website/pkg/controller/account/delete.go

package account

import (
	"net/http"
	"strings"

	"code.nonshy.com/nonshy/website/pkg/models/deletion"
	"code.nonshy.com/nonshy/website/pkg/session"
	"code.nonshy.com/nonshy/website/pkg/templates"
)

// Delete account page (self service).
func Delete() http.HandlerFunc {
	tmpl := templates.Must("account/delete.html")
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		currentUser, err := session.CurrentUser(r)
		if err != nil {
			session.FlashError(w, r, "Couldn't get your current user: %s", err)
			templates.Redirect(w, "/")
			return
		}

		// Confirm deletion.
		if r.Method == http.MethodPost {
			var password = strings.TrimSpace(r.PostFormValue("password"))
			if err := currentUser.CheckPassword(password); err != nil {
				session.FlashError(w, r, "You must enter your correct account password to delete your account.")
				templates.Redirect(w, r.URL.Path)
				return
			}

			// Delete their account!
			if err := deletion.DeleteUser(currentUser); err != nil {
				session.FlashError(w, r, "Error while deleting your account: %s", err)
				templates.Redirect(w, r.URL.Path)
				return
			}

			// Sign them out.
			session.LogoutUser(w, r)
			session.Flash(w, r, "Your account has been deleted.")
			templates.Redirect(w, "/")
			return
		}

		var vars = map[string]interface{}{}
		if err := tmpl.Execute(w, r, vars); err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
	})
}
User Account Busywork * Add "forgot password" workflow. * Add ability to change user email address (confirmation link sent) * Add ability to change user's password. * Add rate limiter to deter brute force login attempts. * Add user deep delete functionality (delete account). * Ping user LastLoginAt every 8 hours for long-lived session cookies. * Add age filters to user search page. * Add sort options to user search (last login, created, username/name) 2022-08-14 21:40:57 +00:00			`package account`

			`import (`
			`"net/http"`
			`"strings"`

Rename the module 2022-08-26 04:21:46 +00:00			`"code.nonshy.com/nonshy/website/pkg/models/deletion"`
			`"code.nonshy.com/nonshy/website/pkg/session"`
			`"code.nonshy.com/nonshy/website/pkg/templates"`
User Account Busywork * Add "forgot password" workflow. * Add ability to change user email address (confirmation link sent) * Add ability to change user's password. * Add rate limiter to deter brute force login attempts. * Add user deep delete functionality (delete account). * Ping user LastLoginAt every 8 hours for long-lived session cookies. * Add age filters to user search page. * Add sort options to user search (last login, created, username/name) 2022-08-14 21:40:57 +00:00			`)`

			`// Delete account page (self service).`
			`func Delete() http.HandlerFunc {`
			`tmpl := templates.Must("account/delete.html")`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`currentUser, err := session.CurrentUser(r)`
			`if err != nil {`
			`session.FlashError(w, r, "Couldn't get your current user: %s", err)`
			`templates.Redirect(w, "/")`
			`return`
			`}`

			`// Confirm deletion.`
			`if r.Method == http.MethodPost {`
			`var password = strings.TrimSpace(r.PostFormValue("password"))`
			`if err := currentUser.CheckPassword(password); err != nil {`
			`session.FlashError(w, r, "You must enter your correct account password to delete your account.")`
			`templates.Redirect(w, r.URL.Path)`
			`return`
			`}`

			`// Delete their account!`
			`if err := deletion.DeleteUser(currentUser); err != nil {`
			`session.FlashError(w, r, "Error while deleting your account: %s", err)`
			`templates.Redirect(w, r.URL.Path)`
			`return`
			`}`

			`// Sign them out.`
			`session.LogoutUser(w, r)`
			`session.Flash(w, r, "Your account has been deleted.")`
			`templates.Redirect(w, "/")`
			`return`
			`}`

			`var vars = map[string]interface{}{}`
			`if err := tmpl.Execute(w, r, vars); err != nil {`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
			`})`
			`}`