From e7eea1036bf8ef36b4d7e39b72dac1d08b241971 Mon Sep 17 00:00:00 2001 From: Kukks Date: Wed, 26 Feb 2020 10:26:38 +0100 Subject: [PATCH] make api key delete use confirm page --- .../Controllers/ManageController.APIKeys.cs | 29 ++++++++++++++++--- BTCPayServer/Models/ConfirmModel.cs | 1 + BTCPayServer/Views/Manage/APIKeys.cshtml | 2 +- BTCPayServer/Views/Shared/Confirm.cshtml | 2 +- 4 files changed, 28 insertions(+), 6 deletions(-) diff --git a/BTCPayServer/Controllers/ManageController.APIKeys.cs b/BTCPayServer/Controllers/ManageController.APIKeys.cs index 9be2bec0d..23052fe9b 100644 --- a/BTCPayServer/Controllers/ManageController.APIKeys.cs +++ b/BTCPayServer/Controllers/ManageController.APIKeys.cs @@ -8,11 +8,8 @@ using BTCPayServer.Hosting.OpenApi; using BTCPayServer.Models; using BTCPayServer.Security; using BTCPayServer.Security.APIKeys; -using ExchangeSharp; using Microsoft.AspNetCore.Authorization; -using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; -using Newtonsoft.Json; using NSwag.Annotations; namespace BTCPayServer.Controllers @@ -31,9 +28,33 @@ namespace BTCPayServer.Controllers }); } - [HttpGet] + + + [HttpGet("api-keys/{id}/delete")] public async Task RemoveAPIKey(string id) { + var key = await _apiKeyRepository.GetKey(id); + if (key == null || key.UserId != _userManager.GetUserId(User)) + { + return NotFound(); + } + return View("Confirm", new ConfirmModel() + { + Title = "Delete API Key "+ ( string.IsNullOrEmpty(key.Label)? string.Empty: key.Label) + "("+key.Id+")", + Description = "Any application using this api key will immediately lose access", + Action = "Delete", + ActionUrl = Request.GetCurrentUrl().Replace("RemoveAPIKey", "RemoveAPIKeyPost") + }); + } + + [HttpPost("api-keys/{id}/delete")] + public async Task RemoveAPIKeyPost(string id) + { + var key = await _apiKeyRepository.GetKey(id); + if (key == null || key.UserId != _userManager.GetUserId(User)) + { + return NotFound(); + } await _apiKeyRepository.Remove(id, _userManager.GetUserId(User)); TempData.SetStatusMessageModel(new StatusMessageModel() { diff --git a/BTCPayServer/Models/ConfirmModel.cs b/BTCPayServer/Models/ConfirmModel.cs index b56f4274a..65caf78f1 100644 --- a/BTCPayServer/Models/ConfirmModel.cs +++ b/BTCPayServer/Models/ConfirmModel.cs @@ -29,5 +29,6 @@ namespace BTCPayServer.Models get; set; } public string ButtonClass { get; set; } = "btn-danger"; + public string ActionUrl { get; set; } } } diff --git a/BTCPayServer/Views/Manage/APIKeys.cshtml b/BTCPayServer/Views/Manage/APIKeys.cshtml index 4e4a69cca..ac197f44d 100644 --- a/BTCPayServer/Views/Manage/APIKeys.cshtml +++ b/BTCPayServer/Views/Manage/APIKeys.cshtml @@ -31,7 +31,7 @@ } - Remove + Remove } diff --git a/BTCPayServer/Views/Shared/Confirm.cshtml b/BTCPayServer/Views/Shared/Confirm.cshtml index 22f2975cb..d44105ae3 100644 --- a/BTCPayServer/Views/Shared/Confirm.cshtml +++ b/BTCPayServer/Views/Shared/Confirm.cshtml @@ -26,7 +26,7 @@ {
-
+