Ticket #164 (new Feature Request)
Allow "deleting" a user
|Reported by:||benoitg||Owned by:|
|Priority:||normal||Milestone:||WifiDog Auth Server 1.1|
|Component:||Auth server, Authentication, permissions and access control||Version:||Auth Server SVN|
Description (last modified by benoitg) (diff)
Actually deleting all traces of a user is seldom desirable, as it would skew all statistics over time (including network usage, growth, etc.) The proper way to do this is to hash the email adress so it cannot be reconstructed, delete the profile and similar information, set the status to deleted and then:
- If a new user sign's up with the same email (hash matches), reactivate the account (in validation) instead of creating a new one.
- Write special case code so that deleted users are ignored where appropriate, and displayed differently in statistics.
This will allow someone to close an account it doesn't want, yet not allow him to abuse this feature to commit abuse.