Skip to content

feat(auth): add GDPR-ready PII export and account deletion workflows#347

Open
yuliuyi717-ux wants to merge 1 commit intorohitdash08:mainfrom
yuliuyi717-ux:codex/issue-76-0309-2224
Open

feat(auth): add GDPR-ready PII export and account deletion workflows#347
yuliuyi717-ux wants to merge 1 commit intorohitdash08:mainfrom
yuliuyi717-ux:codex/issue-76-0309-2224

Conversation

@yuliuyi717-ux
Copy link

@yuliuyi717-ux yuliuyi717-ux commented Mar 9, 2026

Summary
Implements Issue #76 by adding authenticated self-service data export and irreversible account deletion flows, with audit logging and backend test coverage.

What changed

  • Added GET /auth/export-data and GET /auth/export for authenticated PII export.
  • Export payload now includes profile, categories, expenses, recurring expenses, bills, reminders, subscriptions, ad impressions, and audit logs.
  • Added DELETE /auth/delete-account and DELETE /auth/delete for irreversible account deletion.
  • Added explicit delete confirmation checks via confirm=true, confirmed=true, confirmation="DELETE", or query confirm.
  • Added audit actions USER_DATA_EXPORTED and USER_ACCOUNT_DELETED.
  • Added helper serializers for dates/enums and model-to-dict mapping for export response consistency.
  • Added refresh-session revocation on deletion by removing matching refresh-token keys from Redis.
  • Deletion flow now removes user-owned records, anonymizes existing audit rows (user_id -> NULL), and deletes the user account.
  • Updated backend auth tests in packages/backend/tests/test_auth.py and added implementation report in AUTODEV_REPORT.md.

Validation done

  • cd packages/backend && REDIS_URL=redis://localhost:6379/15 PYTHONPATH=. ../../.venv/bin/pytest tests/test_auth.py -q (5 passed)
  • cd packages/backend && REDIS_URL=redis://localhost:6379/15 PYTHONPATH=. ../../.venv/bin/pytest tests -q (24 passed)
  • ./.venv/bin/flake8 packages/backend/app/routes/auth.py packages/backend/tests/test_auth.py (passed)

Risks/notes

  • Test/runtime execution depends on Redis availability.
  • Existing access JWTs issued before deletion are not centrally revoked; refresh sessions are revoked.
  • Export currently returns JSON directly; large-user exports may later need async generation/streaming.

@yuliuyi717-ux
Copy link
Author

yuliuyi717-ux commented Mar 10, 2026

Hi maintainers, just a friendly follow-up on this PR for GDPR-ready PII export and account deletion. When you have time, could you please take a look and share any feedback? Happy to make changes quickly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rohitdash08 rohitdash08 Awaiting requested review from rohitdash08 rohitdash08 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yuliuyi717-ux