def your_keys(request): if request.method == 'POST': if 'create_key' in request.POST: purpose = request.POST.get('purpose', '') group, created = ApiKeyGroup.objects.get_or_create( name = 'default' ) key = ApiKey.create_for_user(request.user, group, purpose) return HttpResponseRedirect('/api/your-keys/') # Are they deleting a key? for k in request.POST.keys(): if k.startswith('delete_'): key = k.replace('delete_', '') try: api_key = ApiKey.objects.get( key = key, user = request.user ) api_key.delete() except ApiKey.DoesNotExist: pass return HttpResponseRedirect('/api/your-keys/') return render(request, 'api/your_keys.html', { 'keys': request.user.api_keys.select_related('group').order_by( 'created_at' ), })