class AuthD::Request
	IPC::JSON.message Delete, 17 do
		# Deletion can be triggered by either an admin or the related user.
		property user       : String | Int32

		def initialize(@user)
		end

		def handle(authd : AuthD::Service, fd : Int32)
			user_to_delete = authd.user? @user
			return Response::Error.new "invalid user" if user_to_delete.nil?

			# Get currently logged user.
			logged_user = authd.get_logged_user? fd
			if logged_user.nil?
				return Response::Error.new "you must be logged"
			end

			unless logged_user.admin
				# Is the logged user the target?
				if logged_user.uid != user_to_delete.uid
					return Response::Error.new "invalid credentials"
				end
			end

			# User or admin is now verified: let's proceed with the user deletion.
			authd.users_per_login.delete user_to_delete.login

			# TODO: if the current user is deleted, unlog!
			if logged_user.uid == user_to_delete.uid
				authd.close fd
				authd.logged_users.delete fd
			end

			# TODO: better response
			Response::User.new user_to_delete.to_public
		end
	end
	AuthD.requests << Delete
end