feat: create a delete account route to follow apple compliance

akshit1003 · akshit1003 · commit 22b6eee2e0e6 · 2025-12-14T02:02:41.000+05:30
diff --git a/src/routes/profileRoutes.ts b/src/routes/profileRoutes.ts
@@ -1,5 +1,5 @@
 import express, { Request, Response } from 'express';
-import { getUser, updateUser } from '../services/userService';
+import { getUser, updateUser, anonymizeUser } from '../services/userService';
 import { verifyIdToken } from '../middleware/verifyIdToken';
 import { parseMultipartForm, uploadFilesToSupabase } from '../lib/fileUpload';
 import { deleteFile } from '../services/supabaseService';
@@ -82,5 +82,40 @@ router.get('/', verifyIdToken, async (req: Request, res: Response) => {
   }
 })
 
+//for apple
+router.delete('/delete', verifyIdToken, async (req: Request, res: Response) => {
+  try {
+    const userId = req.userId;
+    if (!userId) {
+      res.status(401).json({ message: 'Unauthorized' });
+      return;
+    }
+
+    // Check if user exists
+    const user = await getUser(userId);
+    if (!user) {
+      res.status(404).json({ message: 'User not found' });
+      return;
+    }
+
+    // Anonymize the user account
+    const { success, error, message } = await anonymizeUser(userId);
+
+    if (success) {
+      res.status(200).json({ 
+        message: message || 'Account successfully deleted',
+        details: 'Your personal information has been removed from our system'
+      });
+    } else {
+      res.status(500).json({ message: error || 'Failed to delete account' });
+    }
+  } catch (err) {
+    res.status(500).json({ 
+      message: 'Internal Server Error', 
+      error: err instanceof Error ? err.message : err 
+    });
+  }
+});
+
 
 export default router;
diff --git a/src/services/userService.ts b/src/services/userService.ts
@@ -492,4 +492,55 @@ export const createUserWithRsvpLinking = async (data: {
       };
     }
   }
+};
+
+// Anonymize user account (for Apple compliance - delete account without removing data)
+export const anonymizeUser = async (userId: string) => {
+  try {
+    const user = await prisma.user.findUnique({
+      where: { id: userId }
+    });
+
+    if (!user) {
+      return {
+        success: false,
+        error: 'User not found'
+      };
+    }
+
+    // Generate anonymized data
+    const anonymizedTimestamp = Date.now();
+    const anonymizedData = {
+      name: `Deleted User ${anonymizedTimestamp}`,
+      email: null,
+      mobile_number: `deleted_${anonymizedTimestamp}_${userId.substring(0, 8)}`,
+      profile_pic: '',
+      verification_status: 'unverified' as VerificationStatus,
+      gender: 'Unspecified' as Gender,
+    };
+
+    // Update the user with anonymized data
+    const anonymizedUser = await prisma.user.update({
+      where: { id: userId },
+      data: anonymizedData
+    });
+
+    return {
+      success: true,
+      user: anonymizedUser,
+      message: 'Account successfully anonymized'
+    };
+  } catch (error: unknown) {
+    if (error instanceof Error) {
+      return {
+        success: false,
+        error: error.message,
+      };
+    } else {
+      return {
+        success: false,
+        error: "Failed to anonymize user account",
+      };
+    }
+  }
 };
