const utils = require('../../../utils');
const time = require('../../../utils/time');
const snippets = require('../../../utils/snippets');
const mailgun = require('../../../utils/mailgun');
const broadcast = require('../../../websocket/broadcast');
const cookies = require('../../../utils/cookies');
const bcrypt = require('bcrypt');
const path = require('path');
module.exports = {
post: {
"": function(req, res) {
utils.validate.keys(req.body, [
'code', 'current_password',
]).then(function() {
return utils.query(
"SELECT * FROM delete_account WHERE delete_id=? AND expires>?",
[req.body.code, Date.now()]
).catch(utils.handle_err.sql(res));
}).then(function([delete_account_data]) {
if (!delete_account_data) {
return utils.reject("Code is invalid, request a new code");
}
return bcrypt.compare(req.body.current_password, req.user.password);
}).then(function(passwords_match) {
if (!passwords_match) {
return utils.reject("Current password incorrect");
}
// Otherwise nuke everything related to this account :o
return utils.query("SELECT video_id FROM videos WHERE ?", {
created_by: req.user.user_id
}).catch(utils.handle_err.sql(res));
}).then(function(videos) {
return Promise.all(videos.map(function(video) {
return utils.rimraf(path.join(VIDEO_ROOT, video.video_id));
}));
}).then(function() {
utils.get_storage_remaining().then(function(bytes) {
broadcast({
command: "server-storage-info",
data: bytes
});
}).catch(res.locals.log.general.error);
// Will cascade on delete
return utils.query("DELETE FROM users WHERE ?", {
user_id: req.user.user_id
}).catch(utils.handle_err.sql(res));
}).then(function() {
// Keep the user_id and who registered them
return utils.query("INSERT INTO users SET ?", {
user_id: req.user.user_id,
email: utils.uuid(),
registered_by: req.user.registered_by
}).catch(utils.handle_err.sql(res));
}).then(function() {
return mailgun.send_account_deleted_email(
req.user.email
).catch(utils.handle_err.mailgun(res));
}).then(function() {
req.logout();
cookies.set(res, 'login_message', {
message: "Account Deleted"
}, {
httpOnly: false
});
res.send(utils.ok());
}).catch(utils.handle_err.res(res, "Error deleting your account, try again later"));
},
"request": function(req, res) {
utils.validate.keys(req.body, [
['email', utils.validate.email, "Invalid Email"]
]).then(function() {
return utils.query(
'SELECT * FROM delete_account WHERE email=? AND expires<?',
[req.body.email, Date.now()]
).catch(utils.handle_err.sql(res));
}).then(function([delete_account_data]) {
if (delete_account_data) {
return utils.reject([utils.status.ok, {
message: "There is already a valid account deletion code, please check your inbox"
}]);
}
return utils.tiny_id();
}).then(function(delete_id) {
return snippets.generate_token_and_send_email(res,
"delete_account", "delete_id",
req.user.email, "send_account_delete_code_email", {
email_params: {
code: delete_id
},
token: delete_id,
ttl: time.one_minute * 5
}
);
}).then(function() {
res.send(utils.ok({
message: "Account deletion email sent, please check your inbox for the code"
}));
}).catch(utils.handle_err.res(res, "Error sending your account deletion code, try again later"));
}
}
}