diff --git a/flutter/lib/pages/account/account.dart b/flutter/lib/pages/account/account.dart index 6802b60..4234b55 100644 --- a/flutter/lib/pages/account/account.dart +++ b/flutter/lib/pages/account/account.dart @@ -528,6 +528,8 @@ class _AccountRootPageState extends State { if (!acc.isAuth()) return; try { + TODO ASK BEFORE DELETING TEH FUCKING USER !!!!!!! + await APIClient.deleteUser(acc, acc.userID!); Toaster.info('Logout', 'Successfully logged out'); diff --git a/scnserver/api/apierr/enums.go b/scnserver/api/apierr/enums.go index a6ebe80..6c3d118 100644 --- a/scnserver/api/apierr/enums.go +++ b/scnserver/api/apierr/enums.go @@ -20,6 +20,7 @@ const ( BINDFAIL_URI_PARAM APIError = 1153 BINDFAIL_HEADER_PARAM APIError = 1152 INVALID_BODY_PARAM APIError = 1161 + INVALID_QUERY_PARAM APIError = 1162 INVALID_ENUM_VALUE APIError = 1171 NO_TITLE APIError = 1201 diff --git a/scnserver/api/handler/apiUser.go b/scnserver/api/handler/apiUser.go index 855d9a3..53f974d 100644 --- a/scnserver/api/handler/apiUser.go +++ b/scnserver/api/handler/apiUser.go @@ -290,14 +290,18 @@ func (h APIHandler) UpdateUser(pctx ginext.PreContext) ginext.HTTPResponse { // @Failure 404 {object} ginresp.apiError "user not found" // @Failure 500 {object} ginresp.apiError "internal server error" // -// @Router /api/v2/users/{uid} [PATCH] +// @Router /api/v2/users/{uid} [DELETE] func (h APIHandler) DeleteUser(pctx ginext.PreContext) ginext.HTTPResponse { type uri struct { UserID models.UserID `uri:"uid" binding:"entityid"` } + type query struct { + Confirm *bool `json:"confirm" form:"confirm"` + } var u uri - ctx, g, errResp := pctx.URI(&u).Start() + var q query + ctx, g, errResp := pctx.URI(&u).Query(&q).Start() if errResp != nil { return *errResp } @@ -309,6 +313,10 @@ func (h APIHandler) DeleteUser(pctx ginext.PreContext) ginext.HTTPResponse { return *permResp } + if q.Confirm == nil || !*q.Confirm { + return ginresp.APIError(g, 400, apierr.INVALID_QUERY_PARAM, "Must send confirm=true to delete an account", nil) + } + user, err := h.database.GetUser(ctx, u.UserID) if errors.Is(err, sql.ErrNoRows) { return ginresp.APIError(g, 404, apierr.USER_NOT_FOUND, "User not found", err)