Allow user to delete session key

netbox/project-static/js/secrets.js

@@ -14,8 +14,10 @@ $(document).ready(function() {
 
     // Retrieve a session key
     $('#request_session_key').click(function() {
-        var private_key = $('#user_privkey').val();
+        var private_key_field = $('#user_privkey');
+        var private_key = private_key_field.val();
         get_session_key(private_key);
+        private_key_field.val("");
     });
 
     // Retrieve a secret via the API

netbox/secrets/models.py

@@ -198,7 +198,7 @@ class SessionKey(models.Model):
         ordering = ['user__username']
 
     def __str__(self):
-        return self.user.username
+        return self.userkey.user.username
 
     def save(self, master_key=None, *args, **kwargs):
 

netbox/templates/users/sessionkey_delete.html

@@ -0,0 +1,5 @@
+{% extends 'utilities/obj_delete.html' %}
+
+{% block message %}
+    <p>Are you sure you want to delete your session key?</p>
+{% endblock %}

netbox/templates/users/userkey.html

@@ -23,7 +23,7 @@
         <hr />
         {% if userkey.session_key %}
             <div class="pull-right">
-                <a href="#" class="btn btn-danger">
+                <a href="{% url 'user:sessionkey_delete' %}" class="btn btn-danger">
                     <span class="fa fa-trash" aria-hidden="true"></span>
                     Delete session key
                 </a>

netbox/users/urls.py

@@ -5,7 +5,6 @@ from . import views
 
 urlpatterns = [
 
-    # User profiles
     url(r'^profile/$', views.profile, name='profile'),
     url(r'^password/$', views.change_password, name='change_password'),
     url(r'^api-tokens/$', views.TokenListView.as_view(), name='token_list'),
@@ -14,6 +13,7 @@ urlpatterns = [
     url(r'^api-tokens/(?P<pk>\d+)/delete/$', views.TokenDeleteView.as_view(), name='token_delete'),
     url(r'^user-key/$', views.userkey, name='userkey'),
     url(r'^user-key/edit/$', views.userkey_edit, name='userkey_edit'),
+    url(r'^session-key/delete/$', views.SessionKeyDeleteView.as_view(), name='sessionkey_delete'),
     url(r'^recent-activity/$', views.recent_activity, name='recent_activity'),
 
 ]

netbox/users/views.py

@@ -9,7 +9,7 @@ from django.utils.http import is_safe_url
 from django.views.generic import View
 
 from secrets.forms import UserKeyForm
-from secrets.models import UserKey
+from secrets.models import SessionKey, UserKey
 from utilities.forms import ConfirmationForm
 from .forms import LoginForm, PasswordChangeForm, TokenForm
 from .models import Token
@@ -124,6 +124,42 @@ def userkey_edit(request):
     })
 
 
+class SessionKeyDeleteView(LoginRequiredMixin, View):
+
+    def get(self, request):
+
+        sessionkey = get_object_or_404(SessionKey, userkey__user=request.user)
+        form = ConfirmationForm()
+
+        return render(request, 'users/sessionkey_delete.html', {
+            'obj_type': sessionkey._meta.verbose_name,
+            'form': form,
+            'return_url': reverse('user:userkey'),
+        })
+
+    def post(self, request):
+
+        sessionkey = get_object_or_404(SessionKey, userkey__user=request.user)
+        form = ConfirmationForm(request.POST)
+        if form.is_valid():
+
+            # Delete session key
+            sessionkey.delete()
+            messages.success(request, "Session key deleted")
+
+            # Delete cookie
+            response = redirect('user:userkey')
+            response.delete_cookie('session_key', path=reverse('secrets-api:secret-list'))
+
+            return response
+
+        return render(request, 'users/sessionkey_delete.html', {
+            'obj_type': sessionkey._meta.verbose_name,
+            'form': form,
+            'return_url': reverse('user:userkey'),
+        })
+
+
 @login_required()
 def recent_activity(request):