mirror
/
writefreely
mirror of https://github.com/writeas/writefreely
2
0
Fork 0
Code Issues Releases Wiki Activity

add user account delete UI

Browse Source
pull/204/head
Rob Loranger 5 years ago
parent b83af955c3
commit 482e632ca9
No known key found for this signature in database
GPG Key ID: D6F1633A4F0903B8
3 changed files with 30 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 17
      account.go
  2. 1
      routes.go
  3. 12
      templates/user/settings.tmpl

17
account.go
Unescape View File

@ -1068,3 +1068,20 @@ func getTempInfo(app *App, key string, r *http.Request, w http.ResponseWriter) s
// Return value
return s
}
func handleUserDelete(app *App, u *User, w http.ResponseWriter, r *http.Request) error {
confirmUsername := r.PostFormValue("confirm-username")
if u.Username != confirmUsername {
return impart.HTTPError{http.StatusBadRequest, "Confirmation username must match your username exactly."}
}
// TODO: prevent admin delete themselves?
err := app.db.DeleteAccount(u.ID)
if err != nil {
log.Error("user delete account: %v", err)
return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not delete account: %v", err)}
}
_ = addSessionFlash(app, w, r, "Account deleted successfully, sorry to see you go.", nil)
return impart.HTTPError{http.StatusFound, "/me/logout"}
}

1
routes.go
Unescape View File

@ -87,6 +87,7 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router {
me.HandleFunc("/c/", handler.User(viewCollections)).Methods("GET")
me.HandleFunc("/c/{collection}", handler.User(viewEditCollection)).Methods("GET")
me.HandleFunc("/c/{collection}/stats", handler.User(viewStats)).Methods("GET")
me.HandleFunc("/delete", handler.User(handleUserDelete)).Methods("POST")
me.HandleFunc("/posts", handler.Redirect("/me/posts/", UserLevelUser)).Methods("GET")
me.HandleFunc("/posts/", handler.User(viewArticles)).Methods("GET")
me.HandleFunc("/posts/export.csv", handler.Download(viewExportPosts, UserLevelUser)).Methods("GET")

12
templates/user/settings.tmpl
Unescape View File

@ -63,6 +63,18 @@ h3 { font-weight: normal; }
<input type="submit" value="Save changes" tabindex="4" />
</div>
</form>
{{ if not .IsAdmin }}
<hr/>
<h2>Delete Account</h2>
<h3><strong>Danger Zone - This cannot be undone</strong></h3>
<p>This will delete your account and all your blogs and posts. Before continuing make sure to <a href="/me/export">export your data</a>.</p>
<form action="/me/delete" method="post">
<p>Type your username to confirm deletion.<p>
<input name="confirm-username" type="text" title="confirm username to delete" placeholder="confirm username">
<input class="danger" type="submit" value="DELETE">
</form>
{{end}}
</div>
<script>

Write Preview
Loading…
Cancel
Save