mirror of
https://github.com/HeyPuter/puter
synced 2024-11-15 06:15:47 +00:00
Add delete-own-user
This commit is contained in:
parent
ef0da306a8
commit
3b7be8a719
43
packages/backend/src/routers/delete-own-user.js
Normal file
43
packages/backend/src/routers/delete-own-user.js
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
const eggspress = require("../api/eggspress");
|
||||||
|
const { deleteUser, invalidate_cached_user } = require("../helpers");
|
||||||
|
|
||||||
|
const config = require("../config");
|
||||||
|
|
||||||
|
module.exports = eggspress("/delete-own-user", {
|
||||||
|
subdomain: "api",
|
||||||
|
auth: true,
|
||||||
|
allowedMethods: ["POST"],
|
||||||
|
}, async (req, res, next) => {
|
||||||
|
const bcrypt = require('bcrypt');
|
||||||
|
|
||||||
|
const validate_request = async () => {
|
||||||
|
const user = req.user;
|
||||||
|
|
||||||
|
// `user` should always have a value, but this is checked
|
||||||
|
// any way in case the auth middleware is broken.
|
||||||
|
if ( ! user ) return false;
|
||||||
|
|
||||||
|
// temporary users don't require password verification
|
||||||
|
if ( ! user.email && ! user.password ) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( ! req.body.password ) return false;
|
||||||
|
if ( ! user || ! user.password ) return false;
|
||||||
|
if ( ! await bcrypt.compare(req.body.password, req.user.password) ) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( ! await validate_request() ) {
|
||||||
|
return res.status(400).send({ success: false });
|
||||||
|
}
|
||||||
|
|
||||||
|
res.clearCookie(config.cookie_name);
|
||||||
|
|
||||||
|
await deleteUser(req.user.id);
|
||||||
|
invalidate_cached_user(req.user);
|
||||||
|
|
||||||
|
return res.send({ success: true });
|
||||||
|
});
|
@ -37,6 +37,7 @@ class PuterAPIService extends BaseService {
|
|||||||
app.use(require('../routers/auth/check-app'))
|
app.use(require('../routers/auth/check-app'))
|
||||||
app.use(require('../routers/auth/app-uid-from-origin'))
|
app.use(require('../routers/auth/app-uid-from-origin'))
|
||||||
app.use(require('../routers/auth/create-access-token'))
|
app.use(require('../routers/auth/create-access-token'))
|
||||||
|
app.use(require('../routers/auth/delete-own-user'))
|
||||||
app.use(require('../routers/drivers/call'))
|
app.use(require('../routers/drivers/call'))
|
||||||
app.use(require('../routers/drivers/list-interfaces'))
|
app.use(require('../routers/drivers/list-interfaces'))
|
||||||
app.use(require('../routers/drivers/usage'))
|
app.use(require('../routers/drivers/usage'))
|
||||||
|
Loading…
Reference in New Issue
Block a user