fix(api): ensure all user data is deleted on account deletion

Fixes a critical bug in the `AuthService.deleteAccount` method where
only the main user document was being deleted. The previous logic
incorrectly assumed a relational `CASCADE` delete behavior.

This change adds explicit calls to delete the user's associated
documents from the `user_app_settings` and `user_content_preferences`
collections, ensuring that no orphaned data is left in the database
after an account is deleted.

Author: fulleni

lib/src/services/auth_service.dart

@@ -549,25 +549,29 @@ class AuthService {
   /// Throws [NotFoundException] if the user does not exist.
   /// Throws [OperationFailedException] for other errors during deletion or cleanup.
   Future<void> deleteAccount({required String userId}) async {
-    // Note: The user record itself is deleted via a CASCADE constraint
-    // when the corresponding entry in the `users` table is deleted.
-    // This is because `user_app_settings.user_id` and
-    // `user_content_preferences.user_id` have `ON DELETE CASCADE`.
-    // Therefore, we only need to delete the main user record.
     try {
       // Fetch the user first to get their email if needed for cleanup
       final userToDelete = await _userRepository.read(id: userId);
       _log.info('Found user ${userToDelete.id} for deletion.');
 
-      // 1. Delete the main user record from the `users` table.
-      // The `ON DELETE CASCADE` constraint on the `user_app_settings` and
-      // `user_content_preferences` tables will automatically delete the
-      // associated records in those tables. This also implicitly invalidates
+      // 1. Explicitly delete associated user data. Unlike relational databases
+      // with CASCADE constraints, MongoDB requires manual deletion of related
+      // documents in different collections.
+      await _userAppSettingsRepository.delete(id: userId, userId: userId);
+      _log.info('Deleted UserAppSettings for user ${userToDelete.id}.');
+
+      await _userContentPreferencesRepository.delete(
+        id: userId,
+        userId: userId,
+      );
+      _log.info('Deleted UserContentPreferences for user ${userToDelete.id}.');
+
+      // 2. Delete the main user record. This also implicitly invalidates
       // tokens that rely on user lookup, as the user will no longer exist.
       await _userRepository.delete(id: userId);
       _log.info('User ${userToDelete.id} deleted from repository.');
 
-      // 2. Clear any pending verification codes for this user ID (linking).
+      // 3. Clear any pending verification codes for this user ID (linking).
       try {
         await _verificationCodeStorageService.clearLinkCode(userId);
         _log.info('Cleared link code for user ${userToDelete.id}.');
@@ -578,7 +582,7 @@ class AuthService {
         );
       }
 
-      // 3. Clear any pending sign-in codes for the user's email (if they had one).
+      // 4. Clear any pending sign-in codes for the user's email (if they had one).
       // The email for anonymous users is a placeholder and not used for sign-in.
       if (userToDelete.appRole != AppUserRole.guestUser) {
         try {