HomePhabricator
Diffusion Comm fa2517d77fef

[keyserver] Update keyserver delete account endpoint to not require password

Description

[keyserver] Update keyserver delete account endpoint to not require password

Summary: in the future we won't be sending passwords to keyservers at all. will update client side to not send password hash to keyserver when account deletion flow goes through identity service.

Test Plan:

 varun  ~  Code  comm  keyserver  git diff                                                            ST 228   ab660e6
diff --git a/keyserver/src/responders/handlers.js b/keyserver/src/responders/handlers.js
index 2ecc83081..b9c0908bc 100644
--- a/keyserver/src/responders/handlers.js
+++ b/keyserver/src/responders/handlers.js
@@ -46,6 +46,7 @@ function createJSONResponder<I, O>(
 ): JSONResponder {
   return {
     responder: async (viewer, input) => {
+      console.log('Got request with password ' + JSON.stringify(input));
       const request = await validateInput(viewer, inputValidator, input);
       const result = await responder(viewer, request);
       return validateOutput(viewer.platformDetails, outputValidator, result);
diff --git a/lib/actions/user-actions.js b/lib/actions/user-actions.js
index 01542ce9f..8eeacb145 100644
--- a/lib/actions/user-actions.js
+++ b/lib/actions/user-actions.js
@@ -95,7 +95,7 @@ const deleteAccount =
     preRequestUserState: PreRequestUserState,
   ) => Promise<LogOutResult>) =>
   async (password, preRequestUserState) => {
-    const response = await callServerEndpoint('delete_account', { password });
+    const response = await callServerEndpoint('delete_account', {});
     return { currentUserInfo: response.currentUserInfo, preRequestUserState };
   };

modified user-actions.js to not send a password -- checked on the keyserver that no password was sent and account deletion was still successful.

undid the modification to user-actions.js and confirmed that older clients that send a password can still delete accounts successfully.

Reviewers: ashoat

Reviewed By: ashoat

Subscribers: tomek

Differential Revision: https://phab.comm.dev/D9236