feat: new route added for deletion (#5160)

* feat: new route added for deletion
required password removed from update profile

* fix: update url

Co-authored-by: alannnc <alannnc@gmail.com>
Co-authored-by: Peer Richelsen <peeroke@gmail.com>

README.md

@@ -324,7 +324,7 @@ We have a list of [help wanted](https://github.com/orgs/calcom/projects/1/views/
 6. In the third page (Test Users), add the Google account(s) you'll using. Make sure the details are correct on the last page of the wizard and your consent screen will be configured.
 7. Now select [Credentials](https://console.cloud.google.com/apis/credentials) from the side pane and then select Create Credentials. Select the OAuth Client ID option.
 8. Select Web Application as the Application Type.
-9. Under Authorized redirect URI's, select Add URI and then add the URI `<Cal.com URL>/api/integrations/googlecalendar/callback` replacing Cal.com URL with the URI at which your application runs.
+9. Under Authorized redirect URI's, select Add URI and then add the URI `<Cal.com URL>/api/integrations/googlecalendar/callback` and `<Cal.com URL>/api/auth/callback/google` replacing Cal.com URL with the URI at which your application runs.
 10. The key will be created and you will be redirected back to the Credentials page. Select the newly generated client ID under OAuth 2.0 Client IDs.
 11. Select Download JSON. Copy the contents of this file and paste the entire JSON string in the .env file as the value for GOOGLE_API_CREDENTIALS key.
 

apps/web/pages/settings/my-account/profile.tsx

@@ -1,3 +1,4 @@
+import { IdentityProvider } from "@prisma/client";
 import crypto from "crypto";
 import { signOut } from "next-auth/react";
 import { useRef, useState, BaseSyntheticEvent, useEffect } from "react";
@@ -111,23 +112,41 @@ const ProfileView = () => {
       await utils.invalidateQueries(["viewer.me"]);
     },
   });
+  const deleteMeWithoutPasswordMutation = trpc.useMutation("viewer.deleteMeWithoutPassword", {
+    onSuccess: onDeleteMeSuccessMutation,
+    onError: onDeleteMeErrorMutation,
+    async onSettled() {
+      await utils.invalidateQueries(["viewer.me"]);
+    },
+  });
+
+  const isCALIdentityProviver = user?.identityProvider === IdentityProvider.CAL;
 
   const onConfirmPassword = (e: Event | React.MouseEvent<HTMLElement, MouseEvent>) => {
     e.preventDefault();
+
     const password = passwordRef.current.value;
     confirmPasswordMutation.mutate({ passwordInput: password });
   };
 
   const onConfirmButton = (e: Event | React.MouseEvent<HTMLElement, MouseEvent>) => {
     e.preventDefault();
+    if (isCALIdentityProviver) {
       const totpCode = form.getValues("totpCode");
       const password = passwordRef.current.value;
       deleteMeMutation.mutate({ password, totpCode });
+    } else {
+      deleteMeWithoutPasswordMutation.mutate();
+    }
   };
   const onConfirm = ({ totpCode }: DeleteAccountValues, e: BaseSyntheticEvent | undefined) => {
     e?.preventDefault();
+    if (isCALIdentityProviver) {
       const password = passwordRef.current.value;
       deleteMeMutation.mutate({ password, totpCode });
+    } else {
+      deleteMeWithoutPasswordMutation.mutate();
+    }
   };
 
   const formMethods = useForm<{
@@ -178,7 +197,7 @@ const ProfileView = () => {
       <Form
         form={formMethods}
         handleSubmit={(values) => {
-          if (values.email !== user?.email) {
+          if (values.email !== user?.email && isCALIdentityProviver) {
             setConfirmPasswordOpen(true);
           } else {
             mutation.mutate(values);
@@ -260,6 +279,7 @@ const ProfileView = () => {
             actionOnClick={(e) => e && onConfirmButton(e)}>
             <>
               <p className="mb-7">{t("delete_account_confirmation_message")}</p>
+              {isCALIdentityProviver && (
                 <PasswordField
                   data-testid="password"
                   name="password"
@@ -270,8 +290,9 @@ const ProfileView = () => {
                   label="Password"
                   ref={passwordRef}
                 />
+              )}
 
-              {user?.twoFactorEnabled && (
+              {user?.twoFactorEnabled && isCALIdentityProviver && (
                 <Form handleSubmit={onConfirm} className="pb-4" form={form}>
                   <TwoFactor center={false} />
                 </Form>

packages/lib/auth.ts

@@ -75,6 +75,7 @@ export enum ErrorCode {
   NewPasswordMatchesOld = "new-password-matches-old",
   ThirdPartyIdentityProviderEnabled = "third-party-identity-provider-enabled",
   RateLimitExceeded = "rate-limit-exceeded",
+  SocialIdentityProviderRequired = "social-identity-provider-required",
 }
 
 export const identityProviderNameMap: { [key in IdentityProvider]: string } = {

packages/trpc/server/routers/viewer.tsx

@@ -246,6 +246,40 @@ const loggedInViewerRouter = createProtectedRouter()
       return;
     },
   })
+  .mutation("deleteMeWithoutPassword", {
+    async resolve({ ctx }) {
+      const user = await prisma.user.findUnique({
+        where: {
+          email: ctx.user.email.toLowerCase(),
+        },
+      });
+      if (!user) {
+        throw new Error(ErrorCode.UserNotFound);
+      }
+
+      if (user.identityProvider === IdentityProvider.CAL) {
+        throw new Error(ErrorCode.SocialIdentityProviderRequired);
+      }
+
+      if (user.twoFactorEnabled) {
+        throw new Error(ErrorCode.SocialIdentityProviderRequired);
+      }
+
+      // Remove me from Stripe
+      await deleteStripeCustomer(user).catch(console.warn);
+
+      // Remove my account
+      const deletedUser = await ctx.prisma.user.delete({
+        where: {
+          id: ctx.user.id,
+        },
+      });
+      // Sync Services
+      syncServicesDeleteWebUser(deletedUser);
+
+      return;
+    },
+  })
   .mutation("away", {
     input: z.object({
       away: z.boolean(),