It is not possible to delete accounts, in violation of EU's GDPR.

[TomasLoow]

Describe the bug
When deleting accounts, the profile gets deleted but the account is still there. At least the profile name, e-mail and password hash remain in the system after a user requests to have their account deleted.

This makes the website potentially illegal in the European Union since it violates Article 17 in the General Data Protection Regulation.

To Reproduce
Steps to reproduce the behaviour:

1. Create a new account.
2. Click on your profile name in the sidebar.
3. Click "..."
4. Click "Delete profile" and confirm in the popup

Expected behavior
The user profile is fully deleted, all info about the user is removed and the user is logged out.

Actual behaviour
The user is still logged in but the profile is broken. Clicking on the profile name in the sidebar shows an error message "This account has been deleted". But it's still possible to logout and login with the email address and password and the name of the profile is still visible in the sidebar proving that user data has been retained after the deletion operation.

[MartinBraquet]

Thanks for pointing that out! Indeed, your description of the actual behavior is absolutely correct. Right now, deleting a profile only sets the userDeleted flag in the 'private_users' database. To delete the account fully, we must update the code to delete the user row in the profiles, users and private_users tables, and of course delete the user credentials in our authentication provider (Firebase).

This is a high priority task, as you correctly mentioned that it's in violation of data protection laws. It would be amazing if someone can work on it in the next days. I'm happy to provide guidance if needed. Most of the contribution should be done here:

Compass/backend/api/src/delete-me.ts

Lines 20 to 26 in 7cc7c8d

	const pg = createSupabaseDirectClient()
	await updateUser(pg, auth.uid, {
	userDeleted: true,
	isBannedFromPosting: true,
	})
	await updatePrivateUser(pg, auth.uid, {
	email: FieldVal.delete(),

Instead of setting userDeleted in the private_users database, it should delete the entire row in the three tables mentioned above using the supabase backend client. Then it should use the Firebase admin SDK to delete the user in Firebase Auth.

Expected task duration for someone with basic full-stack skills: 1 hour.

Let me know what you think!

[MartinBraquet]

Anyone planning to take this task? If not, I'll work on it tonight or tomorrow as it's quite urgent. 🙂

[MartinBraquet]

@TomasLoow Just got merged! Let us know if it doesn't work as expected.