commit 85eaf6a99af0b3f8376f071f1557d7b1c4b3d262
Author: RGalyaviev <ruslan@ipcom.su>
Date:   Wed Sep 3 14:37:36 2025 +0300

    UI polish: global modern styles; Admin button pinned top-left across app and generated pages; index redirects to login for guests

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..549df70
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,63 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# Virtual environments
+.venv/
+venv/
+ENV/
+env/
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+
+# SQLite database
+*.db
+
+# IDEs and editors
+.vscode/
+.idea/
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
+
+# OS
+.DS_Store
+Thumbs.db
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..cf38998
--- /dev/null
+++ b/README.md
@@ -0,0 +1,51 @@
+# Flask UUID Pages Admin (SQLite)
+
+Минималистичное Flask‑приложение с SQLite:
+- Админка доступна только пользователю `ruslan` с паролем `utOgbZ09ruslan` (по умолчанию).
+- В админке можно вставлять HTML и публиковать страницы.
+- Для каждой страницы генерируется UUID‑ссылка `/p/<uuid>`.
+- Неавторизованный пользователь не видит админку и главную страницу (404). Страницы по UUID доступны всем, у кого есть ссылка.
+
+## Запуск локально
+
+1. Создайте и активируйте виртуальное окружение (опционально):
+
+   Windows PowerShell:
+
+   ```powershell
+   python -m venv .venv
+   .venv\\Scripts\\Activate.ps1
+   ```
+
+2. Установите зависимости:
+
+   ```powershell
+   pip install -r requirements.txt
+   ```
+
+3. (Опционально) Переопределите настройки через переменные окружения:
+
+   ```powershell
+   $env:SECRET_KEY = "your-strong-secret-key"
+   $env:ADMIN_USERNAME = "ruslan"
+   $env:ADMIN_PASSWORD = "utOgbZ09ruslan"
+   ```
+
+4. Запустите сервер разработки:
+
+   ```powershell
+   python app.py
+   ```
+
+## Маршруты
+
+- `/login` — форма входа в админку.
+- `/admin` — админ‑панель (только для авторизованных, иначе 404).
+- `/p/<uuid>` — просмотр опубликованной страницы по UUID.
+- `/` — редирект в админку для авторизованных, иначе 404.
+
+## Замечания по безопасности
+
+- HTML хранится и отдаётся как есть. Предполагается, что контент вводит доверенный админ.
+- В продакшне обязательно задайте `SECRET_KEY` и используйте HTTPS; настройте защищённые cookies.
+
diff --git a/app.py b/app.py
new file mode 100644
index 0000000..3791359
--- /dev/null
+++ b/app.py
@@ -0,0 +1,182 @@
+import os
+import sqlite3
+import uuid as uuid_lib
+from datetime import datetime
+
+from flask import (
+    Flask,
+    g,
+    render_template,
+    request,
+    redirect,
+    url_for,
+    session,
+    abort,
+    flash,
+    Response,
+)
+
+
+def create_app():
+    app = Flask(__name__)
+
+    # Basic config
+    app.config["SECRET_KEY"] = os.environ.get(
+        "SECRET_KEY",
+        # For production, override via env var. This default is for local/dev only.
+        "dev-secret-change-me",
+    )
+    app.config["DATABASE"] = os.path.join(os.path.dirname(__file__), "app.db")
+
+    # Admin credentials (can be overridden via env)
+    app.config["ADMIN_USERNAME"] = os.environ.get("ADMIN_USERNAME", "ruslan")
+    app.config["ADMIN_PASSWORD"] = os.environ.get("ADMIN_PASSWORD", "utOgbZ09ruslan")
+
+    # --------------------
+    # Database helpers
+    # --------------------
+    def get_db():
+        if "db" not in g:
+            g.db = sqlite3.connect(app.config["DATABASE"])  # type: ignore[attr-defined]
+            g.db.row_factory = sqlite3.Row
+        return g.db
+
+    def close_db(e=None):
+        db = g.pop("db", None)
+        if db is not None:
+            db.close()
+
+    def init_db():
+        db = get_db()
+        db.execute(
+            """
+            CREATE TABLE IF NOT EXISTS pages (
+                id INTEGER PRIMARY KEY AUTOINCREMENT,
+                uuid TEXT NOT NULL UNIQUE,
+                html TEXT NOT NULL,
+                created_at TEXT NOT NULL
+            );
+            """
+        )
+        db.commit()
+
+    @app.before_request
+    def _before_request():
+        # Ensure DB exists
+        init_db()
+
+    @app.teardown_appcontext
+    def _teardown_appcontext(_=None):
+        close_db()
+
+    # --------------------
+    # Auth helpers
+    # --------------------
+    def is_logged_in() -> bool:
+        return bool(session.get("logged_in"))
+
+    def login_required():
+        if not is_logged_in():
+            # For non-auth users: show nothing (404), not even an admin hint
+            abort(404)
+
+    @app.context_processor
+    def inject_auth():
+        return {"logged_in": is_logged_in()}
+
+    # --------------------
+    # Routes
+    # --------------------
+    @app.route("/")
+    def index():
+        # Redirect unauthenticated users to login; authenticated users to admin.
+        if not is_logged_in():
+            return redirect(url_for("login"))
+        return redirect(url_for("admin"))
+
+    @app.route("/login", methods=["GET", "POST"])
+    def login():
+        if request.method == "POST":
+            username = request.form.get("username", "")
+            password = request.form.get("password", "")
+            if (
+                username == app.config["ADMIN_USERNAME"]
+                and password == app.config["ADMIN_PASSWORD"]
+            ):
+                session["logged_in"] = True
+                flash("Успешный вход в админку.", "success")
+                return redirect(url_for("admin"))
+            flash("Неверные имя пользователя или пароль.", "error")
+        return render_template("login.html")
+
+    @app.route("/logout", methods=["POST"]) 
+    def logout():
+        session.clear()
+        # After logout, nothing is visible. Return 404-like behavior.
+        abort(404)
+
+    @app.route("/admin", methods=["GET", "POST"])
+    def admin():
+        login_required()
+        db = get_db()
+        if request.method == "POST":
+            html = request.form.get("html", "").strip()
+            if not html:
+                flash("HTML не может быть пустым.", "error")
+            else:
+                uid = uuid_lib.uuid4().hex
+                db.execute(
+                    "INSERT INTO pages (uuid, html, created_at) VALUES (?, ?, ?)",
+                    (uid, html, datetime.utcnow().isoformat(timespec="seconds")),
+                )
+                db.commit()
+                flash("Страница опубликована.", "success")
+                return redirect(url_for("admin"))
+
+        pages = db.execute(
+            "SELECT id, uuid, created_at FROM pages ORDER BY id DESC"
+        ).fetchall()
+        base_url = request.host_url.rstrip("/")
+        return render_template("admin.html", pages=pages, base_url=base_url)
+
+    @app.route("/p/<string:uid>")
+    def view_page(uid: str):
+        db = get_db()
+        row = db.execute("SELECT html FROM pages WHERE uuid = ?", (uid,)).fetchone()
+        if row is None:
+            abort(404)
+        # Show a floating admin button for authenticated users, otherwise serve raw HTML
+        html: str = row["html"]
+        if is_logged_in():
+            admin_url = url_for("admin")
+            toolbar = (
+                '<div style="position:fixed;top:16px;left:16px;z-index:2147483647;">'
+                f'<a href="{admin_url}" '
+                'style="background:linear-gradient(135deg,#111,#333);color:#fff;padding:10px 14px;'
+                'border-radius:10px;box-shadow:0 8px 20px rgba(0,0,0,0.25);'
+                'text-decoration:none;font-weight:600;letter-spacing:.2px;'
+                'font-family:system-ui,-apple-system,Segoe UI,Roboto,Arial,sans-serif;"'
+                '>Админка</a></div>'
+            )
+            lower = html.lower()
+            if "</body>" in lower:
+                idx = lower.rfind("</body>")
+                html = html[:idx] + toolbar + html[idx:]
+            else:
+                html = html + toolbar
+        return Response(html, mimetype="text/html; charset=utf-8")
+
+    # Optional: simple 404 page to keep things minimal
+    @app.errorhandler(404)
+    def not_found(_):
+        return ("", 404)
+
+    return app
+
+
+app = create_app()
+
+
+if __name__ == "__main__":
+    # Run development server
+    app.run(host="0.0.0.0", port=int(os.environ.get("PORT", 5000)), debug=True)
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..01a5fbb
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1 @@
+Flask>=2.3,<3.0
diff --git a/templates/admin.html b/templates/admin.html
new file mode 100644
index 0000000..cce2185
--- /dev/null
+++ b/templates/admin.html
@@ -0,0 +1,40 @@
+{% extends 'base.html' %}
+{% block content %}
+  <h1>Публикация HTML-страниц</h1>
+
+  <form method="post">
+    <div class="row">
+      <label for="html">HTML-код</label>
+      <textarea id="html" name="html" placeholder="<h1>Заголовок</h1>\n<p>Мой контент...</p>" required></textarea>
+    </div>
+    <button class="btn" type="submit">Опубликовать</button>
+    <span class="muted">После публикации создаётся ссылка с UUID.</span>
+  </form>
+
+  <h2 style="margin-top:2rem;">Опубликованные страницы</h2>
+  {% if pages %}
+    <table>
+      <thead>
+        <tr>
+          <th>ID</th>
+          <th>UUID</th>
+          <th>Ссылка</th>
+          <th>Создано</th>
+        </tr>
+      </thead>
+      <tbody>
+        {% for p in pages %}
+          <tr>
+            <td>{{ p.id }}</td>
+            <td><code>{{ p.uuid }}</code></td>
+            <td><a href="{{ base_url }}/p/{{ p.uuid }}" target="_blank">{{ base_url }}/p/{{ p.uuid }}</a></td>
+            <td>{{ p.created_at }}</td>
+          </tr>
+        {% endfor %}
+      </tbody>
+    </table>
+  {% else %}
+    <p class="muted">Страниц пока нет.</p>
+  {% endif %}
+{% endblock %}
+
diff --git a/templates/base.html b/templates/base.html
new file mode 100644
index 0000000..670b21b
--- /dev/null
+++ b/templates/base.html
@@ -0,0 +1,115 @@
+<!doctype html>
+<html lang="ru">
+  <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>{{ title or 'Админка' }}</title>
+    <style>
+      :root {
+        --bg: #0b0e13;
+        --bg-soft: #11161f;
+        --card: #121825;
+        --text: #e6edf3;
+        --muted: #97a3b6;
+        --accent: #4f8cff;
+        --accent-2: #7a5cff;
+        --danger: #ff5c7a;
+        --success: #2ecc71;
+        --ring: rgba(79,140,255,.45);
+      }
+
+      html, body { height: 100%; }
+      body {
+        margin: 0;
+        font-family: system-ui, -apple-system, Segoe UI, Roboto, Arial, sans-serif;
+        color: var(--text);
+        background:
+          radial-gradient(1200px 400px at 10% -10%, rgba(79,140,255,0.12), transparent 60%),
+          radial-gradient(1000px 400px at 100% 0%, rgba(122,92,255,0.10), transparent 60%),
+          var(--bg);
+      }
+
+      .container { max-width: 980px; margin: 0 auto; padding: 24px; }
+
+      header {
+        position: sticky; top: 0; z-index: 1000;
+        display: flex; align-items: center; justify-content: space-between;
+        padding: 14px 18px 14px 140px; margin: 0 0 18px 0;
+        background: linear-gradient(180deg, rgba(18,24,37,.85), rgba(18,24,37,.65));
+        backdrop-filter: saturate(1.2) blur(8px);
+        border: 1px solid rgba(255,255,255,.06);
+        border-radius: 14px;
+        box-shadow: 0 10px 30px rgba(0,0,0,.35);
+      }
+
+      header nav { position: absolute; top: 14px; left: 18px; }
+
+      .card {
+        background: var(--card);
+        border: 1px solid rgba(255,255,255,.06);
+        border-radius: 16px; padding: 20px;
+        box-shadow: 0 12px 40px rgba(0,0,0,.35);
+      }
+
+      .muted { color: var(--muted); font-size: 0.92rem; }
+      .row { margin-bottom: 1rem; }
+
+      .btn {
+        display: inline-block; padding: 10px 14px; border: none; cursor: pointer;
+        text-decoration: none; color: #fff; font-weight: 600; letter-spacing: .2px;
+        background: linear-gradient(135deg, var(--accent), var(--accent-2));
+        border-radius: 10px; box-shadow: 0 10px 25px rgba(79,140,255,.35);
+        transition: transform .06s ease, box-shadow .15s ease;
+      }
+      .btn:hover { transform: translateY(-1px); box-shadow: 0 14px 30px rgba(79,140,255,.45); }
+      .btn.secondary { background: linear-gradient(135deg,#2a2f3a,#394356); box-shadow: none; }
+
+      input[type="text"], input[type="password"], textarea {
+        width: 100%; color: var(--text); background: var(--bg-soft);
+        border: 1px solid rgba(255,255,255,.06);
+        border-radius: 12px; padding: 10px 12px; outline: none;
+        box-shadow: inset 0 0 0 1px transparent;
+      }
+      input:focus, textarea:focus { box-shadow: 0 0 0 4px var(--ring); }
+      textarea { min-height: 260px; font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace; }
+
+      .flash { padding: 10px 12px; margin-bottom: 1rem; border-radius: 10px; border: 1px solid rgba(255,255,255,.08); }
+      .flash.success { background: rgba(46,204,113,.12); color: #bbf7d0; }
+      .flash.error { background: rgba(255,92,122,.12); color: #fecaca; }
+
+      table { width: 100%; border-collapse: collapse; background: var(--card); border-radius: 12px; overflow: hidden; }
+      th, td { text-align: left; padding: 10px 12px; border-bottom: 1px solid rgba(255,255,255,.06); }
+      thead th { background: rgba(255,255,255,.04); font-weight: 600; }
+      tbody tr:hover { background: rgba(255,255,255,.02); }
+
+      nav a { margin-left: 10px; }
+    </style>
+  </head>
+  <body>
+    <div class="container">
+      <header>
+        <div><strong>{{ title or 'Админка' }}</strong></div>
+        <nav>
+          {% if logged_in %}
+            <a class="btn secondary" href="{{ url_for('admin') }}">Админка</a>
+            <form style="display:inline" method="post" action="{{ url_for('logout') }}">
+              <button class="btn" type="submit">Выйти</button>
+            </form>
+          {% endif %}
+        </nav>
+      </header>
+
+      <div class="card">
+        {% with messages = get_flashed_messages(with_categories=true) %}
+          {% if messages %}
+            {% for category, message in messages %}
+              <div class="flash {{ category }}">{{ message }}</div>
+            {% endfor %}
+          {% endif %}
+        {% endwith %}
+
+        {% block content %}{% endblock %}
+      </div>
+    </div>
+  </body>
+  </html>
diff --git a/templates/login.html b/templates/login.html
new file mode 100644
index 0000000..f67084a
--- /dev/null
+++ b/templates/login.html
@@ -0,0 +1,16 @@
+{% extends 'base.html' %}
+{% block content %}
+  <h1>Вход в админку</h1>
+  <form method="post">
+    <div class="row">
+      <label>Имя пользователя</label>
+      <input type="text" name="username" autocomplete="username" required>
+    </div>
+    <div class="row">
+      <label>Пароль</label>
+      <input type="password" name="password" autocomplete="current-password" required>
+    </div>
+    <button class="btn" type="submit">Войти</button>
+  </form>
+{% endblock %}
+