Skip to content

feat: improve upload validation, add loading spinner, implement user authentication#5

Open
its-Sohan wants to merge 4 commits into
Komal2008:mainfrom
its-Sohan:improve-upload-validation
Open

feat: improve upload validation, add loading spinner, implement user authentication#5
its-Sohan wants to merge 4 commits into
Komal2008:mainfrom
its-Sohan:improve-upload-validation

Conversation

@its-Sohan

@its-Sohan its-Sohan commented Jul 6, 2026

Copy link
Copy Markdown

Closes #1, #2, and #3

Part 1: Better error messages for uploads (fixes #2)

Added validation and user-facing error messages for:

  • Unsupported file type
  • Empty upload
  • File too large (25 MB limit)
  • Corrupted image

Part 2: Loading spinner during analysis (fixes #1)

  • Added analyzing session state flag
  • Disables the button during processing
  • Shows Analyzing image... as button text and spinner message

Part 3: User authentication system (fixes #3)

Uses streamlit-authenticator (by mkhorasani) — a well-maintained library built on bcrypt and JWT cookies.

  • Login — secure form with bcrypt password verification
  • Registration — new users can self-register (persisted to auth.yaml)
  • Session management — encrypted JWT cookies, 30-day expiry
  • Logout — button in sidebar, clears session
  • Access control — all app content gated behind authentication
  • Default account: admin / admin123 (change password after first login)

New files:

  • code/auth.yaml — user credentials and cookie config (auto-created on first run)

Modified files:

  • code/app.py — auth integration, upload validation, spinner logic
  • code/src/image_analyzer.py — server-side image validation
  • code/requirements.txt — added streamlit-authenticator, pyyaml

@its-Sohan its-Sohan changed the title fix: improve error messages for invalid file uploads fix: improve upload validation and add loading spinner during AI analysis Jul 6, 2026
@its-Sohan its-Sohan changed the title fix: improve upload validation and add loading spinner during AI analysis feat: improve upload validation, add loading spinner, implement user authentication Jul 6, 2026
@Komal2008

Copy link
Copy Markdown
Owner

Hi @its-Sohan , thank you for the contribution!

I appreciate the effort you've put into this PR.

Before I can review and merge it, I noticed that this PR combines multiple features:

Upload validation
Loading spinner
User authentication

It also has merge conflicts with the current main branch.

To make the review easier, could you please:

Sync your branch with the latest main and resolve the merge conflicts.
Split these changes into separate PRs if possible:
PR 1: Upload validation
PR 2: Loading spinner
PR 3: User authentication
Address the authentication security concerns (avoid committing auth.yaml with credentials and use environment variables for secrets).

Once the conflicts are resolved and the CI checks pass, I'll review the updated PR. Thanks!

Add validation for file type, size, empty, and corrupted images
with clear user-facing error messages in the UI.

- validate_image_file() in image_analyzer.py checks extension,
  empty file, size limit (25MB), and image corruption via PIL
- validate_uploaded_file() in app.py checks the same before saving
- save_uploaded_image() raises ValueError on invalid input
- Analyze flow shows st.error() messages instead of proceeding
  silently or crashing

Closes Komal2008#2

Signed-off-by: its-Sohan <stathammurphy141@gmail.com>
- Add "analyzing" session state flag to track analysis progress
- Disable "Run AI Analysis" button during analysis to prevent double-clicks
- Show "Analyzing image..." as button text while processing
- Reset flag after analysis completes or on error

Signed-off-by: its-Sohan <stathammurphy141@gmail.com>
Implement secure login/registration/logout using the
streamlit-authenticator library (by mkhorasani).

- Login form with bcrypt password hashing
- User registration with persistent YAML config
- Session management via encrypted JWT cookies (30-day expiry)
- Logout button in sidebar with user display name
- All content gated behind authentication
- Default admin account: admin / admin123
- Graceful error if library is not installed

Closes Komal2008#3

Signed-off-by: its-Sohan <stathammurphy141@gmail.com>
- Rebased onto latest upstream main, resolved requirements.txt conflict
- Removed committed auth.yaml; added to .gitignore
- Cookie key now read from CLAIMVISION_AUTH_KEY env var (with fallback)
- Added load_dotenv() to support .env file configuration
@its-Sohan its-Sohan force-pushed the improve-upload-validation branch from 7a5a3bf to d32bf7d Compare July 11, 2026 05:26

@Komal2008 Komal2008 left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for addressing the review comments and improving the implementation. The changes look good, the CI checks are passing, and everything is ready to merge. Great work!

@Komal2008

Copy link
Copy Markdown
Owner

Thanks for the update! Regarding #2, I noticed that validate_uploaded_file() is being called both before save_uploaded_image() and again inside save_uploaded_image(). Could you please refactor this to avoid duplicate validation? It will help keep the code cleaner and easier to maintain.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Feature: Implement User Authentication System Improve Error Messages for Invalid Uploads Show Loading Spinner During AI Analysis

2 participants