feat: implement core backend API structure and frontend service layer for case management and authentication
This commit is contained in:
@@ -4,15 +4,17 @@ from datetime import datetime
|
||||
import json
|
||||
|
||||
from ..db import get_db_connection, release_db_connection
|
||||
from ..middleware import token_required
|
||||
|
||||
credentials_blueprint = Blueprint('credentials', __name__)
|
||||
|
||||
@credentials_blueprint.route('/credentials', methods=['GET'])
|
||||
def list_credentials():
|
||||
@token_required
|
||||
def list_credentials(current_user_id):
|
||||
"""Return configured platforms (without exposing secrets)."""
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("SELECT platform FROM credentials")
|
||||
cur.execute("SELECT platform FROM credentials WHERE user_id = %s", (current_user_id,))
|
||||
rows = cur.fetchall()
|
||||
release_db_connection(conn)
|
||||
|
||||
@@ -20,7 +22,8 @@ def list_credentials():
|
||||
return jsonify({"configured_platforms": platforms})
|
||||
|
||||
@credentials_blueprint.route('/credentials/<string:platform>', methods=['POST'])
|
||||
def save_credentials(platform):
|
||||
@token_required
|
||||
def save_credentials(current_user_id, platform):
|
||||
"""Save or update credentials for a specific platform."""
|
||||
data = request.json
|
||||
api_key = data.get('api_key')
|
||||
@@ -31,16 +34,29 @@ def save_credentials(platform):
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
|
||||
# --- PLAN LIMIT CHECK ---
|
||||
cur.execute("SELECT plan FROM users WHERE id = %s", (current_user_id,))
|
||||
user_plan = cur.fetchone()[0]
|
||||
|
||||
if user_plan == 'free':
|
||||
# Count existing configured platforms for this user
|
||||
cur.execute("SELECT COUNT(*) FROM credentials WHERE user_id = %s AND platform != %s", (current_user_id, platform))
|
||||
count = cur.fetchone()[0]
|
||||
if count >= 1:
|
||||
release_db_connection(conn)
|
||||
return jsonify({"error": "Лимит бесплатного тарифа исчерпан (максимум 1 интеграция). Перейдите на PRO."}), 403
|
||||
# ------------------------
|
||||
|
||||
cur.execute(
|
||||
"""INSERT INTO credentials (platform, api_key, client_id, client_secret, other_data, updated_at)
|
||||
VALUES (%s, %s, %s, %s, %s, %s)
|
||||
ON CONFLICT (platform) DO UPDATE SET
|
||||
"""INSERT INTO credentials (user_id, platform, api_key, client_id, client_secret, other_data, updated_at)
|
||||
VALUES (%s, %s, %s, %s, %s, %s, %s)
|
||||
ON CONFLICT (user_id, platform) DO UPDATE SET
|
||||
api_key = EXCLUDED.api_key,
|
||||
client_id = EXCLUDED.client_id,
|
||||
client_secret = EXCLUDED.client_secret,
|
||||
other_data = EXCLUDED.other_data,
|
||||
updated_at = EXCLUDED.updated_at""",
|
||||
(platform, api_key, client_id, client_secret, json.dumps(other_data), datetime.utcnow())
|
||||
(current_user_id, platform, api_key, client_id, client_secret, json.dumps(other_data), datetime.utcnow())
|
||||
)
|
||||
conn.commit()
|
||||
release_db_connection(conn)
|
||||
@@ -48,11 +64,12 @@ def save_credentials(platform):
|
||||
return jsonify({"message": f"Credentials for {platform} saved successfully."}), 200
|
||||
|
||||
@credentials_blueprint.route('/credentials/<string:platform>', methods=['DELETE'])
|
||||
def delete_credentials(platform):
|
||||
@token_required
|
||||
def delete_credentials(current_user_id, platform):
|
||||
"""Delete credentials for a specific platform."""
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("DELETE FROM credentials WHERE platform = %s", (platform,))
|
||||
cur.execute("DELETE FROM credentials WHERE user_id = %s AND platform = %s", (current_user_id, platform))
|
||||
conn.commit()
|
||||
release_db_connection(conn)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user