release: v1.2.0 — каталог, email заказа, SEO, админ CSV

Co-authored-by: Cursor <cursoragent@cursor.com>

.env.example

@@ -13,6 +13,14 @@ ADMIN_NAME=Администратор
 # URL сайта (ссылки в письмах, WebAuthn origin)
 SITE_URL=http://localhost:3000
 
+# Капча: google (reCAPTCHA) или cloudflare (Turnstile). yandex — заблокирован
+CAPTCHA_PROVIDER=google
+# CAPTCHA_ENABLED=0
+RECAPTCHA_SITE_KEY=
+RECAPTCHA_SECRET_KEY=
+# TURNSTILE_SITE_KEY=
+# TURNSTILE_SECRET_KEY=
+
 # Passkey (WebAuthn) — по умолчанию hostname из SITE_URL
 # WEBAUTHN_RP_ID=shop.example.com
 # WEBAUTHN_RP_NAME=Shop
@@ -27,9 +35,11 @@ SMTP_PASS=
 SMTP_FROM=shop@example.com
 
 # Обновление из админки (/admin/system)
-# SHOP_ROOT=/opt/shop
+# SHOP_ROOT=/opt/shop/shop10
 # ADMIN_UPDATE_ENABLED=1
 # ADMIN_UPDATE_USE_SUDO=1
+# SHOP_GIT_USER=root
+# SHOP_SERVICE_USER=www-data
 
 # PostgreSQL 17 (одна строка или отдельные переменные)
 DATABASE_URL=postgresql://shop:shop@127.0.0.1:5432/shop

.release-notes/v1.0.1.md

@@ -0,0 +1,28 @@
+## 1.0.1
+
+Патч после **v1.0.0**.
+
+### Новое
+
+- Капча **Google reCAPTCHA** или **Cloudflare Turnstile** (вход, регистрация, сброс пароля)
+- **Яндекс SmartCaptcha** заблокирован — японский сервис недоступен по решению администратора
+
+### Исправления
+
+- Обновление из админки: `safe.directory`, `git ls-remote`, pull от владельца `.git`
+
+### Настройка (.env)
+
+```env
+CAPTCHA_PROVIDER=google
+RECAPTCHA_SITE_KEY=...
+RECAPTCHA_SECRET_KEY=...
+# или cloudflare: TURNSTILE_SITE_KEY / TURNSTILE_SECRET_KEY
+```
+
+### Обновление
+
+```bash
+export SHOP_ROOT=/opt/shop/shop10
+git pull && bash "$SHOP_ROOT/scripts/server-update.sh"
+```

.release-notes/v1.2.0.md

@@ -0,0 +1,31 @@
+# v1.2.0
+
+**Дата:** 2026-05-16
+
+## Каталог
+
+- Сортировка: название, цена, новинки
+- Фильтр «только со скидкой» и показ товаров без остатка
+- Бейдж низкого остатка и блок «Вы недавно смотрели»
+
+## Заказы
+
+- Email-подтверждение заказа (нужен `SMTP_*` и `SITE_URL`)
+- Вкладка «Заказы» в `/account`
+
+## Прочее
+
+- `robots.txt`, `sitemap.xml`
+- Защита от перебора на login/register
+- Админ: фильтр заказов, экспорт CSV
+
+## Обновление
+
+```bash
+cd /opt/shop/shop10   # или ваш SHOP_ROOT
+git pull
+bash scripts/server-update.sh
+# или: npm install --omit=dev && systemctl restart shop
+```
+
+Переменные для писем и sitemap: `SITE_URL`, `SMTP_HOST`, `SMTP_FROM`.

CHANGELOG.md

@@ -1,5 +1,51 @@
 # Changelog
 
+## [1.2.0] — 2026-05-16
+
+Улучшения каталога, уведомлений и админки.
+
+### Каталог и UX
+
+- **Сортировка:** по названию, цене (↑/↓), дате добавления
+- **Фильтры:** только товары со скидкой; показ позиций «нет в наличии»
+- **Бейдж «Осталось N»** при остатке ≤ 5
+- **Недавно просмотренные** товары на главной (сессия, до 8 позиций)
+- **Meta description** на странице товара
+
+### Заказы и почта
+
+- **Письмо после оформления** заказа (SMTP или лог в консоль)
+- Вкладка **«Заказы»** в личном кабинете
+
+### SEO и безопасность
+
+- **`/robots.txt`** и **`/sitemap.xml`**
+- Заголовки **X-Content-Type-Options**, **X-Frame-Options**, **Referrer-Policy**
+- **Rate limit** на вход и регистрацию (429 при превышении)
+
+### Админка
+
+- **Фильтр заказов** по статусу
+- **Экспорт заказов в CSV**
+
+[1.2.0]: https://git.evilfox.cc/test/shop10/releases/tag/v1.2.0
+
+## [1.0.1] — 2026-05-17
+
+Патч после **v1.0.0**: капча, доработка обновления из админки.
+
+### Безопасность
+
+- **Капча:** Google reCAPTCHA или Cloudflare Turnstile на входе, регистрации и сбросе пароля
+- **Яндекс SmartCaptcha заблокирован** — сообщение администратора на формах; попытки отправки отклоняются
+
+### Админка и сервер
+
+- **Обновление с Git** (`/admin/system`): исправлены `safe.directory`, проверка через `git ls-remote` без прав на `.git`, pull от владельца репозитория
+- Подсказки по `SHOP_GIT_USER`, sudoers в интерфейсе
+
+[1.0.1]: https://git.evilfox.cc/test/shop10/releases/tag/v1.0.1
+
 ## [1.0.0] — 2026-05-17
 
 Первый мажорный релиз после **v0.20.0**: безопасность, лояльность, акции на товары, удобная установка и обновление с сервера.

README.md

@@ -1,10 +1,10 @@
 # Shop
 
-**v1.0.0** — интернет-магазин на **Node.js** и **PostgreSQL 17**.
+**v1.2.0** — интернет-магазин на **Node.js** и **PostgreSQL 17**.
 
 Два способа установки: [Docker Compose](#docker-compose-рекомендуется-для-теста) | [без Docker (Ubuntu)](#postgresql-17-без-docker)
 
-Подробности релиза: [CHANGELOG.md](CHANGELOG.md) · [docs/RELEASE-1.0.md](docs/RELEASE-1.0.md) · [что нового после 0.20](docs/RELEASE-1.0.md#что-нового-после-020)
+Подробности релиза: [CHANGELOG.md](CHANGELOG.md) · [docs/RELEASE-1.0.1.md](docs/RELEASE-1.0.1.md) · [1.0.0](docs/RELEASE-1.0.md)
 
 **Сервер (установка, обновление, ошибки):** [wiki/Server-Operations.md](wiki/Server-Operations.md) · [wiki/Troubleshooting.md](wiki/Troubleshooting.md)
 
@@ -361,12 +361,12 @@ scripts/
 src/
 ```
 
-## Релиз 1.0.0
+## Релиз 1.0.1
 
 ```bash
 git clone <URL-вашего-репозитория> /opt/shop
 cd /opt/shop
-git checkout v1.0.0
+git checkout v1.0.1
 ```
 
 | Способ | Команда |

deploy/shop.service

@@ -9,7 +9,7 @@ User=www-data
 Group=www-data
 WorkingDirectory=/opt/shop
 EnvironmentFile=/opt/shop/.env
-ExecStartPre=+/opt/shop/scripts/wait-postgres.sh
+ExecStartPre=+/bin/bash /opt/shop/scripts/wait-postgres.sh
 ExecStart=/usr/bin/node src/server.js
 Restart=on-failure
 RestartSec=5

docs/RELEASE-1.0.1.md

@@ -0,0 +1,24 @@
+# Релиз 1.0.1
+
+Патч после [1.0.0](RELEASE-1.0.md): капча (Google / Cloudflare), блокировка Яндекс SmartCaptcha, исправления Git-обновления в админке.
+
+## Что нового
+
+| Изменение | Описание |
+|-----------|----------|
+| Капча | Google reCAPTCHA или Cloudflare Turnstile |
+| Яндекс | SmartCaptcha заблокирован, предупреждение на формах |
+| `/admin/system` | `safe.directory`, `ls-remote`, pull от владельца репозитория |
+
+## Обновление с 1.0.0
+
+```bash
+export SHOP_ROOT=/opt/shop/shop10
+cd "$SHOP_ROOT"
+git fetch origin && git checkout v1.0.1
+bash "$SHOP_ROOT/scripts/server-update.sh"
+```
+
+Добавьте в `.env` ключи капчи (см. `.env.example`) и перезапустите `shop`.
+
+Полный список: [CHANGELOG.md](../CHANGELOG.md)

package.json

@@ -1,6 +1,6 @@
 {
   "name": "shop",
-  "version": "1.0.0",
+  "version": "1.2.0",
   "description": "Интернет-магазин на Node.js с PostgreSQL 17",
   "main": "src/server.js",
   "scripts": {

scripts/admin-web-update.sh

@@ -1,30 +1,42 @@
 #!/bin/bash
 # Обновление кода из админки (git pull + npm + перезапуск shop)
 # Запуск: bash scripts/admin-web-update.sh
-# С www-data часто нужен sudoers: NOPASSWD на этот скрипт (ADMIN_UPDATE_USE_SUDO=1)
+# С www-data: ADMIN_UPDATE_USE_SUDO=1 + sudoers NOPASSWD на этот скрипт
 set -euo pipefail
 
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 # shellcheck source=shop-root.sh
 source "$SCRIPT_DIR/shop-root.sh"
 
-RUN_USER="${SHOP_RUN_USER:-www-data}"
 PORT="${PORT:-3000}"
+REPO_OWNER="${SHOP_GIT_USER:-$(stat -c '%U' "$SHOP_ROOT/.git" 2>/dev/null || stat -c '%U' "$SHOP_ROOT" 2>/dev/null || echo root)}"
+SHOP_SERVICE_USER="${SHOP_SERVICE_USER:-www-data}"
 
-run_in_shop() {
+ensure_git_safe() {
+  local user="$1"
+  if [ -z "$user" ]; then return; fi
+  if [ "$(id -u)" -eq 0 ]; then
+    sudo -u "$user" git config --global --add safe.directory "$SHOP_ROOT" 2>/dev/null || true
+  else
+    git config --global --add safe.directory "$SHOP_ROOT" 2>/dev/null || true
+  fi
+}
+
+run_as_owner() {
   local cmd="$1"
-  if [ "$(id -u)" -eq 0 ] && [ "$(whoami)" != "$RUN_USER" ]; then
+  if [ "$(id -u)" -eq 0 ] && [ "$(whoami)" != "$REPO_OWNER" ]; then
-    sudo -u "$RUN_USER" env SHOP_ROOT="$SHOP_ROOT" bash -c "cd \"$SHOP_ROOT\" && $cmd"
+    sudo -u "$REPO_OWNER" env SHOP_ROOT="$SHOP_ROOT" bash -c "cd \"$SHOP_ROOT\" && $cmd"
   else
     bash -c "cd \"$SHOP_ROOT\" && $cmd"
   fi
 }
 
-git config --global --add safe.directory "$SHOP_ROOT" 2>/dev/null || true
+ensure_git_safe "$REPO_OWNER"
+ensure_git_safe "$(whoami)"
 
 echo "=== Обновление Shop (админка) ==="
 echo "Каталог: $SHOP_ROOT"
-echo "Пользователь для git/npm: $(id -un 2>/dev/null || echo ?)"
+echo "Git от пользователя: $REPO_OWNER (текущий: $(whoami))"
 
 if [ ! -d .git ]; then
   echo "Ошибка: нет .git в $SHOP_ROOT"
@@ -33,19 +45,31 @@ fi
 
 echo ""
 echo "Текущая версия:"
-git log -1 --oneline || true
+run_as_owner "git log -1 --oneline"
 
 echo ""
 echo "--- git sync ---"
-run_in_shop "bash scripts/git-sync.sh"
+run_as_owner "bash scripts/git-sync.sh"
 
 echo ""
 echo "--- npm install ---"
-run_in_shop "npm install --omit=dev"
+if [ "$(id -u)" -eq 0 ]; then
+  npm install --omit=dev
+else
+  run_as_owner "npm install --omit=dev"
+fi
+
+echo ""
+echo "--- права для службы shop ($SHOP_SERVICE_USER) ---"
+if [ "$(id -u)" -eq 0 ]; then
+  bash "$SCRIPT_DIR/fix-shop-permissions.sh"
+else
+  echo "WARN: запустите от root: sudo bash scripts/fix-shop-permissions.sh"
+fi
 
 echo ""
 echo "Новая версия:"
-git log -1 --oneline
+run_as_owner "git log -1 --oneline"
 
 echo ""
 echo "--- перезапуск shop ---"
@@ -62,7 +86,7 @@ if command -v systemctl >/dev/null 2>&1 && systemctl cat shop.service >/dev/null
     exit 1
   fi
 else
-  echo "INFO: служба shop не найдена — перезапустите Node вручную (pm2/npm start)"
+  echo "INFO: служба shop не найдена — перезапустите Node вручную"
 fi
 
 echo ""

scripts/fix-shop-permissions.sh

@@ -0,0 +1,52 @@
+#!/bin/bash
+# Права на каталог магазина для пользователя systemd (www-data)
+#   sudo bash "$SHOP_ROOT/scripts/fix-shop-permissions.sh"
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+# shellcheck source=shop-root.sh
+source "$SCRIPT_DIR/shop-root.sh"
+
+SHOP_SERVICE_USER="${SHOP_SERVICE_USER:-www-data}"
+
+if [ "$(id -u)" -ne 0 ]; then
+  echo "Запустите от root: sudo bash $0"
+  exit 1
+fi
+
+if ! id "$SHOP_SERVICE_USER" &>/dev/null; then
+  echo "Ошибка: пользователь $SHOP_SERVICE_USER не найден"
+  exit 1
+fi
+
+echo "=== Права Shop: $SHOP_ROOT → $SHOP_SERVICE_USER ==="
+
+# CRLF из Windows → 203/EXEC в systemd
+if [ -d "$SHOP_ROOT/scripts" ]; then
+  find "$SHOP_ROOT/scripts" -name '*.sh' -type f -exec sed -i 's/\r$//' {} +
+fi
+
+chown -R "$SHOP_SERVICE_USER:$SHOP_SERVICE_USER" "$SHOP_ROOT"
+
+# Исполняемые скрипты (wait-postgres.sh для ExecStartPre)
+if [ -d "$SHOP_ROOT/scripts" ]; then
+  chmod +x "$SHOP_ROOT"/scripts/*.sh 2>/dev/null || true
+fi
+
+# npm cache/logs для www-data
+for dir in /var/www/.npm /var/www/.cache; do
+  mkdir -p "$dir"
+  chown -R "$SHOP_SERVICE_USER:$SHOP_SERVICE_USER" "$dir"
+done
+
+if [ -f "$SHOP_ROOT/.env" ]; then
+  chmod 640 "$SHOP_ROOT/.env"
+  chown "$SHOP_SERVICE_USER:$SHOP_SERVICE_USER" "$SHOP_ROOT/.env"
+fi
+
+# Родительские каталоги — traverse для www-data
+chmod o+x /opt /opt/shop 2>/dev/null || true
+
+echo "OK: владелец $SHOP_SERVICE_USER, скрипты +x"
+echo "Проверка unit: grep ExecStartPre /etc/systemd/system/shop.service"
+echo "  sudo systemctl daemon-reload && sudo systemctl restart shop"

scripts/install-shop-service.sh

@@ -58,16 +58,12 @@ fi
 
 npm install --omit=dev --prefix "$SHOP_ROOT"
 
-# Доступ www-data: чтение кода и .env (systemd читает .env от root, но на всякий случай)
+bash "$SCRIPT_DIR/fix-shop-permissions.sh"
-chmod o+x /opt /opt/shop 2>/dev/null || true
-chmod -R a+rX "$SHOP_ROOT"
-chmod 640 "$SHOP_ROOT/.env"
-chown root:www-data "$SHOP_ROOT/.env" 2>/dev/null || chmod 644 "$SHOP_ROOT/.env"
 
 cp -f "$SHOP_ROOT/deploy/shop.service" /etc/systemd/system/shop.service
 sed -i "s|WorkingDirectory=.*|WorkingDirectory=${SHOP_ROOT}|" /etc/systemd/system/shop.service
 sed -i "s|EnvironmentFile=.*|EnvironmentFile=${SHOP_ROOT}/.env|" /etc/systemd/system/shop.service
-sed -i "s|ExecStartPre=.*|ExecStartPre=+${SHOP_ROOT}/scripts/wait-postgres.sh|" /etc/systemd/system/shop.service
+sed -i "s|ExecStartPre=.*|ExecStartPre=+/bin/bash ${SHOP_ROOT}/scripts/wait-postgres.sh|" /etc/systemd/system/shop.service
 sed -i "s|ExecStart=.*|ExecStart=${NODE_BIN} src/server.js|" /etc/systemd/system/shop.service
 
 if ! sudo -u www-data test -r "$SHOP_ROOT/package.json"; then

scripts/server-update.sh

@@ -20,7 +20,13 @@ fi
 
 bash "$SCRIPT_DIR/git-sync.sh"
 
+if [ "$(id -u)" -eq 0 ]; then
   npm install --omit=dev
+  bash "$SCRIPT_DIR/fix-shop-permissions.sh"
+else
+  npm install --omit=dev
+  echo "ВНИМАНИЕ: для прав www-data выполните: sudo bash $SCRIPT_DIR/fix-shop-permissions.sh"
+fi
 
 if [ -f .env ] && ! grep -q '^DATABASE_URL=' .env; then
   echo "ВНИМАНИЕ: добавьте DATABASE_URL в .env (см. .env.example)"

scripts/shop-root.sh

@@ -32,3 +32,7 @@ fi
 
 export SHOP_ROOT
 cd "$SHOP_ROOT"
+
+if [ -d "$SHOP_ROOT/.git" ]; then
+  git config --global --add safe.directory "$SHOP_ROOT" 2>/dev/null || true
+fi

src/middleware/captcha.js

@@ -0,0 +1,25 @@
+const {
+  getCaptchaConfig,
+  YANDEX_BLOCKED_MSG,
+  isYandexCaptchaAttempt,
+} = require('../services/captcha');
+
+function loadCaptchaLocals(req, res, next) {
+  res.locals.captcha = getCaptchaConfig();
+  res.locals.yandexCaptchaBlockedMsg = YANDEX_BLOCKED_MSG;
+  next();
+}
+
+/** Блокировка попыток отправить Яндекс-капчу */
+function rejectYandexCaptcha(req, res, next) {
+  if (req.method === 'POST' && isYandexCaptchaAttempt(req)) {
+    return res.status(403).render('error', {
+      title: 'Доступ запрещён',
+      message: YANDEX_BLOCKED_MSG,
+      code: 403,
+    });
+  }
+  next();
+}
+
+module.exports = { loadCaptchaLocals, rejectYandexCaptcha };

src/middleware/rateLimit.js

@@ -0,0 +1,25 @@
+const buckets = new Map();
+
+function rateLimit({ windowMs = 15 * 60 * 1000, max = 20, keyPrefix = '' }) {
+  return (req, res, next) => {
+    const ip = req.ip || req.socket?.remoteAddress || 'unknown';
+    const key = `${keyPrefix}:${ip}`;
+    const now = Date.now();
+    let entry = buckets.get(key);
+    if (!entry || now > entry.resetAt) {
+      entry = { count: 0, resetAt: now + windowMs };
+      buckets.set(key, entry);
+    }
+    entry.count += 1;
+    if (entry.count > max) {
+      return res.status(429).render('error', {
+        title: 'Слишком много запросов',
+        message: 'Подождите несколько минут и попробуйте снова.',
+        code: 429,
+      });
+    }
+    next();
+  };
+}
+
+module.exports = { rateLimit };

src/middleware/securityHeaders.js

@@ -0,0 +1,9 @@
+function securityHeaders(_req, res, next) {
+  res.setHeader('X-Content-Type-Options', 'nosniff');
+  res.setHeader('X-Frame-Options', 'SAMEORIGIN');
+  res.setHeader('Referrer-Policy', 'strict-origin-when-cross-origin');
+  res.setHeader('Permissions-Policy', 'camera=(), microphone=(), geolocation=()');
+  next();
+}
+
+module.exports = { securityHeaders };

src/public/css/style.css

@@ -1307,3 +1307,134 @@ body:has(.cookie-banner) .main {
   margin-top: 1.25rem;
   font-size: 0.9rem;
 }
+
+.captcha-block {
+  margin: 1rem 0;
+  padding: 0.75rem;
+  border: 1px solid var(--border);
+  border-radius: 8px;
+  background: var(--surface-2);
+}
+
+.captcha-block__yandex-notice {
+  display: flex;
+  align-items: flex-start;
+  gap: 0.4rem;
+  margin: 0 0 0.75rem;
+  font-size: 0.8rem;
+  color: var(--warn);
+  line-height: 1.4;
+}
+
+.captcha-widget {
+  min-height: 78px;
+  display: flex;
+  align-items: center;
+}
+
+.captcha-block__provider {
+  margin: 0.5rem 0 0;
+  font-size: 0.75rem;
+}
+
+.catalog-toolbar {
+  display: flex;
+  flex-wrap: wrap;
+  align-items: center;
+  gap: 1rem 1.5rem;
+  margin: 0 0 1.5rem;
+  padding: 0.75rem 1rem;
+  background: var(--surface-2);
+  border: 1px solid var(--border);
+  border-radius: 10px;
+}
+
+.catalog-toolbar__field {
+  display: flex;
+  align-items: center;
+  gap: 0.5rem;
+}
+
+.catalog-toolbar__label {
+  font-size: 0.85rem;
+  color: var(--muted);
+  white-space: nowrap;
+}
+
+.catalog-toolbar__check {
+  display: flex;
+  align-items: center;
+  gap: 0.4rem;
+  font-size: 0.9rem;
+  cursor: pointer;
+}
+
+.card__stock-badge {
+  position: absolute;
+  top: 0.5rem;
+  left: 0.5rem;
+  z-index: 2;
+  padding: 0.2rem 0.5rem;
+  font-size: 0.7rem;
+  font-weight: 600;
+  border-radius: 4px;
+  background: rgba(253, 203, 110, 0.95);
+  color: #2d3436;
+}
+
+.card__stock-badge--out {
+  background: rgba(99, 110, 114, 0.9);
+  color: #fff;
+}
+
+.card--out-of-stock {
+  opacity: 0.85;
+}
+
+.card--out-of-stock .card__image {
+  filter: grayscale(0.4);
+}
+
+.recently-viewed {
+  margin-bottom: 2rem;
+}
+
+.recently-viewed__title {
+  margin: 0 0 0.75rem;
+  font-size: 1.1rem;
+}
+
+.recently-viewed__grid {
+  display: flex;
+  gap: 0.75rem;
+  overflow-x: auto;
+  padding-bottom: 0.25rem;
+}
+
+.recently-viewed__card {
+  flex: 0 0 120px;
+  padding: 0.5rem;
+  text-decoration: none;
+  color: inherit;
+}
+
+.recently-viewed__img {
+  width: 100%;
+  height: 72px;
+  object-fit: cover;
+  border-radius: 6px;
+  margin-bottom: 0.35rem;
+}
+
+.recently-viewed__name {
+  display: block;
+  font-size: 0.8rem;
+  line-height: 1.25;
+}
+
+.admin-header__actions {
+  display: flex;
+  flex-wrap: wrap;
+  align-items: center;
+  gap: 0.75rem;
+}

src/routes/account.js

@@ -47,11 +47,13 @@ function accountRender(res, options) {
     formatPrice,
     passkeys,
     isAdmin,
+    recentOrders,
   } = options;
   res.render('account/index', {
     title: 'Личный кабинет',
     user,
     orderCount,
+    recentOrders: recentOrders || [],
     reservations: reservations || [],
     passkeys: passkeys || [],
     isAdmin: Boolean(isAdmin),
@@ -85,9 +87,17 @@ router.get(
 
     const passkeys = await webauthn.getCredentialsForUser(user.id);
 
+    const { rows: recentOrders } = await query(
+      `SELECT id, status, total_cents, created_at
+       FROM orders WHERE user_id = $1
+       ORDER BY created_at DESC LIMIT 10`,
+      [user.id]
+    );
+
     accountRender(res, {
       user,
       orderCount: countResult.rows[0].n,
+      recentOrders,
       reservations,
       passkeys,
       isAdmin: user.role === ROLES.ADMIN,

src/routes/admin.js

@@ -61,21 +61,62 @@ router.get(
 router.get(
   '/orders',
   asyncHandler(async (req, res) => {
-    const { rows: orders } = await query(
+    const statusFilter = req.query.status || '';
-      `SELECT o.id, o.status, o.total_cents, o.created_at, o.customer_name, o.customer_email,
+    const allowed = ['pending', 'paid', 'shipped', 'cancelled'];
+    let sql = `
+      SELECT o.id, o.status, o.total_cents, o.created_at, o.customer_name, o.customer_email,
              u.email AS account_email
       FROM orders o
       JOIN users u ON u.id = o.user_id
-       ORDER BY o.created_at DESC`
+    `;
-    );
+    const params = [];
+    if (statusFilter && allowed.includes(statusFilter)) {
+      sql += ' WHERE o.status = $1';
+      params.push(statusFilter);
+    }
+    sql += ' ORDER BY o.created_at DESC';
+
+    const { rows: orders } = await query(sql, params);
     res.render('admin/orders', {
       title: 'Заказы',
       orders,
       formatPrice,
+      statusFilter,
     });
   })
 );
 
+router.get(
+  '/orders/export.csv',
+  asyncHandler(async (req, res) => {
+    const { rows } = await query(
+      `SELECT o.id, o.status, o.total_cents, o.created_at,
+              o.customer_name, o.customer_email, o.customer_phone, o.address
+       FROM orders o
+       ORDER BY o.created_at DESC`
+    );
+    const esc = (v) => `"${String(v ?? '').replace(/"/g, '""')}"`;
+    const lines = [
+      'id;status;total_rub;customer;email;phone;address;created_at',
+      ...rows.map((o) =>
+        [
+          o.id,
+          o.status,
+          (o.total_cents / 100).toFixed(2),
+          esc(o.customer_name),
+          esc(o.customer_email),
+          esc(o.customer_phone),
+          esc(o.address),
+          new Date(o.created_at).toISOString(),
+        ].join(';')
+      ),
+    ];
+    res.setHeader('Content-Type', 'text/csv; charset=utf-8');
+    res.setHeader('Content-Disposition', 'attachment; filename="orders.csv"');
+    res.send('\uFEFF' + lines.join('\n'));
+  })
+);
+
 router.post(
   '/orders/:id/status',
   asyncHandler(async (req, res) => {

src/routes/auth.js

@@ -6,8 +6,11 @@ const { requireAuth } = require('../middleware/auth');
 const { requireCookieConsent } = require('../middleware/cookieConsent');
 const { ROLES } = require('../constants/roles');
 const { asyncHandler } = require('../utils/asyncHandler');
+const { verifyCaptcha } = require('../services/captcha');
+const { rateLimit } = require('../middleware/rateLimit');
 
 const router = express.Router();
+const authRateLimit = rateLimit({ windowMs: 15 * 60 * 1000, max: 30, keyPrefix: 'auth' });
 
 router.use((req, res, next) => {
   const cart = getCart(req);
@@ -24,10 +27,20 @@ router.get('/register', requireCookieConsent, (req, res) => {
 router.post(
   '/register',
   requireCookieConsent,
+  authRateLimit,
   asyncHandler(async (req, res) => {
     const { name, email, password, password2 } = req.body;
     const values = { name, email };
 
+    const captchaCheck = await verifyCaptcha(req);
+    if (!captchaCheck.ok) {
+      return res.status(400).render('register', {
+        title: 'Регистрация',
+        error: captchaCheck.error,
+        values,
+      });
+    }
+
     if (!name?.trim() || !email?.trim() || !password) {
       return res.status(400).render('register', {
         title: 'Регистрация',
@@ -85,11 +98,22 @@ router.get('/login', requireCookieConsent, (req, res) => {
 router.post(
   '/login',
   requireCookieConsent,
+  authRateLimit,
   asyncHandler(async (req, res) => {
     const { email, password } = req.body;
     const next = req.body.next || '/';
     const values = { email };
 
+    const captchaCheck = await verifyCaptcha(req);
+    if (!captchaCheck.ok) {
+      return res.status(400).render('login', {
+        title: 'Вход',
+        error: captchaCheck.error,
+        next,
+        values,
+      });
+    }
+
     const { rows } = await query('SELECT * FROM users WHERE email = $1', [
       (email || '').trim().toLowerCase(),
     ]);

src/routes/password-reset.js

@@ -6,6 +6,7 @@ const { getCart, cartCount } = require('../cart');
 const { formatPrice } = require('../db');
 const { requireCookieConsent } = require('../middleware/cookieConsent');
 const { asyncHandler } = require('../utils/asyncHandler');
+const { verifyCaptcha } = require('../services/captcha');
 const { sendPasswordResetEmail, siteUrl } = require('../services/mail');
 
 const router = express.Router();
@@ -39,6 +40,16 @@ router.post(
     const genericSuccess =
       'Если аккаунт с таким email существует, мы отправили ссылку для сброса пароля.';
 
+    const captchaCheck = await verifyCaptcha(req);
+    if (!captchaCheck.ok) {
+      return res.status(400).render('auth/forgot-password', {
+        title: 'Сброс пароля',
+        error: captchaCheck.error,
+        success: null,
+        values,
+      });
+    }
+
     if (!email) {
       return res.status(400).render('auth/forgot-password', {
         title: 'Сброс пароля',

src/routes/seo.js

@@ -0,0 +1,49 @@
+const express = require('express');
+const { query } = require('../db');
+const { siteUrl } = require('../services/mail');
+const { asyncHandler } = require('../utils/asyncHandler');
+
+const router = express.Router();
+
+router.get('/robots.txt', (_req, res) => {
+  const base = siteUrl();
+  res.type('text/plain').send(
+    `User-agent: *\nAllow: /\nDisallow: /admin\nDisallow: /account\nSitemap: ${base}/sitemap.xml\n`
+  );
+});
+
+router.get(
+  '/sitemap.xml',
+  asyncHandler(async (_req, res) => {
+    const base = siteUrl();
+    const { rows: products } = await query(
+      `SELECT slug, created_at FROM products ORDER BY id`
+    );
+    const urls = [
+      { loc: `${base}/`, priority: '1.0' },
+      { loc: `${base}/cart`, priority: '0.5' },
+    ];
+    for (const p of products) {
+      urls.push({
+        loc: `${base}/product/${p.slug}`,
+        lastmod: new Date(p.created_at).toISOString().slice(0, 10),
+        priority: '0.8',
+      });
+    }
+    const xml = `<?xml version="1.0" encoding="UTF-8"?>
+<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
+${urls
+  .map(
+    (u) => `  <url>
+    <loc>${u.loc}</loc>
+    ${u.lastmod ? `<lastmod>${u.lastmod}</lastmod>` : ''}
+    <priority>${u.priority}</priority>
+  </url>`
+  )
+  .join('\n')}
+</urlset>`;
+    res.type('application/xml').send(xml);
+  })
+);
+
+module.exports = router;

src/routes/shop.js

@@ -8,6 +8,8 @@ const { buildCartPricing } = require('../services/pricing');
 const productPrice = require('../utils/productPrice');
 const promoService = require('../services/promo');
 const loyaltyService = require('../services/loyalty');
+const recentlyViewed = require('../services/recentlyViewed');
+const { sendOrderConfirmationEmail } = require('../services/mail');
 
 const router = express.Router();
 
@@ -25,21 +27,36 @@ router.use((req, res, next) => {
   next();
 });
 
+const EFFECTIVE_PRICE_SQL = `CASE
+  WHEN p.sale_price_cents IS NOT NULL
+       AND p.sale_price_cents < p.price_cents
+       AND (p.sale_ends_at IS NULL OR p.sale_ends_at > NOW())
+  THEN p.sale_price_cents
+  ELSE p.price_cents
+END`;
+
 router.get(
   '/',
   asyncHandler(async (req, res) => {
     const category = req.query.category || '';
     const q = (req.query.q || '').trim();
+    const sort = req.query.sort || 'name';
+    const saleOnly = req.query.sale === '1';
+    const showAll = req.query.all === '1';
 
     let sql = `
-      SELECT p.*, c.name AS category_name, c.slug AS category_slug
+      SELECT p.*, c.name AS category_name, c.slug AS category_slug,
+             (${EFFECTIVE_PRICE_SQL}) AS catalog_price_cents
       FROM products p
       LEFT JOIN categories c ON c.id = p.category_id
-      WHERE p.stock > 0
+      WHERE 1=1
     `;
     const params = [];
     let n = 1;
 
+    if (!showAll) {
+      sql += ' AND p.stock > 0';
+    }
     if (category) {
       sql += ` AND c.slug = $${n++}`;
       params.push(category);
@@ -49,10 +66,23 @@ router.get(
       params.push(`%${q}%`);
       n++;
     }
-    sql += ' ORDER BY p.name';
+    if (saleOnly) {
+      sql += ` AND p.sale_price_cents IS NOT NULL
+        AND p.sale_price_cents < p.price_cents
+        AND (p.sale_ends_at IS NULL OR p.sale_ends_at > NOW())`;
+    }
+
+    const orderMap = {
+      name: 'p.name ASC',
+      price_asc: 'catalog_price_cents ASC, p.name ASC',
+      price_desc: 'catalog_price_cents DESC, p.name ASC',
+      newest: 'p.created_at DESC',
+    };
+    sql += ` ORDER BY ${orderMap[sort] || orderMap.name}`;
 
     const { rows: products } = await query(sql, params);
     const { rows: categories } = await query('SELECT * FROM categories ORDER BY name');
+    const recentProducts = await recentlyViewed.loadProducts(query, req.session);
 
     res.render('home', {
       title: 'Каталог',
@@ -60,6 +90,10 @@ router.get(
       categories,
       activeCategory: category,
       searchQuery: q,
+      sort,
+      saleOnly,
+      showAll,
+      recentProducts,
     });
   })
 );
@@ -84,6 +118,8 @@ router.get(
       });
     }
 
+    recentlyViewed.pushProduct(req.session, product.id);
+
     let userReservation = null;
     if (req.session.userId) {
       const { rows: resRows } = await query(
@@ -116,8 +152,13 @@ router.get(
       }
     }
 
+    const metaDescription =
+      (product.description || product.name).replace(/\s+/g, ' ').trim().slice(0, 160) ||
+      product.name;
+
     res.render('product', {
       title: product.name,
+      metaDescription,
       product,
       userReservation,
       error: errorMsg,
@@ -343,6 +384,21 @@ router.post(
       req.session.cart = {};
       delete req.session.appliedPromoCode;
       delete req.session.loyaltyPointsToUse;
+
+      const emailItems = items.map((item) => ({
+        name: item.name,
+        quantity: item.quantity,
+        lineFormatted: formatPrice(
+          (item.effective_price_cents ?? item.price_cents) * item.quantity
+        ),
+      }));
+      sendOrderConfirmationEmail(
+        email.trim(),
+        orderId,
+        formatPrice(pricing.total),
+        emailItems
+      ).catch((err) => console.error('order email:', err.message));
+
       res.redirect(`/orders/${orderId}?success=1`);
     } catch (err) {
       await client.query('ROLLBACK');

src/server.js

@@ -10,6 +10,7 @@ const { seedAdmin } = require('./seed-admin');
 const { seedPromoCodes } = require('./seed-promo');
 const { loadUser } = require('./middleware/auth');
 const { loadCookieConsent } = require('./middleware/cookieConsent');
+const { loadCaptchaLocals, rejectYandexCaptcha } = require('./middleware/captcha');
 const healthRoutes = require('./routes/health');
 const shopRoutes = require('./routes/shop');
 const authRoutes = require('./routes/auth');
@@ -21,6 +22,8 @@ const reservationsRoutes = require('./routes/reservations');
 const passkeyRoutes = require('./routes/passkey');
 const stockAlertsRoutes = require('./routes/stock-alerts');
 const promoRoutes = require('./routes/promo');
+const seoRoutes = require('./routes/seo');
+const { securityHeaders } = require('./middleware/securityHeaders');
 
 const PORT = process.env.PORT || 3000;
 const HOST = process.env.HOST || '0.0.0.0';
@@ -43,6 +46,8 @@ async function start() {
   app.set('views', path.join(__dirname, 'views'));
 
   app.use(healthRoutes);
+  app.use(securityHeaders);
+  app.use(seoRoutes);
   app.use(express.static(path.join(__dirname, 'public')));
   app.use(express.urlencoded({ extended: true }));
   app.use(express.json({ limit: '64kb' }));
@@ -68,6 +73,8 @@ async function start() {
   );
 
   app.use(loadCookieConsent);
+  app.use(loadCaptchaLocals);
+  app.use(rejectYandexCaptcha);
   app.use(loadUser);
   app.use('/cookies', cookiesRoutes);
   app.use('/', passwordResetRoutes);

src/services/captcha.js

@@ -0,0 +1,129 @@
+const YANDEX_BLOCKED_MSG =
+  'Яндекс SmartCaptcha (японский сервис) заблокирован администратором сайта. Используйте проверку Google или Cloudflare.';
+
+function clientIp(req) {
+  return (
+    req.headers['x-forwarded-for']?.split(',')[0]?.trim() ||
+    req.socket?.remoteAddress ||
+    ''
+  );
+}
+
+function isYandexCaptchaAttempt(req) {
+  const b = req.body || {};
+  return Boolean(
+    b['smart-token'] ||
+      b.smartcaptcha ||
+      b.yandex_captcha ||
+      b['yandex-token'] ||
+      (typeof b.captcha_provider === 'string' && b.captcha_provider.toLowerCase() === 'yandex')
+  );
+}
+
+function getCaptchaConfig() {
+  const raw = (process.env.CAPTCHA_PROVIDER || 'google').toLowerCase().trim();
+
+  if (raw === 'yandex' || raw === 'yandex-smartcaptcha') {
+    return {
+      enabled: true,
+      provider: 'yandex',
+      blocked: true,
+      siteKey: null,
+    };
+  }
+
+  if (process.env.CAPTCHA_ENABLED === '0') {
+    return { enabled: false, provider: null, blocked: false, siteKey: null };
+  }
+
+  if (raw === 'cloudflare' || raw === 'turnstile') {
+    const siteKey = process.env.TURNSTILE_SITE_KEY || '';
+    const secret = process.env.TURNSTILE_SECRET_KEY || '';
+    if (!siteKey || !secret) {
+      return { enabled: false, provider: 'cloudflare', blocked: false, siteKey: null };
+    }
+    return { enabled: true, provider: 'cloudflare', blocked: false, siteKey };
+  }
+
+  const siteKey = process.env.RECAPTCHA_SITE_KEY || '';
+  const secret = process.env.RECAPTCHA_SECRET_KEY || '';
+  if (!siteKey || !secret) {
+    return { enabled: false, provider: 'google', blocked: false, siteKey: null };
+  }
+  return { enabled: true, provider: 'google', blocked: false, siteKey };
+}
+
+async function verifyGoogle(token, secret, ip) {
+  const params = new URLSearchParams({ secret, response: token });
+  if (ip) params.set('remoteip', ip);
+  const res = await fetch('https://www.google.com/recaptcha/api/siteverify', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+    body: params.toString(),
+  });
+  const data = await res.json();
+  return Boolean(data.success);
+}
+
+async function verifyTurnstile(token, secret, ip) {
+  const params = new URLSearchParams({ secret, response: token });
+  if (ip) params.set('remoteip', ip);
+  const res = await fetch('https://challenges.cloudflare.com/turnstile/v0/siteverify', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+    body: params.toString(),
+  });
+  const data = await res.json();
+  return Boolean(data.success);
+}
+
+async function verifyCaptcha(req) {
+  if (isYandexCaptchaAttempt(req)) {
+    return { ok: false, error: YANDEX_BLOCKED_MSG };
+  }
+
+  const config = getCaptchaConfig();
+
+  if (config.blocked) {
+    return { ok: false, error: YANDEX_BLOCKED_MSG };
+  }
+
+  if (!config.enabled) {
+    return { ok: true };
+  }
+
+  const ip = clientIp(req);
+  const secret =
+    config.provider === 'cloudflare'
+      ? process.env.TURNSTILE_SECRET_KEY
+      : process.env.RECAPTCHA_SECRET_KEY;
+
+  const token =
+    config.provider === 'cloudflare'
+      ? req.body?.['cf-turnstile-response']
+      : req.body?.['g-recaptcha-response'];
+
+  if (!token) {
+    return { ok: false, error: 'Подтвердите, что вы не робот (капча)' };
+  }
+
+  let valid = false;
+  if (config.provider === 'cloudflare') {
+    valid = await verifyTurnstile(token, secret, ip);
+  } else {
+    valid = await verifyGoogle(token, secret, ip);
+  }
+
+  if (!valid) {
+    return { ok: false, error: 'Проверка капчи не пройдена. Попробуйте снова.' };
+  }
+
+  return { ok: true };
+}
+
+module.exports = {
+  YANDEX_BLOCKED_MSG,
+  getCaptchaConfig,
+  verifyCaptcha,
+  isYandexCaptchaAttempt,
+};

src/services/git-deploy.js

@@ -30,19 +30,150 @@ function isUpdateEnabled() {
   return fs.existsSync(path.join(root, 'scripts', 'admin-web-update.sh'));
 }
 
-async function gitCmd(args, cwd) {
+function gitEnv(root) {
-  const { stdout, stderr } = await execFileAsync('git', args, {
+  const resolved = path.resolve(root);
-    cwd,
+  return {
-    maxBuffer: 1024 * 1024,
+    ...process.env,
-    timeout: 90000,
+    GIT_TERMINAL_PROMPT: '0',
-    env: { ...process.env, GIT_TERMINAL_PROMPT: '0' },
+    GIT_CONFIG_COUNT: '1',
+    GIT_CONFIG_KEY_0: 'safe.directory',
+    GIT_CONFIG_VALUE_0: resolved,
+  };
+}
+
+async function getRepoOwner(root) {
+  if (process.env.SHOP_GIT_USER) {
+    return process.env.SHOP_GIT_USER.trim();
+  }
+  if (process.platform === 'win32') return null;
+  const gitPath = path.join(root, '.git');
+  try {
+    const target = fs.statSync(gitPath).isDirectory() ? gitPath : root;
+    const { stdout } = await execFileAsync('stat', ['-c', '%U', target], { timeout: 5000 });
+    const user = stdout.trim();
+    return user || null;
+  } catch {
+    return null;
+  }
+}
+
+async function ensureSafeDirectory(root, user) {
+  const resolved = path.resolve(root);
+  const targets = [{ home: process.env.HOME || '/var/www' }];
+  if (user) {
+    try {
+      const { stdout } = await execFileAsync('getent', ['passwd', user], { timeout: 5000 });
+      const home = stdout.split(':')[5];
+      if (home) targets.push({ home });
+    } catch {
+      /* ignore */
+    }
+  }
+  for (const { home } of targets) {
+    try {
+      await execFileAsync('git', ['config', '--global', '--add', 'safe.directory', resolved], {
+        timeout: 15000,
+        env: { ...process.env, HOME: home },
       });
+    } catch {
+      /* ignore */
+    }
+  }
+}
+
+async function execGit(args, cwd, runAs) {
+  const root = path.resolve(cwd);
+  const gitArgs = ['-c', `safe.directory=${root}`, ...args];
+  const opts = {
+    cwd: root,
+    maxBuffer: 1024 * 1024,
+    timeout: 120000,
+    env: gitEnv(root),
+  };
+
+  if (runAs && process.env.ADMIN_UPDATE_USE_SUDO === '1') {
+    const { stdout, stderr } = await execFileAsync('sudo', ['-n', '-u', runAs, 'git', ...gitArgs], opts);
     return `${stdout}${stderr}`.trim();
   }
 
+  const { stdout, stderr } = await execFileAsync('git', gitArgs, opts);
+  return `${stdout}${stderr}`.trim();
+}
+
+async function gitCmd(args, cwd, { needsWrite = false } = {}) {
+  const root = path.resolve(cwd);
+  const owner = await getRepoOwner(root);
+
+  try {
+    return await execGit(args, root, null);
+  } catch (err) {
+    const msg = err.message || '';
+    const denied = /permission denied|EACCES|FETCH_HEAD/i.test(msg);
+    if ((needsWrite || denied) && owner) {
+      await ensureSafeDirectory(root, owner);
+      return execGit(args, root, owner);
+    }
+    throw err;
+  }
+}
+
+/**
+ * Сравнение с origin/main через ls-remote + merge-base (без fetch, без записи в .git).
+ */
+async function getRemoteSyncStatus(root) {
+  const localHead = (await gitCmd(['rev-parse', 'HEAD'], root)).split('\n')[0].trim();
+  const remoteOut = await gitCmd(['ls-remote', 'origin', 'refs/heads/main'], root);
+  const remoteSha = remoteOut.split(/\s+/)[0]?.trim();
+  if (!remoteSha) {
+    throw new Error('Не найден refs/heads/main на origin');
+  }
+
+  const remoteShort = (
+    await gitCmd(['rev-parse', '--short', remoteSha], root)
+  ).split('\n')[0].trim();
+
+  if (remoteSha === localHead) {
+    return { behind: 0, ahead: 0, diverged: false, remoteShort, remoteSha };
+  }
+
+  let mergeBase;
+  try {
+    mergeBase = (await gitCmd(['merge-base', localHead, remoteSha], root)).split('\n')[0].trim();
+  } catch {
+    throw new Error(
+      'Не удалось сравнить с origin/main (нет общего предка). Выполните на сервере: git fetch && git reset --hard origin/main'
+    );
+  }
+
+  if (!mergeBase) {
+    throw new Error('Нет общего предка с origin/main');
+  }
+
+  let behind = 0;
+  let ahead = 0;
+
+  if (mergeBase !== remoteSha) {
+    const behindStr = await gitCmd(['rev-list', '--count', `${mergeBase}..${remoteSha}`], root);
+    behind = parseInt(behindStr, 10) || 0;
+  }
+  if (mergeBase !== localHead) {
+    const aheadStr = await gitCmd(['rev-list', '--count', `${mergeBase}..${localHead}`], root);
+    ahead = parseInt(aheadStr, 10) || 0;
+  }
+
+  return {
+    behind,
+    ahead,
+    diverged: behind > 0 && ahead > 0,
+    remoteShort,
+    remoteSha,
+  };
+}
+
 async function getGitInfo({ fetchRemote = false } = {}) {
   const root = resolveShopRoot();
   const pkg = root ? JSON.parse(fs.readFileSync(path.join(root, 'package.json'), 'utf8')) : null;
+  const repoOwner = root ? await getRepoOwner(root) : null;
 
   if (!root || !fs.existsSync(path.join(root, '.git'))) {
     return {
@@ -56,6 +187,7 @@ async function getGitInfo({ fetchRemote = false } = {}) {
   const info = {
     available: true,
     shopRoot: root,
+    repoOwner,
     packageVersion: pkg?.version || null,
     branch: null,
     commit: null,
@@ -63,12 +195,17 @@ async function getGitInfo({ fetchRemote = false } = {}) {
     commitSubject: null,
     commitDate: null,
     dirty: false,
+    dirtyHint: null,
     behind: null,
+    ahead: null,
+    diverged: false,
+    remoteShort: null,
     updateEnabled: isUpdateEnabled(),
     platform: process.platform,
   };
 
   try {
+    await ensureSafeDirectory(root, repoOwner);
     info.branch = await gitCmd(['branch', '--show-current'], root);
     if (!info.branch) {
       info.branch = '(detached)';
@@ -78,8 +215,17 @@ async function getGitInfo({ fetchRemote = false } = {}) {
     info.commitShort = info.commitShort || (await gitCmd(['rev-parse', '--short', 'HEAD'], root));
     info.commitSubject = await gitCmd(['log', '-1', '--pretty=%s'], root);
     info.commitDate = await gitCmd(['log', '-1', '--pretty=%ci'], root);
+    try {
       const status = await gitCmd(['status', '--porcelain'], root);
       info.dirty = status.length > 0;
+      if (info.dirty) {
+        info.dirtyHint =
+          'На сервере есть локальные изменения. Обновление может их перезаписать; при ошибке выполните git stash или git reset --hard с машины администратора.';
+      }
+    } catch {
+      info.dirty = null;
+      info.dirtyHint = 'Не удалось прочитать статус (права на .git).';
+    }
   } catch (err) {
     info.available = false;
     info.reason = err.message;
@@ -88,14 +234,16 @@ async function getGitInfo({ fetchRemote = false } = {}) {
 
   if (fetchRemote) {
     try {
-      await gitCmd(['fetch', 'origin'], root);
+      const sync = await getRemoteSyncStatus(root);
-      const behind = await gitCmd(
+      info.behind = sync.behind;
-        ['rev-list', '--count', 'HEAD..origin/main'],
+      info.ahead = sync.ahead;
-        root
+      info.diverged = sync.diverged;
-      );
+      info.remoteShort = sync.remoteShort;
-      info.behind = parseInt(behind, 10) || 0;
     } catch (err) {
       info.fetchError = err.message;
+      if (repoOwner) {
+        info.fetchError += ` Владелец репозитория: ${repoOwner}. Задайте SHOP_GIT_USER=${repoOwner} и ADMIN_UPDATE_USE_SUDO=1 в .env.`;
+      }
     }
   }
 
@@ -113,7 +261,7 @@ function runDeployUpdate() {
 
     const child = spawn(cmd, args, {
       cwd: root,
-      env: { ...process.env, SHOP_ROOT: root },
+      env: { ...gitEnv(root), SHOP_ROOT: root },
       timeout: 300000,
     });
 
@@ -148,4 +296,5 @@ module.exports = {
   isUpdateEnabled,
   getGitInfo,
   runDeployUpdate,
+  getRepoOwner,
 };

src/services/mail.js

@@ -68,6 +68,28 @@ async function sendReservationEmail(to, productName, quantity, expiresAt) {
   return sendMail({ to, subject, text, html });
 }
 
+async function sendOrderConfirmationEmail(to, orderId, totalFormatted, items) {
+  const orderUrl = `${siteUrl()}/orders/${orderId}`;
+  const subject = `Заказ #${orderId} оформлен — Shop`;
+  const lines = items
+    .map((i) => `• ${i.name} × ${i.quantity} — ${i.lineFormatted}`)
+    .join('\n');
+  const text = `Спасибо за заказ #${orderId}!\n\n${lines}\n\nИтого: ${totalFormatted}\n\nСтатус: ${orderUrl}`;
+  const htmlItems = items
+    .map(
+      (i) =>
+        `<li>${i.name} × ${i.quantity} — <strong>${i.lineFormatted}</strong></li>`
+    )
+    .join('');
+  const html = `
+    <p>Спасибо за покупку! Заказ <strong>#${orderId}</strong> принят.</p>
+    <ul>${htmlItems}</ul>
+    <p><strong>Итого: ${totalFormatted}</strong></p>
+    <p><a href="${orderUrl}">Открыть заказ в личном кабинете</a></p>
+  `;
+  return sendMail({ to, subject, text, html });
+}
+
 async function sendStockAvailableEmail(to, productName, productUrl) {
   const subject = `Снова в наличии: ${productName}`;
   const text = `Товар «${productName}» снова в наличии.\n\nПерейти: ${productUrl}`;
@@ -85,5 +107,6 @@ module.exports = {
   sendPasswordResetEmail,
   sendReservationEmail,
   sendStockAvailableEmail,
+  sendOrderConfirmationEmail,
   siteUrl,
 };

src/services/recentlyViewed.js

@@ -0,0 +1,33 @@
+const MAX = 8;
+
+function getList(session) {
+  if (!session.recentlyViewed || !Array.isArray(session.recentlyViewed)) {
+    session.recentlyViewed = [];
+  }
+  return session.recentlyViewed;
+}
+
+function pushProduct(session, productId) {
+  const id = parseInt(productId, 10);
+  if (!id) return;
+  const list = getList(session).filter((x) => x !== id);
+  list.unshift(id);
+  session.recentlyViewed = list.slice(0, MAX);
+}
+
+async function loadProducts(query, session) {
+  const ids = getList(session);
+  if (!ids.length) return [];
+  const placeholders = ids.map((_, i) => `$${i + 1}`).join(',');
+  const { rows } = await query(
+    `SELECT p.*, c.name AS category_name, c.slug AS category_slug
+     FROM products p
+     LEFT JOIN categories c ON c.id = p.category_id
+     WHERE p.id IN (${placeholders})`,
+    ids
+  );
+  const byId = new Map(rows.map((p) => [p.id, p]));
+  return ids.map((id) => byId.get(id)).filter(Boolean);
+}
+
+module.exports = { pushProduct, loadProducts, MAX };

src/views/account/index.ejs

@@ -12,6 +12,7 @@
     <a href="/account?tab=password" class="account-tabs__link <%= activeTab === 'password' ? 'account-tabs__link--active' : '' %>">Смена пароля</a>
     <a href="/account?tab=passkey" class="account-tabs__link <%= activeTab === 'passkey' ? 'account-tabs__link--active' : '' %>">Passkey</a>
     <a href="/account?tab=reservations" class="account-tabs__link <%= activeTab === 'reservations' ? 'account-tabs__link--active' : '' %>">Бронирования</a>
+    <a href="/account?tab=orders" class="account-tabs__link <%= activeTab === 'orders' ? 'account-tabs__link--active' : '' %>">Заказы</a>
   </nav>
 
   <% if (activeTab === 'profile') { %>
@@ -71,6 +72,40 @@
     </section>
   <% } %>
 
+  <% if (activeTab === 'orders') { %>
+    <section class="card account-section">
+      <h2>Последние заказы</h2>
+      <% if (!recentOrders.length) { %>
+        <p class="muted">Заказов пока нет. <a href="/">Перейти в каталог</a></p>
+      <% } else { %>
+        <table class="cart-table">
+          <thead>
+            <tr>
+              <th>№</th>
+              <th>Дата</th>
+              <th>Статус</th>
+              <th>Сумма</th>
+              <th></th>
+            </tr>
+          </thead>
+          <tbody>
+            <% const statusLabels = { pending: 'Ожидает', paid: 'Оплачен', shipped: 'Отправлен', cancelled: 'Отменён' }; %>
+            <% recentOrders.forEach(o => { %>
+              <tr>
+                <td>#<%= o.id %></td>
+                <td><%= new Date(o.created_at).toLocaleString('ru-RU') %></td>
+                <td><span class="status status--<%= o.status %>"><%= statusLabels[o.status] || o.status %></span></td>
+                <td><%= formatPrice(o.total_cents) %></td>
+                <td><a href="/orders/<%= o.id %>">Подробнее</a></td>
+              </tr>
+            <% }) %>
+          </tbody>
+        </table>
+        <p class="account-actions"><a href="/orders" class="btn btn--ghost">Все заказы</a></p>
+      <% } %>
+    </section>
+  <% } %>
+
   <% if (activeTab === 'reservations') { %>
     <section class="card account-section">
       <h2>Мои бронирования</h2>

src/views/admin/orders.ejs

@@ -1,11 +1,25 @@
 <%- include('../partials/layout-start') %>
+<% const statusLabels = { pending: 'Ожидает', paid: 'Оплачен', shipped: 'Отправлен', cancelled: 'Отменён' }; %>
 
 <div class="admin-header">
   <h1>Заказы</h1>
+  <div class="admin-header__actions">
+    <a href="/admin/orders/export.csv" class="btn btn--ghost btn--sm">Экспорт CSV</a>
     <%- include('../partials/admin-nav', { adminNav: 'orders' }) %>
   </div>
+</div>
 
-<% const statusLabels = { pending: 'Ожидает', paid: 'Оплачен', shipped: 'Отправлен', cancelled: 'Отменён' }; %>
+<form class="catalog-toolbar" method="get" action="/admin/orders">
+  <label class="catalog-toolbar__field">
+    <span class="catalog-toolbar__label">Статус</span>
+    <select name="status" class="input input--sm" onchange="this.form.submit()">
+      <option value="">Все</option>
+      <% ['pending','paid','shipped','cancelled'].forEach(s => { %>
+        <option value="<%= s %>" <%= statusFilter === s ? 'selected' : '' %>><%= statusLabels[s] %></option>
+      <% }) %>
+    </select>
+  </label>
+</form>
 
 <table class="cart-table">
   <thead>

src/views/admin/system.ejs

@@ -28,6 +28,10 @@
       <dd><strong>v<%= git.packageVersion || '?' %></strong></dd>
       <dt>Каталог</dt>
       <dd><code class="admin-system__path"><%= git.shopRoot %></code></dd>
+      <% if (git.repoOwner) { %>
+        <dt>Владелец .git</dt>
+        <dd><code><%= git.repoOwner %></code> <span class="muted">(git pull выполняется от этого пользователя)</span></dd>
+      <% } %>
       <dt>Ветка</dt>
       <dd><%= git.branch %></dd>
       <dt>Коммит</dt>
@@ -38,13 +42,26 @@
       </dd>
       <% if (git.dirty) { %>
         <dt>Состояние</dt>
-        <dd><span class="badge badge--warn">Есть незакоммиченные изменения</span></dd>
+        <dd>
+          <span class="badge badge--warn">Есть незакоммиченные изменения</span>
+          <% if (git.dirtyHint) { %><p class="muted" style="margin:0.35rem 0 0;font-size:0.85rem"><%= git.dirtyHint %></p><% } %>
+        </dd>
       <% } %>
       <% if (git.behind != null) { %>
         <dt>На origin/main</dt>
         <dd>
-          <% if (git.behind > 0) { %>
+          <% if (git.remoteShort) { %>
+            <span class="muted">Удалённо: <code><%= git.remoteShort %></code></span><br>
+          <% } %>
+          <% if (git.diverged) { %>
+            <span class="badge badge--warn">Истории разошлись</span>
+            <span class="badge badge--sale">Можно подтянуть: <%= git.behind %> комм.</span>
+            <span class="muted">Локально впереди на <%= git.ahead %> комм.</span>
+            <p class="muted" style="margin:0.35rem 0 0;font-size:0.85rem">Обновление из админки сделает <code>git pull</code> (как на origin). Локальные коммиты могут быть сброшены.</p>
+          <% } else if (git.behind > 0) { %>
             <span class="badge badge--sale">Доступно обновлений: <%= git.behind %></span>
+          <% } else if (git.ahead > 0) { %>
+            <span class="badge badge--warn">Локально впереди origin на <%= git.ahead %> комм.</span>
           <% } else { %>
             <span class="badge">Актуально</span>
           <% } %>
@@ -100,10 +117,15 @@
 
 <section class="card admin-system__help muted">
   <h2>Настройка сервера</h2>
-  <p>В <code>.env</code>: <code>SHOP_ROOT=/opt/shop</code>, <code>ADMIN_UPDATE_ENABLED=1</code>.</p>
+  <p>В <code>.env</code>:</p>
-  <p>Если служба работает от <code>www-data</code>, добавьте в sudoers (от root):</p>
+  <pre class="admin-system__pre">SHOP_ROOT=<%= git.shopRoot || '/opt/shop/shop10' %>
-  <pre class="admin-system__pre">www-data ALL=(root) NOPASSWD: <%= git.shopRoot || '/opt/shop' %>/scripts/admin-web-update.sh</pre>
+ADMIN_UPDATE_ENABLED=1
-  <p>И в .env: <code>ADMIN_UPDATE_USE_SUDO=1</code></p>
+ADMIN_UPDATE_USE_SUDO=1
+SHOP_GIT_USER=<%= git.repoOwner || 'root' %></pre>
+  <p>Sudoers для <code>www-data</code> (от root):</p>
+  <pre class="admin-system__pre">www-data ALL=(root) NOPASSWD: <%= git.shopRoot || '/opt/shop/shop10' %>/scripts/admin-web-update.sh
+www-data ALL=(<%= git.repoOwner || 'root' %>) NOPASSWD: /usr/bin/git</pre>
+  <p class="muted">«Проверить на Git» — через <code>ls-remote</code> (без записи в .git). Pull — от владельца каталога.</p>
 </section>
 
 <%- include('../partials/layout-end') %>

src/views/auth/forgot-password.ejs

@@ -10,6 +10,7 @@
       Email
       <input type="email" name="email" class="input" required value="<%= values.email || '' %>" autocomplete="email">
     </label>
+    <%- include('../partials/captcha-widget') %>
     <button type="submit" class="btn btn--primary btn--block">Отправить ссылку</button>
     <p class="form-footer"><a href="/login">← Вход</a></p>
   </form>

src/views/home.ejs

@@ -1,4 +1,16 @@
 <%- include('partials/layout-start') %>
+<%
+  function catalogHref(extra) {
+    const p = new URLSearchParams();
+    if (searchQuery) p.set('q', searchQuery);
+    if (saleOnly) p.set('sale', '1');
+    if (showAll) p.set('all', '1');
+    if (sort && sort !== 'name') p.set('sort', sort);
+    if (extra && extra.category) p.set('category', extra.category);
+    const s = p.toString();
+    return s ? '/?' + s : '/';
+  }
+%>
 
 <section class="hero">
   <h1>Каталог товаров</h1>
@@ -7,20 +19,60 @@
 
 <% if (categories.length) { %>
 <nav class="categories" aria-label="Категории">
-  <a href="/" class="chip <%= !activeCategory ? 'chip--active' : '' %>">Все</a>
+  <a href="<%= catalogHref() %>" class="chip <%= !activeCategory ? 'chip--active' : '' %>">Все</a>
   <% categories.forEach(c => { %>
-    <a href="/?category=<%= c.slug %>" class="chip <%= activeCategory === c.slug ? 'chip--active' : '' %>"><%= c.name %></a>
+    <a href="<%= catalogHref({ category: c.slug }) %>" class="chip <%= activeCategory === c.slug ? 'chip--active' : '' %>"><%= c.name %></a>
   <% }) %>
 </nav>
 <% } %>
 
+<form class="catalog-toolbar" method="get" action="/">
+  <% if (searchQuery) { %><input type="hidden" name="q" value="<%= searchQuery %>"><% } %>
+  <% if (activeCategory) { %><input type="hidden" name="category" value="<%= activeCategory %>"><% } %>
+  <label class="catalog-toolbar__field">
+    <span class="catalog-toolbar__label">Сортировка</span>
+    <select name="sort" class="input input--sm" onchange="this.form.submit()">
+      <option value="name" <%= sort === 'name' ? 'selected' : '' %>>По названию</option>
+      <option value="price_asc" <%= sort === 'price_asc' ? 'selected' : '' %>>Цена ↑</option>
+      <option value="price_desc" <%= sort === 'price_desc' ? 'selected' : '' %>>Цена ↓</option>
+      <option value="newest" <%= sort === 'newest' ? 'selected' : '' %>>Сначала новые</option>
+    </select>
+  </label>
+  <label class="catalog-toolbar__check">
+    <input type="checkbox" name="sale" value="1" <%= saleOnly ? 'checked' : '' %> onchange="this.form.submit()">
+    Только со скидкой
+  </label>
+  <label class="catalog-toolbar__check">
+    <input type="checkbox" name="all" value="1" <%= showAll ? 'checked' : '' %> onchange="this.form.submit()">
+    Показать нет в наличии
+  </label>
+</form>
+
+<% if (recentProducts && recentProducts.length) { %>
+<section class="recently-viewed">
+  <h2 class="recently-viewed__title">Вы недавно смотрели</h2>
+  <div class="recently-viewed__grid">
+    <% recentProducts.forEach(p => { %>
+      <a href="/product/<%= p.slug %>" class="recently-viewed__card card">
+        <% if (p.image_url) { %>
+          <img src="<%= p.image_url %>" alt="" class="recently-viewed__img" loading="lazy">
+        <% } %>
+        <span class="recently-viewed__name"><%= p.name %></span>
+      </a>
+    <% }) %>
+  </div>
+</section>
+<% } %>
+
 <% if (!products.length) { %>
   <p class="empty">Товары не найдены. Попробуйте другой запрос.</p>
 <% } else { %>
   <div class="grid">
     <% products.forEach(p => { %>
       <% const onSale = isSaleActive(p); %>
-      <article class="card<%= onSale ? ' card--sale' : '' %>">
+      <% const outOfStock = p.stock <= 0; %>
+      <% const lowStock = !outOfStock && p.stock <= 5; %>
+      <article class="card<%= onSale ? ' card--sale' : '' %><%= outOfStock ? ' card--out-of-stock' : '' %>">
         <a href="/product/<%= p.slug %>" class="card__image-wrap">
           <% if (onSale) { %>
             <span class="card__sale-ribbon" aria-hidden="true">
@@ -28,6 +80,12 @@
               −<%= salePercent(p) %>%
             </span>
           <% } %>
+          <% if (lowStock) { %>
+            <span class="card__stock-badge">Осталось <%= p.stock %></span>
+          <% } %>
+          <% if (outOfStock) { %>
+            <span class="card__stock-badge card__stock-badge--out">Нет в наличии</span>
+          <% } %>
           <% if (p.image_url) { %>
             <img src="<%= p.image_url %>" alt="<%= p.name %>" class="card__image" loading="lazy">
           <% } else { %>
@@ -40,6 +98,7 @@
           <% } %>
           <h2 class="card__title"><a href="/product/<%= p.slug %>"><%= p.name %></a></h2>
           <%- include('partials/product-price', { product: p, priceSize: 'md' }) %>
+          <% if (!outOfStock) { %>
           <form action="/cart/add" method="post" class="card__form">
             <input type="hidden" name="product_id" value="<%= p.id %>">
             <input type="hidden" name="redirect" value="/cart">
@@ -48,6 +107,9 @@
               В корзину
             </button>
           </form>
+          <% } else { %>
+            <a href="/product/<%= p.slug %>" class="btn btn--ghost btn--block">Подробнее</a>
+          <% } %>
         </div>
       </article>
     <% }) %>

src/views/login.ejs

@@ -13,6 +13,7 @@
       Пароль
       <input type="password" name="password" class="input" required autocomplete="current-password">
     </label>
+    <%- include('partials/captcha-widget') %>
     <button type="submit" class="btn btn--primary btn--block">Войти по паролю</button>
     <p class="form-footer">
       <a href="/forgot-password">Забыли пароль?</a><br>

src/views/partials/captcha-widget.ejs

@@ -0,0 +1,23 @@
+<aside class="captcha-block" aria-label="Защита от ботов">
+  <p class="captcha-block__yandex-notice">
+    <%- include('icon', { name: 'shield', iconSize: 14 }) %>
+    <%= yandexCaptchaBlockedMsg %>
+  </p>
+
+  <% if (captcha && captcha.blocked) { %>
+    <p class="alert alert--error">Капча недоступна: выбран заблокированный провайдер. В .env укажите <code>CAPTCHA_PROVIDER=google</code> или <code>cloudflare</code>.</p>
+  <% } else if (captcha && captcha.enabled) { %>
+    <div class="captcha-widget">
+      <% if (captcha.provider === 'cloudflare') { %>
+        <script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
+        <div class="cf-turnstile" data-sitekey="<%= captcha.siteKey %>" data-theme="dark"></div>
+      <% } else { %>
+        <script src="https://www.google.com/recaptcha/api.js" async defer></script>
+        <div class="g-recaptcha" data-sitekey="<%= captcha.siteKey %>" data-theme="dark"></div>
+      <% } %>
+    </div>
+    <p class="muted captcha-block__provider">
+      <% if (captcha.provider === 'cloudflare') { %>Проверка: Cloudflare Turnstile<% } else { %>Проверка: Google reCAPTCHA<% } %>
+    </p>
+  <% } %>
+</aside>

src/views/partials/layout-end.ejs

@@ -1,7 +1,11 @@
   </main>
   <footer class="footer">
     <div class="container">
-      <p>&copy; <%= new Date().getFullYear() %> Shop · <a href="/cookies/policy">Cookies</a></p>
+      <p>&copy; <%= new Date().getFullYear() %> Shop ·
+        <a href="/orders">Заказы</a> ·
+        <a href="/sitemap.xml">Карта сайта</a> ·
+        <a href="/cookies/policy">Cookies</a>
+      </p>
     </div>
   </footer>
   <%- include('cookie-banner') %>

src/views/partials/layout-start.ejs

@@ -4,6 +4,9 @@
   <meta charset="UTF-8">
   <meta name="viewport" content="width=device-width, initial-scale=1">
   <title><%= title %> — Shop</title>
+  <% if (typeof metaDescription !== 'undefined' && metaDescription) { %>
+  <meta name="description" content="<%= metaDescription %>">
+  <% } %>
   <link rel="preconnect" href="https://fonts.googleapis.com">
   <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
   <link href="https://fonts.googleapis.com/css2?family=DM+Sans:ital,opsz,wght@0,9..40,400;0,9..40,500;0,9..40,600;0,9..40,700;1,9..40,400&display=swap" rel="stylesheet">

src/views/register.ejs

@@ -20,6 +20,7 @@
       Повторите пароль
       <input type="password" name="password2" class="input" required>
     </label>
+    <%- include('partials/captcha-widget') %>
     <button type="submit" class="btn btn--primary btn--block">Создать аккаунт</button>
     <p class="form-footer">Уже есть аккаунт? <a href="/login">Войти</a></p>
   </form>

wiki/Home.md

@@ -1,6 +1,6 @@
 # Shop — документация
 
-Интернет-магазин на **Node.js** и **PostgreSQL 17**. Текущий релиз: **v1.0.0** (см. [CHANGELOG](../CHANGELOG.md), [RELEASE-1.0](../docs/RELEASE-1.0.md)).
+Интернет-магазин на **Node.js** и **PostgreSQL 17**. Текущий релиз: **v1.0.1** (см. [CHANGELOG](../CHANGELOG.md), [RELEASE-1.0.1](../docs/RELEASE-1.0.1.md)).
 
 ## Способы установки
 

wiki/Troubleshooting.md

@@ -38,6 +38,9 @@ journalctl -u shop -n 50 --no-pager
 | Placeholder / `URL_РЕПОЗИТОРИЯ` | `git clone <ваш-url> "$SHOP_ROOT"` — не копировать шаблоны как команды |
 | Нет `package.json` | `find /opt -name package.json`; `cd` в найденный каталог |
 | detached HEAD | `bash scripts/git-sync.sh` |
+| `EACCES` на `package-lock.json`, npm от www-data | `sudo bash scripts/fix-shop-permissions.sh` затем `sudo npm install --omit=dev` и снова `fix-shop-permissions` |
+| `shop.service` failed после обновления | `sudo bash scripts/fix-shop-permissions.sh` && `sudo systemctl restart shop` |
+| `status=203/EXEC` на `wait-postgres.sh` | `chmod +x scripts/*.sh`; `sed -i 's/\r$//' scripts/*.sh`; в unit: `ExecStartPre=+/bin/bash .../wait-postgres.sh`; `sudo bash scripts/install-shop-service.sh` |
 | Нет `scripts/...` | `bash "$SHOP_ROOT/scripts/server-update.sh"` |
 | Unit shop not found | `sudo bash scripts/install-shop-service.sh` |
 | shop exit-code / auto-restart | `sudo bash scripts/free-port-3000.sh`; `systemctl restart shop` |