создание, правка, удаление, скрытие инструмента

api/routers/__init__.py

@@ -1,4 +1,5 @@
 from fastapi import APIRouter, Depends, Request
+from fastapi.responses import RedirectResponse
 
 from db.handlers.categories import CategoryHandler
 from utils import render, requestDict, logger
@@ -18,7 +19,24 @@ router.include_router(toolkit, prefix="/toolkit", tags=["toolkit"])
 
 @router.get("/")
 async def main_page(request: Request):
-    return await render(request)
+    cookies = request.cookies
+    checkList = ["toolbox_user", "toolbox_access"]
+    if all(key in cookies for key in checkList):
+        return await render(request)
+    else:
+        for key in checkList:
+            if key in cookies:
+                deleteCookie = key
+                break
+        else:
+            deleteCookie = None
+
+        if deleteCookie:
+            response = RedirectResponse(url="/user/login", status_code=302)
+            response.set_cookie(deleteCookie, "", expires=0)
+            return response
+        else:
+            return RedirectResponse(url="/user/login", status_code=302)
 
 
 @router.post("/")

api/routers/toolkit.py

@@ -9,6 +9,28 @@ from utils import requestDict, logger
 router = APIRouter()
 
 
+def handleResult(result: dict, response: dict) -> dict:
+    if "errorMessage" in result.keys():
+        response["message"] = result["errorMessage"]
+    else:
+        response["status"] = "ok"
+    return response
+
+
+@router.get("/", summary="Получение инструмента")
+async def get_toolkit(reqData: dict = Depends(requestDict)):
+    logger.info(f"Получение инструмента")
+    response = {"status": "error"}
+    toolkitId = reqData.get("query").get("toolkitId")
+    if toolkitId:
+        toolkit = await ToolkitHandler.get(int(toolkitId))
+        if toolkit:
+            # logger.info(toolkit)
+            response["status"] = "ok"
+            response["data"] = toolkit
+    return response
+
+
 @router.post("/", summary="Запрос остатка инструмента")
 async def toolkit_request(
     reqData: dict = Depends(requestDict),
@@ -16,7 +38,6 @@ async def toolkit_request(
     response = {"status": "error", "data": {}}
     toolkitId = reqData.get("body").get("toolkitId")
     logger.info(f"Получение запроса остатка инструмента #{toolkitId}")
-    # logger.info(request_data)
     stocks = await StockHandler.getByToolkitId(toolkitId)
     if not stocks:
         return response
@@ -100,3 +121,74 @@ async def categories_batch(reqData: dict = Depends(requestDict)):
     if success:
         response["status"] = "ok"
     return response
+
+
+@router.get("/categories", summary="Получение категорий")
+async def get_categories():
+    logger.info(f"Получение категорий")
+    response = {"status": "error"}
+    categories = await CategoryHandler.getAll()
+    if categories:
+        categoriesDict = {
+            category["id"]: {
+                "id": category["id"],
+                "title": category["title"],
+                "description": category["description"],
+            }
+            for category in categories
+        }
+        response["status"] = "ok"
+        response["data"] = categoriesDict
+    return response
+
+
+@router.post("/hide", summary="Скрытие инструмента")
+async def hide_toolkit(reqData: dict = Depends(requestDict)):
+
+    logger.info(f"Скрытие/отображение инструмента")
+    response = {"status": "error"}
+    toolkitId = int(reqData.get("body").get("toolkitId"))
+    userId = reqData.get("body").get("userId")
+    hidden = reqData.get("body").get("hidden")
+    result = await ToolkitHandler.hideToolkit(userId, toolkitId, hidden)
+    response = handleResult(result, response)
+    return response
+
+
+@router.post("/manage", summary="Управление инструментами")
+async def manage_toolkit(reqData: dict = Depends(requestDict)):
+
+    logger.info(f"Управление инструментами")
+    response = {"status": "error"}
+    action = reqData.get("body").get("action")
+    userId = reqData.get("body").get("UserId")
+    toolkitData = reqData.get("body").get("formData")
+    if "category_id" in toolkitData:
+        toolkitData["category_id"] = int(toolkitData.get("category_id"))
+    if "image" in toolkitData:
+        if (
+            not toolkitData.get("image").get("main")
+            or toolkitData.get("image").get("main") == ""
+        ):
+            if len(toolkitData.get("image").get("additional")) == 0:
+                toolkitData.pop("image")
+    match action:
+        case "create":
+            toolkit = await ToolkitHandler.add(toolkitData, userId)
+            response = handleResult(toolkit, response)
+        case "copy":
+            toolkitData.pop("id")
+            toolkit = await ToolkitHandler.add(toolkitData, userId)
+            response = handleResult(toolkit, response)
+        case "update":
+            toolkit = await ToolkitHandler.edit(userId, **toolkitData)
+            response = handleResult(toolkit, response)
+        case "delete":
+            toolkit = await ToolkitHandler.delete(toolkitData.get("id"), userId)
+            response = handleResult(toolkit, response)
+        case _:
+            pass
+    logger.info(
+        f"Управление инструментами ({action}) прошло {'успешно' if response.get('status') == 'ok' else 'неуспешно'}"
+    )
+    return response

api/static/js/api.js

@@ -1,14 +1,27 @@
 // api.js
 export async function apiRequest(url, payload = {}, method = 'POST') {
-  const res = await fetch(url, {
+  method = method.toUpperCase();
+
+  let finalUrl = url;
+  let options = {
     method,
     headers: {
       'Content-Type': 'application/json',
       'Accept': 'application/json'
     },
-    body: JSON.stringify(payload),
     credentials: 'same-origin'
-  });
+  };
+
+  // --- Если GET → добавляем payload в URL ---
+  if (method === 'GET') {
+    const params = new URLSearchParams(payload);
+    finalUrl = `${url}?${params.toString()}`;
+  } else {
+    // --- Для остальных методов → отправляем body ---
+    options.body = JSON.stringify(payload);
+  }
+
+  const res = await fetch(finalUrl, options);
 
   if (!res.ok) {
     const text = await res.text();

api/static/js/cookies.js

@@ -23,16 +23,26 @@ export async function setCookie(name, value, days = 180) {
     }
   }
 
-  const secure = true; // TODO включить после тестов
-  const sameSite = 'Lax';
-
   const expires = new Date(Date.now() + days * 864e5).toUTCString();
+  const encodedName = encodeURIComponent(name);
 
-  let cookie = `${encodeURIComponent(name)}=${cookieValue}; expires=${expires}; path=/`;
-  if (secure) cookie += '; Secure';
-  if (sameSite) cookie += `; SameSite=${sameSite}`;
+  // ---------- 1. Пытаемся установить безопасную куку ----------
+  let secureCookie = `${encodedName}=${cookieValue}; expires=${expires}; path=/; Secure; SameSite=Lax`;
+  document.cookie = secureCookie;
 
-  document.cookie = cookie;
+  // ---------- 2. Проверяем, записалась ли она ----------
+  const isSet = document.cookie.split('; ')
+    .some(c => c.startsWith(`${encodedName}=`));
+
+  if (isSet) {
+    return true; // безопасная кука успешно установлена
+  }
+
+  // ---------- 3. Фолбэк: ставим обычную (без Secure) ----------
+  let normalCookie = `${encodedName}=${cookieValue}; expires=${expires}; path=/; SameSite=Lax`;
+  document.cookie = normalCookie;
+
+  return false; // безопасную куку установить не удалось
 }
 
 export async function getCookie(name) {