Use a clear phrase instead of the user's password

This commit is contained in:
Emi Tatsuo 2020-12-15 19:23:34 -05:00
parent bfaa81d9d0
commit 2fbaf39c0c
Signed by: Emi
GPG key ID: 68FAB2E2E6DFC98B

View file

@ -285,19 +285,21 @@ async fn handle_delete<UserData: Serialize + DeserializeOwned + Sync + Send>(
request: Request,
user: RegisteredUser<UserData>,
) -> Result<Response> {
const DELETE_PHRASE: &str = "I would like to delete my account";
Ok(match request.input() {
Some(username) if user.username() == username => {
Some(DELETE_PHRASE) => {
user.delete()?;
Response::success_gemini(include_str!("pages/deleted.gmi"))
},
Some(_) => {
Response::bad_request("That username did not match. Your account has not been deleted.")
Response::bad_request("Phrase did not match. Your account has not been deleted.")
},
None => {
Response::input(
format!(
"Are you sure you'd like to delete your account? Please enter your username, \"{}\", to continue",
user.username(),
"Are you sure you'd like to delete your account? Please type \"{}\" to continue.",
DELETE_PHRASE,
)
)
},