Skip to content

Commit

Permalink
Feature/delete user integration (#469)
Browse files Browse the repository at this point in the history
* Add delete user identity server endpoint and delete profile and forms api endpoint

* Add adminApi policy to the delete endpoint

* Delete only the IDP user

* Revert user service changes

* revert config

* Adding delete account

* Using the identity server URL

* Fixing browser warning

* Update frontend/src/components/DeleteAccount/index.js

Co-authored-by: Nicu <[email protected]>

* Integrate delete user backend + frontend

initial commit of merged commits
removed email input

* fix cors, moved remove functionality to account endpoint

* Update frontend/src/components/DeleteAccount/index.js

Co-authored-by: Nicu <[email protected]>

* linter fix

Co-authored-by: Irinel Nistor <[email protected]>
Co-authored-by: Radu Stefanescu <[email protected]>
Co-authored-by: Mircea M <[email protected]>
Co-authored-by: Nicu <[email protected]>
Co-authored-by: ion.dormenco <[email protected]>
  • Loading branch information
6 people authored Jul 31, 2020
1 parent 7831ef6 commit fb9cb29
Show file tree
Hide file tree
Showing 9 changed files with 147 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Hosting;
using StamAcasa.IdentityServer.Quickstart.Account;

namespace IdentityServer.Quickstart.Account
{
Expand Down Expand Up @@ -212,6 +213,32 @@ public IActionResult AccessDenied()
return View();
}

[Route("account/delete")]
[HttpPost]
public async Task<IActionResult> DeleteAccountAsync([FromBody] DeleteAccountModel model)
{
var user = await _userManager.FindByNameAsync(model.Email);
if (user == null)
{
return Problem("Utilizatorul nu a fost sters");
}

if (!await _userManager.CheckPasswordAsync(user, model.Password))
{
return Problem("Utilizatorul nu a fost sters");
}

var result = await _userManager.DeleteAsync(user);
var userId = await _userManager.GetUserIdAsync(user);
if (!result.Succeeded)
{
throw new InvalidOperationException($"Unexpected error occurred deleting user with ID '{userId}'.");
}

await _signInManager.SignOutAsync();

return Ok();
}

/*****************************************/
/* helper APIs for the AccountController */
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@

using System.ComponentModel.DataAnnotations;

namespace StamAcasa.IdentityServer.Quickstart.Account
{
public class DeleteAccountModel
{
[Required]
public string Email { get; set; }

[Required]
public string Password { get; set; }
}
}
14 changes: 14 additions & 0 deletions backend/src/StamAcasa.IdentityServer/Startup.cs
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,19 @@ public void ConfigureServices(IServiceCollection services)
));
services.AddSingleton<IQueueService, QueueService>();
services.AddSingleton<PasswordValidationMessages>();

services.AddCors(options =>
{
// this defines a CORS policy called "default"
options.AddPolicy("default", policy =>
{
policy = _identityConfiguration.Clients.SelectMany(x => x.AllowedCorsOrigins)
.Aggregate(policy, (current, url) => current.WithOrigins(url));

policy.AllowAnyHeader()
.AllowAnyMethod();
});
});
}

private X509Certificate2 LoadCertificate(string base64EncodedCertificate, string password)
Expand All @@ -140,6 +153,7 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
app.UseHttpsRedirection();
}

app.UseCors("default");
app.UseRouting();
app.UseStaticFiles();
var cookiePolicyOptions = new CookiePolicyOptions
Expand Down
12 changes: 12 additions & 0 deletions frontend/src/api/accountApi.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
import axios from "axios";
import { Constants } from "../config/constants";

const api = axios.create({
baseURL: `${Constants.idpUrl}/account/`
});

const AccountApi = {
deleteAccount: (email, password) => api.post("delete", { email, password })
};

export default AccountApi;
2 changes: 2 additions & 0 deletions frontend/src/api/auth.js
Original file line number Diff line number Diff line change
Expand Up @@ -56,3 +56,5 @@ export const getUserToken = async () => {
}
return user.access_token;
};

export const removeUser = () => userManager.removeUser();
69 changes: 69 additions & 0 deletions frontend/src/components/DeleteAccount/index.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
import React, { useState } from "react";
import SidebarLayout from "../SidebarLayout";
import AccountApi from "../../api/accountApi";
import "./style.scss";
import { removeUser, getUser } from "../../api/auth";
const DeleteAccount = () => {
const [password, setPassword] = useState("");
const [loading, setLoading] = useState(false);
const [errorDeleting, setErrorDeleting] = useState(false);

const fieldsFilled = password;

const updatePassword = event => setPassword(event.target.value);

const deleteProfile = async () => {
try {
setLoading(true);
const user = await getUser();
await AccountApi.deleteAccount(user.profile.email, password);
setLoading(false);
await removeUser();
} catch {
setErrorDeleting(true);
setLoading(false);
}
};

const buttonClasses = "button is-danger" + (loading ? " is-loading" : "");
return (
<SidebarLayout>
<div>
Contul tău va fi șters. Pentru a putea reutiliza această aplicație va
trebui să îți refaci contul de utilizator. Informațiile pe care le-ai
transmis până acum prin intermediul aplicației vor rămâne stocate în
baza de date. Dacă dorești ca toate informațiile să fie eliminate din
baza de date te rugăm să adresezi această cerere către:
<p>Adresa: Strada Italiană, nr. 22, Sector 2, 020976, București</p>
<p>E-mail: [email protected]</p>
</div>
<form onSubmit={() => {}}>
<div className="field">
<label className="label">Parola</label>
<input
className="input is-medium"
type="password"
placeholder="Parola"
value={password}
onChange={updatePassword}
/>
</div>
<div className="field">
<button
className={buttonClasses}
onClick={deleteProfile}
disabled={!fieldsFilled || loading}
>
Șterge cont
</button>
</div>
</form>
<div className="notification is-warning" hidden={!errorDeleting}>
<button className="delete" onClick={() => setErrorDeleting(false)} />
Încercarea de ștergere a eșuat!
</div>
</SidebarLayout>
);
};

export default DeleteAccount;
3 changes: 3 additions & 0 deletions frontend/src/components/DeleteAccount/style.scss
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
.notification {
margin-top: 1em;
}
1 change: 1 addition & 0 deletions frontend/src/components/Header/ProfileItems.js
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ const ProfileItems = () => {
<NavLink to="/account">Contul meu</NavLink>
<div className="account-separator" />
<button onClick={handleLogout}>Logout</button>
<NavLink to="/delete-account">Ștergere cont</NavLink>
</>
) : (
<>
Expand Down
5 changes: 5 additions & 0 deletions frontend/src/routes.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import UpdateProfile from "./components/UpdateProfile";
import Evaluation from "./components/Evaluation";
import Account from "./components/Account";
import TermsAndConditions from "./components/TermsAndConditions";
import DeleteAccount from "./components/DeleteAccount";

import {
redirectSilentSignin,
Expand Down Expand Up @@ -75,6 +76,10 @@ export const ROUTES = {
updateprofile: {
path: "/update-profile",
component: UpdateProfile
},
deleteaccount: {
path: "/delete-account",
component: DeleteAccount
}
}
};

1 comment on commit fb9cb29

@vercel
Copy link

@vercel vercel bot commented on fb9cb29 Jul 31, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.