Add possibility to delete the registered user and reset 2FAuth data

2025-08-09 05:54:34 +02:00 · 2022-03-28 13:45:19 +02:00
parent 984e6d253c
commit cdfda1591b
8 changed files with 152 additions and 5 deletions
--- a/app/Http/Controllers/Auth/UserController.php
+++ b/app/Http/Controllers/Auth/UserController.php
@ -2,20 +2,36 @@

 namespace App\Http\Controllers\Auth;

+use App\Models\User;
+use App\Services\TwoFAccountService;
 use App\Http\Requests\UserUpdateRequest;
+use App\Http\Requests\UserDeleteRequest;
 use App\Api\v1\Resources\UserResource;
 use App\Http\Controllers\Controller;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Artisan;
 use App\Exceptions\UnsupportedWithReverseProxyException;
+use Exception;

 class UserController extends Controller
 {
    /**
-     * Create a new controller instance.
+     * The TwoFAccount Service instance.
     */
-    public function __construct()
+    protected $twofaccountService;
+
+
+    /**
+     * Create a new controller instance.
+     *
+     * @param  \App\Services\TwoFAccountService  $twofaccountService
+     * @return void
+     */
+    public function __construct(TwoFAccountService $twofaccountService)
    {
+        $this->twofaccountService = $twofaccountService;
        $authGuard = config('auth.defaults.guard');

        if ($authGuard === 'reverse-proxy-guard') {
@ -27,7 +43,7 @@ class UserController extends Controller
    /**
     * Update the user's profile information.
     *
-     * @param  \App\Api\v1\Requests\UserUpdateRequest $request
+     * @param  \App\Http\Requests\UserUpdateRequest $request
     * @return \App\Api\v1\Resources\UserResource
     */
    public function update(UserUpdateRequest $request)
@ -48,4 +64,45 @@ class UserController extends Controller

        return new UserResource($user);
    }
+
+    
+    /**
+     * Delete the user's account.
+     *
+     * @param  \App\Http\Requests\UserDeleteRequest $request
+     * @return \Illuminate\Http\JsonResponse
+     */
+    public function delete(UserDeleteRequest $request)
+    {
+        $validated = $request->validated();
+
+        if (!Hash::check( $validated['password'], Auth::user()->password) ) {
+            return response()->json(['message' => __('errors.wrong_current_password')], 400);
+        }
+
+        try {
+            DB::transaction(function () {
+                DB::table('twofaccounts')->delete();
+                DB::table('groups')->delete();
+                DB::table('options')->delete();
+                DB::table('web_authn_credentials')->delete();
+                DB::table('web_authn_recoveries')->delete();
+                DB::table('oauth_access_tokens')->delete();
+                DB::table('oauth_auth_codes')->delete();
+                DB::table('oauth_clients')->delete();
+                DB::table('oauth_personal_access_clients')->delete();
+                DB::table('oauth_refresh_tokens')->delete();
+                DB::table('password_resets')->delete();
+                DB::table('users')->delete();
+            });
+
+            Artisan::call('passport:install --force');
+            Artisan::call('config:clear');
+        }
+        catch (\Throwable $e) {
+            return response()->json(['message' => __('errors.user_deletion_failed')], 400);
+        }
+
+        return response()->json(null, 204);
+    }
 }