Enforce deletion environment variables server side; added logging

This commit is contained in:
gbuomprisco
2024-10-08 00:37:35 +02:00
parent 67f428a56d
commit e9500463bf
2 changed files with 46 additions and 1 deletions

View File

@@ -6,6 +6,7 @@ import { redirect } from 'next/navigation';
import { z } from 'zod';
import { enhanceAction } from '@kit/next/actions';
import { getLogger } from '@kit/shared/logger';
import { getSupabaseServerAdminClient } from '@kit/supabase/server-admin-client';
import { getSupabaseServerClient } from '@kit/supabase/server-client';
@@ -14,6 +15,9 @@ import { createDeletePersonalAccountService } from './services/delete-personal-a
const emailSettings = getEmailSettingsFromEnvironment();
const enableAccountDeletion =
process.env.NEXT_PUBLIC_ENABLE_PERSONAL_ACCOUNT_DELETION === 'true';
export async function refreshAuthSession() {
const client = getSupabaseServerClient();
@@ -24,6 +28,8 @@ export async function refreshAuthSession() {
export const deletePersonalAccountAction = enhanceAction(
async (formData: FormData, user) => {
const logger = await getLogger();
// validate the form data
const { success } = DeletePersonalAccountSchema.safeParse(
Object.fromEntries(formData.entries()),
@@ -33,6 +39,19 @@ export const deletePersonalAccountAction = enhanceAction(
throw new Error('Invalid form data');
}
const ctx = {
name: 'account.delete',
userId: user.id,
};
if (!enableAccountDeletion) {
logger.warn(ctx, `Account deletion is not enabled`);
throw new Error('Account deletion is not enabled');
}
logger.info(ctx, `Deleting account...`);
const client = getSupabaseServerClient();
// create a new instance of the personal accounts service
@@ -49,6 +68,8 @@ export const deletePersonalAccountAction = enhanceAction(
emailSettings,
});
logger.info(ctx, `Account request successfully sent`);
// clear the cache for all pages
revalidatePath('/', 'layout');