diff options
author | Frédéric Guillot <fred@miniflux.net> | 2018-04-29 17:04:23 -0700 |
---|---|---|
committer | Frédéric Guillot <fred@miniflux.net> | 2018-04-29 17:04:43 -0700 |
commit | b166ceaea72dc6db77467621ffc270fbdccb6566 (patch) | |
tree | d0e9c96cf6e4255196332bc9bae07e79b88a83c8 /ui/oauth2_unlink.go | |
parent | f49b42f70f902d4da1e0fa4080e99164b331b716 (diff) |
Avoid people to unlink their OAuth2 account without having a local password
Diffstat (limited to 'ui/oauth2_unlink.go')
-rw-r--r-- | ui/oauth2_unlink.go | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/ui/oauth2_unlink.go b/ui/oauth2_unlink.go index e67c6fe..4421092 100644 --- a/ui/oauth2_unlink.go +++ b/ui/oauth2_unlink.go @@ -33,13 +33,25 @@ func (c *Controller) OAuth2Unlink(w http.ResponseWriter, r *http.Request) { } ctx := context.New(r) + sess := session.New(c.store, ctx) + + hasPassword, err := c.store.HasPassword(ctx.UserID()) + if err != nil { + html.ServerError(w, err) + return + } + + if !hasPassword { + sess.NewFlashErrorMessage(c.translator.GetLanguage(ctx.UserLanguage()).Get("You must define a password otherwise you won't be able to login again.")) + response.Redirect(w, r, route.Path(c.router, "settings")) + return + } + if err := c.store.RemoveExtraField(ctx.UserID(), authProvider.GetUserExtraKey()); err != nil { html.ServerError(w, err) return } - sess := session.New(c.store, ctx) sess.NewFlashMessage(c.translator.GetLanguage(ctx.UserLanguage()).Get("Your external account is now dissociated!")) response.Redirect(w, r, route.Path(c.router, "settings")) - return } |