API documentation: do not perform database requests from template helpers
This commit is contained in:
parent
72c50a7cc8
commit
3e2491a9bc
4 changed files with 24 additions and 11 deletions
|
@ -389,7 +389,11 @@ sub verify {
|
||||||
sub delete {
|
sub delete {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
if ( $self->validation->csrf_protect->has_error('csrf_token') ) {
|
if ( $self->validation->csrf_protect->has_error('csrf_token') ) {
|
||||||
$self->render( 'account', invalid => 'csrf' );
|
$self->render(
|
||||||
|
'account',
|
||||||
|
api_token => $self->get_api_token,
|
||||||
|
invalid => 'csrf',
|
||||||
|
);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -401,7 +405,11 @@ sub delete {
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
$self->render( 'account', invalid => 'deletion password' );
|
$self->render(
|
||||||
|
'account',
|
||||||
|
api_token => $self->get_api_token,
|
||||||
|
invalid => 'deletion password'
|
||||||
|
);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$self->users->flag_deletion( uid => $self->current_user->{id} );
|
$self->users->flag_deletion( uid => $self->current_user->{id} );
|
||||||
|
@ -943,7 +951,7 @@ sub confirm_mail {
|
||||||
sub account {
|
sub account {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
|
|
||||||
$self->render('account');
|
$self->render( 'account', api_token => $self->get_api_token );
|
||||||
$self->users->mark_seen( uid => $self->current_user->{id} );
|
$self->users->mark_seen( uid => $self->current_user->{id} );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -34,7 +34,16 @@ sub sanitize {
|
||||||
sub documentation {
|
sub documentation {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
|
|
||||||
$self->render('api_documentation');
|
if ( $self->is_user_authenticated ) {
|
||||||
|
$self->render(
|
||||||
|
'api_documentation',
|
||||||
|
uid => $self->current_user->{id},
|
||||||
|
api_token => $self->get_api_token,
|
||||||
|
);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$self->render('api_documentation');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sub get_v1 {
|
sub get_v1 {
|
||||||
|
|
|
@ -177,7 +177,7 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
% my $token = get_api_token();
|
% my $token = stash('api_token') // {};
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col s12">
|
<div class="col s12">
|
||||||
<h2>API</h2>
|
<h2>API</h2>
|
||||||
|
|
|
@ -1,10 +1,6 @@
|
||||||
% my $api_root = $self->url_for('/api/v1')->to_abs->scheme('https');
|
% my $api_root = $self->url_for('/api/v1')->to_abs->scheme('https');
|
||||||
% my $token = {};
|
% my $token = stash('api_token') // {};
|
||||||
% my $uid;
|
% my $uid = stash('uid') // q{};
|
||||||
% if (is_user_authenticated()) {
|
|
||||||
% $uid = current_user()->{id};
|
|
||||||
% $token = get_api_token();
|
|
||||||
% }
|
|
||||||
|
|
||||||
<h1>API</h1>
|
<h1>API</h1>
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue