Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F32970320
D9236.1768303544.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Flag For Later
Award Token
Size
4 KB
Referenced Files
None
Subscribers
None
D9236.1768303544.diff
View Options
diff --git a/keyserver/src/deleters/account-deleters.js b/keyserver/src/deleters/account-deleters.js
--- a/keyserver/src/deleters/account-deleters.js
+++ b/keyserver/src/deleters/account-deleters.js
@@ -1,12 +1,8 @@
// @flow
import { getRustAPI } from 'rust-node-addon';
-import bcrypt from 'twin-bcrypt';
-import type {
- LogOutResponse,
- DeleteAccountRequest,
-} from 'lib/types/account-types.js';
+import type { LogOutResponse } from 'lib/types/account-types.js';
import type { ReservedUsernameMessage } from 'lib/types/crypto-types.js';
import { updateTypes } from 'lib/types/update-types-enum.js';
import type { UserInfo } from 'lib/types/user-types.js';
@@ -26,32 +22,11 @@
import type { Viewer } from '../session/viewer.js';
import { fetchOlmAccount } from '../updaters/olm-account-updater.js';
-async function deleteAccount(
- viewer: Viewer,
- request?: DeleteAccountRequest,
-): Promise<?LogOutResponse> {
- if (!viewer.loggedIn || (!request && !viewer.isScriptViewer)) {
+async function deleteAccount(viewer: Viewer): Promise<?LogOutResponse> {
+ if (!viewer.loggedIn) {
throw new ServerError('not_logged_in');
}
- if (request) {
- const hashQuery = SQL`SELECT hash FROM users WHERE id = ${viewer.userID}`;
- const [result] = await dbQuery(hashQuery);
- if (result.length === 0) {
- throw new ServerError('internal_error');
- }
- const row = result[0];
- const requestPasswordConsistentWithDB = !!row.hash === !!request.password;
- const shouldValidatePassword = !!row.hash;
- if (
- !requestPasswordConsistentWithDB ||
- (shouldValidatePassword &&
- !bcrypt.compareSync(request.password, row.hash))
- ) {
- throw new ServerError('invalid_credentials');
- }
- }
-
const deletedUserID = viewer.userID;
await rescindPushNotifs(SQL`n.user = ${deletedUserID}`, SQL`NULL`);
const knownUserInfos = await fetchKnownUserInfos(viewer);
@@ -99,7 +74,7 @@
const promises = {};
promises.deletion = dbQuery(deletionQuery, { multipleStatements: true });
- if (request) {
+ if (!viewer.isScriptViewer) {
promises.anonymousViewerData = createNewAnonymousCookie({
platformDetails: viewer.platformDetails,
deviceToken: viewer.deviceToken,
@@ -134,21 +109,21 @@
usersToUpdate,
deletedUserID,
);
- if (request) {
- handleAsyncPromise(deletionUpdatesPromise);
- } else {
+ if (viewer.isScriptViewer) {
await deletionUpdatesPromise;
+ } else {
+ handleAsyncPromise(deletionUpdatesPromise);
}
- if (request) {
- return {
- currentUserInfo: {
- id: viewer.id,
- anonymous: true,
- },
- };
+ if (viewer.isScriptViewer) {
+ return null;
}
- return null;
+ return {
+ currentUserInfo: {
+ id: viewer.id,
+ anonymous: true,
+ },
+ };
}
async function createAccountDeletionUpdates(
diff --git a/keyserver/src/endpoints.js b/keyserver/src/endpoints.js
--- a/keyserver/src/endpoints.js
+++ b/keyserver/src/endpoints.js
@@ -170,7 +170,6 @@
updateUserAvatarResponder,
registerRequestInputValidator,
registerResponseValidator,
- deleteAccountRequestInputValidator,
logOutResponseValidator,
logInRequestInputValidator,
logInResponseValidator,
@@ -284,7 +283,7 @@
),
delete_account: createJSONResponder(
accountDeletionResponder,
- deleteAccountRequestInputValidator,
+ ignoredArgumentValidator,
logOutResponseValidator,
[],
),
diff --git a/keyserver/src/responders/user-responders.js b/keyserver/src/responders/user-responders.js
--- a/keyserver/src/responders/user-responders.js
+++ b/keyserver/src/responders/user-responders.js
@@ -15,7 +15,6 @@
import type {
ResetPasswordRequest,
LogOutResponse,
- DeleteAccountRequest,
RegisterResponse,
RegisterRequest,
LogInResponse,
@@ -222,16 +221,10 @@
};
}
-export const deleteAccountRequestInputValidator: TInterface<DeleteAccountRequest> =
- tShape<DeleteAccountRequest>({
- password: t.maybe(tPassword),
- });
-
async function accountDeletionResponder(
viewer: Viewer,
- request: DeleteAccountRequest,
): Promise<LogOutResponse> {
- const result = await deleteAccount(viewer, request);
+ const result = await deleteAccount(viewer);
invariant(result, 'deleteAccount should return result if handed request');
return result;
}
diff --git a/lib/types/account-types.js b/lib/types/account-types.js
--- a/lib/types/account-types.js
+++ b/lib/types/account-types.js
@@ -78,10 +78,6 @@
+calendarQuery: CalendarQuery,
};
-export type DeleteAccountRequest = {
- +password: ?string,
-};
-
export const logInActionSources = Object.freeze({
cookieInvalidationResolutionAttempt: 'COOKIE_INVALIDATION_RESOLUTION_ATTEMPT',
appStartCookieLoggedInButInvalidRedux:
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Tue, Jan 13, 11:25 AM (3 h, 12 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
5927580
Default Alt Text
D9236.1768303544.diff (4 KB)
Attached To
Mode
D9236: [keyserver] Update keyserver delete account endpoint to not require password
Attached
Detach File
Event Timeline
Log In to Comment