65 lines
1.7 KiB
Rust
65 lines
1.7 KiB
Rust
// Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
|
|
// SPDX-FileCopyrightText: 2023 Aravinth Manivannan <realaravinth@batsense.net>
|
|
//
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
use actix_identity::Identity;
|
|
use actix_web::{web, HttpResponse, Responder};
|
|
|
|
use super::auth::runners::Password;
|
|
use crate::errors::*;
|
|
use crate::AppData;
|
|
|
|
#[actix_web_codegen_const_routes::post(
|
|
path = "crate::V1_API_ROUTES.admin.account.delete",
|
|
wrap = "crate::api::v1::admin::get_admin_check_login()"
|
|
)]
|
|
async fn delete_account(
|
|
id: Identity,
|
|
payload: web::Json<Password>,
|
|
data: AppData,
|
|
) -> ServiceResult<impl Responder> {
|
|
use argon2_creds::Config;
|
|
use sqlx::Error::RowNotFound;
|
|
|
|
let username = id.identity().unwrap();
|
|
|
|
let rec = sqlx::query_as!(
|
|
Password,
|
|
r#"SELECT password FROM survey_admins WHERE name = ($1)"#,
|
|
&username,
|
|
)
|
|
.fetch_one(&data.db)
|
|
.await;
|
|
|
|
match rec {
|
|
Ok(s) => {
|
|
if Config::verify(&s.password, &payload.password)? {
|
|
runners::delete_user(&username, &data).await?;
|
|
id.forget();
|
|
Ok(HttpResponse::Ok())
|
|
} else {
|
|
Err(ServiceError::WrongPassword)
|
|
}
|
|
}
|
|
Err(RowNotFound) => Err(ServiceError::AccountNotFound),
|
|
Err(_) => Err(ServiceError::InternalServerError),
|
|
}
|
|
}
|
|
|
|
pub mod runners {
|
|
|
|
use super::*;
|
|
|
|
pub async fn delete_user(name: &str, data: &AppData) -> ServiceResult<()> {
|
|
sqlx::query!("DELETE FROM survey_admins WHERE name = ($1)", name,)
|
|
.execute(&data.db)
|
|
.await?;
|
|
Ok(())
|
|
}
|
|
}
|
|
|
|
pub fn services(cfg: &mut actix_web::web::ServiceConfig) {
|
|
cfg.service(delete_account);
|
|
}
|