delete account is protected by password
This commit is contained in:
parent
4ffa5c9345
commit
34509cbbb3
|
@ -29,4 +29,5 @@ from .views import (
|
|||
batch_import,
|
||||
alias_transfer,
|
||||
app,
|
||||
delete_account,
|
||||
)
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
import arrow
|
||||
from flask import flash, redirect, url_for, request, render_template
|
||||
from flask_login import login_required, current_user
|
||||
|
||||
from app.config import JOB_DELETE_ACCOUNT
|
||||
from app.dashboard.base import dashboard_bp
|
||||
from app.dashboard.views.enter_sudo import sudo_required
|
||||
from app.log import LOG
|
||||
from app.models import Subscription, Job
|
||||
|
||||
|
||||
@dashboard_bp.route("/delete_account", methods=["GET", "POST"])
|
||||
@login_required
|
||||
@sudo_required
|
||||
def delete_account():
|
||||
if request.method == "POST" and request.form.get("form-name") == "delete-account":
|
||||
sub: Subscription = current_user.get_subscription()
|
||||
# user who has canceled can also re-subscribe
|
||||
if sub and not sub.cancelled:
|
||||
flash("Please cancel your current subscription first", "warning")
|
||||
return redirect(url_for("dashboard.setting"))
|
||||
|
||||
# Schedule delete account job
|
||||
LOG.w("schedule delete account job for %s", current_user)
|
||||
Job.create(
|
||||
name=JOB_DELETE_ACCOUNT,
|
||||
payload={"user_id": current_user.id},
|
||||
run_at=arrow.now(),
|
||||
commit=True,
|
||||
)
|
||||
|
||||
flash(
|
||||
"Your account deletion has been scheduled. "
|
||||
"You'll receive an email when the deletion is finished",
|
||||
"info",
|
||||
)
|
||||
return redirect(url_for("dashboard.setting"))
|
||||
|
||||
return render_template(
|
||||
"dashboard/delete_account.html",
|
||||
)
|
|
@ -185,29 +185,6 @@ def setting():
|
|||
flash("Your notification preference has been updated", "success")
|
||||
return redirect(url_for("dashboard.setting"))
|
||||
|
||||
elif request.form.get("form-name") == "delete-account":
|
||||
sub: Subscription = current_user.get_subscription()
|
||||
# user who has canceled can also re-subscribe
|
||||
if sub and not sub.cancelled:
|
||||
flash("Please cancel your current subscription first", "warning")
|
||||
return redirect(url_for("dashboard.setting"))
|
||||
|
||||
# Schedule delete account job
|
||||
LOG.w("schedule delete account job for %s", current_user)
|
||||
Job.create(
|
||||
name=JOB_DELETE_ACCOUNT,
|
||||
payload={"user_id": current_user.id},
|
||||
run_at=arrow.now(),
|
||||
commit=True,
|
||||
)
|
||||
|
||||
flash(
|
||||
"Your account deletion has been scheduled. "
|
||||
"You'll receive an email when the deletion is finished",
|
||||
"success",
|
||||
)
|
||||
return redirect(url_for("dashboard.setting"))
|
||||
|
||||
elif request.form.get("form-name") == "change-alias-generator":
|
||||
scheme = int(request.form.get("alias-generator-scheme"))
|
||||
if AliasGeneratorEnum.has_value(scheme):
|
||||
|
|
|
@ -0,0 +1,53 @@
|
|||
{% extends 'default.html' %}
|
||||
{% set active_page = "setting" %}
|
||||
{% block title %}
|
||||
Delete account
|
||||
{% endblock %}
|
||||
|
||||
|
||||
{% block default_content %}
|
||||
<div class="card">
|
||||
<div class="card-body">
|
||||
<div class="h2">Account Deletion</div>
|
||||
<div class="my-3 alert alert-warning">
|
||||
Once an account is deleted, it can't be restored.
|
||||
All its records (aliases, domains, settings, etc.) are immediately deleted.
|
||||
</div>
|
||||
|
||||
<form method="post">
|
||||
<input type="hidden" name="form-name" value="delete-account">
|
||||
<span class="delete-account btn btn-outline-danger">Delete account</span>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
||||
{% block script %}
|
||||
<script>
|
||||
$(".delete-account").on("click", function (e) {
|
||||
let that = $(this);
|
||||
|
||||
bootbox.confirm({
|
||||
message: "All your data including your aliases will be deleted, " +
|
||||
"other people might not be able to reach you after, " +
|
||||
" please confirm.",
|
||||
buttons: {
|
||||
confirm: {
|
||||
label: 'Yes, delete my account',
|
||||
className: 'btn-danger'
|
||||
},
|
||||
cancel: {
|
||||
label: 'Cancel',
|
||||
className: 'btn-outline-primary'
|
||||
}
|
||||
},
|
||||
callback: function (result) {
|
||||
if (result) {
|
||||
that.closest("form").submit();
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
});
|
||||
</script>
|
||||
{% endblock %}
|
|
@ -492,13 +492,11 @@
|
|||
<div class="card">
|
||||
<div class="card-body">
|
||||
<div class="card-title">Account Deletion</div>
|
||||
<div class="mb-3">Please note that this operation is irreversible.
|
||||
<div class="mb-3">
|
||||
If SimpleLogin isn't the right fit for you, you can simply delete your account.
|
||||
</div>
|
||||
|
||||
<form method="post">
|
||||
<input type="hidden" name="form-name" value="delete-account">
|
||||
<span class="delete-account btn btn-outline-danger">Delete account</span>
|
||||
</form>
|
||||
<a href="{{ url_for('dashboard.delete_account') }}" class="btn btn-outline-danger">Delete account</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
@ -506,33 +504,5 @@
|
|||
|
||||
{% endblock %}
|
||||
|
||||
{% block script %}
|
||||
<script>
|
||||
$(".delete-account").on("click", function (e) {
|
||||
let that = $(this);
|
||||
|
||||
bootbox.confirm({
|
||||
message: "All your data including your aliases will be deleted, " +
|
||||
"other people might not be able to reach you after, " +
|
||||
" please confirm.",
|
||||
buttons: {
|
||||
confirm: {
|
||||
label: 'Yes, delete my account',
|
||||
className: 'btn-danger'
|
||||
},
|
||||
cancel: {
|
||||
label: 'Cancel',
|
||||
className: 'btn-outline-primary'
|
||||
}
|
||||
},
|
||||
callback: function (result) {
|
||||
if (result) {
|
||||
that.closest("form").submit();
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
});
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
||||
|
|
Loading…
Reference in New Issue