Add DELETE /api/me/account: permanently erases the signed-in account and all its personal data — OAuth tokens, subscriptions, tags, video states, playlists, notifications all cascade on the users row (FK ON DELETE CASCADE); quota-audit events are kept but anonymised (SET NULL); the email's invite/whitelist row is removed too. Guards: the shared demo account can't be deleted, and the last remaining admin can't delete itself. Frontend: a Danger zone in Settings -> Account (non-demo) with a danger-confirm; on success the session clears and the app lands on the welcome page. EN/HU/DE. Verified via curl: self-delete + session clear + demo 403. |
||
|---|---|---|
| .. | ||
| public/welcome | ||
| src | ||
| index.html | ||
| package-lock.json | ||
| package.json | ||
| postcss.config.js | ||
| tailwind.config.js | ||
| tsconfig.json | ||
| vite.config.ts | ||