Mirrors/writefreely
2
0
Fork 0
mirror of https://github.com/writefreely/writefreely synced 2025-02-17 16:28:23 +00:00
Code Issues Projects Releases Packages Wiki Activity

add user account delete UI

Browse source
This commit is contained in:
Rob Loranger 2019-11-05 12:21:18 -08:00
parent b83af955c3
commit 482e632ca9
No known key found for this signature in database
GPG key ID: D6F1633A4F0903B8
3 changed files with 30 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
account.go
View file

@ -1068,3 +1068,20 @@ func getTempInfo(app *App, key string, r *http.Request, w http.ResponseWriter) s
// Return value
return s
}
func handleUserDelete(app *App, u *User, w http.ResponseWriter, r *http.Request) error {
confirmUsername := r.PostFormValue("confirm-username")
if u.Username != confirmUsername {
return impart.HTTPError{http.StatusBadRequest, "Confirmation username must match your username exactly."}
}
// TODO: prevent admin delete themselves?
err := app.db.DeleteAccount(u.ID)
if err != nil {
log.Error("user delete account: %v", err)
return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not delete account: %v", err)}
}
_ = addSessionFlash(app, w, r, "Account deleted successfully, sorry to see you go.", nil)
return impart.HTTPError{http.StatusFound, "/me/logout"}
}

1
routes.go
View file

@ -87,6 +87,7 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router {
me.HandleFunc("/c/", handler.User(viewCollections)).Methods("GET")
me.HandleFunc("/c/{collection}", handler.User(viewEditCollection)).Methods("GET")
me.HandleFunc("/c/{collection}/stats", handler.User(viewStats)).Methods("GET")
me.HandleFunc("/delete", handler.User(handleUserDelete)).Methods("POST")
me.HandleFunc("/posts", handler.Redirect("/me/posts/", UserLevelUser)).Methods("GET")
me.HandleFunc("/posts/", handler.User(viewArticles)).Methods("GET")
me.HandleFunc("/posts/export.csv", handler.Download(viewExportPosts, UserLevelUser)).Methods("GET")

12
templates/user/settings.tmpl
View file

@ -63,6 +63,18 @@ h3 { font-weight: normal; }
<input type="submit" value="Save changes" tabindex="4" />
</div>
</form>
{{ if not .IsAdmin }}
<hr/>
<h2>Delete Account</h2>
<h3><strong>Danger Zone - This cannot be undone</strong></h3>
<p>This will delete your account and all your blogs and posts. Before continuing make sure to <a href="/me/export">export your data</a>.</p>
<form action="/me/delete" method="post">
<p>Type your username to confirm deletion.<p>
<input name="confirm-username" type="text" title="confirm username to delete" placeholder="confirm username">
<input class="danger" type="submit" value="DELETE">
</form>
{{end}}
</div>
<script>