from flask import Blueprint, request, jsonify
from utils.hf_api import query_huggingface
from utils.db import insert_log
import html
import re

chat_bp = Blueprint('chat', __name__)

# Basic input sanitization
SAFE_INPUT_RE = re.compile(r'^[\w\s.,!?@#\-\(\)\[\]{}:;\'\"/\\]+$')

@chat_bp.route('/chat', methods=['POST'])
def chat():
    data = request.get_json()
    user_message = data.get('message', '')
    bot_response = query_huggingface(user_message)
    return jsonify({'response': bot_response})