Add confirm=? quer-param to delete-user route [skip-tests]

flutter/lib/pages/account/account.dart

@@ -528,6 +528,8 @@ class _AccountRootPageState extends State<AccountRootPage> {
     if (!acc.isAuth()) return;
 
     try {
+      TODO ASK BEFORE DELETING TEH FUCKING USER !!!!!!!
+
       await APIClient.deleteUser(acc, acc.userID!);
 
       Toaster.info('Logout', 'Successfully logged out');

scnserver/api/apierr/enums.go

@@ -20,6 +20,7 @@ const (
 	BINDFAIL_URI_PARAM    APIError = 1153
 	BINDFAIL_HEADER_PARAM APIError = 1152
 	INVALID_BODY_PARAM    APIError = 1161
+	INVALID_QUERY_PARAM   APIError = 1162
 	INVALID_ENUM_VALUE    APIError = 1171
 
 	NO_TITLE                     APIError = 1201

scnserver/api/handler/apiUser.go

@@ -290,14 +290,18 @@ func (h APIHandler) UpdateUser(pctx ginext.PreContext) ginext.HTTPResponse {
 //	@Failure	404	{object}	ginresp.apiError	"user not found"
 //	@Failure	500	{object}	ginresp.apiError	"internal server error"
 //
-//	@Router		/api/v2/users/{uid} [PATCH]
+//	@Router		/api/v2/users/{uid} [DELETE]
 func (h APIHandler) DeleteUser(pctx ginext.PreContext) ginext.HTTPResponse {
 	type uri struct {
 		UserID models.UserID `uri:"uid" binding:"entityid"`
 	}
+	type query struct {
+		Confirm *bool `json:"confirm" form:"confirm"`
+	}
 
 	var u uri
-	ctx, g, errResp := pctx.URI(&u).Start()
+	var q query
+	ctx, g, errResp := pctx.URI(&u).Query(&q).Start()
 	if errResp != nil {
 		return *errResp
 	}
@@ -309,6 +313,10 @@ func (h APIHandler) DeleteUser(pctx ginext.PreContext) ginext.HTTPResponse {
 			return *permResp
 		}
 
+		if q.Confirm == nil || !*q.Confirm {
+			return ginresp.APIError(g, 400, apierr.INVALID_QUERY_PARAM, "Must send confirm=true to delete an account", nil)
+		}
+
 		user, err := h.database.GetUser(ctx, u.UserID)
 		if errors.Is(err, sql.ErrNoRows) {
 			return ginresp.APIError(g, 404, apierr.USER_NOT_FOUND, "User not found", err)