Fix product page dropdown clipped by table-responsive overflow

Set overflow: visible on table-responsive and use data-bs-strategy="fixed" so the filter dropdown renders outside the scroll container. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fix VK connect_url to point to /vk instead of /vk/connect
2026-03-10 15:57:43 +03:00 · 2026-03-10 15:40:39 +03:00 · 2026-03-10 15:35:53 +03:00 · 2026-03-10 15:32:13 +03:00 · 2026-03-10 14:11:25 +03:00 · 2026-03-10 13:01:12 +03:00
42 changed files with 459 additions and 323 deletions
--- a/.env.example
+++ b/.env.example
@@ -2,6 +2,9 @@ DATABASE_URL=mysql+pymysql://evosync:evosync@db:3306/evosync
 SECRET_KEY=your-random-secret-key-here
 BASE_URL=http://localhost:8000

+EVOTOR_APP_ID=your-evotor-app-id
+EVOTOR_WEBHOOK_SECRET=your-webhook-secret
+
 DB_ROOT_PASSWORD=rootpass
 DB_NAME=evosync
 DB_USER=evosync
--- a/.gitignore
+++ b/.gitignore
@@ -16,3 +16,4 @@ passwords.txt
 .env
 __pycache__/
 *.pyc
+certbot
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,47 +5,46 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

-## [1.8.0] - 2026-03-06
+## [1.8.2] - 2026-03-06

-### Added
+### Miscellaneous

- Connections dashboard (`/connections`) — unified page for all service integrations with online/offline status indicators
- Add-connection page (`/connections/add`) — shows only unconnected services; "all connected" state when none remain
- VK OAuth connection — connect VK account via OAuth, store access token and profile info
- Background health checker — runs every 10 minutes, checks Evotor and VK tokens, updates `is_online` / `last_checked_at`
- Sync configuration page (`/sync`) — master enable/disable toggle, confirm-and-start button, filter summary, warnings for missing connections
- Catalog browser (`/catalog`) — browse Evotor stores, groups, and products in table views with cache auto-refresh on first visit
- Catalog filter management — include/exclude rules per store/group/product via inline dropdown; rules stored in `sync_filters` table
- Catalog CSV export — download stores, groups, or products as UTF-8 BOM CSV (Excel-compatible)
- Alembic migrations for all new tables: `evotor_connections` (health fields), `vk_connections`, `sync_configs`, `sync_filters`, `cached_stores`, `cached_groups`, `cached_products`
- `run/read_config.py` — CLI helper for shell sync scripts to read per-user sync config as JSON
+- Replace EvoSync with ЭВОСИНК throughout UI

-### Changed
+## [1.8.1] - 2026-03-06

- Navbar: replaced "Эвотор" link with "Подключения", added "Каталог" and "Синхронизация" links
- Evotor and VK connect/disconnect flows now redirect to `/connections`
- Back links on `/evotor` and `/vk` pages updated to "Вернуться к подключениям"
- VK connection card icon changed to `bi-bag` (shopping bag) to reflect VK Market use case
- Password reset and email confirmation pages: replaced dev-mode console instructions with user-facing copy
+### Documentation
+
+- Update changelog for v1.7.3
+- Fix changelog order — 1.8.0 before 1.7.3
+
+### Other
+
+- V1.8.1

 ## [1.7.3] - 2026-03-06

 ### Added

- Nginx reverse proxy configuration — SSL termination, HTTP→HTTPS redirect, proxy to uvicorn
- `scripts/init-letsencrypt.sh` — automated Let's Encrypt certificate provisioning via certbot webroot challenge
- Request logging for Evotor token exchange errors to aid debugging
+- Add nginx reverse proxy and Let's Encrypt TLS setup

-### Fixed
+### Other

- Evotor OAuth token exchange — move `client_id` and `client_secret` from HTTP Basic Auth to form body fields (resolves `invalid_client` errors)
- Docker environment — pass `EVOTOR_CLIENT_ID` and `EVOTOR_CLIENT_SECRET` to web container via docker-compose
+- V1.7.3

-### Changed
+## [1.8.0] - 2026-03-06

- Default `BASE_URL` changed to `https://evosync.ru` for production deployment
- `docker-compose.yml` — web service now exposes port 8000 internally only (accessed via nginx)
- Added `refresh_token` field to `EvotorConnection` model for future token refresh logic
+### Added
+
+- Add Evotor OAuth connection feature with formatted phone input
+- Add Alembic database migrations
+- Add connections dashboard with background health checks
+- Add VK OAuth connection with health checks
+- Release v1.8.0 — connections dashboard, VK OAuth, sync config, catalog browser
+
+### Miscellaneous
+
+- Add semantic versioning and automatic changelog generation

 ## [1.7.2] - 2026-03-05

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,14 +5,14 @@ services:
    build:
      context: .
      dockerfile: Dockerfile.web
-    expose:
-      - "8000"
+    ports:
+      - "8080:8000"
    environment:
-      - DATABASE_URL=mysql+pymysql://${DB_USER}:${DB_PASSWORD}@172.25.0.1:3306/${DB_NAME}
+      - DATABASE_URL=mysql+pymysql://${DB_USER}:${DB_PASSWORD}@host.docker.internal:3306/${DB_NAME}
      - SECRET_KEY=${SECRET_KEY:-change-me-in-production}
      - BASE_URL=${BASE_URL:-https://evosync.ru}
-      - EVOTOR_CLIENT_ID=${EVOTOR_CLIENT_ID}
-      - EVOTOR_CLIENT_SECRET=${EVOTOR_CLIENT_SECRET}
+      - EVOTOR_APP_ID=${EVOTOR_APP_ID}
+      - EVOTOR_WEBHOOK_SECRET=${EVOTOR_WEBHOOK_SECRET}
      - VK_CLIENT_ID=${VK_CLIENT_ID}
      - VK_CLIENT_SECRET=${VK_CLIENT_SECRET}
    volumes:
@@ -20,6 +20,8 @@ services:
      - ./alembic.ini:/app/alembic.ini
      - ./docker-entrypoint.sh:/app/docker-entrypoint.sh
    restart: unless-stopped
+    extra_hosts:
+      - "host.docker.internal:host-gateway"

  # sync:
  #   build:
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -1,3 +1,7 @@
+upstream web {
+    server 127.0.0.1:8080;
+}
+
 server {
    listen 80;
    server_name evosync.ru www.evosync.ru;
@@ -23,7 +27,7 @@ server {
    ssl_prefer_server_ciphers on;

    location / {
-        proxy_pass http://web:8000;
+        proxy_pass http://web;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
--- a/scripts/evotor-get-token.sh
+++ b/scripts/evotor-get-token.sh
@@ -0,0 +1,57 @@
+#!/usr/bin/env bash
+# Obtain an Evotor developer access token via password grant (no browser required).
+# Uses dev.evotor.ru credentials (your Evotor developer account).
+#
+# Usage: ./scripts/evotor-get-token.sh
+
+set -euo pipefail
+
+# Load .env if present
+if [[ -f .env ]]; then
+    set -a; source .env; set +a
+fi
+
+EVOTOR_TOKEN_URL="https://dev.evotor.ru/oauth/token"
+
+# Prompt for credentials
+read -rp "Evotor developer login (email): " EVOTOR_LOGIN
+read -rsp "Evotor developer password: " EVOTOR_PASSWORD
+echo
+
+echo
+echo "A 2FA code will be sent to your email if this IP is not recognized."
+read -rp "2FA code (leave blank if not required): " EVOTOR_2FA
+
+# Build request body
+BODY="type=LOGIN&grant_type=password&client_id=Evo-UI&username=$(python3 -c "import urllib.parse,sys; print(urllib.parse.quote(sys.argv[1]))" "$EVOTOR_LOGIN")&password=$(python3 -c "import urllib.parse,sys; print(urllib.parse.quote(sys.argv[1]))" "$EVOTOR_PASSWORD")"
+
+EXTRA_HEADERS=()
+if [[ -n "$EVOTOR_2FA" ]]; then
+    EXTRA_HEADERS+=(-H "2fa_confirmation: $EVOTOR_2FA")
+fi
+
+echo
+echo "Requesting token..."
+RESPONSE=$(curl -s -X POST "$EVOTOR_TOKEN_URL" \
+    -H "Content-Type: application/x-www-form-urlencoded" \
+    "${EXTRA_HEADERS[@]}" \
+    -d "$BODY")
+
+echo
+echo "Response:"
+echo "$RESPONSE" | python3 -m json.tool 2>/dev/null || echo "$RESPONSE"
+
+ACCESS_TOKEN=$(echo "$RESPONSE" | python3 -c "import sys,json; d=json.load(sys.stdin); print(d.get('access_token',''))" 2>/dev/null || true)
+
+if [[ -z "$ACCESS_TOKEN" ]]; then
+    echo
+    echo "ERROR: No access_token in response." >&2
+    exit 1
+fi
+
+echo
+echo "Access token:"
+echo "$ACCESS_TOKEN"
+echo
+echo "To save this token to .env, add or update:"
+echo "  EVOTOR_ACCESS_TOKEN=$ACCESS_TOKEN"
--- a/scripts/init-letsencrypt.sh
+++ b/scripts/init-letsencrypt.sh
@@ -1,57 +1,46 @@
 #!/bin/bash
 # Obtain TLS certificates from Let's Encrypt for evosync.ru
 # Run once on first deploy: sudo ./scripts/init-letsencrypt.sh
+# Requires nginx running on the host with acme-challenge location configured

 set -euo pipefail

 DOMAIN="evosync.ru"
 EMAIL="${LETSENCRYPT_EMAIL:-admin@evosync.ru}"
-COMPOSE="docker compose"
 CERTBOT_DIR="./certbot"
+ACME_DIR="/var/www/certbot"

 echo "==> Creating certbot directories..."
 mkdir -p "$CERTBOT_DIR/conf" "$CERTBOT_DIR/www"

-echo "==> Starting nginx (HTTP only, for ACME challenge)..."
-# Temporarily use a basic config that doesn't require certs
-cat > nginx/nginx-temp.conf <<'TMPCONF'
-server {
-    listen 80;
-    server_name evosync.ru www.evosync.ru;
-
-    location /.well-known/acme-challenge/ {
-        root /var/www/certbot;
-    }
-
-    location / {
-        return 200 'Setting up TLS...';
-        add_header Content-Type text/plain;
-    }
-}
-TMPCONF
-
-$COMPOSE up -d nginx
+echo "==> Ensuring acme-challenge directory exists on host..."
+sudo mkdir -p "$ACME_DIR"
+sudo chmod 755 "$ACME_DIR"

 echo "==> Requesting certificate from Let's Encrypt..."
-docker run --rm \
-    -v "$(pwd)/$CERTBOT_DIR/conf:/etc/letsencrypt" \
-    -v "$(pwd)/$CERTBOT_DIR/www:/var/www/certbot" \
-    --network "${COMPOSE_PROJECT_NAME:-evo-syncgit}_default" \
-    certbot/certbot certonly \
+sudo certbot certonly \
    --webroot \
-    --webroot-path=/var/www/certbot \
+    --webroot-path="$ACME_DIR" \
    --email "$EMAIL" \
    --agree-tos \
    --no-eff-email \
    -d "$DOMAIN" \
    -d "www.$DOMAIN"

-echo "==> Restoring production nginx config..."
-rm -f nginx/nginx-temp.conf
-
-echo "==> Restarting nginx with TLS..."
-$COMPOSE restart nginx
+echo "==> Copying certificates to project directory..."
+sudo cp "/etc/letsencrypt/live/$DOMAIN/fullchain.pem" "$CERTBOT_DIR/conf/fullchain.pem"
+sudo cp "/etc/letsencrypt/live/$DOMAIN/privkey.pem" "$CERTBOT_DIR/conf/privkey.pem"
+sudo chown "$(whoami):$(whoami)" "$CERTBOT_DIR/conf"/*.pem

 echo "==> Done! TLS certificate installed for $DOMAIN"
-echo "    Set up auto-renewal with: sudo crontab -e"
-echo "    Add: 0 3 * * * cd $(pwd) && docker run --rm -v $(pwd)/$CERTBOT_DIR/conf:/etc/letsencrypt -v $(pwd)/$CERTBOT_DIR/www:/var/www/certbot certbot/certbot renew --quiet && docker compose restart nginx"
+echo ""
+echo "Certificate files:"
+echo "  - $CERTBOT_DIR/conf/fullchain.pem"
+echo "  - $CERTBOT_DIR/conf/privkey.pem"
+echo ""
+echo "Configure nginx:"
+echo "  ssl_certificate $CERTBOT_DIR/conf/fullchain.pem;"
+echo "  ssl_certificate_key $CERTBOT_DIR/conf/privkey.pem;"
+echo ""
+echo "Set up auto-renewal with: sudo crontab -e"
+echo "Add: 0 3 * * * certbot renew --quiet && systemctl reload nginx"
--- a/web/config.py
+++ b/web/config.py
@@ -4,18 +4,17 @@ from pydantic_settings import BaseSettings
 class Settings(BaseSettings):
    DATABASE_URL: str = "mysql+pymysql://evosync:evosync@localhost:3306/evosync"
    SECRET_KEY: str = "change-me-in-production"
-    BASE_URL: str = "http://localhost:8000"
+    BASE_URL: str = "http://localhost:8080"
    PASSWORD_RESET_EXPIRE_MINUTES: int = 60

-    EVOTOR_CLIENT_ID: str = ""
-    EVOTOR_CLIENT_SECRET: str = ""
-    EVOTOR_SCOPES: str = "store:read product:read"
+    EVOTOR_APP_ID: str = ""
+    EVOTOR_WEBHOOK_SECRET: str = ""
+
+    JIVOSITE_WIDGET_ID: str = ""

    HEALTH_CHECK_INTERVAL_SECONDS: int = 600
+    CATALOG_REFRESH_INTERVAL_SECONDS: int = 3600

-    VK_CLIENT_ID: str = ""
-    VK_CLIENT_SECRET: str = ""
-    VK_SCOPES: str = "market groups offline"
    VK_API_VERSION: str = "5.131"

    # Docker compose vars (ignored in app, kept for env compatibility)
--- a/web/evotor_api.py
+++ b/web/evotor_api.py
@@ -33,6 +33,8 @@ async def fetch_groups(access_token: str, store_id: str) -> list[dict]:
            headers={"Authorization": f"Bearer {access_token}"},
            timeout=15,
        )
+        if resp.status_code == 402:
+            return []
        resp.raise_for_status()
        data = resp.json()
        items = data.get("items", data) if isinstance(data, dict) else data
@@ -46,6 +48,8 @@ async def fetch_products(access_token: str, store_id: str) -> list[dict]:
            headers={"Authorization": f"Bearer {access_token}"},
            timeout=15,
        )
+        if resp.status_code == 402:
+            return []
        resp.raise_for_status()
        data = resp.json()
        items = data.get("items", data) if isinstance(data, dict) else data
--- a/web/health_checker.py
+++ b/web/health_checker.py
@@ -5,13 +5,13 @@ from datetime import datetime, timedelta
 import httpx

 from web.database import SessionLocal
-from web.models import EvotorConnection, VkConnection
+from web.models import EvotorConnection, VkConnection, CachedStore

 logger = logging.getLogger("uvicorn.error")

 EVOTOR_STORES_URL = "https://api.evotor.ru/stores"
 EVOTOR_TOKEN_URL = "https://oauth.evotor.ru/oauth/token"
-VK_USERS_GET_URL = "https://api.vk.com/method/users.get"
+VK_GROUPS_GET_URL = "https://api.vk.com/method/groups.getById"
 VK_API_VERSION = "5.131"

 # Refresh Evotor token if it expires within this window
@@ -59,7 +59,7 @@ async def check_vk_connection(access_token: str) -> bool:
    try:
        async with httpx.AsyncClient() as client:
            resp = await client.get(
-                VK_USERS_GET_URL,
+                VK_GROUPS_GET_URL,
                params={"access_token": access_token, "v": VK_API_VERSION},
                timeout=10,
            )
@@ -116,10 +116,28 @@ async def run_health_checks() -> None:
            conn.last_checked_at = now

        db.commit()
+
+        # Refresh catalog cache for online Evotor connections
+        from web.config import settings
+        refreshed_catalog = 0
+        for conn in evotor_connections:
+            if not conn.is_online:
+                continue
+            cached = db.query(CachedStore).filter(CachedStore.user_id == conn.user_id).first()
+            cache_age = (now - cached.fetched_at).total_seconds() if cached else None
+            if cached is None or cache_age >= settings.CATALOG_REFRESH_INTERVAL_SECONDS:
+                try:
+                    from web.evotor_api import refresh_catalog_cache
+                    await refresh_catalog_cache(conn.user_id, conn.access_token, db)
+                    refreshed_catalog += 1
+                except Exception:
+                    logger.exception("Failed to refresh catalog cache for user_id=%d", conn.user_id)
+
        logger.info(
-            "Health checks completed: %d Evotor, %d VK",
+            "Health checks completed: %d Evotor, %d VK, %d catalogs refreshed",
            len(evotor_connections),
            len(vk_connections),
+            refreshed_catalog,
        )
    except Exception:
        logger.exception("Error during health checks")
--- a/web/main.py
+++ b/web/main.py
@@ -25,7 +25,7 @@ async def lifespan(app: FastAPI):
        pass


-app = FastAPI(title="EvoSync — Личный кабинет", lifespan=lifespan)
+app = FastAPI(title="ЭВОСИНК — Личный кабинет", lifespan=lifespan)

 app.add_middleware(SessionMiddleware, secret_key=settings.SECRET_KEY)
 app.mount("/static", StaticFiles(directory="web/static"), name="static")
--- a/web/migrations/versions/f6a7b8c9d0e1_evotor_webhook_token_flow.py
+++ b/web/migrations/versions/f6a7b8c9d0e1_evotor_webhook_token_flow.py
@@ -0,0 +1,53 @@
+"""evotor webhook token flow: add evotor_user_id, make user_id nullable
+
+Revision ID: f6a7b8c9d0e1
+Revises: e5f6a7b8c9d0
+Branch Labels: None
+Depends On: None
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+revision = 'f6a7b8c9d0e1'
+down_revision = 'e5f6a7b8c9d0'
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    conn = op.get_bind()
+
+    # Check existing columns
+    columns = [row[0] for row in conn.execute(sa.text(
+        "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS "
+        "WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = 'evotor_connections'"
+    ))]
+
+    if 'evotor_user_id' not in columns:
+        op.add_column('evotor_connections',
+            sa.Column('evotor_user_id', sa.String(255), nullable=True))
+
+    # Check existing indexes
+    indexes = [row[2] for row in conn.execute(sa.text(
+        "SHOW INDEX FROM evotor_connections"
+    ))]
+
+    if 'uq_evotor_connections_evotor_user_id' not in indexes:
+        op.create_unique_constraint('uq_evotor_connections_evotor_user_id',
+            'evotor_connections', ['evotor_user_id'])
+
+    if 'ix_evotor_connections_evotor_user_id' not in indexes:
+        op.create_index('ix_evotor_connections_evotor_user_id',
+            'evotor_connections', ['evotor_user_id'])
+
+    op.alter_column('evotor_connections', 'user_id',
+        existing_type=sa.Integer(), nullable=True)
+
+
+def downgrade() -> None:
+    op.alter_column('evotor_connections', 'user_id',
+        existing_type=sa.Integer(), nullable=False)
+    op.drop_index('ix_evotor_connections_evotor_user_id', 'evotor_connections')
+    op.drop_constraint('uq_evotor_connections_evotor_user_id', 'evotor_connections')
+    op.drop_column('evotor_connections', 'evotor_user_id')
--- a/web/models.py
+++ b/web/models.py
@@ -33,7 +33,8 @@ class EvotorConnection(Base):
    __tablename__ = "evotor_connections"

    id = Column(Integer, primary_key=True, autoincrement=True)
-    user_id = Column(Integer, ForeignKey("users.id", ondelete="CASCADE"), unique=True, nullable=False)
+    user_id = Column(Integer, ForeignKey("users.id", ondelete="CASCADE"), unique=True, nullable=True)
+    evotor_user_id = Column(String(255), unique=True, nullable=True, index=True)
    access_token = Column(Text, nullable=False)
    store_id = Column(String(255), nullable=True)
    store_name = Column(String(255), nullable=True)
--- a/web/routes/auth.py
+++ b/web/routes/auth.py
@@ -2,7 +2,7 @@ import uuid

 from fastapi import APIRouter, Request, Depends
 from fastapi.responses import RedirectResponse
-from fastapi.templating import Jinja2Templates
+from web.templates_env import templates
 from sqlalchemy.orm import Session

 from web.auth import hash_password, verify_password, get_current_user
@@ -12,7 +12,6 @@ from web.models import User
 from web.schemas import validate_registration, validate_login

 router = APIRouter()
-templates = Jinja2Templates(directory="web/templates")


@router.get("/register")
--- a/web/routes/catalog.py
+++ b/web/routes/catalog.py
@@ -3,7 +3,7 @@ import io

 from fastapi import APIRouter, Request, Depends
 from fastapi.responses import RedirectResponse, StreamingResponse
-from fastapi.templating import Jinja2Templates
+from web.templates_env import templates
 from sqlalchemy.orm import Session

 from web.auth import get_current_user
@@ -12,7 +12,6 @@ from web.evotor_api import refresh_catalog_cache
 from web.models import User, EvotorConnection, SyncConfig, SyncFilter, CachedStore, CachedGroup, CachedProduct

 router = APIRouter(prefix="/catalog")
-templates = Jinja2Templates(directory="web/templates")


 def _get_or_create_sync_config(db: Session, user_id: int) -> SyncConfig:
--- a/web/routes/connections.py
+++ b/web/routes/connections.py
@@ -1,6 +1,6 @@
 from fastapi import APIRouter, Request, Depends
 from fastapi.responses import RedirectResponse
-from fastapi.templating import Jinja2Templates
+from web.templates_env import templates
 from sqlalchemy.orm import Session

 from web.auth import get_current_user
@@ -8,7 +8,6 @@ from web.database import get_db
 from web.models import User, EvotorConnection, VkConnection

 router = APIRouter()
-templates = Jinja2Templates(directory="web/templates")

 SERVICE_TYPES = [
    {
@@ -17,7 +16,7 @@ SERVICE_TYPES = [
        "icon": "bi-shop",
        "description": "Подключите кассу Эвотор для синхронизации каталога товаров.",
        "configure_url": "/evotor",
-        "connect_url": "/evotor/connect",
+        "connect_url": "/evotor",
    },
    {
        "type": "vk",
@@ -25,7 +24,7 @@ SERVICE_TYPES = [
        "icon": "bi-bag",
        "description": "Подключите аккаунт ВКонтакте для публикации товаров в вашу группу.",
        "configure_url": "/vk",
-        "connect_url": "/vk/connect",
+        "connect_url": "/vk",
    },
 ]

--- a/web/routes/evotor.py
+++ b/web/routes/evotor.py
@@ -1,12 +1,11 @@
-import secrets
 import logging
 import httpx

-from fastapi import APIRouter, Request, Depends
-
-logger = logging.getLogger(__name__)
-from fastapi.responses import RedirectResponse
-from fastapi.templating import Jinja2Templates
+from datetime import datetime
+from fastapi import APIRouter, Request, Depends, HTTPException
+from fastapi.responses import RedirectResponse, JSONResponse
+from web.templates_env import templates
+from pydantic import BaseModel
 from sqlalchemy.orm import Session

 from web.auth import get_current_user
@@ -14,18 +13,14 @@ from web.config import settings
 from web.database import get_db
 from web.models import User, EvotorConnection

+logger = logging.getLogger(__name__)
+
 router = APIRouter(prefix="/evotor")
-templates = Jinja2Templates(directory="web/templates")

-EVOTOR_AUTHORIZE_URL = "https://oauth.evotor.ru/oauth/authorize"
-EVOTOR_TOKEN_URL = "https://oauth.evotor.ru/oauth/token"
+EVOTOR_APP_URL = "https://market.evotor.ru/store/apps/{app_id}"
 EVOTOR_STORES_URL = "https://api.evotor.ru/stores"


-def _redirect_uri() -> str:
-    return f"{settings.BASE_URL}/evotor/callback"
-
-
@router.get("")
 def evotor_page(
    request: Request,
@@ -37,85 +32,49 @@ def evotor_page(

    connection = db.query(EvotorConnection).filter(EvotorConnection.user_id == user.id).first()
    error = request.query_params.get("error")
+    app_url = EVOTOR_APP_URL.format(app_id=settings.EVOTOR_APP_ID) if settings.EVOTOR_APP_ID else None
    return templates.TemplateResponse("evotor.html", {
        "request": request,
        "user": user,
        "connection": connection,
        "error": error,
+        "app_url": app_url,
    })


-@router.get("/connect")
-def evotor_connect(request: Request, user: User | None = Depends(get_current_user)):
-    if not user:
-        return RedirectResponse("/login", 303)
-
-    state = secrets.token_urlsafe(32)
-    request.session["evotor_oauth_state"] = state
-
-    params = (
-        f"?client_id={settings.EVOTOR_CLIENT_ID}"
-        f"&response_type=code"
-        f"&redirect_uri={_redirect_uri()}"
-        f"&scope={settings.EVOTOR_SCOPES.replace(' ', '%20')}"
-        f"&state={state}"
-    )
-    return RedirectResponse(EVOTOR_AUTHORIZE_URL + params, 302)
+class EvotorTokenPayload(BaseModel):
+    userId: str
+    token: str


-@router.get("/callback")
+@router.post("/callback")
 async def evotor_callback(
    request: Request,
+    payload: EvotorTokenPayload,
    db: Session = Depends(get_db),
-    user: User | None = Depends(get_current_user),
 ):
-    if not user:
-        return RedirectResponse("/login", 303)
+    """
+    Webhook endpoint: Evotor POSTs {"userId": "...", "token": "..."} here
+    after the user authorizes the app in their Evotor account.
+    """
+    # Verify the Authorization header matches our configured webhook secret
+    if settings.EVOTOR_WEBHOOK_SECRET:
+        auth_header = request.headers.get("Authorization", "")
+        expected = f"Bearer {settings.EVOTOR_WEBHOOK_SECRET}"
+        if auth_header != expected:
+            logger.warning("Evotor webhook: invalid Authorization header")
+            raise HTTPException(status_code=401, detail="Unauthorized")

-    code = request.query_params.get("code")
-    state = request.query_params.get("state")
-    saved_state = request.session.pop("evotor_oauth_state", None)
+    now = datetime.utcnow()

-    if not code or not state or state != saved_state:
-        return RedirectResponse("/evotor?error=invalid_state", 303)
-
-    # Exchange code for access token
-    try:
-        async with httpx.AsyncClient() as client:
-            token_response = await client.post(
-                EVOTOR_TOKEN_URL,
-                data={
-                    "grant_type": "authorization_code",
-                    "code": code,
-                    "redirect_uri": _redirect_uri(),
-                    "client_id": settings.EVOTOR_CLIENT_ID,
-                    "client_secret": settings.EVOTOR_CLIENT_SECRET,
-                },
-                timeout=15,
-            )
-            token_response.raise_for_status()
-            token_data = token_response.json()
-    except httpx.HTTPStatusError as e:
-        logger.error("Evotor token exchange HTTP error %s: %s", e.response.status_code, e.response.text)
-        return RedirectResponse("/evotor?error=token_exchange", 303)
-    except Exception as e:
-        logger.error("Evotor token exchange failed: %s", e, exc_info=True)
-        return RedirectResponse("/evotor?error=token_exchange", 303)
-
-    access_token = token_data.get("access_token")
-    refresh_token = token_data.get("refresh_token")
-    expires_in = token_data.get("expires_in")
-    if not access_token:
-        return RedirectResponse("/evotor?error=no_token", 303)
-
-    # Fetch first store to save store info
+    # Fetch store info using the received token
    store_id = None
    store_name = None
    try:
        async with httpx.AsyncClient() as client:
            stores_response = await client.get(
                EVOTOR_STORES_URL,
-                headers={"Authorization": f"Bearer {access_token}"},
+                headers={"Authorization": f"Bearer {payload.token}"},
                timeout=15,
            )
            if stores_response.status_code == 200:
@@ -125,28 +84,87 @@ async def evotor_callback(
                    store_id = items[0].get("uuid") or items[0].get("id")
                    store_name = items[0].get("name")
    except Exception:
-        pass  # Store info is optional; token is still saved
+        pass  # Store info is optional

-    # Save or update connection
-    from datetime import datetime, timedelta
-    now = datetime.utcnow()
-    token_expires_at = now + timedelta(seconds=expires_in) if expires_in else None
+    # Upsert by evotor_user_id (user_id stays NULL until /evotor/link is called)
+    connection = db.query(EvotorConnection).filter(
+        EvotorConnection.evotor_user_id == payload.userId
+    ).first()

-    connection = db.query(EvotorConnection).filter(EvotorConnection.user_id == user.id).first()
    if connection:
-        connection.access_token = access_token
-        connection.refresh_token = refresh_token
-        connection.token_expires_at = token_expires_at
+        connection.access_token = payload.token
        connection.store_id = store_id
        connection.store_name = store_name
        connection.is_online = True
        connection.last_checked_at = now
+        connection.updated_at = now
+    else:
+        connection = EvotorConnection(
+            evotor_user_id=payload.userId,
+            access_token=payload.token,
+            store_id=store_id,
+            store_name=store_name,
+            is_online=True,
+            last_checked_at=now,
+        )
+        db.add(connection)
+
+    db.commit()
+    logger.info("Evotor webhook: saved token for evotor_user_id=%s", payload.userId)
+
+    return JSONResponse({"status": "ok"})
+
+
+@router.post("/token")
+async def evotor_token_manual(
+    request: Request,
+    db: Session = Depends(get_db),
+    user: User | None = Depends(get_current_user),
+):
+    """Allow user to manually paste their Evotor token."""
+    if not user:
+        return RedirectResponse("/login", 303)
+
+    form = await request.form()
+    token = (form.get("token") or "").strip()
+    if not token:
+        return RedirectResponse("/evotor?error=empty_token", 303)
+
+    now = datetime.utcnow()
+
+    # Fetch store info
+    store_id = None
+    store_name = None
+    try:
+        async with httpx.AsyncClient() as client:
+            stores_response = await client.get(
+                EVOTOR_STORES_URL,
+                headers={"Authorization": f"Bearer {token}"},
+                timeout=15,
+            )
+            if stores_response.status_code == 200:
+                stores = stores_response.json()
+                items = stores.get("items", stores) if isinstance(stores, dict) else stores
+                if items:
+                    store_id = items[0].get("uuid") or items[0].get("id")
+                    store_name = items[0].get("name")
+            elif stores_response.status_code == 401:
+                return RedirectResponse("/evotor?error=invalid_token", 303)
+    except Exception:
+        pass
+
+    connection = db.query(EvotorConnection).filter(EvotorConnection.user_id == user.id).first()
+    if connection:
+        connection.access_token = token
+        connection.store_id = store_id
+        connection.store_name = store_name
+        connection.is_online = True
+        connection.last_checked_at = now
+        connection.updated_at = now
    else:
        connection = EvotorConnection(
            user_id=user.id,
-            access_token=access_token,
-            refresh_token=refresh_token,
-            token_expires_at=token_expires_at,
+            access_token=token,
            store_id=store_id,
            store_name=store_name,
            is_online=True,
--- a/web/routes/profile.py
+++ b/web/routes/profile.py
@@ -1,6 +1,6 @@
 from fastapi import APIRouter, Request, Depends
 from fastapi.responses import RedirectResponse
-from fastapi.templating import Jinja2Templates
+from web.templates_env import templates
 from sqlalchemy.orm import Session

 from web.auth import get_current_user, verify_password, hash_password
@@ -9,7 +9,6 @@ from web.models import User
 from web.schemas import validate_profile, validate_reset_password

 router = APIRouter()
-templates = Jinja2Templates(directory="web/templates")


 # VIEW PROFILE
--- a/web/routes/reset.py
+++ b/web/routes/reset.py
@@ -3,7 +3,7 @@ from datetime import datetime, timedelta, timezone

 from fastapi import APIRouter, Request, Depends
 from fastapi.responses import RedirectResponse
-from fastapi.templating import Jinja2Templates
+from web.templates_env import templates
 from sqlalchemy.orm import Session

 from web.auth import hash_password
@@ -13,7 +13,6 @@ from web.models import User
 from web.schemas import validate_reset_password

 router = APIRouter()
-templates = Jinja2Templates(directory="web/templates")


@router.get("/forgot-password")
--- a/web/routes/sync.py
+++ b/web/routes/sync.py
@@ -2,7 +2,7 @@ from datetime import datetime

 from fastapi import APIRouter, Request, Depends
 from fastapi.responses import RedirectResponse
-from fastapi.templating import Jinja2Templates
+from web.templates_env import templates
 from sqlalchemy.orm import Session

 from web.auth import get_current_user
@@ -10,7 +10,6 @@ from web.database import get_db
 from web.models import User, EvotorConnection, VkConnection, SyncConfig, SyncFilter

 router = APIRouter(prefix="/sync")
-templates = Jinja2Templates(directory="web/templates")


 def _get_or_create_sync_config(db: Session, user_id: int) -> SyncConfig:
--- a/web/routes/vk.py
+++ b/web/routes/vk.py
@@ -1,11 +1,10 @@
-import secrets
 from datetime import datetime

 import httpx

 from fastapi import APIRouter, Request, Depends
 from fastapi.responses import RedirectResponse
-from fastapi.templating import Jinja2Templates
+from web.templates_env import templates
 from sqlalchemy.orm import Session

 from web.auth import get_current_user
@@ -14,17 +13,10 @@ from web.database import get_db
 from web.models import User, VkConnection

 router = APIRouter(prefix="/vk")
-templates = Jinja2Templates(directory="web/templates")

-VK_AUTHORIZE_URL = "https://oauth.vk.com/authorize"
-VK_TOKEN_URL = "https://oauth.vk.com/access_token"
 VK_API_URL = "https://api.vk.com/method"


-def _redirect_uri() -> str:
-    return f"{settings.BASE_URL}/vk/callback"
-
-
@router.get("")
 def vk_page(
    request: Request,
@@ -44,102 +36,62 @@ def vk_page(
    })


-@router.get("/connect")
-def vk_connect(request: Request, user: User | None = Depends(get_current_user)):
-    if not user:
-        return RedirectResponse("/login", 303)
-
-    state = secrets.token_urlsafe(32)
-    request.session["vk_oauth_state"] = state
-
-    params = (
-        f"?client_id={settings.VK_CLIENT_ID}"
-        f"&response_type=code"
-        f"&redirect_uri={_redirect_uri()}"
-        f"&scope={settings.VK_SCOPES.replace(' ', '%20')}"
-        f"&state={state}"
-        f"&display=page"
-        f"&v={settings.VK_API_VERSION}"
-    )
-    return RedirectResponse(VK_AUTHORIZE_URL + params, 302)
-
-
-@router.get("/callback")
-async def vk_callback(
+@router.post("/token")
+async def vk_token(
    request: Request,
    db: Session = Depends(get_db),
    user: User | None = Depends(get_current_user),
 ):
+    """Save a manually entered VK community access token."""
    if not user:
        return RedirectResponse("/login", 303)

-    code = request.query_params.get("code")
-    state = request.query_params.get("state")
-    saved_state = request.session.pop("vk_oauth_state", None)
+    form = await request.form()
+    token = (form.get("token") or "").strip()
+    if not token:
+        return RedirectResponse("/vk?error=empty_token", 303)

-    if not code or not state or state != saved_state:
-        return RedirectResponse("/vk?error=invalid_state", 303)
-
-    # Exchange code for token (VK uses GET with query params)
+    # Fetch community info to validate the token and get group name/id
+    group_id = None
+    group_name = None
    try:
        async with httpx.AsyncClient() as client:
-            token_response = await client.get(
-                VK_TOKEN_URL,
-                params={
-                    "client_id": settings.VK_CLIENT_ID,
-                    "client_secret": settings.VK_CLIENT_SECRET,
-                    "code": code,
-                    "redirect_uri": _redirect_uri(),
-                },
+            resp = await client.get(
+                f"{VK_API_URL}/groups.getById",
+                params={"access_token": token, "v": settings.VK_API_VERSION},
                timeout=15,
            )
-            token_response.raise_for_status()
-            token_data = token_response.json()
-    except Exception:
-        return RedirectResponse("/vk?error=token_exchange", 303)
-
-    access_token = token_data.get("access_token")
-    vk_user_id = str(token_data.get("user_id", "")) or None
-    if not access_token:
-        return RedirectResponse("/vk?error=no_token", 303)
-
-    # Fetch VK profile info
-    first_name = None
-    last_name = None
-    try:
-        async with httpx.AsyncClient() as client:
-            profile_response = await client.get(
-                f"{VK_API_URL}/users.get",
-                params={"access_token": access_token, "v": settings.VK_API_VERSION},
-                timeout=15,
-            )
-            if profile_response.status_code == 200:
-                profile_data = profile_response.json()
-                items = profile_data.get("response", [])
-                if items:
-                    first_name = items[0].get("first_name")
-                    last_name = items[0].get("last_name")
+            if resp.status_code == 200:
+                data = resp.json()
+                if "error" in data:
+                    return RedirectResponse("/vk?error=invalid_token", 303)
+                groups = data.get("response", {}).get("groups", [])
+                if groups:
+                    group_id = str(groups[0].get("id", ""))
+                    group_name = groups[0].get("name")
+            elif resp.status_code == 401:
+                return RedirectResponse("/vk?error=invalid_token", 303)
    except Exception:
        pass

-    # Save or update connection
    connection = db.query(VkConnection).filter(VkConnection.user_id == user.id).first()
+    now = datetime.utcnow()
    if connection:
-        connection.access_token = access_token
-        connection.vk_user_id = vk_user_id
-        connection.first_name = first_name
-        connection.last_name = last_name
+        connection.access_token = token
+        connection.vk_user_id = group_id
+        connection.first_name = group_name
+        connection.last_name = None
        connection.is_online = True
-        connection.last_checked_at = datetime.utcnow()
+        connection.last_checked_at = now
    else:
        connection = VkConnection(
            user_id=user.id,
-            access_token=access_token,
-            vk_user_id=vk_user_id,
-            first_name=first_name,
-            last_name=last_name,
+            access_token=token,
+            vk_user_id=group_id,
+            first_name=group_name,
+            last_name=None,
            is_online=True,
-            last_checked_at=datetime.utcnow(),
+            last_checked_at=now,
        )
        db.add(connection)
    db.commit()
--- a/web/templates/base.html
+++ b/web/templates/base.html
@@ -3,7 +3,7 @@
 <head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>{% block title %}EvoSync{% endblock %}</title>
+    <title>{% block title %}ЭВОСИНК{% endblock %}</title>
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css">
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css">
    <link rel="stylesheet" href="/static/style.css">
@@ -11,7 +11,7 @@
 <body>
    <nav class="navbar navbar-expand-lg bg-white border-bottom border-2 brand-border">
        <div class="container">
-            <a href="/" class="navbar-brand brand-logo">EvoSync</a>
+            <a href="/" class="navbar-brand brand-logo">ЭВОСИНК</a>
            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav">
                <span class="navbar-toggler-icon"></span>
            </button>
@@ -64,6 +64,9 @@
        {% block content %}{% endblock %}
    </main>

+    {% if jivosite_widget_id %}
+    <script src="//code.jivosite.com/widget/{{ jivosite_widget_id }}" async></script>
+    {% endif %}
    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
    <script src="https://cdn.jsdelivr.net/npm/inputmask@5.0.9/dist/inputmask.min.js"></script>
    <script>
--- a/web/templates/catalog_groups.html
+++ b/web/templates/catalog_groups.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Группы — {{ store.name }} — EvoSync{% endblock %}
+{% block title %}Группы — {{ store.name }} — ЭВОСИНК{% endblock %}

 {% block content %}
 <nav aria-label="breadcrumb" class="mb-3">
--- a/web/templates/catalog_products.html
+++ b/web/templates/catalog_products.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Товары — EvoSync{% endblock %}
+{% block title %}Товары — ЭВОСИНК{% endblock %}

 {% block content %}
 <nav aria-label="breadcrumb" class="mb-3">
@@ -30,7 +30,7 @@
    <p>Товары не найдены.</p>
 </div>
 {% else %}
-<div class="table-responsive">
+<div class="table-responsive" style="overflow: visible;">
    <table class="table table-striped table-hover align-middle small">
        <thead class="table-light">
            <tr>
@@ -73,7 +73,7 @@
                </td>
                <td>
                    <div class="dropdown">
-                        <button class="btn btn-outline-secondary btn-sm dropdown-toggle" data-bs-toggle="dropdown">
+                        <button class="btn btn-outline-secondary btn-sm dropdown-toggle" data-bs-toggle="dropdown" data-bs-strategy="fixed">
                            <i class="bi bi-funnel"></i>
                        </button>
                        <ul class="dropdown-menu dropdown-menu-end">
--- a/web/templates/catalog_stores.html
+++ b/web/templates/catalog_stores.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Каталог — EvoSync{% endblock %}
+{% block title %}Каталог — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="d-flex align-items-center justify-content-between mb-3">
--- a/web/templates/confirm_email.html
+++ b/web/templates/confirm_email.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Подтверждение email — EvoSync{% endblock %}
+{% block title %}Подтверждение email — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/connections.html
+++ b/web/templates/connections.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Подключения — EvoSync{% endblock %}
+{% block title %}Подключения — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="d-flex align-items-center justify-content-between mb-4">
--- a/web/templates/connections_add.html
+++ b/web/templates/connections_add.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Добавить подключение — EvoSync{% endblock %}
+{% block title %}Добавить подключение — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="d-flex align-items-center mb-4">
--- a/web/templates/email_confirmed.html
+++ b/web/templates/email_confirmed.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Email подтвержден — EvoSync{% endblock %}
+{% block title %}Email подтвержден — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/evotor.html
+++ b/web/templates/evotor.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Подключение Эвотор — EvoSync{% endblock %}
+{% block title %}Подключение Эвотор — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
@@ -7,12 +7,10 @@

        {% if error %}
        <div class="alert alert-danger mt-4">
-            {% if error == "invalid_state" %}
-                <i class="bi bi-exclamation-triangle me-2"></i>Ошибка безопасности. Попробуйте подключить аккаунт заново.
-            {% elif error == "token_exchange" %}
-                <i class="bi bi-exclamation-triangle me-2"></i>Не удалось получить токен доступа от Эвотор. Попробуйте позже.
-            {% elif error == "no_token" %}
-                <i class="bi bi-exclamation-triangle me-2"></i>Эвотор не вернул токен доступа. Попробуйте позже.
+            {% if error == "invalid_token" %}
+                <i class="bi bi-exclamation-triangle me-2"></i>Токен недействителен. Проверьте правильность и попробуйте снова.
+            {% elif error == "empty_token" %}
+                <i class="bi bi-exclamation-triangle me-2"></i>Введите токен.
            {% else %}
                <i class="bi bi-exclamation-triangle me-2"></i>Произошла ошибка при подключении: {{ error }}
            {% endif %}
@@ -48,8 +46,16 @@
                    <span class="small">{{ connection.connected_at.strftime("%d.%m.%Y %H:%M") }}</span>
                </li>
            </ul>
-            <div class="card-body d-grid gap-2">
-                <a href="/evotor/connect" class="btn btn-primary">Переподключить</a>
+            <div class="card-footer">
+                <p class="text-muted small mb-2">Обновить токен (Личный кабинет Эвотор → <strong>Приложения → ЭвоСинк → Настройки</strong>):</p>
+                <form method="post" action="/evotor/token">
+                    <div class="input-group input-group-sm">
+                        <input type="text" name="token" class="form-control font-monospace" placeholder="Новый токен" required>
+                        <button type="submit" class="btn btn-outline-secondary">Обновить</button>
+                    </div>
+                </form>
+            </div>
+            <div class="card-body d-grid">
                <form method="post" action="/evotor/disconnect">
                    <button type="submit" class="btn btn-outline-danger w-100">Отключить аккаунт Эвотор</button>
                </form>
@@ -59,17 +65,29 @@
            {# ── NOT CONNECTED STATE ── #}
            <div class="card-body">
                <p class="text-muted mb-3">
-                    Подключите ваш аккаунт Эвотор, чтобы система могла автоматически синхронизировать
-                    каталог товаров из вашей кассы в ВКонтакте.
+                    Для подключения вам нужно установить приложение <strong>ЭвоСинк</strong> в личном кабинете Эвотор
+                    и скопировать токен доступа из его настроек.
                </p>
-                <ul class="text-muted small mb-4">
-                    <li>Вы будете перенаправлены на сайт Эвотор для авторизации</li>
-                    <li>После подтверждения доступа синхронизация будет настроена автоматически</li>
-                    <li>Вы можете отключить доступ в любой момент</li>
-                </ul>
-                <div class="d-grid">
-                    <a href="/evotor/connect" class="btn btn-primary btn-lg">Подключить Эвотор</a>
+
+                <ol class="text-muted small mb-4">
+                    {% if app_url %}
+                    <li class="mb-1">Откройте <a href="{{ app_url }}" target="_blank" rel="noopener">приложение ЭвоСинк в магазине Эвотор <i class="bi bi-box-arrow-up-right small"></i></a> и установите его.</li>
+                    {% else %}
+                    <li class="mb-1">Найдите приложение <strong>ЭвоСинк</strong> в магазине Эвотор и установите его.</li>
+                    {% endif %}
+                    <li class="mb-1">Перейдите в раздел <strong>Приложения → ЭвоСинк → Настройки</strong>.</li>
+                    <li class="mb-1">Скопируйте токен доступа и вставьте его в поле ниже.</li>
+                </ol>
+
+                <form method="post" action="/evotor/token">
+                    <div class="mb-3">
+                        <label class="form-label small text-muted">Токен доступа</label>
+                        <input type="text" name="token" class="form-control font-monospace" placeholder="Вставьте токен Эвотор" required autofocus>
                    </div>
+                    <div class="d-grid">
+                        <button type="submit" class="btn btn-primary">Подключить</button>
+                    </div>
+                </form>
            </div>
            {% endif %}

--- a/web/templates/forgot_password.html
+++ b/web/templates/forgot_password.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Забыли пароль — EvoSync{% endblock %}
+{% block title %}Забыли пароль — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/login.html
+++ b/web/templates/login.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Вход — EvoSync{% endblock %}
+{% block title %}Вход — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/message.html
+++ b/web/templates/message.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}{{ title }} — EvoSync{% endblock %}
+{% block title %}{{ title }} — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/profile_change_password.html
+++ b/web/templates/profile_change_password.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Изменить пароль — EvoSync{% endblock %}
+{% block title %}Изменить пароль — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/profile_delete.html
+++ b/web/templates/profile_delete.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Удалить аккаунт — EvoSync{% endblock %}
+{% block title %}Удалить аккаунт — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/profile_edit.html
+++ b/web/templates/profile_edit.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Редактировать профиль — EvoSync{% endblock %}
+{% block title %}Редактировать профиль — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/profile_view.html
+++ b/web/templates/profile_view.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Личный кабинет — EvoSync{% endblock %}
+{% block title %}Личный кабинет — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/register.html
+++ b/web/templates/register.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Регистрация — EvoSync{% endblock %}
+{% block title %}Регистрация — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/reset_password.html
+++ b/web/templates/reset_password.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Новый пароль — EvoSync{% endblock %}
+{% block title %}Новый пароль — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
--- a/web/templates/sync.html
+++ b/web/templates/sync.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Синхронизация — EvoSync{% endblock %}
+{% block title %}Синхронизация — ЭВОСИНК{% endblock %}

 {% block content %}
 <h1 class="h4 mb-4">Синхронизация</h1>
--- a/web/templates/vk.html
+++ b/web/templates/vk.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}Подключение ВКонтакте — EvoSync{% endblock %}
+{% block title %}Подключение ВКонтакте — ЭВОСИНК{% endblock %}

 {% block content %}
 <div class="row justify-content-center">
@@ -7,12 +7,10 @@

        {% if error %}
        <div class="alert alert-danger mt-4">
-            {% if error == "invalid_state" %}
-                <i class="bi bi-exclamation-triangle me-2"></i>Ошибка безопасности. Попробуйте подключить аккаунт заново.
-            {% elif error == "token_exchange" %}
-                <i class="bi bi-exclamation-triangle me-2"></i>Не удалось получить токен доступа от ВКонтакте. Попробуйте позже.
-            {% elif error == "no_token" %}
-                <i class="bi bi-exclamation-triangle me-2"></i>ВКонтакте не вернул токен доступа. Попробуйте позже.
+            {% if error == "invalid_token" %}
+                <i class="bi bi-exclamation-triangle me-2"></i>Токен недействителен. Убедитесь, что скопировали ключ доступа сообщества правильно.
+            {% elif error == "empty_token" %}
+                <i class="bi bi-exclamation-triangle me-2"></i>Введите ключ доступа.
            {% else %}
                <i class="bi bi-exclamation-triangle me-2"></i>Произошла ошибка при подключении: {{ error }}
            {% endif %}
@@ -31,15 +29,15 @@
                    <span class="text-muted small">Статус</span>
                    <span class="badge bg-success"><i class="bi bi-check-circle me-1"></i>Подключено</span>
                </li>
-                {% if connection.first_name or connection.last_name %}
+                {% if connection.first_name %}
                <li class="list-group-item d-flex justify-content-between align-items-center">
-                    <span class="text-muted small">Профиль</span>
-                    <span>{{ connection.first_name }} {{ connection.last_name }}</span>
+                    <span class="text-muted small">Сообщество</span>
+                    <span>{{ connection.first_name }}</span>
                </li>
                {% endif %}
                {% if connection.vk_user_id %}
                <li class="list-group-item d-flex justify-content-between align-items-center">
-                    <span class="text-muted small">ID пользователя</span>
+                    <span class="text-muted small">ID сообщества</span>
                    <span class="font-monospace small text-muted">{{ connection.vk_user_id }}</span>
                </li>
                {% endif %}
@@ -48,10 +46,18 @@
                    <span class="small">{{ connection.connected_at.strftime("%d.%m.%Y %H:%M") }}</span>
                </li>
            </ul>
-            <div class="card-body d-grid gap-2">
-                <a href="/vk/connect" class="btn btn-primary">Переподключить</a>
+            <div class="card-footer">
+                <p class="text-muted small mb-2">Обновить ключ доступа:</p>
+                <form method="post" action="/vk/token">
+                    <div class="input-group input-group-sm">
+                        <input type="text" name="token" class="form-control font-monospace" placeholder="Новый ключ доступа" required>
+                        <button type="submit" class="btn btn-outline-secondary">Обновить</button>
+                    </div>
+                </form>
+            </div>
+            <div class="card-body d-grid">
                <form method="post" action="/vk/disconnect">
-                    <button type="submit" class="btn btn-outline-danger w-100">Отключить аккаунт ВКонтакте</button>
+                    <button type="submit" class="btn btn-outline-danger w-100">Отключить ВКонтакте</button>
                </form>
            </div>

@@ -59,17 +65,26 @@
            {# ── NOT CONNECTED STATE ── #}
            <div class="card-body">
                <p class="text-muted mb-3">
-                    Подключите ваш аккаунт ВКонтакте, чтобы система могла автоматически синхронизировать
-                    каталог товаров из Эвотор в вашу группу ВКонтакте.
+                    Для подключения вам нужен <strong>ключ доступа сообщества</strong> ВКонтакте.
+                    Синхронизация товаров работает только через сообщество.
                </p>
-                <ul class="text-muted small mb-4">
-                    <li>Вы будете перенаправлены на сайт ВКонтакте для авторизации</li>
-                    <li>После подтверждения доступа синхронизация будет настроена автоматически</li>
-                    <li>Вы можете отключить доступ в любой момент</li>
-                </ul>
-                <div class="d-grid">
-                    <a href="/vk/connect" class="btn btn-primary btn-lg">Подключить ВКонтакте</a>
+
+                <ol class="text-muted small mb-4">
+                    <li class="mb-1">Откройте <a href="https://vk.com" target="_blank" rel="noopener">vk.com <i class="bi bi-box-arrow-up-right small"></i></a> и перейдите в управление вашим сообществом.</li>
+                    <li class="mb-1">Перейдите в раздел <strong>Настройки → Работа с API</strong>.</li>
+                    <li class="mb-1">Создайте ключ доступа с правами <strong>Управление товарами</strong> и <strong>Управление сообществом</strong>.</li>
+                    <li class="mb-1">Скопируйте ключ и вставьте его в поле ниже.</li>
+                </ol>
+
+                <form method="post" action="/vk/token">
+                    <div class="mb-3">
+                        <label class="form-label small text-muted">Ключ доступа сообщества</label>
+                        <input type="text" name="token" class="form-control font-monospace" placeholder="Вставьте ключ доступа" required autofocus>
                    </div>
+                    <div class="d-grid">
+                        <button type="submit" class="btn btn-primary">Подключить</button>
+                    </div>
+                </form>
            </div>
            {% endif %}

--- a/web/templates_env.py
+++ b/web/templates_env.py
@@ -0,0 +1,6 @@
+from fastapi.templating import Jinja2Templates
+
+from web.config import settings
+
+templates = Jinja2Templates(directory="web/templates")
+templates.env.globals["jivosite_widget_id"] = settings.JIVOSITE_WIDGET_ID
Author	SHA1	Message	Date
mguschin	aaeaa4f658	Fix product page dropdown clipped by table-responsive overflow Set overflow: visible on table-responsive and use data-bs-strategy="fixed" so the filter dropdown renders outside the scroll container. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-10 15:57:43 +03:00
mguschin	aea28ead9c	Fix VK connect_url to point to /vk instead of /vk/connect /vk/connect no longer exists after switching to manual token entry. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-10 15:40:39 +03:00
mguschin	cde2069d74	Remove unused VK OAuth env vars (VK_CLIENT_ID/SECRET/SCOPES) VK connection now uses manual community token entry, so OAuth credentials are no longer needed. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-10 15:35:53 +03:00
mguschin	debb2efb3d	Replace VK OAuth with manual community token entry Resolves #4 — VK OAuth flow caused "Security Error" because market sync requires a community access token, not a personal user token. Replaced OAuth with manual token input (same pattern as Evotor). Added step-by-step instructions. Updated health checker to validate community tokens via groups.getById instead of users.get. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-10 15:32:13 +03:00
mguschin	4d4d5b0118	Add Jivosite live chat widget support Resolves #3 — widget is loaded on every page via base.html when JIVOSITE_WIDGET_ID env var is set. Centralized Jinja2Templates instance in web/templates_env.py with jivosite_widget_id as a global. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-10 14:11:25 +03:00
mguschin	00b74b8aa9	Simplify Evotor connect to manual token entry only Resolves #2 — removes semi-automatic OAuth flow (Переподключить button, /evotor/connect and /evotor/link routes) and makes manual token entry the sole connect option. Adds step-by-step instructions with a direct link to the app on Evotor marketplace (opens in new tab). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-10 13:01:12 +03:00
mguschin	577c5de200	Add background catalog cache refresh to health check loop Resolves #1 — the health checker now refreshes catalog cache for all online Evotor connections when cache is missing or older than CATALOG_REFRESH_INTERVAL_SECONDS (default: 3600s). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-10 12:53:44 +03:00
mguschin	0926757b7a	Fix dropdown clipping using fixed positioning strategy Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 18:17:25 +03:00
mguschin	13c32e9181	Fix dropdown clipping in product table using data-bs-boundary Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 18:16:33 +03:00
mguschin	6b9eb562ba	Fix dropdown clipping in product table by allowing overflow Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 18:13:07 +03:00
mguschin	9558333c94	Handle 402 Payment Required from Evotor API gracefully Return empty list for groups/products when Evotor returns 402, instead of crashing the refresh with an unhandled HTTP error. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 18:04:13 +03:00
mguschin	40e7abd012	Fix typo and redirect connections/add to evotor page Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 17:39:31 +03:00
mguschin	3d7a456299	Add manual token entry for Evotor connection Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 17:35:17 +03:00
mguschin	5acf597944	Redirect to app page on Evotor market instead of generic market URL Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 17:33:00 +03:00
mguschin	3f4bbcbb0d	Fix alter_column missing existing_type for MySQL Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 17:26:32 +03:00
mguschin	c8beeaf1b1	Fix migration to skip already-existing evotor_user_id column/indexes Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 17:25:36 +03:00
mguschin	5ee8419c7c	Replace EVOTOR_CLIENT_ID/SECRET with EVOTOR_APP_ID/WEBHOOK_SECRET in config Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 17:23:50 +03:00
mguschin	e376c86fbe	Switch Evotor integration to webhook-based token delivery flow Replace OAuth 2.0 authorization code flow with Evotor's proprietary webhook token delivery: POST /evotor/callback receives token server-to-server, GET /evotor/link links it to the logged-in user's account. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-09 17:18:25 +03:00
mguschin	69e21a18c9	fix docker compose.	2026-03-09 16:47:35 +03:00
mguschin	90a2f7be1f	fix docker compose.	2026-03-09 16:41:59 +03:00
mguschin	d4633a0f46	Update nginx conf.	2026-03-09 16:41:09 +03:00
mguschin	b72b0e78b0	Nginx upstream.	2026-03-09 16:23:59 +03:00
mguschin	2a04099f95	Fix tls script.	2026-03-09 16:11:03 +03:00
mguschin	58f9b74a1c	Change default port.	2026-03-09 15:54:19 +03:00
mguschin	8c9c328302	chore(release): v1.8.2 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-06 18:41:43 +03:00
mguschin	784bb27958	chore: replace EvoSync with ЭВОСИНК throughout UI Update all page titles and branding in FastAPI app and templates to use Russian transliteration of product name. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>	2026-03-06 18:40:11 +03:00