first commit

files/modules/rest/routes.py

@@ -0,0 +1,29 @@
+from flask import Blueprint, request, jsonify
+from modules.rest.security import rest_auth_required
+from modules.chat.service import answer_question  # reutiliza lógica
+
+rest_bp = Blueprint("rest", __name__, url_prefix="/rest")
+
+
+import json
+
+@rest_bp.route("/chat", methods=["POST"])
+@rest_auth_required
+def rest_chat():
+    data = request.get_json(force=True) or {}
+
+    question = (data.get("question") or "").strip()
+    if not question:
+        return jsonify({"error": "question required"}), 400
+
+    raw_result = answer_question(question)
+
+    try:
+        parsed = json.loads(raw_result)
+    except Exception:
+        return jsonify({
+            "error": "invalid LLM response",
+            "raw": raw_result
+        }), 500
+
+    return json.dumps(parsed)

files/modules/rest/security.py

@@ -0,0 +1,30 @@
+import base64
+from flask import request, jsonify
+from functools import wraps
+from modules.users.service import authenticate_user
+
+
+def rest_auth_required(f):
+    @wraps(f)
+    def wrapper(*args, **kwargs):
+        auth = request.headers.get("Authorization")
+
+        if not auth or not auth.startswith("Basic "):
+            return jsonify({"error": "authorization required"}), 401
+
+        try:
+            decoded = base64.b64decode(auth.split(" ")[1]).decode()
+            username, password = decoded.split(":", 1)
+        except Exception:
+            return jsonify({"error": "invalid authorization header"}), 401
+
+        user = authenticate_user(username, password)
+        if not user:
+            return jsonify({"error": "invalid credentials"}), 401
+
+        # opcional: passar user adiante
+        request.rest_user = user
+
+        return f(*args, **kwargs)
+
+    return wrapper