add more options to user management

2025-07-15 09:45:20 +00:00 · 2024-11-12 21:38:03 +01:00
parent e2aae47c34
commit 3fb9dd0035
8 changed files with 868 additions and 577 deletions
--- a/firebase/functions/index.js
+++ b/firebase/functions/index.js
@ -162,6 +162,87 @@ exports.createSubUser = onRequest(async (request, response) => {
    }
 });

+exports.removeSubUser = onRequest(async (request, response) => {
+    const authHeader = request.get('Authorization');
+
+    if (!authHeader || !authHeader.startsWith('Bearer ')) {
+        logger.warn("Missing or incorrect Authorization header", {authHeader});
+        response.status(401).json({error: 'Unauthorized'});
+        return;
+    }
+
+    try {
+        const token = authHeader.split('Bearer ')[1];
+        logger.info("Verifying ID token", {token});
+
+        let decodedToken;
+        try {
+            decodedToken = await getAuth().verifyIdToken(token);
+            logger.info("ID token verified successfully", {uid: decodedToken.uid});
+        } catch (verifyError) {
+            logger.error("ID token verification failed", {error: verifyError.message});
+            response.status(401).json({error: 'Unauthorized: Invalid token'});
+            return;
+        }
+
+        logger.info("Processing user removal", {requestBody: request.body.data});
+
+        const { userId, familyId } = request.body.data;
+
+        if (!userId || !familyId) {
+            logger.warn("Missing required fields in request body", {requestBody: request.body.data});
+            response.status(400).json({error: "Missing required fields"});
+            return;
+        }
+
+        try {
+            const userProfile = await getFirestore()
+                .collection("Profiles")
+                .doc(userId)
+                .get();
+
+            if (!userProfile.exists) {
+                logger.error("User profile not found", {userId});
+                response.status(404).json({error: "User not found"});
+                return;
+            }
+
+            if (userProfile.data().familyId !== familyId) {
+                logger.error("User does not belong to the specified family", {
+                    userId,
+                    requestedFamilyId: familyId,
+                    actualFamilyId: userProfile.data().familyId
+                });
+                response.status(403).json({error: "User does not belong to the specified family"});
+                return;
+            }
+
+            await getFirestore()
+                .collection("Profiles")
+                .doc(userId)
+                .delete();
+            logger.info("User profile deleted from Firestore", {userId});
+
+            await getAuth().deleteUser(userId);
+            logger.info("User authentication deleted", {userId});
+
+            response.status(200).json({
+                data: {
+                    message: "User removed successfully",
+                    success: true
+                }
+            });
+        } catch (error) {
+            logger.error("Failed to remove user", {error: error.message});
+            response.status(500).json({error: "Failed to remove user"});
+            return;
+        }
+    } catch (error) {
+        logger.error("Error in removeSubUser function", {error: error.message});
+        response.status(500).json({data: {error: error.message}});
+    }
+});
+
 exports.generateCustomToken = onRequest(async (request, response) => {
    try {
        const {userId} = request.body.data;