Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3158232
D9236.id31727.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
4 KB
Referenced Files
None
Subscribers
None
D9236.id31727.diff
View Options
diff --git a/keyserver/src/deleters/account-deleters.js b/keyserver/src/deleters/account-deleters.js
--- a/keyserver/src/deleters/account-deleters.js
+++ b/keyserver/src/deleters/account-deleters.js
@@ -1,12 +1,8 @@
// @flow
import { getRustAPI } from 'rust-node-addon';
-import bcrypt from 'twin-bcrypt';
-import type {
- LogOutResponse,
- DeleteAccountRequest,
-} from 'lib/types/account-types.js';
+import type { LogOutResponse } from 'lib/types/account-types.js';
import type { ReservedUsernameMessage } from 'lib/types/crypto-types.js';
import { updateTypes } from 'lib/types/update-types-enum.js';
import type { UserInfo } from 'lib/types/user-types.js';
@@ -26,32 +22,11 @@
import type { Viewer } from '../session/viewer.js';
import { fetchOlmAccount } from '../updaters/olm-account-updater.js';
-async function deleteAccount(
- viewer: Viewer,
- request?: DeleteAccountRequest,
-): Promise<?LogOutResponse> {
- if (!viewer.loggedIn || (!request && !viewer.isScriptViewer)) {
+async function deleteAccount(viewer: Viewer): Promise<?LogOutResponse> {
+ if (!viewer.loggedIn) {
throw new ServerError('not_logged_in');
}
- if (request) {
- const hashQuery = SQL`SELECT hash FROM users WHERE id = ${viewer.userID}`;
- const [result] = await dbQuery(hashQuery);
- if (result.length === 0) {
- throw new ServerError('internal_error');
- }
- const row = result[0];
- const requestPasswordConsistentWithDB = !!row.hash === !!request.password;
- const shouldValidatePassword = !!row.hash;
- if (
- !requestPasswordConsistentWithDB ||
- (shouldValidatePassword &&
- !bcrypt.compareSync(request.password, row.hash))
- ) {
- throw new ServerError('invalid_credentials');
- }
- }
-
const deletedUserID = viewer.userID;
await rescindPushNotifs(SQL`n.user = ${deletedUserID}`, SQL`NULL`);
const knownUserInfos = await fetchKnownUserInfos(viewer);
@@ -99,7 +74,7 @@
const promises = {};
promises.deletion = dbQuery(deletionQuery, { multipleStatements: true });
- if (request) {
+ if (!viewer.isScriptViewer) {
promises.anonymousViewerData = createNewAnonymousCookie({
platformDetails: viewer.platformDetails,
deviceToken: viewer.deviceToken,
@@ -134,21 +109,21 @@
usersToUpdate,
deletedUserID,
);
- if (request) {
- handleAsyncPromise(deletionUpdatesPromise);
- } else {
+ if (viewer.isScriptViewer) {
await deletionUpdatesPromise;
+ } else {
+ handleAsyncPromise(deletionUpdatesPromise);
}
- if (request) {
- return {
- currentUserInfo: {
- id: viewer.id,
- anonymous: true,
- },
- };
+ if (viewer.isScriptViewer) {
+ return null;
}
- return null;
+ return {
+ currentUserInfo: {
+ id: viewer.id,
+ anonymous: true,
+ },
+ };
}
async function createAccountDeletionUpdates(
diff --git a/keyserver/src/endpoints.js b/keyserver/src/endpoints.js
--- a/keyserver/src/endpoints.js
+++ b/keyserver/src/endpoints.js
@@ -170,7 +170,6 @@
updateUserAvatarResponder,
registerRequestInputValidator,
registerResponseValidator,
- deleteAccountRequestInputValidator,
logOutResponseValidator,
logInRequestInputValidator,
logInResponseValidator,
@@ -284,7 +283,7 @@
),
delete_account: createJSONResponder(
accountDeletionResponder,
- deleteAccountRequestInputValidator,
+ ignoredArgumentValidator,
logOutResponseValidator,
[],
),
diff --git a/keyserver/src/responders/user-responders.js b/keyserver/src/responders/user-responders.js
--- a/keyserver/src/responders/user-responders.js
+++ b/keyserver/src/responders/user-responders.js
@@ -15,7 +15,6 @@
import type {
ResetPasswordRequest,
LogOutResponse,
- DeleteAccountRequest,
RegisterResponse,
RegisterRequest,
LogInResponse,
@@ -222,16 +221,10 @@
};
}
-export const deleteAccountRequestInputValidator: TInterface<DeleteAccountRequest> =
- tShape<DeleteAccountRequest>({
- password: t.maybe(tPassword),
- });
-
async function accountDeletionResponder(
viewer: Viewer,
- request: DeleteAccountRequest,
): Promise<LogOutResponse> {
- const result = await deleteAccount(viewer, request);
+ const result = await deleteAccount(viewer);
invariant(result, 'deleteAccount should return result if handed request');
return result;
}
diff --git a/lib/types/account-types.js b/lib/types/account-types.js
--- a/lib/types/account-types.js
+++ b/lib/types/account-types.js
@@ -78,10 +78,6 @@
+calendarQuery: CalendarQuery,
};
-export type DeleteAccountRequest = {
- +password: ?string,
-};
-
export const logInActionSources = Object.freeze({
cookieInvalidationResolutionAttempt: 'COOKIE_INVALIDATION_RESOLUTION_ATTEMPT',
appStartCookieLoggedInButInvalidRedux:
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Wed, Nov 6, 9:39 PM (22 h, 4 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2431754
Default Alt Text
D9236.id31727.diff (4 KB)
Attached To
Mode
D9236: [keyserver] Update keyserver delete account endpoint to not require password
Attached
Detach File
Event Timeline
Log In to Comment