Merge pull request #154 from Nitrokey/SecretsTOTP

pin request when deleting

nitrokeyapp/secrets_tab/worker.py

@@ -218,19 +218,37 @@ def add_credential(self, successful: bool = True) -> None:
 class DeleteCredentialJob(Job):
     credential_deleted = pyqtSignal(Credential)
 
-    def __init__(self, data: DeviceData, credential: Credential) -> None:
+    def __init__(
+        self,
+        pin_cache: PinCache,
+        pin_ui: PinUi,
+        data: DeviceData,
+        credential: Credential,
+    ) -> None:
         super().__init__()
 
+        self.pin_cache = pin_cache
+        self.pin_ui = pin_ui
         self.data = data
         self.credential = credential
 
         self.credential_deleted.connect(lambda _: self.finished.emit())
 
     def run(self) -> None:
+        with self.touch_prompt():
+            if self.credential.protected:
+                verify_pin_job = VerifyPinJob(self.pin_cache, self.pin_ui, self.data)
+                verify_pin_job.pin_verified.connect(self.delete_credential)
+                self.spawn(verify_pin_job)
+            else:
+                self.delete_credential()
+
+    @pyqtSlot()
+    def delete_credential(self) -> None:
         with self.data.open() as device:
             secrets = SecretsApp(device)
-            with self.touch_prompt():
-                secrets.delete(self.credential.id)
+
+            secrets.delete(self.credential.id)
             self.credential_deleted.emit(self.credential)
 
 
@@ -360,7 +378,7 @@ def add_credential(
 
     @pyqtSlot(DeviceData, Credential)
     def delete_credential(self, data: DeviceData, credential: Credential) -> None:
-        job = DeleteCredentialJob(data, credential)
+        job = DeleteCredentialJob(self.pin_cache, self.pin_ui, data, credential)
         job.credential_deleted.connect(self.credential_deleted)
         self.run(job)