aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app/blueprints/api/tokens.py11
1 files changed, 5 insertions, 6 deletions
diff --git a/app/blueprints/api/tokens.py b/app/blueprints/api/tokens.py
index 8eb2a67..03856da 100644
--- a/app/blueprints/api/tokens.py
+++ b/app/blueprints/api/tokens.py
@@ -69,7 +69,7 @@ def create_edit_token(username, id=None):
elif token.owner != user:
abort(403)
- access_token = session.pop("token_" + str(id), None)
+ access_token = session.pop("token_" + str(token.id), None)
form = CreateAPIToken(formdata=request.form, obj=token)
form.package.query_factory = lambda: Package.query.filter_by(author=user).all()
@@ -80,13 +80,14 @@ def create_edit_token(username, id=None):
token.owner = user
token.access_token = randomString(32)
- # Store token so it can be shown in the edit page
- session["token_" + str(token.id)] = token.access_token
-
form.populate_obj(token)
db.session.add(token)
db.session.commit() # save
+ if is_new:
+ # Store token so it can be shown in the edit page
+ session["token_" + str(token.id)] = token.access_token
+
return redirect(url_for("api.create_edit_token", username=username, id=token.id))
return render_template("api/create_edit_token.html", user=user, form=form, token=token, access_token=access_token)
@@ -102,8 +103,6 @@ def reset_token(username, id):
if not user.checkPerm(current_user, Permission.CREATE_TOKEN):
abort(403)
- is_new = id is None
-
token = APIToken.query.get(id)
if token is None:
abort(404)
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-01 22:21:28 +0000