diff --git a/app/controllers/UserController.php b/app/controllers/UserController.php
index f0c1ba9..8177a9a 100644
--- a/app/controllers/UserController.php
+++ b/app/controllers/UserController.php
@@ -46,4 +46,48 @@ class UserController extends ControllerBase
$this->view->page = $paginator->getPaginate();
$this->view->pagination_url = '/user/activity/';
}
+
+ public function oauthDisconnectAction($provider, $last_unlink_confirmed = false)
+ {
+ $user = $this->_getAuth()->getUser();
+
+ // Check if we are unlinking the last provider
+ if (count($user->getSocialLinks()) <= 1) {
+
+ // If user does not have a password, we wont allow it.
+ if (strlen($user->getPassword()) < 1) {
+ $msg = 'Unlinking your last OAuth provider cannot be done '
+ . 'if you don\'t have a password as it would be impossible for you to log in.';
+
+ $this->flash->message('error', $msg);
+ $this->response->redirect('/settings');
+ return;
+ }
+
+ // Give a warning to the user about password as the only login option.
+ if ($last_unlink_confirmed == false) {
+
+ $url = $this->url->get([
+ 'for' => 'oauth-disconnect-confirm',
+ 'provider' => $provider,
+ 'confirm' => 'confirm',
+ ]);
+
+ $msg = 'You are about to unlink the last OAuth provider.'
+ . ' Your only login option will be password if you do this.
'
+ . 'Are you sure? Yes
';
+
+ $this->flash->message('warning', $msg);
+ $this->response->redirect('/settings');
+ return;
+ }
+ }
+
+ $user->{'set' . $provider . 'Id'}(null);
+ $user->save();
+
+ $this->flash->message('success', "{$provider} was disconnected
");
+
+ $this->response->redirect('/settings');
+ }
}