Update app.py

app.py

@@ -8,19 +8,27 @@ from utils import extract_kyc_fields
 
 # ------------------------------------------------------------------
 # 🔐 CREDENTIALS STRATEGY
-# 1) Preferred: read from environment (HF Space Secrets / .env).
-# 2) Fallback (NOT RECOMMENDED): hardcoded defaults below.
-#    If you insist, replace the REPLACE_ME values locally.
+# Prefer environment variables (Hugging Face Space Secrets or local env).
+# Emergency fallback (NOT recommended): replace these locally.
 # ------------------------------------------------------------------
-SF_DEFAULT_USERNAME = "[email protected]"      # e.g., "[email protected]"
-SF_DEFAULT_PASSWORD = "Lic@2025"      # e.g., "Lic@2025"
-SF_DEFAULT_TOKEN    = "AmmfRcd6IiYaRtSGntBnzNMQU" # e.g., "AmmfRcd6IiYaRtSGntBnzNMQU"
-SF_DEFAULT_DOMAIN   = "login"                     # "login" (prod) or "test" (sandbox)
+SF_DEFAULT_USERNAME = os.getenv("[email protected]", "REPLACE_ME_USERNAME")
+SF_DEFAULT_PASSWORD = os.getenv("Lic@2025", "REPLACE_ME_PASSWORD")
+SF_DEFAULT_TOKEN    = os.getenv("AmmfRcd6IiYaRtSGntBnzNMQU", "REPLACE_ME_SECURITY_TOKEN")
+SF_DEFAULT_DOMAIN   = os.getenv("SF_DOMAIN", "login")  # "login" (prod) or "test" (sandbox)
 # ------------------------------------------------------------------
 
-# simple-salesforce is required for SF push
+# simple-salesforce + exceptions
 try:
     from simple_salesforce import Salesforce
+    from simple_salesforce.exceptions import (
+        SalesforceAuthenticationFailed,
+        SalesforceGeneralError,
+        SalesforceMalformedRequest,
+        SalesforceExpiredSession,
+        SalesforceRefusedRequest,
+        SalesforceMoreThanOneRecord,
+        SalesforceResourceNotFound
+    )
     SF_AVAILABLE = True
 except Exception:
     SF_AVAILABLE = False
@@ -29,7 +37,7 @@ except Exception:
 # ---------- helpers ----------
 def _parse_birthdate(dob_text: str):
     """
-    Normalize DOB to YYYY-MM-DD for Salesforce Date fields.
+    Normalize DOB to YYYY-MM-DD (Salesforce Date fields).
     Supports dd/mm/yyyy, dd-mm-yyyy, dd.mm.yyyy, yyyy-mm-dd, or just YYYY (mapped to mid-year).
     """
     if not dob_text or dob_text == "Not found":
@@ -63,28 +71,67 @@ def _parse_birthdate(dob_text: str):
     return None
 
 
+def _fmt_sf_error(err: Exception):
+    """
+    Produce a clear, JSON-safe dict from any simple-salesforce error.
+    """
+    # Default
+    info = {"type": err.__class__.__name__, "message": str(err)}
+
+    # Enrich known exceptions
+    if isinstance(err, SalesforceAuthenticationFailed):
+        # Has attributes: code, response.content, status, message, etc.
+        content = getattr(err, "content", None) or getattr(err, "response", None)
+        info.update({
+            "category": "AUTHENTICATION",
+            "status": getattr(err, "status", None),
+            "content": getattr(content, "content", None) if hasattr(content, "content") else content,
+        })
+    elif isinstance(err, (SalesforceMalformedRequest, SalesforceGeneralError, SalesforceRefusedRequest)):
+        # These typically have status/resource_name/content/url
+        info.update({
+            "category": "REQUEST",
+            "status": getattr(err, "status", None),
+            "resource": getattr(err, "resource_name", None),
+            "url": getattr(err, "url", None),
+            "content": getattr(err, "content", None),
+        })
+    elif isinstance(err, SalesforceResourceNotFound):
+        info.update({"category": "NOT_FOUND"})
+    elif isinstance(err, SalesforceExpiredSession):
+        info.update({"category": "AUTH_EXPIRED"})
+
+    return info
+
+
 def sf_connect_from_env_or_defaults():
     """
-    Tries env vars first (HF Space Secrets / .env), then hardcoded defaults.
+    Tries env vars first (HF Space Secrets / local env), then hardcoded defaults.
     Env vars: SF_USERNAME, SF_PASSWORD, SF_SECURITY_TOKEN, SF_DOMAIN
+    Also runs a quick auth test query to surface auth issues early.
     """
     if not SF_AVAILABLE:
-        raise RuntimeError("simple-salesforce is not installed.")
+        raise RuntimeError("simple-salesforce is not installed. Add `simple-salesforce` to requirements.txt.")
 
     username = os.getenv("SF_USERNAME", SF_DEFAULT_USERNAME)
     password = os.getenv("SF_PASSWORD", SF_DEFAULT_PASSWORD)
     token    = os.getenv("SF_SECURITY_TOKEN", SF_DEFAULT_TOKEN)
     domain   = os.getenv("SF_DOMAIN", SF_DEFAULT_DOMAIN or "login")
 
-    # Basic validation: block if still placeholders
     if any(v.startswith("REPLACE_ME") for v in [username, password, token]):
         raise ValueError(
             "Salesforce credentials missing. "
-            "Either set Space Secrets/ENV (SF_USERNAME, SF_PASSWORD, SF_SECURITY_TOKEN, SF_DOMAIN) "
+            "Set env vars (SF_USERNAME, SF_PASSWORD, SF_SECURITY_TOKEN, SF_DOMAIN) "
             "or replace the REPLACE_ME_* constants in app.py."
         )
 
-    return Salesforce(username=username, password=password, security_token=token, domain=domain)
+    try:
+        sf = Salesforce(username=username, password=password, security_token=token, domain=domain)
+        # 🔎 lightweight auth sanity check
+        sf.query("SELECT Id FROM User LIMIT 1")
+        return sf
+    except Exception as e:
+        raise e
 
 
 def sf_push_kyc_record(sf, ocr_results):
@@ -108,18 +155,20 @@ def sf_push_kyc_record(sf, ocr_results):
     payload = {
         "Aadhaar_Number__c": aadhaar_number,
         "Aadhaar_Name__c":   aadhaar_name,
-        "Aadhaar_DOB__c":    aadhaar_dob,
+        "Aadhaar_DOB__c":    aadhaar_dob,   # Date field in SF
         "PAN_Number__c":     pan_number,
         "Pan_Name__c":       pan_name,
-        "Pan_DOB__c":        pan_dob,
+        "Pan_DOB__c":        pan_dob,       # Date field in SF
     }
+    # Remove None keys to avoid nulling non-nullable fields
     payload = {k: v for k, v in payload.items() if v is not None}
 
     try:
         result = sf.KYC_Record__c.create(payload)
         return {"success": True, "id": result.get("id"), "payload": payload}
     except Exception as e:
-        return {"success": False, "error": str(e), "payload": payload}
+        # Return rich error info
+        return {"success": False, "error": _fmt_sf_error(e), "payload": payload}
 
 
 # ---------- gradio callback ----------
@@ -159,7 +208,7 @@ def process_documents(aadhaar_file, pan_file, push_to_sf):
             created = sf_push_kyc_record(sf, results)
             output["salesforce"] = {"pushed": created.get("success", False), **created}
         except Exception as e:
-            output["salesforce"] = {"pushed": False, "error": str(e)}
+            output["salesforce"] = {"pushed": False, "error": _fmt_sf_error(e)}
 
     return output
 
@@ -169,11 +218,11 @@ with gr.Blocks(title="Smart KYC OCR → Salesforce (KYC_Record__c)") as demo:
     gr.Markdown(
         """
         # 🧾 Smart KYC OCR → Salesforce
-        Upload **Aadhaar** and **PAN** in separate boxes, then (optional) push a single **KYC_Record__c**.
+        Upload **Aadhaar** and **PAN** in separate boxes, then (optional) push one **KYC_Record__c**.
 
-        - Preferred: configure `SF_USERNAME`, `SF_PASSWORD`, `SF_SECURITY_TOKEN`, `SF_DOMAIN` as environment variables
-          (Hugging Face **Space Secrets**).
-        - Emergency fallback: edit the `SF_DEFAULT_*` constants in `app.py` (NOT recommended).
+        **Creds**: Set env vars (preferred)  
+        `SF_USERNAME`, `SF_PASSWORD`, `SF_SECURITY_TOKEN`, `SF_DOMAIN` (login|test)  
+        or replace the placeholders in `app.py` (not recommended).
         """
     )
 
@@ -203,7 +252,7 @@ with gr.Blocks(title="Smart KYC OCR → Salesforce (KYC_Record__c)") as demo:
     gr.Markdown("---")
     gr.Markdown(
         """
-        🔒 **Security note:** Avoid hardcoding secrets. Prefer Space Secrets / environment variables.
+        🔒 **Note:** If you see an error, the response now includes the Salesforce status, URL, and error body.
         """
     )