Aaru.Server/Aaru.Server/Components/Account/Pages/Manage/DeletePersonalData.razor

@page "/Account/Manage/DeletePersonalData"
@using System.ComponentModel.DataAnnotations
@using Microsoft.AspNetCore.Identity

@inject UserManager<IdentityUser>   UserManager
@inject SignInManager<IdentityUser> SignInManager
@inject IdentityUserAccessor        UserAccessor
@inject IdentityRedirectManager     RedirectManager
@inject ILogger<DeletePersonalData> Logger

<PageTitle>Delete Personal Data</PageTitle>

<StatusMessage Message="@message"/>

<h3>Delete Personal Data</h3>

<div class="alert alert-warning" role="alert">
    <p>
        <strong>Deleting this data will permanently remove your account, and this cannot be recovered.</strong>
    </p>
</div>

<div>
    <EditForm FormName="delete-user" method="post" Model="Input" OnValidSubmit="OnValidSubmitAsync">
        <DataAnnotationsValidator/>
        <ValidationSummary class="text-danger" role="alert"/>
        @if(requirePassword)
        {
            <div class="form-floating mb-3">
                <InputText aria-required="true" autocomplete="current-password" @bind-Value="Input.Password" class="form-control" placeholder="Please enter your password." type="password"/>
                <label class="form-label" for="password">Password</label>
                <ValidationMessage class="text-danger" For="() => Input.Password"/>
            </div>
        }
        <button class="btn btn-danger btn-lg w-100" type="submit">Delete data and close my account</button>
    </EditForm>
</div>

@code {
    private string?      message;
    private IdentityUser user = default!;
    private bool         requirePassword;

    [CascadingParameter]
    private HttpContext HttpContext { get; set; } = default!;

    [SupplyParameterFromForm]
    private InputModel Input { get; set; } = new();

    protected override async Task OnInitializedAsync()
    {
        Input           ??= new InputModel();
        user            =   await UserAccessor.GetRequiredUserAsync(HttpContext);
        requirePassword =   await UserManager.HasPasswordAsync(user);
    }

    private async Task OnValidSubmitAsync()
    {
        if(requirePassword && !await UserManager.CheckPasswordAsync(user, Input.Password))
        {
            message = "Error: Incorrect password.";

            return;
        }

        IdentityResult result = await UserManager.DeleteAsync(user);

        if(!result.Succeeded)
        {
            throw new InvalidOperationException("Unexpected error occurred deleting user.");
        }

        await SignInManager.SignOutAsync();

        string userId = await UserManager.GetUserIdAsync(user);
        Logger.LogInformation("User with ID '{UserId}' deleted themselves.", userId);

        RedirectManager.RedirectToCurrentPage();
    }

    private sealed class InputModel
    {
        [DataType(DataType.Password)]
        public string Password { get; set; } = "";
    }

}