✨ Support for deleting account

src/crud/email.ts

@@ -105,6 +105,21 @@ export const deleteEmail = async (id: number) => {
   return await query("DELETE FROM emails WHERE id = ?", [id]);
 };
 
+/**
+ * Delete a user's email
+ */
+export const deleteAllUserEmails = async (userId: number) => {
+  deleteItemFromCache(CacheCategories.USER_EMAILS, userId);
+  const allEmails = await getUserEmails(userId);
+  allEmails.forEach(email => {
+    if (email.id && email.email) {
+      deleteItemFromCache(CacheCategories.EMAIL, email.id);
+      deleteItemFromCache(CacheCategories.EMAIL, email.email);
+    }
+  });
+  return await query("DELETE FROM emails WHERE userId = ?", [userId]);
+};
+
 /**
  * Get details about a user's email
  */

src/crud/membership.ts

@@ -61,6 +61,13 @@ export const deleteAllOrganizationMemberships = async (
   ]);
 };
 
+/*
+ * Delete all memberships for a user
+ */
+export const deleteAllUserMemberships = async (userId: number) => {
+  return await query("DELETE FROM memberships WHERE userId = ?", [userId]);
+};
+
 /*
  * Get details about a specific organization membership
  */

src/rest/auth.ts

@@ -146,6 +146,7 @@ export const loginWithGoogleLink = () => googleGetConnectionUrl();
 export const loginWithGoogleVerify = async (code: string, locals: Locals) => {
   const data = await googleGetTokensFromCode(code);
   const email = await googleGetEmailFromToken(data);
+  if (!email) throw new Error(ErrorCode.USER_NOT_FOUND);
   const user = await getUserByEmail(email);
   if (!user.id) throw new Error(ErrorCode.USER_NOT_FOUND);
   return await getLoginResponse(user, EventType.AUTH_LOGIN, "google", locals);

src/rest/user.ts

@@ -1,5 +1,10 @@
 import { ErrorCode, EventType, Authorizations } from "../interfaces/enum";
-import { getUser, updateUser, getUserApprovedLocations } from "../crud/user";
+import {
+  getUser,
+  updateUser,
+  getUserApprovedLocations,
+  deleteUser
+} from "../crud/user";
 import {
   getUserMembershipObject,
   getUserOrganization
@@ -37,6 +42,26 @@ export const updateUserForUser = async (
   throw new Error(ErrorCode.INSUFFICIENT_PERMISSION);
 };
 
+export const deleteUserForUser = async (
+  tokenUserId: number,
+  updateUserId: number,
+  locals: Locals
+) => {
+  if (await can(tokenUserId, Authorizations.DELETE, "user", updateUserId)) {
+    await deleteUser(updateUserId);
+    await createEvent(
+      {
+        userId: tokenUserId,
+        type: EventType.USER_DELETED,
+        data: { id: updateUserId }
+      },
+      locals
+    );
+    return;
+  }
+  throw new Error(ErrorCode.INSUFFICIENT_PERMISSION);
+};
+
 export const getRecentEventsForUser = async (
   tokenUserId: number,
   dataUserId: number

src/routes/index.ts

@@ -4,7 +4,8 @@ import {
   routeUserId,
   routeUserUpdate,
   routeUserAllData,
-  routeUserRecentEvents
+  routeUserRecentEvents,
+  routeUserDelete
 } from "./users";
 import {
   routeEmailVerify,
@@ -75,6 +76,7 @@ const routesAuth = (app: Application) => {
 const routesUser = (app: Application) => {
   app.put("/users", asyncHandler(routeAuthRegister));
   app.get("/users/:id", authHandler, asyncHandler(routeUserId));
+  app.delete("/users/:id", authHandler, asyncHandler(routeUserDelete));
   app.patch("/users/:id", authHandler, asyncHandler(routeUserUpdate));
   app.get(
     "/users/:id/events",

src/routes/users.ts

@@ -3,7 +3,8 @@ import {
   getUserFromId,
   updateUserForUser,
   getAllDataForUser,
-  getRecentEventsForUser
+  getRecentEventsForUser,
+  deleteUserForUser
 } from "../rest/user";
 import { ErrorCode } from "../interfaces/enum";
 
@@ -35,3 +36,10 @@ export const routeUserAllData = async (req: Request, res: Response) => {
   if (!id) throw new Error(ErrorCode.MISSING_FIELD);
   res.json(await getAllDataForUser(res.locals.token.id, id));
 };
+
+export const routeUserDelete = async (req: Request, res: Response) => {
+  let id = req.params.id;
+  if (id === "me") id = res.locals.token.id;
+  if (!id) throw new Error(ErrorCode.MISSING_FIELD);
+  res.json(await deleteUserForUser(res.locals.token.id, id, res.locals));
+};