Users should be able to delete their accounts completely

.gitignore

@@ -1,6 +1,9 @@
+docs/database/scratch.sql
 cron/config.py
+cron/*.log
 *.pyc
 settings.py
 *~
 *.kpf
-README.html
+README.html
+static/css/*/*.psd

patchouli_auth/templates/confirm_delete.html

@@ -0,0 +1,17 @@
+{% extends "basic_template.html" %}
+{% block content %}
+
+<div id="content">
+
+<h1 class="logo"><a href="/"><strong><code>sudo</code>Social</strong></a></h1>
+    <div class="tagline">Take control of your stream</div>
+<div id="confirm_profile">
+<h1>Delete All of Your Data</h1>
+<form action="" method="post">
+<p>You've requested to delete your profile and all of your streams. <strong>Peace Out</strong>!</p>
+<button>Confirm Delete Everything</button>
+</form>
+    <div class="cancel-link"><a href="/">What? Get me out of here</a></div>
+    </div>
+</div>
+{% endblock %}

patchouli_auth/templates/index.html

@@ -6,7 +6,11 @@ <h1 class="logo"><a href="/"><strong><code>sudo</code>Social</strong></a></h1>
     <div class="tagline">Take control of your stream</div>
 
 <div id="confirm_profile">
+{% if show_delete %}
+<h1>Edit Your Profile</h2>
+{% else %}
 <h1>Welcome, did we get your profile info right?</h2>
+{% endif %}
 {% if error %}
   <div class="error-message"><strong>{{error}}</strong></div>
 {% endif %}
@@ -24,8 +28,20 @@ <h1>Welcome, did we get your profile info right?</h2>
 </fieldset>
 <button id="contine">Continue</button>
 </form>
-</div><!-- /#auth -->
-    </div> <!-- /#confirm_profile -->
+
+</div> <!-- /#confirm_profile -->
+
+{% if show_delete %}
+    <hr />
+    <div id="delete_profile">
+        <form id="delete_profile" method="get" action="/auth/profile/{{username}}/delete">
+            <fieldset><legend>Delete Your Profile</legend>
+                <p>You are in control of your data... Want to delete your profile and all your streams?</p>
+                <button>Delete My Data</button>
+        </form>
+    </div><!-- /#delete_profile -->
+{% endif %}
+
 </div><!-- /#content -->
 <script src="/static/js/jquery-1.4.1.min.js" type="text/javascript"></script>
 <script src="/static/js/stream_editor.js" type="text/javascript"></script>

patchouli_auth/urls.py

@@ -1,7 +1,9 @@
 from django.conf.urls.defaults import *
 
 urlpatterns = patterns('patchouli_auth.views',
-    (r'^confirm_profile$', 'confirm_profile'),
+    (r'^confirm_profile$', 'confirm_profile'),    
+    (r'^profile/(?P<username>\w+)$', 'profile'),
+    (r'^profile/(?P<username>\w+)/delete$', 'delete_profile'),
     (r'^logout$', 'logout'),
     (r'^gravatar/(?P<email>[^/]+)$', 'gravatar'),
 

patchouli_auth/views.py

@@ -5,8 +5,11 @@
 import django.http
 from django.shortcuts import render_to_response
 
+from django.contrib.auth import logout
 from django.contrib.auth.decorators import login_required
 
+
+
 import lifestream.models
 import patchouli_auth.models
 import patchouli_auth.preferences
@@ -36,6 +39,44 @@ def account_checkauth(request):
         return django.http.HttpResponseRedirect('/openid/login')
     return resp
 
+@login_required
+def profile(request, username):
+    """ Don't use username for anything... """
+    profileProps = patchouli_auth.preferences.getPreferences(request.user)
+    if profileProps['publish_email']:
+        publishEmailFlag = 'checked'
+    else:
+        publishEmailFlag = ''
+
+    gravatarHash = hashlib.md5(request.user.email).hexdigest()
+    avatar_url = "http://www.gravatar.com/avatar/%s.jpg?d=monsterid&s=80" % gravatarHash
+
+    return render_to_response('index.html',
+                          { 'show_delete': True,
+                            'css_url': '/static/css/general-site.css',
+                            'username':   request.user.username,                            
+                            'email':      request.user.email,
+                            'publish_email_flag': publishEmailFlag,
+                            'first_name': request.user.first_name,
+                            'last_name':  request.user.last_name,
+                            'gravatar': avatar_url,
+                            },
+                          context_instance=django.template.RequestContext(request))
+
+def delete_profile(request, username):
+    """ Don't use username for anything... TODO: Add captcha since we can't force / trust an OpenID login step """
+    if 'POST' == request.method:
+        user = request.user
+        logout(request)
+        log.info("Deleting account for username %s" % (user.username))
+        user.delete()
+        log.debug("Redirect to auth")
+        return django.http.HttpResponseRedirect('/auth')
+    else:
+        return render_to_response('confirm_delete.html',
+                          {'css_url': '/static/css/general-site.css',},
+                          context_instance=django.template.RequestContext(request))
+
 @login_required
 def confirm_profile(request):
     """ TODO use a FormModel """

static/css/general-site.css

@@ -83,14 +83,19 @@ h1.logo code {
     min-height: 600px;
 }
 /* confirm profile */
-.copy, .login, #confirm_profile {
+.copy, .login, #confirm_profile, #delete_profile {
     margin: 0 auto;
     width: 835px;
     padding-top: 1em;
 }
 .note {
     font-size: 80%;
 }
+.cancel-link {
+	font-size: 120%;
+	font-weight: bold;
+	margin-top: 3em;
+}
 /* homepage */
 #call-to-action {
     float: left;
@@ -127,7 +132,7 @@ h1.logo code {
     -moz-border-radius: 15px;
     -webkit-border-radius: 15px;
 }
-#confirm_profile {
+#confirm_profile, #delete_profile {
     width: 600px;
     text-align: left;
 }

streamManager/templates/template.html

@@ -7,7 +7,7 @@
     </head>
     <body>
         <div id="heading">
-            <div id="auth">Hey, <span id="auth-username">{{ username }}</span> <a href="/auth/logout" class="auth logout">Logout</a> or <a href="/auth/confirm_profile">Edit Profile</a></div>
+            <div id="auth">Hey, <span id="auth-username">{{ username }}</span> <a href="/auth/logout" class="auth logout">Logout</a> or <a href="/auth/profile/{{username}}">Edit Profile</a></div>
             <br />
         </div>
         <div id="sidebar">