aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-17 14:04:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

make api key delete use confirm page

Browse Source
This commit is contained in:
Kukks
2020-02-26 10:26:38 +01:00
parent 48c21baee5
commit e7eea1036b
4 changed files with 28 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
BTCPayServer/Controllers/ManageController.APIKeys.cs
View File

@@ -8,11 +8,8 @@ using BTCPayServer.Hosting.OpenApi;
using BTCPayServer.Models; using BTCPayServer.Models;
using BTCPayServer.Security; using BTCPayServer.Security;
using BTCPayServer.Security.APIKeys; using BTCPayServer.Security.APIKeys;
using ExchangeSharp;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json;
using NSwag.Annotations; using NSwag.Annotations;
namespace BTCPayServer.Controllers namespace BTCPayServer.Controllers
@@ -31,9 +28,33 @@ namespace BTCPayServer.Controllers
}); });
} }
[HttpGet]
[HttpGet("api-keys/{id}/delete")]
public async Task<IActionResult> RemoveAPIKey(string id) public async Task<IActionResult> RemoveAPIKey(string id)
{ {
var key = await _apiKeyRepository.GetKey(id);
if (key == null || key.UserId != _userManager.GetUserId(User))
{
return NotFound();
}
return View("Confirm", new ConfirmModel()
{
Title = "Delete API Key "+ ( string.IsNullOrEmpty(key.Label)? string.Empty: key.Label) + "("+key.Id+")",
Description = "Any application using this api key will immediately lose access",
Action = "Delete",
ActionUrl = Request.GetCurrentUrl().Replace("RemoveAPIKey", "RemoveAPIKeyPost")
});
}
[HttpPost("api-keys/{id}/delete")]
public async Task<IActionResult> RemoveAPIKeyPost(string id)
{
var key = await _apiKeyRepository.GetKey(id);
if (key == null || key.UserId != _userManager.GetUserId(User))
{
return NotFound();
}
await _apiKeyRepository.Remove(id, _userManager.GetUserId(User)); await _apiKeyRepository.Remove(id, _userManager.GetUserId(User));
TempData.SetStatusMessageModel(new StatusMessageModel() TempData.SetStatusMessageModel(new StatusMessageModel()
{ {

1
BTCPayServer/Models/ConfirmModel.cs
View File

@@ -29,5 +29,6 @@ namespace BTCPayServer.Models
get; set; get; set;
} }
public string ButtonClass { get; set; } = "btn-danger"; public string ButtonClass { get; set; } = "btn-danger";
public string ActionUrl { get; set; }
} }
} }

2
BTCPayServer/Views/Manage/APIKeys.cshtml
View File

@@ -31,7 +31,7 @@
} }
</td> </td>
<td class="text-right"> <td class="text-right">
<a asp-action="RemoveAPIKey" asp-route-id="@keyData.Id">Remove</a> <a asp-action="RemoveAPIKey" asp-route-id="@keyData.Id" asp-controller="Manage">Remove</a>
</td> </td>
</tr> </tr>
} }

2
BTCPayServer/Views/Shared/Confirm.cshtml
View File

@@ -26,7 +26,7 @@
{ {
<div class="row"> <div class="row">
<div class="col-lg-12 text-center"> <div class="col-lg-12 text-center">
<form method="post"> <form method="post" action="@Model.ActionUrl">
<button id="continue" type="submit" class="btn @Model.ButtonClass w-25">@Model.Action</button> <button id="continue" type="submit" class="btn @Model.ButtonClass w-25">@Model.Action</button>
<button type="submit" class="btn btn-secondary w-25" onclick="history.back(); return false;">Go back</button> <button type="submit" class="btn btn-secondary w-25" onclick="history.back(); return false;">Go back</button>
</form> </form>