import pandas as pd import csv from flask import Flask, render_template, jsonify, request, session, redirect, url_for, make_response from flask_cors import CORS import os from datetime import datetime import threading import requests from dotenv import load_dotenv # ------------------------------------------------------------ # 基本設定 # ------------------------------------------------------------ load_dotenv() app = Flask(__name__) CORS(app, supports_credentials=True, origins=["https://kec-apps.com:443", "https://kec-apps.com"]) app.secret_key = os.getenv("FLASK_SECRET_KEY", "kecapps_default_key_2025") HTML_DIR = '/var/www/html/templates' CSV_DIR = '/var/www/html' members_csv_path = os.path.join(CSV_DIR, 'members.csv') csv_lock = threading.Lock() # ------------------------------------------------------------ # CSV操作 # ------------------------------------------------------------ def load_csv(): user_id = session.get('user_id') if not user_id: return [] if len(str(user_id)) <= 10: target_csv = os.path.join(CSV_DIR, 'scriptdata.csv') else: target_csv = os.path.join(CSV_DIR, 'scriptdata2.csv') try: df = pd.read_csv(target_csv, encoding='utf-8') df = df.fillna('') return df.to_dict(orient='records') except: return [] def load_members_csv(): df = pd.read_csv(members_csv_path, encoding='utf-8') return df # ------------------------------------------------------------ # 認証 # ------------------------------------------------------------ def check_credentials(user_id, password): df = pd.read_csv(members_csv_path, encoding='utf-8') user = df[df['user_id'] == user_id] if not user.empty and user.iloc[0]['password'] == password: return True return False def update_login_time(user_id): with csv_lock: df = pd.read_csv(members_csv_path, encoding='utf-8') if user_id not in df['user_id'].values: return False now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') df.loc[df['user_id'] == user_id, 'last_login'] = now if pd.isna(df[df['user_id'] == user_id].iloc[0]['first_login']): df.loc[df['user_id'] == user_id, 'first_login'] = now df.to_csv(members_csv_path, index=False, encoding='utf-8') return True def update_logout_time(user_id): with csv_lock: df = pd.read_csv(members_csv_path, encoding='utf-8') if user_id not in df['user_id'].values: return False now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') df.loc[df['user_id'] == user_id, 'last_logout'] = now df.to_csv(members_csv_path, index=False, encoding='utf-8') return True # ------------------------------------------------------------ # ルート # ------------------------------------------------------------ @app.route('/') def index(): if 'user_id' in session: return render_template('index.html') return redirect(url_for('login')) @app.route('/login', methods=['GET', 'POST']) def login(): if request.method == 'POST': user_id = request.form['user_id'].strip() password = request.form['password'].strip() if check_credentials(user_id, password): session['user_id'] = user_id update_login_time(user_id) return redirect(url_for('index')) return "ユーザーIDまたはパスワードが違います。", 401 return render_template('login.html') @app.route('/logout', methods=['POST']) def logout(): if 'user_id' in session: update_logout_time(session['user_id']) session.pop('user_id', None) return jsonify({'message': 'ログアウト成功'}), 200 return jsonify({'message': 'ログインしていません'}), 401 # ------------------------------------------------------------ # 名前取得 # ------------------------------------------------------------ @app.route('/members') def get_members(): if 'user_id' in session: df = load_members_csv() user = df[df['user_id'] == session['user_id']][['name1', 'name2']].fillna("") return jsonify(user.to_dict(orient='records')) return "Unauthorized", 401 # ------------------------------------------------------------ # Free Conversation # ------------------------------------------------------------ @app.route('/grant_access', methods=['POST']) def grant_access(): session['access_granted'] = True return redirect(url_for('conv2')) @app.route('/conv2') def conv2(): if not session.get('access_granted', False): return redirect('https://kec-apps.com:443/') return render_template('conv2.html') # ------------------------------------------------------------ # ★ SPA対応:レッスンページ(完全なHTML + キャッシュ無効化) # ------------------------------------------------------------ @app.route("/intro1") @app.route("/intro2") @app.route("/basic1") @app.route("/basic2") @app.route("/beginner1-1") @app.route("/beginner1-2") @app.route("/beginner1-3") @app.route("/beginner2") @app.route("/beginner3") @app.route("/beginner4") @app.route("/beginner5") @app.route("/beginner6") def render_lesson(): """ SPA版用:完全なHTMLを返す キャッシュを無効化してService Workerの問題を回避 """ page = request.path.strip("/") html_path = os.path.join(HTML_DIR, f"{page}.html") if not os.path.exists(html_path): return jsonify({"error": "Lesson file not found"}), 404 # 完全なHTMLをレンダリング response = make_response(render_template(f"{page}.html")) # ★ キャッシュを完全無効化(Service Worker対策) response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate' response.headers['Pragma'] = 'no-cache' response.headers['Expires'] = '0' return response # ------------------------------------------------------------ # Manual ページ(同様にキャッシュ無効化) # ------------------------------------------------------------ @app.route("/manual") def manual(): response = make_response(render_template("manual.html")) response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate' response.headers['Pragma'] = 'no-cache' response.headers['Expires'] = '0' return response # ------------------------------------------------------------ # CSVデータ取得 # ------------------------------------------------------------ @app.route("/get_script/") def get_script(lesson): filename = f"script {lesson}.csv" path = os.path.join(CSV_DIR, filename) if not os.path.exists(path): return jsonify({"error": f"{filename} not found"}), 404 with open(path, newline='', encoding='utf-8') as f: reader = csv.DictReader(f) data = [row for row in reader] return jsonify(data) # ------------------------------------------------------------ # Whisper API # ------------------------------------------------------------ @app.route("/whisper", methods=["POST"]) def whisper_api(): f = request.files['audio'] r = requests.post( "http://127.0.0.1:8080/inference", files={"file": (f.filename, f, "audio/wav")}, data={"temperature": "0.0", "response_format": "json"} ) return r.json() # ------------------------------------------------------------ # APIキー取得エンドポイント # ------------------------------------------------------------ @app.route("/get_api_key") def get_api_key(): """ フロントエンドが fetch('/get_api_key') で呼び出す用 """ api_key = os.getenv("OPENAI_API_KEY", "") if not api_key: # .env にない場合はエラー返す(フロントで catch される) return jsonify({"error": "API key not found"}), 404 return jsonify({"api_key": api_key}) # 例:app.py のどこか(他の @app.route の並び)に追加 @app.route("/diagnose-all") def diagnose_all(): return render_template("diagnose-all.html") # ------------------------------------------------------------ # メイン # ------------------------------------------------------------ if __name__ == '__main__': app.run(debug=True)