lemmy/crates/api_crud/src/user/delete.rs

use crate::PerformCrud;
use actix_web::web::Data;
use bcrypt::verify;
use lemmy_api_common::{
  person::{DeleteAccount, DeleteAccountResponse},
  utils::{delete_user_account, get_local_user_view_from_jwt},
};
use lemmy_apub::protocol::activities::deletion::delete_user::DeleteUser;
use lemmy_utils::{ConnectionId, LemmyError};
use lemmy_websocket::LemmyContext;

#[async_trait::async_trait(?Send)]
impl PerformCrud for DeleteAccount {
  type Response = DeleteAccountResponse;

  #[tracing::instrument(skip(self, context, _websocket_id))]
  async fn perform(
    &self,
    context: &Data<LemmyContext>,
    _websocket_id: Option<ConnectionId>,
  ) -> Result<Self::Response, LemmyError> {
    let data = self;
    let local_user_view =
      get_local_user_view_from_jwt(data.auth.as_ref(), context.pool(), context.secret()).await?;

    // Verify the password
    let valid: bool = verify(
      &data.password,
      &local_user_view.local_user.password_encrypted,
    )
    .unwrap_or(false);
    if !valid {
      return Err(LemmyError::from_message("password_incorrect"));
    }

    delete_user_account(local_user_view.person.id, context.pool()).await?;
    DeleteUser::send(&local_user_view.person.into(), context).await?;

    Ok(DeleteAccountResponse {})
  }
}
Split api crate into api_structs and api 2021-03-25 19:19:40 +00:00			`use crate::PerformCrud;`
			`use actix_web::web::Data;`
			`use bcrypt::verify;`
Add cargo feature for building lemmy_api_common with mininum deps (#2243) 2022-05-03 17:44:13 +00:00			`use lemmy_api_common::{`
			`person::{DeleteAccount, DeleteAccountResponse},`
			`utils::{delete_user_account, get_local_user_view_from_jwt},`
			`};`
Federate user account deletion (fixes #1284) (#2199) 2022-04-07 20:52:17 +00:00			`use lemmy_apub::protocol::activities::deletion::delete_user::DeleteUser;`
Don't drop error context when adding a message to errors (#1958) * Respond directly with LemmyError Instrument Perform implementations for more precise traces Use ApiError to format JSON errors when messages are present Keep SpanTrace output in LemmyError Display impl * Hide SpanTrace debug output from LemmyError * Don't log when entering spans, only when leaving * Update actix-web * Update actix-rt * Add newline after error info in LemmyError Display impl * Propogate span information to blocking operations * Instrument apub functions * Use skip_all for more instrument attributes, don't skip 'self' in some api actions * Make message a static string * Send proper JSON over websocket * Add 'message' to LemmyError display if present * Use a quieter root span builder, don't pretty-print logs * Keep passwords and emails out of logs * Re-enable logging Login * Instrument feeds * Emit our own errors * Move error log after status code recording * Make Sensitive generic over the inner type * Remove line that logged secrets 2021-12-06 14:54:47 +00:00			`use lemmy_utils::{ConnectionId, LemmyError};`
Split api crate into api_structs and api 2021-03-25 19:19:40 +00:00			`use lemmy_websocket::LemmyContext;`

			`#[async_trait::async_trait(?Send)]`
			`impl PerformCrud for DeleteAccount {`
First pass at invite-only migration. (#1949) * First pass at invite-only migration. * Implement email verification (fixes #219) * remove unwrap * Adding views and functionality to registration application. #209 * Add private instance site column, and back end checks. * Adding some message fields to LoginResponse * Adding private instance to site setup. * A few additions: - Add a DeleteAccount response. - RegistrationApplicationView now has the safe LocalUserSettings. - Adding VerifyEmail to websocket API, added a proper response type. * Adding and reorganizing some email helpers. * A few fixes for private sites: - Added a check_registration_application function. - Only send a verification email if its been changed. - VerifyEmail now returns LoginResponse. - Deleting the old tokens after a successful email verify. - If port is missing on email config, display a better error message. * Version 0.15.0-rc.3 * Adding published to email_verification table. * Adding fixes from comments. * Version 0.15.0-rc.4 * Adding modlog private site check. * Version 0.15.0-rc.6 Co-authored-by: Felix Ableitner <me@nutomic.com> 2021-12-15 19:49:59 +00:00			`type Response = DeleteAccountResponse;`
Split api crate into api_structs and api 2021-03-25 19:19:40 +00:00
Don't drop error context when adding a message to errors (#1958) * Respond directly with LemmyError Instrument Perform implementations for more precise traces Use ApiError to format JSON errors when messages are present Keep SpanTrace output in LemmyError Display impl * Hide SpanTrace debug output from LemmyError * Don't log when entering spans, only when leaving * Update actix-web * Update actix-rt * Add newline after error info in LemmyError Display impl * Propogate span information to blocking operations * Instrument apub functions * Use skip_all for more instrument attributes, don't skip 'self' in some api actions * Make message a static string * Send proper JSON over websocket * Add 'message' to LemmyError display if present * Use a quieter root span builder, don't pretty-print logs * Keep passwords and emails out of logs * Re-enable logging Login * Instrument feeds * Emit our own errors * Move error log after status code recording * Make Sensitive generic over the inner type * Remove line that logged secrets 2021-12-06 14:54:47 +00:00			`#[tracing::instrument(skip(self, context, _websocket_id))]`
Split api crate into api_structs and api 2021-03-25 19:19:40 +00:00			`async fn perform(`
			`&self,`
			`context: &Data<LemmyContext>,`
			`_websocket_id: Option<ConnectionId>,`
First pass at invite-only migration. (#1949) * First pass at invite-only migration. * Implement email verification (fixes #219) * remove unwrap * Adding views and functionality to registration application. #209 * Add private instance site column, and back end checks. * Adding some message fields to LoginResponse * Adding private instance to site setup. * A few additions: - Add a DeleteAccount response. - RegistrationApplicationView now has the safe LocalUserSettings. - Adding VerifyEmail to websocket API, added a proper response type. * Adding and reorganizing some email helpers. * A few fixes for private sites: - Added a check_registration_application function. - Only send a verification email if its been changed. - VerifyEmail now returns LoginResponse. - Deleting the old tokens after a successful email verify. - If port is missing on email config, display a better error message. * Version 0.15.0-rc.3 * Adding published to email_verification table. * Adding fixes from comments. * Version 0.15.0-rc.4 * Adding modlog private site check. * Version 0.15.0-rc.6 Co-authored-by: Felix Ableitner <me@nutomic.com> 2021-12-15 19:49:59 +00:00			`) -> Result<Self::Response, LemmyError> {`
			`let data = self;`
Moving settings and secrets to context. 2021-09-22 15:57:09 +00:00			`let local_user_view =`
Don't drop error context when adding a message to errors (#1958) * Respond directly with LemmyError Instrument Perform implementations for more precise traces Use ApiError to format JSON errors when messages are present Keep SpanTrace output in LemmyError Display impl * Hide SpanTrace debug output from LemmyError * Don't log when entering spans, only when leaving * Update actix-web * Update actix-rt * Add newline after error info in LemmyError Display impl * Propogate span information to blocking operations * Instrument apub functions * Use skip_all for more instrument attributes, don't skip 'self' in some api actions * Make message a static string * Send proper JSON over websocket * Add 'message' to LemmyError display if present * Use a quieter root span builder, don't pretty-print logs * Keep passwords and emails out of logs * Re-enable logging Login * Instrument feeds * Emit our own errors * Move error log after status code recording * Make Sensitive generic over the inner type * Remove line that logged secrets 2021-12-06 14:54:47 +00:00			`get_local_user_view_from_jwt(data.auth.as_ref(), context.pool(), context.secret()).await?;`
Split api crate into api_structs and api 2021-03-25 19:19:40 +00:00
			`// Verify the password`
			`let valid: bool = verify(`
			`&data.password,`
			`&local_user_view.local_user.password_encrypted,`
			`)`
			`.unwrap_or(false);`
			`if !valid {`
Don't drop error context when adding a message to errors (#1958) * Respond directly with LemmyError Instrument Perform implementations for more precise traces Use ApiError to format JSON errors when messages are present Keep SpanTrace output in LemmyError Display impl * Hide SpanTrace debug output from LemmyError * Don't log when entering spans, only when leaving * Update actix-web * Update actix-rt * Add newline after error info in LemmyError Display impl * Propogate span information to blocking operations * Instrument apub functions * Use skip_all for more instrument attributes, don't skip 'self' in some api actions * Make message a static string * Send proper JSON over websocket * Add 'message' to LemmyError display if present * Use a quieter root span builder, don't pretty-print logs * Keep passwords and emails out of logs * Re-enable logging Login * Instrument feeds * Emit our own errors * Move error log after status code recording * Make Sensitive generic over the inner type * Remove line that logged secrets 2021-12-06 14:54:47 +00:00			`return Err(LemmyError::from_message("password_incorrect"));`
Split api crate into api_structs and api 2021-03-25 19:19:40 +00:00			`}`

Federate user account deletion (fixes #1284) (#2199) 2022-04-07 20:52:17 +00:00			`delete_user_account(local_user_view.person.id, context.pool()).await?;`
			`DeleteUser::send(&local_user_view.person.into(), context).await?;`
Split api crate into api_structs and api 2021-03-25 19:19:40 +00:00
First pass at invite-only migration. (#1949) * First pass at invite-only migration. * Implement email verification (fixes #219) * remove unwrap * Adding views and functionality to registration application. #209 * Add private instance site column, and back end checks. * Adding some message fields to LoginResponse * Adding private instance to site setup. * A few additions: - Add a DeleteAccount response. - RegistrationApplicationView now has the safe LocalUserSettings. - Adding VerifyEmail to websocket API, added a proper response type. * Adding and reorganizing some email helpers. * A few fixes for private sites: - Added a check_registration_application function. - Only send a verification email if its been changed. - VerifyEmail now returns LoginResponse. - Deleting the old tokens after a successful email verify. - If port is missing on email config, display a better error message. * Version 0.15.0-rc.3 * Adding published to email_verification table. * Adding fixes from comments. * Version 0.15.0-rc.4 * Adding modlog private site check. * Version 0.15.0-rc.6 Co-authored-by: Felix Ableitner <me@nutomic.com> 2021-12-15 19:49:59 +00:00			`Ok(DeleteAccountResponse {})`
Split api crate into api_structs and api 2021-03-25 19:19:40 +00:00			`}`
			`}`