Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Give users the ability to deactivate their account and destroy personal info #255
_1 Upvote_ Before Flarum reached beta, we had implemented a feature that allowed users to delete their account, purging it completely from the database. However, we quickly realised this was problematic for various reasons.
Instead we want to offer users the ability to permanently deactivate their account: make it so it can't be logged into, and remove their email and other personal info from the database.
What needs to be done:
Just 2 cents on the deletion process:
The company I work for is hosting and managing more than 50 forums. We often deal with the problem that users want their deletion undone the next day or so. We created our own deletion process that puts the accounts on inactive (this hides any personal information) for around 30 days and sends the users a mail with a re-activation link. If no action occurs, the account is completely deleted after the 30-day period.
This takes a lot of work from the community managers shoulders, as they no longer have to respond to that many re-activation and deletion requests.
Disabling the account should:
It might also be good to add a flag that extension developers can use to identify a bit of information that should be nullified when the account is disabled. That would come in handy for an extension that adds custom fields to the profile page, for example (not to mention the bio, once it becomes an extension).