[api] [view] Added ability to delete accounts #311

* Allows users to request account deletion * Still requires admin to delete account * Helps compliance with GDPR
stackvana · May 31, 2018 · e8dbe96 · e8dbe96
1 parent 711ff12
commit e8dbe96
Show file tree

Hide file tree

Showing 2 changed files with 101 additions and 0 deletions.
diff --git a/view/account/delete.html b/view/account/delete.html
@@ -0,0 +1,45 @@
+<script>
+  $(document).ready(function(){
+    $('.cancelBtn').on('click', function(){
+      if ($('#confirmDelete').prop('checked') === false) {
+        $('#confirmDelete').parent().addClass('error');
+        return false;
+      }
+      var result = confirm('Are you sure you want to delete your account?');
+      if (result) {
+        return true;
+      } else {
+        return false;
+      }
+    })
+  });
+</script>
+
+<style>
+  .reason {
+    height: 400px !important;
+    width: 600px;
+  }
+</style>
+<h1>Delete Account</h1>
+<div class="content container" align="">
+  <div class="message medium"></div>
+  <div class="deleteForm">
+    <form class="form" action="" method="POST">
+      <legend>Delete Account</legend>
+      <p>If you no longer wish for {{appName}} to maintain a copy of your account information or user data, you may delete using the form below.</p>
+      <p class="warning">Warning: Deleting your account will result in the permanent removal of any services or data you've created on hook.io</p>
+      <div class="form-group">
+        <label for="confirmDelete">
+           <input type="checkbox" name="confirmDelete" id="confirmDelete"/>
+           I want to delete my account and have my data removed.
+        </label>
+      </div>
+      <div class="form-group">
+        <label for="reason">Reason for no longer using hook.io :</label><br/>
+        <textarea name="reason" class="form-control reason" id="reason">No reason for deletion specified.</textarea>
+      </div>
+      <button class="cancelBtn btn btn-primary">Delete Account</button>
+    </form>
+  </div>
+</div>
diff --git a/view/account/delete.js b/view/account/delete.js
@@ -0,0 +1,56 @@
+var config = require('../../config');
+var email = require('resource-email');
+var psr = require('parse-service-request');
+
+module['exports'] = function (opts, cb) {
+  var $ = this.$,
+      req = opts.req,
+      res = opts.res;
+
+  $ = req.white($);
+
+  var appAdminEmail = config.app.adminEmail;
+
+  psr(req, res, function(req, res){
+
+    if (req.method === "POST") {
+      var params = req.resource.params;
+
+      if (params.confirmDelete !== "on") {
+        return res.end('error: must set confirmDelete checkbox');
+      }
+
+      var cancel = {
+        user: req.session.user,
+        email: req.session.email,
+        reason: req.resource.params.reason,
+        date: new Date()
+      };
+
+      var _config = {
+        //provider: 'sendgrid',
+        provider: config.email.provider,
+        api_user: config.email.api_user,
+        api_key: config.email.api_key,
+        to: "[email protected]",
+        from: "[email protected]",
+        subject: 'hook.io - delete account information',
+        html: JSON.stringify(cancel, true, 2)
+      };
+      email.send(_config, function (err, result) {
+        if (err) {
+          // TODO: better errors here with /config/messages/*.js errors 
+          return res.end('error communicating with mail provider ' + err.message);
+        }
+        $('.deleteForm').remove();
+        $('.message').html('Your account deletion request is now being processed.<br/>Please <a href="' + config.app.url + '/contact?t=Account%20Deletion">contact support</a> if you have any additional questions.')
+        return cb(null, $.html());
+      });
+    } else {
+      var out = $.html();
+      out = out.replace(/\{\{appAdminEmail\}\}/g, appAdminEmail);
+      cb(null, out);
+    }
+  });
+
+};