From d48febbbd8506dd1570e3da29ea2c48390ba771e Mon Sep 17 00:00:00 2001
From: Thibaut Patel <thibaut.patel@gmail.com>
Date: Mon, 16 Nov 2020 15:50:59 +0100
Subject: [PATCH] Added Personal Token removal when a user is deleted

no issue
---
 core/server/api/canary/users.js | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/core/server/api/canary/users.js b/core/server/api/canary/users.js
index 01627b66e6..ba65451e63 100644
--- a/core/server/api/canary/users.js
+++ b/core/server/api/canary/users.js
@@ -156,6 +156,20 @@ module.exports = {
                 frame.options.transacting = t;
 
                 return models.Post.destroyByAuthor(frame.options)
+                    .then(() => {
+                        return models.ApiKey.destroy({
+                            ...frame.options,
+                            require: true,
+                            destroyBy: {
+                                user_id: frame.options.id
+                            }
+                        }).catch((err) => {
+                            if (err instanceof models.ApiKey.NotFoundError) {
+                                return; //Do nothing here as it's ok
+                            }
+                            throw err;
+                        });
+                    })
                     .then(() => {
                         return models.User.destroy(Object.assign({status: 'all'}, frame.options));
                     })