Account export / restore-into-new-tree / delete
New account_service + endpoints under /users/me: - GET /me/export — zip of every owned tree (account.json + media blobs). - POST /me/import — restore a backup into NEW trees (ids remapped, media re-uploaded); non-destructive, never touches existing data. - DELETE /me — soft-delete the user, their owned trees, and revoke sessions; guarded by retyping the account email. Settings page wires all three (export download, restore upload, delete with typed-email confirmation). No migration — uses existing tables + soft-delete. 52 backend tests pass (export→restore round-trip + delete guards); frontend builds. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -1,6 +1,7 @@
|
||||
"use client";
|
||||
|
||||
import { useEffect, useState } from "react";
|
||||
import { useEffect, useRef, useState } from "react";
|
||||
import { useRouter } from "next/navigation";
|
||||
|
||||
import { api } from "@/lib/api/client";
|
||||
import { Button } from "@/components/ui/button";
|
||||
@@ -8,6 +9,7 @@ import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card";
|
||||
import { Input } from "@/components/ui/input";
|
||||
|
||||
export default function SettingsPage() {
|
||||
const router = useRouter();
|
||||
const [me, setMe] = useState<{ display_name: string | null; email: string } | null>(null);
|
||||
|
||||
const [current, setCurrent] = useState("");
|
||||
@@ -16,10 +18,72 @@ export default function SettingsPage() {
|
||||
const [msg, setMsg] = useState<{ kind: "ok" | "err"; text: string } | null>(null);
|
||||
const [busy, setBusy] = useState(false);
|
||||
|
||||
// Data export / restore / delete.
|
||||
const [exporting, setExporting] = useState(false);
|
||||
const [restoreMsg, setRestoreMsg] = useState<string | null>(null);
|
||||
const [restoring, setRestoring] = useState(false);
|
||||
const restoreRef = useRef<HTMLInputElement>(null);
|
||||
const [deleteConfirm, setDeleteConfirm] = useState("");
|
||||
const [deleting, setDeleting] = useState(false);
|
||||
|
||||
useEffect(() => {
|
||||
api.GET("/api/v1/users/me").then((r) => setMe(r.data ?? null));
|
||||
}, []);
|
||||
|
||||
async function exportData() {
|
||||
setExporting(true);
|
||||
const resp = await fetch("/api/v1/users/me/export", { credentials: "include" });
|
||||
if (resp.ok) {
|
||||
const blob = await resp.blob();
|
||||
const url = URL.createObjectURL(blob);
|
||||
const a = document.createElement("a");
|
||||
a.href = url;
|
||||
a.download = "provenance-export.zip";
|
||||
a.click();
|
||||
URL.revokeObjectURL(url);
|
||||
}
|
||||
setExporting(false);
|
||||
}
|
||||
|
||||
async function restoreData(e: React.ChangeEvent<HTMLInputElement>) {
|
||||
const file = e.target.files?.[0];
|
||||
if (restoreRef.current) restoreRef.current.value = "";
|
||||
if (!file) return;
|
||||
setRestoring(true);
|
||||
setRestoreMsg(null);
|
||||
const fd = new FormData();
|
||||
fd.append("file", file);
|
||||
const resp = await fetch("/api/v1/users/me/import", {
|
||||
method: "POST",
|
||||
body: fd,
|
||||
credentials: "include",
|
||||
});
|
||||
setRestoring(false);
|
||||
if (resp.ok) {
|
||||
const c = await resp.json();
|
||||
setRestoreMsg(`Restored ${c.trees} tree(s), ${c.persons} people into new trees.`);
|
||||
} else {
|
||||
setRestoreMsg("That doesn't look like a valid Provenance export.");
|
||||
}
|
||||
}
|
||||
|
||||
async function deleteAccount() {
|
||||
if (deleteConfirm !== me?.email) return;
|
||||
setDeleting(true);
|
||||
const fd = new FormData();
|
||||
fd.append("confirm_email", deleteConfirm);
|
||||
const resp = await fetch("/api/v1/users/me", {
|
||||
method: "DELETE",
|
||||
body: fd,
|
||||
credentials: "include",
|
||||
});
|
||||
setDeleting(false);
|
||||
if (resp.ok) {
|
||||
await api.POST("/api/v1/auth/logout");
|
||||
router.push("/register");
|
||||
}
|
||||
}
|
||||
|
||||
async function changePassword(e: React.FormEvent) {
|
||||
e.preventDefault();
|
||||
setMsg(null);
|
||||
@@ -109,10 +173,55 @@ export default function SettingsPage() {
|
||||
<CardHeader>
|
||||
<CardTitle className="text-base">Your data</CardTitle>
|
||||
</CardHeader>
|
||||
<CardContent>
|
||||
<CardContent className="space-y-5">
|
||||
<div className="space-y-2">
|
||||
<p className="text-sm text-[var(--muted)]">
|
||||
Download a complete backup of every tree you own — people, sources, media, and
|
||||
all — as a zip.
|
||||
</p>
|
||||
<Button variant="outline" onClick={exportData} disabled={exporting}>
|
||||
{exporting ? "Preparing…" : "Export all my data"}
|
||||
</Button>
|
||||
</div>
|
||||
|
||||
<div className="space-y-2 border-t border-[var(--border)] pt-4">
|
||||
<p className="text-sm text-[var(--muted)]">
|
||||
Restore a backup. It’s imported into <strong>new</strong> trees — nothing existing
|
||||
is touched or overwritten.
|
||||
</p>
|
||||
<input ref={restoreRef} type="file" accept=".zip" onChange={restoreData} className="hidden" />
|
||||
<Button variant="outline" onClick={() => restoreRef.current?.click()} disabled={restoring}>
|
||||
{restoring ? "Restoring…" : "Restore from backup"}
|
||||
</Button>
|
||||
{restoreMsg && <p className="text-sm text-bronze">{restoreMsg}</p>}
|
||||
</div>
|
||||
</CardContent>
|
||||
</Card>
|
||||
|
||||
<Card className="border-red-300/60">
|
||||
<CardHeader>
|
||||
<CardTitle className="text-base text-red-700">Delete account</CardTitle>
|
||||
</CardHeader>
|
||||
<CardContent className="space-y-3">
|
||||
<p className="text-sm text-[var(--muted)]">
|
||||
Full-account export, restore, and account deletion are coming next.
|
||||
This deletes your account, the trees you own, and signs you out everywhere. Export
|
||||
your data first if you might want it. Type <strong>{me?.email}</strong> to confirm.
|
||||
</p>
|
||||
<div className="flex max-w-sm flex-col gap-2">
|
||||
<Input
|
||||
placeholder="your email"
|
||||
value={deleteConfirm}
|
||||
onChange={(e) => setDeleteConfirm(e.target.value)}
|
||||
/>
|
||||
<Button
|
||||
variant="ghost"
|
||||
className="bg-red-600 text-white hover:bg-red-700 hover:text-white"
|
||||
onClick={deleteAccount}
|
||||
disabled={deleting || deleteConfirm !== me?.email}
|
||||
>
|
||||
{deleting ? "Deleting…" : "Permanently delete my account"}
|
||||
</Button>
|
||||
</div>
|
||||
</CardContent>
|
||||
</Card>
|
||||
</div>
|
||||
|
||||
Vendored
+142
-1
@@ -168,7 +168,12 @@ export interface paths {
|
||||
get: operations["read_me_api_v1_users_me_get"];
|
||||
put?: never;
|
||||
post?: never;
|
||||
delete?: never;
|
||||
/**
|
||||
* Delete Account
|
||||
* @description Delete the account: the user, their owned trees, and their sessions.
|
||||
* Requires retyping the account email as a guard.
|
||||
*/
|
||||
delete: operations["delete_account_api_v1_users_me_delete"];
|
||||
options?: never;
|
||||
head?: never;
|
||||
patch?: never;
|
||||
@@ -194,6 +199,46 @@ export interface paths {
|
||||
patch: operations["set_self_person_api_v1_users_me_self_person_patch"];
|
||||
trace?: never;
|
||||
};
|
||||
"/api/v1/users/me/export": {
|
||||
parameters: {
|
||||
query?: never;
|
||||
header?: never;
|
||||
path?: never;
|
||||
cookie?: never;
|
||||
};
|
||||
/**
|
||||
* Export Account
|
||||
* @description Download a full backup (JSON + media) of every tree the user owns.
|
||||
*/
|
||||
get: operations["export_account_api_v1_users_me_export_get"];
|
||||
put?: never;
|
||||
post?: never;
|
||||
delete?: never;
|
||||
options?: never;
|
||||
head?: never;
|
||||
patch?: never;
|
||||
trace?: never;
|
||||
};
|
||||
"/api/v1/users/me/import": {
|
||||
parameters: {
|
||||
query?: never;
|
||||
header?: never;
|
||||
path?: never;
|
||||
cookie?: never;
|
||||
};
|
||||
get?: never;
|
||||
put?: never;
|
||||
/**
|
||||
* Import Account
|
||||
* @description Restore a previously-exported backup into new trees (non-destructive).
|
||||
*/
|
||||
post: operations["import_account_api_v1_users_me_import_post"];
|
||||
delete?: never;
|
||||
options?: never;
|
||||
head?: never;
|
||||
patch?: never;
|
||||
trace?: never;
|
||||
};
|
||||
"/api/v1/trees": {
|
||||
parameters: {
|
||||
query?: never;
|
||||
@@ -638,6 +683,16 @@ export interface paths {
|
||||
export type webhooks = Record<string, never>;
|
||||
export interface components {
|
||||
schemas: {
|
||||
/** Body_delete_account_api_v1_users_me_delete */
|
||||
Body_delete_account_api_v1_users_me_delete: {
|
||||
/** Confirm Email */
|
||||
confirm_email: string;
|
||||
};
|
||||
/** Body_import_account_api_v1_users_me_import_post */
|
||||
Body_import_account_api_v1_users_me_import_post: {
|
||||
/** File */
|
||||
file: string;
|
||||
};
|
||||
/** Body_import_gedcom_api_v1_trees__tree_id__gedcom_import_post */
|
||||
Body_import_gedcom_api_v1_trees__tree_id__gedcom_import_post: {
|
||||
/** File */
|
||||
@@ -1624,6 +1679,37 @@ export interface operations {
|
||||
};
|
||||
};
|
||||
};
|
||||
delete_account_api_v1_users_me_delete: {
|
||||
parameters: {
|
||||
query?: never;
|
||||
header?: never;
|
||||
path?: never;
|
||||
cookie?: never;
|
||||
};
|
||||
requestBody: {
|
||||
content: {
|
||||
"application/x-www-form-urlencoded": components["schemas"]["Body_delete_account_api_v1_users_me_delete"];
|
||||
};
|
||||
};
|
||||
responses: {
|
||||
/** @description Successful Response */
|
||||
204: {
|
||||
headers: {
|
||||
[name: string]: unknown;
|
||||
};
|
||||
content?: never;
|
||||
};
|
||||
/** @description Validation Error */
|
||||
422: {
|
||||
headers: {
|
||||
[name: string]: unknown;
|
||||
};
|
||||
content: {
|
||||
"application/json": components["schemas"]["HTTPValidationError"];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
set_self_person_api_v1_users_me_self_person_patch: {
|
||||
parameters: {
|
||||
query?: never;
|
||||
@@ -1657,6 +1743,61 @@ export interface operations {
|
||||
};
|
||||
};
|
||||
};
|
||||
export_account_api_v1_users_me_export_get: {
|
||||
parameters: {
|
||||
query?: never;
|
||||
header?: never;
|
||||
path?: never;
|
||||
cookie?: never;
|
||||
};
|
||||
requestBody?: never;
|
||||
responses: {
|
||||
/** @description Successful Response */
|
||||
200: {
|
||||
headers: {
|
||||
[name: string]: unknown;
|
||||
};
|
||||
content: {
|
||||
"application/json": unknown;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
import_account_api_v1_users_me_import_post: {
|
||||
parameters: {
|
||||
query?: never;
|
||||
header?: never;
|
||||
path?: never;
|
||||
cookie?: never;
|
||||
};
|
||||
requestBody: {
|
||||
content: {
|
||||
"multipart/form-data": components["schemas"]["Body_import_account_api_v1_users_me_import_post"];
|
||||
};
|
||||
};
|
||||
responses: {
|
||||
/** @description Successful Response */
|
||||
200: {
|
||||
headers: {
|
||||
[name: string]: unknown;
|
||||
};
|
||||
content: {
|
||||
"application/json": {
|
||||
[key: string]: unknown;
|
||||
};
|
||||
};
|
||||
};
|
||||
/** @description Validation Error */
|
||||
422: {
|
||||
headers: {
|
||||
[name: string]: unknown;
|
||||
};
|
||||
content: {
|
||||
"application/json": components["schemas"]["HTTPValidationError"];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
list_my_trees_api_v1_trees_get: {
|
||||
parameters: {
|
||||
query?: {
|
||||
|
||||
@@ -312,6 +312,39 @@
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"delete": {
|
||||
"tags": [
|
||||
"users"
|
||||
],
|
||||
"summary": "Delete Account",
|
||||
"description": "Delete the account: the user, their owned trees, and their sessions.\nRequires retyping the account email as a guard.",
|
||||
"operationId": "delete_account_api_v1_users_me_delete",
|
||||
"requestBody": {
|
||||
"content": {
|
||||
"application/x-www-form-urlencoded": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/Body_delete_account_api_v1_users_me_delete"
|
||||
}
|
||||
}
|
||||
},
|
||||
"required": true
|
||||
},
|
||||
"responses": {
|
||||
"204": {
|
||||
"description": "Successful Response"
|
||||
},
|
||||
"422": {
|
||||
"description": "Validation Error",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/HTTPValidationError"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"/api/v1/users/me/self-person": {
|
||||
@@ -356,6 +389,70 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"/api/v1/users/me/export": {
|
||||
"get": {
|
||||
"tags": [
|
||||
"users"
|
||||
],
|
||||
"summary": "Export Account",
|
||||
"description": "Download a full backup (JSON + media) of every tree the user owns.",
|
||||
"operationId": "export_account_api_v1_users_me_export_get",
|
||||
"responses": {
|
||||
"200": {
|
||||
"description": "Successful Response",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"/api/v1/users/me/import": {
|
||||
"post": {
|
||||
"tags": [
|
||||
"users"
|
||||
],
|
||||
"summary": "Import Account",
|
||||
"description": "Restore a previously-exported backup into new trees (non-destructive).",
|
||||
"operationId": "import_account_api_v1_users_me_import_post",
|
||||
"requestBody": {
|
||||
"content": {
|
||||
"multipart/form-data": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/Body_import_account_api_v1_users_me_import_post"
|
||||
}
|
||||
}
|
||||
},
|
||||
"required": true
|
||||
},
|
||||
"responses": {
|
||||
"200": {
|
||||
"description": "Successful Response",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"additionalProperties": true,
|
||||
"type": "object",
|
||||
"title": "Response Import Account Api V1 Users Me Import Post"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"422": {
|
||||
"description": "Validation Error",
|
||||
"content": {
|
||||
"application/json": {
|
||||
"schema": {
|
||||
"$ref": "#/components/schemas/HTTPValidationError"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"/api/v1/trees": {
|
||||
"post": {
|
||||
"tags": [
|
||||
@@ -2608,6 +2705,33 @@
|
||||
},
|
||||
"components": {
|
||||
"schemas": {
|
||||
"Body_delete_account_api_v1_users_me_delete": {
|
||||
"properties": {
|
||||
"confirm_email": {
|
||||
"type": "string",
|
||||
"title": "Confirm Email"
|
||||
}
|
||||
},
|
||||
"type": "object",
|
||||
"required": [
|
||||
"confirm_email"
|
||||
],
|
||||
"title": "Body_delete_account_api_v1_users_me_delete"
|
||||
},
|
||||
"Body_import_account_api_v1_users_me_import_post": {
|
||||
"properties": {
|
||||
"file": {
|
||||
"type": "string",
|
||||
"contentMediaType": "application/octet-stream",
|
||||
"title": "File"
|
||||
}
|
||||
},
|
||||
"type": "object",
|
||||
"required": [
|
||||
"file"
|
||||
],
|
||||
"title": "Body_import_account_api_v1_users_me_import_post"
|
||||
},
|
||||
"Body_import_gedcom_api_v1_trees__tree_id__gedcom_import_post": {
|
||||
"properties": {
|
||||
"file": {
|
||||
|
||||
Reference in New Issue
Block a user