From d0344d3c87a13fb5edaba5c2386adf571ed8267d Mon Sep 17 00:00:00 2001 From: anuveyatsu Date: Thu, 1 Apr 2021 18:27:34 +0600 Subject: [PATCH] [auth][xs]: bug fixes on user account delete. - 'deleteIdentity' method is moved to 'AdminApi' now. - if deleting an identity fails, we should not display 500 error page but just a flash message. --- routes/auth/index.js | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/routes/auth/index.js b/routes/auth/index.js index 202e0d16..58d08403 100644 --- a/routes/auth/index.js +++ b/routes/auth/index.js @@ -1,5 +1,5 @@ const request = require('request') -const { Configuration, PublicApi } = require('@oryd/kratos-client') +const { Configuration, PublicApi, AdminApi } = require('@oryd/kratos-client') const config = require('../../config') const { authHandler } = require('./authHandler') const { dashboard } = require('./dashboard') @@ -7,7 +7,8 @@ const { errorHandler } = require('./errorHandler') const logger = require('../../utils/logger') const proxy = require('express-http-proxy') -const kratos = new PublicApi(new Configuration({basePath: config.get('kratos').public})) +const kratos = new PublicApi(new Configuration({ basePath: config.get('kratos').public })) +const adminApi = new AdminApi(new Configuration({ basePath: config.get('kratos').admin })) const protect = (req, res, next) => { // When using ORY Oathkeeper, the redirection is done by ORY Oathkeeper. @@ -68,13 +69,17 @@ module.exports = function(app) { res.redirect('/.ory/kratos/public/self-service/browser/flows/logout') }) app.post('/auth/delete', protect, (req, res, next) => { - kratos.deleteIdentity(res.locals.userId) + adminApi.deleteIdentity(res.locals.userId) .then(response => { res.redirect('/auth/registration') }) .catch(err => { logger.error(err) - next(err) + req.flash( + 'info', + 'We could not delete your account this time. Please, try again later. If the issue persists, please contact the site administration.' + ) + res.redirect('/settings') }) }) app.get('/error', errorHandler)