[FEATURE REQUEST] Enable User deletion

[Mikearaya]

General overview

Two ways this can be implemented

• soft-delete
• hard-delete

1. soft-delete:- have some type of flag such as 'DEACTIVATED' or use the existing deleted field. in this case, the user data still exists in the system but should not be visible unless reactivated again.
2. hard-deletion: permanently deletes the user and removes all the footprints a user might have such as bookmarks, orders, subscriptions,s, etc...

[Mikearaya]

When guaranteeing a user's right to be forgotten how should we also guarantee a shop will get accurate stats in regard to sales and revenue?
After looking for a solution I came to the conclusion that the only way we can ensure order and sales records are accurate is to use data anonymization or data masking instead of removing the record from DB completely.

so when on hard deletion case we remove all metadata of the user and obfuscate the remaining data which is irreversible and run some kind of middleware before each request to determine if the user is not either deactivated or deleted.

@pozylon you want to add anything to this?