added account deletion to the danger zone

2025-03-12 06:33:22 +08:00 · 2021-07-25 00:44:24 +01:00 · 2021-07-25 00:44:24 +01:00 · 1ae537e288
commit 1ae537e288
parent 8cbbe51ba7
8 changed files with 115 additions and 2 deletions
--- a/backend/api/controllers/result.js
+++ b/backend/api/controllers/result.js
@ -18,6 +18,16 @@ class ResultController {
    }
  }

+  static async deleteAll(req, res, next) {
+    try {
+      const { uid } = req.decodedToken;
+      await ResultDAO.deleteAll(uid);
+      return res.sendStatus(200);
+    } catch (e) {
+      next(e);
+    }
+  }
+
  static async updateTags(req, res, next) {
    try {
      const { uid } = req.decodedToken;
--- a/backend/api/controllers/user.js
+++ b/backend/api/controllers/user.js
@ -24,7 +24,7 @@ class UserController {

  static async deleteUser(req, res, next) {
    try {
-      const { uid } = req.body;
+      const { uid } = req.decodedToken;
      await UsersDAO.deleteUser(uid);
      return res.sendStatus(200);
    } catch (e) {
--- a/backend/api/routes/result.js
+++ b/backend/api/routes/result.js
@ -10,4 +10,6 @@ router.post("/add", authenticateRequest, ResultController.addResult);

 router.post("/updateTags", authenticateRequest, ResultController.updateTags);

+router.post("/deleteAll", authenticateRequest, ResultController.deleteAll);
+
 module.exports = router;
--- a/backend/api/routes/user.js
+++ b/backend/api/routes/user.js
@ -10,7 +10,7 @@ router.post("/signup", UserController.createNewUser);

 router.post("/checkName", UserController.checkName);

-router.post("/delete", UserController.deleteUser);
+router.post("/delete", authenticateRequest, UserController.deleteUser);

 router.post("/updateName", authenticateRequest, UserController.updateName);

--- a/backend/dao/result.js
+++ b/backend/dao/result.js
@ -19,6 +19,10 @@ class ResultDAO {
    };
  }

+  static async deleteAll(uid) {
+    return await mongoDB().collection("results").deleteMany({ uid });
+  }
+
  static async updateTags(uid, resultid, tags) {
    const result = await mongoDB()
      .collection("results")
--- a/src/js/settings.js
+++ b/src/js/settings.js
@ -791,6 +791,10 @@ $(".pageSettings #updateAccountPassword").on("click", (e) => {
  SimplePopups.list.updatePassword.show();
 });

+$(".pageSettings #deleteAccount").on("click", (e) => {
+  SimplePopups.list.deleteAccount.show();
+});
+
 $(".pageSettings .section.customBackgroundSize .inputAndSave .save").on(
  "click",
  (e) => {
--- a/src/js/simple-popups.js
+++ b/src/js/simple-popups.js
@ -269,6 +269,83 @@ list.updatePassword = new SimplePopup(
  }
 );

+list.deleteAccount = new SimplePopup(
+  "deleteAccount",
+  "text",
+  "Delete Account",
+  [
+    {
+      placeholder: "Password",
+      type: "password",
+      initVal: "",
+    },
+  ],
+  "This is the last time you can change your mind. After pressing the button everything is gone.",
+  "Update",
+  async (password) => {
+    //
+    try {
+      const user = firebase.auth().currentUser;
+      if (user.providerData[0].providerId === "password") {
+        const credential = firebase.auth.EmailAuthProvider.credential(
+          user.email,
+          password
+        );
+        await user.reauthenticateWithCredential(credential);
+      } else if (user.providerData[0].providerId === "google.com") {
+        await user.reauthenticateWithPopup(AccountController.gmailProvider);
+      }
+      Loader.show();
+
+      Notifications.add("Deleting stats...", 0);
+      let response;
+      try {
+        response = await axiosInstance.post("/user/delete");
+      } catch (e) {
+        Loader.hide();
+        let msg = e?.response?.data?.message ?? e.message;
+        Notifications.add("Failed to delete user stats: " + msg, -1);
+        return;
+      }
+      if (response.status !== 200) {
+        throw response.data.message;
+      }
+
+      Notifications.add("Deleting results...", 0);
+      try {
+        response = await axiosInstance.post("/results/deleteAll");
+      } catch (e) {
+        Loader.hide();
+        let msg = e?.response?.data?.message ?? e.message;
+        Notifications.add("Failed to delete user results: " + msg, -1);
+        return;
+      }
+      if (response.status !== 200) {
+        throw response.data.message;
+      }
+
+      Notifications.add("Deleting login information...", 0);
+      await firebase.auth().currentUser.delete();
+
+      Notifications.add("Goodbye", 1, 5);
+
+      setTimeout(() => {
+        location.reload();
+      }, 3000);
+    } catch (e) {
+      Loader.hide();
+      Notifications.add(e, -1);
+    }
+  },
+  () => {
+    const user = firebase.auth().currentUser;
+    if (user.providerData[0].providerId === "google.com") {
+      eval(`this.inputs = []`);
+      eval(`this.buttonText = "Reauthenticate to delete"`);
+    }
+  }
+);
+
 list.clearTagPb = new SimplePopup(
  "clearTagPb",
  "text",
--- a/static/index.html
+++ b/static/index.html
@ -3938,6 +3938,22 @@
                  </div>
                </div>
              </div>
+              <div class="section deleteAccount">
+                <h1>delete account</h1>
+                <div class="text">
+                  Deletes your account and all data connected to it.
+                </div>
+                <div class="buttons">
+                  <div
+                    class="button off danger"
+                    id="deleteAccount"
+                    tabindex="0"
+                    onclick="this.blur();"
+                  >
+                    delete account
+                  </div>
+                </div>
+              </div>
              <div class="section deleteAccount hidden">
                <h1>delete account</h1>
                <div class="text">