summaryrefslogtreecommitdiff
path: root/lib/web
diff options
context:
space:
mode:
authorChristoph (Sheogorath) Kern2018-06-17 23:33:57 +0200
committerGitHub2018-06-17 23:33:57 +0200
commit56d78a7d6c2b49bb194cba05d1a5ff5e4b54a983 (patch)
tree009a0c047d9b537548c0a4a741d60ade9b2ee6ea /lib/web
parentf36b10abb2368459e4ba546d826c16b3232f4ba0 (diff)
parentfce735e833f91a0f1d17c518b65c4c724d1a4b4d (diff)
Merge pull request #830 from SISheogorath/feature/GDPR
GDPR compliant part 1
Diffstat (limited to '')
-rw-r--r--lib/web/userRouter.js84
1 files changed, 84 insertions, 0 deletions
diff --git a/lib/web/userRouter.js b/lib/web/userRouter.js
index 963961c7..db786d53 100644
--- a/lib/web/userRouter.js
+++ b/lib/web/userRouter.js
@@ -1,8 +1,11 @@
'use strict'
+const archiver = require('archiver')
+const async = require('async')
const Router = require('express').Router
const response = require('../response')
+const config = require('../config')
const models = require('../models')
const logger = require('../logger')
const {generateAvatar} = require('../letter-avatars')
@@ -36,6 +39,87 @@ UserRouter.get('/me', function (req, res) {
}
})
+// delete the currently authenticated user
+UserRouter.get('/me/delete/:token?', function (req, res) {
+ if (req.isAuthenticated()) {
+ models.User.findOne({
+ where: {
+ id: req.user.id
+ }
+ }).then(function (user) {
+ if (!user) {
+ return response.errorNotFound(res)
+ }
+ if (user.deleteToken === req.params.token) {
+ user.destroy().then(function () {
+ res.redirect(config.serverURL + '/')
+ })
+ } else {
+ return response.errorForbidden(res)
+ }
+ }).catch(function (err) {
+ logger.error('delete user failed: ' + err)
+ return response.errorInternalError(res)
+ })
+ } else {
+ return response.errorForbidden(res)
+ }
+})
+
+// export the data of the authenticated user
+UserRouter.get('/me/export', function (req, res) {
+ if (req.isAuthenticated()) {
+ // let output = fs.createWriteStream(__dirname + '/example.zip');
+ let archive = archiver('zip', {
+ zlib: { level: 3 } // Sets the compression level.
+ })
+ res.setHeader('Content-Type', 'application/zip')
+ res.attachment('archive.zip')
+ archive.pipe(res)
+ archive.on('error', function (err) {
+ logger.error('export user data failed: ' + err)
+ return response.errorInternalError(res)
+ })
+ models.User.findOne({
+ where: {
+ id: req.user.id
+ }
+ }).then(function (user) {
+ models.Note.findAll({
+ where: {
+ ownerId: user.id
+ }
+ }).then(function (notes) {
+ let list = []
+ async.each(notes, function (note, callback) {
+ let title
+ let extension = ''
+ do {
+ title = note.title + extension
+ extension++
+ } while (list.indexOf(title) !== -1)
+
+ list.push(title)
+ logger.debug('Write: ' + title + '.md')
+ archive.append(Buffer.from(note.content), { name: title + '.md', date: note.lastchangeAt })
+ callback(null, null)
+ }, function (err) {
+ if (err) {
+ return response.errorInternalError(res)
+ }
+
+ archive.finalize()
+ })
+ })
+ }).catch(function (err) {
+ logger.error('export user data failed: ' + err)
+ return response.errorInternalError(res)
+ })
+ } else {
+ return response.errorForbidden(res)
+ }
+})
+
UserRouter.get('/user/:username/avatar.svg', function (req, res, next) {
res.setHeader('Content-Type', 'image/svg+xml')
res.setHeader('Cache-Control', 'public, max-age=86400')