feat: implement core backend API structure and frontend service layer for case management and authentication
This commit is contained in:
@@ -17,8 +17,14 @@ app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER
|
||||
# Register blueprints (routes)
|
||||
from .routes.cases import cases_blueprint
|
||||
from .routes.credentials import credentials_blueprint
|
||||
from .routes.auth import auth_blueprint
|
||||
from .routes.dashboard import dashboard_blueprint
|
||||
from .routes.reports import reports_blueprint
|
||||
app.register_blueprint(cases_blueprint, url_prefix='/api')
|
||||
app.register_blueprint(credentials_blueprint, url_prefix='/api')
|
||||
app.register_blueprint(auth_blueprint, url_prefix='/api')
|
||||
app.register_blueprint(dashboard_blueprint, url_prefix='/api')
|
||||
app.register_blueprint(reports_blueprint, url_prefix='/api')
|
||||
|
||||
if __name__ == '__main__':
|
||||
# Use host 0.0.0.0 for Docker compatibility, port 5000
|
||||
|
||||
32
backend/middleware.py
Normal file
32
backend/middleware.py
Normal file
@@ -0,0 +1,32 @@
|
||||
import os
|
||||
import jwt
|
||||
from functools import wraps
|
||||
from flask import request, jsonify
|
||||
|
||||
# Should ideally be set in .env
|
||||
SECRET_KEY = os.getenv('JWT_SECRET', 'super-secret-jwt-key-automarket')
|
||||
|
||||
def token_required(f):
|
||||
@wraps(f)
|
||||
def decorated(*args, **kwargs):
|
||||
token = None
|
||||
auth_header = request.headers.get('Authorization')
|
||||
|
||||
if auth_header and auth_header.startswith('Bearer '):
|
||||
token = auth_header.split(" ")[1]
|
||||
|
||||
# Fallback to query param for file downloads
|
||||
if not token:
|
||||
token = request.args.get('token')
|
||||
|
||||
if not token:
|
||||
return jsonify({'message': 'Token is missing!'}), 401
|
||||
|
||||
try:
|
||||
data = jwt.decode(token, SECRET_KEY, algorithms=["HS256"])
|
||||
current_user_id = data['user_id']
|
||||
except Exception as e:
|
||||
return jsonify({'message': 'Token is invalid or expired!'}), 401
|
||||
|
||||
return f(current_user_id, *args, **kwargs)
|
||||
return decorated
|
||||
@@ -4,3 +4,7 @@ python-dotenv==1.0.1
|
||||
psycopg2-binary==2.9.9
|
||||
Werkzeug==3.0.3
|
||||
requests==2.31.0
|
||||
PyJWT==2.8.0
|
||||
bcrypt==4.1.3
|
||||
reportlab==4.1.0
|
||||
pandas==2.2.1
|
||||
|
||||
88
backend/routes/auth.py
Normal file
88
backend/routes/auth.py
Normal file
@@ -0,0 +1,88 @@
|
||||
# backend/routes/auth.py
|
||||
from flask import Blueprint, request, jsonify
|
||||
from datetime import datetime, timedelta
|
||||
import bcrypt
|
||||
import jwt
|
||||
|
||||
from ..db import get_db_connection, release_db_connection
|
||||
from ..middleware import SECRET_KEY, token_required
|
||||
|
||||
auth_blueprint = Blueprint('auth', __name__)
|
||||
|
||||
@auth_blueprint.route('/auth/register', methods=['POST'])
|
||||
def register():
|
||||
data = request.json
|
||||
username = data.get('username')
|
||||
password = data.get('password')
|
||||
|
||||
if not username or not password:
|
||||
return jsonify({"error": "Username and password are required"}), 400
|
||||
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
|
||||
# Check if exists
|
||||
cur.execute("SELECT id FROM users WHERE username = %s", (username,))
|
||||
if cur.fetchone():
|
||||
release_db_connection(conn)
|
||||
return jsonify({"error": "Username already exists"}), 400
|
||||
|
||||
hashed_password = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()).decode('utf-8')
|
||||
|
||||
cur.execute(
|
||||
"INSERT INTO users (username, password_hash) VALUES (%s, %s) RETURNING id",
|
||||
(username, hashed_password)
|
||||
)
|
||||
user_id = cur.fetchone()[0]
|
||||
conn.commit()
|
||||
release_db_connection(conn)
|
||||
|
||||
return jsonify({"message": "User registered successfully", "user_id": user_id}), 201
|
||||
|
||||
@auth_blueprint.route('/auth/login', methods=['POST'])
|
||||
def login():
|
||||
data = request.json
|
||||
username = data.get('username')
|
||||
password = data.get('password')
|
||||
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("SELECT id, password_hash FROM users WHERE username = %s", (username,))
|
||||
user = cur.fetchone()
|
||||
release_db_connection(conn)
|
||||
|
||||
if not user or not bcrypt.checkpw(password.encode('utf-8'), user[1].encode('utf-8')):
|
||||
return jsonify({"error": "Invalid credentials"}), 401
|
||||
|
||||
token = jwt.encode({
|
||||
'user_id': user[0],
|
||||
'exp': datetime.utcnow() + timedelta(days=7)
|
||||
}, SECRET_KEY, algorithm="HS256")
|
||||
|
||||
return jsonify({"token": token})
|
||||
|
||||
@auth_blueprint.route('/auth/me', methods=['GET'])
|
||||
@token_required
|
||||
def get_me(current_user_id):
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("SELECT id, username, plan FROM users WHERE id = %s", (current_user_id,))
|
||||
user = cur.fetchone()
|
||||
release_db_connection(conn)
|
||||
|
||||
if not user:
|
||||
return jsonify({"error": "User not found"}), 404
|
||||
|
||||
return jsonify({"id": user[0], "username": user[1], "plan": user[2]})
|
||||
|
||||
@auth_blueprint.route('/auth/upgrade', methods=['POST'])
|
||||
@token_required
|
||||
def upgrade_plan(current_user_id):
|
||||
"""Simulates payment success and upgrades to PRO."""
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("UPDATE users SET plan = 'pro' WHERE id = %s", (current_user_id,))
|
||||
conn.commit()
|
||||
release_db_connection(conn)
|
||||
|
||||
return jsonify({"message": "Successfully upgraded to PRO"}), 200
|
||||
@@ -5,6 +5,7 @@ from werkzeug.utils import secure_filename
|
||||
from datetime import datetime
|
||||
|
||||
from ..db import get_db_connection, release_db_connection
|
||||
from ..middleware import token_required
|
||||
|
||||
cases_blueprint = Blueprint('cases', __name__)
|
||||
|
||||
@@ -24,7 +25,8 @@ def serialize_case(row):
|
||||
|
||||
# ---------- CASE CRUD ----------
|
||||
@cases_blueprint.route('/cases', methods=['GET'])
|
||||
def list_cases():
|
||||
@token_required
|
||||
def list_cases(current_user_id):
|
||||
# optional filters: ?article=...&status=...&platform=...
|
||||
article = request.args.get('article')
|
||||
status = request.args.get('status')
|
||||
@@ -32,8 +34,8 @@ def list_cases():
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
query = "SELECT id, platform, violator_url, violator_article, my_article, comment, status, created_at, updated_at FROM cases"
|
||||
params = []
|
||||
conditions = []
|
||||
params = [current_user_id]
|
||||
conditions = ["user_id = %s"]
|
||||
if article:
|
||||
conditions.append("violator_article = %s")
|
||||
params.append(article)
|
||||
@@ -52,7 +54,8 @@ def list_cases():
|
||||
return jsonify([serialize_case(r) for r in rows])
|
||||
|
||||
@cases_blueprint.route('/cases', methods=['POST'])
|
||||
def create_case():
|
||||
@token_required
|
||||
def create_case(current_user_id):
|
||||
data = request.json
|
||||
required = ["platform", "violator_url", "violator_article"]
|
||||
for f in required:
|
||||
@@ -61,9 +64,10 @@ def create_case():
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute(
|
||||
"""INSERT INTO cases (platform, violator_url, violator_article, my_article, comment, status)
|
||||
VALUES (%s, %s, %s, %s, %s, %s) RETURNING id""",
|
||||
"""INSERT INTO cases (user_id, platform, violator_url, violator_article, my_article, comment, status)
|
||||
VALUES (%s, %s, %s, %s, %s, %s, %s) RETURNING id""",
|
||||
(
|
||||
current_user_id,
|
||||
data.get('platform'),
|
||||
data.get('violator_url'),
|
||||
data.get('violator_article'),
|
||||
@@ -78,10 +82,11 @@ def create_case():
|
||||
return jsonify({"id": case_id}), 201
|
||||
|
||||
@cases_blueprint.route('/cases/<int:case_id>', methods=['GET'])
|
||||
def get_case(case_id):
|
||||
@token_required
|
||||
def get_case(current_user_id, case_id):
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("SELECT id, platform, violator_url, violator_article, my_article, comment, status, created_at, updated_at FROM cases WHERE id = %s", (case_id,))
|
||||
cur.execute("SELECT id, platform, violator_url, violator_article, my_article, comment, status, created_at, updated_at FROM cases WHERE id = %s AND user_id = %s", (case_id, current_user_id))
|
||||
row = cur.fetchone()
|
||||
release_db_connection(conn)
|
||||
if not row:
|
||||
@@ -89,7 +94,8 @@ def get_case(case_id):
|
||||
return jsonify(serialize_case(row))
|
||||
|
||||
@cases_blueprint.route('/cases/<int:case_id>', methods=['PUT'])
|
||||
def update_case(case_id):
|
||||
@token_required
|
||||
def update_case(current_user_id, case_id):
|
||||
data = request.json
|
||||
fields = []
|
||||
params = []
|
||||
@@ -100,27 +106,29 @@ def update_case(case_id):
|
||||
params.append(data[f])
|
||||
if not fields:
|
||||
return jsonify({"error": "No updatable fields provided"}), 400
|
||||
params.append(case_id)
|
||||
params.extend([case_id, current_user_id])
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute(f"UPDATE cases SET {', '.join(fields)}, updated_at = %s WHERE id = %s",
|
||||
(*params[:-1], datetime.utcnow(), case_id))
|
||||
cur.execute(f"UPDATE cases SET {', '.join(fields)}, updated_at = %s WHERE id = %s AND user_id = %s",
|
||||
(*params[:-2], datetime.utcnow(), case_id, current_user_id))
|
||||
conn.commit()
|
||||
release_db_connection(conn)
|
||||
return jsonify({"message": "Case updated"})
|
||||
|
||||
@cases_blueprint.route('/cases/<int:case_id>', methods=['DELETE'])
|
||||
def delete_case(case_id):
|
||||
@token_required
|
||||
def delete_case(current_user_id, case_id):
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("DELETE FROM cases WHERE id = %s", (case_id,))
|
||||
cur.execute("DELETE FROM cases WHERE id = %s AND user_id = %s", (case_id, current_user_id))
|
||||
conn.commit()
|
||||
release_db_connection(conn)
|
||||
return jsonify({"message": "Case deleted"})
|
||||
|
||||
# ---------- FILE UPLOAD ----------
|
||||
@cases_blueprint.route('/cases/<int:case_id>/files', methods=['POST'])
|
||||
def upload_files(case_id):
|
||||
@token_required
|
||||
def upload_files(current_user_id, case_id):
|
||||
if 'files' not in request.files:
|
||||
return jsonify({"error": "No files part in request"}), 400
|
||||
files = request.files.getlist('files')
|
||||
@@ -128,6 +136,13 @@ def upload_files(case_id):
|
||||
upload_folder = current_app.config['UPLOAD_FOLDER']
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
|
||||
# Check ownership
|
||||
cur.execute("SELECT id FROM cases WHERE id = %s AND user_id = %s", (case_id, current_user_id))
|
||||
if not cur.fetchone():
|
||||
release_db_connection(conn)
|
||||
return jsonify({"error": "Case not found"}), 404
|
||||
|
||||
for f in files:
|
||||
if f.filename == '':
|
||||
continue
|
||||
@@ -149,10 +164,11 @@ def upload_files(case_id):
|
||||
|
||||
# Get files for a case
|
||||
@cases_blueprint.route('/cases/<int:case_id>/files', methods=['GET'])
|
||||
def list_files(case_id):
|
||||
@token_required
|
||||
def list_files(current_user_id, case_id):
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("SELECT id, file_path, uploaded_at FROM files WHERE case_id = %s", (case_id,))
|
||||
cur.execute("SELECT f.id, f.file_path, f.uploaded_at FROM files f JOIN cases c ON f.case_id = c.id WHERE f.case_id = %s AND c.user_id = %s", (case_id, current_user_id))
|
||||
rows = cur.fetchall()
|
||||
release_db_connection(conn)
|
||||
files = [{"id": r[0], "path": r[1], "uploaded_at": r[2].isoformat()} for r in rows]
|
||||
|
||||
@@ -4,15 +4,17 @@ from datetime import datetime
|
||||
import json
|
||||
|
||||
from ..db import get_db_connection, release_db_connection
|
||||
from ..middleware import token_required
|
||||
|
||||
credentials_blueprint = Blueprint('credentials', __name__)
|
||||
|
||||
@credentials_blueprint.route('/credentials', methods=['GET'])
|
||||
def list_credentials():
|
||||
@token_required
|
||||
def list_credentials(current_user_id):
|
||||
"""Return configured platforms (without exposing secrets)."""
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("SELECT platform FROM credentials")
|
||||
cur.execute("SELECT platform FROM credentials WHERE user_id = %s", (current_user_id,))
|
||||
rows = cur.fetchall()
|
||||
release_db_connection(conn)
|
||||
|
||||
@@ -20,7 +22,8 @@ def list_credentials():
|
||||
return jsonify({"configured_platforms": platforms})
|
||||
|
||||
@credentials_blueprint.route('/credentials/<string:platform>', methods=['POST'])
|
||||
def save_credentials(platform):
|
||||
@token_required
|
||||
def save_credentials(current_user_id, platform):
|
||||
"""Save or update credentials for a specific platform."""
|
||||
data = request.json
|
||||
api_key = data.get('api_key')
|
||||
@@ -31,16 +34,29 @@ def save_credentials(platform):
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
|
||||
# --- PLAN LIMIT CHECK ---
|
||||
cur.execute("SELECT plan FROM users WHERE id = %s", (current_user_id,))
|
||||
user_plan = cur.fetchone()[0]
|
||||
|
||||
if user_plan == 'free':
|
||||
# Count existing configured platforms for this user
|
||||
cur.execute("SELECT COUNT(*) FROM credentials WHERE user_id = %s AND platform != %s", (current_user_id, platform))
|
||||
count = cur.fetchone()[0]
|
||||
if count >= 1:
|
||||
release_db_connection(conn)
|
||||
return jsonify({"error": "Лимит бесплатного тарифа исчерпан (максимум 1 интеграция). Перейдите на PRO."}), 403
|
||||
# ------------------------
|
||||
|
||||
cur.execute(
|
||||
"""INSERT INTO credentials (platform, api_key, client_id, client_secret, other_data, updated_at)
|
||||
VALUES (%s, %s, %s, %s, %s, %s)
|
||||
ON CONFLICT (platform) DO UPDATE SET
|
||||
"""INSERT INTO credentials (user_id, platform, api_key, client_id, client_secret, other_data, updated_at)
|
||||
VALUES (%s, %s, %s, %s, %s, %s, %s)
|
||||
ON CONFLICT (user_id, platform) DO UPDATE SET
|
||||
api_key = EXCLUDED.api_key,
|
||||
client_id = EXCLUDED.client_id,
|
||||
client_secret = EXCLUDED.client_secret,
|
||||
other_data = EXCLUDED.other_data,
|
||||
updated_at = EXCLUDED.updated_at""",
|
||||
(platform, api_key, client_id, client_secret, json.dumps(other_data), datetime.utcnow())
|
||||
(current_user_id, platform, api_key, client_id, client_secret, json.dumps(other_data), datetime.utcnow())
|
||||
)
|
||||
conn.commit()
|
||||
release_db_connection(conn)
|
||||
@@ -48,11 +64,12 @@ def save_credentials(platform):
|
||||
return jsonify({"message": f"Credentials for {platform} saved successfully."}), 200
|
||||
|
||||
@credentials_blueprint.route('/credentials/<string:platform>', methods=['DELETE'])
|
||||
def delete_credentials(platform):
|
||||
@token_required
|
||||
def delete_credentials(current_user_id, platform):
|
||||
"""Delete credentials for a specific platform."""
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("DELETE FROM credentials WHERE platform = %s", (platform,))
|
||||
cur.execute("DELETE FROM credentials WHERE user_id = %s AND platform = %s", (current_user_id, platform))
|
||||
conn.commit()
|
||||
release_db_connection(conn)
|
||||
|
||||
|
||||
51
backend/routes/dashboard.py
Normal file
51
backend/routes/dashboard.py
Normal file
@@ -0,0 +1,51 @@
|
||||
from flask import Blueprint, jsonify
|
||||
from ..db import get_db_connection, release_db_connection
|
||||
from ..middleware import token_required
|
||||
|
||||
dashboard_blueprint = Blueprint('dashboard', __name__)
|
||||
|
||||
@dashboard_blueprint.route('/dashboard/stats', methods=['GET'])
|
||||
@token_required
|
||||
def get_stats(current_user_id):
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
|
||||
# 1. Total cases
|
||||
cur.execute("SELECT COUNT(*) FROM cases WHERE user_id = %s", (current_user_id,))
|
||||
total_cases = cur.fetchone()[0]
|
||||
|
||||
# 2. Cases by status
|
||||
cur.execute("SELECT status, COUNT(*) FROM cases WHERE user_id = %s GROUP BY status", (current_user_id,))
|
||||
status_rows = cur.fetchall()
|
||||
cases_by_status = {row[0]: row[1] for row in status_rows}
|
||||
|
||||
# 3. Total active integrations
|
||||
cur.execute("SELECT COUNT(*) FROM credentials WHERE user_id = %s", (current_user_id,))
|
||||
total_integrations = cur.fetchone()[0]
|
||||
|
||||
# 4. List of connected platforms
|
||||
cur.execute("SELECT platform FROM credentials WHERE user_id = %s", (current_user_id,))
|
||||
platforms = [row[0] for row in cur.fetchall()]
|
||||
|
||||
# 5. Recent activity (last 5 cases)
|
||||
cur.execute("SELECT id, platform, violator_article, status, created_at FROM cases WHERE user_id = %s ORDER BY created_at DESC LIMIT 5", (current_user_id,))
|
||||
recent_rows = cur.fetchall()
|
||||
recent_activity = [
|
||||
{
|
||||
"id": r[0],
|
||||
"platform": r[1],
|
||||
"article": r[2],
|
||||
"status": r[3],
|
||||
"date": r[4].isoformat() if r[4] else None
|
||||
} for r in recent_rows
|
||||
]
|
||||
|
||||
release_db_connection(conn)
|
||||
|
||||
return jsonify({
|
||||
"total_cases": total_cases,
|
||||
"cases_by_status": cases_by_status,
|
||||
"total_integrations": total_integrations,
|
||||
"platforms": platforms,
|
||||
"recent_activity": recent_activity
|
||||
})
|
||||
96
backend/routes/reports.py
Normal file
96
backend/routes/reports.py
Normal file
@@ -0,0 +1,96 @@
|
||||
import io
|
||||
import pandas as pd
|
||||
from flask import Blueprint, send_file, jsonify, make_response
|
||||
from reportlab.lib.pagesizes import letter
|
||||
from reportlab.pdfgen import canvas
|
||||
from reportlab.lib import colors
|
||||
from reportlab.lib.styles import getSampleStyleSheet
|
||||
from reportlab.platypus import SimpleDocTemplate, Paragraph, Spacer, Table, TableStyle
|
||||
|
||||
from ..db import get_db_connection, release_db_connection
|
||||
from ..middleware import token_required
|
||||
|
||||
reports_blueprint = Blueprint('reports', __name__)
|
||||
|
||||
@reports_blueprint.route('/reports/cases/csv', methods=['GET'])
|
||||
@token_required
|
||||
def export_cases_csv(current_user_id):
|
||||
conn = get_db_connection()
|
||||
query = """
|
||||
SELECT id, platform, violator_url, violator_article, my_article, comment, status, created_at
|
||||
FROM cases
|
||||
WHERE user_id = %s
|
||||
"""
|
||||
df = pd.read_sql(query, conn, params=(current_user_id,))
|
||||
release_db_connection(conn)
|
||||
|
||||
output = io.BytesIO()
|
||||
df.to_csv(output, index=False, encoding='utf-8-sig')
|
||||
output.seek(0)
|
||||
|
||||
return send_file(
|
||||
output,
|
||||
mimetype='text/csv',
|
||||
as_attachment=True,
|
||||
download_name=f'cases_export_{current_user_id}.csv'
|
||||
)
|
||||
|
||||
@reports_blueprint.route('/reports/case/<int:case_id>/pdf', methods=['GET'])
|
||||
@token_required
|
||||
def export_case_pdf(current_user_id, case_id):
|
||||
conn = get_db_connection()
|
||||
cur = conn.cursor()
|
||||
cur.execute("""
|
||||
SELECT platform, violator_url, violator_article, my_article, comment, status, created_at
|
||||
FROM cases
|
||||
WHERE id = %s AND user_id = %s
|
||||
""", (case_id, current_user_id))
|
||||
row = cur.fetchone()
|
||||
release_db_connection(conn)
|
||||
|
||||
if not row:
|
||||
return jsonify({"error": "Case not found"}), 404
|
||||
|
||||
platform, v_url, v_art, my_art, comment, status, created_at = row
|
||||
|
||||
buffer = io.BytesIO()
|
||||
doc = SimpleDocTemplate(buffer, pagesize=letter)
|
||||
styles = getSampleStyleSheet()
|
||||
elements = []
|
||||
|
||||
# Title
|
||||
elements.append(Paragraph(f"Официальная претензия #{case_id}", styles['Title']))
|
||||
elements.append(Spacer(1, 12))
|
||||
|
||||
# Info table
|
||||
data = [
|
||||
["Маркетплейс", platform.upper()],
|
||||
["Дата создания", created_at.strftime('%Y-%m-%d %H:%M') if created_at else "-"],
|
||||
["Артикул нарушителя", v_art],
|
||||
["Ссылка на товар", Paragraph(v_url, styles['Normal'])],
|
||||
["Ваш артикул", my_art or "-"],
|
||||
["Текущий статус", status.upper()]
|
||||
]
|
||||
|
||||
t = Table(data, colWidths=[150, 350])
|
||||
t.setStyle(TableStyle([
|
||||
('BACKGROUND', (0, 0), (0, -1), colors.lightgrey),
|
||||
('GRID', (0, 0), (-1, -1), 1, colors.black),
|
||||
('PADDING', (0, 0), (-1, -1), 6),
|
||||
]))
|
||||
elements.append(t)
|
||||
elements.append(Spacer(1, 24))
|
||||
|
||||
# Description
|
||||
elements.append(Paragraph("Описание нарушения:", styles['Heading2']))
|
||||
elements.append(Paragraph(comment or "Комментарий отсутствует", styles['Normal']))
|
||||
|
||||
doc.build(elements)
|
||||
buffer.seek(0)
|
||||
|
||||
return send_file(
|
||||
buffer,
|
||||
mimetype='application/pdf',
|
||||
as_attachment=True,
|
||||
download_name=f'complaint_{case_id}.pdf'
|
||||
)
|
||||
17
db/init.sql
17
db/init.sql
@@ -1,17 +1,28 @@
|
||||
-- db/init.sql
|
||||
-- Создаёт таблицы для хранения ключей маркетплейсов, кейсов и файлов
|
||||
-- Создаёт таблицы для хранения пользователей, ключей маркетплейсов, кейсов и файлов
|
||||
|
||||
CREATE TABLE IF NOT EXISTS users (
|
||||
id SERIAL PRIMARY KEY,
|
||||
username VARCHAR(50) UNIQUE NOT NULL,
|
||||
password_hash TEXT NOT NULL,
|
||||
plan VARCHAR(20) DEFAULT 'free',
|
||||
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS credentials (
|
||||
platform VARCHAR(50) PRIMARY KEY,
|
||||
user_id INT REFERENCES users(id) ON DELETE CASCADE,
|
||||
platform VARCHAR(50),
|
||||
api_key TEXT,
|
||||
client_id TEXT,
|
||||
client_secret TEXT,
|
||||
other_data JSONB,
|
||||
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
|
||||
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
||||
PRIMARY KEY (user_id, platform)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS cases (
|
||||
id SERIAL PRIMARY KEY,
|
||||
user_id INT REFERENCES users(id) ON DELETE CASCADE,
|
||||
platform VARCHAR(50) NOT NULL DEFAULT 'ozon',
|
||||
violator_url TEXT NOT NULL,
|
||||
violator_article VARCHAR(50) NOT NULL,
|
||||
|
||||
@@ -241,3 +241,31 @@ label textarea {
|
||||
background: rgba(0,0,0,0.2);
|
||||
color: #fff;
|
||||
}
|
||||
|
||||
.auth-box {
|
||||
max-width: 400px;
|
||||
margin: 4rem auto;
|
||||
padding: 2rem;
|
||||
background: var(--color-surface);
|
||||
border-radius: var(--radius);
|
||||
border: 1px solid hsla(0,0%,100%,0.1);
|
||||
box-shadow: var(--shadow);
|
||||
}
|
||||
|
||||
.auth-box input {
|
||||
width: 100%;
|
||||
padding: 0.75rem;
|
||||
margin-top: 0.5rem;
|
||||
border: 1px solid hsla(0,0%,100%,0.1);
|
||||
border-radius: var(--radius);
|
||||
background: rgba(0,0,0,0.2);
|
||||
color: #fff;
|
||||
}
|
||||
|
||||
.auth-box a {
|
||||
color: var(--color-primary);
|
||||
text-decoration: none;
|
||||
}
|
||||
.auth-box a:hover {
|
||||
text-decoration: underline;
|
||||
}
|
||||
|
||||
@@ -9,16 +9,91 @@
|
||||
</head>
|
||||
<body>
|
||||
<header class="header">
|
||||
<h1>AutoMarket</h1>
|
||||
<p>Управление жалобами и интеграциями для 10 маркетплейсов</p>
|
||||
<div style="display: flex; justify-content: space-between; align-items: center; max-width: 1200px; margin: 0 auto;">
|
||||
<div>
|
||||
<h1>AutoMarket</h1>
|
||||
<p>Управление жалобами и интеграциями для 10 маркетплейсов</p>
|
||||
</div>
|
||||
<div id="user-info" class="hidden">
|
||||
<span id="username-display" style="margin-right: 1rem;"></span>
|
||||
<button id="logout-btn" class="btn-secondary">Выйти</button>
|
||||
</div>
|
||||
</div>
|
||||
</header>
|
||||
|
||||
<div class="tabs-container">
|
||||
<button class="tab-btn active" data-target="cases-section">Список жалоб</button>
|
||||
<button class="tab-btn" data-target="integrations-section">Настройки интеграций</button>
|
||||
</div>
|
||||
<!-- AUTH SECTION -->
|
||||
<main id="auth-section" class="container">
|
||||
<div class="auth-box">
|
||||
<h2 id="auth-title">Вход в систему</h2>
|
||||
<form id="auth-form">
|
||||
<input type="text" id="auth-username" placeholder="Логин" required />
|
||||
<input type="password" id="auth-password" placeholder="Пароль" required />
|
||||
<button type="submit" class="btn-primary" style="width: 100%; margin-top: 1rem;">Войти</button>
|
||||
</form>
|
||||
<p style="margin-top: 1rem; text-align: center;">
|
||||
<a href="#" id="auth-toggle">Нет аккаунта? Зарегистрироваться</a>
|
||||
</p>
|
||||
</div>
|
||||
</main>
|
||||
|
||||
<main class="container">
|
||||
<div id="main-app" class="hidden">
|
||||
<div class="tabs-container">
|
||||
<button class="tab-btn active" data-target="dashboard-section">Дашборд</button>
|
||||
<button class="tab-btn" data-target="cases-section">Список жалоб</button>
|
||||
<button class="tab-btn" data-target="integrations-section">Настройки интеграций</button>
|
||||
<button class="tab-btn" data-target="billing-section">Тарифы</button>
|
||||
</div>
|
||||
|
||||
<main class="container">
|
||||
|
||||
<!-- Dashboard Section -->
|
||||
<section id="dashboard-section" class="section">
|
||||
<h2>Сводная статистика</h2>
|
||||
<div id="stats-grid" class="platforms-grid">
|
||||
<!-- Stats cards will be here -->
|
||||
</div>
|
||||
<div class="section" style="margin-top: 2rem;">
|
||||
<h3>Последняя активность</h3>
|
||||
<table id="recent-activity-table" class="table">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>ID</th>
|
||||
<th>Площадка</th>
|
||||
<th>Артикул</th>
|
||||
<th>Статус</th>
|
||||
<th>Дата</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody></tbody>
|
||||
</table>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<!-- Billing / Subscription Section -->
|
||||
<section id="billing-section" class="section hidden">
|
||||
<h2>Ваш тариф: <span id="current-plan-display">Free</span></h2>
|
||||
<div class="platforms-grid">
|
||||
<div class="platform-card">
|
||||
<h3>Тариф FREE</h3>
|
||||
<p class="status">Активен по умолчанию</p>
|
||||
<ul>
|
||||
<li>Подключение: Максимум 1 маркетплейс</li>
|
||||
<li>Базовая поддержка</li>
|
||||
</ul>
|
||||
<button class="btn-secondary" disabled style="margin-top:1rem; width:100%;">Уже активирован</button>
|
||||
</div>
|
||||
<div class="platform-card" style="border-color: var(--color-primary);">
|
||||
<h3 style="color: var(--color-primary);">Тариф PRO</h3>
|
||||
<p class="status" style="color: var(--color-primary);">Рекомендуемый</p>
|
||||
<ul>
|
||||
<li>Подключение: До 10 маркетплейсов</li>
|
||||
<li>Безлимитное создание жалоб</li>
|
||||
<li>Приоритетная поддержка</li>
|
||||
</ul>
|
||||
<button id="upgrade-btn" class="btn-primary" style="margin-top:1rem; width:100%;">Купить за 990₽</button>
|
||||
</div>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<!-- Integrations List -->
|
||||
<section id="integrations-section" class="section hidden">
|
||||
@@ -54,6 +129,7 @@
|
||||
<option value="closed">Закрыт</option>
|
||||
</select>
|
||||
<button id="new-case-btn" class="btn-primary">+ Новый кейс</button>
|
||||
<button id="export-csv-btn" class="btn-secondary">⬇ Экспорт CSV</button>
|
||||
</div>
|
||||
<table id="cases-table" class="table">
|
||||
<thead>
|
||||
@@ -119,11 +195,15 @@
|
||||
|
||||
<!-- Case detail -->
|
||||
<section id="case-detail-section" class="section hidden">
|
||||
<h2>Детали кейса</h2>
|
||||
<div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 1rem;">
|
||||
<h2>Детали кейса</h2>
|
||||
<button id="download-pdf-btn" class="btn-primary">📄 Скачать PDF-претензию</button>
|
||||
</div>
|
||||
<div id="case-detail"></div>
|
||||
<button id="back-to-list" class="btn-secondary">← Назад к списку</button>
|
||||
</section>
|
||||
</main>
|
||||
</main>
|
||||
</div>
|
||||
|
||||
<script type="module" src="js/app.js"></script>
|
||||
</body>
|
||||
|
||||
@@ -1,39 +1,101 @@
|
||||
// frontend/js/api.js
|
||||
// Base URL for backend API (adjust if using different host/port)
|
||||
const API_BASE = "http://localhost:5000/api";
|
||||
|
||||
function getHeaders() {
|
||||
const token = localStorage.getItem('token');
|
||||
const headers = { "Content-Type": "application/json" };
|
||||
if (token) headers["Authorization"] = `Bearer ${token}`;
|
||||
return headers;
|
||||
}
|
||||
|
||||
async function handleResponse(res) {
|
||||
if (res.status === 401) {
|
||||
localStorage.removeItem('token');
|
||||
window.location.reload();
|
||||
}
|
||||
const data = await res.json();
|
||||
if (!res.ok) throw new Error(data.error || data.message || 'API Error');
|
||||
return data;
|
||||
}
|
||||
|
||||
export async function login(username, password) {
|
||||
const res = await fetch(`${API_BASE}/auth/login`, {
|
||||
method: "POST",
|
||||
headers: { "Content-Type": "application/json" },
|
||||
body: JSON.stringify({ username, password }),
|
||||
});
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function register(username, password) {
|
||||
const res = await fetch(`${API_BASE}/auth/register`, {
|
||||
method: "POST",
|
||||
headers: { "Content-Type": "application/json" },
|
||||
body: JSON.stringify({ username, password }),
|
||||
});
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function getMe() {
|
||||
const res = await fetch(`${API_BASE}/auth/me`, { headers: getHeaders() });
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function upgradePlan() {
|
||||
const res = await fetch(`${API_BASE}/auth/upgrade`, {
|
||||
method: "POST",
|
||||
headers: getHeaders()
|
||||
});
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function getDashboardStats() {
|
||||
const res = await fetch(`${API_BASE}/dashboard/stats`, { headers: getHeaders() });
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export function getCaseReportPdfUrl(caseId) {
|
||||
const token = localStorage.getItem('token');
|
||||
return `${API_BASE}/reports/case/${caseId}/pdf?token=${token}`;
|
||||
}
|
||||
|
||||
export function getExportCsvUrl() {
|
||||
const token = localStorage.getItem('token');
|
||||
return `${API_BASE}/reports/cases/csv?token=${token}`;
|
||||
}
|
||||
|
||||
export async function fetchCases(params = {}) {
|
||||
const query = new URLSearchParams(params).toString();
|
||||
const res = await fetch(`${API_BASE}/cases${query ? `?${query}` : ''}`);
|
||||
return await res.json();
|
||||
const res = await fetch(`${API_BASE}/cases${query ? `?${query}` : ''}`, { headers: getHeaders() });
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function createCase(data) {
|
||||
const res = await fetch(`${API_BASE}/cases`, {
|
||||
method: "POST",
|
||||
headers: { "Content-Type": "application/json" },
|
||||
headers: getHeaders(),
|
||||
body: JSON.stringify(data),
|
||||
});
|
||||
return await res.json();
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function getCase(id) {
|
||||
const res = await fetch(`${API_BASE}/cases/${id}`);
|
||||
return await res.json();
|
||||
const res = await fetch(`${API_BASE}/cases/${id}`, { headers: getHeaders() });
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function updateCase(id, data) {
|
||||
const res = await fetch(`${API_BASE}/cases/${id}`, {
|
||||
method: "PUT",
|
||||
headers: { "Content-Type": "application/json" },
|
||||
headers: getHeaders(),
|
||||
body: JSON.stringify(data),
|
||||
});
|
||||
return await res.json();
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function deleteCase(id) {
|
||||
const res = await fetch(`${API_BASE}/cases/${id}`, { method: "DELETE" });
|
||||
return await res.json();
|
||||
const res = await fetch(`${API_BASE}/cases/${id}`, { method: "DELETE", headers: getHeaders() });
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function uploadFiles(caseId, fileList) {
|
||||
@@ -41,29 +103,32 @@ export async function uploadFiles(caseId, fileList) {
|
||||
for (const f of fileList) {
|
||||
form.append("files", f);
|
||||
}
|
||||
const headers = getHeaders();
|
||||
delete headers["Content-Type"]; // let browser set boundary
|
||||
const res = await fetch(`${API_BASE}/cases/${caseId}/files`, {
|
||||
method: "POST",
|
||||
headers: headers,
|
||||
body: form,
|
||||
});
|
||||
return await res.json();
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function listFiles(caseId) {
|
||||
const res = await fetch(`${API_BASE}/cases/${caseId}/files`);
|
||||
return await res.json();
|
||||
const res = await fetch(`${API_BASE}/cases/${caseId}/files`, { headers: getHeaders() });
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
export async function getConfiguredPlatforms() {
|
||||
const res = await fetch(`${API_BASE}/credentials`);
|
||||
const data = await res.json();
|
||||
const res = await fetch(`${API_BASE}/credentials`, { headers: getHeaders() });
|
||||
const data = await handleResponse(res);
|
||||
return data.configured_platforms || [];
|
||||
}
|
||||
|
||||
export async function saveCredentials(platform, data) {
|
||||
const res = await fetch(`${API_BASE}/credentials/${platform}`, {
|
||||
method: "POST",
|
||||
headers: { "Content-Type": "application/json" },
|
||||
headers: getHeaders(),
|
||||
body: JSON.stringify(data),
|
||||
});
|
||||
return await res.json();
|
||||
return await handleResponse(res);
|
||||
}
|
||||
|
||||
@@ -14,15 +14,156 @@ const PLATFORMS = [
|
||||
{ id: 'flowwow', name: 'Flowwow' }
|
||||
];
|
||||
|
||||
document.addEventListener("DOMContentLoaded", () => {
|
||||
let currentUser = null;
|
||||
|
||||
document.addEventListener("DOMContentLoaded", async () => {
|
||||
initAuth();
|
||||
initReports();
|
||||
|
||||
// Check if logged in
|
||||
const token = localStorage.getItem('token');
|
||||
if (token) {
|
||||
try {
|
||||
currentUser = await api.getMe();
|
||||
const planBadge = currentUser.plan === 'pro' ? '<span style="color: gold;">[PRO]</span>' : '<span style="color: gray;">[FREE]</span>';
|
||||
document.getElementById('username-display').innerHTML = `Привет, ${currentUser.username} ${planBadge}`;
|
||||
showApp();
|
||||
} catch (e) {
|
||||
showAuth();
|
||||
}
|
||||
} else {
|
||||
showAuth();
|
||||
}
|
||||
});
|
||||
|
||||
let isLoginMode = true;
|
||||
function initAuth() {
|
||||
const authForm = document.getElementById('auth-form');
|
||||
const toggleBtn = document.getElementById('auth-toggle');
|
||||
const title = document.getElementById('auth-title');
|
||||
const logoutBtn = document.getElementById('logout-btn');
|
||||
|
||||
toggleBtn.addEventListener('click', (e) => {
|
||||
e.preventDefault();
|
||||
isLoginMode = !isLoginMode;
|
||||
title.textContent = isLoginMode ? 'Вход в систему' : 'Регистрация';
|
||||
toggleBtn.textContent = isLoginMode ? 'Нет аккаунта? Зарегистрироваться' : 'Уже есть аккаунт? Войти';
|
||||
});
|
||||
|
||||
authForm.addEventListener('submit', async (e) => {
|
||||
e.preventDefault();
|
||||
const username = document.getElementById('auth-username').value;
|
||||
const password = document.getElementById('auth-password').value;
|
||||
try {
|
||||
if (isLoginMode) {
|
||||
const res = await api.login(username, password);
|
||||
localStorage.setItem('token', res.token);
|
||||
} else {
|
||||
await api.register(username, password);
|
||||
alert('Регистрация успешна! Теперь вы можете войти.');
|
||||
isLoginMode = true;
|
||||
title.textContent = 'Вход в систему';
|
||||
toggleBtn.textContent = 'Нет аккаунта? Зарегистрироваться';
|
||||
return;
|
||||
}
|
||||
window.location.reload();
|
||||
} catch (err) {
|
||||
alert(err.message);
|
||||
}
|
||||
});
|
||||
|
||||
logoutBtn.addEventListener('click', () => {
|
||||
localStorage.removeItem('token');
|
||||
window.location.reload();
|
||||
});
|
||||
}
|
||||
|
||||
function showAuth() {
|
||||
document.getElementById('auth-section').classList.remove('hidden');
|
||||
document.getElementById('main-app').classList.add('hidden');
|
||||
document.getElementById('user-info').classList.add('hidden');
|
||||
}
|
||||
|
||||
function showApp() {
|
||||
document.getElementById('auth-section').classList.add('hidden');
|
||||
document.getElementById('main-app').classList.remove('hidden');
|
||||
document.getElementById('user-info').classList.remove('hidden');
|
||||
initTabs();
|
||||
initCases();
|
||||
initIntegrations();
|
||||
});
|
||||
initBilling();
|
||||
initDashboard();
|
||||
}
|
||||
|
||||
function initDashboard() {
|
||||
loadDashboard();
|
||||
}
|
||||
|
||||
async function loadDashboard() {
|
||||
try {
|
||||
const stats = await api.getDashboardStats();
|
||||
const grid = document.getElementById('stats-grid');
|
||||
grid.innerHTML = `
|
||||
<div class="platform-card">
|
||||
<h3>Всего кейсов</h3>
|
||||
<p style="font-size: 2rem; font-weight: bold;">${stats.total_cases}</p>
|
||||
</div>
|
||||
<div class="platform-card">
|
||||
<h3>Активных интеграций</h3>
|
||||
<p style="font-size: 2rem; font-weight: bold;">${stats.total_integrations}</p>
|
||||
<p style="font-size: 0.8rem;">${stats.platforms.join(', ').toUpperCase()}</p>
|
||||
</div>
|
||||
<div class="platform-card">
|
||||
<h3>В работе (Prepared/Sent)</h3>
|
||||
<p style="font-size: 2rem; font-weight: bold;">
|
||||
${(stats.cases_by_status.prepared || 0) + (stats.cases_by_status.sent || 0)}
|
||||
</p>
|
||||
</div>
|
||||
`;
|
||||
|
||||
const tbody = document.querySelector('#recent-activity-table tbody');
|
||||
tbody.innerHTML = '';
|
||||
stats.recent_activity.forEach(a => {
|
||||
const tr = document.createElement('tr');
|
||||
const pName = PLATFORMS.find(p => p.id === a.platform)?.name || a.platform;
|
||||
tr.innerHTML = `
|
||||
<td>${a.id}</td>
|
||||
<td>${pName}</td>
|
||||
<td>${a.article}</td>
|
||||
<td>${a.status}</td>
|
||||
<td>${new Date(a.date).toLocaleDateString()}</td>
|
||||
`;
|
||||
tbody.appendChild(tr);
|
||||
});
|
||||
} catch (e) {
|
||||
console.error(e);
|
||||
}
|
||||
}
|
||||
|
||||
function initBilling() {
|
||||
document.getElementById('current-plan-display').textContent = currentUser.plan.toUpperCase();
|
||||
|
||||
document.getElementById('upgrade-btn').addEventListener('click', async () => {
|
||||
if(currentUser.plan === 'pro') {
|
||||
alert('У вас уже тариф PRO!');
|
||||
return;
|
||||
}
|
||||
|
||||
if(confirm('Перейти на PRO тариф (симуляция оплаты)?')) {
|
||||
try {
|
||||
await api.upgradePlan();
|
||||
alert('Оплата прошла успешно! Вы теперь PRO.');
|
||||
window.location.reload();
|
||||
} catch (err) {
|
||||
alert(err.message);
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
function initTabs() {
|
||||
const btns = document.querySelectorAll('.tab-btn');
|
||||
const sections = ['cases-section', 'integrations-section'];
|
||||
const sections = ['dashboard-section', 'cases-section', 'integrations-section', 'billing-section'];
|
||||
|
||||
btns.forEach(btn => {
|
||||
btn.addEventListener('click', () => {
|
||||
@@ -31,12 +172,14 @@ function initTabs() {
|
||||
|
||||
const target = btn.dataset.target;
|
||||
sections.forEach(s => {
|
||||
document.getElementById(s).classList.add('hidden');
|
||||
const el = document.getElementById(s);
|
||||
if (el) el.classList.add('hidden');
|
||||
});
|
||||
document.getElementById(target).classList.remove('hidden');
|
||||
document.getElementById('case-form-section').classList.add('hidden');
|
||||
document.getElementById('case-detail-section').classList.add('hidden');
|
||||
|
||||
if(target === 'dashboard-section') loadDashboard();
|
||||
if(target === 'cases-section') loadCases();
|
||||
if(target === 'integrations-section') loadIntegrations();
|
||||
});
|
||||
@@ -71,9 +214,13 @@ async function loadIntegrations() {
|
||||
e.preventDefault();
|
||||
const formData = new FormData(e.target);
|
||||
const data = Object.fromEntries(formData);
|
||||
await api.saveCredentials(p.id, data);
|
||||
alert(`Настройки для ${p.name} сохранены!`);
|
||||
loadIntegrations();
|
||||
try {
|
||||
await api.saveCredentials(p.id, data);
|
||||
alert(`Настройки для ${p.name} сохранены!`);
|
||||
loadIntegrations();
|
||||
} catch(err) {
|
||||
alert(err.message);
|
||||
}
|
||||
});
|
||||
|
||||
grid.appendChild(card);
|
||||
@@ -130,9 +277,22 @@ async function initCases() {
|
||||
}
|
||||
});
|
||||
|
||||
document.getElementById('export-csv-btn').addEventListener('click', () => {
|
||||
window.location.href = api.getExportCsvUrl();
|
||||
});
|
||||
|
||||
loadCases();
|
||||
}
|
||||
|
||||
let currentViewCaseId = null;
|
||||
async function initReports() {
|
||||
document.getElementById('download-pdf-btn').addEventListener('click', () => {
|
||||
if (currentViewCaseId) {
|
||||
window.location.href = api.getCaseReportPdfUrl(currentViewCaseId);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
async function loadCases() {
|
||||
const article = document.getElementById('search-input').value;
|
||||
const status = document.getElementById('status-filter').value;
|
||||
@@ -171,6 +331,7 @@ async function loadCases() {
|
||||
}
|
||||
|
||||
window.viewCase = async function(id) {
|
||||
currentViewCaseId = id;
|
||||
document.getElementById('cases-section').classList.add('hidden');
|
||||
const detailSection = document.getElementById('case-detail-section');
|
||||
detailSection.classList.remove('hidden');
|
||||
|
||||
Reference in New Issue
Block a user