iatoolkit 0.11.0__py3-none-any.whl → 0.71.2__py3-none-any.whl

iatoolkit/templates/onboarding_shell.html

@@ -0,0 +1,107 @@
+{% extends "base.html" %}
+
+{% block title %}Iniciando {{ branding.name }} IA...{% endblock %}
+
+{% block styles %}
+{% endblock %}
+
+{% block content %}
+
+<link rel="stylesheet" href="{{ url_for('static', filename='styles/llm_output.css', _external=True) }}?v=6">
+<link rel="stylesheet" href="{{ url_for('static', filename='styles/onboarding.css', _external=True) }}?v=6">
+
+<style>
+  {% if branding and branding.css_variables %}
+    {{ branding.css_variables|safe }}
+  {% endif %}
+
+  {# 2. Ahora definimos las reglas que usan esas variables #}
+  .onboarding-shell-root { position: relative; height: 100vh; }
+  .onboarding-shell-root #loader-wrapper { position: absolute; inset: 0; background: #f4f7f6; z-index: 1000; display:flex; align-items:center; justify-content:center; padding:20px; box-sizing:border-box; transition: opacity .5s; }
+  .onboarding-shell-root .ob-stack { width:100%; max-width:520px; display:flex; flex-direction:column; gap:16px; }
+  .onboarding-shell-root .ob-loading-band { display:flex; align-items:center; justify-content:center; gap:12px; padding:12px 14px; background:#fff; border-radius:12px; box-shadow:0 4px 20px rgba(0,0,0,.08); }
+  .onboarding-shell-root .spinner { width:28px; height:28px; border:4px solid rgba(0,0,0,.1); border-top-color: var(--brand-primary-color, #FF5100); border-radius:50%; animation: spin 1s linear infinite; }
+  @keyframes spin { to { transform: rotate(360deg); } }
+  .onboarding-shell-root #content-container { width:100%; height:100%; }
+  .onboarding-shell-root #content-container iframe { width:100%; height:100%; border:none; }
+
+  /* Forzar colores de marca (sube especificidad y evita overrides) */
+  .onboarding-shell-root .ob-brand-header { color: var(--brand-secondary-color, #06326B) !important; }
+  .onboarding-shell-root .ob-brand-header .brand-name { color: var(--brand-primary-color, #FF5100) !important; }
+  .onboarding-shell-root .ob-icon { color: var(--brand-primary-color, #FF5100) !important; }
+  .onboarding-shell-root .ob-btn { background-color: var(--brand-secondary-color, #06326B) !important; color: var(--brand-text-on-secondary, #FFFFFF) !important; border:none !important; }
+  .onboarding-shell-root .ob-dots > div.active { background-color: var(--brand-primary-color, #FF5100) !important; }
+</style>
+
+<div class="onboarding-shell-root ob-root">
+  <div id="loader-wrapper">
+    <div class="ob-stack">
+      <h1 id="ob-brand-header" class="ob-brand-header">
+        <span class="brand-name text-brand-primary">{{ branding.name | default('IAToolkit') }}</span>
+        <span class="brand-rest"> IA</span>
+      </h1>
+
+      <div id="card-container" class="ob-card">
+        <div id="card-icon" class="ob-icon"><i class="fas fa-lightbulb"></i></div>
+        <h3 id="card-title" class="ob-title">Título de la Tarjeta</h3>
+        <p id="card-text" class="ob-text">Descripción de la tarjeta de capacitación.</p>
+        <p id="card-example" class="ob-example"></p>
+
+        <div class="ob-nav">
+          <button id="prev-card" class="ob-btn btn-branded-primary" aria-label="Anterior">
+            <i class="fas fa-chevron-left"></i>
+          </button>
+          <div id="progress-dots" class="ob-dots"></div>
+          <button id="next-card" class="ob-btn btn-branded-primary" aria-label="Siguiente">
+            <i class="fas fa-chevron-right"></i>
+          </button>
+        </div>
+      </div>
+
+      <div id="loading-status" class="ob-loading-band">
+        <div class="spinner"></div>
+        <p>Inicializando el contexto de {{ branding.name }} para la IA...</p>
+      </div>
+    </div>
+  </div>
+
+  <div id="content-container"></div>
+</div>
+{% endblock %}
+
+{% block scripts %}
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css">
+
+<script src="{{ url_for('static', filename='js/chat_onboarding_button.js', _external=True) }}"></script>
+<script>
+  (function() {
+    const cardsData = {{ onboarding_cards | tojson }};
+    const iframeSrc = "{{ iframe_src_url }}";
+
+    if (!window.initOnboarding) {
+      console.error('initOnboarding no está disponible. Verifica la carga de chat_onboarding.js');
+      return;
+    }
+
+    const onboarding = initOnboarding({
+      mode: 'shell',
+      cards: cardsData,
+      ui: {
+        icon: '#card-icon',
+        title: '#card-title',
+        text: '#card-text',
+          example: '#card-example',
+        dots: '#progress-dots',
+        prev: '#prev-card',
+        next: '#next-card',
+        loader: '#loader-wrapper',
+        container: '#content-container'
+      },
+      autoRotateMs: 5000,
+      shell: { iframeSrc: iframeSrc }
+    });
+
+    onboarding.start();
+  })();
+</script>
+{% endblock %}

iatoolkit/templates/signup.html

@@ -1,78 +1,76 @@
 {% extends "base.html" %}
 
-{% block title %}Registro de Usuario{% endblock %}
+{% block title %}{{ t('ui.signup.title') }} - {{ branding.name }}{% endblock %}
+
+{% block styles %}
+    {# ¡Importante! Añadimos los estilos para el branding #}
+    <style>
+        {{ branding.css_variables | safe }}
+    </style>
+    <link rel="stylesheet" href="{{ url_for('static', filename='styles/chat_public.css') }}">
+{% endblock %}
 
 {% block content %}
+<div class="container mt-4">
 
+{% include '_company_header.html' %}
 
-<div class="d-flex align-items-center p-3 border-bottom border-light-subtle">
-    <div class="col-11 col-md-8 col-lg-5 p-3">
-            <h4 class="text-muted fw-semibold mb-2 text-start">Crea tu cuenta</h4>
-            <p class="text-muted mb-3 text-start" style="text-align: justify;">
-                    Regístrate para acceder a todas las funcionalidades de nuestra plataforma.
-                </p>
-            <form action="{{ url_for('signup', company_short_name=company_short_name) }}" method="post" >
-            <div class="mb-3 ">
-                <label for="email" class="form-label text-secondary">Correo Electrónico</label>
-                <input type="email" autocomplete="off" id="email" name="email"
-                       class="form-control" required
-                       value="{{ form_data.email if form_data else '' }}">
-            </div>
+    <section class="hero-section">
+        <div class="container">
+            <div class="row justify-content-center">
+                <!-- Se ha reducido el ancho de la columna a lg-6 y md-8 -->
+                <div class="col-lg-6 col-md-8">
+                    <div class="branded-form-container">
+                        <h4 class="branded-form-title">{{ t('ui.signup.title') }}</h4>
+                        <form action="{{ url_for('signup', company_short_name=company_short_name) }}" method="post">
+                            <div class="mb-3">
+                                <label for="email" class="form-label text-secondary">{{ t('ui.signup.email_label') }}</label>
+                                <input type="email" autocomplete="off" id="email" name="email"
+                                       class="form-control" required
+                                       value="{{ form_data.email if form_data else '' }}">
+                            </div>
 
-    {% if is_mobile %}
-        <!-- En móvil, cada input ocupa una fila -->
-        <div class="mb-3">
-            <label for="first_name" class="form-label text-secondary">Nombre</label>
-            <input type="text" id="first_name" name="first_name"
-                   class="form-control" required
-                   value="{{ form_data.first_name if form_data else '' }}">
-        </div>
-        <div class="mb-3">
-            <label for="last_name" class="form-label text-secondary">Apellido</label>
-            <input type="text" id="last_name" name="last_name"
-                   class="form-control" required
-                   value="{{ form_data.last_name if form_data else '' }}">
-        </div>
-    {% else %}
-            <div class="row">
-        <!-- En escritorio, los inputs están en la misma fila -->
-        <div class="col-md-6 mb-3">
-            <label for="first_name" class="form-label text-secondary">Nombre</label>
-            <input type="text" id="first_name" name="first_name"
-                   class="form-control" required
-                   value="{{ form_data.first_name if form_data else '' }}">
-        </div>
-        <div class="col-md-6 mb-3">
-            <label for="last_name" class="form-label text-secondary">Apellido</label>
-            <input type="text" id="last_name" name="last_name"
-                   class="form-control" required
-                   value="{{ form_data.last_name if form_data else '' }}">
-        </div>
-    </div>
+                            <div class="row">
+                                <div class="col-md-6 mb-3">
+                                    <label for="first_name" class="form-label text-secondary">{{ t('ui.signup.first_name_label') }}</label>
+                                    <input type="text" id="first_name" name="first_name"
+                                           class="form-control" required
+                                           value="{{ form_data.first_name if form_data else '' }}">
+                                </div>
+                                <div class="col-md-6 mb-3">
+                                    <label for="last_name" class="form-label text-secondary">{{ t('ui.signup.last_name_label') }}</label>
+                                    <input type="text" id="last_name" name="last_name"
+                                           class="form-control" required
+                                           value="{{ form_data.last_name if form_data else '' }}">
+                                </div>
+                            </div>
 
-    {% endif %}
+                            <div class="mb-3">
+                                <label for="password" class="form-label text-secondary">{{ t('ui.signup.password_label') }}</label>
+                                <input type="password" id="password" name="password" class="form-control" required>
+                                <div class="d-flex align-items-start text-muted mt-2" style="font-size: 0.8rem;">
+                                    <i class="bi bi-info-circle me-2" style="font-size: 0.9rem; line-height: 1.4;"></i>
+                                    <span>{{ t('ui.change_password.password_instructions') }}</span>
+                                </div>
+                            </div>
 
-            <div class="mb-3">
-                <label for="password" class="form-label text-secondary">Contraseña</label>
-                <input type="password" id="password" name="password" class="form-control" required>
-                <small class="form-text text-muted">
-                        La contraseña debe contener al menos 8 caracteres, una letra mayúscula, una letra minúscula, un número y un carácter especial.
-                </small>
+                            <div class="mb-3">
+                                <label for="confirm_password" class="form-label text-secondary">{{ t('ui.signup.confirm_password_label') }}</label>
+                                <input type="password" id="confirm_password" name="confirm_password" class="form-control" required>
+                            </div>
 
+                            <!-- Botón actualizado con la clase de branding -->
+                            <button type="submit" class="btn btn-branded-primary w-100 fw-bold py-2 mt-3">{{ t('ui.signup.signup_button') }}</button>
+                        </form>
+                        <!-- Nota de privacidad -->
+                        <p class="text-muted small mb-0 text-center mt-4">
+                            {{ t('ui.signup.disclaimer') }}
+                        </p>
+                    </div>
+                </div>
             </div>
-            <div class="mb-3">
-                <label for="confirm_password" class="form-label text-secondary">Confirmar Contraseña</label>
-                <input type="password" id="confirm_password" name="confirm_password" class="form-control" required>
-            </div>
-            <button type="submit" class="btn btn-primary w-100">Registrarse</button>
-        </form>
-        <!-- Nota sobre privacidad -->
-        <p class="text-muted small mb-0 text-start mt-3" style="text-align: justify;">
-        🔒 Valoramos tu privacidad. Tus datos serán utilizados exclusivamente para brindarte una mejor experiencia
-        y no serán compartidos con terceros sin tu consentimiento. Para más información, consulta nuestra
-        <a href="#" class="text-decoration-none fw-semibold">Política de Privacidad</a>.
-        </p>
-    </p>
-    </div>
+        </div>
+    </section>
 </div>
+
 {% endblock %}

iatoolkit/views/base_login_view.py

@@ -0,0 +1,91 @@
+# iatoolkit/views/base_login_view.py
+# Copyright (c) 2024 Fernando Libedinsky
+# Product: IAToolkit
+#
+# IAToolkit is open source software.
+
+from flask.views import MethodView
+from flask import render_template, url_for
+from injector import inject
+from iatoolkit.services.profile_service import ProfileService
+from iatoolkit.services.auth_service import AuthService
+from iatoolkit.services.query_service import QueryService
+from iatoolkit.services.branding_service import BrandingService
+from iatoolkit.services.configuration_service import ConfigurationService
+from iatoolkit.services.prompt_manager_service import PromptService
+from iatoolkit.services.i18n_service import I18nService
+from iatoolkit.common.util import Utility
+from iatoolkit.services.jwt_service import JWTService
+from iatoolkit.repositories.models import Company
+
+
+class BaseLoginView(MethodView):
+    """
+    Base class for views that initiate a session and decide the context
+    loading path (fast or slow).
+    """
+    @inject
+    def __init__(self,
+                 profile_service: ProfileService,
+                 auth_service: AuthService,
+                 jwt_service: JWTService,
+                 branding_service: BrandingService,
+                 prompt_service: PromptService,
+                 config_service: ConfigurationService,
+                 query_service: QueryService,
+                 i18n_service: I18nService,
+                 utility: Utility
+                 ):
+        self.profile_service = profile_service
+        self.auth_service = auth_service
+        self.jwt_service = jwt_service
+        self.branding_service = branding_service
+        self.prompt_service = prompt_service
+        self.config_service = config_service
+        self.query_service = query_service
+        self.i18n_service = i18n_service
+        self.utility = utility
+
+
+    def _handle_login_path(self,
+                           company_short_name: str,
+                           user_identifier: str,
+                           target_url: str,
+                           redeem_token: str = None):
+        """
+        Centralized logic to decide between the fast path and the slow path.
+        """
+        # --- Get the company branding and onboarding_cards
+        branding_data = self.branding_service.get_company_branding(company_short_name)
+        onboarding_cards = self.config_service.get_configuration(company_short_name, 'onboarding_cards')
+
+        # this service decides is the context needs to be rebuilt or not
+        prep_result = self.query_service.prepare_context(
+            company_short_name=company_short_name, user_identifier=user_identifier
+        )
+
+        if prep_result.get('rebuild_needed'):
+            # --- SLOW PATH: Render the loading shell ---
+            return render_template(
+                "onboarding_shell.html",
+                iframe_src_url=target_url,
+                branding=branding_data,
+                onboarding_cards=onboarding_cards
+            )
+        else:
+            # --- FAST PATH: Render the chat page directly ---
+            prompts = self.prompt_service.get_user_prompts(company_short_name)
+
+            # Get the entire 'js_messages' block in the correct language.
+            js_translations = self.i18n_service.get_translation_block('js_messages')
+
+            return render_template(
+                "chat.html",
+                company_short_name=company_short_name,
+                user_identifier=user_identifier,
+                prompts=prompts,
+                branding=branding_data,
+                onboarding_cards=onboarding_cards,
+                js_translations=js_translations,
+                redeem_token=redeem_token
+            )

iatoolkit/views/change_password_view.py

@@ -4,8 +4,10 @@
 # IAToolkit is open source software.
 
 from flask.views import MethodView
-from flask import render_template, request
+from flask import render_template, request, url_for, session, redirect, flash
 from iatoolkit.services.profile_service import ProfileService
+from iatoolkit.services.branding_service import BrandingService
+from iatoolkit.services.i18n_service import I18nService
 from itsdangerous import URLSafeTimedSerializer, SignatureExpired
 from flask_bcrypt import Bcrypt
 from injector import inject
@@ -14,44 +16,67 @@ import os
 
 class ChangePasswordView(MethodView):
     @inject
-    def __init__(self, profile_service: ProfileService):
+    def __init__(self,
+                 profile_service: ProfileService,
+                 branding_service: BrandingService,
+                 i18n_service: I18nService):
         self.profile_service = profile_service
+        self.branding_service = branding_service
+        self.i18n_service = i18n_service
 
         self.serializer = URLSafeTimedSerializer(os.getenv("PASS_RESET_KEY"))
         self.bcrypt = Bcrypt()
 
     def get(self, company_short_name: str, token: str):
-        # get company info
-        company = self.profile_service.get_company_by_short_name(company_short_name)
-        if not company:
-            return render_template('error.html', message=f"Empresa no encontrada: {company_short_name}"), 404
-
         try:
-            # Decodificar el token
-            email = self.serializer.loads(token, salt='password-reset', max_age=3600)
-        except SignatureExpired as e:
-            return render_template('forgot_password.html',
-                        alert_message="El enlace de cambio de contraseña ha expirado. Por favor, solicita uno nuevo.")
+            company = self.profile_service.get_company_by_short_name(company_short_name)
+            if not company:
+                return render_template('error.html',
+                                       message=self.i18n_service.t('errors.templates.company_not_found')), 404
+
+            branding_data = self.branding_service.get_company_branding(company_short_name)
 
-        return render_template('change_password.html',
-                               company_short_name=company_short_name,
-                               company=company,
-                               token=token, email=email)
+            try:
+                # Decodificar el token
+                email = self.serializer.loads(token, salt='password-reset', max_age=3600)
+            except SignatureExpired as e:
+                flash(self.i18n_service.t('errors.change_password.token_expired'), 'error')
+                return render_template('forgot_password.html',
+                                    branding=branding_data)
+
+            return render_template('change_password.html',
+                                   company_short_name=company_short_name,
+                                   company=company,
+                                   branding=branding_data,
+                                   token=token,
+                                   email=email)
+        except Exception as e:
+            message = self.i18n_service.t('errors.templates.processing_error', error=str(e))
+            return render_template(
+                "error.html",
+                company_short_name=company_short_name,
+                branding=branding_data,
+                message=message
+            ), 500
 
     def post(self, company_short_name: str, token: str):
         # get company info
         company = self.profile_service.get_company_by_short_name(company_short_name)
         if not company:
-            return render_template('error.html', message=f"Empresa no encontrada: {company_short_name}"), 404
+            return render_template('error.html',
+                                   message=self.i18n_service.t('errors.templates.company_not_found')), 404
 
+        branding_data = self.branding_service.get_company_branding(company_short_name)
         try:
             # Decodificar el token
             email = self.serializer.loads(token, salt='password-reset', max_age=3600)
         except SignatureExpired:
+            flash(self.i18n_service.t('errors.change_password.token_expired'), 'error')
+
             return render_template('forgot_password.html',
                                    company_short_name=company_short_name,
                                    company=company,
-                                    alert_message="El enlace de cambio de contraseña ha expirado. Por favor, solicita uno nuevo.")
+                                   branding=branding_data)
 
         try:
             # Obtener datos del formulario
@@ -67,25 +92,25 @@ class ChangePasswordView(MethodView):
             )
 
             if "error" in response:
+                flash(response["error"], 'error')
+
                 return render_template(
                     'change_password.html',
                     token=token,
                     company_short_name=company_short_name,
-                    company=company,
+                    branding=branding_data,
                     form_data={"temp_code": temp_code,
                                "new_password": new_password,
-                               "confirm_password": confirm_password},
-                    alert_message=response["error"]), 400
+                               "confirm_password": confirm_password}), 400
 
-
-            return render_template('login.html',
-                                   company_short_name=company_short_name,
-                                   company=company,
-                                   alert_icon='success',
-                               alert_message="Tu contraseña ha sido restablecida exitosamente. Ahora puedes iniciar sesión.")
+            flash(self.i18n_service.t('flash_messages.password_changed_success'), 'success')
+            return redirect(url_for('home', company_short_name=company_short_name))
 
         except Exception as e:
-            return render_template("error.html",
-                                   company=company,
-                                   company_short_name=company_short_name,
-                                   message="Ha ocurrido un error inesperado."), 500
+            message = self.i18n_service.t('errors.templates.processing_error', error=str(e))
+            return render_template(
+                "error.html",
+                company_short_name=company_short_name,
+                branding=branding_data,
+                message=message
+            ), 500

iatoolkit/views/embedding_api_view.py

@@ -0,0 +1,65 @@
+# iatoolkit/views/embedding_api_view.py
+# Copyright (c) 2024 Fernando Libedinsky
+# Product: IAToolkit
+#
+# IAToolkit is open source software.
+
+from flask import request, jsonify
+from flask.views import MethodView
+from iatoolkit.services.embedding_service import EmbeddingService
+from iatoolkit.services.auth_service import AuthService
+from injector import inject
+import logging
+
+class EmbeddingApiView(MethodView):
+    """
+    Handles API requests to generate an embedding for a given text.
+    Authentication is based on the active Flask session.
+    """
+
+    @inject
+    def __init__(self,
+                 auth_service: AuthService,
+                 embedding_service: EmbeddingService):
+        self.auth_service = auth_service
+        self.embedding_service = embedding_service
+
+    def post(self, company_short_name: str):
+        """
+        Generates an embedding for the text provided in the request body.
+        Expects a JSON payload with a "text" key.
+        """
+        try:
+            # 1. Authenticate the user from the current session
+            auth_result = self.auth_service.verify(anonymous=True)
+            if not auth_result.get("success"):
+                return jsonify(auth_result), auth_result.get("status_code", 401)
+
+            # 2. Validate incoming request data
+            if not request.is_json:
+                return jsonify({"error": "Request must be JSON"}), 400
+
+            data = request.get_json()
+            text = data.get('text')
+
+            if not text:
+                return jsonify({"error": "The 'text' key is required."}), 400
+
+            # 3. Call the embedding service, now passing the company_short_name
+            embedding_b64 = self.embedding_service.embed_text(
+                company_short_name=company_short_name,
+                text=text,
+                to_base64=True
+            )
+
+            model_name = self.embedding_service.get_model_name(company_short_name)
+            response = {
+                "embedding": embedding_b64,
+                "model": model_name
+            }
+            return jsonify(response), 200
+
+        except Exception as e:
+            logging.exception(f"Unexpected error in EmbeddingApiView: {e}")
+            # Return a generic error message to the client
+            return jsonify({"error": "An internal error occurred while generating the embedding."}), 500

iatoolkit/views/external_login_view.py

@@ -3,38 +3,71 @@
 #
 # IAToolkit is open source software.
 
-from flask.views import MethodView
-from injector import inject
-from iatoolkit.common.auth import IAuthentication
-from iatoolkit.services.query_service import QueryService
-from flask import jsonify
+import os
 import logging
+from flask import request, jsonify, url_for
+from iatoolkit.views.base_login_view import BaseLoginView
 
-class ExternalLoginView(MethodView):
 
-    @inject
-    def __init__(self,
-                 iauthentication: IAuthentication,
-                 query_service: QueryService
-                 ):
-        self.iauthentication = iauthentication
-        self.query_service = query_service
+class ExternalLoginView(BaseLoginView):
+    """
+    Handles login for external users via API.
+    Authenticates and then delegates the path decision (fast/slow) to the base class.
+    """
+    def post(self, company_short_name: str):
+        # Authenticate the API call.
+        auth_result = self.auth_service.verify()
+        if not auth_result.get("success"):
+            return jsonify(auth_result), auth_result.get("status_code")
 
-    def get(self, company_short_name: str, external_user_id: str):
-        # 1. get access credentials
-        iaut = self.iauthentication.verify(company_short_name, external_user_id)
-        if not iaut.get("success"):
-            return jsonify(iaut), 401
+        company = self.profile_service.get_company_by_short_name(company_short_name)
+        if not company:
+            return jsonify({"error": "Empresa no encontrada"}), 404
 
-        try:
-            # initialize the context
-            self.query_service.llm_init_context(
-                company_short_name=company_short_name,
-                external_user_id=external_user_id
-            )
+        user_identifier = auth_result.get('user_identifier')
+
+        # 2. Create the external user session.
+        self.profile_service.create_external_user_profile_context(company, user_identifier)
+
+        # 3. create a redeem_token for create session at the end of the process
+        redeem_token = self.jwt_service.generate_chat_jwt(
+            company_short_name=company_short_name,
+            user_identifier=user_identifier,
+            expires_delta_seconds=300
+        )
 
-            return {'status': 'OK'}, 200
+        if not redeem_token:
+            return jsonify({"error": "Error al generar el redeem_token para login externo."}), 403
+
+        # 4. define URL to call when slow path is finished
+        target_url = url_for('finalize_with_token',
+                             company_short_name=company_short_name,
+                             token=redeem_token,
+                             _external=True)
+
+        # 5. Delegate the path decision to the centralized logic.
+        try:
+            return self._handle_login_path(company_short_name, user_identifier, target_url, redeem_token)
         except Exception as e:
-            logging.exception(
-                f"Error inesperado al inicializar el contexto durante el login para company {company_short_name}: {e}")
-            return jsonify({"error_message": str(e)}), 500
+            logging.exception(f"Error processing external login path for {company_short_name}/{user_identifier}: {e}")
+            return jsonify({"error": f"Internal server error while starting chat. {str(e)}"}), 500
+
+
+class RedeemTokenApiView(BaseLoginView):
+    # this endpoint is only used ONLY by chat_main.js to redeem a chat token
+    def post(self, company_short_name: str):
+        data = request.get_json()
+        if not data or 'token' not in data:
+            return jsonify({"error": "Falta token de validación"}), 400
+
+        # get the token and validate with auth service
+        token = data.get('token')
+        redeem_result = self.auth_service.redeem_token_for_session(
+            company_short_name=company_short_name,
+            token=token
+        )
+
+        if not redeem_result['success']:
+            return {"error": redeem_result['error']}, 401
+
+        return {"status": "ok"}, 200