Update app.py

app.py

@@ -2,141 +2,126 @@
 # -*- coding: utf-8 -*-
 
 import os
-from flask import Flask, request, Response, render_template_string, jsonify, redirect, url_for
+import json
 import hmac
 import hashlib
-import json
 from urllib.parse import unquote, parse_qs, quote
 import time
 from datetime import datetime
 import logging
 import threading
+from flask import Flask, request, Response, render_template_string, jsonify, redirect, url_for, send_file
 from huggingface_hub import HfApi, hf_hub_download
-from huggingface_hub.utils import RepositoryNotFoundError, HfHubHTTPError
+from huggingface_hub.utils import RepositoryNotFoundError, HFValidationError
 
 # --- Configuration ---
 BOT_TOKEN = os.getenv("BOT_TOKEN", "7566834146:AAGiG4MaTZZvvbTVsqEJVG5SYK5hUlc_Ewo") # Use environment variable or default
 HOST = '0.0.0.0'
 PORT = 7860
-DATA_FILE = 'data.json' # File to store visited user data
-
-# Hugging Face Hub Configuration
-REPO_ID = "flpolprojects/teledata"
-HF_TOKEN = os.getenv("HF_TOKEN") # Write token
-HF_TOKEN_READ = os.getenv("HF_TOKEN_READ", HF_TOKEN) # Read token (defaults to write token if not set)
-BACKUP_INTERVAL = 900 # Seconds (15 minutes)
+DATA_FILE = 'data.json'
+REPO_ID = "flpolprojects/teledata" # Target HF repo
+HF_TOKEN_WRITE = os.getenv("HF_TOKEN_WRITE", os.getenv("HF_TOKEN")) # Use specific write token or general HF_TOKEN
+HF_TOKEN_READ = os.getenv("HF_TOKEN_READ", os.getenv("HF_TOKEN")) # Use specific read token or general HF_TOKEN
+BACKUP_INTERVAL = 900 # seconds (15 minutes)
 
 app = Flask(__name__)
-app.secret_key = os.urandom(24) # Needed for flash messages or sessions if used later
 
-# Logging Setup
+# --- Logging Setup ---
 logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')
 
-# --- Hugging Face Hub Functions ---
+# --- Hugging Face & Data Handling ---
 
-def download_db_from_hf():
-    if not HF_TOKEN_READ:
-        logging.warning("HF_TOKEN_READ not set. Skipping download from Hugging Face Hub.")
-        return False
+def load_user_data():
     try:
-        logging.info(f"Attempting to download {DATA_FILE} from {REPO_ID}...")
-        hf_hub_download(
-            repo_id=REPO_ID,
-            filename=DATA_FILE,
-            repo_type="dataset",
-            token=HF_TOKEN_READ,
-            local_dir=".",
-            local_dir_use_symlinks=False,
-            force_download=True, # Ensure we get the latest version
-            resume_download=False
-        )
-        logging.info(f"{DATA_FILE} successfully downloaded from Hugging Face Hub.")
+        with open(DATA_FILE, 'r', encoding='utf-8') as f:
+            data = json.load(f)
+        if not isinstance(data, dict):
+            logging.warning(f"{DATA_FILE} does not contain a valid dictionary. Resetting.")
+            return {}
+        logging.info(f"Successfully loaded user data from local {DATA_FILE}")
+        return data
+    except FileNotFoundError:
+        logging.info(f"{DATA_FILE} not found locally. Initializing empty data.")
+        return {}
+    except json.JSONDecodeError:
+        logging.error(f"Error decoding JSON from {DATA_FILE}. Initializing empty data.")
+        return {}
+    except Exception as e:
+        logging.error(f"Unexpected error loading user data: {e}")
+        return {}
+
+def save_user_data(data):
+    try:
+        with open(DATA_FILE, 'w', encoding='utf-8') as f:
+            json.dump(data, f, ensure_ascii=False, indent=4)
+        logging.info(f"Successfully saved user data to local {DATA_FILE}")
         return True
-    except RepositoryNotFoundError:
-        logging.warning(f"Repository {REPO_ID} not found on Hugging Face Hub. Will use/create local file.")
-        return False
-    except HfHubHTTPError as e:
-        if e.response.status_code == 404:
-             logging.warning(f"{DATA_FILE} not found in repository {REPO_ID}. Will use/create local file.")
-        else:
-             logging.error(f"HTTP error downloading {DATA_FILE} from Hugging Face Hub: {e}")
-        return False
     except Exception as e:
-        logging.error(f"Error downloading {DATA_FILE} from Hugging Face Hub: {e}")
+        logging.error(f"Error saving user data to {DATA_FILE}: {e}")
         return False
 
 def upload_db_to_hf():
-    if not HF_TOKEN:
-        logging.warning("HF_TOKEN not set. Skipping upload to Hugging Face Hub.")
+    if not HF_TOKEN_WRITE:
+        logging.warning("HF_TOKEN_WRITE not set. Skipping Hugging Face upload.")
         return False
     if not os.path.exists(DATA_FILE):
-        logging.warning(f"{DATA_FILE} not found locally. Skipping upload.")
+        logging.warning(f"{DATA_FILE} not found. Skipping Hugging Face upload.")
         return False
+
     try:
         api = HfApi()
-        logging.info(f"Attempting to upload {DATA_FILE} to {REPO_ID}...")
         api.upload_file(
             path_or_fileobj=DATA_FILE,
             path_in_repo=DATA_FILE,
             repo_id=REPO_ID,
             repo_type="dataset",
-            token=HF_TOKEN,
+            token=HF_TOKEN_WRITE,
             commit_message=f"Automated user data backup {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}"
         )
-        logging.info(f"{DATA_FILE} successfully uploaded to Hugging Face Hub.")
+        logging.info(f"Successfully uploaded {DATA_FILE} to Hugging Face repo {REPO_ID}")
+        return True
+    except HFValidationError:
+        logging.error("Hugging Face validation error. Check repository ID and token permissions.")
+        return False
+    except Exception as e:
+        logging.error(f"Error uploading {DATA_FILE} to Hugging Face: {e}")
+        return False
+
+def download_db_from_hf():
+    if not HF_TOKEN_READ:
+        logging.warning("HF_TOKEN_READ not set. Skipping Hugging Face download.")
+        return False
+    try:
+        hf_hub_download(
+            repo_id=REPO_ID,
+            filename=DATA_FILE,
+            repo_type="dataset",
+            token=HF_TOKEN_READ,
+            local_dir=".",
+            local_dir_use_symlinks=False, # Important for Docker/simple setups
+            force_download=True # Ensure we get the latest version
+        )
+        logging.info(f"Successfully downloaded {DATA_FILE} from Hugging Face repo {REPO_ID}")
         return True
+    except RepositoryNotFoundError:
+        logging.warning(f"Hugging Face repository {REPO_ID} not found or {DATA_FILE} does not exist there yet.")
+        return False
+    except HFValidationError:
+        logging.error("Hugging Face validation error. Check repository ID and token permissions.")
+        return False
     except Exception as e:
-        logging.error(f"Error uploading {DATA_FILE} to Hugging Face Hub: {e}")
+        logging.error(f"Error downloading {DATA_FILE} from Hugging Face: {e}")
         return False
 
 def periodic_backup():
     logging.info(f"Starting periodic backup thread. Interval: {BACKUP_INTERVAL} seconds.")
     while True:
         time.sleep(BACKUP_INTERVAL)
-        logging.info("Initiating scheduled backup...")
+        logging.info("Initiating periodic backup to Hugging Face...")
+        save_user_data(user_data_global) # Save current in-memory data before backup
         upload_db_to_hf()
 
-# --- Data Handling ---
-
-def load_users():
-    # Attempt download first
-    download_db_from_hf()
-
-    if not os.path.exists(DATA_FILE):
-        logging.warning(f"{DATA_FILE} not found. Initializing empty user data.")
-        return {}
-    try:
-        with open(DATA_FILE, 'r', encoding='utf-8') as f:
-            users_data = json.load(f)
-            if not isinstance(users_data, dict):
-                logging.warning(f"{DATA_FILE} does not contain a valid JSON dictionary. Resetting.")
-                return {}
-            logging.info(f"Loaded {len(users_data)} user records from {DATA_FILE}.")
-            return users_data
-    except json.JSONDecodeError:
-        logging.error(f"Error decoding JSON from {DATA_FILE}. Returning empty data.")
-        # Consider backing up the corrupted file here
-        return {}
-    except Exception as e:
-        logging.error(f"Error loading user data from {DATA_FILE}: {e}")
-        return {}
-
-def save_users(users_data):
-    try:
-        with open(DATA_FILE, 'w', encoding='utf-8') as f:
-            json.dump(users_data, f, ensure_ascii=False, indent=4)
-        logging.info(f"Saved {len(users_data)} user records to {DATA_FILE}.")
-        # Attempt upload after saving locally
-        upload_db_to_hf()
-    except Exception as e:
-        logging.error(f"Error saving user data to {DATA_FILE}: {e}")
-
-
-# Load initial data on startup
-visited_users = load_users()
-
-# --- Telegram Verification ---
-
+# --- Telegram Data Verification ---
 def verify_telegram_data(init_data_str):
     try:
         parsed_data = parse_qs(init_data_str)
@@ -148,8 +133,15 @@ def verify_telegram_data(init_data_str):
 
         data_check_list = []
         for key, value in sorted(parsed_data.items()):
-            # Ensure values are strings before appending
-            data_check_list.append(f"{key}={value[0]}")
+            # Decode URL-encoded values before adding
+            # Special handling for 'user' which might be double-encoded
+            if key == 'user':
+                # It's often already a JSON string, potentially URL-encoded
+                # The spec implies it should be taken as-is from the query string value
+                 data_check_list.append(f"{key}={value[0]}")
+            else:
+                 data_check_list.append(f"{key}={unquote(value[0])}")
+
         data_check_string = "\n".join(data_check_list)
 
         secret_key = hmac.new("WebAppData".encode(), BOT_TOKEN.encode(), hashlib.sha256).digest()
@@ -158,322 +150,204 @@ def verify_telegram_data(init_data_str):
         if calculated_hash == received_hash:
             auth_date = int(parsed_data.get('auth_date', [0])[0])
             current_time = int(time.time())
-            # Allow slightly older data, adjust timeout as needed (e.g., 3600 for 1 hour)
-            if current_time - auth_date > 86400: # 24 hours tolerance
+            # Allow slightly older data, e.g., 24 hours, adjust as needed for security
+            if current_time - auth_date > 86400:
                  logging.warning(f"Telegram InitData is older than 24 hours (Auth Date: {auth_date}, Current: {current_time}).")
-            # logging.info("Telegram data verified successfully.")
+            # logging.info("Telegram data verified successfully.") # Can be noisy
             return parsed_data, True
         else:
-            logging.warning(f"Data verification failed. Calculated: {calculated_hash}, Received: {received_hash}")
+            logging.warning(f"Data verification failed. Hash mismatch. Calculated: {calculated_hash}, Received: {received_hash}")
+            logging.debug(f"Data check string used for hash calculation:\n{data_check_string}")
             return parsed_data, False
     except Exception as e:
-        logging.error(f"Error verifying Telegram data: {e}")
+        logging.error(f"Error verifying Telegram data: {e}", exc_info=True)
         return None, False
 
-# --- Templates ---
+# --- Load initial data ---
+download_db_from_hf()
+user_data_global = load_user_data()
 
+# --- Templates ---
 TEMPLATE = """
 <!DOCTYPE html>
 <html lang="ru">
 <head>
     <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0, shrink-to-fit=no, user-scalable=no, viewport-fit=cover">
-    <title>Morshen Group - IT Holding</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0, shrink-to-fit=no, user-scalable=no">
+    <title>Morshen Group</title>
     <script src="https://telegram.org/js/telegram-web-app.js"></script>
     <link rel="preconnect" href="https://fonts.googleapis.com">
     <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
-    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&display=swap" rel="stylesheet">
+    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap" rel="stylesheet">
     <style>
         :root {
-            --tg-theme-bg-color: var(--tg-bg-color, #181a1b);
-            --tg-theme-text-color: var(--tg-text-color, #ffffff);
-            --tg-theme-hint-color: var(--tg-hint-color, #aaaaaa);
-            --tg-theme-link-color: var(--tg-link-color, #8774e1);
-            --tg-theme-button-color: var(--tg-button-color, #8774e1);
-            --tg-theme-button-text-color: var(--tg-button-text-color, #ffffff);
-            --tg-theme-secondary-bg-color: var(--tg-secondary-bg-color, #222425);
-
-            --bg-color: var(--tg-theme-bg-color);
-            --card-bg: var(--tg-theme-secondary-bg-color);
-            --text-color: var(--tg-theme-text-color);
-            --text-secondary-color: var(--tg-theme-hint-color);
-            --accent-color: var(--tg-theme-button-color);
-            --accent-text-color: var(--tg-theme-button-text-color);
-            --link-color: var(--tg-theme-link-color);
-            --green-accent: #34c759;
-            --red-accent: #ff3b30;
-
-            --border-radius-s: 8px;
-            --border-radius-m: 12px;
-            --border-radius-l: 16px;
-            --padding-s: 10px;
-            --padding-m: 20px;
-            --padding-l: 30px;
+            --bg-gradient-start: #10141F;
+            --bg-gradient-end: #1A202C;
+            --card-bg: rgba(45, 55, 72, 0.7);
+            --card-border: rgba(74, 85, 104, 0.5);
+            --text-primary: #E2E8F0;
+            --text-secondary: #A0AEC0;
+            --text-accent: #63B3ED; /* Light Blue Accent */
+            --accent-gradient: linear-gradient(90deg, #4299E1, #3182CE); /* Blue Gradient */
+            --accent-gradient-green: linear-gradient(90deg, #48BB78, #38A169); /* Green Gradient */
+            --tag-bg: rgba(74, 85, 104, 0.4);
+            --tag-text: #CBD5E0;
+            --stat-bg: rgba(255, 255, 255, 0.05);
+            --border-radius-sm: 6px;
+            --border-radius-md: 10px;
+            --border-radius-lg: 16px;
+            --padding-sm: 8px;
+            --padding-md: 16px;
+            --padding-lg: 24px;
             --font-family: 'Inter', -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif;
-
-            --shadow-color: rgba(0, 0, 0, 0.2);
-            --card-shadow: 0 4px 15px var(--shadow-color);
-            --button-shadow: 0 3px 8px var(--shadow-color);
+            --shadow-sm: 0 1px 3px rgba(0, 0, 0, 0.1), 0 1px 2px rgba(0, 0, 0, 0.06);
+            --shadow-md: 0 4px 6px rgba(0, 0, 0, 0.1), 0 2px 4px rgba(0, 0, 0, 0.06);
+            --shadow-lg: 0 10px 15px rgba(0, 0, 0, 0.1), 0 4px 6px rgba(0, 0, 0, 0.05);
         }
-
         * { box-sizing: border-box; margin: 0; padding: 0; }
-
-        html {
-            background-color: var(--bg-color);
-            color: var(--text-color);
-            font-family: var(--font-family);
-            scroll-behavior: smooth;
-        }
-
+        html { background: linear-gradient(180deg, var(--bg-gradient-start) 0%, var(--bg-gradient-end) 100%); scroll-behavior: smooth; }
         body {
-            background: linear-gradient(180deg, color-mix(in srgb, var(--bg-color) 80%, black) 0%, var(--bg-color) 100%);
-            color: var(--text-color);
-            padding: var(--padding-m);
-            padding-bottom: 120px; /* Space for fixed button */
+            font-family: var(--font-family);
+            background: linear-gradient(180deg, var(--bg-gradient-start) 0%, var(--bg-gradient-end) 100%);
+            color: var(--text-primary);
+            padding: var(--padding-md);
+            padding-bottom: 120px; /* Space for save button */
             overscroll-behavior-y: none;
             -webkit-font-smoothing: antialiased;
             -moz-osx-font-smoothing: grayscale;
-            line-height: 1.6;
+            min-height: 100vh;
             visibility: hidden; /* Hide until ready */
         }
+        .container { max-width: 700px; margin: 0 auto; display: flex; flex-direction: column; gap: var(--padding-lg); }
 
-        .container {
-            max-width: 650px;
-            margin: 0 auto;
-            display: flex;
-            flex-direction: column;
-            gap: var(--padding-l);
+        .header { display: flex; justify-content: space-between; align-items: center; margin-bottom: var(--padding-md); }
+        .logo { display: flex; align-items: center; gap: var(--padding-md); }
+        .logo img {
+            width: 50px; height: 50px; border-radius: 50%;
+            object-fit: cover; border: 2px solid rgba(255, 255, 255, 0.1);
+            box-shadow: var(--shadow-md);
         }
+        .logo span { font-size: 1.6em; font-weight: 700; letter-spacing: -0.5px; }
 
-        /* Header & Logo */
-        .header {
-            display: flex;
-            justify-content: space-between;
-            align-items: center;
-            margin-bottom: var(--padding-s);
-        }
-        .logo { display: flex; align-items: center; gap: var(--padding-s); }
-        .logo img, .logo-icon {
-            width: 48px;
-            height: 48px;
-            border-radius: 50%;
-            background-color: var(--card-bg);
-            object-fit: cover;
-            border: 2px solid rgba(255, 255, 255, 0.1);
-            box-shadow: 0 2px 5px var(--shadow-color);
-        }
-        .logo span { font-size: 1.6em; font-weight: 700; }
-
-        /* Buttons */
         .btn {
             display: inline-flex; align-items: center; justify-content: center;
-            padding: 12px var(--padding-m); border-radius: var(--border-radius-m);
-            background: var(--accent-color); color: var(--accent-text-color);
+            padding: 12px var(--padding-lg); border-radius: var(--border-radius-md);
+            background: var(--accent-gradient); color: #ffffff;
             text-decoration: none; font-weight: 600; border: none; cursor: pointer;
-            transition: all 0.25s ease-out; gap: 8px; font-size: 1em;
-            box-shadow: var(--button-shadow);
-        }
-        .btn:hover {
-            opacity: 0.9;
-            transform: translateY(-2px);
-            box-shadow: 0 5px 12px var(--shadow-color);
-        }
-        .btn-secondary {
-            background: var(--card-bg);
-            color: var(--accent-color);
-            border: 1px solid color-mix(in srgb, var(--accent-color) 50%, transparent);
-        }
-        .btn-secondary:hover {
-            background: color-mix(in srgb, var(--card-bg) 90%, white);
+            transition: all 0.3s ease; gap: 8px; font-size: 1em;
+            box-shadow: var(--shadow-sm);
         }
-        .btn-green {
-            background: var(--green-accent); color: white;
-        }
-         .btn-green:hover {
-             background: color-mix(in srgb, var(--green-accent) 90%, black);
-         }
+        .btn:hover { opacity: 0.9; transform: translateY(-2px); box-shadow: var(--shadow-md); }
+        .btn-secondary { background: var(--card-bg); color: var(--text-accent); border: 1px solid var(--card-border); }
+        .btn-secondary:hover { background: rgba(74, 85, 104, 0.6); }
 
-        /* Tags */
-        .tag-container { margin: var(--padding-m) 0; display: flex; flex-wrap: wrap; gap: 8px; }
         .tag {
-            display: inline-flex; align-items: center; gap: 5px;
-            background: color-mix(in srgb, var(--card-bg) 70%, var(--accent-color) 10%);
-            color: var(--text-secondary-color);
-            padding: 6px 12px; border-radius: var(--border-radius-s); font-size: 0.85em; font-weight: 500;
-            border: 1px solid rgba(255, 255, 255, 0.05);
+            display: inline-block; background: var(--tag-bg); color: var(--tag-text);
+            padding: 6px 12px; border-radius: var(--border-radius-sm); font-size: 0.85em; font-weight: 500;
+            margin: 4px 6px 4px 0; white-space: nowrap; border: 1px solid rgba(255, 255, 255, 0.1);
         }
-        .tag i { opacity: 0.8; }
+        .tag i { margin-right: 5px; opacity: 0.8; font-size: 0.9em; }
 
-        /* Cards */
         .section-card {
-            background-color: var(--card-bg);
-            border-radius: var(--border-radius-l);
-            padding: var(--padding-m);
-            margin-bottom: 0; /* Removed default bottom margin */
-            box-shadow: var(--card-shadow);
-            border: 1px solid rgba(255, 255, 255, 0.05);
-            transition: transform 0.2s ease, box-shadow 0.2s ease;
+            background-color: var(--card-bg); border-radius: var(--border-radius-lg);
+            padding: var(--padding-lg); margin-bottom: var(--padding-lg);
+            border: 1px solid var(--card-border);
+            box-shadow: var(--shadow-lg);
+            backdrop-filter: blur(10px);
+            transition: transform 0.3s ease, box-shadow 0.3s ease;
         }
         .section-card:hover {
-            transform: translateY(-3px);
-            box-shadow: 0 8px 25px var(--shadow-color);
+             transform: translateY(-3px);
+             box-shadow: 0 15px 25px rgba(0, 0, 0, 0.15);
         }
 
-        /* Typography */
-        .section-title { font-size: 2em; font-weight: 800; margin-bottom: var(--padding-s); line-height: 1.2; }
-        .section-subtitle { font-size: 1.2em; font-weight: 500; color: var(--text-secondary-color); margin-bottom: var(--padding-m); }
-        .description { font-size: 1em; line-height: 1.7; color: var(--text-secondary-color); margin-bottom: var(--padding-m); }
+        .section-title { font-size: 2em; font-weight: 700; margin-bottom: var(--padding-sm); line-height: 1.2; letter-spacing: -0.5px; }
+        .section-subtitle { font-size: 1.2em; font-weight: 500; color: var(--text-secondary); margin-bottom: var(--padding-md); }
+        .description { font-size: 1.05em; line-height: 1.6; color: var(--text-secondary); margin-bottom: var(--padding-md); }
 
-        /* Stats Grid */
-        .stats-grid { display: grid; grid-template-columns: repeat(auto-fit, minmax(110px, 1fr)); gap: var(--padding-s); margin-top: var(--padding-m); text-align: center; }
-        .stat-item { background-color: rgba(255, 255, 255, 0.05); padding: var(--padding-s) var(--padding-m); border-radius: var(--border-radius-m); }
-        .stat-value { font-size: 1.7em; font-weight: 700; display: block; }
-        .stat-label { font-size: 0.8em; color: var(--text-secondary-color); display: block; text-transform: uppercase; letter-spacing: 0.5px; }
+        .stats-grid { display: grid; grid-template-columns: repeat(auto-fit, minmax(120px, 1fr)); gap: var(--padding-md); margin-top: var(--padding-md); text-align: center; }
+        .stat-item { background-color: var(--stat-bg); padding: var(--padding-md); border-radius: var(--border-radius-md); border: 1px solid rgba(255,255,255,0.08); }
+        .stat-value { font-size: 1.8em; font-weight: 700; display: block; color: var(--text-accent); }
+        .stat-value i { font-size: 0.8em; margin-right: 5px; vertical-align: middle; opacity: 0.8;}
+        .stat-label { font-size: 0.9em; color: var(--text-secondary); display: block; margin-top: 4px;}
 
-        /* List Items */
-        .list-container { display: flex; flex-direction: column; gap: var(--padding-s); margin-top: var(--padding-s); }
-        .list-item { background-color: color-mix(in srgb, var(--card-bg) 80%, black); padding: var(--padding-m); border-radius: var(--border-radius-m); display: flex; align-items: center; gap: var(--padding-m); font-size: 1.1em; font-weight: 500; }
-        .list-item i { font-size: 1.4em; color: var(--accent-color); opacity: 0.9; width: 25px; text-align: center; }
+        .list-item { background-color: var(--card-bg); padding: var(--padding-md); border-radius: var(--border-radius-md); margin-bottom: var(--padding-sm); display: flex; align-items: center; gap: var(--padding-md); font-size: 1.1em; font-weight: 500; border: 1px solid var(--card-border); transition: background-color 0.2s ease; }
+        .list-item:hover { background-color: rgba(74, 85, 104, 0.7); }
+        .list-item i { font-size: 1.3em; color: var(--accent-gradient-start, #34c759); opacity: 0.9; width: 25px; text-align: center; }
 
-        /* Footer */
-        .footer-greeting { text-align: center; color: var(--text-secondary-color); font-size: 0.9em; margin-top: var(--padding-l); }
+        .footer-greeting { text-align: center; color: var(--text-secondary); font-size: 0.95em; margin-top: var(--padding-lg); padding-bottom: 20px; }
 
-        /* Fixed Button */
         .save-card-button {
             position: fixed;
-            bottom: 25px;
+            bottom: 30px;
             left: 50%;
             transform: translateX(-50%);
             padding: 14px 28px;
             border-radius: 30px;
-            background: var(--green-accent);
-            color: white;
+            background: var(--accent-gradient-green);
+            color: #ffffff;
             text-decoration: none;
-            font-weight: 700;
+            font-weight: 600;
             border: none;
             cursor: pointer;
             transition: all 0.3s ease;
             z-index: 1000;
-            box-shadow: 0 6px 20px rgba(52, 199, 89, 0.4);
+            box-shadow: 0 6px 20px rgba(0, 0, 0, 0.3);
             font-size: 1.1em;
             display: flex;
             align-items: center;
             gap: 10px;
-            white-space: nowrap;
-        }
-        .save-card-button:hover {
-            opacity: 0.9;
-            transform: translateX(-50%) scale(1.05);
-            box-shadow: 0 8px 25px rgba(52, 199, 89, 0.5);
         }
-        .save-card-button i { font-size: 1.2em; }
+        .save-card-button:hover { opacity: 0.9; transform: translateX(-50%) scale(1.05); box-shadow: 0 8px 25px rgba(72, 187, 120, 0.5); }
 
-        /* Modal Styles */
         .modal {
-            display: none; /* Hidden by default */
-            position: fixed; /* Stay in place */
-            z-index: 1001; /* Sit on top */
-            left: 0;
-            top: 0;
-            width: 100%; /* Full width */
-            height: 100%; /* Full height */
-            overflow: auto; /* Enable scroll if needed */
-            background-color: rgba(0,0,0,0.7); /* Black w/ opacity */
-            backdrop-filter: blur(5px);
-            -webkit-backdrop-filter: blur(5px);
-            padding-top: 10vh; /* Location of the box */
-            animation: fadeIn 0.3s ease-out;
+            display: none; position: fixed; z-index: 1001;
+            left: 0; top: 0; width: 100%; height: 100%;
+            overflow: auto; background-color: rgba(0,0,0,0.7);
+            backdrop-filter: blur(8px);
+            padding-top: 80px;
         }
-        @keyframes fadeIn { from { opacity: 0; } to { opacity: 1; } }
         .modal-content {
-            background-color: var(--card-bg, #2c2c2e);
-            color: var(--text-color, #ffffff);
-            margin: 5% auto; /* 5% from the top and centered */
-            padding: var(--padding-l, 30px);
-            border: 1px solid rgba(255, 255, 255, 0.1);
-            width: 90%; /* Could be more or less, depending on screen size */
-            max-width: 480px;
-            border-radius: var(--border-radius-l, 16px);
-            text-align: center;
-            position: relative;
+            background-color: var(--card-bg); color: var(--text-primary);
+            margin: 5% auto; padding: var(--padding-lg);
+            border: 1px solid var(--card-border);
+            width: 90%; max-width: 480px;
+            border-radius: var(--border-radius-lg);
+            text-align: center; position: relative;
             box-shadow: 0 10px 30px rgba(0,0,0,0.4);
-            animation: slideIn 0.4s ease-out;
+            animation: fadeInScale 0.4s ease-out;
         }
-         @keyframes slideIn { from { transform: translateY(-30px); opacity: 0; } to { transform: translateY(0); opacity: 1; } }
+        @keyframes fadeInScale { from { opacity: 0; transform: scale(0.9); } to { opacity: 1; transform: scale(1); } }
         .modal-close {
-            color: var(--text-secondary-color, #aaa);
-            position: absolute;
-            top: 15px;
-            right: 20px;
-            font-size: 32px;
-            font-weight: bold;
-            cursor: pointer;
-            line-height: 1;
-            transition: color 0.2s ease;
-        }
-        .modal-close:hover,
-        .modal-close:focus {
-            color: var(--text-color, #fff);
-            text-decoration: none;
-        }
-        .modal-title {
-            font-size: 1.5em;
-            font-weight: 700;
-            margin-bottom: var(--padding-s);
-        }
-        .modal-text {
-            font-size: 1.2em;
-            line-height: 1.6;
-            margin-bottom: var(--padding-s);
-            word-wrap: break-word;
-            font-weight: 500;
-        }
-        .modal-text strong {
-            font-weight: 700;
-            color: var(--accent-color);
-        }
-        .modal-instruction {
-             font-size: 1em;
-             color: var(--text-secondary-color, #a0a0a5);
-             margin-top: var(--padding-m);
-             font-style: italic;
-        }
-
-        /* Icons */
-        .icon { display: inline-block; font-style: normal; margin-right: 8px; }
-        .icon-save::before { content: '💾'; }
-        .icon-web::before { content: '🌐'; }
-        .icon-mobile::before { content: '📱'; }
-        .icon-code::before { content: '💻'; }
-        .icon-ai::before { content: '🧠'; }
-        .icon-quantum::before { content: '⚛️'; }
-        .icon-business::before { content: '💼'; }
-        .icon-speed::before { content: '⚡️'; }
-        .icon-complexity::before { content: '🧩'; }
-        .icon-experience::before { content: '⏳'; }
-        .icon-clients::before { content: '👥'; }
-        .icon-market::before { content: '📈'; }
-        .icon-location::before { content: '📍'; }
-        .icon-global::before { content: '🌍'; }
-        .icon-innovation::before { content: '💡'; }
-        .icon-contact::before { content: '💬'; }
-        .icon-link::before { content: '🔗'; }
-        .icon-leader::before { content: '🏆'; }
-        .icon-company::before { content: '🏢'; }
-
-        /* Responsive */
-        @media (max-width: 600px) {
-            body { padding: var(--padding-s); padding-bottom: 100px; }
-            .container { gap: var(--padding-m); }
-            .section-title { font-size: 1.8em; }
-            .section-subtitle { font-size: 1.1em; }
-            .btn { padding: 10px var(--padding-m); font-size: 0.95em; }
-            .save-card-button { padding: 12px 24px; font-size: 1em; bottom: 20px; }
-            .modal-content { width: 95%; padding: var(--padding-m); }
-            .modal-title { font-size: 1.3em; }
-            .modal-text { font-size: 1.1em; }
-            .modal-instruction { font-size: 0.9em; }
-        }
+            color: var(--text-secondary); position: absolute;
+            top: 15px; right: 20px; font-size: 32px; font-weight: bold;
+            cursor: pointer; line-height: 1; transition: color 0.2s ease;
+        }
+        .modal-close:hover, .modal-close:focus { color: var(--text-primary); }
+        .modal-text { font-size: 1.2em; line-height: 1.7; margin-bottom: var(--padding-md); word-wrap: break-word; }
+        .modal-text b { color: var(--text-accent); font-weight: 700; font-size: 1.3em; display: block; margin-bottom: 10px;}
+        .modal-instruction { font-size: 1em; color: var(--text-secondary); margin-top: var(--padding-sm); }
+
+        /* Icons - using text for simplicity */
+        .icon-save::before { content: '💾'; margin-right: 8px; }
+        .icon-web::before { content: '🌐'; margin-right: 8px; }
+        .icon-mobile::before { content: '📱'; margin-right: 8px; }
+        .icon-code::before { content: '💻'; margin-right: 8px; }
+        .icon-ai::before { content: '🧠'; margin-right: 8px; }
+        .icon-quantum::before { content: '⚛️'; margin-right: 8px; }
+        .icon-business::before { content: '💼'; margin-right: 8px; }
+        .icon-speed::before { content: '⚡️'; margin-right: 8px; }
+        .icon-complexity::before { content: '🧩'; margin-right: 8px; }
+        .icon-experience::before { content: '⏳'; margin-right: 8px; }
+        .icon-clients::before { content: '👥'; margin-right: 8px; }
+        .icon-market::before { content: '📈'; margin-right: 8px; }
+        .icon-location::before { content: '📍'; margin-right: 8px; }
+        .icon-global::before { content: '🌍'; margin-right: 8px; }
+        .icon-innovation::before { content: '💡'; margin-right: 8px; }
+        .icon-contact::before { content: '💬'; margin-right: 8px; }
+        .icon-link::before { content: '🔗'; margin-right: 8px; }
+        .icon-leader::before { content: '🏆'; margin-right: 8px; }
+        .icon-company::before { content: '🏢'; margin-right: 8px; }
     </style>
 </head>
 <body>
@@ -485,53 +359,58 @@ TEMPLATE = """
                      <img src="https://huggingface.co/spaces/Aleksmorshen/Telemap8/resolve/main/morshengroup.jpg" alt="Morshen Group Logo">
                     <span>Morshen Group</span>
                 </div>
-                <a href="#" class="btn btn-secondary contact-link"><i class="icon icon-contact"></i>Связаться</a>
+                <a href="#" class="btn contact-link"><i class="icon-contact"></i>Связаться</a>
             </div>
-            <div class="tag-container">
-                <span class="tag"><i class="icon icon-leader"></i>Лидер инноваций 2025</span>
-                 <span class="tag"><i class="icon icon-global"></i>Международный Холдинг</span>
+            <div>
+                <span class="tag"><i class="icon-leader"></i>Лидер инноваций 2025</span>
+                 <span class="tag"><i class="icon-global"></i>Международный Холдинг</span>
             </div>
-            <h1 class="section-title">Создаем будущее IT сегодня</h1>
+            <h1 class="section-title" style="margin-top: var(--padding-md);">Цифровая Трансформация Бизнеса</h1>
             <p class="description">
-                Мы — международный IT холдинг, объединяющий передовые технологические компании для создания прорывных решений мирового уровня в сферах AI, квантовых вычислений и разработки ПО.
+                Мы — международный IT холдинг, объединяющий экспертизу и ресурсы для создания прорывных
+                технологических решений, которые формируют будущее индустрий по всему миру.
             </p>
-             <a href="#" class="btn btn-green contact-link" style="width: 100%; margin-top: var(--padding-s);">
-                 <i class="icon icon-contact"></i>Обсудить ваш проект
+             <a href="#" class="btn contact-link" style="background: var(--accent-gradient-green); width: 100%; margin-top: var(--padding-md);">
+                 <i class="icon-contact"></i>Начать сотрудничество
              </a>
         </section>
 
          <section class="ecosystem-header">
-             <h2 class="section-title">Экосистема <span style="color: var(--accent-color);">Инноваций</span></h2>
+             <span class="tag"><i class="icon-company"></i>Структура Холдинга</span>
+             <h2 class="section-title">Экосистема Инноваций</h2>
              <p class="description">
-                 В состав холдинга входят специализированные компании, каждая из которых является экспертом в своей области передовых технологий.
+                 Наш холдинг включает компании-лидеры в своих сегментах, работающие в синергии
+                 для достижения максимальных результатов.
              </p>
          </section>
 
         <section class="section-card">
             <div class="logo">
-                 <img src="https://huggingface.co/spaces/Aleksmorshen/Telemap8/resolve/main/morshengroup.jpg" alt="Morshen Alpha Logo">
+                 <img src="https://huggingface.co/spaces/Aleksmorshen/Telemap8/resolve/main/morshengroup.jpg" alt="Morshen Alpha Logo" style="width: 50px; height: 50px;">
                 <span style="font-size: 1.5em; font-weight: 600;">Morshen Alpha</span>
             </div>
-            <div class="tag-container">
-                <span class="tag"><i class="icon icon-ai"></i>Искусственный интеллект</span>
-                <span class="tag"><i class="icon icon-quantum"></i>Квантовые технологии</span>
-                <span class="tag"><i class="icon icon-business"></i>Стратегические решения</span>
+            <div style="margin: var(--padding-md) 0; display: flex; flex-wrap: wrap; gap: 10px;">
+                <span class="tag"><i class="icon-ai"></i>AI & ML</span>
+                <span class="tag"><i class="icon-quantum"></i>Quantum Research</span>
+                <span class="tag"><i class="icon-business"></i>Enterprise Solutions</span>
+                <span class="tag"><i class="icon-innovation"></i>R&D Hub</span>
             </div>
-            <p class="description">
-                Флагман холдинга. Занимаемся R&D в области AI и квантовых технологий, разрабатываем передовые бизнес-решения, формирующие будущее индустрии.
+            <p class="description" style="font-size: 1.1em;">
+                Флагманская компания, фокусирующаяся на передовых исследованиях и разработке в области ИИ,
+                квантовых вычислений и создании кастомных бизнес-платформ. Задаем тренды в технологической индустрии.
             </p>
             <div class="stats-grid">
                 <div class="stat-item">
-                    <span class="stat-value"><i class="icon icon-global"></i> 3+</span>
-                    <span class="stat-label">Страны</span>
+                    <span class="stat-value"><i class="icon-global"></i> 3+</span>
+                    <span class="stat-label">Страны присутствия</span>
                 </div>
                 <div class="stat-item">
-                    <span class="stat-value"><i class="icon icon-clients"></i> 3K+</span>
-                    <span class="stat-label">Клиенты</span>
+                    <span class="stat-value"><i class="icon-clients"></i> 3K+</span>
+                    <span class="stat-label">Корп. клиентов</span>
                 </div>
                 <div class="stat-item">
-                    <span class="stat-value"><i class="icon icon-market"></i> 5+</span>
-                    <span class="stat-label">Лет на рынке</span>
+                    <span class="stat-value"><i class="icon-market"></i> 5+</span>
+                    <span class="stat-label">Лет экспертизы</span>
                 </div>
             </div>
         </section>
@@ -539,64 +418,66 @@ TEMPLATE = """
         <section class="section-card">
              <div class="logo">
                  <img src="https://huggingface.co/spaces/holmgardstudio/dev/resolve/main/image.jpg" alt="Holmgard Logo" style="width: 50px; height: 50px;">
-                <span style="font-size: 1.5em; font-weight: 600;">Holmgard Studio</span>
+                <span style="font-size: 1.5em; font-weight: 600;">Holmgard</span>
             </div>
-             <div class="tag-container">
-                 <span class="tag"><i class="icon icon-web"></i>Веб-разработка</span>
-                 <span class="tag"><i class="icon icon-mobile"></i>Мобильные приложения</span>
-                 <span class="tag"><i class="icon icon-code"></i>Энтерпрайз ПО</span>
+             <div style="margin: var(--padding-md) 0; display: flex; flex-wrap: wrap; gap: 10px;">
+                 <span class="tag"><i class="icon-web"></i>Веб-платформы</span>
+                 <span class="tag"><i class="icon-mobile"></i>Mobile Apps (iOS/Android)</span>
+                 <span class="tag"><i class="icon-code"></i>Custom Software Dev</span>
              </div>
-             <p class="description">
-                Студия разработки полного цикла. Создаем высокотехнологичные веб-сайты, мобильные приложения и кастомное ПО для бизнеса любого масштаба, используя современные стеки и методологии.
+             <p class="description" style="font-size: 1.1em;">
+                Студия цифровой трансформации, специализирующаяся на создании высоконагруженных веб-сайтов,
+                нативных мобильных приложений и сложного корпоративного ПО. Гарантия качества и скорости реализации.
              </p>
              <div class="stats-grid">
                  <div class="stat-item">
-                     <span class="stat-value"><i class="icon icon-experience"></i> 10+</span>
-                     <span class="stat-label">Лет опыта</span>
+                     <span class="stat-value"><i class="icon-experience"></i> 10+</span>
+                     <span class="stat-label">Лет опыта команды</span>
                  </div>
                  <div class="stat-item">
-                     <span class="stat-value"><i class="icon icon-complexity"></i> Highload</span>
-                     <span class="stat-label">Сложные проекты</span>
+                     <span class="stat-value"><i class="icon-complexity"></i> High</span>
+                     <span class="stat-label">Сложность проектов</span>
                  </div>
                  <div class="stat-item">
-                     <span class="stat-value"><i class="icon icon-speed"></i> Agile</span>
-                     <span class="stat-label">Быстрый запуск</span>
+                     <span class="stat-value"><i class="icon-speed"></i> Agile</span>
+                     <span class="stat-label">Методология</span>
                  </div>
              </div>
-             <div style="display: flex; gap: var(--padding-s); margin-top: var(--padding-m); flex-wrap: wrap;">
-                 <a href="https://holmgard.ru" target="_blank" class="btn btn-secondary" style="flex-grow: 1;"><i class="icon icon-link"></i>На сайт</a>
-                 <a href="#" class="btn contact-link" style="flex-grow: 1;"><i class="icon icon-contact"></i>Связаться</a>
+             <div style="display: flex; gap: var(--padding-md); margin-top: var(--padding-lg); flex-wrap: wrap;">
+                 <a href="https://holmgard.ru" target="_blank" class="btn btn-secondary" style="flex-grow: 1;"><i class="icon-link"></i>Вебсайт Студии</a>
+                 <a href="#" class="btn contact-link" style="flex-grow: 1;"><i class="icon-contact"></i>Запросить консультацию</a>
              </div>
         </section>
 
         <section>
-            <h2 class="section-title"><i class="icon icon-global"></i> Глобальное Присутствие</h2>
-            <p class="description">Наши решения и команды работают в ключевых регионах Центральной Азии:</p>
-            <div class="list-container">
-                <div class="list-item"><i class="icon icon-location"></i>Узбекистан</div>
-                <div class="list-item"><i class="icon icon-location"></i>Казахстан</div>
-                <div class="list-item"><i class="icon icon-location"></i>Кыргызстан</div>
+            <span class="tag"><i class="icon-global"></i>География</span>
+            <h2 class="section-title">Глобальное Присутствие</h2>
+            <p class="description">Наши решения успешно внедрены и работают в:</p>
+            <div>
+                <div class="list-item"><i class="icon-location"></i>Узбекистан (Региональный Хаб)</div>
+                <div class="list-item"><i class="icon-location"></i>Казахстан</div>
+                <div class="list-item"><i class="icon-location"></i>Кыргызстан</div>
+                <div class="list-item"><i class="icon-global"></i>...и расширяемся дальше!</div>
             </div>
         </section>
 
         <footer class="footer-greeting">
-             <p id="greeting">Загрузка данных...</p>
+             <p id="greeting">Инициализация...</p>
         </footer>
 
     </div>
 
     <button class="save-card-button" id="save-card-btn">
-        <i class="icon icon-save"></i>Сохранить визитку
+        <i class="icon-save"></i>Сохранить контакт
     </button>
 
     <!-- The Modal -->
     <div id="saveModal" class="modal">
       <div class="modal-content">
         <span class="modal-close" id="modal-close-btn">×</span>
-        <h3 class="modal-title">Контактная информация</h3>
-        <p class="modal-text"><strong>+996 500 398 754</strong></p>
-        <p class="modal-text">Morshen Group, IT Holding</p>
-        <p class="modal-instruction">Сделайте скриншот, чтобы сохранить контакт.</p>
+        <p class="modal-text"><b>+996 500 398 754</b></p>
+        <p class="modal-text" style="font-size: 1.1em;">Morshen Group (IT Holding)</p>
+        <p class="modal-instruction">Сделайте скриншот экрана, чтобы сохранить контакт.</p>
       </div>
     </div>
 
@@ -605,73 +486,102 @@ TEMPLATE = """
         const tg = window.Telegram.WebApp;
 
         function applyTheme(themeParams) {
-            document.documentElement.style.setProperty('--tg-bg-color', themeParams.bg_color || '#181a1b');
-            document.documentElement.style.setProperty('--tg-text-color', themeParams.text_color || '#ffffff');
-            document.documentElement.style.setProperty('--tg-hint-color', themeParams.hint_color || '#aaaaaa');
-            document.documentElement.style.setProperty('--tg-link-color', themeParams.link_color || '#8774e1');
-            document.documentElement.style.setProperty('--tg-button-color', themeParams.button_color || '#8774e1');
-            document.documentElement.style.setProperty('--tg-button-text-color', themeParams.button_text_color || '#ffffff');
-            document.documentElement.style.setProperty('--tg-secondary-bg-color', themeParams.secondary_bg_color || '#222425');
-            console.log("Theme applied:", themeParams);
+            document.documentElement.style.setProperty('--bg-gradient-start', themeParams.bg_color || '#10141F');
+            // Use secondary_bg_color for the end gradient if available, otherwise fallback
+             let bgEnd = themeParams.secondary_bg_color ? themeParams.secondary_bg_color : '#1A202C';
+             // Adjust if secondary is too light/same as primary
+             if (bgEnd === themeParams.bg_color) bgEnd = '#1A202C';
+             document.documentElement.style.setProperty('--bg-gradient-end', bgEnd);
+
+            document.documentElement.style.setProperty('--text-primary', themeParams.text_color || '#E2E8F0');
+            document.documentElement.style.setProperty('--text-secondary', themeParams.hint_color || '#A0AEC0');
+            document.documentElement.style.setProperty('--text-accent', themeParams.link_color || '#63B3ED');
+            document.documentElement.style.setProperty('--card-bg', themeParams.secondary_bg_color ? themeParams.secondary_bg_color + 'B3' : 'rgba(45, 55, 72, 0.7)'); // Add transparency
+            document.documentElement.style.setProperty('--card-border', themeParams.hint_color ? themeParams.hint_color + '80': 'rgba(74, 85, 104, 0.5)');
+
+            // Button gradient from button_color if available
+            if (themeParams.button_color) {
+                // Attempt to create a slightly darker shade for the gradient end
+                try {
+                    let colorStart = themeParams.button_color;
+                    // Simple darken logic (may not be perfect for all colors)
+                    let r = parseInt(colorStart.slice(1, 3), 16);
+                    let g = parseInt(colorStart.slice(3, 5), 16);
+                    let b = parseInt(colorStart.slice(5, 7), 16);
+                    r = Math.max(0, r - 30);
+                    g = Math.max(0, g - 30);
+                    b = Math.max(0, b - 30);
+                    let colorEnd = `#${r.toString(16).padStart(2, '0')}${g.toString(16).padStart(2, '0')}${b.toString(16).padStart(2, '0')}`;
+                    document.documentElement.style.setProperty('--accent-gradient', `linear-gradient(90deg, ${colorStart}, ${colorEnd})`);
+                } catch (e) {
+                     // Fallback if color parsing fails
+                     document.documentElement.style.setProperty('--accent-gradient', `linear-gradient(90deg, ${themeParams.button_color}, ${themeParams.button_color})`);
+                 }
+            }
+             if (themeParams.button_text_color) {
+                 // Adjust button text color if needed, though white usually works
+                 // document.querySelector('.btn').style.color = themeParams.button_text_color;
+             }
+             // Apply to Green button too? Maybe keep it distinct.
         }
 
+
         function setupTelegram() {
             if (!tg || !tg.initData) {
                  console.error("Telegram WebApp script not loaded or initData is missing.");
                  const greetingElement = document.getElementById('greeting');
-                 if(greetingElement) greetingElement.textContent = 'Ошибка загрузки Telegram.';
-                 document.body.style.visibility = 'visible'; // Show body anyway
+                 if(greetingElement) greetingElement.textContent = 'Ошибка: Не удалось получить данные Telegram.';
+                 document.body.style.visibility = 'visible';
                  return;
              }
 
             tg.ready();
             tg.expand();
+            tg.setHeaderColor(document.documentElement.style.getPropertyValue('--bg-gradient-start').trim() || '#10141F');
+            tg.setBackgroundColor(document.documentElement.style.getPropertyValue('--bg-gradient-end').trim() || '#1A202C');
+
             applyTheme(tg.themeParams);
-            tg.onEvent('themeChanged', () => applyTheme(tg.themeParams)); // Listen for theme changes
+            tg.onEvent('themeChanged', () => applyTheme(tg.themeParams));
 
-             // Send initData for verification and user logging
              fetch('/verify', {
                  method: 'POST',
-                 headers: {
-                     'Content-Type': 'application/json',
-                 },
+                 headers: { 'Content-Type': 'application/json' },
                  body: JSON.stringify({ initData: tg.initData }),
              })
              .then(response => response.json())
              .then(data => {
                  if (data.status === 'ok' && data.verified) {
-                     console.log('Backend verification successful.');
+                     console.log('Backend verification successful for user:', data.user?.id);
                  } else {
                      console.warn('Backend verification failed:', data.message);
-                     // Optionally show a non-intrusive warning
+                     // Consider showing a non-blocking warning
+                     // tg.showAlert('Не удалось проверить данные сессии.');
                  }
              })
              .catch(error => {
                  console.error('Error sending initData for verification:', error);
+                 // tg.showAlert('Ошибка связи с сервером.');
              });
 
-             // User Greeting (using unsafe data for immediate feedback)
              const user = tg.initDataUnsafe?.user;
              const greetingElement = document.getElementById('greeting');
              if (user) {
                  const name = user.first_name || user.username || 'Гость';
-                 greetingElement.textContent = `Приветствуем, ${name}! 👋`;
+                 greetingElement.textContent = `👋 Добро пожаловать, ${name}!`;
              } else {
                  greetingElement.textContent = 'Добро пожаловать!';
-                 console.warn('Telegram User data (initDataUnsafe.user) not available.');
+                 console.warn('Telegram User data not available (initDataUnsafe.user is empty).');
              }
 
-             // Contact Links
              const contactButtons = document.querySelectorAll('.contact-link');
              contactButtons.forEach(button => {
                  button.addEventListener('click', (e) => {
                      e.preventDefault();
-                     tg.openTelegramLink('https://t.me/morshenkhan'); // Replace with actual contact username
-                     if (tg.HapticFeedback) tg.HapticFeedback.impactOccurred('light');
+                      if (tg.HapticFeedback) tg.HapticFeedback.impactOccurred('light');
+                     tg.openTelegramLink('https://t.me/morshenkhan');
                  });
              });
 
-             // Modal Setup
              const modal = document.getElementById("saveModal");
              const saveCardBtn = document.getElementById("save-card-btn");
              const closeBtn = document.getElementById("modal-close-btn");
@@ -679,17 +589,16 @@ TEMPLATE = """
              if (saveCardBtn && modal && closeBtn) {
                  saveCardBtn.addEventListener('click', (e) => {
                      e.preventDefault();
+                     if (tg.HapticFeedback) tg.HapticFeedback.impactOccurred('medium');
                      modal.style.display = "block";
-                     if (tg.HapticFeedback) tg.HapticFeedback.notificationOccurred('success');
                  });
 
                  closeBtn.addEventListener('click', () => {
                      modal.style.display = "none";
                  });
 
-                 // Close modal if clicked outside the content
-                 modal.addEventListener('click', (event) => { // Listen on modal overlay itself
-                     if (event.target === modal) {
+                 window.addEventListener('click', (event) => {
+                     if (event.target == modal) {
                          modal.style.display = "none";
                      }
                  });
@@ -697,26 +606,23 @@ TEMPLATE = """
                  console.error("Modal elements not found!");
              }
 
-             document.body.style.visibility = 'visible'; // Make body visible now
-             console.log("Telegram Mini App setup complete.");
+             document.body.style.visibility = 'visible';
          }
 
-        // Initialize Telegram WebApp
         if (window.Telegram && window.Telegram.WebApp) {
             setupTelegram();
         } else {
-            console.warn("Telegram WebApp script not immediately available. Waiting for load event.");
             window.addEventListener('load', setupTelegram);
-             // Further fallback timeout
              setTimeout(() => {
                  if (document.body.style.visibility !== 'visible') {
-                      console.error("Telegram WebApp script loading fallback timeout triggered.");
+                      console.error("Telegram WebApp script fallback timeout triggered.");
                       const greetingElement = document.getElementById('greeting');
                       if(greetingElement) greetingElement.textContent = 'Ошибка загрузки интерфейса.';
-                      document.body.style.visibility = 'visible'; // Force display anyway
+                      document.body.style.visibility = 'visible';
                   }
-             }, 4000); // Increased timeout
+             }, 3500); // Slightly longer timeout
         }
+
     </script>
 </body>
 </html>
@@ -731,138 +637,157 @@ ADMIN_TEMPLATE = """
     <title>Admin - Посетители</title>
     <link rel="preconnect" href="https://fonts.googleapis.com">
     <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
-    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
+    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap" rel="stylesheet">
     <style>
         :root {
-            --admin-bg-color: #1f2937; /* Dark Gray */
-            --admin-card-bg: #374151; /* Medium Gray */
-            --admin-text-color: #f3f4f6; /* Light Gray */
-            --admin-text-secondary-color: #9ca3af; /* Gray */
-            --admin-accent-color: #60a5fa; /* Blue */
-            --admin-border-color: #4b5563; /* Darker Gray */
-            --admin-shadow-color: rgba(0, 0, 0, 0.3);
-            --border-radius: 12px;
-            --padding: 20px;
+            --admin-bg: #1A202C; /* Dark Blue/Gray */
+            --admin-card-bg: #2D3748; /* Slightly Lighter Dark Blue/Gray */
+            --admin-text-primary: #E2E8F0; /* Light Gray */
+            --admin-text-secondary: #A0AEC0; /* Gray */
+            --admin-accent: #63B3ED; /* Light Blue */
+            --admin-border: #4A5568; /* Medium Gray */
+            --admin-danger: #F56565; /* Red */
+            --admin-success: #68D391; /* Green */
+            --border-radius: 8px;
+            --padding: 16px;
+            --shadow: 0 4px 6px rgba(0, 0, 0, 0.1);
         }
         body {
             font-family: 'Inter', sans-serif;
-            background-color: var(--admin-bg-color);
-            color: var(--admin-text-color);
+            background-color: var(--admin-bg);
+            color: var(--admin-text-primary);
             margin: 0;
             padding: var(--padding);
-            line-height: 1.6;
         }
-        .container { max-width: 1200px; margin: 0 auto; }
-        h1 { text-align: center; color: var(--admin-accent-color); font-weight: 700; margin-bottom: 30px; }
-        .controls { display: flex; justify-content: center; gap: 15px; margin-bottom: 30px; flex-wrap: wrap;}
-        .control-btn {
+        h1, h2 {
+            text-align: center;
+            color: var(--admin-text-primary);
+            margin-bottom: 1.5em;
+            font-weight: 600;
+        }
+        .controls {
+            display: flex;
+            justify-content: center;
+            gap: var(--padding);
+            margin-bottom: calc(var(--padding) * 1.5);
+            flex-wrap: wrap;
+        }
+        .btn {
             padding: 10px 20px;
             border: none;
-            border-radius: 8px;
-            background-color: var(--admin-accent-color);
-            color: #fff;
-            font-weight: 600;
+            border-radius: var(--border-radius);
+            font-weight: 500;
             cursor: pointer;
             transition: all 0.2s ease;
-            box-shadow: 0 2px 5px var(--admin-shadow-color);
+            font-size: 0.95em;
         }
-        .control-btn:hover {
-            background-color: #3b82f6; /* Darker Blue */
-            transform: translateY(-1px);
-            box-shadow: 0 4px 10px var(--admin-shadow-color);
+        .btn-primary { background-color: var(--admin-accent); color: var(--admin-bg); }
+        .btn-primary:hover { background-color: #4299E1; }
+        .btn-success { background-color: var(--admin-success); color: var(--admin-bg); }
+        .btn-success:hover { background-color: #48BB78; }
+        .user-grid {
+            display: grid;
+            grid-template-columns: repeat(auto-fill, minmax(280px, 1fr));
+            gap: var(--padding);
         }
-        .control-btn.download { background-color: #34d399; } /* Green */
-        .control-btn.download:hover { background-color: #059669; }
-        .user-grid { display: grid; grid-template-columns: repeat(auto-fill, minmax(280px, 1fr)); gap: var(--padding); }
         .user-card {
             background-color: var(--admin-card-bg);
             border-radius: var(--border-radius);
             padding: var(--padding);
-            box-shadow: 0 4px 15px var(--admin-shadow-color);
+            box-shadow: var(--shadow);
             display: flex;
             flex-direction: column;
             align-items: center;
             text-align: center;
-            border: 1px solid var(--admin-border-color);
-            transition: transform 0.2s ease, box-shadow 0.2s ease;
-        }
-        .user-card:hover {
-            transform: translateY(-4px);
-            box-shadow: 0 8px 25px var(--admin-shadow-color);
+            border: 1px solid var(--admin-border);
         }
         .user-card img {
-            width: 90px;
-            height: 90px;
+            width: 80px; height: 80px;
             border-radius: 50%;
-            margin-bottom: 15px;
+            margin-bottom: 12px;
             object-fit: cover;
-            border: 3px solid var(--admin-border-color);
-            background-color: var(--admin-bg-color); /* Placeholder bg */
-        }
-        .user-card .name { font-weight: 700; font-size: 1.2em; margin-bottom: 5px; color: var(--admin-text-color); }
-        .user-card .username { color: var(--admin-accent-color); margin-bottom: 10px; font-size: 0.95em; font-weight: 500; }
-        .user-card .details { font-size: 0.9em; color: var(--admin-text-secondary-color); word-break: break-all; line-height: 1.5; }
-        .user-card .timestamp { font-size: 0.8em; color: var(--admin-text-secondary-color); margin-top: 15px; font-style: italic; }
-        .no-users { text-align: center; color: var(--admin-text-secondary-color); margin-top: 40px; font-size: 1.1em; }
+            border: 2px solid var(--admin-border);
+            background-color: var(--admin-bg); /* Placeholder bg */
+        }
+        .user-card .name { font-weight: 600; font-size: 1.1em; margin-bottom: 4px; }
+        .user-card .username { color: var(--admin-accent); margin-bottom: 8px; font-size: 0.9em; }
+        .user-card .details { font-size: 0.9em; color: var(--admin-text-secondary); word-break: break-all; line-height: 1.5; }
+        .user-card .timestamp { font-size: 0.8em; color: var(--admin-text-secondary); margin-top: 12px; }
+        .no-users, .message {
+            text-align: center; color: var(--admin-text-secondary);
+            margin-top: 30px; font-size: 1.1em;
+            padding: var(--padding); background-color: var(--admin-card-bg);
+            border-radius: var(--border-radius); border: 1px solid var(--admin-border);
+        }
+        .message.success { color: var(--admin-success); border-left: 5px solid var(--admin-success); }
+        .message.error { color: var(--admin-danger); border-left: 5px solid var(--admin-danger); }
         .alert {
-            background-color: #f87171; /* Red */
-            color: #fff;
-            border-left: 6px solid #dc2626; /* Darker Red */
-            margin-bottom: 25px;
-            padding: 15px 20px;
-            border-radius: 8px;
-            text-align: center;
-            font-weight: 600;
-            box-shadow: 0 2px 5px var(--admin-shadow-color);
+            background-color: rgba(245, 101, 101, 0.2); /* Light Red BG */
+            border-left: 6px solid var(--admin-danger);
+            margin: 20px auto; padding: 12px 18px;
+            color: #FED7D7; /* Lighter Red Text */
+            border-radius: var(--border-radius);
+            text-align: center; font-weight: 500;
+            max-width: 800px;
         }
-        a { color: var(--admin-accent-color); text-decoration: none; }
-        a:hover { text-decoration: underline; }
+         a { color: var(--admin-accent); text-decoration: none; }
+         a:hover { text-decoration: underline; }
     </style>
 </head>
 <body>
-    <div class="container">
-        <h1>Панель Администратора - Посетители</h1>
-        <div class="alert">ВНИМАНИЕ: Этот раздел не защищен! Добавьте аутентификацию для реального использования.</div>
-
-        <div class="controls">
-            <form method="POST" action="{{ url_for('backup_route') }}" style="display: inline;">
-                <button type="submit" class="control-btn">Создать Резервную Копию</button>
-            </form>
-            <form method="GET" action="{{ url_for('download_route') }}" style="display: inline;">
-                <button type="submit" class="control-btn download">Скачать Базу Данных</button>
-            </form>
-             <button class="control-btn" onclick="window.location.reload();">Обновить Список</button>
-        </div>
+    <h1>Панель Администратора</h1>
+    <div class="alert">ВНИМАНИЕ: Этот раздел не защищен! Добавьте аутентификацию для реального использования.</div>
+
+     {% with messages = get_flashed_messages(with_categories=true) %}
+       {% if messages %}
+         {% for category, message in messages %}
+           <div class="message {{ category }}">{{ message }}</div>
+         {% endfor %}
+       {% endif %}
+     {% endwith %}
+
+    <h2>Управление Базой Данных Посетителей</h2>
+    <div class="controls">
+        <form method="POST" action="{{ url_for('backup_users') }}" style="display: inline;">
+            <button type="submit" class="btn btn-primary">Резервное копирование на HF</button>
+        </form>
+        <form method="POST" action="{{ url_for('download_users') }}" style="display: inline;">
+            <button type="submit" class="btn btn-success">Загрузить с HF</button>
+        </form>
+         <form method="GET" action="{{ url_for('download_local_db') }}" style="display: inline;">
+             <button type="submit" class="btn btn-secondary" style="background-color: var(--admin-text-secondary); color: var(--admin-bg);">Скачать локальный JSON</button>
+         </form>
+    </div>
 
-        {% if users %}
-            <div class="user-grid">
-                {% for user in users|sort(attribute='visited_at', reverse=true) %}
-                    <div class="user-card">
-                        <img src="{{ user.photo_url if user.photo_url else 'data:image/svg+xml;charset=UTF-8,%3csvg xmlns=%27http://www.w3.org/2000/svg%27 viewBox=%270 0 100 100%27%3e%3crect width=%27100%27 height=%27100%27 fill=%27%234b5563%27/%3e%3ctext x=%2750%25%27 y=%2750%25%27 dominant-baseline=%27middle%27 text-anchor=%27middle%27 font-size=%2745%27 font-family=%27sans-serif%27 fill=%27%239ca3af%27%3e?%3c/text%3e%3c/svg%3e' }}" alt="User Avatar" loading="lazy">
-                        <div class="name">{{ user.first_name or '' }} {{ user.last_name or '' }}</div>
-                        {% if user.username %}
-                            <div class="username"><a href="https://t.me/{{ user.username }}" target="_blank">@{{ user.username }}</a></div>
-                        {% else %}
-                             <div class="username">Нет username</div>
-                        {% endif %}
-                        <div class="details">
-                            ID: {{ user.id }} <br>
-                            Язык: {{ user.language_code or 'N/A' }} <br>
-                            Телефон: <span style="color: var(--admin-text-secondary-color); font-style: italic;">Недоступен</span>
-                        </div>
-                         <div class="timestamp">Визит: {{ user.visited_at_str }}</div>
+    <h2>Список Посетителей (из локального {{ data_file_name }})</h2>
+    {% if users %}
+        <div class="user-grid">
+            {% for user_id, user in users.items()|sort(attribute='1.last_visited_at', reverse=true) %}
+                <div class="user-card">
+                    <img src="{{ user.photo_url if user.photo_url else 'data:image/svg+xml;charset=UTF-8,%3csvg xmlns=%27http://www.w3.org/2000/svg%27 viewBox=%270 0 100 100%27%3e%3crect width=%27100%27 height=%27100%27 fill=%27%234A5568%27/%3e%3ctext x=%2750%25%27 y=%2750%25%27 dominant-baseline=%27middle%27 text-anchor=%27middle%27 font-size=%2740%27 font-family=%27sans-serif%27 fill=%27%23A0AEC0%27%3e?%3c/text%3e%3c/svg%3e' }}"
+                         alt="User Avatar"
+                         onerror="this.onerror=null; this.src='data:image/svg+xml;charset=UTF-8,%3csvg xmlns=%27http://www.w3.org/2000/svg%27 viewBox=%270 0 100 100%27%3e%3crect width=%27100%27 height=%27100%27 fill=%27%234A5568%27/%3e%3ctext x=%2750%25%27 y=%2750%25%27 dominant-baseline=%27middle%27 text-anchor=%27middle%27 font-size=%2740%27 font-family=%27sans-serif%27 fill=%27%23A0AEC0%27%3e?%3c/text%3e%3c/svg%3e';">
+                    <div class="name">{{ user.first_name or '' }} {{ user.last_name or '' }}</div>
+                    {% if user.username %}
+                        <div class="username"><a href="https://t.me/{{ user.username }}" target="_blank">@{{ user.username }}</a></div>
+                    {% else %}
+                        <div class="username" style="opacity: 0.6;">Нет @username</div>
+                    {% endif %}
+                    <div class="details">
+                        ID: {{ user.id }} <br>
+                        Lang: {{ user.language_code or 'N/A' }}
                     </div>
-                {% endfor %}
-            </div>
-        {% else %}
-            <p class="no-users">Пока нет данных о посетителях.</p>
-        {% endif %}
-    </div>
+                     <div class="timestamp">Последний визит: {{ user.last_visited_at_str or 'N/A' }}</div>
+                </div>
+            {% endfor %}
+        </div>
+    {% else %}
+        <p class="no-users">Дан��ые о посетителях отсутствуют в локальном файле {{ data_file_name }}.</p>
+    {% endif %}
 </body>
 </html>
 """
 
-
 # --- Flask Routes ---
 
 @app.route('/')
@@ -871,121 +796,141 @@ def index():
 
 @app.route('/verify', methods=['POST'])
 def verify_data():
-    global visited_users
+    global user_data_global
     try:
         data = request.get_json()
         init_data_str = data.get('initData')
         if not init_data_str:
-            logging.warning("Verification request missing initData.")
+            logging.warning("Verify request missing initData.")
             return jsonify({"status": "error", "message": "Missing initData"}), 400
 
+        # logging.debug(f"Received initData string: {init_data_str}")
         user_data_parsed, is_valid = verify_telegram_data(init_data_str)
 
         user_info_dict = {}
         if user_data_parsed and 'user' in user_data_parsed:
             try:
-                # Decode JSON string within the 'user' field
+                # The 'user' value is typically a URL-encoded JSON string
                 user_json_str = unquote(user_data_parsed['user'][0])
                 user_info_dict = json.loads(user_json_str)
-            except (KeyError, IndexError, json.JSONDecodeError, TypeError) as e:
-                logging.error(f"Could not parse user JSON from initData: {e} - Data: {user_data_parsed.get('user')}")
-                user_info_dict = {} # Ensure it's a dict even on error
+            except Exception as e:
+                logging.error(f"Could not parse user JSON from initData: {e}")
+                # Log the problematic string if needed: logging.debug(f"Problematic user string: {user_data_parsed['user'][0]}")
+                user_info_dict = {}
 
         if is_valid:
             user_id = user_info_dict.get('id')
             if user_id:
                 user_id_str = str(user_id) # Use string keys for JSON consistency
-                now = time.time()
-                update_data = {
+                now = datetime.now()
+                now_iso = now.isoformat()
+                now_str = now.strftime('%Y-%m-%d %H:%M:%S')
+
+                if user_id_str not in user_data_global:
+                     logging.info(f"New user detected: {user_id_str} ({user_info_dict.get('username', 'N/A')})")
+                     user_data_global[user_id_str] = {} # Initialize if new
+
+                # Update user data, preserving existing fields if they are missing in the new data
+                user_data_global[user_id_str].update({
                      'id': user_id,
-                     'first_name': user_info_dict.get('first_name'),
-                     'last_name': user_info_dict.get('last_name'),
-                     'username': user_info_dict.get('username'),
-                     'photo_url': user_info_dict.get('photo_url'),
-                     'language_code': user_info_dict.get('language_code'),
-                     'visited_at': now,
-                     'visited_at_str': datetime.fromtimestamp(now).strftime('%Y-%m-%d %H:%M:%S UTC') # Explicit UTC
-                 }
-                # Update the global dictionary and save
-                visited_users[user_id_str] = update_data
-                save_users(visited_users) # Save after modification
-                logging.info(f"User visit recorded/updated for ID: {user_id_str}")
+                     'first_name': user_info_dict.get('first_name', user_data_global[user_id_str].get('first_name')),
+                     'last_name': user_info_dict.get('last_name', user_data_global[user_id_str].get('last_name')),
+                     'username': user_info_dict.get('username', user_data_global[user_id_str].get('username')),
+                     'photo_url': user_info_dict.get('photo_url', user_data_global[user_id_str].get('photo_url')),
+                     'language_code': user_info_dict.get('language_code', user_data_global[user_id_str].get('language_code')),
+                     'last_visited_at': now_iso, # Always update last visit
+                     'last_visited_at_str': now_str # Human-readable version
+                 })
+                # Periodically save or save on significant changes? Saving every time can be I/O intensive.
+                # Let's save here for simplicity in this example.
+                save_user_data(user_data_global)
+
+            else:
+                 logging.warning("Verification successful but user ID missing in parsed user data.")
+
 
             return jsonify({"status": "ok", "verified": True, "user": user_info_dict}), 200
         else:
-            logging.warning(f"Verification failed for user ID: {user_info_dict.get('id', 'Unknown')}")
-            return jsonify({"status": "error", "verified": False, "message": "Invalid data"}), 403
+            logging.warning(f"Verification failed for request. User data (if parsed): {user_info_dict.get('id', 'N/A')}")
+            return jsonify({"status": "error", "verified": False, "message": "Invalid data hash"}), 403
 
     except Exception as e:
-        logging.exception("Critical error in /verify endpoint") # Log full traceback
+        logging.error(f"Critical error in /verify endpoint: {e}", exc_info=True)
         return jsonify({"status": "error", "message": "Internal server error"}), 500
 
+
 @app.route('/admin')
 def admin_panel():
-    # WARNING: This route is unprotected! Add proper authentication/authorization for production.
-    # Load fresh data for admin view, though 'visited_users' global should be up-to-date
-    current_users = load_users()
-    users_list = list(current_users.values())
-    logging.info(f"Admin panel accessed. Displaying {len(users_list)} users.")
-    return render_template_string(ADMIN_TEMPLATE, users=users_list)
-
-@app.route('/backup', methods=['POST'])
-def backup_route():
-    # Manual backup trigger
-    # WARNING: Unprotected route
-    logging.info("Manual backup requested via /backup route.")
-    if upload_db_to_hf():
-        # Optionally add a success message (e.g., using flash)
-        pass
+    # WARNING: Unprotected route! Implement authentication for production.
+    current_user_data = load_user_data() # Load fresh data from local file for display
+    return render_template_string(ADMIN_TEMPLATE, users=current_user_data, data_file_name=DATA_FILE)
+
+@app.route('/admin/backup', methods=['POST'])
+def backup_users():
+    # WARNING: Unprotected route!
+    global user_data_global
+    from flask import flash
+    if save_user_data(user_data_global): # Ensure current memory is saved before upload
+        if upload_db_to_hf():
+            flash("Резервное копирование на Hugging Face успешно завершено.", "success")
+        else:
+            flash("Ошибка при резервном копировании на Hugging Face.", "error")
     else:
-        # Optionally add an error message
-        pass
-    return redirect(url_for('admin_panel')) # Redirect back to admin
-
-@app.route('/download', methods=['GET'])
-def download_route():
-    # Manual download trigger
-    # WARNING: Unprotected route
-    global visited_users
-    logging.info("Manual download requested via /download route.")
+        flash("Ошибка при сохранении локального файла перед резервным копированием.", "error")
+    return redirect(url_for('admin_panel'))
+
+
+@app.route('/admin/download', methods=['POST'])
+def download_users():
+    # WARNING: Unprotected route!
+    global user_data_global
+    from flask import flash
     if download_db_from_hf():
-        visited_users = load_users() # Reload data after download
-        # Optionally add a success message
+        user_data_global = load_user_data() # Reload global data after download
+        flash(f"Данные успешно загружены с Hugging Face и {DATA_FILE} обновлен.", "success")
     else:
-        # Optionally add an error message
-        pass
-    return redirect(url_for('admin_panel')) # Redirect back to admin
+        flash("Ошибка при загрузке данных с Hugging Face.", "error")
+    return redirect(url_for('admin_panel'))
 
+@app.route('/admin/download_local_db', methods=['GET'])
+def download_local_db():
+     # WARNING: Unprotected route!
+     if os.path.exists(DATA_FILE):
+         return send_file(DATA_FILE, as_attachment=True, download_name=DATA_FILE)
+     else:
+         from flask import flash
+         flash(f"Локальный файл {DATA_FILE} не найден.", "error")
+         return redirect(url_for('admin_panel'))
 
-# --- Main Execution ---
 
+# --- Main Execution ---
 if __name__ == '__main__':
-    # Initial check for HF tokens
-    if not HF_TOKEN:
-        logging.warning("!!! HF_TOKEN environment variable is not set. Uploads to Hugging Face Hub will be disabled.")
+    if not BOT_TOKEN or len(BOT_TOKEN.split(':')) != 2:
+        logging.critical("BOT_TOKEN is missing or invalid. Please set the environment variable.")
+        exit(1)
+    if not HF_TOKEN_WRITE:
+        logging.warning("HF_TOKEN_WRITE environment variable is not set. Hugging Face backups will be skipped.")
     if not HF_TOKEN_READ:
-        logging.warning("!!! HF_TOKEN_READ environment variable is not set. Downloads from Hugging Face Hub will be disabled (falling back to local file).")
-
-    # Start the periodic backup thread
-    if HF_TOKEN: # Only start if upload is possible
-        backup_thread = threading.Thread(target=periodic_backup, daemon=True)
-        backup_thread.start()
-    else:
-        logging.warning("Periodic backup thread not started because HF_TOKEN is not set.")
+        logging.warning("HF_TOKEN_READ environment variable is not set. Hugging Face downloads might fail.")
 
 
-    logging.warning("--- SECURITY WARNING ---")
-    logging.warning("The /admin, /backup, /download routes are NOT protected by authentication.")
-    logging.warning("Anyone knowing the URL can access visitor data and trigger actions.")
-    logging.warning("Implement proper security (e.g., password protection, IP restriction) before deploying.")
-    logging.warning("------------------------")
+    logging.info("--- SECURITY WARNING ---")
+    logging.warning("The /admin/* routes are NOT protected by authentication.")
+    logging.warning("Anyone knowing the URL can access visitor data and trigger DB operations.")
+    logging.warning("Implement proper security (e.g., password auth, IP restriction) before deploying.")
+    logging.info("------------------------")
     logging.info(f"Starting Flask server on http://{HOST}:{PORT}")
-    logging.info(f"Ensure this address is accessible and configured in BotFather for your Mini App.")
+    logging.info(f"Telegram Mini App URL should point to: http://<YOUR_SERVER_IP_OR_DOMAIN>:{PORT}")
     logging.info(f"Using Bot Token ID: {BOT_TOKEN.split(':')[0]}")
     logging.info(f"User data file: {DATA_FILE}")
     logging.info(f"Hugging Face Repo: {REPO_ID}")
 
-    # Use Waitress or Gunicorn for production instead of app.run()
+    # Start the backup thread
+    backup_thread = threading.Thread(target=periodic_backup, daemon=True)
+    backup_thread.start()
+
+    # Use a production server like Waitress or Gunicorn instead of app.run() for deployment
     # from waitress import serve
     # serve(app, host=HOST, port=PORT)
+    app.secret_key = os.urandom(24) # Required for flashing messages
     app.run(host=HOST, port=PORT, debug=False) # debug=False for production