website/pkg/controller/account/deactivate.go
Noah Petherbridge 742a5fa1af Auto-Disconnect Users from Chat
Users whose accounts are no longer eligible to be in the chat room will be
disconnected immediately from chat when their account status changes.

The places in nonshy where these disconnects may happen include:

* When the user deactivates or deletes their account.
* When they modify their settings to mark their profile as 'private,' making
  them become a Shy Account.
* When they edit or delete their photos in case they have moved their final
  public photo to be private, making them become a Shy Account.
* When the user deletes their certification photo, or uploads a new cert photo
  to be reviewed (in both cases, losing account certified status).
* When an admin user rejects their certification photo, even retroactively.
* On admin actions against a user, including: banning them, deleting their
  user account.

Other changes made include:

* When signing up an account and e-mail sending is not enabled (e.g. local
  dev environment), the SignupToken is still created and logged to the console
  so you can continue the signup manually.
* On the new account DOB prompt, add a link to manually input their birthdate
  as text similar to on the Age Gate page.
2024-03-15 15:57:05 -07:00

96 lines
3.0 KiB
Go

package account
import (
"net/http"
"strings"
"code.nonshy.com/nonshy/website/pkg/chat"
"code.nonshy.com/nonshy/website/pkg/log"
"code.nonshy.com/nonshy/website/pkg/models"
"code.nonshy.com/nonshy/website/pkg/session"
"code.nonshy.com/nonshy/website/pkg/templates"
)
// Deactivate account page (self service).
func Deactivate() http.HandlerFunc {
tmpl := templates.Must("account/deactivate.html")
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
currentUser, err := session.CurrentUser(r)
if err != nil {
session.FlashError(w, r, "Couldn't get your current user: %s", err)
templates.Redirect(w, "/")
return
}
// Confirm deletion.
if r.Method == http.MethodPost {
var password = strings.TrimSpace(r.PostFormValue("password"))
if err := currentUser.CheckPassword(password); err != nil {
session.FlashError(w, r, "You must enter your correct account password to delete your account.")
templates.Redirect(w, r.URL.Path)
return
}
// Deactivate their account!
currentUser.Status = models.UserStatusDisabled
if err := currentUser.Save(); err != nil {
session.FlashError(w, r, "Error while deactivating your account: %s", err)
templates.Redirect(w, r.URL.Path)
return
}
// Sign them out.
session.LogoutUser(w, r)
session.Flash(w, r, "Your account has been deactivated and you are now logged out. If you wish to re-activate your account, sign in again with your username and password.")
templates.Redirect(w, "/")
// Maybe kick them from chat if this deletion makes them into a Shy Account.
if _, err := chat.MaybeDisconnectUser(currentUser); err != nil {
log.Error("chat.MaybeDisconnectUser(%s#%d): %s", currentUser.Username, currentUser.ID, err)
}
// Log the change.
models.LogEvent(currentUser, nil, models.ChangeLogLifecycle, "users", currentUser.ID, "Deactivated their account.")
return
}
var vars = map[string]interface{}{}
if err := tmpl.Execute(w, r, vars); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
})
}
// Reactivate account page
func Reactivate() http.HandlerFunc {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
currentUser, err := session.CurrentUser(r)
if err != nil {
session.FlashError(w, r, "Couldn't get your current user: %s", err)
templates.Redirect(w, "/")
return
}
if currentUser.Status != models.UserStatusDisabled {
session.FlashError(w, r, "Your account was not disabled in the first place!")
templates.Redirect(w, "/")
return
}
// Reactivate them.
currentUser.Status = models.UserStatusActive
if err := currentUser.Save(); err != nil {
session.FlashError(w, r, "Error while reactivating your account: %s", err)
templates.Redirect(w, "/")
return
}
session.Flash(w, r, "Welcome back! Your account has been reactivated.")
templates.Redirect(w, "/")
// Log the change.
models.LogEvent(currentUser, nil, models.ChangeLogLifecycle, "users", currentUser.ID, "Reactivated their account.")
})
}