From 9430942cb5b1993504c2f089632051bee8740f0e Mon Sep 17 00:00:00 2001
From: Craig Oates <craig@craigoates.net>
Date: Sat, 8 Oct 2022 12:01:21 +0100
Subject: [PATCH] update /user/delete defroute: add 'type username input
 check'.

When the user wants to delete their account they must now enter their
username as part of the form they submit. This is so they don't
accidently delete thier account.
---
 src/web.lisp | 41 +++++++++++++++++++++++++++--------------
 1 file changed, 27 insertions(+), 14 deletions(-)

diff --git a/src/web.lisp b/src/web.lisp
index d3004bc..3e041dc 100644
--- a/src/web.lisp
+++ b/src/web.lisp
@@ -545,25 +545,38 @@
 
 (defroute ("/user/delete" :method :POST) ()
   (destructuring-bind
-      (&key authenticity-token &allow-other-keys)
+      (&key authenticity-token delete-account-check &allow-other-keys)
       (utils:request-params (lack.request:request-body-parameters ningle:*request*))
     (cond ((not (string= authenticity-token (auth:csrf-token)))
 	   `(,+forbidden+ (:content-type "text/plain") ("Denied")))
 	  (t (hermetic:auth (:logged-in)
 			    ;; Authorised
-			    (progn
-			      (nera-db:delete-user
-			       (user::username-of (auth:get-current-user)))
-			      (hermetic:logout
-			       ;; Successful log-out -- after account deleted
-			       ;; (session data cleared).
-			       (progn (auth:flash-gethash :id ningle:*session*)
-				      (redirect "/"))
-			       ;; Failed log-out -- after account deleted
-			       ;; (session data persits).
-			       (progn (utils:set-alert
-				       "Unable to delete session data." "error")
-				      (redirect "/"))))
+			    (cond ((utils:string-is-nil-or-empty? delete-account-check)
+				   (utils:set-alert
+				    "No username entered. Account not deleted."
+				    "missing-data")
+				   (redirect "/user/edit"))
+				  ((not (string= delete-account-check
+						 (user::username-of
+						  (auth:get-current-user))))
+				   (utils:set-alert
+				    "Wrong username entered. Account not deleted."
+				    "invalid-data")
+				   (redirect "/user/edit"))
+				  (t
+				   (progn
+				     (nera-db:delete-user
+				      (user::username-of (auth:get-current-user)))
+				     (hermetic:logout
+				      ;; Successful log-out -- after account deleted
+				      ;; (session data cleared).
+				      (progn (auth:flash-gethash :id ningle:*session*)
+					     (redirect "/"))
+				      ;; Failed log-out -- after account deleted
+				      ;; (session data persits).
+				      (progn (utils:set-alert
+					      "Unable to delete session data." "error")
+					     (redirect "/"))))))
 			    ;; Not Authorised
 			    (progn (utils:set-alert "You are not logged in."
 						    "error")