From f9eadc3c5a3b85f83083ff6858617b769ccceb28 Mon Sep 17 00:00:00 2001
From: Simon Pirkelmann <simon.pirkelmann@gmail.com>
Date: Mon, 8 Mar 2021 00:05:26 +0100
Subject: [PATCH] added confirmation dialog before deleting token

---
 app.py                |  8 ++++----
 templates/tokens.html | 21 +++++++++++++++++++--
 2 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/app.py b/app.py
index 85fa670..9130bd7 100644
--- a/app.py
+++ b/app.py
@@ -45,7 +45,6 @@ class Role(db.Model, fsqla.FsRoleMixin):
 
 class User(db.Model, fsqla.FsUserMixin):
     username = db.Column(db.String(255))
-    pass
 
 class ExtendedLoginForm(LoginForm):
     email = StringField('Benutzername oder E-Mail', [Required()])
@@ -200,9 +199,9 @@ def store_token():
     return redirect('/tokens')
 
 
-@app.route('/delete-token/<token>')
+@app.route('/delete-token', methods=['POST'])
 #@auth_required()
-def delete_token(token):
+def delete_token():
     """Delete the given token from the token file and store the new token file to disk
 
     Parameters
@@ -210,11 +209,12 @@ def delete_token(token):
     token : str
         The token to delete from the database.
     """
+    token = request.form.get('token')
     tokens = door.get_tokens()
     if token in tokens: # check if token exists
         tokens.pop(token)
         door.store_tokens(tokens)
-    return redirect('/tokens')
+    return "success"
 
 
 @app.route('/deactivate-token/<token>')
diff --git a/templates/tokens.html b/templates/tokens.html
index e19bf0c..41b4486 100644
--- a/templates/tokens.html
+++ b/templates/tokens.html
@@ -3,6 +3,8 @@
 <head>
     <meta charset="UTF-8">
     <title>Tokens</title>
+
+    <script src="../static/jquery-3.6.0.js"></script>
 </head>
 <body>
 {% with messages = get_flashed_messages() %}
@@ -30,7 +32,7 @@
     <td>
     <a href="{{ url_for('edit_token', token=t) }}"><img src="static/edit.png" title="Editieren" alt="Edit"></a>
     <a href="{{ url_for('deactivate_token', token=t) }}"><img src="static/stop.png" title="Deaktivieren" alt="Deactivate"></a>
-    <a href="{{ url_for('delete_token', token=t) }}"><img src="static/delete.png" title="Löschen" alt="Delete"></a>
+    <img src="static/delete.png" title="Löschen" alt="Delete" onclick="confirmDelete('{{ t }}')">
     </td>
     </tr>
 {% endfor %}
@@ -42,11 +44,26 @@
     {% endfor %}
     <td>
     <a href="{{ url_for('edit_token', token=t) }}"><img src="static/edit.png" title="Editieren" alt="Edit"></a>
-    <a href="{{ url_for('delete_token', token=t) }}"><img src="static/delete.png" title="Löschen" alt="Delete"></a>
+    <img src="static/delete.png" title="Löschen" alt="Delete" onclick="confirmDelete('{{ t }}')">
     </td>
     </tr>
 {% endfor %}
 </table>
 
 </body>
+<script>
+    function confirmDelete(t) {
+        debugger
+        if (confirm('Token wirklich löschen?')) {
+            console.log('confirmed');
+            console.log(t);
+            $.post('{{ url_for('delete_token') }}', {token: t},
+                function (data) {
+                    if (data === 'success') {
+                        location.reload();
+                    }
+                });
+        }
+    }
+</script>
 </html>
\ No newline at end of file