diff options
| author |  Gareth Coles <[email protected]> | 2019-10-22 16:00:16 +0100 |
|---|---|---|
| committer | Gareth Coles <[email protected]> | 2019-10-22 16:00:16 +0100 |
| commit | 6cc062d88e7b70a61d52e6eab633de57c4114cb2 (patch) | |
| tree | bd079215e71efd8fca50021f42c33f08a3e5c95c /pydis_site/apps | |
| parent | Merge branch 'master' into allauth-user-settings (diff) | |
Implement account deletion at /accounts/delete
Diffstat (limited to 'pydis_site/apps')
| -rw-r--r-- | pydis_site/apps/home/forms/__init__.py | 0 | ||||
| -rw-r--r-- | pydis_site/apps/home/forms/account_deletion.py | 24 | ||||
| -rw-r--r-- | pydis_site/apps/home/views/account/delete.py | 21 |
3 files changed, 43 insertions, 2 deletions
diff --git a/pydis_site/apps/home/forms/__init__.py b/pydis_site/apps/home/forms/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/pydis_site/apps/home/forms/__init__.py diff --git a/pydis_site/apps/home/forms/account_deletion.py b/pydis_site/apps/home/forms/account_deletion.py new file mode 100644 index 00000000..17ffe5c1 --- /dev/null +++ b/pydis_site/apps/home/forms/account_deletion.py @@ -0,0 +1,24 @@ +from crispy_forms.helper import FormHelper +from crispy_forms.layout import Layout +from django.forms import CharField, Form +from django_crispy_bulma.layout import IconField, Submit + + +class AccountDeletionForm(Form): + """Account deletion form, to collect username for confirmation of removal.""" + + def __init__(self, *args, **kwargs): + super().__init__(*args, **kwargs) + self.helper = FormHelper() + + self.helper.form_method = "post" + self.helper.add_input(Submit("submit", "I understand, delete my account")) + + self.helper.layout = Layout( + IconField("username", icon_prepend="user") + ) + + username = CharField( + label="Username", + required=True + ) diff --git a/pydis_site/apps/home/views/account/delete.py b/pydis_site/apps/home/views/account/delete.py index f80089d5..798b8a33 100644 --- a/pydis_site/apps/home/views/account/delete.py +++ b/pydis_site/apps/home/views/account/delete.py @@ -1,9 +1,12 @@ from django.contrib.auth.mixins import LoginRequiredMixin +from django.contrib.messages import ERROR, INFO, add_message from django.http import HttpRequest, HttpResponse -from django.shortcuts import render +from django.shortcuts import redirect, render from django.urls import reverse from django.views import View +from pydis_site.apps.home.forms.account_deletion import AccountDeletionForm + class DeleteView(LoginRequiredMixin, View): """Account deletion view, for removing linked user accounts from the DB.""" @@ -14,7 +17,21 @@ class DeleteView(LoginRequiredMixin, View): def get(self, request: HttpRequest) -> HttpResponse: """HTTP GET: Return the view template.""" - return render(request, "home/account/delete.html") + return render( + request, "home/account/delete.html", + context={"form": AccountDeletionForm()} + ) def post(self, request: HttpRequest) -> HttpResponse: """HTTP POST: Process the deletion, as requested by the user.""" + form = AccountDeletionForm(request.POST) + + if not form.is_valid() or request.user.username != form.cleaned_data["username"]: + add_message(request, ERROR, "Please enter your username exactly as shown.") + + return redirect(reverse("account_delete")) + + request.user.delete() + add_message(request, INFO, "Your account has been deleted.") + + return redirect(reverse("home")) |