diff options
| -rw-r--r-- | lib/Travelynx/Controller/Account.pm | 14 | ||||
| -rwxr-xr-x | lib/Travelynx/Controller/Api.pm | 11 | ||||
| -rw-r--r-- | templates/account.html.ep | 2 | ||||
| -rw-r--r-- | templates/api_documentation.html.ep | 8 |
4 files changed, 24 insertions, 11 deletions
diff --git a/lib/Travelynx/Controller/Account.pm b/lib/Travelynx/Controller/Account.pm index 4af1aa0..52850f7 100644 --- a/lib/Travelynx/Controller/Account.pm +++ b/lib/Travelynx/Controller/Account.pm @@ -389,7 +389,11 @@ sub verify { sub delete { my ($self) = @_; if ( $self->validation->csrf_protect->has_error('csrf_token') ) { - $self->render( 'account', invalid => 'csrf' ); + $self->render( + 'account', + api_token => $self->get_api_token, + invalid => 'csrf', + ); return; } @@ -401,7 +405,11 @@ sub delete { ) ) { - $self->render( 'account', invalid => 'deletion password' ); + $self->render( + 'account', + api_token => $self->get_api_token, + invalid => 'deletion password' + ); return; } $self->users->flag_deletion( uid => $self->current_user->{id} ); @@ -943,7 +951,7 @@ sub confirm_mail { sub account { my ($self) = @_; - $self->render('account'); + $self->render( 'account', api_token => $self->get_api_token ); $self->users->mark_seen( uid => $self->current_user->{id} ); } diff --git a/lib/Travelynx/Controller/Api.pm b/lib/Travelynx/Controller/Api.pm index 8c47e9f..856c477 100755 --- a/lib/Travelynx/Controller/Api.pm +++ b/lib/Travelynx/Controller/Api.pm @@ -34,7 +34,16 @@ sub sanitize { sub documentation { my ($self) = @_; - $self->render('api_documentation'); + if ( $self->is_user_authenticated ) { + $self->render( + 'api_documentation', + uid => $self->current_user->{id}, + api_token => $self->get_api_token, + ); + } + else { + $self->render('api_documentation'); + } } sub get_v1 { diff --git a/templates/account.html.ep b/templates/account.html.ep index 418291c..9c5d88e 100644 --- a/templates/account.html.ep +++ b/templates/account.html.ep @@ -177,7 +177,7 @@ </div> </div> -% my $token = get_api_token(); +% my $token = stash('api_token') // {}; <div class="row"> <div class="col s12"> <h2>API</h2> diff --git a/templates/api_documentation.html.ep b/templates/api_documentation.html.ep index 55cd54a..c9125a2 100644 --- a/templates/api_documentation.html.ep +++ b/templates/api_documentation.html.ep @@ -1,10 +1,6 @@ % my $api_root = $self->url_for('/api/v1')->to_abs->scheme('https'); -% my $token = {}; -% my $uid; -% if (is_user_authenticated()) { - % $uid = current_user()->{id}; - % $token = get_api_token(); -% } +% my $token = stash('api_token') // {}; +% my $uid = stash('uid') // q{}; <h1>API</h1> |