summaryrefslogtreecommitdiff
path: root/lib/Travelynx
diff options
context:
space:
mode:
Diffstat (limited to 'lib/Travelynx')
-rw-r--r--lib/Travelynx/Controller/Account.pm15
-rwxr-xr-xlib/Travelynx/Controller/Api.pm11
-rw-r--r--lib/Travelynx/Model/Users.pm18
3 files changed, 33 insertions, 11 deletions
diff --git a/lib/Travelynx/Controller/Account.pm b/lib/Travelynx/Controller/Account.pm
index 52850f7..2d9a1ce 100644
--- a/lib/Travelynx/Controller/Account.pm
+++ b/lib/Travelynx/Controller/Account.pm
@@ -388,10 +388,11 @@ sub verify {
sub delete {
my ($self) = @_;
+ my $uid = $self->current_user->{id};
if ( $self->validation->csrf_protect->has_error('csrf_token') ) {
$self->render(
'account',
- api_token => $self->get_api_token,
+ api_token => $self->users->get_api_token( uid => $uid ),
invalid => 'csrf',
);
return;
@@ -407,15 +408,15 @@ sub delete {
{
$self->render(
'account',
- api_token => $self->get_api_token,
+ api_token => $self->users->get_api_token( uid => $uid ),
invalid => 'deletion password'
);
return;
}
- $self->users->flag_deletion( uid => $self->current_user->{id} );
+ $self->users->flag_deletion( uid => $uid );
}
else {
- $self->users->unflag_deletion( uid => $self->current_user->{id} );
+ $self->users->unflag_deletion( uid => $uid );
}
$self->redirect_to('account');
}
@@ -950,9 +951,11 @@ sub confirm_mail {
sub account {
my ($self) = @_;
+ my $uid = $self->current_user->{id};
- $self->render( 'account', api_token => $self->get_api_token );
- $self->users->mark_seen( uid => $self->current_user->{id} );
+ $self->render( 'account',
+ api_token => $self->users->get_api_token( uid => $uid ) );
+ $self->users->mark_seen( uid => $uid );
}
sub json_export {
diff --git a/lib/Travelynx/Controller/Api.pm b/lib/Travelynx/Controller/Api.pm
index 856c477..6f788b5 100755
--- a/lib/Travelynx/Controller/Api.pm
+++ b/lib/Travelynx/Controller/Api.pm
@@ -35,10 +35,11 @@ sub documentation {
my ($self) = @_;
if ( $self->is_user_authenticated ) {
+ my $uid = $self->current_user->{id};
$self->render(
'api_documentation',
- uid => $self->current_user->{id},
- api_token => $self->get_api_token,
+ uid => $uid,
+ api_token => $self->users->get_api_token( uid => $uid ),
);
}
else {
@@ -79,7 +80,7 @@ sub get_v1 {
return;
}
- my $token = $self->get_api_token($uid);
+ my $token = $self->users->get_api_token( uid => $uid );
if ( not $api_token
or not $token->{$api_action}
or $api_token ne $token->{$api_action} )
@@ -145,7 +146,7 @@ sub travel_v1 {
return;
}
- my $token = $self->get_api_token($uid);
+ my $token = $self->users->get_api_token( uid => $uid );
if ( not $token->{'travel'} or $api_token ne $token->{'travel'} ) {
$self->render(
json => {
@@ -411,7 +412,7 @@ sub import_v1 {
return;
}
- my $token = $self->get_api_token($uid);
+ my $token = $self->users->get_api_token($uid);
if ( not $token->{'import'} or $api_token ne $token->{'import'} ) {
$self->render(
json => {
diff --git a/lib/Travelynx/Model/Users.pm b/lib/Travelynx/Model/Users.pm
index c36fa6d..0287ca2 100644
--- a/lib/Travelynx/Model/Users.pm
+++ b/lib/Travelynx/Model/Users.pm
@@ -19,6 +19,8 @@ my @sb_templates = (
[ 'bahn.expert/regional', 'https://bahn.expert/regional/{name}#{id}' ],
);
+my @token_types = (qw(status history travel import));
+
sub new {
my ( $class, %opt ) = @_;
@@ -86,6 +88,22 @@ sub verify_registration_token {
return;
}
+sub get_api_token {
+ my ( $self, %opt ) = @_;
+ my $db = $opt{db} // $self->{pg}->db;
+ my $uid = $opt{uid};
+
+ my $token = {};
+ my $res = $db->select( 'tokens', [ 'type', 'token' ], { user_id => $uid } );
+
+ for my $entry ( $res->hashes->each ) {
+ $token->{ $token_types[ $entry->{type} - 1 ] }
+ = $entry->{token};
+ }
+
+ return $token;
+}
+
sub get_uid_by_name_and_mail {
my ( $self, %opt ) = @_;
my $db = $opt{db} // $self->{pg}->db;