diff --git a/lib/Travelynx/Controller/Account.pm b/lib/Travelynx/Controller/Account.pm index 4af1aa0..52850f7 100644 --- a/lib/Travelynx/Controller/Account.pm +++ b/lib/Travelynx/Controller/Account.pm @@ -389,7 +389,11 @@ sub verify { sub delete { my ($self) = @_; if ( $self->validation->csrf_protect->has_error('csrf_token') ) { - $self->render( 'account', invalid => 'csrf' ); + $self->render( + 'account', + api_token => $self->get_api_token, + invalid => 'csrf', + ); return; } @@ -401,7 +405,11 @@ sub delete { ) ) { - $self->render( 'account', invalid => 'deletion password' ); + $self->render( + 'account', + api_token => $self->get_api_token, + invalid => 'deletion password' + ); return; } $self->users->flag_deletion( uid => $self->current_user->{id} ); @@ -943,7 +951,7 @@ sub confirm_mail { sub account { my ($self) = @_; - $self->render('account'); + $self->render( 'account', api_token => $self->get_api_token ); $self->users->mark_seen( uid => $self->current_user->{id} ); } diff --git a/lib/Travelynx/Controller/Api.pm b/lib/Travelynx/Controller/Api.pm index 8c47e9f..856c477 100755 --- a/lib/Travelynx/Controller/Api.pm +++ b/lib/Travelynx/Controller/Api.pm @@ -34,7 +34,16 @@ sub sanitize { sub documentation { my ($self) = @_; - $self->render('api_documentation'); + if ( $self->is_user_authenticated ) { + $self->render( + 'api_documentation', + uid => $self->current_user->{id}, + api_token => $self->get_api_token, + ); + } + else { + $self->render('api_documentation'); + } } sub get_v1 { diff --git a/templates/account.html.ep b/templates/account.html.ep index 418291c..9c5d88e 100644 --- a/templates/account.html.ep +++ b/templates/account.html.ep @@ -177,7 +177,7 @@ -% my $token = get_api_token(); +% my $token = stash('api_token') // {};