def post(self): if self.user: if not self.check_state(): self.redirect("/") return # Deactivate account by deleting from User database and # adding to the DeactAccounts database. d = DeactAccounts.create(self.user.key().id(), self.user.name, self.user.email) # Delete user User.remove(self.user.key().id()) # Genrate list of article-keys for the deleted user. article_key_list = Article.keys_by_author(self.user.key().id()) for key in article_key_list: # Store article in DeletdArticle DB article = Article.by_id(key.id()) del_art = DeletdArticle.create(article.title, article.body, article.author) del_art.put() # Delete article from Article DB Article.remove(key.id()) # Logout (delete coockie) self.logout() # Send email notification self.send_email(d.email, 'email_subject.html', 'email_account_deleted.html', subject_type = 'account_deleted') # Render page with message that account was deleted self.session.add_flash('message_delete_account_1', key='homepage_flashes') self.session.add_flash(d.email, key='deleted_email') self.redirect("/") else: # Prompt user to login. self.session.add_flash('message_user_settings_1', key='homepage_flashes') self.redirect("/")
def post(self): if self.user: if not self.check_state(): logging.warning("Possible CSRF attack detected!") self.redirect("/") return # Get user input input_password = self.request.get('password') # Check input and set error messages. error_password="" have_error = False if not valid_pw(self.user.email, input_password, self.user.pw_hash): # Set the error-message: incorrect password. error_password = True have_error = True if have_error: state = self.make_state() # Render page with error-messages. self.render('delete_account.html', user = self.user, error_password = error_password, state = state) else: # Deactivate account by deleting from User database and # adding to the DeactAccounts database. d = DeactAccounts.create(self.user.key().id(), self.user.name, self.user.email) d.put() # Delete user User.remove(self.user.key().id()) # Genrate list of article-keys for the deleted user. article_key_list = Article.keys_by_author(self.user.key().id()) for key in article_key_list: # Store article in DeletdArticle DB article = Article.by_id(key.id()) del_art = DeletdArticle.create(article.title, article.body, article.author) del_art.put() # Delete article from Article DB Article.remove(key.id()) # Logout (delete coockie) self.logout() # Send email notification self.send_email(d.email, 'email_subject.html', 'email_account_deleted.html', subject_type = 'account_deleted') # Render page with message that account was deleted self.render('message.html', message_delete_account_1 = True, deleted_email = d.email) else: # Prompt user to login. self.render('message.html', message_user_settings_1 = True)