website/pkg/middleware/disabled_account.go

package middleware

import (
	"net/http"
	"strings"

	"code.nonshy.com/nonshy/website/pkg/models"
	"code.nonshy.com/nonshy/website/pkg/templates"
)

var tmplDisabledAccount = templates.Must("errors/disabled_account.html")

// Whitelist of paths to allow disabled accounts to access.
var disabledAccountPathWhitelist = []string{
	"/account/delete",
	"/account/reactivate",
}

// DisabledAccount check that limits a logged-in user's options to either reactivate their account,
// delete it, or log back out.
func DisabledAccount(currentUser *models.User, w http.ResponseWriter, r *http.Request) bool {
	// Is their account disabled?
	if currentUser.Status == models.UserStatusDisabled {
		// Whitelisted paths?
		for _, path := range disabledAccountPathWhitelist {
			if strings.HasPrefix(r.URL.Path, path) {
				return false
			}
		}

		// Show the disabled account page to all other requests.
		if err := tmplDisabledAccount.Execute(w, r, nil); err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
		}
		return true
	}

	return false
}
Deactivate Account; Friends Lists on Profiles * Add a way for users to temporarily deactivate their accounts, in a recoverable way should they decide to return later. * A deactivated account may log in but have limited options: to reactivate their account, permanently delete it, or log out. * Fix several bugs around the display of comments, messages and forum threads for disabled, banned, or blocked users: * Messages (inbox and sentbox) will be hidden and the unread indicator will not count unread messages the user can't access. * Comments on photos and forum posts are hidden, and top-level threads on the "Newest" tab will show "[unavailable]" for their text and username. * Your historical notifications will hide users who are blocked, banned or disabled. * Add a "Friends" tab to user profile pages, to see other users' friends. * The page is Certification Required so non-cert users can't easily discover any members on the site. 2023-10-22 22:02:24 +00:00			`package middleware`

			`import (`
			`"net/http"`
			`"strings"`

			`"code.nonshy.com/nonshy/website/pkg/models"`
			`"code.nonshy.com/nonshy/website/pkg/templates"`
			`)`

			`var tmplDisabledAccount = templates.Must("errors/disabled_account.html")`

			`// Whitelist of paths to allow disabled accounts to access.`
			`var disabledAccountPathWhitelist = []string{`
			`"/account/delete",`
			`"/account/reactivate",`
			`}`

			`// DisabledAccount check that limits a logged-in user's options to either reactivate their account,`
			`// delete it, or log back out.`
			`func DisabledAccount(currentUser models.User, w http.ResponseWriter, r http.Request) bool {`
			`// Is their account disabled?`
			`if currentUser.Status == models.UserStatusDisabled {`
			`// Whitelisted paths?`
			`for _, path := range disabledAccountPathWhitelist {`
			`if strings.HasPrefix(r.URL.Path, path) {`
			`return false`
			`}`
			`}`

			`// Show the disabled account page to all other requests.`
			`if err := tmplDisabledAccount.Execute(w, r, nil); err != nil {`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`}`
			`return true`
			`}`

			`return false`
			`}`