Create app.py

app.py

@@ -0,0 +1,51 @@
+from flask import Flask, request, jsonify
+import hmac, hashlib, secrets, time
+
+app = Flask(__name__)
+
+# 🔑 Secret key for API authentication (Load from environment in production)
+SECRET_KEY = "MySuperSecretKey_TrueSyncAI"
+
+# Store API keys temporarily (use a database for real applications)
+API_KEYS = {}
+
+# Generate API Key
+@app.route("/generate_api_key", methods=["POST"])
+def generate_api_key():
+    random_part = secrets.token_hex(16)
+    signature = hmac.new(SECRET_KEY.encode(), random_part.encode(), hashlib.sha256).hexdigest()[:16]
+    api_key = f"TrueSyncAI-{random_part}-{signature}"
+    
+    # Store the key with a timestamp
+    API_KEYS[api_key] = time.time()
+    return jsonify({"api_key": api_key})
+
+# Validate API Key
+def validate_api_key(api_key):
+    parts = api_key.split("-")
+    if len(parts) != 3 or parts[0] != "TrueSyncAI":
+        return False
+    
+    random_part, received_signature = parts[1], parts[2]
+    expected_signature = hmac.new(SECRET_KEY.encode(), random_part.encode(), hashlib.sha256).hexdigest()[:16]
+    return expected_signature == received_signature and api_key in API_KEYS
+
+# Chat Endpoint
+@app.route("/chat", methods=["POST"])
+def chat():
+    data = request.json
+    api_key = data.get("api_key")
+    message = data.get("message", "").strip()
+    
+    if not api_key or not validate_api_key(api_key):
+        return jsonify({"error": "Invalid API Key"}), 401
+    
+    if not message:
+        return jsonify({"error": "Message cannot be empty"}), 400
+    
+    # Basic AI response (Can integrate LLMs here)
+    response = f"TrueSyncAI: You said '{message}', but I'm still learning!"
+    return jsonify({"response": response})
+
+if __name__ == "__main__":
+    app.run(host="0.0.0.0", port=7860)  # Hugging Face Spaces default port