api.py

import os
import signal
import subprocess
import sys
import threading
import time
import webbrowser
import os
from datetime import datetime
from flask import Flask, jsonify, request, send_from_directory, session, redirect, url_for
from flask_cors import CORS
from werkzeug.security import generate_password_hash, check_password_hash
import psycopg2
import pandas as pd
import joblib
from model import hybrid_predict as model_hybrid_predict, forecast_next24_series
from blockchain_integration import BlockchainManager
from eth_account import Account
import json

DB_CONFIG = {
    "host": "localhost",
    "database": "energy_data",  # Database exists
    "user": "divyanshagrawal",  # Using your system username
    "password": "",  # Empty password for local development
}

SIM_SCRIPT = os.path.join(os.path.dirname(__file__), "meter_sim.py")
PID_FILE = os.path.join(os.path.dirname(__file__), ".meter_sim.pid")
LOG_FILE = os.path.join(os.path.dirname(__file__), ".meter_sim.log")

# Model training/retraining
MODEL_SCRIPT = os.path.join(os.path.dirname(__file__), "model.py")
MODEL_PID_FILE = os.path.join(os.path.dirname(__file__), ".model_train.pid")
MODEL_LOG_FILE = os.path.join(os.path.dirname(__file__), ".model_train.log")
MODEL_LAST_FILE = os.path.join(os.path.dirname(__file__), ".model_last_retrain.txt")
BASE_MODEL_FILE = os.path.join(os.path.dirname(__file__), "base_model.pkl")

# Initialize blockchain manager
blockchain_manager = BlockchainManager()

app = Flask(__name__)
app.secret_key = 'your-secret-key-change-this-in-production'  # Required for session management
app.config['SESSION_TYPE'] = 'filesystem'
app.config['SESSION_COOKIE_HTTPONLY'] = True
app.config['SESSION_COOKIE_SECURE'] = False  # Set to True in production with HTTPS
app.config['SESSION_COOKIE_SAMESITE'] = 'Lax'  # More compatible for development
app.config['SESSION_COOKIE_DOMAIN'] = None  # Let Flask handle domain automatically
app.config['SESSION_COOKIE_PATH'] = '/'  # Ensure cookie is sent for all paths

# Allow browser requests from file:// (Origin: null) and localhost origins
CORS(app, origins=["http://localhost:5001", "http://127.0.0.1:5001", "null", "http://localhost:*", "http://127.0.0.1:*"], supports_credentials=True, allow_headers=["Content-Type", "Authorization"], methods=["GET", "POST", "PUT", "DELETE", "OPTIONS"])


def get_db_conn():
    return psycopg2.connect(**DB_CONFIG)

# Helper functions for token balance persistence
def save_user_token_balance(user_id, wallet_address, balance):
    """Save user's token balance to database"""
    try:
        with get_db_conn() as conn:
            with conn.cursor() as cur:
                cur.execute(
                    """UPDATE users 
                       SET token_balance = %s, wallet_address = %s, updated_at = NOW() 
                       WHERE id = %s""",
                    (balance, wallet_address, user_id)
                )
                conn.commit()
                print(f"💾 Saved balance for user {user_id}: {balance} tokens")
                return True
    except Exception as e:
        print(f"❌ Error saving token balance: {e}")
        return False

def get_user_token_balance(user_id):
    """Get user's token balance from database"""
    try:
        with get_db_conn() as conn:
            with conn.cursor() as cur:
                cur.execute(
                    "SELECT token_balance, wallet_address FROM users WHERE id = %s",
                    (user_id,)
                )
                row = cur.fetchone()
                if row:
                    return float(row[0] or 0), row[1]
                return 0.0, None
    except Exception as e:
        print(f"❌ Error getting token balance: {e}")
        return 0.0, None

def restore_user_blockchain_balance(user_id, wallet_address):
    """Restore user's blockchain balance from database after redeployment"""
    try:
        db_balance, stored_address = get_user_token_balance(user_id)
        
        if db_balance > 0:
            # Get current blockchain balance
            current_balance = blockchain_manager.get_kwh_balance(wallet_address)
            
            # If blockchain balance is less than DB balance, mint the difference
            if current_balance < db_balance:
                needed = db_balance - current_balance
                print(f"🔄 Restoring {needed} tokens to user {user_id} (wallet: {wallet_address})")
                
                result = blockchain_manager.mint_kwh_tokens(
                    wallet_address,
                    needed,
                    execute=True
                )
                
                if result.get('success'):
                    print(f"✅ Restored {needed} tokens to {wallet_address}")
                    return True
                else:
                    print(f"❌ Failed to restore tokens: {result.get('error')}")
                    return False
            else:
                print(f"✓ Blockchain balance ({current_balance}) matches or exceeds DB balance ({db_balance})")
                return True
        else:
            print(f"ℹ User {user_id} has 0 balance in DB, nothing to restore")
            return True
            
    except Exception as e:
        print(f"❌ Error restoring blockchain balance: {e}")
        return False

def sync_user_balance_to_db(user_id, wallet_address):
    """Sync current blockchain balance to database"""
    try:
        current_balance = blockchain_manager.get_kwh_balance(wallet_address)
        save_user_token_balance(user_id, wallet_address, current_balance)
        return True
    except Exception as e:
        print(f"❌ Error syncing balance to DB: {e}")
        return False

def sync_balance_by_wallet_address(wallet_address):
    """Find user by wallet address and sync their balance"""
    if not wallet_address:
        return False
    
    try:
        with get_db_conn() as conn:
            with conn.cursor() as cur:
                # Find user by wallet address in current session or stored address
                cur.execute(
                    "SELECT id FROM users WHERE wallet_address = %s",
                    (wallet_address,)
                )
                row = cur.fetchone()
                if row:
                    user_id = row[0]
                    return sync_user_balance_to_db(user_id, wallet_address)
                else:
                    # Wallet not found in DB - this is okay for ephemeral wallets
                    print(f"ℹ️ Wallet {wallet_address} not found in DB (ephemeral wallet)")
                    return False
    except Exception as e:
        print(f"❌ Error finding user by wallet: {e}")
        return False
    
# Simple JSON storage for trading orders
ORDERS_FILE = os.path.join(os.path.dirname(__file__), "orders.json")
 
# Trading conversion and market pricing
CONVERSION_RATE_KWH_PER_TOKEN = 0.01  # 1 token = 0.01 kWh
MARKET_PRICE_PER_KWH_WEI = int(os.getenv('MARKET_PRICE_PER_KWH_WEI', '1000000000000000'))  # 1e15 wei per kWh

def _price_per_token_wei():
    try:
        return int(MARKET_PRICE_PER_KWH_WEI * CONVERSION_RATE_KWH_PER_TOKEN)
    except Exception:
        return 0

def _load_orders():
    try:
        with open(ORDERS_FILE, 'r') as f:
            return json.load(f)
    except Exception:
        return []

def _save_orders(orders):
    try:
        with open(ORDERS_FILE, 'w') as f:
            json.dump(orders, f, indent=2)
        return True
    except Exception:
        return False
    
# Blockchain API routes
@app.route('/api/blockchain/status', methods=['GET'])
def blockchain_status():
    """Check blockchain connection status"""
    try:
        is_connected = blockchain_manager.is_connected()
        
        # Additional connection details
        block_number = None
        chain_id = None
        if is_connected:
            try:
                block_number = blockchain_manager.w3.eth.block_number
                chain_id = blockchain_manager.w3.eth.chain_id
            except Exception as e:
                print(f"Error getting blockchain details: {e}")
        
        return jsonify({
            "connected": is_connected,
            "provider": blockchain_manager.provider_url,
            "contracts_loaded": list(blockchain_manager.contracts.keys()),
            "block_number": block_number,
            "chain_id": chain_id,
            "accounts_available": len(blockchain_manager.accounts) if blockchain_manager.accounts else 0
        })
    except Exception as e:
        return jsonify({
            "connected": False,
            "provider": blockchain_manager.provider_url,
            "error": str(e)
        }), 500

@app.route('/api/blockchain/register-meter', methods=['POST'])
def register_meter():
    """Register a new meter on the blockchain"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
        
    data = request.json
    if not data or not data.get('meter_id') or not data.get('pub_key') or not data.get('admin_account'):
        return jsonify({"success": False, "error": "Missing required parameters"}), 400
        
    result = blockchain_manager.register_meter(
        data['meter_id'],
        data['pub_key'],
        data['admin_account']
    )
    return jsonify(result)

@app.route('/api/blockchain/mint-tokens', methods=['POST'])
def mint_tokens():
    """Mint KWh tokens to a user address"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
        
    data = request.json
    if not data or not data.get('to_address') or not data.get('amount'):
        return jsonify({"success": False, "error": "Missing required parameters: to_address and amount"}), 400
    
    try:
        amount = float(data['amount'])
        if amount <= 0:
            return jsonify({"success": False, "error": "Amount must be greater than 0"}), 400
    except (ValueError, TypeError):
        return jsonify({"success": False, "error": "Invalid amount value"}), 400
    
    # Use execute=True to mint directly from deployer account
    result = blockchain_manager.mint_kwh_tokens(
        data['to_address'],
        amount,
        execute=True
    )
    
    if result.get('success'):
        return jsonify(result), 200
    else:
        return jsonify(result), 400

@app.route('/api/blockchain/create-escrow', methods=['POST'])
def create_escrow():
    """Create an escrow for a trade"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
        
    data = request.json
    if not data or not data.get('trade_id') or not data.get('amount') or not data.get('buyer_account'):
        return jsonify({"success": False, "error": "Missing required parameters"}), 400
        
    result = blockchain_manager.create_escrow(
        data['trade_id'],
        float(data['amount']),
        data['buyer_account']
    )
    return jsonify(result)

@app.route('/api/blockchain/create-settlement', methods=['POST'])
def create_settlement():
    """Create a settlement in the market"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
        
    data = request.json
    if not data or not data.get('settlement_id') or not data.get('amount') or not data.get('price') or not data.get('engine_account'):
        return jsonify({"success": False, "error": "Missing required parameters"}), 400
        
    result = blockchain_manager.create_settlement(
        data['settlement_id'],
        float(data['amount']),
        int(data['price']),
        data.get('engine_account'),
        execute=bool(data.get('execute', False))
    )
    return jsonify(result)

@app.post('/api/trading/create-settlement')
def trading_create_settlement():
    """Execute settlement directly using default engine account (Hardhat unlocked)"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
    
    data = request.get_json(force=True)
    if not data:
        return jsonify({"success": False, "error": "No data provided"}), 400
    
    sid = data.get('settlement_id') or f"trade-{int(time.time()*1000)}"
    
    try:
        amount = float(data.get('amount', 0))
        price = int(float(data.get('price', 0)))
        
        if amount <= 0:
            return jsonify({"success": False, "error": "Amount must be greater than 0"}), 400
        if price <= 0:
            return jsonify({"success": False, "error": "Price must be greater than 0"}), 400
    except (ValueError, TypeError) as e:
        return jsonify({"success": False, "error": f"Invalid amount or price: {str(e)}"}), 400
    
    result = blockchain_manager.create_settlement(
        sid,
        amount,
        price,
        engine_account=None,
        execute=True
    )
    
    return jsonify(result), (200 if result.get('success') else 400)

# Trading orders API
@app.get('/api/trading/market')
def get_market_info():
    """Return conversion and current market price info."""
    return jsonify({
        "success": True,
        "conversion_rate_kwh_per_token": CONVERSION_RATE_KWH_PER_TOKEN,
        "price_per_kwh_wei": MARKET_PRICE_PER_KWH_WEI,
        "price_per_token_wei": _price_per_token_wei(),
    })
@app.get('/api/trading/orders')
def list_orders():
    """List all trading orders (visible to all users)"""
    orders = _load_orders()
    orders.sort(key=lambda o: o.get('created_at', 0), reverse=True)
    return jsonify({"success": True, "orders": orders})

@app.post('/api/trading/orders')
def create_order():
    """Create a new trading order (buy or sell)"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
    data = request.get_json(force=True)
    trade_type = (data.get('tradeType') or '').lower()
    if trade_type not in ('buy', 'sell'):
        return jsonify({"success": False, "error": "Invalid trade type"}), 400
    try:
        amount_kwh = float(data.get('energyAmount'))
    except Exception:
        return jsonify({"success": False, "error": "Invalid energy amount"}), 400
    created_by = session.get('wallet_address')
    order_id = f"ord-{int(time.time()*1000)}"
    price_per_kwh_wei = MARKET_PRICE_PER_KWH_WEI
    price_per_token_wei = _price_per_token_wei()
    tokens = int(amount_kwh / CONVERSION_RATE_KWH_PER_TOKEN)
    total_price_wei = int(amount_kwh * price_per_kwh_wei)
    order = {
        "id": order_id,
        "type": trade_type,
        "amount_kwh": amount_kwh,
        "price_per_kwh_wei": price_per_kwh_wei,
        "price_per_token_wei": price_per_token_wei,
        "tokens": tokens,
        "total_price_wei": total_price_wei,
        "status": "open",
        "created_by": created_by,
        "created_at": int(time.time())
    }
    orders = _load_orders()
    orders.append(order)
    if not _save_orders(orders):
        return jsonify({"success": False, "error": "Failed to save order"}), 500
    return jsonify({"success": True, "order": order})

@app.post('/api/trading/buy')
def buy_order():
    """Buy an existing sell order with INSTANT transfer.
    
    Flow:
    1. Buyer's tokens transferred directly to seller
    2. Order status changes to 'filled'
    3. Trade completes immediately
    """
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
    
    data = request.get_json(force=True)
    order_id = data.get('orderId')
    
    if not order_id:
        return jsonify({"success": False, "error": "Missing orderId"}), 400
    
    orders = _load_orders()
    target = next((o for o in orders if o.get('id') == order_id), None)
    if not target:
        return jsonify({"success": False, "error": "Order not found"}), 404
    if target.get('status') != 'open' or target.get('type') != 'sell':
        return jsonify({"success": False, "error": "Order not available for purchase"}), 400

    buyer_addr = session.get('wallet_address')
    if not buyer_addr:
        return jsonify({"success": False, "error": "No wallet address in session"}), 400
    
    # Prevent user from buying their own order
    if target.get('created_by') == buyer_addr:
        return jsonify({"success": False, "error": "You cannot buy your own order"}), 400
    
    seller_addr = target.get('created_by')
    if not seller_addr:
        return jsonify({"success": False, "error": "Order has no seller address"}), 400
    
    # Get the token amount to transfer
    token_amount = float(target.get('amount_kwh', 0))
    
    # BUYER MUST HAVE TOKENS - validate buyer has enough balance
    try:
        buyer_balance = blockchain_manager.get_kwh_balance(buyer_addr)
        if buyer_balance < token_amount:
            return jsonify({
                "success": False, 
                "error": f"Insufficient tokens to buy. Required: {token_amount} KWH, Available: {buyer_balance} KWH"
            }), 400
    except Exception as e:
        print(f"Warning: Could not check buyer balance: {e}")
    
    # INSTANT TRANSFER - no escrow
    print(f"BUYING INSTANTLY: Transferring {token_amount} KWH from buyer {buyer_addr} to seller {seller_addr}")
    transfer_result = blockchain_manager.transfer_kwh_tokens(
        buyer_addr,
        seller_addr,
        token_amount,
        execute=True
    )
    
    if not transfer_result.get('success'):
        return jsonify({
            "success": False, 
            "error": f"Token transfer failed: {transfer_result.get('error')}"
        }), 400
    
    # Create an on-chain settlement entry for record keeping
    sid = f"{order_id}-buy-{int(time.time()*1000)}"
    settle = blockchain_manager.create_settlement(
        sid,
        token_amount,
        int(target.get('total_price_wei', 0)),
        engine_account=None,
        execute=True
    )
    
    # Update order status
    target['status'] = 'filled'
    target['buyer'] = buyer_addr
    target['filled_at'] = int(time.time())
    target['transfer_tx'] = transfer_result.get('tx_hash')
    if settle.get('success'):
        target['settlement_tx'] = settle.get('tx_hash')
        print(f"✓ Order {order_id} filled with settlement tx {settle.get('tx_hash')}")
    else:
        print(f"⚠ Order {order_id} filled but settlement failed: {settle.get('error')}")
    
    # Sync both buyer and seller balances to database
    buyer_user_id = session.get('user_id')
    if buyer_user_id:
        sync_user_balance_to_db(buyer_user_id, buyer_addr)
    
    # Also sync seller's balance (find user by wallet address)
    sync_balance_by_wallet_address(seller_addr)
    
    _save_orders(orders)
    return jsonify({
        "success": True, 
        "order": target, 
        "transfer": transfer_result,
        "onchain": settle
    })

@app.post('/api/trading/sell')
def sell_to_buy_order():
    """Sell energy to an existing buy order. Seller receives tokens, NO tokens required to sell."""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
    
    data = request.get_json(force=True)
    order_id = data.get('orderId')
    if not order_id:
        return jsonify({"success": False, "error": "Missing orderId"}), 400
    
    orders = _load_orders()
    target = next((o for o in orders if o.get('id') == order_id), None)
    if not target:
        return jsonify({"success": False, "error": "Order not found"}), 404
    if target.get('status') != 'open' or target.get('type') != 'buy':
        return jsonify({"success": False, "error": "Order not available to sell into"}), 400

    seller_addr = session.get('wallet_address')
    if not seller_addr:
        return jsonify({"success": False, "error": "No wallet address in session"}), 400
    
    # Prevent user from selling to their own order
    if target.get('created_by') == seller_addr:
        return jsonify({"success": False, "error": "You cannot sell to your own order"}), 400
    
    buyer_addr = target.get('created_by')
    if not buyer_addr:
        return jsonify({"success": False, "error": "Order has no buyer address"}), 400
    
    # Get the token amount to transfer
    token_amount = float(target.get('amount_kwh', 0))
    
    # BUYER MUST HAVE TOKENS - validate buyer (who created the buy order) has enough
    try:
        buyer_balance = blockchain_manager.get_kwh_balance(buyer_addr)
        if buyer_balance < token_amount:
            return jsonify({
                "success": False, 
                "error": f"Buyer has insufficient tokens. Required: {token_amount} KWH, Available: {buyer_balance} KWH"
            }), 400
    except Exception as e:
        print(f"Warning: Could not check buyer balance: {e}")
    
    # NO BALANCE CHECK FOR SELLER - sellers don't need tokens, they provide energy!
    # Transfer tokens from BUYER to SELLER (buyer pays, seller receives)
    print(f"SELLING: Transferring {token_amount} KWH from buyer {buyer_addr} to seller {seller_addr}")
    transfer_result = blockchain_manager.transfer_kwh_tokens(
        buyer_addr,
        seller_addr,
        token_amount,
        execute=True
    )
    
    if not transfer_result.get('success'):
        return jsonify({
            "success": False, 
            "error": f"Token transfer failed: {transfer_result.get('error')}"
        }), 400
    
    # Create settlement record
    sid = f"{order_id}-sell-{int(time.time()*1000)}"
    settle = blockchain_manager.create_settlement(
        sid,
        token_amount,
        int(target.get('total_price_wei', 0)),
        engine_account=None,
        execute=True
    )
    
    # Update order status
    target['status'] = 'filled'
    target['seller'] = seller_addr
    target['filled_at'] = int(time.time())
    target['transfer_tx'] = transfer_result.get('tx_hash')
    if settle.get('success'):
        target['settlement_tx'] = settle.get('tx_hash')
        print(f"✓ Order {order_id} filled with settlement tx {settle.get('tx_hash')}")
    else:
        print(f"⚠ Order {order_id} filled but settlement failed: {settle.get('error')}")
    
    # Sync seller balance to database (current user)
    seller_user_id = session.get('user_id')
    if seller_user_id:
        sync_user_balance_to_db(seller_user_id, seller_addr)
    
    # Also sync buyer's balance (find user by wallet address)
    sync_balance_by_wallet_address(buyer_addr)
    
    _save_orders(orders)
    return jsonify({
        "success": True, 
        "order": target, 
        "transfer": transfer_result,
        "onchain": settle
    })

@app.post('/api/trading/confirm-delivery')
def confirm_delivery():
    """Confirm delivery of energy (buyer or seller confirms)"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
    
    data = request.get_json(force=True)
    order_id = data.get('orderId')
    if not order_id:
        return jsonify({"success": False, "error": "Missing orderId"}), 400
    
    orders = _load_orders()
    target = next((o for o in orders if o.get('id') == order_id), None)
    if not target:
        return jsonify({"success": False, "error": "Order not found"}), 404
    if target.get('status') != 'escrowed':
        return jsonify({"success": False, "error": "Order not in escrow"}), 400
    
    user_addr = session.get('wallet_address')
    if not user_addr:
        return jsonify({"success": False, "error": "No wallet address in session"}), 400
    
    buyer_addr = target.get('buyer')
    seller_addr = target.get('created_by')
    
    # Check if user is buyer or seller
    if user_addr != buyer_addr and user_addr != seller_addr:
        return jsonify({"success": False, "error": "You are not part of this trade"}), 400
    
    is_buyer = (user_addr == buyer_addr)
    
    # Check if already confirmed
    if is_buyer and target.get('buyer_confirmed'):
        return jsonify({"success": False, "error": "You have already confirmed delivery"}), 400
    if not is_buyer and target.get('seller_confirmed'):
        return jsonify({"success": False, "error": "You have already confirmed delivery"}), 400
    
    # Confirm delivery on blockchain
    print(f"{'Buyer' if is_buyer else 'Seller'} {user_addr} confirming delivery for order {order_id}")
    confirm_result = blockchain_manager.confirm_delivery(
        trade_id=order_id,
        confirmer_account=user_addr,
        execute=True
    )
    
    if not confirm_result.get('success'):
        return jsonify({
            "success": False,
            "error": f"Confirmation failed: {confirm_result.get('error')}"
        }), 400
    
    # Update order status
    if is_buyer:
        target['buyer_confirmed'] = True
        target['buyer_confirmed_at'] = int(time.time())
    else:
        target['seller_confirmed'] = True
        target['seller_confirmed_at'] = int(time.time())
    
    # If both confirmed, mark as complete
    if target.get('buyer_confirmed') and target.get('seller_confirmed'):
        target['status'] = 'filled'
        target['filled_at'] = int(time.time())
        target['settlement_tx'] = confirm_result.get('tx_hash')
        print(f"✓ Order {order_id} completed! Both parties confirmed.")
        message = "Trade completed! Tokens released to seller."
        
        # Sync balances for both parties (tokens moved from escrow to seller)
        user_id = session.get('user_id')
        if user_id:
            sync_user_balance_to_db(user_id, user_addr)
    else:
        message = f"Delivery confirmed by {'buyer' if is_buyer else 'seller'}. Waiting for other party to confirm."
    
    _save_orders(orders)
    return jsonify({
        "success": True,
        "order": target,
        "message": message,
        "confirmation": confirm_result
    })

@app.post('/api/trading/cancel-escrow')
def cancel_escrow():
    """Cancel escrow and refund buyer (only after timeout)"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
    
    data = request.get_json(force=True)
    order_id = data.get('orderId')
    if not order_id:
        return jsonify({"success": False, "error": "Missing orderId"}), 400
    
    orders = _load_orders()
    target = next((o for o in orders if o.get('id') == order_id), None)
    if not target:
        return jsonify({"success": False, "error": "Order not found"}), 404
    if target.get('status') != 'escrowed':
        return jsonify({"success": False, "error": "Order not in escrow"}), 400
    
    buyer_addr = target.get('buyer')
    user_addr = session.get('wallet_address')
    
    if user_addr != buyer_addr:
        return jsonify({"success": False, "error": "Only the buyer can cancel escrow"}), 400
    
    # Check if timeout has been reached
    escrow_status = blockchain_manager.get_escrow_status(order_id)
    if not escrow_status.get('success'):
        return jsonify({"success": False, "error": "Could not check escrow status"}), 400
    
    if not escrow_status.get('canCancel'):
        return jsonify({
            "success": False,
            "error": "Cannot cancel yet. Timeout not reached or seller has already confirmed."
        }), 400
    
    # Cancel escrow on blockchain
    print(f"Buyer {buyer_addr} cancelling escrow for order {order_id}")
    cancel_result = blockchain_manager.cancel_escrow(
        trade_id=order_id,
        buyer_account=buyer_addr,
        execute=True
    )
    
    if not cancel_result.get('success'):
        return jsonify({
            "success": False,
            "error": f"Cancellation failed: {cancel_result.get('error')}"
        }), 400
    
    # Update order status
    target['status'] = 'cancelled'
    target['cancelled_at'] = int(time.time())
    target['cancel_tx'] = cancel_result.get('tx_hash')
    
    # Sync buyer balance (refunded)
    buyer_user_id = session.get('user_id')
    if buyer_user_id:
        sync_user_balance_to_db(buyer_user_id, buyer_addr)
    
    _save_orders(orders)
    return jsonify({
        "success": True,
        "order": target,
        "message": "Escrow cancelled. Tokens refunded to buyer.",
        "cancellation": cancel_result
    })

@app.get('/api/trading/escrow-status/<order_id>')
def get_escrow_status(order_id):
    """Get escrow status for an order"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
    
    escrow_status = blockchain_manager.get_escrow_status(order_id)
    return jsonify(escrow_status)

@app.route('/api/blockchain/update-contracts', methods=['POST'])
def update_contracts():
    """Update contract addresses after deployment"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
        
    data = request.json
    if not data or not data.get('addresses'):
        return jsonify({"success": False, "error": "Missing contract addresses"}), 400
        
    # Update each contract address
    updated = []
    for contract_name, address in data['addresses'].items():
        if blockchain_manager.update_contract_address(contract_name, address):
            updated.append(contract_name)
            
    return jsonify({
        "success": True,
        "updated_contracts": updated,
        "contracts_loaded": list(blockchain_manager.contracts.keys())
    })


@app.get("/api/consumption/latest")
def latest_consumption():
    try:
        user_id = get_current_user_id()
        with get_db_conn() as conn:
            with conn.cursor() as cur:
                cur.execute(
                    """
                    SELECT ts, consumption_kwh
                    FROM meter_readings
                    WHERE user_id = %s
                    ORDER BY ts DESC
                    LIMIT 1
                    """,
                    (user_id,)
                )
                row = cur.fetchone()
                if not row:
                    return jsonify({"data": None}), 200
                return jsonify({
                    "user_id": user_id,
                    "timestamp": row[0].isoformat(),
                    "consumption_kwh": float(row[1])
                }), 200
    except Exception as e:
        return jsonify({"error": str(e)}), 500


@app.get("/api/consumption/summary")
def consumption_summary():
    try:
        user_id = get_current_user_id()
        with get_db_conn() as conn:
            with conn.cursor() as cur:
                cur.execute(
                    """
                    SELECT 
                        COALESCE(SUM(consumption_kwh), 0) AS total_kwh,
                        COALESCE(AVG(consumption_kwh), 0) AS avg_kwh,
                        COUNT(*) AS samples
                    FROM meter_readings
                    WHERE user_id = %s
                    """,
                    (user_id,)
                )
                total_kwh, avg_kwh, samples = cur.fetchone()
                return jsonify({
                    "total_kwh": float(total_kwh),
                    "avg_kwh": float(avg_kwh),
                    "samples": int(samples)
                }), 200
    except Exception as e:
        return jsonify({"error": str(e)}), 500


# New: billing summary (month to date)
@app.get("/api/billing/summary")
def billing_summary():
    try:
        user_id = get_current_user_id()
        # Basic flat tariff; can be extended to TOU later
        price_per_kwh = float(os.getenv("PRICE_PER_KWH", "0.12"))
        with get_db_conn() as conn:
            with conn.cursor() as cur:
                cur.execute(
                    """
                    SELECT COALESCE(SUM(consumption_kwh), 0)
                    FROM meter_readings
                    WHERE user_id = %s
                      AND DATE_TRUNC('month', ts) = DATE_TRUNC('month', NOW())
                    """,
                    (user_id,),
                )
                total_kwh = float(cur.fetchone()[0] or 0.0)
        est_cost = total_kwh * price_per_kwh
        return jsonify({
            "user_id": user_id,
            "month": datetime.utcnow().strftime("%Y-%m"),
            "total_kwh": total_kwh,
            "price_per_kwh": price_per_kwh,
            "estimated_cost": est_cost
        }), 200
    except Exception as e:
        return jsonify({"error": str(e)}), 500


# New: consumption history endpoint
@app.get("/api/consumption/history")
def consumption_history():
    try:
        user_id = get_current_user_id()
        range_param = request.args.get("range")
        limit_param = request.args.get("limit")
        limit_val = None
        if limit_param:
            try:
                limit_val = max(1, min(5000, int(limit_param)))
            except Exception:
                limit_val = None
        if not range_param and not limit_val:
            range_param = "24h"
        with get_db_conn() as conn:
            with conn.cursor() as cur:
                if limit_val is not None:
                    print(f"DEBUG: Using limit mode with limit_val={limit_val}, user_id={user_id}")
                    cur.execute(
                        """
                        SELECT ts, consumption_kwh
                        FROM meter_readings
                        WHERE user_id = %s
                        ORDER BY ts DESC
                        LIMIT %s
                        """,
                        (user_id, limit_val),
                    )
                    rows = cur.fetchall()
                    print(f"DEBUG: Fetched {len(rows)} rows from database")
                    # reverse to chronological order
                    rows = rows[::-1]
                elif range_param == "24h":
                    cur.execute(
                        """
                        SELECT ts, consumption_kwh
                        FROM meter_readings
                        WHERE user_id = %s AND ts >= NOW() - INTERVAL '24 hours'
                        ORDER BY ts
                        """,
                        (user_id,),
                    )
                else:
                    cur.execute(
                        """
                        SELECT ts, consumption_kwh
                        FROM meter_readings
                        WHERE user_id = %s AND ts >= NOW() - INTERVAL '7 days'
                        ORDER BY ts
                        """,
                        (user_id,),
                    )
                rows = cur.fetchall()
                series = [{"timestamp": r[0].isoformat(), "kwh": float(r[1])} for r in rows]
                return jsonify({"range": range_param, "limit": limit_val, "series": series}), 200
    except Exception as e:
        return jsonify({"error": str(e)}), 500


def _read_pid():
    if os.path.exists(PID_FILE):
        with open(PID_FILE, "r") as f:
            try:
                return int(f.read().strip())
            except Exception:
                return None
    return None


def _write_pid(pid: int):
    with open(PID_FILE, "w") as f:
        f.write(str(pid))


def _clear_pid():
    if os.path.exists(PID_FILE):
        os.remove(PID_FILE)

def _read_model_pid():
    if os.path.exists(MODEL_PID_FILE):
        with open(MODEL_PID_FILE, "r") as f:
            try:
                return int(f.read().strip())
            except Exception:
                return None
    return None

def _write_model_pid(pid: int):
    with open(MODEL_PID_FILE, "w") as f:
        f.write(str(pid))

def _clear_model_pid():
    if os.path.exists(MODEL_PID_FILE):
        os.remove(MODEL_PID_FILE)

def _read_last_retrain_ts():
    if os.path.exists(MODEL_LAST_FILE):
        try:
            with open(MODEL_LAST_FILE, 'r') as f:
                return f.read().strip()
        except Exception:
            return None
    return None

def _write_last_retrain_ts():
    with open(MODEL_LAST_FILE, 'w') as f:
        f.write(datetime.utcnow().isoformat())


@app.post("/api/sim/start")
def start_sim():
    user_id = get_current_user_id()
    existing = _read_pid()
    if existing and _process_alive(existing):
        return jsonify({"status": "already_running", "pid": existing}), 200
    try:
        if not os.path.exists(SIM_SCRIPT):
            return jsonify({"error": f"meter_sim.py not found at {SIM_SCRIPT}"}), 400
        log_fp = open(LOG_FILE, "a")
        env = os.environ.copy()
        env.setdefault("USER_ID", str(user_id))
        proc = subprocess.Popen([sys.executable, SIM_SCRIPT], stdout=log_fp, stderr=log_fp, cwd=os.path.dirname(__file__), env=env)
        _write_pid(proc.pid)
        # If the process exited immediately, surface error
        ret = proc.poll()
        if ret is not None:
            try:
                with open(LOG_FILE, "r") as lf:
                    tail = lf.readlines()[-20:]
            except Exception:
                tail = []
            return jsonify({"error": "simulation process exited immediately", "returncode": ret, "log_tail": tail}), 500
        return jsonify({"status": "started", "pid": proc.pid, "user_id": user_id}), 200
    except Exception as e:
        return jsonify({"error": str(e)}), 500


@app.post("/api/sim/stop")
def stop_sim():
    pid = _read_pid()
    if not pid:
        return jsonify({"status": "not_running"}), 200
    try:
        os.kill(pid, signal.SIGTERM)
        _clear_pid()
        return jsonify({"status": "stopped"}), 200
    except ProcessLookupError:
        _clear_pid()
        return jsonify({"status": "not_running"}), 200
    except Exception as e:
        return jsonify({"error": str(e)}), 500


@app.get("/api/sim/status")
def sim_status():
    pid = _read_pid()
    running = bool(pid and _process_alive(pid))
    return jsonify({"running": running, "pid": pid}), 200


def _process_alive(pid: int) -> bool:
    try:
        os.kill(pid, 0)
        return True
    except Exception:
        return False


# --- Model retrain endpoints ---
@app.post("/api/model/retrain")
def retrain_model():
    user_id = get_current_user_id()
    existing = _read_model_pid()
    if existing and _process_alive(existing):
        return jsonify({"status": "already_running", "pid": existing}), 200
    try:
        if not os.path.exists(MODEL_SCRIPT):
            return jsonify({"error": f"model.py not found at {MODEL_SCRIPT}"}), 400
        log_fp = open(MODEL_LOG_FILE, "a")
        env = os.environ.copy()
        env.setdefault("USER_ID", str(user_id))  # Use authenticated user
        proc = subprocess.Popen([sys.executable, MODEL_SCRIPT], stdout=log_fp, stderr=log_fp, cwd=os.path.dirname(__file__), env=env)
        _write_model_pid(proc.pid)
        return jsonify({"status": "started", "pid": proc.pid, "user_id": user_id}), 200
    except Exception as e:
        return jsonify({"error": str(e)}), 500


@app.get("/api/model/status")
def model_status():
    pid = _read_model_pid()
    running = bool(pid and _process_alive(pid))
    last = _read_last_retrain_ts()
    return jsonify({"running": running, "pid": pid, "last_retrain": last}), 200


# --- Prediction & Forecast ---
def _load_models(user_id: str):
    base = joblib.load(BASE_MODEL_FILE)
    user_path = os.path.join(os.path.dirname(__file__), f"user_model_{user_id}.pkl")
    user = None
    if os.path.exists(user_path):
        try:
            user = joblib.load(user_path)
        except Exception:
            user = None
    return base, user


def _hybrid_predict(user_id: str, month: int, day_of_week: int, hour: int) -> float:
    # Delegate to model.hybrid_predict which already normalizes feature names/order
    y = model_hybrid_predict(user_id, month, day_of_week, hour)
    return float(y)


@app.post("/api/predict")
def predict():
    data = request.get_json(force=True)
    user_id = get_current_user_id()
    month = int(data.get("month"))
    dow = int(data.get("day_of_week"))
    hour = int(data.get("hour"))
    try:
        y = _hybrid_predict(user_id, month, dow, hour)
        return jsonify({"user_id": user_id, "prediction_kwh": y}), 200
    except Exception as e:
        return jsonify({"error": str(e)}), 500


@app.get("/api/forecast/next24")
def forecast_next24():
    user_id = get_current_user_id()
    # Use timezone-aware UTC
    try:
        from datetime import UTC as _UTC
        now = datetime.now(_UTC)
    except Exception:
        # Fallback for older Python
        now = datetime.utcnow()
    try:
        start_dt = now.replace(minute=0, second=0, microsecond=0)
    except Exception:
        start_dt = None

    out = []
    errors = []
    try:
        out = forecast_next24_series(user_id, start_dt=start_dt)
    except Exception as e:
        errors.append({"error": str(e)})
    # Always return 200 with whatever succeeded plus errors for the UI to handle gracefully
    total = float(sum(item["kwh"] for item in out)) if out else 0.0
    peak = max(out, key=lambda d: d["kwh"]) if out else None
    return jsonify({
        "series": out,
        "total_kwh": total,
        "peak_kwh": peak["kwh"] if peak else 0,
        "peak_hour": peak["hour"] if peak else None,
        "errors": errors
    }), 200


# --- Authentication Routes ---
@app.post("/api/auth/signup")
def signup():
    data = request.get_json(force=True)
    email = data.get('email')
    password = data.get('password')
    first_name = data.get('first_name', '')
    last_name = data.get('last_name', '')
    
    if not email or not password:
        return jsonify({"error": "Email and password are required"}), 400
    
    try:
        with get_db_conn() as conn:
            with conn.cursor() as cur:
                # Check if user already exists
                cur.execute("SELECT id FROM users WHERE email = %s", (email,))
                if cur.fetchone():
                    return jsonify({"error": "User already exists"}), 409
                
                # Hash password
                password_hash = generate_password_hash(password)
                
                # Generate salt (werkzeug's generate_password_hash includes salt in the hash)
                # For compatibility with existing schema, we'll generate a separate salt
                import secrets
                salt = secrets.token_hex(16)
                
                # Create new user
                cur.execute(
                    """INSERT INTO users (email, password_hash, salt, first_name, last_name, 
                       created_at, updated_at) VALUES (%s, %s, %s, %s, %s, NOW(), NOW()) RETURNING id""",
                    (email, password_hash, salt, first_name, last_name)
                )
                user_id = cur.fetchone()[0]
                conn.commit()
                
                # Set session
                session['user_id'] = user_id
                session['email'] = email
                session['first_name'] = first_name
                session['last_name'] = last_name
                
                # Generate a fresh blockchain wallet for the new user
                try:
                    acct = Account.create()
                    session['wallet_address'] = acct.address
                    session['wallet_private_key'] = acct.key.hex()
                    
                    # Mint INITIAL SIGNUP TOKENS (one-time only)
                    initial_tokens = int(os.getenv('INITIAL_TOKENS', '10000'))
                    print(f"NEW USER SIGNUP: Minting {initial_tokens} tokens to {acct.address}")
                    mint_res = blockchain_manager.mint_kwh_tokens(
                        acct.address,
                        initial_tokens,
                        execute=True
                    )
                    if mint_res.get('success'):
                        print(f"✓ Signup bonus: {initial_tokens} tokens minted")
                        session['signup_tokens_minted'] = True
                        
                        # Save wallet address and initial balance to database
                        save_user_token_balance(user_id, acct.address, initial_tokens)
                    else:
                        print(f"✗ Failed to mint signup tokens: {mint_res.get('error')}")
                        session['signup_tokens_minted'] = False
                except Exception as e:
                    print(f"✗ Error during signup wallet creation: {e}")
                    session['wallet_address'] = None
                    session['wallet_private_key'] = None
                    session['signup_tokens_minted'] = False
                
                return jsonify({
                    "message": "User created successfully",
                    "user_id": user_id,
                    "email": email,
                    "first_name": first_name,
                    "last_name": last_name,
                    "wallet_address": session.get('wallet_address'),
                    "initial_tokens": initial_tokens if session.get('signup_tokens_minted') else 0
                }), 201
    except Exception as e:
        return jsonify({"error": str(e)}), 500


@app.post("/api/auth/login")
def login():
    data = request.get_json(force=True)
    email = data.get('email')
    password = data.get('password')
    
    print(f"DEBUG: Login attempt for email: {email}")
    print(f"DEBUG: Session before login: {dict(session)}")
    
    if not email or not password:
        return jsonify({"error": "Email and password are required"}), 400
    
    try:
        with get_db_conn() as conn:
            with conn.cursor() as cur:
                # Get user by email
                cur.execute(
                    "SELECT id, password_hash, first_name, last_name FROM users WHERE email = %s",
                    (email,)
                )
                user = cur.fetchone()
                
                if not user:
                    print(f"DEBUG: User not found for email: {email}")
                    return jsonify({"error": "Invalid credentials"}), 401
                
                user_id, password_hash, first_name, last_name = user
                
                # Check password
                if not check_password_hash(password_hash, password):
                    print(f"DEBUG: Invalid password for user: {email}")
                    return jsonify({"error": "Invalid credentials"}), 401
                
                # Set session
                session['user_id'] = user_id
                session['email'] = email
                session['first_name'] = first_name
                session['last_name'] = last_name

                # Check if user already has a stored wallet address
                cur.execute(
                    "SELECT wallet_address FROM users WHERE id = %s",
                    (user_id,)
                )
                stored_wallet_row = cur.fetchone()
                stored_wallet = stored_wallet_row[0] if stored_wallet_row else None
                
                # Reuse existing wallet or create new one
                try:
                    if stored_wallet:
                        # Reuse existing wallet address (create new private key - ephemeral)
                        print(f"Login: Reusing stored wallet {stored_wallet}")
                        session['wallet_address'] = stored_wallet
                        # Create ephemeral private key (won't be used for signing)
                        acct = Account.create()
                        session['wallet_private_key'] = acct.key.hex()
                    else:
                        # Create first-time wallet and store it
                        acct = Account.create()
                        session['wallet_address'] = acct.address
                        session['wallet_private_key'] = acct.key.hex()
                        print(f"Login: Created NEW wallet {acct.address} (will be stored)")
                        
                        # Store wallet address in database
                        cur.execute(
                            "UPDATE users SET wallet_address = %s WHERE id = %s",
                            (acct.address, user_id)
                        )
                        conn.commit()
                    
                    # Restore user's token balance from database to blockchain
                    print(f"Restoring balance for user {user_id}...")
                    restore_user_blockchain_balance(user_id, session['wallet_address'])
                    
                except Exception as e:
                    print(f"Warning: Could not create wallet: {e}")
                    session['wallet_address'] = None
                    session['wallet_private_key'] = None

                print(f"DEBUG: Login successful for user: {email}, user_id: {user_id}")
                print(f"DEBUG: Session after login: {dict(session)}")

                # Force session save
                session.permanent = True

                response = jsonify({
                    "message": "Login successful",
                    "user_id": user_id,
                    "email": email,
                    "first_name": first_name,
                    "last_name": last_name,
                    "wallet_address": session.get('wallet_address')
                })

                return response, 200
    except Exception as e:
        print(f"DEBUG: Login error: {str(e)}")
        return jsonify({"error": str(e)}), 500


@app.post("/api/auth/logout")
def logout():
    session.clear()
    return jsonify({"message": "Logged out successfully"}), 200


@app.get("/api/wallet/session")
def get_session_wallet():
    if 'user_id' not in session:
        return jsonify({"authenticated": False}), 401
    addr = session.get('wallet_address')
    if not addr:
        try:
            acct = Account.create()
            session['wallet_address'] = acct.address
            session['wallet_private_key'] = acct.key.hex()
            addr = acct.address
        except Exception:
            addr = None
    return jsonify({"address": addr}), 200

@app.get('/api/wallet/token-balance')
def token_balance():
    """Return KWh token balance for current session wallet"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
    
    addr = session.get('wallet_address')
    if not addr:
        return jsonify({"success": False, "error": "No wallet address in session"}), 400
    
    try:
        bal = blockchain_manager.get_kwh_balance(addr)
        return jsonify({"success": True, "address": addr, "balance": bal})
    except Exception as e:
        return jsonify({"success": False, "error": str(e)}), 500

@app.get('/api/tokens/stats')
def token_stats():
    """Get comprehensive token statistics for the current user"""
    if not session.get('user_id'):
        return jsonify({"success": False, "error": "Authentication required"}), 401
    
    addr = session.get('wallet_address')
    if not addr:
        return jsonify({"success": False, "error": "No wallet address in session"}), 400
    
    try:
        # Get current balance
        balance = blockchain_manager.get_kwh_balance(addr)
        
        # Calculate token value (mock for now, could be from oracle)
        token_price_usd = float(os.getenv('TOKEN_PRICE_USD', '0.16'))
        token_price_inr = float(os.getenv('TOKEN_PRICE_INR', '13.30'))  # ~83 INR/USD
        total_value_usd = balance * token_price_usd
        total_value_inr = balance * token_price_inr
        
        # Get user's trading history from orders
        orders = _load_orders()
        user_trades = [
            o for o in orders 
            if o.get('status') == 'filled' and 
            (o.get('buyer') == addr or o.get('seller') == addr or o.get('created_by') == addr)
        ]
        
        # Calculate earnings and spending
        tokens_earned = sum(
            float(o.get('amount_kwh', 0)) 
            for o in user_trades 
            if (o.get('type') == 'sell' and o.get('created_by') == addr) or 
               (o.get('type') == 'buy' and o.get('seller') == addr)
        )
        
        tokens_spent = sum(
            float(o.get('amount_kwh', 0)) 
            for o in user_trades 
            if (o.get('type') == 'buy' and o.get('created_by') == addr) or 
               (o.get('type') == 'sell' and o.get('buyer') == addr)
        )
        
        # Recent transactions (last 10)
        recent_trades = sorted(
            user_trades,
            key=lambda x: x.get('filled_at', 0),
            reverse=True
        )[:10]
        
        return jsonify({
            "success": True,
            "balance": balance,
            "token_price_usd": token_price_usd,
            "token_price_inr": token_price_inr,
            "total_value_usd": total_value_usd,
            "total_value_inr": total_value_inr,
            "tokens_earned": tokens_earned,
            "tokens_spent": tokens_spent,
            "net_tokens": tokens_earned - tokens_spent,
            "total_trades": len(user_trades),
            "recent_transactions": [
                {
                    "id": t.get('id'),
                    "type": "earned" if (t.get('type') == 'sell' and t.get('created_by') == addr) or 
                                        (t.get('type') == 'buy' and t.get('seller') == addr) else "spent",
                    "amount": float(t.get('amount_kwh', 0)),
                    "timestamp": t.get('filled_at'),
                    "description": f"Energy {'sale' if t.get('type') == 'sell' else 'purchase'}",
                    "tx_hash": t.get('transfer_tx', '')
                }
                for t in recent_trades
            ]
        })
    except Exception as e:
        print(f"Error getting token stats: {e}")
        return jsonify({"success": False, "error": str(e)}), 500


@app.get("/api/auth/session")
def get_session():
    print(f"DEBUG: Session check - session data: {dict(session)}")
    print(f"DEBUG: Request cookies: {request.cookies}")
    print(f"DEBUG: Request headers: {dict(request.headers)}")
    print(f"DEBUG: Request origin: {request.origin}")
    if 'user_id' in session:
        print(f"DEBUG: User authenticated - user_id: {session['user_id']}")
        return jsonify({
            "authenticated": True,
            "user_id": session['user_id'],
            "email": session['email'],
            "first_name": session['first_name'],
            "last_name": session['last_name']
        }), 200
    else:
        print(f"DEBUG: User not authenticated")
        return jsonify({"authenticated": False}), 200


def get_current_user_id():
    """Helper function to get current user ID from session"""
    return session.get('user_id', 1)  # Fallback to user ID 1 for backward compatibility


# Serve the main HTML file
@app.route('/')
def serve_index():
    print(f"DEBUG: Root route accessed - session: {dict(session)}")
    # Check if user is authenticated
    if 'user_id' in session:
        print(f"DEBUG: User authenticated, serving index3.html")
        return send_from_directory('.', 'index3.html')
    else:
        print(f"DEBUG: User not authenticated, redirecting to login")
        return redirect(url_for('serve_login'))

# Serve the login page
@app.route('/login')
def serve_login():
    print(f"DEBUG: Login route accessed - session: {dict(session)}")
    return send_from_directory('.', 'login.html')


# Serve static files (CSS, JS)
@app.route('/<path:filename>')
def serve_static(filename):
    # Allow access to login page and auth-related files without authentication
    if filename in ['login.html', 'styles.css', 'app.js'] or filename.startswith('api/auth/'):
        return send_from_directory('.', filename)
    
    # Protect main application files - require authentication
    if filename in ['index3.html'] and 'user_id' not in session:
        return redirect(url_for('serve_login'))
    
    return send_from_directory('.', filename)


if __name__ == "__main__":
    # Background thread to auto-retrain monthly
    def auto_retrain_loop():
        while True:
            try:
                last = _read_last_retrain_ts()
                now = datetime.utcnow()
                needs = False
                if not last:
                    needs = True
                else:
                    try:
                        last_dt = datetime.fromisoformat(last)
                        if (last_dt.year, last_dt.month) != (now.year, now.month):
                            needs = True
                    except Exception:
                        needs = True
                if needs and _read_model_pid() is None:
                    # Trigger retrain
                    try:
                        log_fp = open(MODEL_LOG_FILE, "a")
                        env = os.environ.copy()
                        env.setdefault("USER_ID", "user_001")
                        proc = subprocess.Popen([sys.executable, MODEL_SCRIPT], stdout=log_fp, stderr=log_fp, cwd=os.path.dirname(__file__), env=env)
                        _write_model_pid(proc.pid)
                    except Exception:
                        pass
                # Cleanup finished model process and set last retrain
                mpid = _read_model_pid()
                if mpid and not _process_alive(mpid):
                    _clear_model_pid()
                    _write_last_retrain_ts()
            except Exception:
                pass
            time.sleep(3600)

    threading.Thread(target=auto_retrain_loop, daemon=True).start()
    
    # Open browser automatically
    def open_browser():
        time.sleep(1.5)  # Wait for server to start
        webbrowser.open('http://localhost:5001')
    
    threading.Thread(target=open_browser, daemon=True).start()
    
    port = int(os.getenv('PORT', '5001'))
    app.run(host="0.0.0.0", port=port, debug=True)