「🏗️」 wip(auth): added the hability to remove user

2025-12-31 21:56:41 +01:00 · 2025-10-16 12:29:16 +02:00
parent d80beff543
commit f689274716
4 changed files with 88 additions and 0 deletions
--- a/doc/auth/remove.md
+++ b/doc/auth/remove.md
@ -0,0 +1,32 @@
+# remove user
+
+Available endpoints:
+- DELETE `/`
+
+Common return:
+- 500 with response 
+```json
+{
+    "error": "Internal server error"
+}
+```
+
+## DELETE `/`
+
+User to remove a user from the backend
+
+Inputs: just need a valid JWT cookie
+
+Returns:
+- 200
+```json
+{
+    "msg": "User successfully deleted"
+}
+```
+- 401 || 400
+```json
+{
+    "error": "<corresponding msg>
+}
+```
--- a/src/api/auth/default.js
+++ b/src/api/auth/default.js
@ -11,6 +11,7 @@ import { totpSetup } from './totpSetup.js';
 import { totpDelete } from './totpDelete.js';
 import { totpVerify } from './totpVerify.js';
 import { logout } from './logout.js';
+import { remove } from './remove.js';

 const saltRounds = 10;
 export const appName = process.env.APP_NAME || 'knl_meowscendence';
@ -110,4 +111,6 @@ export default async function(fastify, options) {
 	}, async (request, reply) => { return register(request, reply, saltRounds, fastify); });

 	fastify.get('/logout', {}, async (request, reply) => { return logout(reply, fastify); })
+
+	 fastify.delete('/', { preHandler: fastify.authenticate }, async (request, reply) => { return remove(request, reply, fastify)})
 }
--- a/src/api/auth/remove.js
+++ b/src/api/auth/remove.js
@ -0,0 +1,34 @@
+import authDB from '../../utils/authDB';
+import { authUserRemove } from '../../utils/authUserRemove';
+
+/**
+ * @param {import('fastify').FastifyRequest} request
+ * @param {import('fastify').FastifyReply} reply
+ * @param {import('fastify').FastifyInstance} fastify
+ */
+export async function remove(request, reply, fastify) {
+	try {
+		const user = request.user;
+
+		if (authDB.RESERVED_USERNAMES.includes(user)) {
+			return reply.code(400).send({ error: 'Reserved username' });
+		}
+
+		if (authDB.checkUser(user) === false) {
+			return reply.code(400).send({ error: "User does not exist" });
+		}
+
+		authDB.rmUser(user)
+
+		authUserRemove(user, fastify)
+
+		return reply
+			.code(200)
+			.send({
+				msg: "User successfully deleted"
+			})
+	} catch (err) {
+		fastify.log.error(err);
+		return reply.code(500).send({ error: "Internal server error" });
+	}
+}
--- a/src/utils/authUserRemove.js
+++ b/src/utils/authUserRemove.js
@ -0,0 +1,19 @@
+import axios from 'axios'
+
+/**
+ * @param {string} username
+ * @param {import('fastify').FastifyInstance} fastify
+ */
+export async function authUserRemove(username, fastify) {
+	const url = (process.env.USER_URL || "http://localhost:3002/") + "users/" + username;
+	const cookie = fastify.jwt.sign({ user: "admin" });
+
+	await axios.post(
+		url,
+		{
+			headers: {
+				'Cookie': 'token=' + cookie,
+			},
+		}
+	);
+}