patrick/sojorn
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
sojorn/_legacy/supabase/functions/deactivate-account/index.ts
Patrick Britton 434937961c security: sanitized baseline for public release
2026-02-15 00:33:24 -06:00

169 lines
4.8 KiB
TypeScript
Raw Blame History

/**
* POST /deactivate-account - Deactivate user account (reactivatable within 30 days)
* POST /deactivate-account/reactivate - Reactivate a deactivated account
*
* Design intent:
* - Allows users to temporarily deactivate their account
* - Account can be reactivated by logging in
* - Profile and posts are hidden while deactivated
*/
import { serve } from 'https://deno.land/std@0.177.0/http/server.ts';
import { createSupabaseClient } from '../_shared/supabase-client.ts';
const ALLOWED_ORIGIN = Deno.env.get('ALLOWED_ORIGIN') || 'https://sojorn.net';
serve(async (req) => {
if (req.method === 'OPTIONS') {
return new Response(null, {
headers: {
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
'Access-Control-Allow-Methods': 'POST',
'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type',
},
});
}
try {
const authHeader = req.headers.get('Authorization');
if (!authHeader) {
return new Response(JSON.stringify({ error: 'Missing authorization header' }), {
status: 401,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
},
});
}
const supabase = createSupabaseClient(authHeader);
const {
data: { user },
error: authError,
} = await supabase.auth.getUser();
if (authError || !user) {
return new Response(JSON.stringify({ error: 'Unauthorized' }), {
status: 401,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
},
});
}
if (req.method !== 'POST') {
return new Response(JSON.stringify({ error: 'Method not allowed' }), {
status: 405,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
},
});
}
const url = new URL(req.url);
const isReactivate = url.pathname.endsWith('/reactivate');
if (isReactivate) {
// Reactivate account
const { data, error } = await supabase
.rpc('reactivate_account', { p_user_id: user.id });
if (error) {
console.error('Error reactivating account:', error);
return new Response(JSON.stringify({
error: 'Failed to reactivate account',
details: error.message
}), {
status: 500,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
},
});
}
if (!data || !data.success) {
return new Response(JSON.stringify({
error: data?.error || 'Account is not deactivated'
}), {
status: 400,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
},
});
}
return new Response(
JSON.stringify({
success: true,
message: 'Account reactivated successfully',
}),
{
status: 200,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
},
}
);
} else {
// Deactivate account
const { data, error } = await supabase
.rpc('deactivate_account', { p_user_id: user.id });
if (error) {
console.error('Error deactivating account:', error);
return new Response(JSON.stringify({
error: 'Failed to deactivate account',
details: error.message
}), {
status: 500,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
},
});
}
if (!data || !data.success) {
return new Response(JSON.stringify({
error: data?.error || 'Account already deactivated'
}), {
status: 400,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
},
});
}
return new Response(
JSON.stringify({
success: true,
message: 'Account deactivated successfully. You can reactivate it anytime by logging in.',
deactivated_at: data.deactivated_at,
}),
{
status: 200,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
},
}
);
}
} catch (error) {
console.error('Unexpected error:', error);
return new Response(JSON.stringify({ error: 'Internal server error' }), {
status: 500,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
},
});
}
});
Reference in a new issue View git blame Copy permalink