From 3e2491a9bc6579ccf017f0dbc2573b5ab4c75613 Mon Sep 17 00:00:00 2001
From: Daniel Friesel <derf@finalrewind.org>
Date: Sat, 21 Jan 2023 08:36:25 +0100
Subject: API documentation: do not perform database requests from template
 helpers

---
 lib/Travelynx/Controller/Account.pm | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'lib/Travelynx/Controller/Account.pm')

diff --git a/lib/Travelynx/Controller/Account.pm b/lib/Travelynx/Controller/Account.pm
index 4af1aa0..52850f7 100644
--- a/lib/Travelynx/Controller/Account.pm
+++ b/lib/Travelynx/Controller/Account.pm
@@ -389,7 +389,11 @@ sub verify {
 sub delete {
 	my ($self) = @_;
 	if ( $self->validation->csrf_protect->has_error('csrf_token') ) {
-		$self->render( 'account', invalid => 'csrf' );
+		$self->render(
+			'account',
+			api_token => $self->get_api_token,
+			invalid   => 'csrf',
+		);
 		return;
 	}
 
@@ -401,7 +405,11 @@ sub delete {
 			)
 		  )
 		{
-			$self->render( 'account', invalid => 'deletion password' );
+			$self->render(
+				'account',
+				api_token => $self->get_api_token,
+				invalid   => 'deletion password'
+			);
 			return;
 		}
 		$self->users->flag_deletion( uid => $self->current_user->{id} );
@@ -943,7 +951,7 @@ sub confirm_mail {
 sub account {
 	my ($self) = @_;
 
-	$self->render('account');
+	$self->render( 'account', api_token => $self->get_api_token );
 	$self->users->mark_seen( uid => $self->current_user->{id} );
 }
 
-- 
cgit v1.2.3