fix: require >1 provider for unlink account endpoints (fixes #29)
This commit is contained in:
parent
d223cd89e8
commit
004403895a
|
@ -40,6 +40,16 @@ type User struct {
|
|||
DeleteReason *string
|
||||
}
|
||||
|
||||
func (u User) NumProviders() (numProviders int) {
|
||||
if u.Discord != nil {
|
||||
numProviders++
|
||||
}
|
||||
if u.Fediverse != nil {
|
||||
numProviders++
|
||||
}
|
||||
return numProviders
|
||||
}
|
||||
|
||||
// usernames must match this regex
|
||||
var usernameRegex = regexp.MustCompile(`^[\w-.]{2,40}$`)
|
||||
|
||||
|
|
|
@ -222,6 +222,11 @@ func (s *Server) discordUnlink(w http.ResponseWriter, r *http.Request) error {
|
|||
return server.APIError{Code: server.ErrNotLinked}
|
||||
}
|
||||
|
||||
// cannot unlink last auth provider
|
||||
if u.NumProviders() <= 1 {
|
||||
return server.APIError{Code: server.ErrLastProvider}
|
||||
}
|
||||
|
||||
err = u.UnlinkDiscord(ctx, s.DB)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "updating user in db")
|
||||
|
|
|
@ -249,6 +249,11 @@ func (s *Server) mastodonUnlink(w http.ResponseWriter, r *http.Request) error {
|
|||
return server.APIError{Code: server.ErrNotLinked}
|
||||
}
|
||||
|
||||
// cannot unlink last auth provider
|
||||
if u.NumProviders() <= 1 {
|
||||
return server.APIError{Code: server.ErrLastProvider}
|
||||
}
|
||||
|
||||
err = u.UnlinkFedi(ctx, s.DB)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "updating user in db")
|
||||
|
|
|
@ -96,6 +96,7 @@ const (
|
|||
ErrUnsupportedInstance = 1013 // unsupported fediverse software
|
||||
ErrAlreadyLinked = 1014 // user already has linked account of the same type
|
||||
ErrNotLinked = 1015 // user already doesn't have a linked account
|
||||
ErrLastProvider = 1016 // unlinking provider would leave account with no authentication method
|
||||
|
||||
// User-related error codes
|
||||
ErrUserNotFound = 2001
|
||||
|
@ -134,6 +135,7 @@ var errCodeMessages = map[int]string{
|
|||
ErrUnsupportedInstance: "Unsupported instance software",
|
||||
ErrAlreadyLinked: "Your account is already linked to an account of this type",
|
||||
ErrNotLinked: "Your account is already not linked to an account of this type",
|
||||
ErrLastProvider: "This is your account's only authentication provider",
|
||||
|
||||
ErrUserNotFound: "User not found",
|
||||
|
||||
|
@ -169,6 +171,7 @@ var errCodeStatuses = map[int]int{
|
|||
ErrUnsupportedInstance: http.StatusBadRequest,
|
||||
ErrAlreadyLinked: http.StatusBadRequest,
|
||||
ErrNotLinked: http.StatusBadRequest,
|
||||
ErrLastProvider: http.StatusBadRequest,
|
||||
|
||||
ErrUserNotFound: http.StatusNotFound,
|
||||
|
||||
|
|
|
@ -109,6 +109,7 @@ export enum ErrorCode {
|
|||
UnsupportedInstance = 1013,
|
||||
AlreadyLinked = 1014,
|
||||
NotLinked = 1015,
|
||||
LastProvider = 1016,
|
||||
|
||||
UserNotFound = 2001,
|
||||
|
||||
|
|
Loading…
Reference in New Issue