API documentation: do not perform database requests from template helpers (3e2491a9) · Commits · derf / travelynx

lib/Travelynx/Controller/Account.pm

+11 −3

Original line number	Diff line number	Diff line
		@@ -389,7 +389,11 @@ sub verify {
		sub delete {
		my ($self) = @_;
		if ( $self->validation->csrf_protect->has_error('csrf_token') ) {
		$self->render( 'account', invalid => 'csrf' );
		$self->render(
		'account',
		api_token => $self->get_api_token,
		invalid => 'csrf',
		);
		return;
		}

		@@ -401,7 +405,11 @@ sub delete {
		)
		)
		{
		$self->render( 'account', invalid => 'deletion password' );
		$self->render(
		'account',
		api_token => $self->get_api_token,
		invalid => 'deletion password'
		);
		return;
		}
		$self->users->flag_deletion( uid => $self->current_user->{id} );
		@@ -943,7 +951,7 @@ sub confirm_mail {
		sub account {
		my ($self) = @_;

		$self->render('account');
		$self->render( 'account', api_token => $self->get_api_token );
		$self->users->mark_seen( uid => $self->current_user->{id} );
		}

+10 −1

Original line number	Diff line number	Diff line
		@@ -34,8 +34,17 @@ sub sanitize {
		sub documentation {
		my ($self) = @_;

		if ( $self->is_user_authenticated ) {
		$self->render(
		'api_documentation',
		uid => $self->current_user->{id},
		api_token => $self->get_api_token,
		);
		}
		else {
		$self->render('api_documentation');
		}
		}

		sub get_v1 {
		my ($self) = @_;

+1 −1

+2 −6

Original line number	Diff line number	Diff line
		% my $api_root = $self->url_for('/api/v1')->to_abs->scheme('https');
		% my $token = {};
		% my $uid;
		% if (is_user_authenticated()) {
		% $uid = current_user()->{id};
		% $token = get_api_token();
		% }
		% my $token = stash('api_token') // {};
		% my $uid = stash('uid') // q{};

		<h1>API</h1>