-
-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow users without password (LDAP, OIDC/OAuth) to delete their own account #18329
Comments
For LDAP users, they may not be allowed to be deleted by themselves? |
Ok, this might make some sense. For example, I have created an account at the Gitea demo server, using Githubs OICD. Now i would for example like to delete it. But i can't. I mean sure. I could remove the authenthication through Github, but it would still leave an account on the Gitea Server. Though I have to admit, I don't know that much about LDAP. So I could be totaly wrong here. |
A possible solution could be: we save the external login time in session, then if a user wants to delete the account within 1 minute after login, we allow it. This solution make every user have a chance to delete their account with a fresh external login. |
I am still struggeling with understanding why a user that is externaly logged in shouldnt be able to delete his/hers account. |
They should, but it needs someone to work on a PR for this feature. |
Gitea Version
1.15.8
Git Version
--
Operating System
Linux
How are you running Gitea?
Docker (But doesnt matter)
Database
PostgreSQL
Can you reproduce the bug on the Gitea demo site?
Yes
Log Gist
No response
Description
A user that has an external account cant delete his account.
In order to delete it he has to put in his password. But external users do not have a password.
Screenshots
No response
The text was updated successfully, but these errors were encountered: