Deactivation of accounts from the web interface

main2
Bob Mottram 2019-11-05 11:52:38 +00:00
parent d9ae66ef19
commit f140eee20f
1 changed files with 23 additions and 11 deletions

View File

@ -24,6 +24,7 @@ from webfinger import webfingerMeta
from webfinger import webfingerLookup from webfinger import webfingerLookup
from webfinger import webfingerHandle from webfinger import webfingerHandle
from person import activateAccount from person import activateAccount
from person import deactivateAccount
from person import registerAccount from person import registerAccount
from person import personLookup from person import personLookup
from person import personBoxJson from person import personBoxJson
@ -680,6 +681,20 @@ class PubServer(BaseHTTPRequestHandler):
return True return True
return False return False
def _clearLoginDetails(self,nickname: str):
"""Clears login details for the given account
"""
# remove any token
if self.server.tokens.get(nickname):
del self.server.tokensLookup[self.server.tokens[nickname]]
del self.server.tokens[nickname]
self.send_response(303)
self.send_header('Content-Length', '0')
self.send_header('Set-Cookie', 'epicyon=; SameSite=Strict')
self.send_header('Location', '/login')
self.send_header('X-Robots-Tag','noindex')
self.end_headers()
def do_GET(self): def do_GET(self):
if self.path=='/logout': if self.path=='/logout':
msg=htmlLogin(self.server.translate, \ msg=htmlLogin(self.server.translate, \
@ -3007,16 +3022,7 @@ class PubServer(BaseHTTPRequestHandler):
if not authorizeBasic(self.server.baseDir,'/users/'+ \ if not authorizeBasic(self.server.baseDir,'/users/'+ \
loginNickname+'/outbox',authHeader,False): loginNickname+'/outbox',authHeader,False):
print('Login failed: '+loginNickname) print('Login failed: '+loginNickname)
# remove any token self._clearLoginDetails(loginNickname)
if self.server.tokens.get(loginNickname):
del self.server.tokensLookup[self.server.tokens[loginNickname]]
del self.server.tokens[loginNickname]
self.send_response(303)
self.send_header('Content-Length', '0')
self.send_header('Set-Cookie', 'epicyon=; SameSite=Strict')
self.send_header('Location', '/login')
self.send_header('X-Robots-Tag','noindex')
self.end_headers()
self.server.POSTbusy=False self.server.POSTbusy=False
return return
else: else:
@ -3278,7 +3284,7 @@ class PubServer(BaseHTTPRequestHandler):
approveFollowers=True approveFollowers=True
if approveFollowers!=actorJson['manuallyApprovesFollowers']: if approveFollowers!=actorJson['manuallyApprovesFollowers']:
actorJson['manuallyApprovesFollowers']=approveFollowers actorJson['manuallyApprovesFollowers']=approveFollowers
actorChanged=True actorChanged=True
# only receive DMs from accounts you follow # only receive DMs from accounts you follow
followDMsFilename= \ followDMsFilename= \
self.server.baseDir+'/accounts/'+ \ self.server.baseDir+'/accounts/'+ \
@ -3361,6 +3367,12 @@ class PubServer(BaseHTTPRequestHandler):
} }
self.postToNickname=nickname self.postToNickname=nickname
self._postToOutboxThread(updateActorJson) self._postToOutboxThread(updateActorJson)
if fields.get('deactivateThisAccount'):
if fields['deactivateThisAccount']=='on':
deactivateAccount(self.server.baseDir,nickname,self.server.domain)
self._clearLoginDetails(nickname)
self.server.POSTbusy=False
return
self._redirect_headers(actorStr,cookie) self._redirect_headers(actorStr,cookie)
self.server.POSTbusy=False self.server.POSTbusy=False
return return