send message to the courses

backend/app.py

@@ -17,6 +17,7 @@ from flask_cors import CORS
 from blueprints.profile import profile as profileBlueprint
 from blueprints.session import session as sessionBlueprint
 from blueprints.admin import admin as adminBlueprint
+from blueprints.chat import chat as chatBlueprint
 
 app = Flask(__name__)
 
@@ -36,6 +37,7 @@ db.init_app(app)
 app.register_blueprint(profileBlueprint, url_prefix='/api/profile')
 app.register_blueprint(sessionBlueprint,url_prefix='/api/session')
 app.register_blueprint(adminBlueprint,url_prefix='/api/admin')
+app.register_blueprint(chatBlueprint,url_prefix='/api/chat')
 
 @app.route('/media/<string:filename>')
 def send_file(filename):

backend/blueprints/chat/__init__.py

@@ -1,9 +1,13 @@
-from flask import Blueprint, request, jsonify
+from flask import Blueprint, request, jsonify,g
 from uuid import UUID
-from db.model import db, User, Course, Enrollment
+from db.model import db, User, Course, Enrollment,Chat
+from utils.auth import auth_required
+import requests
 
 chat = Blueprint('chat', __name__)
 
+SPAM_DETECTION_URL = "http://localhost:5000/test-spam"
+
 @chat.route('/course/<uuid:course_id>/users', methods=['POST'])
 def get_users_assigned_to_course(course_id: UUID):
     """
@@ -64,3 +68,59 @@ def join_chat(course_id: UUID):
         return jsonify({"message": f"User {user.username} is enrolled in the course and can join the chat."}), 200
     except Exception as e:
         return jsonify({"error": f"An error occurred: {str(e)}"}), 500
+
+
+@chat.route("/send-message", methods=["POST"])
+@auth_required()
+def create_chat():
+    """
+    Create a chat message for a specific course.
+    """
+    current_user = g.current_user  # Fetch the logged-in user
+    data = request.get_json()
+
+    # Validate the payload
+    course_id = data.get("course_id")
+    message = data.get("message")
+
+    if not course_id or not message:
+        return jsonify({"error": "Course ID and message are required."}), 400
+
+    try:
+        # Call the spam detection service
+        spam_response = requests.post(SPAM_DETECTION_URL, json={"test_message": message})
+        if spam_response.status_code != 200:
+            return jsonify({"error": "Failed to check message for spam."}), 500
+
+        spam_score = int(spam_response.json().get("spam_score", 0))
+
+        if spam_score > 6:
+            return jsonify({"error": "This message contains suspicious links or is vulnerable."}), 400
+
+        # Verify the course exists
+        course = db.session.query(Course).filter_by(id=course_id).first()
+        if not course:
+            return jsonify({"error": "Invalid course ID."}), 404
+
+        # Check if the user is enrolled in the course
+        is_enrolled = db.session.query(Course).join(Enrollment).filter(
+            Enrollment.userID == current_user.id,
+            Enrollment.courseID == course_id
+        ).first()
+
+        if not is_enrolled:
+            return jsonify({"error": "You are not enrolled in this course."}), 403
+
+        # Create and save the chat message
+        new_chat = Chat(
+            textContent=message,
+            userID=current_user.id,
+            courseID=course_id,
+        )
+        db.session.add(new_chat)
+        db.session.commit()
+
+        return jsonify({"message": "Chat sent successfully.", "chat_id": str(new_chat.id)}), 201
+
+    except Exception as e:
+        return jsonify({"error": f"An error occurred: {str(e)}"}), 500