maciejpi/nordabiz
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(oauth): Add OAuth integration UI, API clients, and audit enrichment (Phase 3)
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
Details
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
Details
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
Details
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Details

Browse Source 
- Company settings page with 4 OAuth cards (GBP, Search Console, Facebook, Instagram)
- 3 API service clients: GBP Management, Search Console, Facebook Graph
- OAuth enrichment in GBP audit (owner responses, posts), social media (FB/IG Graph API),
  and SEO prompt (Search Console data)
- Fix OAuth callback redirects to point to company settings page
- All integrations have graceful fallback when no OAuth credentials configured

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Maciej Pienczyn 2026-02-08 15:55:02 +01:00
parent edcba4b178
commit 70e40d133b
9 changed files with 1214 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
audit_ai_service.py
View File

@ -156,6 +156,25 @@ def _collect_seo_data(db, company) -> dict:
except Exception as e:
logger.warning(f"CrUX error for {company.website}: {e}")
# Search Console data via OAuth (if available)
search_console_data = {}
try:
from oauth_service import OAuthService
from search_console_service import SearchConsoleService
oauth = OAuthService()
gsc_token = oauth.get_valid_token(db, company.id, 'google', 'search_console')
if gsc_token and company.website:
gsc = SearchConsoleService(gsc_token)
analytics = gsc.get_search_analytics(company.website, days=28)
if analytics:
search_console_data = analytics
logger.info(f"Search Console data for company {company.id}: {analytics.get('clicks', 0)} clicks")
except ImportError:
pass
except Exception as e:
logger.warning(f"Search Console data collection failed: {e}")
# Persist live-collected data to DB for dashboard display
try:
if security_headers:
@ -262,6 +281,13 @@ def _collect_seo_data(db, company) -> dict:
'crux_lcp_good_pct': crux_data.get('crux_lcp_ms_good_pct'),
'crux_inp_good_pct': crux_data.get('crux_inp_ms_good_pct'),
'crux_period_end': crux_data.get('crux_period_end'),
# Search Console (OAuth)
'gsc_clicks': search_console_data.get('clicks'),
'gsc_impressions': search_console_data.get('impressions'),
'gsc_ctr': search_console_data.get('ctr'),
'gsc_avg_position': search_console_data.get('position'),
'gsc_top_queries': search_console_data.get('top_queries', []),
'gsc_period_days': search_console_data.get('period_days', 28),
}
@ -484,6 +510,13 @@ Dane strukturalne:
- Pola LocalBusiness Schema: {data.get('local_business_schema_fields', 'brak danych')}
- Język strony (html lang): {data.get('html_lang', 'brak')}
Search Console (dane z Google Search Console, ostatnie {data.get('gsc_period_days', 28)} dni):
- Kliknięcia: {data.get('gsc_clicks', 'brak danych (wymaga połączenia OAuth)')}
- Wyświetlenia: {data.get('gsc_impressions', 'brak danych')}
- CTR: {data.get('gsc_ctr', 'brak danych')}%
- Średnia pozycja: {data.get('gsc_avg_position', 'brak danych')}
- Top zapytania: {', '.join(q.get('query', '') for q in (data.get('gsc_top_queries') or [])[:5]) or 'brak danych'}
Social & Analytics:
- Open Graph: {'tak' if data.get('has_og_tags') else 'NIE'}
- Twitter Cards: {'tak' if data.get('has_twitter_cards') else 'NIE'}

32
blueprints/admin/routes_companies.py
View File

@ -599,3 +599,35 @@ def admin_companies_export():
)
finally:
db.close()
@bp.route('/companies/<int:company_id>/settings')
@login_required
@role_required(SystemRole.OFFICE_MANAGER)
def company_settings(company_id):
"""Company settings page with OAuth integrations UI."""
db = SessionLocal()
try:
company = db.query(Company).filter(Company.id == company_id).first()
if not company:
flash('Firma nie istnieje', 'error')
return redirect(url_for('admin.admin_companies'))
from oauth_service import OAuthService
oauth = OAuthService()
connections = oauth.get_connected_services(db, company_id)
# Check if OAuth credentials are configured
oauth_available = {
'google': bool(oauth.google_client_id),
'meta': bool(oauth.meta_app_id),
}
return render_template(
'admin/company_settings.html',
company=company,
connections=connections,
oauth_available=oauth_available,
)
finally:
db.close()

64
blueprints/api/routes_oauth.py
View File

@ -68,18 +68,33 @@ def oauth_callback(provider):
state = request.args.get('state')
error = request.args.get('error')
# Parse state early to get company_id for redirects
# State format: company_id:user_id:service:random
state_company_id = None
if state:
try:
state_company_id = int(state.split(':')[0])
except (ValueError, IndexError):
pass
def settings_redirect(params):
"""Redirect to company settings page with query params."""
if state_company_id:
return redirect(f'/admin/companies/{state_company_id}/settings?{params}')
return redirect(f'/admin/companies?{params}')
if error:
logger.warning(f"OAuth error from {provider}: {error}")
return redirect(f'/admin/company?oauth_error={error}')
return settings_redirect(f'oauth_error={error}')
if not code or not state:
return redirect('/admin/company?oauth_error=missing_params')
return settings_redirect('oauth_error=missing_params')
# Validate state
saved_state = session.pop('oauth_state', None)
if not saved_state or saved_state != state:
logger.warning(f"OAuth state mismatch for {provider}")
return redirect('/admin/company?oauth_error=invalid_state')
return settings_redirect('oauth_error=invalid_state')
# Parse state: company_id:user_id:service:random
try:
@ -88,18 +103,18 @@ def oauth_callback(provider):
user_id = int(parts[1])
service = parts[2]
except (ValueError, IndexError):
return redirect('/admin/company?oauth_error=invalid_state_format')
return settings_redirect('oauth_error=invalid_state_format')
# Verify user owns this company
if current_user.id != user_id or current_user.company_id != company_id:
return redirect('/admin/company?oauth_error=unauthorized')
return redirect(f'/admin/companies/{company_id}/settings?oauth_error=unauthorized')
# Exchange code for token
oauth = OAuthService()
token_data = oauth.exchange_code(provider, code)
if not token_data:
return redirect('/admin/company?oauth_error=token_exchange_failed')
return redirect(f'/admin/companies/{company_id}/settings?oauth_error=token_exchange_failed')
# Save token
db = SessionLocal()
@ -107,9 +122,9 @@ def oauth_callback(provider):
success = oauth.save_token(db, company_id, user_id, provider, service, token_data)
if success:
logger.info(f"OAuth connected: {provider}/{service} for company {company_id} by user {user_id}")
return redirect(f'/admin/company?oauth_success={provider}/{service}')
return redirect(f'/admin/companies/{company_id}/settings?oauth_success={provider}/{service}')
else:
return redirect('/admin/company?oauth_error=save_failed')
return redirect(f'/admin/companies/{company_id}/settings?oauth_error=save_failed')
finally:
db.close()
@ -182,3 +197,36 @@ def oauth_disconnect(provider, service):
return jsonify({'success': False, 'error': 'Nie znaleziono połączenia'}), 404
finally:
db.close()
@bp.route('/oauth/google/discover-locations', methods=['POST'])
@login_required
def oauth_discover_gbp_locations():
"""Auto-discover GBP locations after OAuth connection."""
if not current_user.company_id:
return jsonify({'success': False, 'error': 'Brak firmy'}), 403
from oauth_service import OAuthService
oauth = OAuthService()
db = SessionLocal()
try:
token = oauth.get_valid_token(db, current_user.company_id, 'google', 'gbp')
if not token:
return jsonify({'success': False, 'error': 'Brak połączenia GBP'}), 404
try:
from gbp_management_service import GBPManagementService
gbp = GBPManagementService(token)
accounts = gbp.list_accounts()
locations = []
for acc in accounts:
acc_locations = gbp.list_locations(acc.get('name', ''))
locations.extend(acc_locations)
return jsonify({'success': True, 'locations': locations})
except ImportError:
return jsonify({'success': False, 'error': 'Serwis GBP Management niedostępny'}), 503
except Exception as e:
logger.error(f"GBP discover locations error: {e}")
return jsonify({'success': False, 'error': 'Błąd podczas wyszukiwania lokalizacji'}), 500
finally:
db.close()

123
facebook_graph_service.py Normal file
View File

@ -0,0 +1,123 @@
"""
Facebook + Instagram Graph API Client
======================================
Uses OAuth 2.0 page tokens to access Facebook Page and Instagram Business data.
API docs: https://developers.facebook.com/docs/graph-api/
"""
import logging
from datetime import datetime, timedelta
from typing import Dict, List, Optional
import requests
logger = logging.getLogger(__name__)
class FacebookGraphService:
"""Facebook + Instagram Graph API client."""
BASE_URL = "https://graph.facebook.com/v21.0"
def __init__(self, access_token: str):
self.access_token = access_token
self.session = requests.Session()
self.session.timeout = 15
def _get(self, endpoint: str, params: dict = None) -> Optional[Dict]:
"""Make authenticated GET request."""
params = params or {}
params['access_token'] = self.access_token
try:
resp = self.session.get(f"{self.BASE_URL}/{endpoint}", params=params)
resp.raise_for_status()
return resp.json()
except Exception as e:
logger.error(f"Facebook API {endpoint} failed: {e}")
return None
def get_managed_pages(self) -> List[Dict]:
"""Get Facebook pages managed by the authenticated user."""
data = self._get('me/accounts', {'fields': 'id,name,category,access_token,fan_count'})
return data.get('data', []) if data else []
def get_page_info(self, page_id: str) -> Optional[Dict]:
"""Get detailed page information."""
return self._get(page_id, {
'fields': 'id,name,fan_count,category,link,about,website,phone,single_line_address,followers_count'
})
def get_page_insights(self, page_id: str, days: int = 28) -> Dict:
"""Get page insights (impressions, engaged users, reactions).
Note: Requires page access token, not user access token.
The page token should be stored during OAuth connection.
"""
since = datetime.now() - timedelta(days=days)
until = datetime.now()
metrics = 'page_impressions,page_engaged_users,page_fans,page_views_total'
data = self._get(f'{page_id}/insights', {
'metric': metrics,
'period': 'day',
'since': int(since.timestamp()),
'until': int(until.timestamp()),
})
if not data:
return {}
result = {}
for metric in data.get('data', []):
name = metric.get('name', '')
values = metric.get('values', [])
if values:
total = sum(v.get('value', 0) for v in values if isinstance(v.get('value'), (int, float)))
result[name] = total
return result
def get_instagram_account(self, page_id: str) -> Optional[str]:
"""Get linked Instagram Business account ID from a Facebook Page."""
data = self._get(page_id, {'fields': 'instagram_business_account'})
if data and 'instagram_business_account' in data:
return data['instagram_business_account'].get('id')
return None
def get_ig_media_insights(self, ig_account_id: str, days: int = 28) -> Dict:
"""Get Instagram account insights.
Returns follower_count, media_count, and recent media engagement.
"""
result = {}
# Basic account info
account_data = self._get(ig_account_id, {
'fields': 'followers_count,media_count,username,biography'
})
if account_data:
result['followers_count'] = account_data.get('followers_count', 0)
result['media_count'] = account_data.get('media_count', 0)
result['username'] = account_data.get('username', '')
# Account insights (reach, impressions)
since = datetime.now() - timedelta(days=days)
until = datetime.now()
insights_data = self._get(f'{ig_account_id}/insights', {
'metric': 'impressions,reach,follower_count',
'period': 'day',
'since': int(since.timestamp()),
'until': int(until.timestamp()),
})
if insights_data:
for metric in insights_data.get('data', []):
name = metric.get('name', '')
values = metric.get('values', [])
if values:
total = sum(v.get('value', 0) for v in values if isinstance(v.get('value'), (int, float)))
result[f'ig_{name}_total'] = total
return result

40
gbp_audit_service.py
View File

@ -23,7 +23,7 @@ from typing import Dict, List, Optional, Any
from sqlalchemy.orm import Session
from database import Company, GBPAudit, GBPReview, CompanyWebsiteAnalysis, SessionLocal
from database import Company, GBPAudit, GBPReview, CompanyWebsiteAnalysis, SessionLocal, OAuthToken
import gemini_service
try:
@ -1895,6 +1895,44 @@ def fetch_google_business_data(
details_msg.append(f'+{sum(len(v) for v in attributes.values() if isinstance(v, dict))} atrybutów')
result['steps'][-1]['message'] = ', '.join(details_msg) if details_msg else 'Pobrano dane'
# OAuth: Try GBP Management API for owner-specific data
try:
from oauth_service import OAuthService
from gbp_management_service import GBPManagementService
oauth = OAuthService()
gbp_token = oauth.get_valid_token(db, company_id, 'google', 'gbp')
if gbp_token:
token_record = db.query(OAuthToken).filter(
OAuthToken.company_id == company_id,
OAuthToken.provider == 'google',
OAuthToken.service == 'gbp',
OAuthToken.is_active == True,
).first()
location_name = None
if token_record and token_record.metadata_json:
location_name = token_record.metadata_json.get('location_name')
if location_name:
gbp_mgmt = GBPManagementService(gbp_token)
reviews = gbp_mgmt.get_reviews(location_name)
if reviews:
owner_responses = sum(1 for r in reviews if r.get('reviewReply'))
result['data']['google_owner_responses_count'] = owner_responses
result['data']['google_total_reviews_with_replies'] = len(reviews)
result['data']['google_review_response_rate'] = round(
owner_responses / len(reviews) * 100, 1
) if reviews else 0
posts = gbp_mgmt.get_local_posts(location_name)
if posts:
result['data']['google_posts_count'] = len(posts)
result['data']['google_posts_data'] = posts[:10]
logger.info(f"OAuth GBP enrichment: {len(reviews or [])} reviews, {len(posts or [])} posts for company {company_id}")
except Exception as e:
logger.warning(f"OAuth GBP enrichment failed for company {company_id}: {e}")
# Step 3: Save to database
result['steps'].append({
'step': 'save_data',

115
gbp_management_service.py Normal file
View File

@ -0,0 +1,115 @@
"""
Google Business Profile Management API Client
==============================================
Uses OAuth 2.0 access tokens to access owner-specific GBP data
not available through the public Places API (e.g., owner responses to reviews, posts).
API docs: https://developers.google.com/my-business/reference/rest
"""
import logging
from typing import List, Dict, Optional
import requests
logger = logging.getLogger(__name__)
class GBPManagementService:
"""Google Business Profile Management API client."""
ACCOUNT_MGMT_URL = "https://mybusinessaccountmanagement.googleapis.com/v1"
BUSINESS_INFO_URL = "https://mybusinessbusinessinformation.googleapis.com/v1"
def __init__(self, access_token: str):
self.session = requests.Session()
self.session.headers.update({
'Authorization': f'Bearer {access_token}',
'Content-Type': 'application/json',
})
self.session.timeout = 15
def list_accounts(self) -> List[Dict]:
"""List all GBP accounts for the authenticated user."""
try:
resp = self.session.get(f"{self.ACCOUNT_MGMT_URL}/accounts")
resp.raise_for_status()
return resp.json().get('accounts', [])
except Exception as e:
logger.error(f"GBP list_accounts failed: {e}")
return []
def list_locations(self, account_name: str) -> List[Dict]:
"""List locations for a GBP account.
Args:
account_name: Full account resource name (e.g., 'accounts/123456')
"""
try:
resp = self.session.get(
f"{self.BUSINESS_INFO_URL}/{account_name}/locations",
params={'readMask': 'name,title,storefrontAddress,metadata'}
)
resp.raise_for_status()
return resp.json().get('locations', [])
except Exception as e:
logger.error(f"GBP list_locations failed for {account_name}: {e}")
return []
def get_reviews(self, location_name: str, max_results: int = 50) -> List[Dict]:
"""Get reviews INCLUDING owner responses (reviewReply).
This is the key advantage over Places API reviewReply contains
the business owner's response to each review.
Args:
location_name: Full location resource name (e.g., 'accounts/123/locations/456')
max_results: Max reviews to return
"""
try:
reviews = []
page_token = None
while len(reviews) < max_results:
params = {'pageSize': min(50, max_results - len(reviews))}
if page_token:
params['pageToken'] = page_token
resp = self.session.get(
f"{self.ACCOUNT_MGMT_URL}/{location_name}/reviews",
params=params
)
resp.raise_for_status()
data = resp.json()
reviews.extend(data.get('reviews', []))
page_token = data.get('nextPageToken')
if not page_token:
break
return reviews
except Exception as e:
logger.error(f"GBP get_reviews failed for {location_name}: {e}")
return []
def get_local_posts(self, location_name: str) -> List[Dict]:
"""Get Google Posts for a location."""
try:
resp = self.session.get(
f"{self.ACCOUNT_MGMT_URL}/{location_name}/localPosts",
params={'pageSize': 20}
)
resp.raise_for_status()
return resp.json().get('localPosts', [])
except Exception as e:
logger.error(f"GBP get_local_posts failed for {location_name}: {e}")
return []
def match_location_by_place_id(self, account_name: str, place_id: str) -> Optional[Dict]:
"""Find a location that matches a Google Place ID.
Iterates locations and checks metadata.placeId.
"""
locations = self.list_locations(account_name)
for loc in locations:
metadata = loc.get('metadata', {})
if metadata.get('placeId') == place_id:
return loc
return None

50
scripts/social_media_audit.py
View File

@ -1238,6 +1238,56 @@ class SocialMediaAuditor:
result['social_media'] = website_social
logger.info(f"Total social media profiles found: {len(website_social)} - {list(website_social.keys())}")
# OAuth: Try Facebook/Instagram Graph API for authenticated data
try:
from oauth_service import OAuthService
from facebook_graph_service import FacebookGraphService
from database import SessionLocal as OAuthSessionLocal, OAuthToken
oauth = OAuthService()
company_id = company.get('id')
if company_id:
oauth_db = OAuthSessionLocal()
try:
fb_token = oauth.get_valid_token(oauth_db, company_id, 'meta', 'facebook')
if fb_token:
fb_service = FacebookGraphService(fb_token)
token_rec = oauth_db.query(OAuthToken).filter(
OAuthToken.company_id == company_id,
OAuthToken.provider == 'meta',
OAuthToken.service == 'facebook',
OAuthToken.is_active == True,
).first()
page_id = token_rec.account_id if token_rec else None
if page_id:
page_info = fb_service.get_page_info(page_id)
if page_info:
result['oauth_facebook'] = {
'fan_count': page_info.get('fan_count'),
'category': page_info.get('category'),
'data_source': 'oauth_api',
}
insights = fb_service.get_page_insights(page_id)
if insights:
result['oauth_facebook_insights'] = insights
ig_id = fb_service.get_instagram_account(page_id)
if ig_id:
ig_insights = fb_service.get_ig_media_insights(ig_id)
if ig_insights:
result['oauth_instagram'] = {
**ig_insights,
'data_source': 'oauth_api',
}
logger.info(f"OAuth Facebook/IG enrichment done for company {company_id}")
finally:
oauth_db.close()
except ImportError:
pass # Services not yet available
except Exception as e:
logger.warning(f"OAuth social media enrichment failed: {e}")
# 5. Enrich social media profiles with additional data
enriched_profiles = {}
for platform, url in website_social.items():

149
search_console_service.py Normal file
View File

@ -0,0 +1,149 @@
"""
Google Search Console API Client
=================================
Uses OAuth 2.0 to fetch search analytics data (clicks, impressions, CTR, positions).
API docs: https://developers.google.com/webmaster-tools/v3/searchanalytics
"""
import logging
from datetime import datetime, timedelta
from typing import Dict, List, Optional
import requests
logger = logging.getLogger(__name__)
class SearchConsoleService:
"""Google Search Console API client."""
BASE_URL = "https://www.googleapis.com/webmasters/v3"
def __init__(self, access_token: str):
self.session = requests.Session()
self.session.headers.update({
'Authorization': f'Bearer {access_token}',
'Content-Type': 'application/json',
})
self.session.timeout = 15
def list_sites(self) -> List[Dict]:
"""List verified sites in Search Console."""
try:
resp = self.session.get(f"{self.BASE_URL}/sites")
resp.raise_for_status()
return resp.json().get('siteEntry', [])
except Exception as e:
logger.error(f"Search Console list_sites failed: {e}")
return []
def _normalize_site_url(self, url: str) -> Optional[str]:
"""Try to find matching site URL in Search Console.
Search Console uses exact URL format with/without trailing slash,
http/https, www/no-www. Try common variants.
"""
sites = self.list_sites()
site_urls = [s.get('siteUrl', '') for s in sites]
# Direct match
if url in site_urls:
return url
# Try variants
variants = [url]
if not url.endswith('/'):
variants.append(url + '/')
if url.startswith('https://'):
variants.append(url.replace('https://', 'http://'))
if url.startswith('http://'):
variants.append(url.replace('http://', 'https://'))
# www variants
for v in list(variants):
if '://www.' in v:
variants.append(v.replace('://www.', '://'))
else:
variants.append(v.replace('://', '://www.'))
for v in variants:
if v in site_urls:
return v
return None
def get_search_analytics(self, site_url: str, days: int = 28) -> Dict:
"""Get search analytics for a site.
Returns:
Dict with keys: clicks, impressions, ctr, position,
top_queries (list), top_pages (list), period_days
"""
normalized = self._normalize_site_url(site_url)
if not normalized:
logger.warning(f"Site {site_url} not found in Search Console")
return {}
end_date = datetime.now() - timedelta(days=3) # SC data has ~3 day delay
start_date = end_date - timedelta(days=days)
try:
# Totals
resp = self.session.post(
f"{self.BASE_URL}/sites/{requests.utils.quote(normalized, safe='')}/searchAnalytics/query",
json={
'startDate': start_date.strftime('%Y-%m-%d'),
'endDate': end_date.strftime('%Y-%m-%d'),
'dimensions': [],
}
)
resp.raise_for_status()
rows = resp.json().get('rows', [])
totals = rows[0] if rows else {}
result = {
'clicks': totals.get('clicks', 0),
'impressions': totals.get('impressions', 0),
'ctr': round(totals.get('ctr', 0) * 100, 2),
'position': round(totals.get('position', 0), 1),
'period_days': days,
}
# Top queries
resp_q = self.session.post(
f"{self.BASE_URL}/sites/{requests.utils.quote(normalized, safe='')}/searchAnalytics/query",
json={
'startDate': start_date.strftime('%Y-%m-%d'),
'endDate': end_date.strftime('%Y-%m-%d'),
'dimensions': ['query'],
'rowLimit': 10,
}
)
if resp_q.status_code == 200:
result['top_queries'] = [
{'query': r['keys'][0], 'clicks': r.get('clicks', 0), 'impressions': r.get('impressions', 0)}
for r in resp_q.json().get('rows', [])
]
# Top pages
resp_p = self.session.post(
f"{self.BASE_URL}/sites/{requests.utils.quote(normalized, safe='')}/searchAnalytics/query",
json={
'startDate': start_date.strftime('%Y-%m-%d'),
'endDate': end_date.strftime('%Y-%m-%d'),
'dimensions': ['page'],
'rowLimit': 10,
}
)
if resp_p.status_code == 200:
result['top_pages'] = [
{'page': r['keys'][0], 'clicks': r.get('clicks', 0), 'impressions': r.get('impressions', 0)}
for r in resp_p.json().get('rows', [])
]
return result
except Exception as e:
logger.error(f"Search Console analytics failed for {site_url}: {e}")
return {}

617
templates/admin/company_settings.html Normal file
View File

@ -0,0 +1,617 @@
{% extends "base.html" %}
{% block title %}Ustawienia firmy - {{ company.name }} - Norda Biznes Partner{% endblock %}
{% block extra_css %}
.settings-header {
margin-bottom: var(--spacing-xl);
}
.settings-header h1 {
font-size: var(--font-size-3xl);
color: var(--text-primary);
margin: 0;
}
.settings-header .breadcrumb {
display: flex;
align-items: center;
gap: var(--spacing-xs);
margin-bottom: var(--spacing-sm);
font-size: var(--font-size-sm);
color: var(--text-secondary);
}
.settings-header .breadcrumb a {
color: var(--primary);
text-decoration: none;
}
.settings-header .breadcrumb a:hover {
text-decoration: underline;
}
.settings-header .breadcrumb svg {
width: 14px;
height: 14px;
color: var(--text-muted);
}
.settings-subtitle {
margin: var(--spacing-xs) 0 0 0;
color: var(--text-secondary);
}
/* OAuth Cards Grid */
.oauth-cards {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(320px, 1fr));
gap: var(--spacing-lg);
margin-bottom: var(--spacing-xl);
}
.oauth-card {
background: white;
border-radius: var(--radius-lg);
box-shadow: var(--shadow-sm);
padding: var(--spacing-lg);
border: 1px solid var(--border);
transition: var(--transition);
}
.oauth-card:hover {
box-shadow: var(--shadow);
}
.oauth-card-header {
display: flex;
align-items: center;
gap: var(--spacing-md);
margin-bottom: var(--spacing-md);
}
.oauth-card-icon {
width: 44px;
height: 44px;
border-radius: var(--radius);
display: flex;
align-items: center;
justify-content: center;
flex-shrink: 0;
}
.oauth-card-icon.google {
background: #f0f7ff;
color: #4285F4;
}
.oauth-card-icon.meta {
background: #f0f0ff;
color: #1877F2;
}
.oauth-card-icon svg {
width: 24px;
height: 24px;
}
.oauth-card-title {
font-size: var(--font-size-lg);
font-weight: 600;
color: var(--text-primary);
margin: 0;
}
.oauth-card-desc {
font-size: var(--font-size-sm);
color: var(--text-secondary);
margin: 0 0 var(--spacing-md) 0;
line-height: 1.5;
}
/* Status badges */
.oauth-status {
display: inline-flex;
align-items: center;
gap: var(--spacing-xs);
padding: var(--spacing-xs) var(--spacing-sm);
border-radius: var(--radius);
font-size: var(--font-size-sm);
font-weight: 500;
margin-bottom: var(--spacing-md);
}
.oauth-status.connected {
background: var(--success-light, #dcfce7);
color: var(--success, #16a34a);
}
.oauth-status.unavailable {
background: var(--surface);
color: var(--text-muted);
}
.oauth-status.expired {
background: var(--warning-light, #fef3c7);
color: var(--warning, #d97706);
}
.oauth-status svg {
width: 14px;
height: 14px;
}
.oauth-account-name {
font-size: var(--font-size-sm);
color: var(--text-secondary);
margin-bottom: var(--spacing-md);
}
.oauth-card-actions {
display: flex;
gap: var(--spacing-sm);
flex-wrap: wrap;
}
.btn-oauth {
display: inline-flex;
align-items: center;
gap: var(--spacing-xs);
padding: var(--spacing-sm) var(--spacing-md);
border-radius: var(--radius);
font-size: var(--font-size-sm);
font-weight: 500;
cursor: pointer;
transition: var(--transition);
border: none;
text-decoration: none;
}
.btn-oauth.connect {
background: var(--primary);
color: white;
}
.btn-oauth.connect:hover {
opacity: 0.9;
}
.btn-oauth.disconnect {
background: transparent;
color: var(--error, #dc2626);
border: 1px solid var(--error, #dc2626);
}
.btn-oauth.disconnect:hover {
background: var(--error, #dc2626);
color: white;
}
.btn-oauth.discover {
background: transparent;
color: var(--primary);
border: 1px solid var(--primary);
}
.btn-oauth.discover:hover {
background: var(--primary);
color: white;
}
.btn-oauth:disabled {
opacity: 0.5;
cursor: not-allowed;
}
.btn-oauth svg {
width: 16px;
height: 16px;
}
/* Toast notification */
.toast {
position: fixed;
top: var(--spacing-lg);
right: var(--spacing-lg);
padding: var(--spacing-md) var(--spacing-lg);
border-radius: var(--radius);
font-size: var(--font-size-sm);
font-weight: 500;
z-index: 9999;
animation: toastIn 0.3s ease-out;
box-shadow: var(--shadow-lg);
}
.toast.success {
background: var(--success, #16a34a);
color: white;
}
.toast.error {
background: var(--error, #dc2626);
color: white;
}
@keyframes toastIn {
from { opacity: 0; transform: translateY(-20px); }
to { opacity: 1; transform: translateY(0); }
}
/* Section title */
.section-title {
font-size: var(--font-size-xl);
font-weight: 600;
color: var(--text-primary);
margin: 0 0 var(--spacing-md) 0;
}
.section-desc {
color: var(--text-secondary);
margin: 0 0 var(--spacing-lg) 0;
font-size: var(--font-size-sm);
}
/* Back link */
.back-link {
display: inline-flex;
align-items: center;
gap: var(--spacing-xs);
color: var(--primary);
text-decoration: none;
font-size: var(--font-size-sm);
margin-bottom: var(--spacing-md);
}
.back-link:hover {
text-decoration: underline;
}
.back-link svg {
width: 16px;
height: 16px;
}
{% endblock %}
{% block content %}
<div class="container">
<!-- Breadcrumb -->
<div class="settings-header">
<div class="breadcrumb">
<a href="{{ url_for('admin.admin_companies') }}">Firmy</a>
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><polyline points="9 18 15 12 9 6"/></svg>
<a href="{{ url_for('admin.admin_company_get', company_id=company.id) }}">{{ company.name }}</a>
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><polyline points="9 18 15 12 9 6"/></svg>
<span>Ustawienia</span>
</div>
<h1>Ustawienia firmy</h1>
<p class="settings-subtitle">{{ company.name }} — integracje z zewnętrznymi serwisami</p>
</div>
<!-- OAuth Integrations Section -->
<h2 class="section-title">Połączenia OAuth</h2>
<p class="section-desc">Połącz konta zewnętrznych serwisów, aby wzbogacić audyty o dodatkowe dane. Każdy serwis wymaga osobnej autoryzacji.</p>
<div class="oauth-cards">
<!-- Google Business Profile -->
{% set gbp_conn = connections.get('google/gbp', {}) %}
<div class="oauth-card" data-provider="google" data-service="gbp">
<div class="oauth-card-header">
<div class="oauth-card-icon google">
<svg viewBox="0 0 24 24" fill="currentColor"><path d="M12 2C6.48 2 2 6.48 2 12s4.48 10 10 10 10-4.48 10-10S17.52 2 12 2zm-1 17.93c-3.95-.49-7-3.85-7-7.93 0-.62.08-1.21.21-1.79L9 15v1c0 1.1.9 2 2 2v1.93zm6.9-2.54c-.26-.81-1-1.39-1.9-1.39h-1v-3c0-.55-.45-1-1-1H8v-2h2c.55 0 1-.45 1-1V7h2c1.1 0 2-.9 2-2v-.41c2.93 1.19 5 4.06 5 7.41 0 2.08-.8 3.97-2.1 5.39z"/></svg>
</div>
<h3 class="oauth-card-title">Google Business Profile</h3>
</div>
<p class="oauth-card-desc">Opinie z odpowiedziami właściciela, posty, zdjęcia, Q&A i statystyki widoczności wizytówki Google.</p>
{% if gbp_conn.get('connected') %}
{% if gbp_conn.get('is_expired') %}
<div class="oauth-status expired">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><line x1="12" y1="8" x2="12" y2="12"/><line x1="12" y1="16" x2="12.01" y2="16"/></svg>
Token wygasł — wymagane ponowne połączenie
</div>
{% else %}
<div class="oauth-status connected">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M22 11.08V12a10 10 0 1 1-5.93-9.14"/><polyline points="22 4 12 14.01 9 11.01"/></svg>
Połączono
</div>
{% endif %}
{% if gbp_conn.get('account_name') %}
<p class="oauth-account-name">Konto: {{ gbp_conn.account_name }}</p>
{% endif %}
<div class="oauth-card-actions">
<button class="btn-oauth discover" onclick="discoverGBPLocations()">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="11" cy="11" r="8"/><line x1="21" y1="21" x2="16.65" y2="16.65"/></svg>
Wykryj lokalizacje
</button>
<button class="btn-oauth disconnect" onclick="disconnectOAuth('google', 'gbp')">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M18.36 6.64a9 9 0 1 1-12.73 0"/><line x1="12" y1="2" x2="12" y2="12"/></svg>
Rozłącz
</button>
</div>
{% elif oauth_available.get('google') %}
<div class="oauth-card-actions">
<button class="btn-oauth connect" onclick="connectOAuth('google', 'gbp')">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M15 3h4a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2h-4"/><polyline points="10 17 15 12 10 7"/><line x1="15" y1="12" x2="3" y2="12"/></svg>
Połącz konto
</button>
</div>
{% else %}
<div class="oauth-status unavailable">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><line x1="4.93" y1="4.93" x2="19.07" y2="19.07"/></svg>
Niedostępne — wymaga konfiguracji administratora
</div>
{% endif %}
</div>
<!-- Google Search Console -->
{% set sc_conn = connections.get('google/search_console', {}) %}
<div class="oauth-card" data-provider="google" data-service="search_console">
<div class="oauth-card-header">
<div class="oauth-card-icon google">
<svg viewBox="0 0 24 24" fill="currentColor"><path d="M15.5 14h-.79l-.28-.27C15.41 12.59 16 11.11 16 9.5 16 5.91 13.09 3 9.5 3S3 5.91 3 9.5 5.91 16 9.5 16c1.61 0 3.09-.59 4.23-1.57l.27.28v.79l5 4.99L20.49 19l-4.99-5zm-6 0C7.01 14 5 11.99 5 9.5S7.01 5 9.5 5 14 7.01 14 9.5 11.99 14 9.5 14z"/></svg>
</div>
<h3 class="oauth-card-title">Google Search Console</h3>
</div>
<p class="oauth-card-desc">Zapytania wyszukiwania, CTR, średnia pozycja, indeksowanie stron i dane o wydajności w Google.</p>
{% if sc_conn.get('connected') %}
{% if sc_conn.get('is_expired') %}
<div class="oauth-status expired">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><line x1="12" y1="8" x2="12" y2="12"/><line x1="12" y1="16" x2="12.01" y2="16"/></svg>
Token wygasł — wymagane ponowne połączenie
</div>
{% else %}
<div class="oauth-status connected">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M22 11.08V12a10 10 0 1 1-5.93-9.14"/><polyline points="22 4 12 14.01 9 11.01"/></svg>
Połączono
</div>
{% endif %}
{% if sc_conn.get('account_name') %}
<p class="oauth-account-name">Konto: {{ sc_conn.account_name }}</p>
{% endif %}
<div class="oauth-card-actions">
<button class="btn-oauth disconnect" onclick="disconnectOAuth('google', 'search_console')">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M18.36 6.64a9 9 0 1 1-12.73 0"/><line x1="12" y1="2" x2="12" y2="12"/></svg>
Rozłącz
</button>
</div>
{% elif oauth_available.get('google') %}
<div class="oauth-card-actions">
<button class="btn-oauth connect" onclick="connectOAuth('google', 'search_console')">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M15 3h4a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2h-4"/><polyline points="10 17 15 12 10 7"/><line x1="15" y1="12" x2="3" y2="12"/></svg>
Połącz konto
</button>
</div>
{% else %}
<div class="oauth-status unavailable">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><line x1="4.93" y1="4.93" x2="19.07" y2="19.07"/></svg>
Niedostępne — wymaga konfiguracji administratora
</div>
{% endif %}
</div>
<!-- Facebook -->
{% set fb_conn = connections.get('meta/facebook', {}) %}
<div class="oauth-card" data-provider="meta" data-service="facebook">
<div class="oauth-card-header">
<div class="oauth-card-icon meta">
<svg viewBox="0 0 24 24" fill="currentColor"><path d="M24 12.073c0-6.627-5.373-12-12-12s-12 5.373-12 12c0 5.99 4.388 10.954 10.125 11.854v-8.385H7.078v-3.47h3.047V9.43c0-3.007 1.792-4.669 4.533-4.669 1.312 0 2.686.235 2.686.235v2.953H15.83c-1.491 0-1.956.925-1.956 1.874v2.25h3.328l-.532 3.47h-2.796v8.385C19.612 23.027 24 18.062 24 12.073z"/></svg>
</div>
<h3 class="oauth-card-title">Facebook</h3>
</div>
<p class="oauth-card-desc">Zasięg strony, impressions, engagement, dane demograficzne odbiorców i statystyki postów.</p>
{% if fb_conn.get('connected') %}
{% if fb_conn.get('is_expired') %}
<div class="oauth-status expired">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><line x1="12" y1="8" x2="12" y2="12"/><line x1="12" y1="16" x2="12.01" y2="16"/></svg>
Token wygasł — wymagane ponowne połączenie
</div>
{% else %}
<div class="oauth-status connected">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M22 11.08V12a10 10 0 1 1-5.93-9.14"/><polyline points="22 4 12 14.01 9 11.01"/></svg>
Połączono
</div>
{% endif %}
{% if fb_conn.get('account_name') %}
<p class="oauth-account-name">Strona: {{ fb_conn.account_name }}</p>
{% endif %}
<div class="oauth-card-actions">
<button class="btn-oauth disconnect" onclick="disconnectOAuth('meta', 'facebook')">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M18.36 6.64a9 9 0 1 1-12.73 0"/><line x1="12" y1="2" x2="12" y2="12"/></svg>
Rozłącz
</button>
</div>
{% elif oauth_available.get('meta') %}
<div class="oauth-card-actions">
<button class="btn-oauth connect" onclick="connectOAuth('meta', 'facebook')">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M15 3h4a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2h-4"/><polyline points="10 17 15 12 10 7"/><line x1="15" y1="12" x2="3" y2="12"/></svg>
Połącz konto
</button>
</div>
{% else %}
<div class="oauth-status unavailable">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><line x1="4.93" y1="4.93" x2="19.07" y2="19.07"/></svg>
Niedostępne — wymaga konfiguracji administratora
</div>
{% endif %}
</div>
<!-- Instagram -->
{% set ig_conn = connections.get('meta/instagram', {}) %}
<div class="oauth-card" data-provider="meta" data-service="instagram">
<div class="oauth-card-header">
<div class="oauth-card-icon meta">
<svg viewBox="0 0 24 24" fill="currentColor"><path d="M12 2.163c3.204 0 3.584.012 4.85.07 3.252.148 4.771 1.691 4.919 4.919.058 1.265.069 1.645.069 4.849 0 3.205-.012 3.584-.069 4.849-.149 3.225-1.664 4.771-4.919 4.919-1.266.058-1.644.07-4.85.07-3.204 0-3.584-.012-4.849-.07-3.26-.149-4.771-1.699-4.919-4.92-.058-1.265-.07-1.644-.07-4.849 0-3.204.013-3.583.07-4.849.149-3.227 1.664-4.771 4.919-4.919 1.266-.057 1.645-.069 4.849-.069zM12 0C8.741 0 8.333.014 7.053.072 2.695.272.273 2.69.073 7.052.014 8.333 0 8.741 0 12c0 3.259.014 3.668.072 4.948.2 4.358 2.618 6.78 6.98 6.98C8.333 23.986 8.741 24 12 24c3.259 0 3.668-.014 4.948-.072 4.354-.2 6.782-2.618 6.979-6.98.059-1.28.073-1.689.073-4.948 0-3.259-.014-3.667-.072-4.947-.196-4.354-2.617-6.78-6.979-6.98C15.668.014 15.259 0 12 0zm0 5.838a6.162 6.162 0 100 12.324 6.162 6.162 0 000-12.324zM12 16a4 4 0 110-8 4 4 0 010 8zm6.406-11.845a1.44 1.44 0 100 2.881 1.44 1.44 0 000-2.881z"/></svg>
</div>
<h3 class="oauth-card-title">Instagram</h3>
</div>
<p class="oauth-card-desc">Stories, reels, engagement, zasięg postów i dane demograficzne obserwujących konto firmowe.</p>
{% if ig_conn.get('connected') %}
{% if ig_conn.get('is_expired') %}
<div class="oauth-status expired">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><line x1="12" y1="8" x2="12" y2="12"/><line x1="12" y1="16" x2="12.01" y2="16"/></svg>
Token wygasł — wymagane ponowne połączenie
</div>
{% else %}
<div class="oauth-status connected">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M22 11.08V12a10 10 0 1 1-5.93-9.14"/><polyline points="22 4 12 14.01 9 11.01"/></svg>
Połączono
</div>
{% endif %}
{% if ig_conn.get('account_name') %}
<p class="oauth-account-name">Konto: {{ ig_conn.account_name }}</p>
{% endif %}
<div class="oauth-card-actions">
<button class="btn-oauth disconnect" onclick="disconnectOAuth('meta', 'instagram')">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M18.36 6.64a9 9 0 1 1-12.73 0"/><line x1="12" y1="2" x2="12" y2="12"/></svg>
Rozłącz
</button>
</div>
{% elif oauth_available.get('meta') %}
<div class="oauth-card-actions">
<button class="btn-oauth connect" onclick="connectOAuth('meta', 'instagram')">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M15 3h4a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2h-4"/><polyline points="10 17 15 12 10 7"/><line x1="15" y1="12" x2="3" y2="12"/></svg>
Połącz konto
</button>
</div>
{% else %}
<div class="oauth-status unavailable">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><line x1="4.93" y1="4.93" x2="19.07" y2="19.07"/></svg>
Niedostępne — wymaga konfiguracji administratora
</div>
{% endif %}
</div>
</div>
<a href="{{ url_for('admin.admin_company_get', company_id=company.id) }}" class="back-link">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><line x1="19" y1="12" x2="5" y2="12"/><polyline points="12 19 5 12 12 5"/></svg>
Powrót do szczegółów firmy
</a>
</div>
{% endblock %}
{% block extra_js %}
// OAuth Settings JS
var csrfToken = document.querySelector('meta[name="csrf-token"]').getAttribute('content');
function showToast(message, type) {
var existing = document.querySelector('.toast');
if (existing) existing.remove();
var toast = document.createElement('div');
toast.className = 'toast ' + (type || 'success');
toast.textContent = message;
document.body.appendChild(toast);
setTimeout(function() {
toast.style.opacity = '0';
toast.style.transition = 'opacity 0.3s';
setTimeout(function() { toast.remove(); }, 300);
}, 4000);
}
function connectOAuth(provider, service) {
fetch('/api/oauth/connect/' + provider + '/' + service, {
method: 'POST',
headers: {
'X-CSRFToken': csrfToken,
'Content-Type': 'application/json'
}
})
.then(function(r) { return r.json(); })
.then(function(data) {
if (data.auth_url) {
window.location.href = data.auth_url;
} else {
showToast(data.error || 'Nie udało się rozpocząć autoryzacji', 'error');
}
})
.catch(function(err) {
showToast('Błąd połączenia: ' + err.message, 'error');
});
}
function disconnectOAuth(provider, service) {
if (!confirm('Czy na pewno chcesz rozłączyć ten serwis? Audyty stracą dostęp do rozszerzonych danych.')) return;
fetch('/api/oauth/disconnect/' + provider + '/' + service, {
method: 'POST',
headers: {
'X-CSRFToken': csrfToken
}
})
.then(function(r) { return r.json(); })
.then(function(data) {
if (data.success) {
showToast('Serwis rozłączony pomyślnie');
setTimeout(function() { location.reload(); }, 1000);
} else {
showToast(data.error || 'Nie udało się rozłączyć', 'error');
}
})
.catch(function(err) {
showToast('Błąd: ' + err.message, 'error');
});
}
function discoverGBPLocations() {
var btn = document.querySelector('.btn-oauth.discover');
if (btn) {
btn.disabled = true;
btn.innerHTML = '<svg class="spin" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" style="width:16px;height:16px;animation:spin 1s linear infinite"><circle cx="12" cy="12" r="10" opacity="0.3"/><path d="M12 2a10 10 0 0 1 10 10"/></svg> Szukam...';
}
fetch('/api/oauth/google/discover-locations', {
method: 'POST',
headers: {
'X-CSRFToken': csrfToken,
'Content-Type': 'application/json'
}
})
.then(function(r) { return r.json(); })
.then(function(data) {
if (data.success) {
var count = data.locations ? data.locations.length : 0;
showToast('Znaleziono ' + count + ' lokalizacji GBP');
} else {
showToast(data.error || 'Nie udało się wyszukać lokalizacji', 'error');
}
if (btn) {
btn.disabled = false;
btn.innerHTML = '<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" style="width:16px;height:16px"><circle cx="11" cy="11" r="8"/><line x1="21" y1="21" x2="16.65" y2="16.65"/></svg> Wykryj lokalizacje';
}
})
.catch(function(err) {
showToast('Błąd: ' + err.message, 'error');
if (btn) {
btn.disabled = false;
btn.innerHTML = '<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" style="width:16px;height:16px"><circle cx="11" cy="11" r="8"/><line x1="21" y1="21" x2="16.65" y2="16.65"/></svg> Wykryj lokalizacje';
}
});
}
// Handle URL params for OAuth callback results
(function() {
var params = new URLSearchParams(window.location.search);
if (params.get('oauth_success')) {
showToast('Pomyślnie połączono: ' + params.get('oauth_success'));
// Clean URL
window.history.replaceState({}, document.title, window.location.pathname);
}
if (params.get('oauth_error')) {
var errorMap = {
'missing_params': 'Brak wymaganych parametrów',
'invalid_state': 'Nieprawidłowy token sesji',
'invalid_state_format': 'Nieprawidłowy format tokenu',
'unauthorized': 'Brak uprawnień',
'token_exchange_failed': 'Wymiana tokenu nie powiodła się',
'save_failed': 'Nie udało się zapisać tokenu'
};
var error = params.get('oauth_error');
showToast(errorMap[error] || 'Błąd OAuth: ' + error, 'error');
window.history.replaceState({}, document.title, window.location.pathname);
}
})();
{% endblock %}