api, frontend: add account deletion
Closes https://gitlab.com/commento/commento/issues/120
This commit is contained in:
parent
80dc91ca05
commit
dc24a40a37
@ -47,3 +47,5 @@ var errorNoSuchUnsubscribeSecretHex = errors.New("Invalid unsubscribe link.")
|
|||||||
var errorEmptyPaths = errors.New("Empty paths field.")
|
var errorEmptyPaths = errors.New("Empty paths field.")
|
||||||
var errorInvalidDomain = errors.New("Invalid domain name. Do not include the URL path after the forward slash.")
|
var errorInvalidDomain = errors.New("Invalid domain name. Do not include the URL path after the forward slash.")
|
||||||
var errorInvalidEntity = errors.New("That entity does not exist.")
|
var errorInvalidEntity = errors.New("That entity does not exist.")
|
||||||
|
var errorCannotDeleteOwnerWithActiveDomains = errors.New("You cannot delete your account until all domains associated with your account are deleted.")
|
||||||
|
var errorNoSuchOwner = errors.New("No such owner.")
|
||||||
|
79
api/owner_delete.go
Normal file
79
api/owner_delete.go
Normal file
@ -0,0 +1,79 @@
|
|||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
)
|
||||||
|
|
||||||
|
func ownerDelete(ownerHex string, deleteDomains bool) error {
|
||||||
|
domains, err := domainList(ownerHex)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(domains) > 0 {
|
||||||
|
if !deleteDomains {
|
||||||
|
return errorCannotDeleteOwnerWithActiveDomains
|
||||||
|
}
|
||||||
|
for _, d := range domains {
|
||||||
|
if err := domainDelete(d.Domain); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
statement := `
|
||||||
|
DELETE FROM owners
|
||||||
|
WHERE ownerHex = $1;
|
||||||
|
`
|
||||||
|
_, err = db.Exec(statement, ownerHex)
|
||||||
|
if err != nil {
|
||||||
|
return errorNoSuchOwner
|
||||||
|
}
|
||||||
|
|
||||||
|
statement = `
|
||||||
|
DELETE FROM ownersessions
|
||||||
|
WHERE ownerHex = $1;
|
||||||
|
`
|
||||||
|
_, err = db.Exec(statement, ownerHex)
|
||||||
|
if err != nil {
|
||||||
|
logger.Errorf("cannot delete from ownersessions: %v", err)
|
||||||
|
return errorInternal
|
||||||
|
}
|
||||||
|
|
||||||
|
statement = `
|
||||||
|
DELETE FROM resethexes
|
||||||
|
WHERE hex = $1;
|
||||||
|
`
|
||||||
|
_, err = db.Exec(statement, ownerHex)
|
||||||
|
if err != nil {
|
||||||
|
logger.Errorf("cannot delete from resethexes: %v", err)
|
||||||
|
return errorInternal
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func ownerDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
|
type request struct {
|
||||||
|
OwnerToken *string `json:"ownerToken"`
|
||||||
|
}
|
||||||
|
|
||||||
|
var x request
|
||||||
|
if err := bodyUnmarshal(r, &x); err != nil {
|
||||||
|
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
o, err := ownerGetByOwnerToken(*x.OwnerToken)
|
||||||
|
if err != nil {
|
||||||
|
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if err = ownerDelete(o.OwnerHex, false); err != nil {
|
||||||
|
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
bodyMarshal(w, response{"success": true})
|
||||||
|
}
|
@ -92,10 +92,8 @@ func ownerNewHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if _, err := commenterNew(*x.Email, *x.Name, "undefined", "undefined", "commento", *x.Password); err != nil {
|
// Errors in creating a commenter account should not hold this up.
|
||||||
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
_, _ = commenterNew(*x.Email, *x.Name, "undefined", "undefined", "commento", *x.Password)
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
bodyMarshal(w, response{"success": true, "confirmEmail": smtpConfigured})
|
bodyMarshal(w, response{"success": true, "confirmEmail": smtpConfigured})
|
||||||
}
|
}
|
||||||
|
@ -9,6 +9,7 @@ func apiRouterInit(router *mux.Router) error {
|
|||||||
router.HandleFunc("/api/owner/confirm-hex", ownerConfirmHexHandler).Methods("GET")
|
router.HandleFunc("/api/owner/confirm-hex", ownerConfirmHexHandler).Methods("GET")
|
||||||
router.HandleFunc("/api/owner/login", ownerLoginHandler).Methods("POST")
|
router.HandleFunc("/api/owner/login", ownerLoginHandler).Methods("POST")
|
||||||
router.HandleFunc("/api/owner/self", ownerSelfHandler).Methods("POST")
|
router.HandleFunc("/api/owner/self", ownerSelfHandler).Methods("POST")
|
||||||
|
router.HandleFunc("/api/owner/delete", ownerDeleteHandler).Methods("POST")
|
||||||
|
|
||||||
router.HandleFunc("/api/domain/new", domainNewHandler).Methods("POST")
|
router.HandleFunc("/api/domain/new", domainNewHandler).Methods("POST")
|
||||||
router.HandleFunc("/api/domain/delete", domainDeleteHandler).Methods("POST")
|
router.HandleFunc("/api/domain/delete", domainDeleteHandler).Methods("POST")
|
||||||
|
@ -101,6 +101,7 @@ func staticRouterInit(router *mux.Router) error {
|
|||||||
"/confirm-email",
|
"/confirm-email",
|
||||||
"/unsubscribe",
|
"/unsubscribe",
|
||||||
"/dashboard",
|
"/dashboard",
|
||||||
|
"/settings",
|
||||||
"/logout",
|
"/logout",
|
||||||
"/profile",
|
"/profile",
|
||||||
}
|
}
|
||||||
|
@ -14,6 +14,7 @@
|
|||||||
<div id="navbar" class="navbar">
|
<div id="navbar" class="navbar">
|
||||||
<a href="[[[.Origin]]]/" class="navbar-item navbar-logo-text"><img src="[[[.CdnPrefix]]]/images/logo.svg" class="navbar-logo">Commento</a>
|
<a href="[[[.Origin]]]/" class="navbar-item navbar-logo-text"><img src="[[[.CdnPrefix]]]/images/logo.svg" class="navbar-logo">Commento</a>
|
||||||
<div class="navbar-item">
|
<div class="navbar-item">
|
||||||
|
<a href="[[[.Origin]]]/settings" class="navbar-item">Settings</a>
|
||||||
<a href="[[[.Origin]]]/logout" class="navbar-item">Logout</a>
|
<a href="[[[.Origin]]]/logout" class="navbar-item">Logout</a>
|
||||||
<div class="float-right"><b><div id="owner-name"></div></b></div>
|
<div class="float-right"><b><div id="owner-name"></div></b></div>
|
||||||
</div>
|
</div>
|
||||||
|
@ -70,6 +70,14 @@ const jsCompileMap = {
|
|||||||
"js/dashboard-danger.js",
|
"js/dashboard-danger.js",
|
||||||
"js/dashboard-export.js",
|
"js/dashboard-export.js",
|
||||||
],
|
],
|
||||||
|
"js/settings.js": [
|
||||||
|
"js/constants.js",
|
||||||
|
"js/utils.js",
|
||||||
|
"js/http.js",
|
||||||
|
"js/errors.js",
|
||||||
|
"js/self.js",
|
||||||
|
"js/settings.js"
|
||||||
|
],
|
||||||
"js/logout.js": [
|
"js/logout.js": [
|
||||||
"js/constants.js",
|
"js/constants.js",
|
||||||
"js/utils.js",
|
"js/utils.js",
|
||||||
|
@ -33,12 +33,22 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Shows messages produced from account deletion.
|
||||||
|
function displayDeletedOwner() {
|
||||||
|
var deleted = global.paramGet("deleted");
|
||||||
|
|
||||||
|
if (deleted === "true") {
|
||||||
|
$("#msg").html("Your account has been deleted.")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
// Shows email confirmation and password reset messages, if any.
|
// Shows email confirmation and password reset messages, if any.
|
||||||
global.displayMessages = function() {
|
global.displayMessages = function() {
|
||||||
displayConfirmedEmail();
|
displayConfirmedEmail();
|
||||||
displayChangedPassword();
|
displayChangedPassword();
|
||||||
displaySignedUp();
|
displaySignedUp();
|
||||||
|
displayDeletedOwner();
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
54
frontend/js/settings.js
Normal file
54
frontend/js/settings.js
Normal file
@ -0,0 +1,54 @@
|
|||||||
|
(function (global, document) {
|
||||||
|
"use strict";
|
||||||
|
|
||||||
|
(document);
|
||||||
|
|
||||||
|
global.vueConstruct = function(callback) {
|
||||||
|
var reactiveData = {
|
||||||
|
hasSource: global.owner.hasSource,
|
||||||
|
lastFour: global.owner.lastFour,
|
||||||
|
};
|
||||||
|
|
||||||
|
global.settings = new Vue({
|
||||||
|
el: "#settings",
|
||||||
|
data: reactiveData,
|
||||||
|
});
|
||||||
|
|
||||||
|
if (callback !== undefined) {
|
||||||
|
callback();
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
global.settingShow = function(setting) {
|
||||||
|
$(".pane-setting").removeClass("selected");
|
||||||
|
$(".view").hide();
|
||||||
|
$("#" + setting).addClass("selected");
|
||||||
|
$("#" + setting + "-view").show();
|
||||||
|
};
|
||||||
|
|
||||||
|
global.deleteOwnerHandler = function() {
|
||||||
|
if (!confirm("Are you absolutely sure you want to delete your account?")) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
var json = {
|
||||||
|
"ownerToken": global.cookieGet("commentoOwnerToken"),
|
||||||
|
}
|
||||||
|
|
||||||
|
$("#delete-owner-button").prop("disabled", true);
|
||||||
|
$("#delete-owner-button").text("Deleting...");
|
||||||
|
global.post(global.origin + "/api/owner/delete", json, function(resp) {
|
||||||
|
if (!resp.success) {
|
||||||
|
$("#delete-owner-button").prop("disabled", false);
|
||||||
|
$("#delete-owner-button").text("Delete Account");
|
||||||
|
global.globalErrorShow(resp.message);
|
||||||
|
$("#error-message").text(resp.message);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
global.cookieDelete("commentoOwnerToken");
|
||||||
|
document.location = global.origin + "/login?deleted=true";
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
} (window.commento, document));
|
@ -84,7 +84,7 @@ body {
|
|||||||
margin: 8px;
|
margin: 8px;
|
||||||
|
|
||||||
.left {
|
.left {
|
||||||
padding: 8px;
|
padding: 8px 16px;
|
||||||
|
|
||||||
.title {
|
.title {
|
||||||
font-weight: bold;
|
font-weight: bold;
|
||||||
|
90
frontend/settings.html
Normal file
90
frontend/settings.html
Normal file
@ -0,0 +1,90 @@
|
|||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<script src="[[[.CdnPrefix]]]/js/jquery.js"></script>
|
||||||
|
<script src="[[[.CdnPrefix]]]/js/vue.js"></script>
|
||||||
|
<script src="[[[.CdnPrefix]]]/js/highlight.js"></script>
|
||||||
|
<script src="[[[.CdnPrefix]]]/js/chartist.js"></script>
|
||||||
|
<script src="[[[.CdnPrefix]]]/js/settings.js"></script>
|
||||||
|
<script src="https://js.stripe.com/v3/"></script>
|
||||||
|
<link rel="icon" href="[[[.CdnPrefix]]]/images/120x120.png">
|
||||||
|
<link rel="stylesheet" href="[[[.CdnPrefix]]]/css/chartist.css">
|
||||||
|
<link rel="stylesheet" href="[[[.CdnPrefix]]]/css/dashboard.css">
|
||||||
|
<title>Commento: Settings</title>
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<div id="navbar" class="navbar">
|
||||||
|
<a href="[[[.Origin]]]/" class="navbar-item navbar-logo-text"><img src="[[[.CdnPrefix]]]/images/logo.svg" class="navbar-logo">Commento</a>
|
||||||
|
<div class="navbar-item">
|
||||||
|
<a href="[[[.Origin]]]/dashboard" class="navbar-item">Dashboard</a>
|
||||||
|
<a href="[[[.Origin]]]/logout" class="navbar-item">Logout</a>
|
||||||
|
<div class="float-right"><b><div id="owner-name"></div></b></div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
window.onload = function() {
|
||||||
|
window.commento.selfGet(function() {
|
||||||
|
window.commento.vueConstruct(function() {
|
||||||
|
window.commento.settingShow("delete-owner");
|
||||||
|
});
|
||||||
|
});
|
||||||
|
};
|
||||||
|
</script>
|
||||||
|
|
||||||
|
<div class="global-error" id="global-error"></div>
|
||||||
|
<div class="global-ok" id="global-ok"></div>
|
||||||
|
|
||||||
|
<div id="settings" class="dashboard-container">
|
||||||
|
<div class="pane-left">
|
||||||
|
<div class="pane-setting" id="delete-owner" onclick="window.commento.settingShow('delete-owner')">
|
||||||
|
<div class="pane-setting-inside">
|
||||||
|
<div class="setting-title">Delete Account</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="pane-right pane-right-lefter">
|
||||||
|
<div id="delete-owner-view" class="view hidden">
|
||||||
|
<div class="view-inside">
|
||||||
|
<div class="mid-view">
|
||||||
|
<div class="center center-title">
|
||||||
|
Delete Account
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="action-buttons-container">
|
||||||
|
<div class="action-buttons">
|
||||||
|
<div class="action-button">
|
||||||
|
<div class="left">
|
||||||
|
<div class="title">
|
||||||
|
Delete Account
|
||||||
|
</div>
|
||||||
|
<div class="subtitle">
|
||||||
|
This will permanently delete your account and any data associated with your account. You must first delete all domains in the dashboard before doing this.
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="right">
|
||||||
|
<button onclick="document.location.hash='#delete-owner-modal'" class="button big-red-button">Delete</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div id="delete-owner-modal" class="modal-window">
|
||||||
|
<div class="inside">
|
||||||
|
<a href="#modal-close" title="Close" class="modal-close"></a>
|
||||||
|
<div class="modal-title">Delete Accont</div>
|
||||||
|
<div class="modal-subtitle">
|
||||||
|
Are you absolutely sure you want to delete your account? This is a permanent change; there is no way to recover your account or any data associated with it.
|
||||||
|
</div>
|
||||||
|
<div class="modal-contents center">
|
||||||
|
<button id="delete-owner-button" class="button big-red-button" onclick="window.commento.deleteOwnerHandler()">Delete Account</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</html>
|
Loading…
Reference in New Issue
Block a user