fix account deletion

neodb-social · Dec 11, 2023 · c8bafef · c8bafef
1 parent 18eb234
commit c8bafef
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 8 deletions.
diff --git a/takahe/utils.py b/takahe/utils.py
@@ -142,6 +142,18 @@ def get_identity_by_handler(username: str, domain: str) -> Identity | None:
             username__iexact=username, domain__domain__iexact=domain
         ).first()
 
+    @staticmethod
+    def delete_identity(identity_pk: int):
+        identity = Identity.objects.filter(pk=identity_pk).first()
+        if not identity:
+            logger.warning(f"Cannot find identity {identity_pk}")
+            return
+        logger.warning(f"Deleting identity {identity}")
+        identity.state = "deleted"
+        identity.deleted = timezone.now()
+        identity.state_next_attempt = timezone.now()
+        identity.save()
+
     @staticmethod
     def create_internal_message(message: dict):
         InboxMessage.create_internal(message)

diff --git a/takahe/views.py b/takahe/views.py
@@ -61,5 +61,4 @@ def auth_login(request):
 
 def auth_logout(request: HttpRequest):
     response = redirect("/account/logout")
-    response.delete_cookie(settings.TAKAHE_SESSION_COOKIE_NAME)
     return response
diff --git a/users/account.py b/users/account.py
@@ -234,10 +234,7 @@ def login_existing_user(request, existing_user):
 def logout(request):
     if request.method == "GET":
         # revoke_token(request.user.mastodon_site, request.user.mastodon_token)
-        auth_logout(request)
-        response = redirect(reverse("users:login"))
-        response.delete_cookie(settings.TAKAHE_SESSION_COOKIE_NAME)
-        return response
+        return auth_logout(request)
     else:
         raise BadRequest()
 
@@ -509,13 +506,17 @@ def auth_login(request, user):
 def auth_logout(request):
     """Decorates django ``logout()``. Release token in session."""
     auth.logout(request)
+    response = redirect("/")
+    response.delete_cookie(settings.TAKAHE_SESSION_COOKIE_NAME)
+    return response
 
 
 def clear_data_task(user_id):
     user = User.objects.get(pk=user_id)
     user_str = str(user)
     if user.identity:
         remove_data_by_user(user.identity)
+    Takahe.delete_identity(user.identity.pk)
     user.clear()
     logger.warning(f"User {user_str} data cleared.")
 
@@ -528,8 +529,7 @@ def clear_data(request):
         v = request.POST.get("verification")
         if v and (v == request.user.mastodon_acct or v == request.user.email):
             django_rq.get_queue("mastodon").enqueue(clear_data_task, request.user.id)
-            auth_logout(request)
-            return redirect(reverse("users:login"))
+            return auth_logout(request)
         else:
             messages.add_message(request, messages.ERROR, _("验证信息不符。"))
     return redirect(reverse("users:data"))
diff --git a/users/templates/users/account.html b/users/templates/users/account.html
@@ -193,7 +193,7 @@
                   onsubmit="return confirm('账号数据一旦删除后将无法恢复。确认删除吗？');">
               {% csrf_token %}
               <div>
-                输入完整的 <code>用户名@实例名</code> 或 <code>电子邮件地址</code> 以确认删除
+                输入完整的登录用 <code>用户名@实例名</code> 或 <code>电子邮件地址</code> 以确认删除
                 <input type="email"
                        name="verification"
                        _="on input remove [@disabled] from #delete end"