Update app.py

app.py

@@ -1,5 +1,7 @@
-from fastapi import FastAPI, HTTPException, status, BackgroundTasks  
-from fastapi.responses import StreamingResponse, JSONResponse  
+from fastapi import FastAPI, HTTPException, status, BackgroundTasks, Request, Form, Cookie, Depends  
+from fastapi.responses import StreamingResponse, JSONResponse, HTMLResponse, RedirectResponse  
+from fastapi.templating import Jinja2Templates  
+from fastapi.staticfiles import StaticFiles  
 import requests  
 import os  
 import time  
@@ -7,9 +9,11 @@ import logging
 import random  
 import json  
 from datetime import datetime, timedelta  
-import hashlib  
 import re  
 from urllib.parse import quote  
+from typing import Optional  
+import secrets  
+from pathlib import Path  
 
 # Configure logging  
 logging.basicConfig(  
@@ -18,32 +22,271 @@ logging.basicConfig(
 )  
 logger = logging.getLogger(__name__)  
 
-app = FastAPI(title="Instagram Stories API", docs_url=None, redoc_url=None)  
+app = FastAPI(title="Instagram Stories API")  
 
-# Environment variables  
-INSTAGRAM_USERNAME = os.getenv('INSTAGRAM_USERNAME')  
-INSTAGRAM_PASSWORD = os.getenv('INSTAGRAM_PASSWORD')  
+# Create templates and static directories  
+templates_dir = Path("templates")  
+templates_dir.mkdir(exist_ok=True)  
+static_dir = Path("static")  
+static_dir.mkdir(exist_ok=True)  
+
+# Create template files  
+login_template = """  
+<!DOCTYPE html>  
+<html>  
+<head>  
+    <title>Instagram Login</title>  
+    <style>  
+        body {  
+            font-family: Arial, sans-serif;  
+            max-width: 500px;  
+            margin: 0 auto;  
+            padding: 20px;  
+        }  
+        .container {  
+            background-color: #fff;  
+            border-radius: 8px;  
+            box-shadow: 0 2px 10px rgba(0,0,0,0.1);  
+            padding: 25px;  
+        }  
+        h1 {  
+            color: #262626;  
+            text-align: center;  
+        }  
+        .form-group {  
+            margin-bottom: 15px;  
+        }  
+        label {  
+            display: block;  
+            margin-bottom: 5px;  
+            font-weight: bold;  
+        }  
+        input[type="text"], input[type="password"] {  
+            width: 100%;  
+            padding: 10px;  
+            border: 1px solid #dbdbdb;  
+            border-radius: 3px;  
+            box-sizing: border-box;  
+        }  
+        .btn {  
+            background-color: #0095f6;  
+            border: none;  
+            color: white;  
+            padding: 10px 15px;  
+            border-radius: 4px;  
+            cursor: pointer;  
+            font-weight: bold;  
+            width: 100%;  
+        }  
+        .btn:hover {  
+            background-color: #0086e0;  
+        }  
+        .status {  
+            margin-top: 20px;  
+            padding: 10px;  
+            border-radius: 4px;  
+        }  
+        .success {  
+            background-color: #e8f5e9;  
+            color: #388e3c;  
+        }  
+        .error {  
+            background-color: #ffebee;  
+            color: #d32f2f;  
+        }  
+    </style>  
+</head>  
+<body>  
+    <div class="container">  
+        <h1>Instagram Login</h1>  
+        <p>Enter your Instagram credentials to access the API. Your credentials are only used to establish a session and are not stored on the server.</p>  
+        
+        {% if message %}  
+            <div class="status {% if success %}success{% else %}error{% endif %}">  
+                {{ message }}  
+            </div>  
+        {% endif %}  
+        
+        <form method="post" action="/login">  
+            <div class="form-group">  
+                <label for="username">Username</label>  
+                <input type="text" id="username" name="username" required>  
+            </div>  
+            <div class="form-group">  
+                <label for="password">Password</label>  
+                <input type="password" id="password" name="password" required>  
+            </div>  
+            <button type="submit" class="btn">Log In</button>  
+        </form>  
+    </div>  
+</body>  
+</html>  
+"""  
+
+status_template = """  
+<!DOCTYPE html>  
+<html>  
+<head>  
+    <title>Instagram API Status</title>  
+    <style>  
+        body {  
+            font-family: Arial, sans-serif;  
+            max-width: 700px;  
+            margin: 0 auto;  
+            padding: 20px;  
+        }  
+        .container {  
+            background-color: #fff;  
+            border-radius: 8px;  
+            box-shadow: 0 2px 10px rgba(0,0,0,0.1);  
+            padding: 25px;  
+        }  
+        h1, h2 {  
+            color: #262626;  
+        }  
+        h1 {  
+            text-align: center;  
+        }  
+        .status-badge {  
+            display: inline-block;  
+            padding: 5px 10px;  
+            border-radius: 4px;  
+            font-weight: bold;  
+            margin-left: 10px;  
+        }  
+        .connected {  
+            background-color: #e8f5e9;  
+            color: #388e3c;  
+        }  
+        .disconnected {  
+            background-color: #ffebee;  
+            color: #d32f2f;  
+        }  
+        .info-box {  
+            background-color: #f5f5f5;  
+            border-radius: 4px;  
+            padding: 15px;  
+            margin: 15px 0;  
+        }  
+        .btn {  
+            background-color: #0095f6;  
+            border: none;  
+            color: white;  
+            padding: 10px 15px;  
+            border-radius: 4px;  
+            text-decoration: none;  
+            display: inline-block;  
+            margin-right: 10px;  
+            margin-top: 10px;  
+            font-weight: bold;  
+        }  
+        .btn:hover {  
+            background-color: #0086e0;  
+        }  
+        table {  
+            width: 100%;  
+            border-collapse: collapse;  
+            margin-top: 15px;  
+        }  
+        th, td {  
+            text-align: left;  
+            padding: 8px;  
+            border-bottom: 1px solid #ddd;  
+        }  
+        th {  
+            background-color: #f8f9fa;  
+        }  
+    </style>  
+</head>  
+<body>  
+    <div class="container">  
+        <h1>Instagram API Status</h1>  
+        
+        <h2>Connection Status   
+            {% if session_valid %}  
+                <span class="status-badge connected">Connected</span>  
+            {% else %}  
+                <span class="status-badge disconnected">Disconnected</span>  
+            {% endif %}  
+        </h2>  
+        
+        <div class="info-box">  
+            {% if session_valid %}  
+                <p>✅ You are currently logged in as <strong>{{ username }}</strong></p>  
+                <p>Session will expire: {{ session_expires }}</p>  
+            {% else %}  
+                <p>❌ No active Instagram session</p>  
+                <p>Please login to use the API with full functionality</p>  
+            {% endif %}  
+        </div>  
+        
+        <a href="/login" class="btn">{% if session_valid %}Re-Login{% else %}Login{% endif %}</a>  
+        {% if session_valid %}  
+            <a href="/logout" class="btn" style="background-color: #f44336;">Logout</a>  
+        {% endif %}  
+        
+        <h2>API Endpoints</h2>  
+        <table>  
+            <tr>  
+                <th>Endpoint</th>  
+                <th>Description</th>  
+            </tr>  
+            <tr>  
+                <td><code>/stories/{username}</code></td>  
+                <td>Get stories for a user</td>  
+            </tr>  
+            <tr>  
+                <td><code>/download/{url}</code></td>  
+                <td>Download media from a URL</td>  
+            </tr>  
+            <tr>  
+                <td><code>/status</code></td>  
+                <td>View API status and session info</td>  
+            </tr>  
+        </table>  
+        
+        {% if cache_info %}  
+        <h2>Cache Status</h2>  
+        <div class="info-box">  
+            <p>Cached users: {{ cache_info.count }}</p>  
+            <p>Total items: {{ cache_info.items }}</p>  
+        </div>  
+        {% endif %}  
+    </div>  
+</body>  
+</html>  
+"""  
+
+# Write templates to files  
+with open(templates_dir / "login.html", "w") as f:  
+    f.write(login_template)  
+
+with open(templates_dir / "status.html", "w") as f:  
+    f.write(status_template)  
+
+# Set up templates and static files  
+templates = Jinja2Templates(directory=str(templates_dir))  
+app.mount("/static", StaticFiles(directory=str(static_dir)), name="static")  
 
 # Configuration  
 CACHE_DIR = "/tmp/instagram_cache"  
-COOKIE_FILE = "/tmp/instagram_cookies.json"  
+COOKIES_FILE = "/tmp/instagram_cookies.json"  
+SESSION_KEY = secrets.token_hex(16)  # For securing session  
 os.makedirs(CACHE_DIR, exist_ok=True)  
 
-# Cache state  
+# Session and cache state  
+IG_SESSION = None  
+IG_SESSION_USERNAME = None  
+IG_SESSION_EXPIRY = None  
 STORY_CACHE = {}  
 CACHE_EXPIRY = {}  
-RATE_LIMITS = {}  
-
-# Session state  
-SESSION = None  
-SESSION_LAST_REFRESH = None  
+LAST_REQUEST = {}  
 
 # User agents  
 USER_AGENTS = [  
-    "Mozilla/5.0 (iPhone; CPU iPhone OS 16_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Mobile/15E148 Safari/604.1",  
-    "Mozilla/5.0 (iPad; CPU OS 16_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Mobile/15E148 Safari/604.1",  
-    "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/116.0.5845.0 Mobile/15E148 Safari/604.1",  
-    "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Mobile/15E148 Safari/604.1"  
+    "Mozilla/5.0 (iPhone; CPU iPhone OS 16_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Mobile/15E148 Safari/604.1",  
+    "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15",  
+    "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"  
 ]  
 
 def get_cache_key(username):  
@@ -81,85 +324,72 @@ def save_to_cache(username, data, minutes=30):
     except Exception as e:  
         logger.warning(f"Failed to save cache: {str(e)}")  
 
-def is_rate_limited(username):  
-    """Check if we should rate limit this request"""  
-    # Check rate limits  
+def should_rate_limit_request(username):  
+    """Basic rate limiting check"""  
     key = username.lower()  
-    if key in RATE_LIMITS:  
-        if datetime.now() < RATE_LIMITS[key]["until"]:  
-            seconds = (RATE_LIMITS[key]["until"] - datetime.now()).total_seconds()  
-            logger.warning(f"Rate limited {username} for {int(seconds)}s")  
+    now = datetime.now()  
+    
+    if key in LAST_REQUEST:  
+        seconds_since = (now - LAST_REQUEST[key]).total_seconds()  
+        if seconds_since < 60:  # 1 minute between requests  
+            logger.warning(f"Rate limiting {username}: {seconds_since:.1f}s since last request")  
             return True  
-        else:  
-            # Expired rate limit  
-            RATE_LIMITS.pop(key)  
+    
+    LAST_REQUEST[key] = now  
     return False  
 
-def set_rate_limit(username, minutes=15):  
-    """Set rate limiting for a username"""  
-    key = username.lower()  
-    RATE_LIMITS[key] = {  
-        "until": datetime.now() + timedelta(minutes=minutes),  
-        "requests": 0  
-    }  
-    logger.warning(f"Setting rate limit for {username} for {minutes} minutes")  
-
 def get_instagram_session():  
-    """Get or create an Instagram session"""  
-    global SESSION, SESSION_LAST_REFRESH  
+    """Get current Instagram session"""  
+    global IG_SESSION, IG_SESSION_EXPIRY  
     
-    # Create new session if none exists or it's older than 30 minutes  
-    if (SESSION is None or   
-        SESSION_LAST_REFRESH is None or   
-        (datetime.now() - SESSION_LAST_REFRESH).total_seconds() > 1800):  
-        
-        SESSION = requests.Session()  
-        SESSION.headers.update({  
-            'User-Agent': random.choice(USER_AGENTS),  
-            'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8',  
-            'Accept-Language': 'en-US,en;q=0.5',  
-            'Accept-Encoding': 'gzip, deflate, br',  
-            'Connection': 'keep-alive',  
-            'Upgrade-Insecure-Requests': '1',  
-            'Sec-Fetch-Dest': 'document',  
-            'Sec-Fetch-Mode': 'navigate',  
-            'Sec-Fetch-Site': 'none',  
-            'Sec-Fetch-User': '?1',  
-            'TE': 'trailers',  
-        })  
-        
-        # Load cookies if available  
-        if os.path.exists(COOKIE_FILE):  
+    # Check if session is still valid  
+    if IG_SESSION is None or IG_SESSION_EXPIRY is None or datetime.now() > IG_SESSION_EXPIRY:  
+        # Try to load from file  
+        if os.path.exists(COOKIES_FILE):  
             try:  
-                with open(COOKIE_FILE, 'r') as f:  
-                    cookies = json.load(f)  
+                with open(COOKIES_FILE, 'r') as f:  
+                    data = json.load(f)  
                     
-                for cookie in cookies:  
-                    SESSION.cookies.set(cookie['name'], cookie['value'])  
+                if 'expires' in data and datetime.fromisoformat(data['expires']) > datetime.now():  
+                    IG_SESSION = requests.Session()  
                     
-                logger.info("Loaded cookies from file")  
-            except Exception as e:  
-                logger.warning(f"Failed to load cookies: {str(e)}")  
-        
-        SESSION_LAST_REFRESH = datetime.now()  
-        
-        # Try to log in if we have credentials  
-        if not any(c.name == 'sessionid' for c in SESSION.cookies) and INSTAGRAM_USERNAME and INSTAGRAM_PASSWORD:  
-            try:  
-                login_instagram()  
+                    # Set cookies  
+                    for cookie in data['cookies']:  
+                        IG_SESSION.cookies.set(  
+                            cookie['name'],   
+                            cookie['value'],  
+                            domain=cookie.get('domain', '.instagram.com')  
+                        )  
+                    
+                    # Set expiry  
+                    IG_SESSION_EXPIRY = datetime.fromisoformat(data['expires'])  
+                    global IG_SESSION_USERNAME  
+                    IG_SESSION_USERNAME = data.get('username', 'unknown')  
+                    
+                    logger.info(f"Loaded Instagram session for {IG_SESSION_USERNAME}")  
+                    return IG_SESSION  
+                else:  
+                    logger.warning("Saved session expired, needs new login")  
             except Exception as e:  
-                logger.error(f"Login failed: {str(e)}")  
+                logger.error(f"Failed to load cookies: {str(e)}")  
     
-    return SESSION  
-
-def save_cookies():  
-    """Save session cookies to file"""  
-    if SESSION is None:  
-        return  
+    # Return existing session if valid  
+    if IG_SESSION is not None and IG_SESSION_EXPIRY is not None and datetime.now() < IG_SESSION_EXPIRY:  
+        return IG_SESSION  
         
+    return None  
+
+def save_instagram_session(session, username, days=7):  
+    """Save Instagram session cookies"""  
+    global IG_SESSION, IG_SESSION_EXPIRY, IG_SESSION_USERNAME  
+    
+    IG_SESSION = session  
+    IG_SESSION_EXPIRY = datetime.now() + timedelta(days=days)  
+    IG_SESSION_USERNAME = username  
+    
     try:  
         cookies = []  
-        for cookie in SESSION.cookies:  
+        for cookie in session.cookies:  
             cookies.append({  
                 'name': cookie.name,  
                 'value': cookie.value,  
@@ -167,166 +397,253 @@ def save_cookies():
                 'path': cookie.path  
             })  
             
-        with open(COOKIE_FILE, 'w') as f:  
-            json.dump(cookies, f)  
+        with open(COOKIES_FILE, 'w') as f:  
+            json.dump({  
+                'cookies': cookies,  
+                'expires': IG_SESSION_EXPIRY.isoformat(),  
+                'username': username  
+            }, f)  
             
-        logger.info("Saved cookies to file")  
+        logger.info(f"Saved Instagram session for {username}")  
+        return True  
     except Exception as e:  
-        logger.warning(f"Failed to save cookies: {str(e)}")  
+        logger.error(f"Failed to save cookies: {str(e)}")  
+        return False  
 
-def login_instagram():  
-    """Log in to Instagram"""  
-    if not INSTAGRAM_USERNAME or not INSTAGRAM_PASSWORD:  
-        logger.error("Instagram credentials not configured")  
-        raise Exception("Instagram credentials required")  
-        
-    session = get_instagram_session()  
+def clear_instagram_session():  
+    """Clear Instagram session"""  
+    global IG_SESSION, IG_SESSION_EXPIRY, IG_SESSION_USERNAME  
+    
+    IG_SESSION = None  
+    IG_SESSION_EXPIRY = None  
+    IG_SESSION_USERNAME = None  
+    
+    if os.path.exists(COOKIES_FILE):  
+        try:  
+            os.remove(COOKIES_FILE)  
+            logger.info("Removed Instagram session cookies")  
+        except Exception as e:  
+            logger.error(f"Failed to remove cookies file: {str(e)}")  
+
+def login_to_instagram(username, password):  
+    """Login to Instagram and save session"""  
+    session = requests.Session()  
+    
+    # Set up headers for web request  
+    session.headers.update({  
+        'User-Agent': random.choice(USER_AGENTS),  
+        'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8',  
+        'Accept-Language': 'en-US,en;q=0.5',  
+        'Accept-Encoding': 'gzip, deflate, br',  
+        'DNT': '1',  
+        'Connection': 'keep-alive',  
+        'Upgrade-Insecure-Requests': '1',  
+        'Sec-Fetch-Dest': 'document',  
+        'Sec-Fetch-Mode': 'navigate',  
+        'Sec-Fetch-Site': 'none',  
+        'Sec-Fetch-User': '?1',  
+    })  
     
-    # First get the login page to get the CSRF token  
     try:  
-        resp = session.get('https://www.instagram.com/accounts/login/')  
-        time.sleep(random.uniform(1, 3))  
+        # First get the login page to get CSRF token  
+        response = session.get('https://www.instagram.com/accounts/login/')  
+        
+        # Wait a bit to look natural  
+        time.sleep(random.uniform(1, 2))  
         
-        # Extract CSRF token  
+        # Extract CSRF token from response  
         csrf_token = None  
-        match = re.search(r'"csrf_token":"(.*?)"', resp.text)  
+        match = re.search(r'"csrf_token":"(.*?)"', response.text)  
         if match:  
             csrf_token = match.group(1)  
-        
+            
         if not csrf_token:  
-            raise Exception("Failed to get CSRF token")  
+            raise Exception("Could not extract CSRF token")  
             
-        # Prepare login data  
-        login_data = {  
-            'username': INSTAGRAM_USERNAME,  
-            'enc_password': f'#PWD_INSTAGRAM_BROWSER:0:{int(time.time())}:{INSTAGRAM_PASSWORD}',  
-            'queryParams': {},  
-            'optIntoOneTap': 'false',  
-            'csrfmiddlewaretoken': csrf_token  
-        }  
-        
-        # Update headers for the login request  
+        # Update headers for login request  
         session.headers.update({  
             'X-CSRFToken': csrf_token,  
+            'X-Instagram-AJAX': '1',  
             'X-Requested-With': 'XMLHttpRequest',  
+            'Origin': 'https://www.instagram.com',  
             'Referer': 'https://www.instagram.com/accounts/login/',  
-            'Origin': 'https://www.instagram.com'  
+            'Content-Type': 'application/x-www-form-urlencoded'  
         })  
         
-        # Wait a bit before login  
-        time.sleep(random.uniform(2, 4))  
+        # Prepare login data  
+        # Convert password to Instagram's browser format  
+        enc_password = f'#PWD_INSTAGRAM_BROWSER:0:{int(time.time())}:{password}'  
         
-        # Submit login  
-        login_resp = session.post(  
+        login_data = {  
+            'username': username,  
+            'enc_password': enc_password,  
+            'queryParams': '{}',  
+            'optIntoOneTap': 'false'  
+        }  
+        
+        # Wait a bit more to look natural  
+        time.sleep(random.uniform(2, 3))  
+        
+        # Make login request  
+        login_response = session.post(  
             'https://www.instagram.com/accounts/login/ajax/',   
             data=login_data  
         )  
         
-        login_json = login_resp.json()  
-        
-        # Check login status  
-        if login_json.get('authenticated') and login_json.get('status') == 'ok':  
-            logger.info("Successfully logged in to Instagram")  
-            save_cookies()  
-            return True  
-        else:  
-            logger.error(f"Login failed: {login_json}")  
-            if 'two_factor_required' in login_json:  
-                raise Exception("Two-factor authentication required")  
-            else:  
-                raise Exception("Login failed")  
+        # Check login response  
+        try:  
+            login_json = login_response.json()  
+            
+            if login_json.get('authenticated') is True:  
+                logger.info(f"Successfully logged in as {username}")  
                 
+                # Save session  
+                if save_instagram_session(session, username):  
+                    return {  
+                        'success': True,  
+                        'message': 'Login successful'  
+                    }  
+                else:  
+                    return {  
+                        'success': False,  
+                        'message': 'Login successful but failed to save session'  
+                    }  
+            else:  
+                if 'message' in login_json:  
+                    logger.warning(f"Login failed: {login_json['message']}")  
+                    return {  
+                        'success': False,  
+                        'message': f"Login failed: {login_json['message']}"  
+                    }  
+                elif 'error_type' in login_json:  
+                    logger.warning(f"Login failed: {login_json['error_type']}")  
+                    return {  
+                        'success': False,  
+                        'message': f"Login failed: {login_json['error_type']}"  
+                    }  
+                else:  
+                    logger.warning("Login failed: Unknown reason")  
+                    return {  
+                        'success': False,  
+                        'message': 'Login failed for unknown reason'  
+                    }  
+        except Exception as e:  
+            logger.error(f"Failed to parse login response: {str(e)}")  
+            return {  
+                'success': False,  
+                'message': 'Failed to parse login response'  
+            }  
+            
     except Exception as e:  
         logger.error(f"Login error: {str(e)}")  
-        raise  
+        return {  
+            'success': False,  
+            'message': f"Login error: {str(e)}"  
+        }  
 
-def get_user_stories(username):  
-    """Get stories for a username using the mobile API"""  
-    if is_rate_limited(username):  
-        cached = get_cached_stories(username)  
-        if cached:  
-            return cached  
-        raise Exception(f"Rate limited for {username}")  
-    
+def get_instagram_stories(username):  
+    """Get user's stories using the authenticated session"""  
     session = get_instagram_session()  
+    if not session:  
+        logger.warning("No valid Instagram session")  
+        return None  
     
     try:  
-        # First, get the user ID  
-        user_id = None  
-        encoded_username = quote(username)  
-        
-        # Using the web API to get user info  
-        user_info_url = f"https://www.instagram.com/api/v1/users/web_profile_info/?username={encoded_username}"  
+        # First get the user ID  
+        profile_url = f"https://www.instagram.com/api/v1/users/web_profile_info/?username={username}"  
         
         session.headers.update({  
-            'X-IG-App-ID': '936619743392459',  # Common App ID  
+            'User-Agent': random.choice(USER_AGENTS),  
+            'Accept': '*/*',  
+            'Accept-Language': 'en-US,en;q=0.5',  
+            'X-IG-App-ID': '936619743392459',  # This ID is important  
             'X-ASBD-ID': '198387',  
             'X-IG-WWW-Claim': '0',  
-            'X-Requested-With': 'XMLHttpRequest',  
+            'Origin': 'https://www.instagram.com',  
+            'Connection': 'keep-alive',  
             'Referer': f'https://www.instagram.com/{username}/',  
+            'Sec-Fetch-Dest': 'empty',  
+            'Sec-Fetch-Mode': 'cors',  
+            'Sec-Fetch-Site': 'same-origin',  
+            'TE': 'trailers',  
         })  
         
-        # Random delay to look more like a real user  
-        time.sleep(random.uniform(1, 2))  
+        # Get user profile  
+        profile_response = session.get(profile_url)  
         
-        user_response = session.get(user_info_url)  
-        user_data = user_response.json()  
+        if profile_response.status_code != 200:  
+            logger.warning(f"Failed to get user profile: {profile_response.status_code}")  
+            
+            if profile_response.status_code == 401:  
+                # Try to extract the message  
+                try:  
+                    resp_data = profile_response.json()  
+                    if 'message' in resp_data:  
+                        logger.warning(f"API error: {resp_data['message']}")  
+                        if "wait" in resp_data['message'].lower():  
+                            return {"error": "rate_limited", "message": resp_data['message']}  
+                except:  
+                    pass  
+                
+                return {"error": "unauthorized", "message": "Unauthorized access - session may be expired"}  
+                
+            return {"error": "profile_fetch_failed", "status": profile_response.status_code}  
+            
+        profile_data = profile_response.json()  
         
-        if user_data.get('status') != 'ok':  
-            if 'message' in user_data and 'wait' in user_data['message'].lower():  
-                set_rate_limit(username, 30)  
-                raise Exception(f"Rate limited: {user_data.get('message')}")  
-            else:  
-                raise Exception(f"Failed to get user info: {user_data}")  
+        if 'data' not in profile_data or 'user' not in profile_data['data']:  
+            logger.warning("User profile data not found")  
+            return {"error": "profile_not_found", "message": "User profile data not found"}  
+            
+        user_id = profile_data['data']['user']['id']  
         
-        user_id = user_data['data']['user']['id']  
-        logger.info(f"Got user ID for {username}: {user_id}")  
+        # Small delay  
+        time.sleep(random.uniform(1, 2))  
         
         # Now get the stories  
-        # Small delay between requests  
-        time.sleep(random.uniform(2, 3))  
-        
-        # Get the stories  
-        stories_url = f"https://i.instagram.com/api/v1/feed/user/{user_id}/story/"  
+        stories_url = f"https://www.instagram.com/api/v1/feed/user/{user_id}/story/"  
         
         stories_response = session.get(stories_url)  
-        stories_data = stories_response.json()  
         
-        if stories_data.get('reel') is None:  
-            raise Exception("No stories found or private account")  
+        if stories_response.status_code != 200:  
+            logger.warning(f"Failed to get stories: {stories_response.status_code}")  
+            return {"error": "stories_fetch_failed", "status": stories_response.status_code}  
+            
+        stories_data = stories_response.json()  
         
-        # Process the stories  
+        # Check if there are stories  
+        if 'reel' not in stories_data or not stories_data['reel'].get('items'):  
+            logger.info(f"No stories found for {username}")  
+            return {"error": "no_stories", "message": "No stories found for this user"}  
+            
+        # Process stories  
         stories = []  
-        items = stories_data.get('reel', {}).get('items', [])  
-        
-        for item in items:  
+        for item in stories_data['reel']['items']:  
             story = {  
-                "id": item.get('id', ''),  
+                "id": item.get('pk', ''),  
                 "type": "video" if item.get('media_type') == 2 else "image",  
-                "timestamp": datetime.fromtimestamp(item.get('taken_at')).isoformat()  
+                "timestamp": datetime.fromtimestamp(item.get('taken_at', 0)).isoformat()  
             }  
             
             # Get media URL  
-            if story["type"] == "video":  
-                # Find the best video version  
-                if 'video_versions' in item:  
-                    videos = item['video_versions']  
-                    if videos:  
-                        # Get highest quality video  
-                        story["url"] = videos[0]['url']  
-                        # Add view count if available  
-                        if 'view_count' in item:  
-                            story["views"] = item['view_count']  
+            if story["type"] == "video" and 'video_versions' in item and item['video_versions']:  
+                story["url"] = item['video_versions'][0]['url']  
+                
+                # Add view count if available  
+                if 'view_count' in item:  
+                    story["views"] = item['view_count']  
+                    
+            elif 'image_versions2' in item and 'candidates' in item['image_versions2'] and item['image_versions2']['candidates']:  
+                story["url"] = item['image_versions2']['candidates'][0]['url']  
             else:  
-                # Find the best image version  
-                if 'image_versions2' in item:  
-                    images = item['image_versions2']['candidates']  
-                    if images:  
-                        # Get highest quality image  
-                        story["url"] = images[0]['url']  
-            
+                continue  # Skip if no URL  
+                
             stories.append(story)  
-        
+            
+        if not stories:  
+            logger.info(f"No valid stories found for {username}")  
+            return {"error": "no_valid_stories", "message": "No valid stories found for this user"}  
+            
         result = {  
             "data": stories,  
             "count": len(stories),  
@@ -335,19 +652,77 @@ def get_user_stories(username):
         }  
         
         return result  
-    
+        
     except Exception as e:  
         logger.error(f"Error getting stories: {str(e)}")  
-        if 'rate' in str(e).lower() or 'wait' in str(e).lower():  
-            set_rate_limit(username, 30)  
-        raise  
+        return {"error": "exception", "message": str(e)}  
+
+@app.get("/", response_class=HTMLResponse)  
+async def root(request: Request):  
+    """Redirect to status page"""  
+    return RedirectResponse(url="/status")  
+
+@app.get("/login", response_class=HTMLResponse)  
+async def login_page(request: Request, message: str = None, success: bool = False):  
+    """Login page"""  
+    return templates.TemplateResponse(  
+        "login.html",   
+        {"request": request, "message": message, "success": success}  
+    )  
+
+@app.post("/login")  
+async def login_process(username: str = Form(...), password: str = Form(...)):  
+    """Process login form"""  
+    logger.info(f"Login attempt for {username}")  
+    
+    result = login_to_instagram(username, password)  
+    
+    if result['success']:  
+        return RedirectResponse(url="/status", status_code=303)  
+    else:  
+        return templates.TemplateResponse(  
+            "login.html",   
+            {  
+                "request": Request,   
+                "message": result['message'],   
+                "success": False  
+            }  
+        )  
+
+@app.get("/logout")  
+async def logout():  
+    """Logout and clear session"""  
+    clear_instagram_session()  
+    return RedirectResponse(url="/status", status_code=303)  
+
+@app.get("/status", response_class=HTMLResponse)  
+async def status_page(request: Request):  
+    """Status page"""  
+    session = get_instagram_session()  
+    session_valid = session is not None  
+    
+    cache_info = {  
+        "count": len(STORY_CACHE),  
+        "items": sum(len(data.get("data", [])) for data in STORY_CACHE.values())  
+    }  
+    
+    return templates.TemplateResponse(  
+        "status.html",   
+        {  
+            "request": request,   
+            "session_valid": session_valid,  
+            "username": IG_SESSION_USERNAME,  
+            "session_expires": IG_SESSION_EXPIRY.strftime("%Y-%m-%d %H:%M:%S") if IG_SESSION_EXPIRY else None,  
+            "cache_info": cache_info  
+        }  
+    )  
 
 @app.get("/stories/{username}")  
-async def get_stories(username: str, cached: bool = False):  
+async def get_stories(username: str, cached: bool = False, demo: bool = False):  
     """Get Instagram stories for a user"""  
     logger.info(f"Request for @{username} stories")  
     
-    # Return from cache if requested or available  
+    # Return from cache if requested  
     if cached:  
         cached_result = get_cached_stories(username)  
         if cached_result:  
@@ -355,75 +730,99 @@ async def get_stories(username: str, cached: bool = False):
     
     try:  
         # Check for rate limiting  
-        if is_rate_limited(username):  
+        if should_rate_limit_request(username):  
             cached_result = get_cached_stories(username)  
             if cached_result:  
                 return {**cached_result, "from_cache": True, "rate_limited": True}  
             else:  
                 raise HTTPException(  
                     status_code=status.HTTP_429_TOO_MANY_REQUESTS,  
-                    detail="Rate limit exceeded for this username. Please try again later."  
+                    detail="Rate limit exceeded. Please try again later."  
                 )  
         
-        # Get the stories  
-        result = get_user_stories(username)  
+        # Get stories  
+        result = get_instagram_stories(username)  
+        
+        if not result:  
+            # No session or other error  
+            raise HTTPException(  
+                status_code=status.HTTP_401_UNAUTHORIZED,  
+                detail="No valid Instagram session. Please login first."  
+            )  
+            
+        if "error" in result:  
+            # Handle specific errors  
+            if result["error"] == "rate_limited":  
+                cached_result = get_cached_stories(username)  
+                if cached_result:  
+                    return {**cached_result, "from_cache": True, "rate_limited": True}  
+                    
+                raise HTTPException(  
+                    status_code=status.HTTP_429_TOO_MANY_REQUESTS,  
+                    detail=result.get("message", "Rate limit exceeded. Please try again later.")  
+                )  
+                
+            elif result["error"] == "unauthorized":  
+                raise HTTPException(  
+                    status_code=status.HTTP_401_UNAUTHORIZED,  
+                    detail=result.get("message", "Unauthorized. Please login again.")  
+                )  
+                
+            elif result["error"] == "no_stories":  
+                raise HTTPException(  
+                    status_code=status.HTTP_404_NOT_FOUND,  
+                    detail=result.get("message", "No stories found for this user.")  
+                )  
+                
+            else:  
+                raise HTTPException(  
+                    status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,  
+                    detail=result.get("message", "Failed to get stories")  
+                )  
         
-        # Cache the successful result  
+        # Cache the result  
         save_to_cache(username, result)  
         
         return result  
-        
+            
+    except HTTPException:  
+        # Re-raise HTTP exceptions  
+        raise  
     except Exception as e:  
-        error_message = str(e)  
-        logger.error(f"Error getting stories: {error_message}")  
+        logger.error(f"Error: {str(e)}")  
         
         # Check for cached version if there's an error  
         cached_result = get_cached_stories(username)  
         if cached_result:  
-            logger.info(f"Returning cached result due to error")  
             return {**cached_result, "from_cache": True, "error_occurred": True}  
-        
-        # Handle specific errors  
-        if 'rate' in error_message.lower() or 'wait' in error_message.lower():  
-            raise HTTPException(  
-                status_code=status.HTTP_429_TOO_MANY_REQUESTS,  
-                detail="Instagram rate limit exceeded. Please try again later."  
-            )  
-        elif 'private' in error_message.lower() or 'no stories' in error_message.lower():  
-            raise HTTPException(  
-                status_code=status.HTTP_404_NOT_FOUND,  
-                detail="No stories found or private account"  
-            )  
-        elif 'login' in error_message.lower() or 'credentials' in error_message.lower():  
-            raise HTTPException(  
-                status_code=status.HTTP_401_UNAUTHORIZED,  
-                detail="Authentication error"  
-            )  
-        else:  
-            raise HTTPException(  
-                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,  
-                detail="Error fetching stories"  
-            )  
+            
+        raise HTTPException(  
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,  
+            detail=f"Error getting stories: {str(e)}"  
+        )  
 
 @app.get("/download/{url:path}")  
 async def download_media(url: str):  
     """Download and proxy media content"""  
-    logger.info(f"Download request for URL")  
+    logger.info(f"Download request for media")  
     
     try:  
         # Validate URL  
-        if not url.startswith(("https://instagram", "https://scontent")):  
+        if not url.startswith(("https://", "http://")):  
             raise HTTPException(  
                 status_code=status.HTTP_400_BAD_REQUEST,  
                 detail="Invalid URL format"  
             )  
             
         # Configure request  
-        session = get_instagram_session()  
+        session = get_instagram_session() or requests.Session()  
         headers = {  
             "User-Agent": random.choice(USER_AGENTS),  
-            "Referer": "https://www.instagram.com/",  
             "Accept": "*/*",  
+            "Accept-Language": "en-US,en;q=0.5",  
+            "Accept-Encoding": "gzip, deflate, br",  
+            "Referer": "https://www.instagram.com/",  
+            "Origin": "https://www.instagram.com"  
         }  
         
         # Get media  
@@ -456,9 +855,10 @@ async def download_media(url: str):
             detail="Failed to download media"  
         )  
 
-# Load cache from disk at startup  
+# Load cache and session at startup  
 @app.on_event("startup")  
-def load_cache_from_disk():  
+def startup_event():  
+    # Load cache  
     try:  
         count = 0  
         for filename in os.listdir(CACHE_DIR):  
@@ -481,13 +881,19 @@ def load_cache_from_disk():
         logger.info(f"Loaded {count} items from cache")  
     except Exception as e:  
         logger.error(f"Cache loading error: {e}")  
+    
+    # Try to load session  
+    get_instagram_session()  
 
 # Health check endpoint  
 @app.get("/health")  
 async def health_check():  
+    session = get_instagram_session()  
     return {  
         "status": "ok",   
-        "timestamp": datetime.now().isoformat(),  
-        "cache_size": len(STORY_CACHE),  
-        "rate_limits": len(RATE_LIMITS)  
+        "authenticated": session is not None,  
+        "username": IG_SESSION_USERNAME,  
+        "session_expires": IG_SESSION_EXPIRY.isoformat() if IG_SESSION_EXPIRY else None,  
+        "cache_items": len(STORY_CACHE),  
+        "timestamp": datetime.now().isoformat()  
     }