diff --git a/.idea/workspace.xml b/.idea/workspace.xml
index 9e3de01..8b1d144 100644
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@@ -4,7 +4,16 @@
-
+
+
+
+
+
+
+
+
+
+
@@ -56,7 +65,7 @@
"node.js.selected.package.eslint": "(autodetect)",
"nodejs_package_manager_path": "npm",
"run.code.analysis.last.selected.profile": "pProject Default",
- "settings.editor.selected.configurable": "preferences.lookFeel",
+ "settings.editor.selected.configurable": "preferences.pluginManager",
"ts.external.directory.path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/node_modules/typescript/lib",
"vue.rearranger.settings.migration": "true"
},
@@ -150,7 +159,6 @@
-
@@ -175,7 +183,8 @@
-
+
+
true
diff --git a/go.mod b/go.mod
index 521643c..40fa2fd 100644
--- a/go.mod
+++ b/go.mod
@@ -5,7 +5,7 @@ go 1.21.6
toolchain go1.22.1
require (
- git.solsynth.dev/hydrogen/dealer v0.0.0-20240917083841-b14c0240a75f
+ git.solsynth.dev/hydrogen/dealer v0.0.0-20240919131945-00c52eba6827
github.com/go-playground/validator/v10 v10.17.0
github.com/gofiber/fiber/v2 v2.52.4
github.com/golang-jwt/jwt/v5 v5.2.0
diff --git a/go.sum b/go.sum
index 1833956..f67e1c0 100644
--- a/go.sum
+++ b/go.sum
@@ -2,6 +2,8 @@ git.solsynth.dev/hydrogen/dealer v0.0.0-20240911145828-d734d617bfc8 h1:kWheneSdS
git.solsynth.dev/hydrogen/dealer v0.0.0-20240911145828-d734d617bfc8/go.mod h1:Q51JPkKnV0UoOT/IRmdBh5CyfSlp7s8BRGzgooYHqkI=
git.solsynth.dev/hydrogen/dealer v0.0.0-20240917083841-b14c0240a75f h1:3jLpcws4/zmNUA60w1RtAtGNjcQd5NZCcbW5HQcUcvw=
git.solsynth.dev/hydrogen/dealer v0.0.0-20240917083841-b14c0240a75f/go.mod h1:Q51JPkKnV0UoOT/IRmdBh5CyfSlp7s8BRGzgooYHqkI=
+git.solsynth.dev/hydrogen/dealer v0.0.0-20240919131945-00c52eba6827 h1:1ACMPm2ArRpVNYrND/y/R6oPiuMfKe49fP+lG3mcNug=
+git.solsynth.dev/hydrogen/dealer v0.0.0-20240919131945-00c52eba6827/go.mod h1:Q51JPkKnV0UoOT/IRmdBh5CyfSlp7s8BRGzgooYHqkI=
github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
diff --git a/pkg/internal/models/tokens.go b/pkg/internal/models/tokens.go
index 35d1417..fc97fb6 100644
--- a/pkg/internal/models/tokens.go
+++ b/pkg/internal/models/tokens.go
@@ -8,6 +8,7 @@ const (
ConfirmMagicToken = MagicTokenType(iota)
RegistrationMagicToken
ResetPasswordMagicToken
+ DeleteAccountMagicToken
)
type MagicToken struct {
diff --git a/pkg/internal/server/api/accounts_api.go b/pkg/internal/server/api/accounts_api.go
index 35255c2..851b3f5 100644
--- a/pkg/internal/server/api/accounts_api.go
+++ b/pkg/internal/server/api/accounts_api.go
@@ -216,3 +216,34 @@ func doRegisterConfirm(c *fiber.Ctx) error {
return c.SendStatus(fiber.StatusOK)
}
+
+func requestDeleteAccount(c *fiber.Ctx) error {
+ if err := exts.EnsureAuthenticated(c); err != nil {
+ return err
+ }
+ user := c.Locals("user").(models.Account)
+
+ if err := services.CheckAbleToDeleteAccount(user); err != nil {
+ return fiber.NewError(fiber.StatusBadRequest, err.Error())
+ } else if err = services.RequestDeleteAccount(user); err != nil {
+ return fiber.NewError(fiber.StatusInternalServerError, err.Error())
+ }
+
+ return c.SendStatus(fiber.StatusOK)
+}
+
+func confirmDeleteAccount(c *fiber.Ctx) error {
+ var data struct {
+ Code string `json:"code" validate:"required"`
+ }
+
+ if err := exts.BindAndValidate(c, &data); err != nil {
+ return err
+ }
+
+ if err := services.ConfirmDeleteAccount(data.Code); err != nil {
+ return fiber.NewError(fiber.StatusBadRequest, err.Error())
+ }
+
+ return c.SendStatus(fiber.StatusOK)
+}
diff --git a/pkg/internal/server/api/index.go b/pkg/internal/server/api/index.go
index 9f58d2f..c42f43b 100644
--- a/pkg/internal/server/api/index.go
+++ b/pkg/internal/server/api/index.go
@@ -79,6 +79,9 @@ func MapAPIs(app *fiber.App, baseURL string) {
relations.Post("/:relatedId/accept", acceptFriend)
relations.Post("/:relatedId/decline", declineFriend)
}
+
+ me.Post("/deletion", requestDeleteAccount)
+ me.Post("/deletion/confirm", confirmDeleteAccount)
}
directory := api.Group("/users/:alias").Name("User Directory")
diff --git a/pkg/internal/services/accounts.go b/pkg/internal/services/accounts.go
index 054a1f3..59edcc4 100644
--- a/pkg/internal/services/accounts.go
+++ b/pkg/internal/services/accounts.go
@@ -1,7 +1,10 @@
package services
import (
+ "context"
"fmt"
+ "git.solsynth.dev/hydrogen/dealer/pkg/proto"
+ "git.solsynth.dev/hydrogen/passport/pkg/internal/gap"
"time"
"unicode"
@@ -179,6 +182,61 @@ func ForceConfirmAccount(user models.Account) error {
return nil
}
+func CheckAbleToDeleteAccount(user models.Account) error {
+ if user.AutomatedID != nil {
+ return fmt.Errorf("bot cannot request delete account, head to developer portal and dispose bot")
+ }
+
+ var count int64
+ if err := database.C.
+ Where("account_id = ?", user.ID).
+ Where("expired_at < ?", time.Now()).
+ Where("type = ?", models.ResetPasswordMagicToken).
+ Model(&models.MagicToken{}).
+ Count(&count).Error; err != nil {
+ return fmt.Errorf("unable to check delete account ability: %v", err)
+ } else if count > 0 {
+ return fmt.Errorf("you requested delete account recently")
+ }
+
+ return nil
+}
+
+func RequestDeleteAccount(user models.Account) error {
+ if tk, err := NewMagicToken(
+ models.DeleteAccountMagicToken,
+ &user,
+ lo.ToPtr(time.Now().Add(24*time.Hour)),
+ ); err != nil {
+ return err
+ } else if err := NotifyMagicToken(tk); err != nil {
+ log.Error().
+ Err(err).
+ Str("code", tk.Code).
+ Uint("user", user.ID).
+ Msg("Failed to notify delete account magic token...")
+ }
+
+ return nil
+}
+
+func ConfirmDeleteAccount(code string) error {
+ token, err := ValidateMagicToken(code, models.DeleteAccountMagicToken)
+ if err != nil {
+ return err
+ } else if token.AccountID == nil {
+ return fmt.Errorf("magic token didn't assign a valid account")
+ }
+
+ if err := DeleteAccount(*token.AccountID); err != nil {
+ return err
+ } else {
+ database.C.Delete(&token)
+ }
+
+ return nil
+}
+
func CheckAbleToResetPassword(user models.Account) error {
var count int64
if err := database.C.
@@ -232,7 +290,13 @@ func ConfirmResetPassword(code, newPassword string) error {
factor.Secret = HashPassword(newPassword)
}
- return database.C.Save(&factor).Error
+ if err = database.C.Save(&factor).Error; err != nil {
+ return err
+ } else {
+ database.C.Delete(&token)
+ }
+
+ return nil
}
func DeleteAccount(id uint) error {
@@ -243,7 +307,17 @@ func DeleteAccount(id uint) error {
return err
}
- return tx.Commit().Error
+ if err := tx.Commit().Error; err != nil {
+ return err
+ } else {
+ InvalidAuthCacheWithUser(id)
+ _, _ = proto.NewServiceDirectoryClient(gap.H.GetDealerGrpcConn()).BroadcastDeletion(context.Background(), &proto.DeletionRequest{
+ ResourceType: "account",
+ ResourceId: fmt.Sprintf("%d", id),
+ })
+ }
+
+ return nil
}
func RecycleUnConfirmAccount() {
diff --git a/pkg/internal/services/tokens.go b/pkg/internal/services/tokens.go
index fed48a4..10f686b 100644
--- a/pkg/internal/services/tokens.go
+++ b/pkg/internal/services/tokens.go
@@ -45,6 +45,23 @@ If you have any questions or need further assistance, please do not hesitate to
Best regards,
%s`
+const DeleteAccountTemplate = `Dear %s,
+
+We received a request to delete your account at %s. If you did not request a account deletion, please change your account password right now.
+If you changed your mind, please ignore this email.
+
+To confirm your account deletion request, please use the link below:
+
+%s
+
+This link will expire in 24 hours. If you do not use that link within this time frame, you will need to submit an account deletion request.
+
+If you have any questions or need further assistance, please do not hesitate to contact our support team.
+Also, if you want to let us know why you decided to delete your account, send email us (lily@solsynth.dev) and tell us how could we improve our user experience.
+
+Best regards,
+%s`
+
func ValidateMagicToken(code string, mode models.MagicTokenType) (models.MagicToken, error) {
var tk models.MagicToken
if err := database.C.Where(models.MagicToken{Code: code, Type: mode}).First(&tk).Error; err != nil {
@@ -112,6 +129,16 @@ func NotifyMagicToken(token models.MagicToken) error {
link,
viper.GetString("maintainer"),
)
+ case models.DeleteAccountMagicToken:
+ link := fmt.Sprintf("%s/flow/accounts/account-delete?code=%s", viper.GetString("frontend_app"), token.Code)
+ subject = fmt.Sprintf("[%s] Confirm your account deletion", viper.GetString("name"))
+ content = fmt.Sprintf(
+ DeleteAccountTemplate,
+ user.Name,
+ viper.GetString("name"),
+ link,
+ viper.GetString("maintainer"),
+ )
default:
return fmt.Errorf("unsupported magic token type to notify")
}