API documentation: do not perform database requests from template helpers
This commit is contained in:
parent
72c50a7cc8
commit
3e2491a9bc
4 changed files with 24 additions and 11 deletions
|
@ -389,7 +389,11 @@ sub verify {
|
|||
sub delete {
|
||||
my ($self) = @_;
|
||||
if ( $self->validation->csrf_protect->has_error('csrf_token') ) {
|
||||
$self->render( 'account', invalid => 'csrf' );
|
||||
$self->render(
|
||||
'account',
|
||||
api_token => $self->get_api_token,
|
||||
invalid => 'csrf',
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -401,7 +405,11 @@ sub delete {
|
|||
)
|
||||
)
|
||||
{
|
||||
$self->render( 'account', invalid => 'deletion password' );
|
||||
$self->render(
|
||||
'account',
|
||||
api_token => $self->get_api_token,
|
||||
invalid => 'deletion password'
|
||||
);
|
||||
return;
|
||||
}
|
||||
$self->users->flag_deletion( uid => $self->current_user->{id} );
|
||||
|
@ -943,7 +951,7 @@ sub confirm_mail {
|
|||
sub account {
|
||||
my ($self) = @_;
|
||||
|
||||
$self->render('account');
|
||||
$self->render( 'account', api_token => $self->get_api_token );
|
||||
$self->users->mark_seen( uid => $self->current_user->{id} );
|
||||
}
|
||||
|
||||
|
|
|
@ -34,7 +34,16 @@ sub sanitize {
|
|||
sub documentation {
|
||||
my ($self) = @_;
|
||||
|
||||
if ( $self->is_user_authenticated ) {
|
||||
$self->render(
|
||||
'api_documentation',
|
||||
uid => $self->current_user->{id},
|
||||
api_token => $self->get_api_token,
|
||||
);
|
||||
}
|
||||
else {
|
||||
$self->render('api_documentation');
|
||||
}
|
||||
}
|
||||
|
||||
sub get_v1 {
|
||||
|
|
|
@ -177,7 +177,7 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
% my $token = get_api_token();
|
||||
% my $token = stash('api_token') // {};
|
||||
<div class="row">
|
||||
<div class="col s12">
|
||||
<h2>API</h2>
|
||||
|
|
|
@ -1,10 +1,6 @@
|
|||
% my $api_root = $self->url_for('/api/v1')->to_abs->scheme('https');
|
||||
% my $token = {};
|
||||
% my $uid;
|
||||
% if (is_user_authenticated()) {
|
||||
% $uid = current_user()->{id};
|
||||
% $token = get_api_token();
|
||||
% }
|
||||
% my $token = stash('api_token') // {};
|
||||
% my $uid = stash('uid') // q{};
|
||||
|
||||
<h1>API</h1>
|
||||
|
||||
|
|
Loading…
Reference in a new issue