api, frontend: add account deletion
Closes https://gitlab.com/commento/commento/issues/120
This commit is contained in:
Adhityaa Chandrasekar
parent
80dc91ca05
commit
dc24a40a37
@ -47,3 +47,5 @@ var errorNoSuchUnsubscribeSecretHex = errors.New("Invalid unsubscribe link.")
|
||||
var errorEmptyPaths = errors.New("Empty paths field.")
|
||||
var errorInvalidDomain = errors.New("Invalid domain name. Do not include the URL path after the forward slash.")
|
||||
var errorInvalidEntity = errors.New("That entity does not exist.")
|
||||
var errorCannotDeleteOwnerWithActiveDomains = errors.New("You cannot delete your account until all domains associated with your account are deleted.")
|
||||
var errorNoSuchOwner = errors.New("No such owner.")
|
||||
|
||||
79
api/owner_delete.go
Normal file
79
api/owner_delete.go
Normal file
@ -0,0 +1,79 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func ownerDelete(ownerHex string, deleteDomains bool) error {
|
||||
domains, err := domainList(ownerHex)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if len(domains) > 0 {
|
||||
if !deleteDomains {
|
||||
return errorCannotDeleteOwnerWithActiveDomains
|
||||
}
|
||||
for _, d := range domains {
|
||||
if err := domainDelete(d.Domain); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
statement := `
|
||||
DELETE FROM owners
|
||||
WHERE ownerHex = $1;
|
||||
`
|
||||
_, err = db.Exec(statement, ownerHex)
|
||||
if err != nil {
|
||||
return errorNoSuchOwner
|
||||
}
|
||||
|
||||
statement = `
|
||||
DELETE FROM ownersessions
|
||||
WHERE ownerHex = $1;
|
||||
`
|
||||
_, err = db.Exec(statement, ownerHex)
|
||||
if err != nil {
|
||||
logger.Errorf("cannot delete from ownersessions: %v", err)
|
||||
return errorInternal
|
||||
}
|
||||
|
||||
statement = `
|
||||
DELETE FROM resethexes
|
||||
WHERE hex = $1;
|
||||
`
|
||||
_, err = db.Exec(statement, ownerHex)
|
||||
if err != nil {
|
||||
logger.Errorf("cannot delete from resethexes: %v", err)
|
||||
return errorInternal
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func ownerDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
||||
type request struct {
|
||||
OwnerToken *string `json:"ownerToken"`
|
||||
}
|
||||
|
||||
var x request
|
||||
if err := bodyUnmarshal(r, &x); err != nil {
|
||||
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
o, err := ownerGetByOwnerToken(*x.OwnerToken)
|
||||
if err != nil {
|
||||
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
if err = ownerDelete(o.OwnerHex, false); err != nil {
|
||||
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
bodyMarshal(w, response{"success": true})
|
||||
}
|
||||
@ -92,10 +92,8 @@ func ownerNewHandler(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if _, err := commenterNew(*x.Email, *x.Name, "undefined", "undefined", "commento", *x.Password); err != nil {
|
||||
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
||||
return
|
||||
}
|
||||
// Errors in creating a commenter account should not hold this up.
|
||||
_, _ = commenterNew(*x.Email, *x.Name, "undefined", "undefined", "commento", *x.Password)
|
||||
|
||||
bodyMarshal(w, response{"success": true, "confirmEmail": smtpConfigured})
|
||||
}
|
||||
|
||||
@ -9,6 +9,7 @@ func apiRouterInit(router *mux.Router) error {
|
||||
router.HandleFunc("/api/owner/confirm-hex", ownerConfirmHexHandler).Methods("GET")
|
||||
router.HandleFunc("/api/owner/login", ownerLoginHandler).Methods("POST")
|
||||
router.HandleFunc("/api/owner/self", ownerSelfHandler).Methods("POST")
|
||||
router.HandleFunc("/api/owner/delete", ownerDeleteHandler).Methods("POST")
|
||||
|
||||
router.HandleFunc("/api/domain/new", domainNewHandler).Methods("POST")
|
||||
router.HandleFunc("/api/domain/delete", domainDeleteHandler).Methods("POST")
|
||||
|
||||
@ -101,6 +101,7 @@ func staticRouterInit(router *mux.Router) error {
|
||||
"/confirm-email",
|
||||
"/unsubscribe",
|
||||
"/dashboard",
|
||||
"/settings",
|
||||
"/logout",
|
||||
"/profile",
|
||||
}
|
||||
|
||||
@ -14,6 +14,7 @@
|
||||
<div id="navbar" class="navbar">
|
||||
<a href="[[[.Origin]]]/" class="navbar-item navbar-logo-text"><img src="[[[.CdnPrefix]]]/images/logo.svg" class="navbar-logo">Commento</a>
|
||||
<div class="navbar-item">
|
||||
<a href="[[[.Origin]]]/settings" class="navbar-item">Settings</a>
|
||||
<a href="[[[.Origin]]]/logout" class="navbar-item">Logout</a>
|
||||
<div class="float-right"><b><div id="owner-name"></div></b></div>
|
||||
</div>
|
||||
|
||||
@ -70,6 +70,14 @@ const jsCompileMap = {
|
||||
"js/dashboard-danger.js",
|
||||
"js/dashboard-export.js",
|
||||
],
|
||||
"js/settings.js": [
|
||||
"js/constants.js",
|
||||
"js/utils.js",
|
||||
"js/http.js",
|
||||
"js/errors.js",
|
||||
"js/self.js",
|
||||
"js/settings.js"
|
||||
],
|
||||
"js/logout.js": [
|
||||
"js/constants.js",
|
||||
"js/utils.js",
|
||||
|
||||
@ -33,12 +33,22 @@
|
||||
}
|
||||
}
|
||||
|
||||
// Shows messages produced from account deletion.
|
||||
function displayDeletedOwner() {
|
||||
var deleted = global.paramGet("deleted");
|
||||
|
||||
if (deleted === "true") {
|
||||
$("#msg").html("Your account has been deleted.")
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Shows email confirmation and password reset messages, if any.
|
||||
global.displayMessages = function() {
|
||||
displayConfirmedEmail();
|
||||
displayChangedPassword();
|
||||
displaySignedUp();
|
||||
displayDeletedOwner();
|
||||
};
|
||||
|
||||
|
||||
|
||||
54
frontend/js/settings.js
Normal file
54
frontend/js/settings.js
Normal file
@ -0,0 +1,54 @@
|
||||
(function (global, document) {
|
||||
"use strict";
|
||||
|
||||
(document);
|
||||
|
||||
global.vueConstruct = function(callback) {
|
||||
var reactiveData = {
|
||||
hasSource: global.owner.hasSource,
|
||||
lastFour: global.owner.lastFour,
|
||||
};
|
||||
|
||||
global.settings = new Vue({
|
||||
el: "#settings",
|
||||
data: reactiveData,
|
||||
});
|
||||
|
||||
if (callback !== undefined) {
|
||||
callback();
|
||||
}
|
||||
};
|
||||
|
||||
global.settingShow = function(setting) {
|
||||
$(".pane-setting").removeClass("selected");
|
||||
$(".view").hide();
|
||||
$("#" + setting).addClass("selected");
|
||||
$("#" + setting + "-view").show();
|
||||
};
|
||||
|
||||
global.deleteOwnerHandler = function() {
|
||||
if (!confirm("Are you absolutely sure you want to delete your account?")) {
|
||||
return;
|
||||
}
|
||||
|
||||
var json = {
|
||||
"ownerToken": global.cookieGet("commentoOwnerToken"),
|
||||
}
|
||||
|
||||
$("#delete-owner-button").prop("disabled", true);
|
||||
$("#delete-owner-button").text("Deleting...");
|
||||
global.post(global.origin + "/api/owner/delete", json, function(resp) {
|
||||
if (!resp.success) {
|
||||
$("#delete-owner-button").prop("disabled", false);
|
||||
$("#delete-owner-button").text("Delete Account");
|
||||
global.globalErrorShow(resp.message);
|
||||
$("#error-message").text(resp.message);
|
||||
return;
|
||||
}
|
||||
|
||||
global.cookieDelete("commentoOwnerToken");
|
||||
document.location = global.origin + "/login?deleted=true";
|
||||
});
|
||||
};
|
||||
|
||||
} (window.commento, document));
|
||||
@ -84,7 +84,7 @@ body {
|
||||
margin: 8px;
|
||||
|
||||
.left {
|
||||
padding: 8px;
|
||||
padding: 8px 16px;
|
||||
|
||||
.title {
|
||||
font-weight: bold;
|
||||
|
||||
90
frontend/settings.html
Normal file
90
frontend/settings.html
Normal file
@ -0,0 +1,90 @@
|
||||
<html>
|
||||
<head>
|
||||
<script src="[[[.CdnPrefix]]]/js/jquery.js"></script>
|
||||
<script src="[[[.CdnPrefix]]]/js/vue.js"></script>
|
||||
<script src="[[[.CdnPrefix]]]/js/highlight.js"></script>
|
||||
<script src="[[[.CdnPrefix]]]/js/chartist.js"></script>
|
||||
<script src="[[[.CdnPrefix]]]/js/settings.js"></script>
|
||||
<script src="https://js.stripe.com/v3/"></script>
|
||||
<link rel="icon" href="[[[.CdnPrefix]]]/images/120x120.png">
|
||||
<link rel="stylesheet" href="[[[.CdnPrefix]]]/css/chartist.css">
|
||||
<link rel="stylesheet" href="[[[.CdnPrefix]]]/css/dashboard.css">
|
||||
<title>Commento: Settings</title>
|
||||
</head>
|
||||
|
||||
<div id="navbar" class="navbar">
|
||||
<a href="[[[.Origin]]]/" class="navbar-item navbar-logo-text"><img src="[[[.CdnPrefix]]]/images/logo.svg" class="navbar-logo">Commento</a>
|
||||
<div class="navbar-item">
|
||||
<a href="[[[.Origin]]]/dashboard" class="navbar-item">Dashboard</a>
|
||||
<a href="[[[.Origin]]]/logout" class="navbar-item">Logout</a>
|
||||
<div class="float-right"><b><div id="owner-name"></div></b></div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
window.onload = function() {
|
||||
window.commento.selfGet(function() {
|
||||
window.commento.vueConstruct(function() {
|
||||
window.commento.settingShow("delete-owner");
|
||||
});
|
||||
});
|
||||
};
|
||||
</script>
|
||||
|
||||
<div class="global-error" id="global-error"></div>
|
||||
<div class="global-ok" id="global-ok"></div>
|
||||
|
||||
<div id="settings" class="dashboard-container">
|
||||
<div class="pane-left">
|
||||
<div class="pane-setting" id="delete-owner" onclick="window.commento.settingShow('delete-owner')">
|
||||
<div class="pane-setting-inside">
|
||||
<div class="setting-title">Delete Account</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="pane-right pane-right-lefter">
|
||||
<div id="delete-owner-view" class="view hidden">
|
||||
<div class="view-inside">
|
||||
<div class="mid-view">
|
||||
<div class="center center-title">
|
||||
Delete Account
|
||||
</div>
|
||||
|
||||
<div class="action-buttons-container">
|
||||
<div class="action-buttons">
|
||||
<div class="action-button">
|
||||
<div class="left">
|
||||
<div class="title">
|
||||
Delete Account
|
||||
</div>
|
||||
<div class="subtitle">
|
||||
This will permanently delete your account and any data associated with your account. You must first delete all domains in the dashboard before doing this.
|
||||
</div>
|
||||
</div>
|
||||
<div class="right">
|
||||
<button onclick="document.location.hash='#delete-owner-modal'" class="button big-red-button">Delete</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="delete-owner-modal" class="modal-window">
|
||||
<div class="inside">
|
||||
<a href="#modal-close" title="Close" class="modal-close"></a>
|
||||
<div class="modal-title">Delete Accont</div>
|
||||
<div class="modal-subtitle">
|
||||
Are you absolutely sure you want to delete your account? This is a permanent change; there is no way to recover your account or any data associated with it.
|
||||
</div>
|
||||
<div class="modal-contents center">
|
||||
<button id="delete-owner-button" class="button big-red-button" onclick="window.commento.deleteOwnerHandler()">Delete Account</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</html>
|
||||
Loading…
Reference in New Issue
Block a user