mirror of https://github.com/status-im/codimd.git
Add delete function for authenticated users
Allow users to delete themselbes. This is require to be GDPR compliant. See: https://gdpr-info.eu/art-17-gdpr/ Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This commit is contained in:
parent
408ab7ae1d
commit
4229084c62
|
@ -3,6 +3,7 @@
|
|||
const Router = require('express').Router
|
||||
|
||||
const response = require('../response')
|
||||
const config = require('../config')
|
||||
const models = require('../models')
|
||||
const logger = require('../logger')
|
||||
const {generateAvatar} = require('../letter-avatars')
|
||||
|
@ -36,6 +37,29 @@ UserRouter.get('/me', function (req, res) {
|
|||
}
|
||||
})
|
||||
|
||||
// delete the currently authenticated user
|
||||
UserRouter.get('/me/delete', function (req, res) {
|
||||
if (req.isAuthenticated()) {
|
||||
models.User.findOne({
|
||||
where: {
|
||||
id: req.user.id
|
||||
}
|
||||
}).then(function (user) {
|
||||
if (!user) { return response.errorNotFound(res) }
|
||||
user.destroy().then(function () {
|
||||
res.redirect(config.serverURL + '/')
|
||||
})
|
||||
}).catch(function (err) {
|
||||
logger.error('delete user failed: ' + err)
|
||||
return response.errorInternalError(res)
|
||||
})
|
||||
} else {
|
||||
res.send({
|
||||
status: 'forbidden'
|
||||
})
|
||||
}
|
||||
})
|
||||
|
||||
UserRouter.get('/user/:username/avatar.svg', function (req, res, next) {
|
||||
res.setHeader('Content-Type', 'image/svg+xml')
|
||||
res.setHeader('Cache-Control', 'public, max-age=86400')
|
||||
|
|
Loading…
Reference in New Issue