    """Get list of available educational modules from MongoDB weekly_posts"""
     try:
-        modules_data = await educational_generator.get_modules_list()
-        return modules_data
+        if not mongodb_service:
+            raise HTTPException(status_code=503, detail="MongoDB service not available")
+        
+        modules_list = mongodb_service.get_educational_modules_list()
+        response_data = {
+            "modules": modules_list,
+            "total": len(modules_list)
+        }
+        # Return with no-cache headers to prevent stale cache in production
+        return JSONResponse(
+            content=response_data,
+            headers={
+                "Cache-Control": "no-cache, no-store, must-revalidate, max-age=0",
+                "Pragma": "no-cache",
+                "Expires": "0"
+            }
+        )
+    except HTTPException:
+        raise
     except Exception as e:
+        logger.error(f"Failed to get educational modules: {e}")
         raise HTTPException(status_code=500, detail=str(e))
 
 @app.get("/educational/modules/{module_id}")
 async def get_module_content(
     module_id: str,
-    difficulty_level: str = "beginner"
+    difficulty_level: str = "beginner"  # Kept for backward compatibility but not used
 ):
-    """Get educational content for a specific module"""
+    """Get educational content for a specific module from MongoDB weekly_posts"""
     try:
-        content = await educational_generator.generate_module_content(
-            module_id, difficulty_level
+        if not mongodb_service:
+            raise HTTPException(status_code=503, detail="MongoDB service not available")
+        
+        content = mongodb_service.get_educational_module_by_id(module_id)
+        if not content:
+            raise HTTPException(status_code=404, detail=f"Module '{module_id}' not found")
+        
+        # Return with no-cache headers to prevent stale cache in production
+        return JSONResponse(
+            content=content,
+            headers={
+                "Cache-Control": "no-cache, no-store, must-revalidate, max-age=0",
+                "Pragma": "no-cache",
+                "Expires": "0"
+            }
         )
-        return content
+    except HTTPException:
+        raise
     except Exception as e:
+        logger.error(f"Failed to get module content: {e}")
         raise HTTPException(status_code=500, detail=str(e))
 
 @app.post("/educational/contextual-learning")
@@ -1335,14 +1483,24 @@ async def get_contextual_learning(verification_result: Dict[str, Any]):
 
 @app.post("/educational/clear-cache")
 async def clear_educational_cache():
-    """Clear all educational content from Redis cache"""
+    """
+    Clear all educational content from Redis cache.
+    
+    Note: The /educational/modules endpoints now use no-cache headers
+    to prevent browser/CDN caching. This endpoint is mainly for clearing
+    any legacy Redis cache entries.
+    """
     try:
         if educational_generator.redis_client:
             # Get all educational cache keys
             keys = educational_generator.redis_client.keys("educational:*")
             if keys:
                 educational_generator.redis_client.delete(*keys)
-                return {"message": f"Cleared {len(keys)} cache entries", "keys": keys}
+                return {
+                    "message": f"Cleared {len(keys)} cache entries",
+                    "keys": keys,
+                    "note": "Educational endpoints use no-cache headers to prevent stale data"
+                }
             else:
                 return {"message": "No cache entries found"}
         else: