From c825beb305e84bb4929124b0d7c7d6a133d8aef3 Mon Sep 17 00:00:00 2001 From: Aevann Date: Fri, 15 Nov 2024 16:45:30 +0200 Subject: [PATCH] log account deletion requests on rdrama --- files/classes/__init__.py | 4 +-- files/helpers/config/const.py | 3 +- files/routes/settings.py | 41 ++++++++++++-------------- files/templates/settings/security.html | 6 +--- 4 files changed, 22 insertions(+), 32 deletions(-) diff --git a/files/classes/__init__.py b/files/classes/__init__.py index e21c8d291..83404f4df 100644 --- a/files/classes/__init__.py +++ b/files/classes/__init__.py @@ -40,8 +40,6 @@ from .currency_logs import * if FEATURES['IP_LOGGING']: from .ip_logs import * -if FEATURES['ACCOUNT_DELETION']: - from .account_deletion import * - from .edit_logs import * from .chats import * +from .account_deletion import * diff --git a/files/helpers/config/const.py b/files/helpers/config/const.py index 69a6f1561..7c6804d10 100644 --- a/files/helpers/config/const.py +++ b/files/helpers/config/const.py @@ -374,6 +374,7 @@ GET_HELP_MESSAGE = "Hi there,\n\nA [concerned user](/id/{vid}) reached out to us if SITE_NAME == 'rDrama': FEATURES['BLOCK_MUTE_EXILE_EXPIRY'] = True + FEATURES['ACCOUNT_DELETION'] = False DEFAULT_PRONOUNS = 'they/them' @@ -962,8 +963,6 @@ BADGE_BLACKLIST = PATRON_BADGES + ( # only grantable by admins higher than PERMS ) if SITE in {'rdrama.net', 'staging.rdrama.net'}: - FEATURES['ACCOUNT_DELETION'] = False - NOTIFICATION_SPAM_AGE_THRESHOLD = 0.5 * 86400 TELEGRAM_ID = "rdramanet" diff --git a/files/routes/settings.py b/files/routes/settings.py index c9d480a38..e0bd9ebaf 100644 --- a/files/routes/settings.py +++ b/files/routes/settings.py @@ -1175,29 +1175,26 @@ def settings_age(v): return {"message": "Age successfully updated!"} +@app.post("/settings/delete_account") +@limiter.limit('1/second', scope=rpath) +@limiter.limit('1/second', scope=rpath, key_func=get_ID) +@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400) +@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID) +@auth_required +def settings_delete_account(v): + submitted_password = request.values.get("password", "").strip() + if not v.verifyPass(submitted_password): + stop(400, "Incorrect password!") -if FEATURES['ACCOUNT_DELETION']: - @app.post("/settings/delete_account") - @limiter.limit('1/second', scope=rpath) - @limiter.limit('1/second', scope=rpath, key_func=get_ID) - @limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400) - @limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID) - @auth_required - def settings_delete_account(v): - submitted_password = request.values.get("password", "").strip() - if not v.verifyPass(submitted_password): - stop(400, "Incorrect password!") + account_deletion = AccountDeletion(user_id=v.id) + g.db.add(account_deletion) - v.login_nonce += 1 - g.db.add(v) + if not FEATURES['ACCOUNT_DELETION']: + return redirect(f"{SITE_FULL_IMAGES}/i/mrburns.webp") - account_deletion = AccountDeletion(user_id=v.id) - g.db.add(account_deletion) + v.login_nonce += 1 + g.db.add(v) - return render_template("message.html", - title="Your account will be deleted in 30 days.", - message="You can (and should) log back in before then to cancel this. Not that we want you here or anything. Whatever bitch."), 202 -else: - @app.get("/settings/delete_account") - def settings_delete_account(): - return redirect(f"{SITE_FULL_IMAGES}/i/mrburns.webp") \ No newline at end of file + return render_template("message.html", + title="Your account will be deleted in 30 days.", + message="You can (and should) log back in before then to cancel this. Not that we want you here or anything. Whatever bitch."), 202 \ No newline at end of file diff --git a/files/templates/settings/security.html b/files/templates/settings/security.html index d78afe7ba..6502187f7 100644 --- a/files/templates/settings/security.html +++ b/files/templates/settings/security.html @@ -137,11 +137,7 @@