From 66061d28286ee3adf69747c284d40121e2e4b280 Mon Sep 17 00:00:00 2001
From: Lunny Xiao <xiaolunwen@gmail.com>
Date: Fri, 8 Mar 2024 22:43:57 +0800
Subject: [PATCH] Fix 500 when deleting account with incorrect password or
 unsupported login type (#29579) (#29656)

Fix #26210
Backport #29579

Co-authored-by: Jason Song <i@wolfogre.com>
(cherry picked from commit a129c0c06c91e4994244138687be135dddd4c00d)
---
 options/locales/gitea_en-US.ini     |  2 ++
 routers/web/user/setting/account.go | 19 +++++++++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/options/locales/gitea_en-US.ini b/options/locales/gitea_en-US.ini
index bbb6aad14c..f8aeae51bd 100644
--- a/options/locales/gitea_en-US.ini
+++ b/options/locales/gitea_en-US.ini
@@ -574,6 +574,8 @@ enterred_invalid_repo_name = The repository name you entered is incorrect.
 enterred_invalid_org_name = The organization name you entered is incorrect.
 enterred_invalid_owner_name = The new owner name is not valid.
 enterred_invalid_password = The password you entered is incorrect.
+unset_password = The login user has not set the password.
+unsupported_login_type = The login type is not supported to delete account.
 user_not_exist = The user does not exist.
 team_not_exist = The team does not exist.
 last_org_owner = You cannot remove the last user from the 'owners' team. There must be at least one owner for an organization.
diff --git a/routers/web/user/setting/account.go b/routers/web/user/setting/account.go
index e02d369f67..1f186aeb58 100644
--- a/routers/web/user/setting/account.go
+++ b/routers/web/user/setting/account.go
@@ -19,6 +19,8 @@ import (
 	"code.gitea.io/gitea/modules/timeutil"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/services/auth"
+	"code.gitea.io/gitea/services/auth/source/db"
+	"code.gitea.io/gitea/services/auth/source/smtp"
 	"code.gitea.io/gitea/services/forms"
 	"code.gitea.io/gitea/services/mailer"
 	"code.gitea.io/gitea/services/user"
@@ -245,11 +247,24 @@ func DeleteAccount(ctx *context.Context) {
 	ctx.Data["PageIsSettingsAccount"] = true
 
 	if _, _, err := auth.UserSignIn(ctx, ctx.Doer.Name, ctx.FormString("password")); err != nil {
-		if user_model.IsErrUserNotExist(err) {
+		switch {
+		case user_model.IsErrUserNotExist(err):
+			loadAccountData(ctx)
+
+			ctx.RenderWithErr(ctx.Tr("form.user_not_exist"), tplSettingsAccount, nil)
+		case errors.Is(err, smtp.ErrUnsupportedLoginType):
+			loadAccountData(ctx)
+
+			ctx.RenderWithErr(ctx.Tr("form.unsupported_login_type"), tplSettingsAccount, nil)
+		case errors.As(err, &db.ErrUserPasswordNotSet{}):
+			loadAccountData(ctx)
+
+			ctx.RenderWithErr(ctx.Tr("form.unset_password"), tplSettingsAccount, nil)
+		case errors.As(err, &db.ErrUserPasswordInvalid{}):
 			loadAccountData(ctx)
 
 			ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), tplSettingsAccount, nil)
-		} else {
+		default:
 			ctx.ServerError("UserSignIn", err)
 		}
 		return