midou/invidious
1
0
Fork 1
mirror of https://github.com/iv-org/invidious.git synced 2024-11-30 02:32:56 +05:30
Code Issues Packages Projects Releases Wiki Activity

Routes: Simplify actions in token_ajax

Browse Source
This commit is contained in:
Samantaz Fox 2024-10-29 18:21:58 +01:00
parent e453a2a682
commit dbd96c77e4
No known key found for this signature in database
GPG Key ID: F42821059186176E
3 changed files with 5 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
assets/js/handlers.js
View File

@ -91,7 +91,7 @@
var count = document.getElementById('count');
count.textContent--;
var url = '/token_ajax?action_revoke_token=1&redirect=false' +
var url = '/token_ajax?action=revoke_token&redirect=false' +
'&referer=' + encodeURIComponent(location.href) +
'&session=' + target.getAttribute('data-session');

14
src/invidious/routes/account.cr
View File

@ -328,17 +328,9 @@ module Invidious::Routes::Account
end
end
if env.params.query["action_revoke_token"]?
action = "action_revoke_token"
else
return env.redirect referer
end
session = env.params.query["session"]?
session ||= ""
case action
when .starts_with? "action_revoke_token"
case action = env.params.query["action"]?
when "revoke_token"
session = env.params.query["session"]
Invidious::Database::SessionIDs.delete(sid: session, email: user.email)
else
return error_json(400, "Unsupported action #{action}")

2
src/invidious/views/user/token_manager.ecr
View File

@ -29,7 +29,7 @@
</div>
<div class="pure-u-1-5" style="text-align:right">
<h3 style="padding-right:0.5em">
<form data-onsubmit="return_false" action="/token_ajax?action_revoke_token=1&session=<%= token[:session] %>&referer=<%= env.get("current_page") %>" method="post">
<form data-onsubmit="return_false" action="/token_ajax?action=revoke_token&session=<%= token[:session] %>&referer=<%= env.get("current_page") %>" method="post">
<input type="hidden" name="csrf_token" value="<%= HTML.escape(env.get?("csrf_token").try &.as(String) || "") %>">
<input style="all:unset" type="submit" data-onclick="revoke_token" data-session="<%= token[:session] %>" value="<%= translate(locale, "revoke") %>">
</form>