summaryrefslogtreecommitdiff
path: root/lib/web
diff options
context:
space:
mode:
authorSheogorath2018-05-25 18:19:31 +0200
committerSheogorath2018-05-25 18:26:06 +0200
commit70df29790a83db4abb40ed1e16cb05a3aa760672 (patch)
tree0f3805604956f4dc93020f7af2a124136ed8084b /lib/web
parent9fd09a8dfb8c59a44e9b2b51658e9e638a855635 (diff)
Add token based security feature
In the current setup users could be tricked into deleting their data by providing a malicious link like `[click me](/me/delete)`. This commit prevents such an easy attack and need the user's deleteToken to get his data deleted. In case someone requests his deletion by email you can also ask him for this token. We can add a GUI that shows it later on. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Diffstat (limited to 'lib/web')
-rw-r--r--lib/web/userRouter.js20
1 files changed, 12 insertions, 8 deletions
diff --git a/lib/web/userRouter.js b/lib/web/userRouter.js
index b8bd9154..6832d901 100644
--- a/lib/web/userRouter.js
+++ b/lib/web/userRouter.js
@@ -38,25 +38,29 @@ UserRouter.get('/me', function (req, res) {
})
// delete the currently authenticated user
-UserRouter.get('/me/delete', function (req, res) {
+UserRouter.get('/me/delete/:token?', function (req, res) {
if (req.isAuthenticated()) {
models.User.findOne({
where: {
id: req.user.id
}
}).then(function (user) {
- if (!user) { return response.errorNotFound(res) }
- user.destroy().then(function () {
- res.redirect(config.serverURL + '/')
- })
+ if (!user) {
+ return response.errorNotFound(res)
+ }
+ if (user.deleteToken === req.params.token) {
+ user.destroy().then(function () {
+ res.redirect(config.serverURL + '/')
+ })
+ } else {
+ return response.errorForbidden(res)
+ }
}).catch(function (err) {
logger.error('delete user failed: ' + err)
return response.errorInternalError(res)
})
} else {
- res.send({
- status: 'forbidden'
- })
+ return response.errorForbidden(res)
}
})
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 12:27:23 +0000