summaryrefslogtreecommitdiff
path: root/lib/Travelynx
diff options
context:
space:
mode:
authorDaniel Friesel <derf@finalrewind.org>2023-01-21 08:36:25 +0100
committerDaniel Friesel <derf@finalrewind.org>2023-01-21 08:36:25 +0100
commit3e2491a9bc6579ccf017f0dbc2573b5ab4c75613 (patch)
treefe2e0af05dacc9b51aad3ceee7121471012d8cc4 /lib/Travelynx
parent72c50a7cc8fea6942a000d3f8f40bb31ee968ba3 (diff)
API documentation: do not perform database requests from template helpers
Diffstat (limited to 'lib/Travelynx')
-rw-r--r--lib/Travelynx/Controller/Account.pm14
-rwxr-xr-xlib/Travelynx/Controller/Api.pm11
2 files changed, 21 insertions, 4 deletions
diff --git a/lib/Travelynx/Controller/Account.pm b/lib/Travelynx/Controller/Account.pm
index 4af1aa0..52850f7 100644
--- a/lib/Travelynx/Controller/Account.pm
+++ b/lib/Travelynx/Controller/Account.pm
@@ -389,7 +389,11 @@ sub verify {
sub delete {
my ($self) = @_;
if ( $self->validation->csrf_protect->has_error('csrf_token') ) {
- $self->render( 'account', invalid => 'csrf' );
+ $self->render(
+ 'account',
+ api_token => $self->get_api_token,
+ invalid => 'csrf',
+ );
return;
}
@@ -401,7 +405,11 @@ sub delete {
)
)
{
- $self->render( 'account', invalid => 'deletion password' );
+ $self->render(
+ 'account',
+ api_token => $self->get_api_token,
+ invalid => 'deletion password'
+ );
return;
}
$self->users->flag_deletion( uid => $self->current_user->{id} );
@@ -943,7 +951,7 @@ sub confirm_mail {
sub account {
my ($self) = @_;
- $self->render('account');
+ $self->render( 'account', api_token => $self->get_api_token );
$self->users->mark_seen( uid => $self->current_user->{id} );
}
diff --git a/lib/Travelynx/Controller/Api.pm b/lib/Travelynx/Controller/Api.pm
index 8c47e9f..856c477 100755
--- a/lib/Travelynx/Controller/Api.pm
+++ b/lib/Travelynx/Controller/Api.pm
@@ -34,7 +34,16 @@ sub sanitize {
sub documentation {
my ($self) = @_;
- $self->render('api_documentation');
+ if ( $self->is_user_authenticated ) {
+ $self->render(
+ 'api_documentation',
+ uid => $self->current_user->{id},
+ api_token => $self->get_api_token,
+ );
+ }
+ else {
+ $self->render('api_documentation');
+ }
}
sub get_v1 {