From f98567ea87852a77040488982f2d10ecf0dfc243 Mon Sep 17 00:00:00 2001 From: Ephraim Atta-Duncan Date: Sat, 17 Feb 2024 07:34:21 +0000 Subject: [PATCH] feat: request usee to disable 2fa before deleting account --- apps/web/src/components/forms/profile.tsx | 138 ++++++------------ .../lib/server-only/2fa/verify-2fa-token.ts | 1 - 2 files changed, 45 insertions(+), 94 deletions(-) diff --git a/apps/web/src/components/forms/profile.tsx b/apps/web/src/components/forms/profile.tsx index 23861c9fc..8a7e2ff3f 100644 --- a/apps/web/src/components/forms/profile.tsx +++ b/apps/web/src/components/forms/profile.tsx @@ -7,7 +7,6 @@ import { signOut } from 'next-auth/react'; import { useForm } from 'react-hook-form'; import { z } from 'zod'; -import { validateTwoFactorAuthentication } from '@documenso/lib/server-only/2fa/validate-2fa'; import type { User } from '@documenso/prisma/client'; import { TRPCClientError } from '@documenso/trpc/client'; import { trpc } from '@documenso/trpc/react'; @@ -67,13 +66,6 @@ export const ProfileForm = ({ className, user }: ProfileFormProps) => { resolver: zodResolver(ZProfileFormSchema), }); - const deleteAccountTwoFactorTokenForm = useForm({ - defaultValues: { - token: '', - }, - resolver: zodResolver(ZTwoFactorAuthTokenSchema), - }); - const isSubmitting = form.formState.isSubmitting; const hasTwoFactorAuthentication = user.twoFactorEnabled; @@ -113,38 +105,17 @@ export const ProfileForm = ({ className, user }: ProfileFormProps) => { } }; - const deleteAccoutAndSignOut = async () => { - await deleteAccount(); - - toast({ - title: 'Account deleted', - description: 'Your account has been deleted successfully.', - duration: 5000, - }); - - return await signOut({ callbackUrl: '/' }); - }; - - const onDeleteAccount = async (hasTwoFactorAuthentication: boolean) => { + const onDeleteAccount = async () => { try { - if (!hasTwoFactorAuthentication) { - return await deleteAccoutAndSignOut(); - } + await deleteAccount(); - const { token } = deleteAccountTwoFactorTokenForm.getValues(); - - if (!token) { - throw new Error('Please enter your Two Factor Authentication token.'); - } - - await validateTwoFactorAuthentication({ - totpCode: token, - user, - }).catch(() => { - throw new Error('We were unable to validate your Two Factor Authentication token.'); + toast({ + title: 'Account deleted', + description: 'Your account has been deleted successfully.', + duration: 5000, }); - await deleteAccoutAndSignOut(); + return await signOut({ callbackUrl: '/' }); } catch (err) { if (err instanceof TRPCClientError && err.data?.code === 'BAD_REQUEST') { toast({ @@ -225,66 +196,47 @@ export const ProfileForm = ({ className, user }: ProfileFormProps) => { irreversible and will cancel your subscription, so proceed with caution. -
- { - console.log('delete account'); - })} - > - - - - - - - Delete Account - - Documenso will delete{' '} - all of your documents, along with all - of your completed documents, signatures, and all other resources belonging - to your Account. - - + + + + + + + Delete Account + + Documenso will delete{' '} + all of your documents, along with all of + your completed documents, signatures, and all other resources belonging to your + Account. + + - - - This action is not reversible. Please be certain. - - + + + This action is not reversible. Please be certain. + + - {hasTwoFactorAuthentication && ( -
- ( - - - Two Factor Authentication Token - - - - - - - )} - /> -
- )} + {hasTwoFactorAuthentication && ( + + + Disable Two Factor Authentication before deleting your account. + + + )} - - - - - - - + + + + +
diff --git a/packages/lib/server-only/2fa/verify-2fa-token.ts b/packages/lib/server-only/2fa/verify-2fa-token.ts index 3c410bd58..0e8ec6afc 100644 --- a/packages/lib/server-only/2fa/verify-2fa-token.ts +++ b/packages/lib/server-only/2fa/verify-2fa-token.ts @@ -17,7 +17,6 @@ export const verifyTwoFactorAuthenticationToken = async ({ user, totpCode, }: VerifyTwoFactorAuthenticationTokenOptions) => { - // TODO: This is undefined and I can't figure out why. const key = DOCUMENSO_ENCRYPTION_KEY; if (!user.twoFactorSecret) {