Adding restructure to routes and removing unneccessary controller

Author: tnylea

app/Http/Controllers/Settings/DeleteController.php

@@ -7,6 +7,7 @@
 use Illuminate\Contracts\Auth\MustVerifyEmail;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Redirect;
 use Inertia\Inertia;
 use Inertia\Response;
@@ -39,4 +40,25 @@ public function update(ProfileUpdateRequest $request): RedirectResponse
 
         return Redirect::route('profile.edit');
     }
+
+    /**
+     * Delete the user's profile.
+     */
+    public function destroy(Request $request): RedirectResponse
+    {
+        $request->validate([
+            'password' => ['required', 'current_password'],
+        ]);
+
+        $user = $request->user();
+
+        Auth::logout();
+
+        $user->delete();
+
+        $request->session()->invalidate();
+        $request->session()->regenerateToken();
+
+        return Redirect::to('/');
+    }
 }

app/Http/Controllers/Settings/ProfileController.php

@@ -29,7 +29,7 @@ export default function DeleteUser() {
     const deleteUser: FormEventHandler = (e) => {
         e.preventDefault();
 
-        destroy(route('delete.destroy'), {
+        destroy(route('profile.destroy'), {
             preserveScroll: true,
             onSuccess: () => closeModal(),
             onError: () => passwordInput.current?.focus(),

resources/js/Components/Settings/DeleteUser.tsx

@@ -16,28 +16,24 @@
     ]);
 })->name('home');
 
-Route::middleware('auth')->group(function () {
+Route::get('dashboard', function(){
+    return Inertia::render('Dashboard');
+})->middleware(['auth', 'verified'])->name('dashboard');
 
-    Route::get('/dashboard', function () {
-        return Inertia::render('Dashboard');
-    })->name('dashboard');
+Route::middleware('auth')->group(function () {
 
     Route::redirect('settings', 'settings/profile');
 
     Route::get('settings/profile', [ProfileController::class, 'edit'])->name('profile.edit');
     Route::patch('settings/profile', [ProfileController::class, 'update'])->name('profile.update');
+    Route::delete('settings/profile', [ProfileController::class, 'destroy'])->name('profile.destroy');
 
     Route::get('settings/password', [PasswordController::class, 'edit'])->name('password.edit');
     Route::put('settings/password', [PasswordController::class, 'update'])->name('password.update');
 
     Route::get('settings/appearance', function () {
         return Inertia::render('Settings/Appearance');
     })->name('appearance');
-
-    Route::get('settings/delete', [DeleteController::class, 'edit'])->name('delete.edit');
-    Route::delete('settings/delete', [DeleteController::class, 'destroy'])->name('delete.destroy');
-
-    //Route::delete('/profile', [ProfileController::class, 'destroy'])->name('profile.destroy');
 });
 
 require __DIR__.'/auth.php';

routes/web.php

@@ -49,3 +49,40 @@
 
     $this->assertNotNull($user->refresh()->email_verified_at);
 });
+
+
+// Delete Profile Tests
+
+test('user can delete their account', function () {
+    $user = User::factory()->create();
+
+    $response = $this
+        ->actingAs($user)
+        ->delete('/settings/profile', [
+            'password' => 'password',
+        ]);
+
+    $response
+        ->assertSessionHasNoErrors()
+        ->assertRedirect('/');
+
+    $this->assertGuest();
+    $this->assertNull($user->fresh());
+});
+
+test('correct password must be provided to delete account', function () {
+    $user = User::factory()->create();
+
+    $response = $this
+        ->actingAs($user)
+        ->from('/settings/profile')
+        ->delete('/settings/profile', [
+            'password' => 'wrong-password',
+        ]);
+
+    $response
+        ->assertSessionHasErrors('password')
+        ->assertRedirect('/settings/profile');
+
+    $this->assertNotNull($user->fresh());
+});