diff --git a/netbox/project-static/js/secrets.js b/netbox/project-static/js/secrets.js index 895ea5695..82bb1790e 100644 --- a/netbox/project-static/js/secrets.js +++ b/netbox/project-static/js/secrets.js @@ -14,8 +14,10 @@ $(document).ready(function() { // Retrieve a session key $('#request_session_key').click(function() { - var private_key = $('#user_privkey').val(); + var private_key_field = $('#user_privkey'); + var private_key = private_key_field.val(); get_session_key(private_key); + private_key_field.val(""); }); // Retrieve a secret via the API diff --git a/netbox/secrets/models.py b/netbox/secrets/models.py index 07e57796c..1761094fc 100644 --- a/netbox/secrets/models.py +++ b/netbox/secrets/models.py @@ -198,7 +198,7 @@ class SessionKey(models.Model): ordering = ['user__username'] def __str__(self): - return self.user.username + return self.userkey.user.username def save(self, master_key=None, *args, **kwargs): diff --git a/netbox/templates/users/sessionkey_delete.html b/netbox/templates/users/sessionkey_delete.html new file mode 100644 index 000000000..c91956b79 --- /dev/null +++ b/netbox/templates/users/sessionkey_delete.html @@ -0,0 +1,5 @@ +{% extends 'utilities/obj_delete.html' %} + +{% block message %} +

Are you sure you want to delete your session key?

+{% endblock %} diff --git a/netbox/templates/users/userkey.html b/netbox/templates/users/userkey.html index eb2f7d2e5..f34d8769b 100644 --- a/netbox/templates/users/userkey.html +++ b/netbox/templates/users/userkey.html @@ -23,7 +23,7 @@
{% if userkey.session_key %}
- + Delete session key diff --git a/netbox/users/urls.py b/netbox/users/urls.py index a56635f18..6ec8e21ba 100644 --- a/netbox/users/urls.py +++ b/netbox/users/urls.py @@ -5,7 +5,6 @@ from . import views urlpatterns = [ - # User profiles url(r'^profile/$', views.profile, name='profile'), url(r'^password/$', views.change_password, name='change_password'), url(r'^api-tokens/$', views.TokenListView.as_view(), name='token_list'), @@ -14,6 +13,7 @@ urlpatterns = [ url(r'^api-tokens/(?P\d+)/delete/$', views.TokenDeleteView.as_view(), name='token_delete'), url(r'^user-key/$', views.userkey, name='userkey'), url(r'^user-key/edit/$', views.userkey_edit, name='userkey_edit'), + url(r'^session-key/delete/$', views.SessionKeyDeleteView.as_view(), name='sessionkey_delete'), url(r'^recent-activity/$', views.recent_activity, name='recent_activity'), ] diff --git a/netbox/users/views.py b/netbox/users/views.py index bf5706617..41cecb96a 100644 --- a/netbox/users/views.py +++ b/netbox/users/views.py @@ -9,7 +9,7 @@ from django.utils.http import is_safe_url from django.views.generic import View from secrets.forms import UserKeyForm -from secrets.models import UserKey +from secrets.models import SessionKey, UserKey from utilities.forms import ConfirmationForm from .forms import LoginForm, PasswordChangeForm, TokenForm from .models import Token @@ -124,6 +124,42 @@ def userkey_edit(request): }) +class SessionKeyDeleteView(LoginRequiredMixin, View): + + def get(self, request): + + sessionkey = get_object_or_404(SessionKey, userkey__user=request.user) + form = ConfirmationForm() + + return render(request, 'users/sessionkey_delete.html', { + 'obj_type': sessionkey._meta.verbose_name, + 'form': form, + 'return_url': reverse('user:userkey'), + }) + + def post(self, request): + + sessionkey = get_object_or_404(SessionKey, userkey__user=request.user) + form = ConfirmationForm(request.POST) + if form.is_valid(): + + # Delete session key + sessionkey.delete() + messages.success(request, "Session key deleted") + + # Delete cookie + response = redirect('user:userkey') + response.delete_cookie('session_key', path=reverse('secrets-api:secret-list')) + + return response + + return render(request, 'users/sessionkey_delete.html', { + 'obj_type': sessionkey._meta.verbose_name, + 'form': form, + 'return_url': reverse('user:userkey'), + }) + + @login_required() def recent_activity(request):