owltide/server/api/auth/account.delete.ts

/*
	SPDX-FileCopyrightText: © 2025 Hornwitser <code@hornwitser.no>
	SPDX-License-Identifier: AGPL-3.0-or-later
*/
import {
	readUsers, readSessions, readSubscriptions,
	writeUsers, writeSessions, writeSubscriptions,
} from "~/server/database";
import { broadcastEvent, cancelAccountStreams } from "~/server/streams";

export default defineEventHandler(async (event) => {
	const serverSession = await requireServerSessionWithUser(event);
	let users = await readUsers();

	// Expire sessions for this user
	const expiredSessionIds = new Set<number>();
	let sessions = await readSessions();
	const nowMs = Date.now();
	for (const session of sessions) {
		if (
			!session.finished
			&& session.successor !== undefined
			&& session.expiresAtMs < nowMs
			&& session.accountId === serverSession.accountId
		) {
			session.expiresAtMs = nowMs;
			broadcastEvent({
				type: "session-expired",
				sessionId: session.id,
			});
			expiredSessionIds.add(session.id);
		}
	}
	cancelAccountStreams(serverSession.accountId);
	await writeSessions(sessions);
	await deleteCookie(event, "session");

	// Remove subscriptions for this user
	let subscriptions = await readSubscriptions();
	subscriptions = subscriptions.filter(
		subscription => !expiredSessionIds.has(subscription.sessionId)
	);
	await writeSubscriptions(subscriptions);

	// Remove the user
	const account = users.find(user => user.id === serverSession.accountId)!;
	const now = new Date(nowMs).toISOString();
	account.deleted = true;
	account.updatedAt = now;
	await writeUsers(users);
	await broadcastEvent({
		type: "user-update",
		data: {
			id: account.id,
			updatedAt: now,
			deleted: true,
		}
	});

	// Update Schedule counts.
	await updateScheduleInterestedCounts(users);
})
License under AGPL version 3 or later I firmly believe in free software. The application I'm making here have capabilities that I've not seen in any system. It presents itself as an opportunity to collaborate on a tool that serves the people rather than corporations. Whose incentives are to help people rather, not make the most money. And whose terms ensure that these freedoms and incentives cannot be taken back or subverted. I license this software under the AGPL. 2025-06-30 18:58:24 +02:00			`/*`
			`SPDX-FileCopyrightText: © 2025 Hornwitser <code@hornwitser.no>`
			`SPDX-License-Identifier: AGPL-3.0-or-later`
			`*/`
Add delete account function 2025-03-07 22:28:55 +01:00			`import {`
Refactor user storage and update Rename accounts to users to be consistent with the new naming scheme where account only referes to the logged in user of the session and implement live updates of users via a user store which listens for updates from the event stream. 2025-06-23 00:17:22 +02:00			`readUsers, readSessions, readSubscriptions,`
			`writeUsers, writeSessions, writeSubscriptions,`
Fix import statements Remove unused or unneeded imports and change imports of luxon APIs to use the wrapper. 2025-06-23 12:48:09 +02:00			`} from "~/server/database";`
Refactor user storage and update Rename accounts to users to be consistent with the new naming scheme where account only referes to the logged in user of the session and implement live updates of users via a user store which listens for updates from the event stream. 2025-06-23 00:17:22 +02:00			`import { broadcastEvent, cancelAccountStreams } from "~/server/streams";`
Add delete account function 2025-03-07 22:28:55 +01:00
			`export default defineEventHandler(async (event) => {`
Refactor sessions to frequently rotate In order to minimise the window of opportunity to steal a session, automatically rotate it onto a new session on a frequent basis. This makes a session cookie older than the automatic rollover time less likely to grant access and more likely to be detected. Should a stolen session cookie get rotated while the attacker is using it, the user will be notificed that their session has been taken the next time they open the app if the user re-visits the website before the session is discarded. 2025-07-07 22:42:49 +02:00			`const serverSession = await requireServerSessionWithUser(event);`
Refactor user storage and update Rename accounts to users to be consistent with the new naming scheme where account only referes to the logged in user of the session and implement live updates of users via a user store which listens for updates from the event stream. 2025-06-23 00:17:22 +02:00			`let users = await readUsers();`
Add delete account function 2025-03-07 22:28:55 +01:00
Close event streams for expired sessions When a session expires close any event streams that have been opened with that session. This prevents an attacker with a leaked session cookie from opening a stream and receiving updates indefinitely without being detected. By sending the session the event stream is opened with when the stream is established this closure on session expiry also serves as a way for a user agent to be notified whenever its own access level changes. 2025-07-08 15:43:14 +02:00			`// Expire sessions for this user`
			`const expiredSessionIds = new Set<number>();`
Add delete account function 2025-03-07 22:28:55 +01:00			`let sessions = await readSessions();`
Close event streams for expired sessions When a session expires close any event streams that have been opened with that session. This prevents an attacker with a leaked session cookie from opening a stream and receiving updates indefinitely without being detected. By sending the session the event stream is opened with when the stream is established this closure on session expiry also serves as a way for a user agent to be notified whenever its own access level changes. 2025-07-08 15:43:14 +02:00			`const nowMs = Date.now();`
			`for (const session of sessions) {`
			`if (`
			`!session.finished`
			`&& session.successor !== undefined`
			`&& session.expiresAtMs < nowMs`
			`&& session.accountId === serverSession.accountId`
			`) {`
			`session.expiresAtMs = nowMs;`
			`broadcastEvent({`
			`type: "session-expired",`
			`sessionId: session.id,`
			`});`
			`expiredSessionIds.add(session.id);`
Add delete account function 2025-03-07 22:28:55 +01:00			`}`
Close event streams for expired sessions When a session expires close any event streams that have been opened with that session. This prevents an attacker with a leaked session cookie from opening a stream and receiving updates indefinitely without being detected. By sending the session the event stream is opened with when the stream is established this closure on session expiry also serves as a way for a user agent to be notified whenever its own access level changes. 2025-07-08 15:43:14 +02:00			`}`
Refactor sessions to frequently rotate In order to minimise the window of opportunity to steal a session, automatically rotate it onto a new session on a frequent basis. This makes a session cookie older than the automatic rollover time less likely to grant access and more likely to be detected. Should a stolen session cookie get rotated while the attacker is using it, the user will be notificed that their session has been taken the next time they open the app if the user re-visits the website before the session is discarded. 2025-07-07 22:42:49 +02:00			`cancelAccountStreams(serverSession.accountId);`
Add delete account function 2025-03-07 22:28:55 +01:00			`await writeSessions(sessions);`
			`await deleteCookie(event, "session");`

Refactor user storage and update Rename accounts to users to be consistent with the new naming scheme where account only referes to the logged in user of the session and implement live updates of users via a user store which listens for updates from the event stream. 2025-06-23 00:17:22 +02:00			`// Remove subscriptions for this user`
Add delete account function 2025-03-07 22:28:55 +01:00			`let subscriptions = await readSubscriptions();`
			`subscriptions = subscriptions.filter(`
Close event streams for expired sessions When a session expires close any event streams that have been opened with that session. This prevents an attacker with a leaked session cookie from opening a stream and receiving updates indefinitely without being detected. By sending the session the event stream is opened with when the stream is established this closure on session expiry also serves as a way for a user agent to be notified whenever its own access level changes. 2025-07-08 15:43:14 +02:00			`subscription => !expiredSessionIds.has(subscription.sessionId)`
Add delete account function 2025-03-07 22:28:55 +01:00			`);`
			`await writeSubscriptions(subscriptions);`

Refactor user storage and update Rename accounts to users to be consistent with the new naming scheme where account only referes to the logged in user of the session and implement live updates of users via a user store which listens for updates from the event stream. 2025-06-23 00:17:22 +02:00			`// Remove the user`
Refactor sessions to frequently rotate In order to minimise the window of opportunity to steal a session, automatically rotate it onto a new session on a frequent basis. This makes a session cookie older than the automatic rollover time less likely to grant access and more likely to be detected. Should a stolen session cookie get rotated while the attacker is using it, the user will be notificed that their session has been taken the next time they open the app if the user re-visits the website before the session is discarded. 2025-07-07 22:42:49 +02:00			`const account = users.find(user => user.id === serverSession.accountId)!;`
Close event streams for expired sessions When a session expires close any event streams that have been opened with that session. This prevents an attacker with a leaked session cookie from opening a stream and receiving updates indefinitely without being detected. By sending the session the event stream is opened with when the stream is established this closure on session expiry also serves as a way for a user agent to be notified whenever its own access level changes. 2025-07-08 15:43:14 +02:00			`const now = new Date(nowMs).toISOString();`
Refactor user storage and update Rename accounts to users to be consistent with the new naming scheme where account only referes to the logged in user of the session and implement live updates of users via a user store which listens for updates from the event stream. 2025-06-23 00:17:22 +02:00			`account.deleted = true;`
			`account.updatedAt = now;`
			`await writeUsers(users);`
			`await broadcastEvent({`
			`type: "user-update",`
			`data: {`
			`id: account.id,`
			`updatedAt: now,`
			`deleted: true,`
			`}`
			`});`
Add delete account function 2025-03-07 22:28:55 +01:00
			`// Update Schedule counts.`
Refactor user storage and update Rename accounts to users to be consistent with the new naming scheme where account only referes to the logged in user of the session and implement live updates of users via a user store which listens for updates from the event stream. 2025-06-23 00:17:22 +02:00			`await updateScheduleInterestedCounts(users);`
Add delete account function 2025-03-07 22:28:55 +01:00			`})`