# backend/routes/credentials.py from flask import Blueprint, request, jsonify from datetime import datetime import json from ..db import get_db_connection, release_db_connection from ..middleware import token_required credentials_blueprint = Blueprint('credentials', __name__) @credentials_blueprint.route('/credentials', methods=['GET']) @token_required def list_credentials(current_user_id): """Return configured platforms (without exposing secrets).""" conn = get_db_connection() cur = conn.cursor() cur.execute("SELECT platform FROM credentials WHERE user_id = %s", (current_user_id,)) rows = cur.fetchall() release_db_connection(conn) platforms = [r[0] for r in rows] return jsonify({"configured_platforms": platforms}) @credentials_blueprint.route('/credentials/', methods=['POST']) @token_required def save_credentials(current_user_id, platform): """Save or update credentials for a specific platform.""" data = request.json api_key = data.get('api_key') client_id = data.get('client_id') client_secret = data.get('client_secret') other_data = data.get('other_data', {}) conn = get_db_connection() cur = conn.cursor() # --- PLAN LIMIT CHECK --- cur.execute("SELECT plan FROM users WHERE id = %s", (current_user_id,)) user_plan = cur.fetchone()[0] if user_plan == 'free': # Count existing configured platforms for this user cur.execute("SELECT COUNT(*) FROM credentials WHERE user_id = %s AND platform != %s", (current_user_id, platform)) count = cur.fetchone()[0] if count >= 1: release_db_connection(conn) return jsonify({"error": "Лимит бесплатного тарифа исчерпан (максимум 1 интеграция). Перейдите на PRO."}), 403 # ------------------------ cur.execute( """INSERT INTO credentials (user_id, platform, api_key, client_id, client_secret, other_data, updated_at) VALUES (%s, %s, %s, %s, %s, %s, %s) ON CONFLICT (user_id, platform) DO UPDATE SET api_key = EXCLUDED.api_key, client_id = EXCLUDED.client_id, client_secret = EXCLUDED.client_secret, other_data = EXCLUDED.other_data, updated_at = EXCLUDED.updated_at""", (current_user_id, platform, api_key, client_id, client_secret, json.dumps(other_data), datetime.utcnow()) ) conn.commit() release_db_connection(conn) return jsonify({"message": f"Credentials for {platform} saved successfully."}), 200 @credentials_blueprint.route('/credentials/', methods=['DELETE']) @token_required def delete_credentials(current_user_id, platform): """Delete credentials for a specific platform.""" conn = get_db_connection() cur = conn.cursor() cur.execute("DELETE FROM credentials WHERE user_id = %s AND platform = %s", (current_user_id, platform)) conn.commit() release_db_connection(conn) return jsonify({"message": f"Credentials for {platform} deleted."}), 200