feat: add user account deletion

Author: fullstacksherpa

.air.toml

@@ -1,31 +1,29 @@
+# Root directory for Air to watch
 root = "."
 testdata_dir = "testdata"
 tmp_dir = "bin"
 
 [build]
-  args_bin = []
+  # Output binary location
   bin = "./bin/main"
+  # Build command for your API
   cmd = "go build -o ./bin/main ./cmd/api"
+  # Delay after file change before rebuilding (ms)
   delay = 1000
+
+  # Directories and files to ignore
   exclude_dir = ["assets", "bin", "vendor", "testdata", "web", "docs", "scripts"]
-  exclude_file = []
-  exclude_regex = ["_test.go"]
+  exclude_regex = ["_test.go"] # ignore test files
   exclude_unchanged = false
-  follow_symlink = false
-  full_bin = ""
-  include_dir = []
+
+  # Extensions to watch
   include_ext = ["go", "tpl", "tmpl", "html"]
-  include_file = []
-  kill_delay = "0s"
-  log = "build-errors.log"
-  poll = false
-  poll_interval = 0
-  post_cmd = []
+
+  # Run before build (auto‑generate docs)
   pre_cmd = ["make gen-docs"]
-  rerun = false
-  rerun_delay = 500
-  send_interrupt = false
-  stop_on_error = false
+
+  # Log build errors here
+  log = "build-errors.log"
 
 [color]
   app = ""
@@ -43,4 +41,8 @@ tmp_dir = "bin"
 
 [screen]
   clear_on_rebuild = false
-  keep_scroll = true
+  keep_scroll = true
+
+[env]
+# Default environment for local dev
+APP_ENV = "development"

Makefile

@@ -2,7 +2,7 @@
 # Environment Configuration
 # -------------------------------
 MIGRATIONS_PATH = ./cmd/migrate/migrations
-ENV ?= staging  # Default to staging if not specified
+ENV ?= development  # Default to development if not specified
 
 # Debug output showing which environment is being loaded
 $(info Loading $(ENV) environment...)
@@ -11,15 +11,18 @@ $(info Loading $(ENV) environment...)
 ifeq ($(ENV),prod)
 include .env.prod
 $(info Using production database configuration)
-else
+else ifeq ($(ENV),staging)
 include .env.staging
 $(info Using staging database configuration)
+else
+include .env.development
+$(info Using development database configuration)
 endif
 
 # -------------------------------
 # Migration Targets
 # -------------------------------
-.PHONY: migrate-create
+.PHONY: migration
 migration:
 	@migrate create -seq -ext sql -dir $(MIGRATIONS_PATH) $(filter-out $@,$(MAKECMDGOALS))
 
@@ -52,6 +55,14 @@ staging-up:
 staging-down:
 	@$(MAKE) migrate-down ENV=staging
 
+.PHONY: dev-up
+dev-up:
+	@$(MAKE) migrate-up ENV=development
+
+.PHONY: dev-down
+dev-down:
+	@$(MAKE) migrate-down ENV=development
+
 # -------------------------------
 # Other Commands
 # -------------------------------
@@ -75,4 +86,4 @@ gen-docs:
 show-env:
 	@echo "Current Environment: $(ENV)"
 	@echo "DB Connection: $(DB_ADDR_NO_POOL)"
-	@echo "Migrations Path: $(MIGRATIONS_PATH)"
+	@echo "Migrations Path: $(MIGRATIONS_PATH)"

cmd/api/api.go

@@ -160,6 +160,7 @@ func (app *application) mount() http.Handler {
 			r.Use(app.AuthTokenMiddleware)
 			r.Get("/bookings", app.getBookingsByUserHandler)
 			r.Get("/me", app.getCurrentUserHandler)
+			r.Delete("/me", app.deleteUserAccountHandler)
 			r.Patch("/update-profile", app.editProfileHandler)
 			r.Put("/", app.updateUserHandler)
 			r.Post("/profile-picture", app.uploadProfilePictureHandler)

cmd/api/main.go

@@ -96,9 +96,13 @@ var version = "1.2.0"
 // @name						Authorization
 // @description
 func main() {
-	if err := godotenv.Load(); err != nil {
-		fmt.Println("No .env file found, relying on environment variables from Docker")
+	env := os.Getenv("APP_ENV")
+	if env == "" {
+		env = "development"
 	}
+	envFile := fmt.Sprintf(".env.%s", env)
+	godotenv.Load(envFile)
+	fmt.Println("Running in", env, "mode")
 	// Retrieve and convert maxOpenConns
 	maxOpenConnsStr := os.Getenv("DB_MAX_OPEN_CONNS")
 	maxOpenConns, err := strconv.Atoi(maxOpenConnsStr)

cmd/api/users.go

@@ -458,3 +458,44 @@ func (app *application) getCurrentUserHandler(w http.ResponseWriter, r *http.Req
 		app.internalServerError(w, r, err)
 	}
 }
+
+// deleteUserAccountHandler godoc
+//
+//	@Summary		Delete current user account
+//	@Description	Deletes the logged-in user's account and Cloudinary profile photo
+//	@Tags			users
+//	@Produce		json
+//	@Success		204	{string}	string	"User deleted"
+//	@Failure		401	{object}	error	"Unauthorized"
+//	@Failure		500	{object}	error	"Internal server error"
+//	@Security		ApiKeyAuth
+//	@Router			/users/me [delete]
+func (app *application) deleteUserAccountHandler(w http.ResponseWriter, r *http.Request) {
+	user := getUserFromContext(r)
+	if user == nil {
+		http.Error(w, "unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	// Delete profile picture if one exists
+	if user.ProfilePictureURL.Valid {
+		err := app.deletePhotoFromCloudinary(user.ProfilePictureURL.String)
+		if err != nil {
+			app.logger.Error(err, nil) // Log failure, don't block deletion
+		} else {
+			app.logger.Info("Successfully deleted profile picture from Cloudinary", map[string]any{
+				"user_id": user.ID,
+				"url":     user.ProfilePictureURL.String,
+			})
+		}
+	}
+
+	// Delete user from DB
+	err := app.store.Users.Delete(r.Context(), user.ID)
+	if err != nil {
+		app.internalServerError(w, r, err)
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}

docs/docs.go

@@ -1799,6 +1799,37 @@ const docTemplate = `{
                         "schema": {}
                     }
                 }
+            },
+            "delete": {
+                "security": [
+                    {
+                        "ApiKeyAuth": []
+                    }
+                ],
+                "description": "Deletes the logged-in user's account and Cloudinary profile photo",
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "users"
+                ],
+                "summary": "Delete current user account",
+                "responses": {
+                    "204": {
+                        "description": "User deleted",
+                        "schema": {
+                            "type": "string"
+                        }
+                    },
+                    "401": {
+                        "description": "Unauthorized",
+                        "schema": {}
+                    },
+                    "500": {
+                        "description": "Internal server error",
+                        "schema": {}
+                    }
+                }
             }
         },
         "/users/profile-picture": {

docs/swagger.json

@@ -1791,6 +1791,37 @@
                         "schema": {}
                     }
                 }
+            },
+            "delete": {
+                "security": [
+                    {
+                        "ApiKeyAuth": []
+                    }
+                ],
+                "description": "Deletes the logged-in user's account and Cloudinary profile photo",
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "users"
+                ],
+                "summary": "Delete current user account",
+                "responses": {
+                    "204": {
+                        "description": "User deleted",
+                        "schema": {
+                            "type": "string"
+                        }
+                    },
+                    "401": {
+                        "description": "Unauthorized",
+                        "schema": {}
+                    },
+                    "500": {
+                        "description": "Internal server error",
+                        "schema": {}
+                    }
+                }
             }
         },
         "/users/profile-picture": {

docs/swagger.yaml

@@ -2156,6 +2156,26 @@ paths:
       tags:
       - authentication
   /users/me:
+    delete:
+      description: Deletes the logged-in user's account and Cloudinary profile photo
+      produces:
+      - application/json
+      responses:
+        "204":
+          description: User deleted
+          schema:
+            type: string
+        "401":
+          description: Unauthorized
+          schema: {}
+        "500":
+          description: Internal server error
+          schema: {}
+      security:
+      - ApiKeyAuth: []
+      summary: Delete current user account
+      tags:
+      - users
     get:
       consumes:
       - application/json

test.go

@@ -0,0 +1,20 @@
+package main
+
+import (
+	"fmt"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+func main() {
+
+	storedHash := "\x2432612431302436327a5969635470397872534f37473354737567374f596641436c6479573071336c4c474b736f443854536466497a30596b6c696d"
+	plain := "khel"
+
+	err := bcrypt.CompareHashAndPassword([]byte(storedHash), []byte(plain))
+	if err != nil {
+		fmt.Println("FAIL:", err)
+	} else {
+		fmt.Println("SUCCESS")
+	}
+}