Files
AutoMarket/backend/routes/credentials.py

77 lines
3.1 KiB
Python

# backend/routes/credentials.py
from flask import Blueprint, request, jsonify
from datetime import datetime
import json
from ..db import get_db_connection, release_db_connection
from ..middleware import token_required
credentials_blueprint = Blueprint('credentials', __name__)
@credentials_blueprint.route('/credentials', methods=['GET'])
@token_required
def list_credentials(current_user_id):
"""Return configured platforms (without exposing secrets)."""
conn = get_db_connection()
cur = conn.cursor()
cur.execute("SELECT platform FROM credentials WHERE user_id = %s", (current_user_id,))
rows = cur.fetchall()
release_db_connection(conn)
platforms = [r[0] for r in rows]
return jsonify({"configured_platforms": platforms})
@credentials_blueprint.route('/credentials/<string:platform>', methods=['POST'])
@token_required
def save_credentials(current_user_id, platform):
"""Save or update credentials for a specific platform."""
data = request.json
api_key = data.get('api_key')
client_id = data.get('client_id')
client_secret = data.get('client_secret')
other_data = data.get('other_data', {})
conn = get_db_connection()
cur = conn.cursor()
# --- PLAN LIMIT CHECK ---
cur.execute("SELECT plan FROM users WHERE id = %s", (current_user_id,))
user_plan = cur.fetchone()[0]
if user_plan == 'free':
# Count existing configured platforms for this user
cur.execute("SELECT COUNT(*) FROM credentials WHERE user_id = %s AND platform != %s", (current_user_id, platform))
count = cur.fetchone()[0]
if count >= 1:
release_db_connection(conn)
return jsonify({"error": "Лимит бесплатного тарифа исчерпан (максимум 1 интеграция). Перейдите на PRO."}), 403
# ------------------------
cur.execute(
"""INSERT INTO credentials (user_id, platform, api_key, client_id, client_secret, other_data, updated_at)
VALUES (%s, %s, %s, %s, %s, %s, %s)
ON CONFLICT (user_id, platform) DO UPDATE SET
api_key = EXCLUDED.api_key,
client_id = EXCLUDED.client_id,
client_secret = EXCLUDED.client_secret,
other_data = EXCLUDED.other_data,
updated_at = EXCLUDED.updated_at""",
(current_user_id, platform, api_key, client_id, client_secret, json.dumps(other_data), datetime.utcnow())
)
conn.commit()
release_db_connection(conn)
return jsonify({"message": f"Credentials for {platform} saved successfully."}), 200
@credentials_blueprint.route('/credentials/<string:platform>', methods=['DELETE'])
@token_required
def delete_credentials(current_user_id, platform):
"""Delete credentials for a specific platform."""
conn = get_db_connection()
cur = conn.cursor()
cur.execute("DELETE FROM credentials WHERE user_id = %s AND platform = %s", (current_user_id, platform))
conn.commit()
release_db_connection(conn)
return jsonify({"message": f"Credentials for {platform} deleted."}), 200