Let me analyze the DIFY API structure based on the provided code:

Key API Components:

1. **Main Application Routes**:
```python
# Main route blueprints
- /service_api - Service API endpoints
- /web - Web application endpoints  
- /console - Console/admin endpoints
- /files - File handling endpoints
- /inner_api - Internal API endpoints
```

2. **Core API Features**:

- **Authentication**:
```python
# Authentication handling via Flask-Login
@login_manager.request_loader
def load_user_from_request(request):
    # Supports both token query param and Bearer auth header
    # Returns logged in account with tenant context
```

- **CORS Configuration**:
```python
# CORS enabled for different routes with specific origins
- service_api: Allow all origins
- web: Configurable via WEB_API_CORS_ALLOW_ORIGINS 
- console: Configurable via CONSOLE_CORS_ALLOW_ORIGINS
```

3. **Health & Monitoring Endpoints**:

```python
@app.route("/health")
def health():
    # Returns basic health status and version info
    
@app.route("/threads") 
def threads():
    # Returns active thread information

@app.route("/db-pool-stat")
def pool_stat():
    # Returns database connection pool statistics
```

4. **Configuration Management**:

The API uses a comprehensive configuration system with multiple components:

- **Core Config Classes**:
```python
- DeploymentConfig - Basic deployment settings
- SecurityConfig - Security related settings  
- EndpointConfig - API endpoint URLs
- FileAccessConfig - File handling settings
- HttpConfig - HTTP server settings
```

- **Storage Configs**:
```python
Support for multiple storage backends:
- Amazon S3
- Azure Blob
- Google Cloud Storage 
- Aliyun OSS
- Huawei OBS
- Tencent COS
- Others
```

5. **Vector Database Support**:
```python
Supports multiple vector databases:
- Weaviate
- Qdrant
- Milvus
- MyScale
- Relyt
- Others (as listed in .env.example)
```

6. **Key Environment Variables**:
```python
Critical configurations:
- SECRET_KEY - App secret key
- CONSOLE_API_URL - Console API base URL
- SERVICE_API_URL - Service API base URL 
- VECTOR_STORE - Vector database selection
- Various storage provider credentials
```

7. **Security Features**:

```python
- Token-based authentication
- CORS protection
- Secret key management
- File access timeout controls
- Rate limiting support
```

8. **Deployment Modes**:

```python
Supports different deployment editions:
- SELF_HOSTED (default)
- CLOUD
```

This API structure provides a comprehensive framework for:
- User authentication and authorization
- File storage and management
- Vector database operations
- Health monitoring
- Configuration management
- Cross-origin resource sharing
- Multiple storage backend support

The modular design allows for easy extension and configuration of different components while maintaining security and scalability.


Dựa trên các API endpoint bạn đã cung cấp, tôi sẽ phân tích cấu trúc và định tuyến của chúng:

1. **Pattern chung của API**:
```
/console/api/mindpal/app/{app_id}/...
```

2. **Các endpoint chính**:

a) **Lấy thông tin cuộc hội thoại**:
```python
# GET /console/api/mindpal/app/{app_id}/conversation
# Ví dụ: /console/api/mindpal/app/932891a5-90c2-45e7-b916-9507ec3c0317/conversation
```

b) **Lấy danh sách cuộc hội thoại**:
```python
# GET /console/api/mindpal/app/{app_id}/conversations
# Params: limit=100&pinned=false
```

c) **Thực thi node trong cuộc hội thoại**:
```python
# GET /console/api/mindpal/app/{app_id}/conversation/{conversation_id}/node_execution/{node_id}
# POST /console/api/mindpal/app/{app_id}/conversation/{conversation_id}/node/{node_id}/run
```

3. **Xác thực**:
```python
# Sử dụng Bearer token trong header
Authorization: Bearer app-HhMMVMgdZyAOPWv3gKnRJgop
```

4. **Trong code DIFY, các phần liên quan**:

```python:api/app.py
# Đăng ký blueprint cho console API
from controllers.console import bp as console_app_bp

CORS(
    console_app_bp,
    resources={r"/*": {"origins": app.config["CONSOLE_CORS_ALLOW_ORIGINS"]}},
    supports_credentials=True,
    allow_headers=["Content-Type", "Authorization"],
    methods=["GET", "PUT", "POST", "DELETE", "OPTIONS", "PATCH"],
    expose_headers=["X-Version", "X-Env"],
)

app.register_blueprint(console_app_bp)
```

5. **Xử lý xác thực**:
```python:api/app.py
@login_manager.request_loader
def load_user_from_request(request_from_flask_login):
    if request.blueprint not in {"console", "inner_api"}:
        return None
        
    auth_header = request.headers.get("Authorization", "")
    if not auth_header:
        auth_token = request.args.get("_token")
        if not auth_token:
            raise Unauthorized("Invalid Authorization token.")
    else:
        if " " not in auth_header:
            raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.")
        auth_scheme, auth_token = auth_header.split(None, 1)
        auth_scheme = auth_scheme.lower()
        if auth_scheme != "bearer":
            raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.")
```

6. **Cấu hình CORS và bảo mật**:
```python
# Cấu hình trong .env
CONSOLE_CORS_ALLOW_ORIGINS=http://127.0.0.1:3000,*
```

Các API này thuộc về phần console của DIFY, được sử dụng để:
- Quản lý cuộc hội thoại (conversations)
- Thực thi các node trong cuộc hội thoại
- Xác thực người dùng thông qua Bearer token
- Xử lý CORS cho các request từ frontend

Để implement các API này, bạn cần:
1. Tạo các route handler trong `controllers/console/`
2. Xử lý xác thực thông qua Bearer token
3. Cấu hình CORS phù hợp
4. Implement logic xử lý cho conversation và node execution


```
api/
├── controllers/
│   └── console/
│       ├── __init__.py
│       ├── conversation.py
│       └── node_execution.py
├── models/
│   ├── conversation.py
│   ├── message.py
│   └── node_execution.py
├── services/
│   └── conversation_service.py
└── app.py
```


# 1. API Đăng nhập

```bash
curl --location 'http://103.253.20.13:9120/signin' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "tester@thecoach.edu.vn",
    "password": "BotBot@123"
  }'
```

Trên UI thì 

```
http://103.253.20.13:5011/console/api/login

{
    "email": "tester@thecoach.edu.vn",
    "password": "BotBot@123",
    "remember_me": true
}


{
    "result": "success",
    "data": {
        "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiZGE4YWI1YjItYjVkMC00NjBkLTgyM2ItODU2NTkyYWY0NmFjIiwiZXhwIjoxNzMyNTI2NjM2LCJpc3MiOiJTRUxGX0hPU1RFRCIsInN1YiI6IkNvbnNvbGUgQVBJIFBhc3Nwb3J0In0.N5sjJMkYmE4AfOKSXwnlm2vWF0FTCvopS-fWPEV_I2Y",
        "refresh_token": "c5f7e5aafccc44e721cfea5c3465bfaa0baa394e987011641bce505c945303e30ffc33b8819148993bb72a33850b9a1b149a438429b2f58ada0077ee576e2d80"
    }
}

```



Phân tích JWT token nhận được:

```json
{
  "user_id": "da8ab5b2-b5d0-460d-823b-856592af46ac",
  "exp": 1732526636,
  "iss": "SELF_HOSTED",
  "sub": "Console API Passport"
}
```

Code xử lý login và tạo token trong DIFY:

```python:api/controllers/console/auth.py
@bp.route('/login', methods=['POST'])
def login():
    """Handle login request"""
    json_data = request.get_json()
    email = json_data.get('email')
    password = json_data.get('password')
    remember_me = json_data.get('remember_me', False)

    # Validate credentials
    account = AccountService.authenticate(email, password)
    if not account:
        raise Unauthorized("Invalid email or password")

    # Generate tokens        
    access_token = PassportService().generate_token({
        'user_id': account.id,
        'exp': datetime.utcnow() + timedelta(minutes=60),
        'iss': 'SELF_HOSTED',
        'sub': 'Console API Passport'
    })

    refresh_token = secrets.token_hex(64)

    return jsonify({
        'result': 'success',
        'data': {
            'access_token': access_token,
            'refresh_token': refresh_token
        }
    })
```





Tốt! Bây giờ bạn đã có access token, hãy sử dụng nó để gọi API node execution:


Các API khác bạn có thể gọi với token này:

1. **Lấy danh sách conversations**:
```bash
curl --location 'http://103.253.20.13:5011/console/api/mindpal/app/4ae3c434-6645-4c31-a5d7-17019132bb99/conversations?limit=100&pinned=false' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiZGE4YWI1YjItYjVkMC00NjBkLTgyM2ItODU2NTkyYWY0NmFjIiwiZXhwIjoxNzMyNTI2NjM2LCJpc3MiOiJTRUxGX0hPU1RFRCIsInN1YiI6IkNvbnNvbGUgQVBJIFBhc3Nwb3J0In0.N5sjJMkYmE4AfOKSXwnlm2vWF0FTCvopS-fWPEV_I2Y'
```

2. **Lấy chi tiết conversation**:
```bash
curl --location 'http://103.253.20.13:5011/console/api/mindpal/app/4ae3c434-6645-4c31-a5d7-17019132bb99/conversation/8083489a-8e48-4bd1-8289-b64247987ecc' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiZGE4YWI1YjItYjVkMC00NjBkLTgyM2ItODU2NTkyYWY0NmFjIiwiZXhwIjoxNzMyNTI2NjM2LCJpc3MiOiJTRUxGX0hPU1RFRCIsInN1YiI6IkNvbnNvbGUgQVBJIFBhc3Nwb3J0In0.N5sjJMkYmE4AfOKSXwnlm2vWF0FTCvopS-fWPEV_I2Y'
```

3. **Lấy node execution**:
```bash
curl --location 'http://103.253.20.13:5011/console/api/mindpal/app/4ae3c434-6645-4c31-a5d7-17019132bb99/conversation/8083489a-8e48-4bd1-8289-b64247987ecc/node_execution/1728356050308' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiZGE4YWI1YjItYjVkMC00NjBkLTgyM2ItODU2NTkyYWY0NmFjIiwiZXhwIjoxNzMyNTI2NjM2LCJpc3MiOiJTRUxGX0hPU1RFRCIsInN1YiI6IkNvbnNvbGUgQVBJIFBhc3Nwb3J0In0.N5sjJMkYmE4AfOKSXwnlm2vWF0FTCvopS-fWPEV_I2Y'
```

4. 


```bash
curl --location 'http://103.253.20.13:5011/console/api/mindpal/app/4ae3c434-6645-4c31-a5d7-17019132bb99/conversation/8083489a-8e48-4bd1-8289-b64247987ecc/node/1728356050308/run' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiZGE4YWI1YjItYjVkMC00NjBkLTgyM2ItODU2NTkyYWY0NmFjIiwiZXhwIjoxNzMyNTI2NjM2LCJpc3MiOiJTRUxGX0hPU1RFRCIsInN1YiI6IkNvbnNvbGUgQVBJIFBhc3Nwb3J0In0.N5sjJMkYmE4AfOKSXwnlm2vWF0FTCvopS-fWPEV_I2Y' \
--data '{}'
```

Token này có hiệu lực trong 60 phút, sau đó bạn cần dùng refresh_token để lấy access_token mới.
