M admin.go → admin.go

@@ -20,7 +20,7 @@ // TODO improve cli
 func runAdminCommand() {
 	args := flag.Args() // again?
 	if len(args) < 3 {
-		fmt.Println("Expected subcommand with parameter activate-user|delete-user|make-admin")
+		fmt.Println("Expected subcommand with parameter activate-user|delete-user|make-admin|rename-user")
 		os.Exit(1)
 	}
 	var err error
@@ -39,6 +39,7 @@ case "rename-user":
 		username := args[2]
 		newUsername := args[3]
 		err = renameUser(username, newUsername)
+		// case "set-password":
 	}
 	if err != nil {
 		log.Fatal(err)
@@ -56,9 +57,14 @@ log.Println("Made admin user", username)
 	return nil
 }
 
+func setPassword(username string, newPass string) error {
+	return nil
+}
+
 func activateUser(username string) error {
-	_, err := DB.Exec("UPDATE user SET active = true WHERE username = $1", username)
+	_, err := DB.Exec("UPDATE user SET active = true WHERE username = ?", username)
 	if err != nil {
+		// TODO verify 1 row updated
 		return err
 	}
 	log.Println("Activated user", username)
@@ -84,8 +90,6 @@ err := isOkUsername(newUsername)
 	if err != nil {
 		return err
 	}
-	fmt.Println("Old user", oldUsername)
-	fmt.Println("new user", newUsername)
 	res, err := DB.Exec("UPDATE user set username = ? WHERE username = ?", newUsername, oldUsername)
 	if err != nil {
 		return err
@@ -104,6 +108,7 @@ // This would be bad. User in broken, insecure state.
 		// TODO some sort of better handling?
 		return err
 	}
+	log.Printf("Changed username from %s to %s", oldUsername, newUsername)
 	return nil
 }
 
@@ -113,6 +118,11 @@ if err != nil {
 		return err
 	}
 	username = filepath.Clean(username)
-	os.RemoveAll(path.Join(c.FilesDirectory, username))
+	err = os.RemoveAll(path.Join(c.FilesDirectory, username))
+	if err != nil {
+		// bad state
+		return err
+	}
+	log.Println("Deleted user", username)
 	return nil
 }

M http.go → http.go

@@ -287,7 +287,6 @@ }
 	} else if r.Method == "POST" {
 		r.ParseForm()
 		newUsername := r.Form.Get("username")
-		fmt.Println(newUsername)
 		errors := []string{}
 		newEmail := r.Form.Get("email")
 		newUsername = strings.ToLower(newUsername)
@@ -297,12 +296,13 @@ _, err = DB.Exec("update user set email = ? where username = ?", newEmail, me.Email)
 			if err != nil {
 				// TODO better error not sql
 				errors = append(errors, err.Error())
+			} else {
+				log.Printf("Changed email for %s from %s to %s", authUser, me.Email, newEmail)
 			}
 		}
 		if newUsername != authUser {
 			// Rename User
 			err = renameUser(authUser, newUsername)
-			fmt.Println(newEmail, me.Email, newUsername, authUser)
 			if err != nil {
 				errors = append(errors, err.Error())
 			} else {
@@ -556,6 +556,17 @@ http.ServeFile(w, r, fileName)
 	}
 }
 
+func deleteAccountHandler(w http.ResponseWriter, r *http.Request) {
+	_, authUser, _ := getAuthUser(r)
+	err := deleteUser(authUser)
+	if err != nil {
+		log.Println(err)
+		renderDefaultError(w, http.StatusInternalServerError)
+		return
+	}
+	logoutHandler(w, r)
+}
+
 func adminUserHandler(w http.ResponseWriter, r *http.Request) {
 	_, _, isAdmin := getAuthUser(r)
 	if r.Method == "POST" {
@@ -609,6 +620,7 @@ serveMux.HandleFunc(hostname+"/login", loginHandler)
 	serveMux.HandleFunc(hostname+"/logout", logoutHandler)
 	serveMux.HandleFunc(hostname+"/register", registerHandler)
 	serveMux.HandleFunc(hostname+"/delete/", deleteFileHandler)
+	serveMux.HandleFunc(hostname+"/delete-account", deleteAccountHandler)
 
 	// admin commands
 	serveMux.HandleFunc(hostname+"/admin/user/", adminUserHandler)

M templates/my_site.html → templates/my_site.html

@@ -70,5 +70,4 @@ <input type="file" id="myFile" name="file" multiple />
   <input type="submit" value="Upload file" class="button" />
 </form>
 <br>
-<p><a href="/my_site/flounder-archive.zip">🗄️ Download site archive (.zip)</a></p>
 {{template "footer" .}}