Fix cross-DB queries: move page_configs to cart, fix OAuth code_hash lookup

page_configs table lives in db_cart but blog was querying it directly, causing UndefinedTableError. Move all PageConfig read/write endpoints to cart service and have blog proxy via fetch_data/call_action. Also fix OAuth callback to use code_hash lookup (codes are now stored hashed) and pass grant_token in redirect URL to prevent auth loops. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-26 17:43:21 +00:00
parent 98aee1f656
commit dd52417241
11 changed files with 228 additions and 180 deletions
--- a/cart/bp/data/routes.py
+++ b/cart/bp/data/routes.py
@@ -111,4 +111,77 @@ def register() -> Blueprint:

    _handlers["cart-items"] = _cart_items

+    # --- page-config ---
+    async def _page_config():
+        """Return a single PageConfig by container_type + container_id."""
+        from sqlalchemy import select
+        from shared.models.page_config import PageConfig
+
+        ct = request.args.get("container_type", "page")
+        cid = request.args.get("container_id", type=int)
+        if cid is None:
+            return None
+        pc = (await g.s.execute(
+            select(PageConfig).where(
+                PageConfig.container_type == ct,
+                PageConfig.container_id == cid,
+            )
+        )).scalar_one_or_none()
+        if not pc:
+            return None
+        return _page_config_dict(pc)
+
+    _handlers["page-config"] = _page_config
+
+    # --- page-config-by-id ---
+    async def _page_config_by_id():
+        """Return a single PageConfig by its primary key."""
+        from shared.models.page_config import PageConfig
+
+        pc_id = request.args.get("id", type=int)
+        if pc_id is None:
+            return None
+        pc = await g.s.get(PageConfig, pc_id)
+        if not pc:
+            return None
+        return _page_config_dict(pc)
+
+    _handlers["page-config-by-id"] = _page_config_by_id
+
+    # --- page-configs-batch ---
+    async def _page_configs_batch():
+        """Return PageConfigs for multiple container_ids (comma-separated)."""
+        from sqlalchemy import select
+        from shared.models.page_config import PageConfig
+
+        ct = request.args.get("container_type", "page")
+        ids_raw = request.args.get("ids", "")
+        if not ids_raw:
+            return []
+        ids = [int(x.strip()) for x in ids_raw.split(",") if x.strip()]
+        if not ids:
+            return []
+        result = await g.s.execute(
+            select(PageConfig).where(
+                PageConfig.container_type == ct,
+                PageConfig.container_id.in_(ids),
+            )
+        )
+        return [_page_config_dict(pc) for pc in result.scalars().all()]
+
+    _handlers["page-configs-batch"] = _page_configs_batch
+
    return bp
+
+
+def _page_config_dict(pc) -> dict:
+    """Serialize PageConfig to a JSON-safe dict."""
+    return {
+        "id": pc.id,
+        "container_type": pc.container_type,
+        "container_id": pc.container_id,
+        "features": pc.features or {},
+        "sumup_merchant_code": pc.sumup_merchant_code,
+        "sumup_api_key": pc.sumup_api_key,
+        "sumup_checkout_prefix": pc.sumup_checkout_prefix,
+    }