account recovery to delete via email

2025-07-02 00:22:50 -05:00 · 2017-08-09 10:53:42 -04:00
parent 503370d059
commit b2295f867b
13 changed files with 164 additions and 1 deletions
--- a/src/Core/Services/Implementations/RazorViewMailService.cs
+++ b/src/Core/Services/Implementations/RazorViewMailService.cs
@ -47,6 +47,25 @@ namespace Bit.Core.Services
            await _mailDeliveryService.SendEmailAsync(message);
        }

+        public async Task SendVerifyDeleteEmailAsync(string email, Guid userId, string token)
+        {
+            var message = CreateDefaultMessage("Delete Your Account", email);
+            var model = new VerifyDeleteModel
+            {
+                Token = WebUtility.UrlEncode(token),
+                UserId = userId,
+                WebVaultUrl = _globalSettings.BaseServiceUri.Vault,
+                SiteName = _globalSettings.SiteName,
+                Email = email,
+                EmailEncoded = WebUtility.UrlEncode(email)
+            };
+            message.HtmlContent = _engine.Parse("VerifyDelete", model);
+            message.TextContent = _engine.Parse("VerifyDelete.text", model);
+            message.MetaData.Add("SendGridBypassListManagement", true);
+
+            await _mailDeliveryService.SendEmailAsync(message);
+        }
+
        public async Task SendChangeEmailAlreadyExistsEmailAsync(string fromEmail, string toEmail)
        {
            var message = CreateDefaultMessage("Your Email Change", toEmail);
--- a/src/Core/Services/Implementations/SendGridTemplateMailService.cs
+++ b/src/Core/Services/Implementations/SendGridTemplateMailService.cs
@ -11,6 +11,7 @@ namespace Bit.Core.Services
    {
        private const string WelcomeTemplateId = "045f8ad5-5547-4fa2-8d3d-6d46e401164d";
        private const string VerifyEmailTemplateId = "TODO";
+        private const string VerifyDeleteTemplateId = "TODO";
        private const string ChangeEmailAlreadyExistsTemplateId = "b69d2038-6ad9-4cf6-8f7f-7880921cba43";
        private const string ChangeEmailTemplateId = "ec2c1471-8292-4f17-b6b6-8223d514f86e";
        private const string TwoFactorEmailTemplateId = "264cfe69-5258-4c89-8d90-76b4659de589";
@ -53,7 +54,7 @@ namespace Bit.Core.Services
               email,
               VerifyEmailTemplateId);

-            AddSubstitution(message, "{{token}}", Uri.EscapeDataString(token));
+            AddSubstitution(message, "{{token}}", WebUtility.UrlEncode(token));
            AddSubstitution(message, "{{userId}}", userId.ToString());
            AddCategories(message, new List<string> { AdministrativeCategoryName, "Verify Email" });
            message.MetaData.Add("SendGridBypassListManagement", true);
@ -61,6 +62,23 @@ namespace Bit.Core.Services
            await _mailDeliveryService.SendEmailAsync(message);
        }

+        public async Task SendVerifyDeleteEmailAsync(string email, Guid userId, string token)
+        {
+            var message = CreateDefaultMessage(
+               "Delete Your Account",
+               email,
+               VerifyDeleteTemplateId);
+
+            AddSubstitution(message, "{{token}}", WebUtility.UrlEncode(token));
+            AddSubstitution(message, "{{email}}", email);
+            AddSubstitution(message, "{{emailUrlEncoded}}", WebUtility.UrlEncode(email));
+            AddSubstitution(message, "{{userId}}", userId.ToString());
+            AddCategories(message, new List<string> { AdministrativeCategoryName, "Verify Delete" });
+            message.MetaData.Add("SendGridBypassListManagement", true);
+
+            await _mailDeliveryService.SendEmailAsync(message);
+        }
+
        public async Task SendChangeEmailAlreadyExistsEmailAsync(string fromEmail, string toEmail)
        {
            var message = CreateDefaultMessage(
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@ -178,6 +178,29 @@ namespace Bit.Core.Services
            return IdentityResult.Success;
        }

+        public async Task<IdentityResult> DeleteAsync(User user, string token)
+        {
+            if(!(await VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, "DeleteAccount", token)))
+            {
+                return IdentityResult.Failed(ErrorDescriber.InvalidToken());
+            }
+
+            return await DeleteAsync(user);
+        }
+
+        public async Task SendDeleteConfirmationAsync(string email)
+        {
+            var user = await _userRepository.GetByEmailAsync(email);
+            if(user == null)
+            {
+                // No user exists.
+                return;
+            }
+
+            var token = await base.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "DeleteAccount");
+            await _mailService.SendVerifyDeleteEmailAsync(user.Email, user.Id, token);
+        }
+
        public async Task<IdentityResult> RegisterUserAsync(User user, string masterPassword)
        {
            var result = await base.CreateAsync(user, masterPassword);