preliminary support for deleting accounts

prelimenery prelimianry prelimamry prelimiary
2024-09-18 17:08:17 +02:00 · 2024-09-18 17:08:17 +02:00 · 4804892f42
commit 4804892f42
parent dc29ccbcd6
4 changed files with 90 additions and 1 deletions
--- a/src/main/java/eu/m724/talkpages/auth/AuthResource.java
+++ b/src/main/java/eu/m724/talkpages/auth/AuthResource.java
@ -1,10 +1,14 @@
 package eu.m724.talkpages.auth;

+import eu.m724.talkpages.orm.entity.auth.Account;
 import eu.m724.talkpages.orm.entity.auth.Session;
+import eu.m724.talkpages.page.action.AccountService;
 import io.quarkus.qute.CheckedTemplate;
 import io.quarkus.qute.TemplateInstance;
 import io.quarkus.security.Authenticated;
 import io.quarkus.security.identity.SecurityIdentity;
+import io.vertx.core.http.HttpClientRequest;
+import io.vertx.core.http.HttpServerRequest;
 import jakarta.inject.Inject;
 import jakarta.ws.rs.*;
 import jakarta.ws.rs.core.*;
@ -27,19 +31,28 @@ public class AuthResource {
        public static native TemplateInstance auth(String message);
        public static native TemplateInstance authenticated(String username);
        public static native TemplateInstance register(String username, String message);
+        public static native TemplateInstance delete();
    }

    @GET
    @Path("/")
    public TemplateInstance auth(@QueryParam("message") String message) {
        if (identity.isAnonymous()) {
+            // not logged in
            return Templates.auth(message);
        } else {
+            // logged in
            String username = identity.getPrincipal().getName();
            return Templates.authenticated(username);
        }
    }

+    @GET
+    @Path("/delete")
+    public TemplateInstance delete() {
+        return Templates.delete();
+    }
+
    @GET
    @Path("/register")
    public TemplateInstance register(@QueryParam("username") String username, @QueryParam("message") String message) {
@ -141,4 +154,29 @@ public class AuthResource {
                    .build();
        }
    }
+
+
+
+    @POST
+    @Path("/action/delete")
+    public Response actionDelete(@Context HttpServerRequest request, MultivaluedMap<String, String> formData) {
+        if (!formData.getFirst("confirm").equals("on")) {
+            return Response.temporaryRedirect(URI.create("/auth/delete")).status(Response.Status.SEE_OTHER).build();
+        }
+
+        Account account;
+        if (identity.isAnonymous()) {
+            account = Account.findByName(request.remoteAddress().hostAddress());
+        } else {
+            Session session = identity.getAttribute("session");
+            account = session.getAccount();
+        }
+
+        if (account != null) {
+            authService.delete(account);
+        }
+
+        // TODO perhaps status messages
+        return Response.temporaryRedirect(URI.create("/")).status(Response.Status.SEE_OTHER).build();
+    }
 }
--- a/src/main/java/eu/m724/talkpages/auth/AuthService.java
+++ b/src/main/java/eu/m724/talkpages/auth/AuthService.java
@ -46,6 +46,16 @@ public class AuthService {
        session.delete();
    }

+    @Transactional
+    void delete(Account account) {
+        account.getRevisions().forEach(pageRevision -> {
+            // TODO
+        });
+        // TODO delete user pages after they appear
+        account.delete();
+        account.persistAndFlush();
+    }
+
    @Transactional
    Session validateSessionToken(String sessionToken) {
        Session session = Session.find("token", sessionToken).firstResult();
--- a/src/main/resources/templates/AuthResource/authenticated.html
+++ b/src/main/resources/templates/AuthResource/authenticated.html
@ -2,5 +2,8 @@
    {#pageTitle}Account{/pageTitle}

    <p>Logged in as {username}</p>
-    <p><a href="/auth/logout">Log out</a></p>
+    <ul>
+        <li><a href="/auth/logout">Log out</a></li>
+        <li><a href="/auth/delete">Delete account</a></li>
+    </ul>
 {/include}
--- a/src/main/resources/templates/AuthResource/delete.html
+++ b/src/main/resources/templates/AuthResource/delete.html
@ -0,0 +1,38 @@
+{#include layout}
+    {#pageTitle}Delete account{/pageTitle}
+
+    {#if user:loggedIn}
+        <p>Logged in as <strong>{user:name}</strong></p>
+
+        <p>Right after you click the button:</p>
+        <ul>
+            <li>Your account <strong>{user:name}</strong> will be deleted.</li>
+            <li>Your user page and talk page, along with their subpages, and all revisions from all users, will be deleted.</li>
+            <li>Your authored revisions will remain, but your name will be replaced with a shared "Deleted User"</li>
+            <li>Your username will become available.</li>
+        </ul>
+    {#else}
+        <p>
+            Logged in as IP address <strong>{user:name}</strong>
+            <br>
+            Your IP address is also an account, it's stored and treated as such.
+        </p>
+
+        <p>Right after you click the button:</p>
+        <ul>
+            <li>Your account <strong>{user:name}</strong> will be deleted.</li>
+            <li>Your user page and talk page, along with their subpages, and all revisions from all users, will be deleted.</li>
+            <li>Your authored revisions will remain, but your name will be replaced with a shared "Deleted User"</li>
+            <li>If you continue your activity on this website, your actions will still be posted as that IP address.</li>
+        </ul>
+    {/if}
+
+    <p>While data is deleted on our side, it probably has been saved on third party archiving websites, legally or not. This is beyond our control, and we take no responsibility for it.</p>
+
+    <form method="post" action="/auth/action/delete">
+        <label for="confirm">I confirm</label>
+        <input type="checkbox" id="confirm" name="confirm">
+        <br>
+        <input type="submit" value="Delete account (final button)">
+    </form>
+{/include}