saving changes

alembic.ini

@@ -0,0 +1,147 @@
+# A generic, single database configuration.
+
+[alembic]
+# path to migration scripts.
+# this is typically a path given in POSIX (e.g. forward slashes)
+# format, relative to the token %(here)s which refers to the location of this
+# ini file
+script_location = %(here)s/migrations
+
+# template used to generate migration file names; The default value is %%(rev)s_%%(slug)s
+# Uncomment the line below if you want the files to be prepended with date and time
+# see https://alembic.sqlalchemy.org/en/latest/tutorial.html#editing-the-ini-file
+# for all available tokens
+# file_template = %%(year)d_%%(month).2d_%%(day).2d_%%(hour).2d%%(minute).2d-%%(rev)s_%%(slug)s
+
+# sys.path path, will be prepended to sys.path if present.
+# defaults to the current working directory.  for multiple paths, the path separator
+# is defined by "path_separator" below.
+prepend_sys_path = .
+
+
+# timezone to use when rendering the date within the migration file
+# as well as the filename.
+# If specified, requires the python>=3.9 or backports.zoneinfo library and tzdata library.
+# Any required deps can installed by adding `alembic[tz]` to the pip requirements
+# string value is passed to ZoneInfo()
+# leave blank for localtime
+# timezone =
+
+# max length of characters to apply to the "slug" field
+# truncate_slug_length = 40
+
+# set to 'true' to run the environment during
+# the 'revision' command, regardless of autogenerate
+# revision_environment = false
+
+# set to 'true' to allow .pyc and .pyo files without
+# a source .py file to be detected as revisions in the
+# versions/ directory
+# sourceless = false
+
+# version location specification; This defaults
+# to <script_location>/versions.  When using multiple version
+# directories, initial revisions must be specified with --version-path.
+# The path separator used here should be the separator specified by "path_separator"
+# below.
+# version_locations = %(here)s/bar:%(here)s/bat:%(here)s/alembic/versions
+
+# path_separator; This indicates what character is used to split lists of file
+# paths, including version_locations and prepend_sys_path within configparser
+# files such as alembic.ini.
+# The default rendered in new alembic.ini files is "os", which uses os.pathsep
+# to provide os-dependent path splitting.
+#
+# Note that in order to support legacy alembic.ini files, this default does NOT
+# take place if path_separator is not present in alembic.ini.  If this
+# option is omitted entirely, fallback logic is as follows:
+#
+# 1. Parsing of the version_locations option falls back to using the legacy
+#    "version_path_separator" key, which if absent then falls back to the legacy
+#    behavior of splitting on spaces and/or commas.
+# 2. Parsing of the prepend_sys_path option falls back to the legacy
+#    behavior of splitting on spaces, commas, or colons.
+#
+# Valid values for path_separator are:
+#
+# path_separator = :
+# path_separator = ;
+# path_separator = space
+# path_separator = newline
+#
+# Use os.pathsep. Default configuration used for new projects.
+path_separator = os
+
+# set to 'true' to search source files recursively
+# in each "version_locations" directory
+# new in Alembic version 1.10
+# recursive_version_locations = false
+
+# the output encoding used when revision files
+# are written from script.py.mako
+# output_encoding = utf-8
+
+# database URL.  This is consumed by the user-maintained env.py script only.
+# other means of configuring database URLs may be customized within the env.py
+# file.
+sqlalchemy.url = 'postgresql+asyncpg://dubsway-media-analyser-db_owner:npg_9ChyJBYKafN6@ep-morning-sky-a1gyd5tp-pooler.ap-southeast-1.aws.neon.tech/dubsway-media-analyser-db?ssl=require'
+
+
+[post_write_hooks]
+# post_write_hooks defines scripts or Python functions that are run
+# on newly generated revision scripts.  See the documentation for further
+# detail and examples
+
+# format using "black" - use the console_scripts runner, against the "black" entrypoint
+# hooks = black
+# black.type = console_scripts
+# black.entrypoint = black
+# black.options = -l 79 REVISION_SCRIPT_FILENAME
+
+# lint with attempts to fix using "ruff" - use the module runner, against the "ruff" module
+# hooks = ruff
+# ruff.type = module
+# ruff.module = ruff
+# ruff.options = check --fix REVISION_SCRIPT_FILENAME
+
+# Alternatively, use the exec runner to execute a binary found on your PATH
+# hooks = ruff
+# ruff.type = exec
+# ruff.executable = ruff
+# ruff.options = check --fix REVISION_SCRIPT_FILENAME
+
+# Logging configuration.  This is also consumed by the user-maintained
+# env.py script only.
+[loggers]
+keys = root,sqlalchemy,alembic
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = WARNING
+handlers = console
+qualname =
+
+[logger_sqlalchemy]
+level = WARNING
+handlers =
+qualname = sqlalchemy.engine
+
+[logger_alembic]
+level = INFO
+handlers =
+qualname = alembic
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(levelname)-5.5s [%(name)s] %(message)s
+datefmt = %H:%M:%S

app/auth.py

@@ -11,6 +11,7 @@ import logging
 from dotenv import load_dotenv
 from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
 from jose import JWTError
+from datetime import datetime, timedelta, timezone
 
 router = APIRouter()
 logger = logging.getLogger(__name__)
@@ -56,11 +57,16 @@ class SignUp(BaseModel):
     name: str | None = None
     dob: str | None = None
     preparing_for: str | None = None
+    exam: str | None = None
+    subjects: list[str] | None = None
 
 
 class Login(BaseModel):
     email: EmailStr
     password: str
+    # Allow capturing preferences at sign-in if provided by UI
+    exam: str | None = None
+    subjects: list[str] | None = None
 
 
 class UpdateProfile(BaseModel):
@@ -68,6 +74,22 @@ class UpdateProfile(BaseModel):
     name: str | None = None
     dob: str | None = None
     preparing_for: str | None = None
+    exam: str | None = None
+    subjects: list[str] | None = None
+
+
+class RequestPasswordReset(BaseModel):
+    email: EmailStr
+
+
+class ConfirmPasswordReset(BaseModel):
+    token: str
+    new_password: str
+
+
+class ChangePassword(BaseModel):
+    current_password: str
+    new_password: str
 
 
 @router.put("/auth/profile")
@@ -83,6 +105,10 @@ async def update_profile(data: UpdateProfile,
         current_user.dob = data.dob
     if data.preparing_for is not None:
         current_user.preparing_for = data.preparing_for
+    if data.exam is not None:
+        current_user.exam = data.exam
+    if data.subjects is not None:
+        current_user.subjects = ",".join([s.strip() for s in data.subjects if s and s.strip()]) or None
 
     try:
         await db.commit()
@@ -110,9 +136,16 @@ async def signup(data: SignUp, db: AsyncSession = Depends(get_db)):
         raise HTTPException(status_code=400, detail="Email already exists")
 
     hashed_password = pwd_context.hash(data.password)
-    new_user = User(email=data.email, hashed_password=hashed_password,
-                    mobile=data.mobile, name=data.name, dob=data.dob,
-                    preparing_for=data.preparing_for)
+    new_user = User(
+        email=data.email,
+        hashed_password=hashed_password,
+        mobile=data.mobile,
+        name=data.name,
+        dob=data.dob,
+        preparing_for=data.preparing_for,
+        exam=data.exam,
+        subjects=(",".join(data.subjects) if data.subjects else None),
+    )
 
     try:
         db.add(new_user)
@@ -133,9 +166,100 @@ async def login(data: Login, db: AsyncSession = Depends(get_db)):
     if not user or not pwd_context.verify(data.password, user.hashed_password):
         raise HTTPException(status_code=401, detail="Invalid credentials")
 
+    # Optionally update preferences at login if provided
+    try:
+        updated = False
+        if data.exam is not None and data.exam != user.exam:
+            user.exam = data.exam
+            updated = True
+        if data.subjects is not None:
+            subjects_joined = ",".join([s.strip() for s in data.subjects if s and s.strip()]) or None
+            if subjects_joined != (user.subjects or None):
+                user.subjects = subjects_joined
+                updated = True
+        if updated:
+            await db.commit()
+            await db.refresh(user)
+    except Exception:
+        await db.rollback()
+
     token = jwt.encode({"user_id": user.id}, SECRET_KEY, algorithm=ALGORITHM)
     return {
         "access_token": token,
         "token_type": "bearer",
-        "user": {"id": user.id, "email": user.email},
+        "user": {
+            "id": user.id,
+            "email": user.email,
+            "exam": user.exam,
+            "subjects": (user.subjects.split(",") if user.subjects else []),
+        },
     }
+
+
+@router.post("/auth/password/request-reset")
+async def request_password_reset(data: RequestPasswordReset, db: AsyncSession = Depends(get_db)):
+    result = await db.execute(select(User).where(User.email == data.email))
+    user = result.scalar_one_or_none()
+    if not user:
+        # Do not reveal whether email exists
+        return {"message": "If the email exists, a reset link has been sent."}
+
+    # Create a short-lived token
+    expires_at = datetime.now(timezone.utc) + timedelta(minutes=30)
+    reset_token = jwt.encode({"user_id": user.id, "pr": True, "exp": expires_at}, SECRET_KEY, algorithm=ALGORITHM)
+    user.password_reset_token = reset_token
+    user.password_reset_expires = expires_at
+    try:
+        await db.commit()
+    except Exception as e:
+        await db.rollback()
+        logger.error(f"Failed to store reset token: {e}")
+        raise HTTPException(status_code=500, detail="Internal Server Error")
+
+    # NOTE: Integrate email/SMS sending here. For now, return token for development.
+    return {"message": "Reset token generated", "reset_token": reset_token}
+
+
+@router.post("/auth/password/confirm-reset")
+async def confirm_password_reset(data: ConfirmPasswordReset, db: AsyncSession = Depends(get_db)):
+    try:
+        payload = jwt.decode(data.token, SECRET_KEY, algorithms=[ALGORITHM])
+        user_id = payload.get("user_id")
+        if not user_id or not payload.get("pr"):
+            raise HTTPException(status_code=400, detail="Invalid token")
+    except JWTError:
+        raise HTTPException(status_code=400, detail="Invalid or expired token")
+
+    result = await db.execute(select(User).where(User.id == user_id))
+    user = result.scalar_one_or_none()
+    if not user or user.password_reset_token != data.token:
+        raise HTTPException(status_code=400, detail="Invalid token")
+    if user.password_reset_expires and datetime.now(timezone.utc) > user.password_reset_expires:
+        raise HTTPException(status_code=400, detail="Token expired")
+
+    user.hashed_password = pwd_context.hash(data.new_password)
+    user.password_reset_token = None
+    user.password_reset_expires = None
+    try:
+        await db.commit()
+        return {"message": "Password reset successful"}
+    except Exception as e:
+        await db.rollback()
+        logger.error(f"Password reset error: {e}")
+        raise HTTPException(status_code=500, detail="Internal Server Error")
+
+
+@router.post("/auth/password/change")
+async def change_password(data: ChangePassword,
+                         current_user: User = Depends(get_current_user),
+                         db: AsyncSession = Depends(get_db)):
+    if not pwd_context.verify(data.current_password, current_user.hashed_password):
+        raise HTTPException(status_code=400, detail="Current password incorrect")
+    current_user.hashed_password = pwd_context.hash(data.new_password)
+    try:
+        await db.commit()
+        return {"message": "Password changed"}
+    except Exception as e:
+        await db.rollback()
+        logger.error(f"Change password error: {e}")
+        raise HTTPException(status_code=500, detail="Internal Server Error")

app/feeds.py

@@ -0,0 +1,258 @@
+import random
+import logging
+import json
+import os
+from typing import List
+
+from fastapi import APIRouter, Depends, HTTPException
+from pydantic import BaseModel
+from sqlalchemy import select, delete
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from app.auth import get_current_user
+from app.database import get_db
+from app.models import Feed, User
+from langchain_groq import ChatGroq
+from langchain_openai import OpenAIEmbeddings
+from langchain_community.vectorstores import SupabaseVectorStore
+from supabase.client import create_client
+from langchain.text_splitter import RecursiveCharacterTextSplitter
+from langchain_core.prompts import ChatPromptTemplate
+
+try:
+    import wikipediaapi
+except Exception:
+    wikipediaapi = None
+
+# Logger early init (used during module init below)
+logger = logging.getLogger("app.feeds")
+if not logger.handlers:
+    handler = logging.StreamHandler()
+    formatter = logging.Formatter("[%(asctime)s] %(levelname)s - %(message)s")
+    handler.setFormatter(formatter)
+    logger.addHandler(handler)
+logger.setLevel(logging.INFO)
+
+# Supabase Initialization (independent of other modules)
+SUPABASE_URL = os.getenv("SUPABASE_URL")
+SUPABASE_KEY = os.getenv("SUPABASE_KEY")
+supabase_client = None
+if SUPABASE_URL and SUPABASE_KEY:
+    try:
+        supabase_client = create_client(SUPABASE_URL, SUPABASE_KEY)
+        logger.info("✅ Supabase client (feeds) initialized.")
+    except Exception as e:
+        logger.warning(f"Supabase init failed in feeds: {e}")
+
+router = APIRouter()
+
+
+class FeedOut(BaseModel):
+    id: int
+    title: str
+    content: str
+    media_url: str | None = None
+    tags: list[str] | None = None
+    category: str | None = None
+    source: str | None = None
+    relevance_score: int
+    likes: int
+    comments_count: int
+    shares: int
+
+    class Config:
+        from_attributes = True
+
+
+def _fallback_generate(user: User) -> List[dict]:
+    topics = [
+        "career-growth", "interview-prep", "project-ideas", "resume-tips",
+        "networking", "internships", "leetcode", "system-design", "ai-ml",
+        "cloud", "devops", "frontend", "backend"
+    ]
+    base_tags = ["tips", "guide", "beginner", "advanced", "2025", "best-practices"]
+
+    user_topic = (user.preparing_for or "career-growth").lower().replace(" ", "-")
+    chosen_topics = list({user_topic} | set(random.sample(topics, k=4)))
+
+    items: List[dict] = []
+    for _ in range(25):
+        topic = random.choice(chosen_topics)
+        title = f"{topic.title()} insights for {user.name or 'you'}"
+        content = (
+            f"Actionable {topic.replace('-', ' ')} advice tailored for {user.name or 'your profile'}. "
+            f"Focus on consistent practice, portfolio building, and networking."
+        )
+        tags = list({topic, *(random.sample(base_tags, k=3))})
+        items.append({
+            "title": title[:200],
+            "content": content,
+            "media_url": None,
+            "tags": ",".join(tags),
+            "category": topic,
+            "source": "dubsway-ai",
+            "relevance_score": random.randint(70, 100),
+            "likes": random.randint(0, 50),
+            "comments_count": random.randint(0, 20),
+            "shares": random.randint(0, 10),
+        })
+    return items
+
+
+def _agentic_generate(user: User) -> List[dict]:
+    """Generate context-aware feeds using vector DB, public info, and LLM.
+    Falls back to heuristic generation if LLM not available.
+    """
+    # 1) Gather user context
+    user_focus = (user.preparing_for or "career growth").strip()
+
+    # 2) Retrieve user-related docs from Supabase vector store via LangChain
+    doc_snippets = ""
+    try:
+        if supabase_client is not None:
+            embeddings = OpenAIEmbeddings()
+            vector_store = SupabaseVectorStore(
+                client=supabase_client,
+                embedding=embeddings,
+                table_name="documents",
+                query_name="match_documents",
+            )
+            retriever = vector_store.as_retriever(search_kwargs={"k": 8, "filter": {"user_id": user.id}})
+            # Use a simple seed question from the user's focus
+            seed_q = f"Key takeaways for {user_focus}"
+            retrieved = retriever.invoke(seed_q)
+            # retrieved may be list of docs depending on LC version
+            docs = retrieved if isinstance(retrieved, list) else retrieved.get("context", [])
+            parts: List[str] = []
+            for d in docs[:10]:
+                try:
+                    parts.append(getattr(d, "page_content", "")[:400])
+                except Exception:
+                    pass
+            doc_snippets = "\n".join(parts)[:4000]
+    except Exception as e:
+        logger.warning(f"Supabase retrieval failed: {e}")
+
+    # 3) Pull public info (Wikipedia summary on user focus)
+    public_summary = ""
+    try:
+        if wikipediaapi:
+            wiki = wikipediaapi.Wikipedia(language='en', user_agent='DubswayVideoAI/1.0 (contact: [email protected])')
+            page = wiki.page(user_focus)
+            if page and page.exists():
+                public_summary = page.summary[:1200]
+    except Exception as e:
+        logger.warning(f"Wikipedia fetch failed: {e}")
+
+    # 4) Use Groq LLM to synthesize 25 feeds
+    try:
+        llm = ChatGroq(groq_api_key=os.getenv("GROQ_API_KEY"), model_name=os.getenv("GROQ_MODEL", "llama-3.3-70b-versatile"))
+        system = (
+            "You are a career coach assistant. Create 25 short personalized feed items that help the user grow "
+            "in their career. Each item should be practical and contextual to the user focus, using the given "
+            "context notes and public info. Output strictly JSON array with objects having keys: title, content, "
+            "tags (array of strings), category, source."
+        )
+        prompt = (
+            f"User name: {user.name or 'User'}\n"
+            f"User focus: {user_focus}\n\n"
+            f"Context from user's vector docs (may be empty):\n{doc_snippets}\n\n"
+            f"Public info (may be empty):\n{public_summary}\n\n"
+            f"Generate 25 items. Keep title <= 120 chars and content 1-2 sentences."
+        )
+        resp = llm.invoke([{"role": "system", "content": system + " Respond ONLY with a JSON array."}, {"role": "user", "content": prompt}])
+        text = resp.content if hasattr(resp, "content") else str(resp)
+        # Normalize potential markdown code fences and extract JSON array
+        text_stripped = text.strip()
+        if text_stripped.startswith("```)" ):
+            text_stripped = text_stripped.strip('`')
+        if text_stripped.startswith("```json"):
+            text_stripped = text_stripped[7:]
+        if text_stripped.startswith("```") and text_stripped.endswith("```"):
+            text_stripped = text_stripped[3:-3]
+        # Attempt to find a JSON array inside
+        try:
+            data = json.loads(text_stripped)
+        except Exception:
+            start = text_stripped.find('[')
+            end = text_stripped.rfind(']')
+            if start != -1 and end != -1 and end > start:
+                data = json.loads(text_stripped[start:end+1])
+            else:
+                raise
+        items: List[dict] = []
+        for it in data[:25]:
+            tags_joined = ",".join(it.get("tags", [])[:6]) if isinstance(it.get("tags"), list) else None
+            items.append({
+                "title": (it.get("title") or "").strip()[:200] or "Career insight",
+                "content": (it.get("content") or "").strip() or "Practical career tip.",
+                "media_url": None,
+                "tags": tags_joined,
+                "category": (it.get("category") or user_focus)[:64],
+                "source": (it.get("source") or "agentic-ai")[:64],
+                "relevance_score": random.randint(80, 100),
+                "likes": 0,
+                "comments_count": 0,
+                "shares": 0,
+            })
+        # Ensure we always return 25
+        if len(items) < 25:
+            items.extend(_fallback_generate(user)[: 25 - len(items)])
+        return items[:25]
+    except Exception as e:
+        logger.error(f"Agentic generation failed: {e}")
+        return _fallback_generate(user)
+
+
+@router.get("/feeds", response_model=List[FeedOut])
+async def get_feeds(current_user: User = Depends(get_current_user),
+                    db: AsyncSession = Depends(get_db)):
+    # Auto-refresh: clear previous feeds for this user
+    try:
+        await db.execute(delete(Feed).where(Feed.user_id == current_user.id))
+        await db.commit()
+    except Exception as e:
+        await db.rollback()
+        logger.error(f"Failed deleting old feeds: {e}")
+        raise HTTPException(status_code=500, detail="Failed refreshing feeds")
+
+    # Generate new 25 items (agentic with fallback)
+    items = _agentic_generate(current_user)
+
+    # Insert into DB
+    try:
+        feed_rows = [
+            Feed(user_id=current_user.id, **item) for item in items
+        ]
+        db.add_all(feed_rows)
+        await db.commit()
+    except Exception as e:
+        await db.rollback()
+        logger.error(f"Failed inserting feeds: {e}")
+        raise HTTPException(status_code=500, detail="Failed storing feeds")
+
+    # Return top 25 ordered by relevance desc, then recent
+    result = await db.execute(
+        select(Feed).where(Feed.user_id == current_user.id).order_by(Feed.relevance_score.desc(), Feed.id.desc()).limit(25)
+    )
+    rows = result.scalars().all()
+
+    # Convert comma tags to list for response
+    out: List[FeedOut] = []
+    for r in rows:
+        out.append(FeedOut(
+            id=r.id,
+            title=r.title,
+            content=r.content,
+            media_url=r.media_url,
+            tags=(r.tags.split(",") if r.tags else None),
+            category=r.category,
+            source=r.source,
+            relevance_score=r.relevance_score or 0,
+            likes=r.likes or 0,
+            comments_count=r.comments_count or 0,
+            shares=r.shares or 0,
+        ))
+    return out
+
+

app/main.py

@@ -12,6 +12,7 @@ from app.auth import router as auth_router
 from app.upload import router as upload_router
 from app.dashboard import router as dashboard_router
 from app.agent.custom_chatbot import router as custom_chatbot_router
+from app.feeds import router as feeds_router
 # from app.routes import pdf_ingestions
 
 # Initialize logger
@@ -40,6 +41,7 @@ app.include_router(auth_router, prefix="/api", tags=["Auth"])
 app.include_router(upload_router, prefix="/api", tags=["Upload"])
 app.include_router(dashboard_router, prefix="/api", tags=["Dashboard"])
 app.include_router(custom_chatbot_router, prefix="/api", tags=["Custom Chatbot"])
+app.include_router(feeds_router, prefix="/api", tags=["Feeds"])
 # app.include_router(pdf_ingestion.router, prefix="/api", tags=["PDF Ingestion"])
 
 @app.get("/")

app/models.py

@@ -12,6 +12,12 @@ class User(Base):
     name = Column(String, nullable=True)
     dob = Column(String, nullable=True)
     preparing_for = Column(String, nullable=True)
+    # Additional preferences/fields
+    exam = Column(String, nullable=True)
+    subjects = Column(Text, nullable=True)  # comma-separated subjects
+    # Password reset support
+    password_reset_token = Column(String, nullable=True, index=True)
+    password_reset_expires = Column(DateTime(timezone=True), nullable=True)
 
 
 class VideoUpload(Base):
@@ -23,3 +29,21 @@ class VideoUpload(Base):
     status = Column(String, default="pending")  # pending, processing, completed
     created_at = Column(DateTime(timezone=True), server_default=func.now())
     updated_at = Column(DateTime(timezone=True), onupdate=func.now())
+
+
+class Feed(Base):
+    __tablename__ = "feeds"
+    id = Column(Integer, primary_key=True, index=True)
+    user_id = Column(Integer, ForeignKey("users.id"), index=True, nullable=False)
+    title = Column(String, nullable=False)
+    content = Column(Text, nullable=False)
+    media_url = Column(Text, nullable=True)
+    tags = Column(Text, nullable=True)  # comma-separated list
+    category = Column(String, nullable=True)
+    source = Column(String, nullable=True)
+    relevance_score = Column(Integer, default=0)  # 0-100
+    likes = Column(Integer, default=0)
+    comments_count = Column(Integer, default=0)
+    shares = Column(Integer, default=0)
+    created_at = Column(DateTime(timezone=True), server_default=func.now())
+    updated_at = Column(DateTime(timezone=True), onupdate=func.now())

app/upload.py

@@ -3,7 +3,10 @@ from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy.future import select
 from app.database import get_db
 from app.models import VideoUpload
-from .utils.s3 import upload_to_s3
+from .utils.s3 import upload_to_s3, delete_s3_key, key_from_url
+from app.auth import get_current_user
+from app.models import User
+from sqlalchemy import delete as sqldelete
 import uuid
 import os
 
@@ -51,3 +54,64 @@ async def upload_video(
     except Exception as e:
         await db.rollback()
         raise HTTPException(status_code=500, detail=str(e))
+
+
+@router.delete("/uploads/{video_id}")
+async def delete_uploaded_video(video_id: int,
+                                current_user: User = Depends(get_current_user),
+                                db: AsyncSession = Depends(get_db)):
+    result = await db.execute(select(VideoUpload).where(VideoUpload.id == video_id))
+    video: VideoUpload | None = result.scalar_one_or_none()
+    if not video:
+        raise HTTPException(status_code=404, detail="Video not found")
+    if video.user_id != current_user.id:
+        raise HTTPException(status_code=403, detail="Not allowed")
+
+    # Delete from S3 if present
+    v_key = key_from_url(video.video_url)
+    p_key = key_from_url(video.pdf_url)
+    try:
+        if v_key:
+            delete_s3_key(v_key)
+        if p_key:
+            delete_s3_key(p_key)
+    except Exception:
+        pass
+
+    # Delete DB row
+    try:
+        await db.delete(video)
+        await db.commit()
+        return {"message": "Upload deleted"}
+    except Exception as e:
+        await db.rollback()
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@router.delete("/uploads/{video_id}/pdf")
+async def delete_uploaded_pdf(video_id: int,
+                              current_user: User = Depends(get_current_user),
+                              db: AsyncSession = Depends(get_db)):
+    result = await db.execute(select(VideoUpload).where(VideoUpload.id == video_id))
+    video: VideoUpload | None = result.scalar_one_or_none()
+    if not video:
+        raise HTTPException(status_code=404, detail="Upload not found")
+    if video.user_id != current_user.id:
+        raise HTTPException(status_code=403, detail="Not allowed")
+
+    p_key = key_from_url(video.pdf_url)
+    if not p_key:
+        return {"message": "No PDF to delete"}
+    try:
+        delete_s3_key(p_key)
+    except Exception:
+        pass
+    # Clear pdf_url field
+    video.pdf_url = ""
+    try:
+        await db.commit()
+        await db.refresh(video)
+        return {"message": "PDF deleted", "video_id": video.id}
+    except Exception as e:
+        await db.rollback()
+        raise HTTPException(status_code=500, detail=str(e))

app/utils/s3.py

@@ -18,3 +18,25 @@ def upload_to_s3(file, key):
 def upload_pdf_bytes(data: bytes, key: str):
     s3.put_object(Bucket=bucket, Key=key, Body=data, ContentType="application/pdf")
     return f"https://{bucket}.s3.amazonaws.com/{key}"
+
+
+def delete_s3_key(key: str):
+    if not key:
+        return
+    s3.delete_object(Bucket=bucket, Key=key)
+
+
+def key_from_url(url: str) -> str | None:
+    if not url:
+        return None
+    prefix = f"https://{bucket}.s3.amazonaws.com/"
+    if url.startswith(prefix):
+        return url[len(prefix):]
+    # Try generic split for virtual-hosted–style URLs
+    try:
+        parts = url.split('.s3.amazonaws.com/', 1)
+        if len(parts) == 2:
+            return parts[1]
+    except Exception:
+        pass
+    return None

migrations/README

@@ -0,0 +1 @@
+Generic single-database configuration.

migrations/env.py

@@ -0,0 +1,78 @@
+from logging.config import fileConfig
+
+from sqlalchemy import engine_from_config
+from sqlalchemy import pool
+
+from alembic import context
+
+# this is the Alembic Config object, which provides
+# access to the values within the .ini file in use.
+config = context.config
+
+# Interpret the config file for Python logging.
+# This line sets up loggers basically.
+if config.config_file_name is not None:
+    fileConfig(config.config_file_name)
+
+# add your model's MetaData object here
+# for 'autogenerate' support
+# from myapp import mymodel
+# target_metadata = mymodel.Base.metadata
+target_metadata = None
+
+# other values from the config, defined by the needs of env.py,
+# can be acquired:
+# my_important_option = config.get_main_option("my_important_option")
+# ... etc.
+
+
+def run_migrations_offline() -> None:
+    """Run migrations in 'offline' mode.
+
+    This configures the context with just a URL
+    and not an Engine, though an Engine is acceptable
+    here as well.  By skipping the Engine creation
+    we don't even need a DBAPI to be available.
+
+    Calls to context.execute() here emit the given string to the
+    script output.
+
+    """
+    url = config.get_main_option("sqlalchemy.url")
+    context.configure(
+        url=url,
+        target_metadata=target_metadata,
+        literal_binds=True,
+        dialect_opts={"paramstyle": "named"},
+    )
+
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+def run_migrations_online() -> None:
+    """Run migrations in 'online' mode.
+
+    In this scenario we need to create an Engine
+    and associate a connection with the context.
+
+    """
+    connectable = engine_from_config(
+        config.get_section(config.config_ini_section, {}),
+        prefix="sqlalchemy.",
+        poolclass=pool.NullPool,
+    )
+
+    with connectable.connect() as connection:
+        context.configure(
+            connection=connection, target_metadata=target_metadata
+        )
+
+        with context.begin_transaction():
+            context.run_migrations()
+
+
+if context.is_offline_mode():
+    run_migrations_offline()
+else:
+    run_migrations_online()

migrations/script.py.mako

@@ -0,0 +1,28 @@
+"""${message}
+
+Revision ID: ${up_revision}
+Revises: ${down_revision | comma,n}
+Create Date: ${create_date}
+
+"""
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+${imports if imports else ""}
+
+# revision identifiers, used by Alembic.
+revision: str = ${repr(up_revision)}
+down_revision: Union[str, Sequence[str], None] = ${repr(down_revision)}
+branch_labels: Union[str, Sequence[str], None] = ${repr(branch_labels)}
+depends_on: Union[str, Sequence[str], None] = ${repr(depends_on)}
+
+
+def upgrade() -> None:
+    """Upgrade schema."""
+    ${upgrades if upgrades else "pass"}
+
+
+def downgrade() -> None:
+    """Downgrade schema."""
+    ${downgrades if downgrades else "pass"}

migrations/versions/f8e8dc3fc213_add_exam_subjects_reset_fields_to_users.py

@@ -0,0 +1,28 @@
+"""add exam/subjects & reset fields to users
+
+Revision ID: f8e8dc3fc213
+Revises: 
+Create Date: 2025-09-07 16:09:14.407808
+
+"""
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision: str = 'f8e8dc3fc213'
+down_revision: Union[str, Sequence[str], None] = None
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    """Upgrade schema."""
+    pass
+
+
+def downgrade() -> None:
+    """Downgrade schema."""
+    pass