From f689274716965af466496207f6b91191a0c073cf Mon Sep 17 00:00:00 2001 From: adjoly Date: Thu, 16 Oct 2025 12:29:16 +0200 Subject: [PATCH] =?UTF-8?q?=E3=80=8C=F0=9F=8F=97=EF=B8=8F=E3=80=8D=20wip(a?= =?UTF-8?q?uth):=20added=20the=20hability=20to=20remove=20user?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/auth/remove.md | 32 ++++++++++++++++++++++++++++++++ src/api/auth/default.js | 3 +++ src/api/auth/remove.js | 34 ++++++++++++++++++++++++++++++++++ src/utils/authUserRemove.js | 19 +++++++++++++++++++ 4 files changed, 88 insertions(+) create mode 100644 doc/auth/remove.md create mode 100644 src/api/auth/remove.js create mode 100644 src/utils/authUserRemove.js diff --git a/doc/auth/remove.md b/doc/auth/remove.md new file mode 100644 index 0000000..366c89c --- /dev/null +++ b/doc/auth/remove.md @@ -0,0 +1,32 @@ +# remove user + +Available endpoints: +- DELETE `/` + +Common return: +- 500 with response +```json +{ + "error": "Internal server error" +} +``` + +## DELETE `/` + +User to remove a user from the backend + +Inputs: just need a valid JWT cookie + +Returns: +- 200 +```json +{ + "msg": "User successfully deleted" +} +``` +- 401 || 400 +```json +{ + "error": " +} +``` diff --git a/src/api/auth/default.js b/src/api/auth/default.js index 0e491ac..422d794 100644 --- a/src/api/auth/default.js +++ b/src/api/auth/default.js @@ -11,6 +11,7 @@ import { totpSetup } from './totpSetup.js'; import { totpDelete } from './totpDelete.js'; import { totpVerify } from './totpVerify.js'; import { logout } from './logout.js'; +import { remove } from './remove.js'; const saltRounds = 10; export const appName = process.env.APP_NAME || 'knl_meowscendence'; @@ -110,4 +111,6 @@ export default async function(fastify, options) { }, async (request, reply) => { return register(request, reply, saltRounds, fastify); }); fastify.get('/logout', {}, async (request, reply) => { return logout(reply, fastify); }) + + fastify.delete('/', { preHandler: fastify.authenticate }, async (request, reply) => { return remove(request, reply, fastify)}) } diff --git a/src/api/auth/remove.js b/src/api/auth/remove.js new file mode 100644 index 0000000..90579af --- /dev/null +++ b/src/api/auth/remove.js @@ -0,0 +1,34 @@ +import authDB from '../../utils/authDB'; +import { authUserRemove } from '../../utils/authUserRemove'; + +/** + * @param {import('fastify').FastifyRequest} request + * @param {import('fastify').FastifyReply} reply + * @param {import('fastify').FastifyInstance} fastify + */ +export async function remove(request, reply, fastify) { + try { + const user = request.user; + + if (authDB.RESERVED_USERNAMES.includes(user)) { + return reply.code(400).send({ error: 'Reserved username' }); + } + + if (authDB.checkUser(user) === false) { + return reply.code(400).send({ error: "User does not exist" }); + } + + authDB.rmUser(user) + + authUserRemove(user, fastify) + + return reply + .code(200) + .send({ + msg: "User successfully deleted" + }) + } catch (err) { + fastify.log.error(err); + return reply.code(500).send({ error: "Internal server error" }); + } +} diff --git a/src/utils/authUserRemove.js b/src/utils/authUserRemove.js new file mode 100644 index 0000000..071a51f --- /dev/null +++ b/src/utils/authUserRemove.js @@ -0,0 +1,19 @@ +import axios from 'axios' + +/** + * @param {string} username + * @param {import('fastify').FastifyInstance} fastify + */ +export async function authUserRemove(username, fastify) { + const url = (process.env.USER_URL || "http://localhost:3002/") + "users/" + username; + const cookie = fastify.jwt.sign({ user: "admin" }); + + await axios.post( + url, + { + headers: { + 'Cookie': 'token=' + cookie, + }, + } + ); +}