From 3a052021786150f1456b779cf6028305328b698b Mon Sep 17 00:00:00 2001
From: Andrea Vos <andrea@avris.it>
Date: Tue, 27 Oct 2020 17:33:45 +0100
Subject: [PATCH] #75 remove account

---
 components/Account.vue      | 20 ++++++++++++++++----
 locale/pl/translations.suml |  2 ++
 server/user.js              | 15 +++++++++++++++
 3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/components/Account.vue b/components/Account.vue
index fc97ac2d7..42040b3e9 100644
--- a/components/Account.vue
+++ b/components/Account.vue
@@ -49,12 +49,17 @@
             </ul>
         </template></Loading>
 
-        <p>
-            <button class="btn btn-outline-secondary btn-sm" @click="logout">
+        <section>
+            <a href="#" class="badge badge-light border" @click.prevent="logout">
                 <Icon v="sign-out"/>
                 <T>user.logout</T>
-            </button>
-        </p>
+            </a>
+
+            <a href="#" class="badge badge-light border" @click.prevent="deleteAccount">
+                <Icon v="trash-alt"/>
+                <T>user.deleteAccount</T>
+            </a>
+        </section>
     </section>
 </template>
 
@@ -99,6 +104,13 @@
             setProfiles(profiles) {
                 this.profiles = profiles;
             },
+            async deleteAccount() {
+                await this.$confirm(this.$t('user.deleteAccountConfirm'), 'danger');
+
+                const response = await this.$axios.$post(`/user/delete`, {}, { headers: this.$auth() });
+
+                this.logout();
+            },
         },
     }
 </script>
diff --git a/locale/pl/translations.suml b/locale/pl/translations.suml
index 2a5374cc5..9f3cb1f1c 100644
--- a/locale/pl/translations.suml
+++ b/locale/pl/translations.suml
@@ -681,6 +681,8 @@ user:
     avatar:
         header: 'Avatar'
         change: 'Zmień'
+    deleteAccount: 'Usuń konto'
+    deleteAccountConfirm: 'Czy na pewno chcesz usunąć swoje konto? Ta operacja jest nieodwracalna!'
 
 profile:
     description: 'Opis'
diff --git a/server/user.js b/server/user.js
index ab0435673..19e7908df 100644
--- a/server/user.js
+++ b/server/user.js
@@ -161,6 +161,17 @@ const changeUsername = async (db, user, username) => {
     return await issueAuthentication(db, user);
 }
 
+const removeAccount = async (db, user) => {
+    const userId = (await db.get(SQL`SELECT id FROM users WHERE username = ${user.username}`)).id;
+    if (!userId) {
+        return false;
+    }
+    await db.get(SQL`DELETE FROM profiles WHERE userId = ${userId}`)
+    await db.get(SQL`DELETE FROM authenticators WHERE userId = ${userId}`)
+    await db.get(SQL`DELETE FROM users WHERE id = ${userId}`)
+    return true;
+}
+
 export default async function (req, res, next) {
     const db = await dbConnection();
     const user = authenticate(req);
@@ -177,5 +188,9 @@ export default async function (req, res, next) {
         return renderJson(res, await changeUsername(db, user, req.body.username));
     }
 
+    if (req.method === 'POST' && req.url === '/delete' && user && user.authenticated) {
+        return renderJson(res, await removeAccount(db, user));
+    }
+
     return renderJson(res, {error: 'Not found'}, 404);
 }