Can request account deletion

2023-06-06 09:47:52 +02:00
parent 1a8211c13d
commit 4b8baa2416
8 changed files with 83 additions and 5 deletions
--- a/geneit_backend/src/services/rate_limiter_service.rs
+++ b/geneit_backend/src/services/rate_limiter_service.rs
@ -11,6 +11,7 @@ pub enum RatedAction {
    FailedPasswordLogin,
    StartOpenIDLogin,
    RequestReplacePasswordSignedIn,
+    RequestDeleteAccount,
 }

 impl RatedAction {
@ -21,7 +22,8 @@ impl RatedAction {
            RatedAction::RequestNewPasswordResetLink => "req-pwd-reset-lnk",
            RatedAction::FailedPasswordLogin => "failed-login",
            RatedAction::StartOpenIDLogin => "start-oidc-login",
-            RatedAction::RequestReplacePasswordSignedIn => "rep-pwd-signed-in",
+            RatedAction::RequestReplacePasswordSignedIn => "req-pwd-signed-in",
+            RatedAction::RequestDeleteAccount => "req-del-acct",
        }
    }

@ -33,6 +35,7 @@ impl RatedAction {
            RatedAction::FailedPasswordLogin => 15,
            RatedAction::StartOpenIDLogin => 30,
            RatedAction::RequestReplacePasswordSignedIn => 5,
+            RatedAction::RequestDeleteAccount => 5,
        }
    }

--- a/geneit_backend/src/services/users_service.rs
+++ b/geneit_backend/src/services/users_service.rs
@ -103,6 +103,37 @@ pub async fn request_reset_password(user: &mut User) -> anyhow::Result<()> {
    Ok(())
 }

+/// Request delete account
+pub async fn request_delete_account(user: &mut User) -> anyhow::Result<()> {
+    // If required, regenerate token
+    if user.delete_account_token.is_none()
+        || user.time_gen_delete_account_token as u64 + 3600 * 2 < time()
+    {
+        user.delete_account_token = Some(rand_str(149));
+        user.time_gen_delete_account_token = time() as i64;
+
+        update_account(user).await?;
+    }
+
+    // Send mail
+    mail_service::send_mail(
+        &user.email,
+        "Suppression de votre compte",
+        format!(
+            "Bonjour, \n\n\
+            Vous avez demandé la suppression de votre compte GeneIT. Cette opération peut être effectuée via le lien suivant : {} \n\n\
+            Ce lien est valide durant 24 heures.\n\n\
+            Cordialement,\n\n\
+            L'équipe de GeneIT",
+            AppConfig::get()
+                .get_account_delete_url(user.delete_account_token.as_deref().unwrap_or(""))
+        ),
+    )
+        .await?;
+
+    Ok(())
+}
+
 /// Delete not validated accounts whose reset token has expired
 pub async fn delete_not_validated_accounts() -> anyhow::Result<()> {
    db_connection::execute(|conn| {
@ -158,6 +189,9 @@ pub async fn update_account(user: &User) -> anyhow::Result<()> {
                    users::dsl::email.eq(user.email.clone()),
                    users::dsl::time_gen_reset_token.eq(user.time_gen_reset_token),
                    users::dsl::reset_password_token.eq(user.reset_password_token.clone()),
+                    users::dsl::time_gen_delete_account_token
+                        .eq(user.time_gen_delete_account_token),
+                    users::dsl::delete_account_token.eq(user.delete_account_token.clone()),
                    users::dsl::time_activate.eq(time() as i64),
                    users::dsl::password.eq(user.password.clone()),
                ))