import os import sys # Hugging Face safe cache os.environ["HF_HOME"] = "/tmp/huggingface" os.environ["TRANSFORMERS_CACHE"] = "/tmp/huggingface/transformers" os.environ["HUGGINGFACE_HUB_CACHE"] = "/tmp/huggingface/hub" # Force Flask instance path to a writable temporary folder safe_instance_path = "/tmp/flask_instance" # Create the safe instance path after imports os.makedirs(safe_instance_path, exist_ok=True) from flask import Flask, render_template, redirect, url_for, flash, request from flask_login import LoginManager, login_required, current_user from werkzeug.utils import secure_filename import sys import json from datetime import datetime # Adjust sys.path for import flexibility current_dir = os.path.dirname(os.path.abspath(__file__)) sys.path.append(current_dir) # Import and initialize DB from backend.models.database import db, Job, Application, init_db from backend.models.user import User from backend.routes.auth import auth_bp, handle_resume_upload from backend.routes.interview_api import interview_api # Initialize Flask app app = Flask( __name__, static_folder='backend/static', static_url_path='/static', template_folder='backend/templates', instance_path=safe_instance_path # ✅ points to writable '/tmp/flask_instance' ) app.config['SECRET_KEY'] = 'saadi' # ----------------------------------------------------------------------------- # Cookie configuration for Hugging Face Spaces # # When running this app inside an iframe (as is typical on Hugging Face Spaces), # browsers will drop cookies that have the default SameSite policy of ``Lax``. # This prevents the Flask session cookie from being stored and means that # ``login_user()`` will appear to have no effect – the user will be redirected # back to the home page but remain anonymous. By explicitly setting the # SameSite policy to ``None`` and enabling the ``Secure`` flag, we allow the # session and remember cookies to be sent even when the app is embedded in an # iframe. Without these settings the sign‑up and login flows work locally # but silently fail in Spaces, causing the "redirect to home page without # anything" behaviour reported by users. app.config['SESSION_COOKIE_SAMESITE'] = 'None' app.config['SESSION_COOKIE_SECURE'] = True app.config['REMEMBER_COOKIE_SAMESITE'] = 'None' app.config['REMEMBER_COOKIE_SECURE'] = True # Configure the database connection # Use /tmp directory for database in Hugging Face Spaces # Note: Data will be lost when the space restarts app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:////tmp/codingo.db' app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False from flask_wtf.csrf import CSRFProtect # csrf = CSRFProtect(app) # Create necessary directories in writable locations os.makedirs('/tmp/static/audio', exist_ok=True) os.makedirs('/tmp/temp', exist_ok=True) # Initialize DB with app init_db(app) # Flask-Login setup login_manager = LoginManager() login_manager.login_view = 'auth.login' login_manager.init_app(app) @login_manager.user_loader def load_user(user_id): return db.session.get(User, int(user_id)) # Register blueprints app.register_blueprint(auth_bp) app.register_blueprint(interview_api, url_prefix="/api") # Routes (keep your existing routes) @app.route('/') def index(): return render_template('index.html') @app.route('/jobs') def jobs(): all_jobs = Job.query.order_by(Job.date_posted.desc()).all() return render_template('jobs.html', jobs=all_jobs) @app.route('/job/') def job_detail(job_id): job = Job.query.get_or_404(job_id) return render_template('job_detail.html', job=job) @app.route('/apply/', methods=['GET', 'POST']) @login_required def apply(job_id): job = Job.query.get_or_404(job_id) if request.method == 'POST': # Retrieve the uploaded resume file from the request. The ``name`` # attribute in the HTML form is ``resume``. file = request.files.get('resume') # Use our safe upload helper to store the resume. ``filepath`` # contains the location where the file was saved so that recruiters # can download it later. Resume parsing has been disabled, so # ``features`` will always be an empty dictionary. features, error, filepath = handle_resume_upload(file) # If there was an error saving the resume, notify the user. We no # longer attempt to parse the resume contents, so the manual fields # collected below will form the entire feature set. if error: flash("Resume upload failed. Please try again.", "danger") return render_template('apply.html', job=job) # Collect the manually entered fields for skills, experience and education. # Users can separate entries with commas, semicolons or newlines; we # normalise the input into lists of trimmed strings. def parse_entries(raw_value: str): import re entries = [] if raw_value: # Split on commas, semicolons or newlines for item in re.split(r'[\n,;]+', raw_value): item = item.strip() if item: entries.append(item) return entries skills_input = request.form.get('skills', '') experience_input = request.form.get('experience', '') education_input = request.form.get('education', '') manual_features = { "skills": parse_entries(skills_input), "experience": parse_entries(experience_input), "education": parse_entries(education_input) } # Prepare the application record. We ignore the empty ``features`` # returned by ``handle_resume_upload`` and instead persist the # manually collected attributes. The extracted_features column # expects a JSON string; json.dumps handles proper serialization. application = Application( job_id=job_id, user_id=current_user.id, name=current_user.username, email=current_user.email, resume_path=filepath, extracted_features=json.dumps(manual_features) ) db.session.add(application) db.session.commit() flash('Your application has been submitted successfully!', 'success') return redirect(url_for('jobs')) return render_template('apply.html', job=job) @app.route('/my_applications') @login_required def my_applications(): applications = Application.query.filter_by( user_id=current_user.id ).order_by(Application.date_applied.desc()).all() return render_template('my_applications.html', applications=applications) @app.route('/parse_resume', methods=['POST']) def parse_resume(): file = request.files.get('resume') features, error, filepath = handle_resume_upload(file) # If the upload failed, return an error. Parsing is no longer # supported, so we do not attempt to inspect the resume contents. if error: return {"error": "Error processing resume. Please try again."}, 400 # If no features were extracted (the normal case now), respond with # empty fields rather than an error. This preserves the API # contract expected by any front‑end code that might call this # endpoint. if not features: return { "name": "", "email": "", "mobile_number": "", "skills": [], "experience": [], "education": [], "summary": "" }, 200 # Should features contain values (unlikely in the new implementation), # pass them through to the client. response = { "name": features.get('name', ''), "email": features.get('email', ''), "mobile_number": features.get('mobile_number', ''), "skills": features.get('skills', []), "experience": features.get('experience', []), "education": features.get('education', []), "summary": features.get('summary', '') } return response, 200 @app.route("/interview/") @login_required def interview_page(job_id): job = Job.query.get_or_404(job_id) application = Application.query.filter_by( user_id=current_user.id, job_id=job_id ).first() if not application or not application.extracted_features: flash("Please apply for this job and upload your resume first.", "warning") return redirect(url_for('job_detail', job_id=job_id)) cv_data = json.loads(application.extracted_features) return render_template("interview.html", job=job, cv=cv_data) if __name__ == '__main__': print("Starting Codingo application...") with app.app_context(): db.create_all() # Use port from environment or default to 7860 port = int(os.environ.get('PORT', 7860)) app.run(debug=True, host='0.0.0.0', port=port)