77 lines
3.1 KiB
Python
77 lines
3.1 KiB
Python
# backend/routes/credentials.py
|
|
from flask import Blueprint, request, jsonify
|
|
from datetime import datetime
|
|
import json
|
|
|
|
from ..db import get_db_connection, release_db_connection
|
|
from ..middleware import token_required
|
|
|
|
credentials_blueprint = Blueprint('credentials', __name__)
|
|
|
|
@credentials_blueprint.route('/credentials', methods=['GET'])
|
|
@token_required
|
|
def list_credentials(current_user_id):
|
|
"""Return configured platforms (without exposing secrets)."""
|
|
conn = get_db_connection()
|
|
cur = conn.cursor()
|
|
cur.execute("SELECT platform FROM credentials WHERE user_id = %s", (current_user_id,))
|
|
rows = cur.fetchall()
|
|
release_db_connection(conn)
|
|
|
|
platforms = [r[0] for r in rows]
|
|
return jsonify({"configured_platforms": platforms})
|
|
|
|
@credentials_blueprint.route('/credentials/<string:platform>', methods=['POST'])
|
|
@token_required
|
|
def save_credentials(current_user_id, platform):
|
|
"""Save or update credentials for a specific platform."""
|
|
data = request.json
|
|
api_key = data.get('api_key')
|
|
client_id = data.get('client_id')
|
|
client_secret = data.get('client_secret')
|
|
other_data = data.get('other_data', {})
|
|
|
|
conn = get_db_connection()
|
|
cur = conn.cursor()
|
|
|
|
# --- PLAN LIMIT CHECK ---
|
|
cur.execute("SELECT plan FROM users WHERE id = %s", (current_user_id,))
|
|
user_plan = cur.fetchone()[0]
|
|
|
|
if user_plan == 'free':
|
|
# Count existing configured platforms for this user
|
|
cur.execute("SELECT COUNT(*) FROM credentials WHERE user_id = %s AND platform != %s", (current_user_id, platform))
|
|
count = cur.fetchone()[0]
|
|
if count >= 1:
|
|
release_db_connection(conn)
|
|
return jsonify({"error": "Лимит бесплатного тарифа исчерпан (максимум 1 интеграция). Перейдите на PRO."}), 403
|
|
# ------------------------
|
|
|
|
cur.execute(
|
|
"""INSERT INTO credentials (user_id, platform, api_key, client_id, client_secret, other_data, updated_at)
|
|
VALUES (%s, %s, %s, %s, %s, %s, %s)
|
|
ON CONFLICT (user_id, platform) DO UPDATE SET
|
|
api_key = EXCLUDED.api_key,
|
|
client_id = EXCLUDED.client_id,
|
|
client_secret = EXCLUDED.client_secret,
|
|
other_data = EXCLUDED.other_data,
|
|
updated_at = EXCLUDED.updated_at""",
|
|
(current_user_id, platform, api_key, client_id, client_secret, json.dumps(other_data), datetime.utcnow())
|
|
)
|
|
conn.commit()
|
|
release_db_connection(conn)
|
|
|
|
return jsonify({"message": f"Credentials for {platform} saved successfully."}), 200
|
|
|
|
@credentials_blueprint.route('/credentials/<string:platform>', methods=['DELETE'])
|
|
@token_required
|
|
def delete_credentials(current_user_id, platform):
|
|
"""Delete credentials for a specific platform."""
|
|
conn = get_db_connection()
|
|
cur = conn.cursor()
|
|
cur.execute("DELETE FROM credentials WHERE user_id = %s AND platform = %s", (current_user_id, platform))
|
|
conn.commit()
|
|
release_db_connection(conn)
|
|
|
|
return jsonify({"message": f"Credentials for {platform} deleted."}), 200
|