feat: 添加账号删除功能

backend/src/services/base/supabase.py

@@ -271,6 +271,76 @@ class SupabaseService(BaseServiceProvider):
                 return signed_url
         raise RuntimeError("Invalid signed url payload")
 
+    async def delete_prefix(self, *, bucket: str, prefix: str) -> int:
+        normalized_prefix = prefix.strip("/")
+
+        def _delete_prefix() -> int:
+            bucket_client = self._ensure_bucket_client(bucket)
+            list_objects = getattr(bucket_client, "list", None)
+            remove_objects = getattr(bucket_client, "remove", None)
+            if not callable(list_objects) or not callable(remove_objects):
+                raise RuntimeError("Supabase storage delete APIs are unavailable")
+
+            offset = 0
+            limit = 100
+            total_deleted = 0
+
+            while True:
+                options = {
+                    "limit": limit,
+                    "offset": offset,
+                    "sortBy": {"column": "name", "order": "asc"},
+                }
+                try:
+                    raw_entries = list_objects(normalized_prefix, options)
+                except TypeError:
+                    raw_entries = list_objects(normalized_prefix)
+
+                entries = raw_entries if isinstance(raw_entries, list) else []
+                if not entries:
+                    break
+
+                paths: list[str] = []
+                for entry in entries:
+                    name: str | None = None
+                    if isinstance(entry, dict):
+                        raw_name = entry.get("name")
+                        if isinstance(raw_name, str) and raw_name:
+                            name = raw_name
+                    else:
+                        raw_name = getattr(entry, "name", None)
+                        if isinstance(raw_name, str) and raw_name:
+                            name = raw_name
+                    if name is None:
+                        continue
+                    if normalized_prefix:
+                        paths.append(f"{normalized_prefix}/{name}")
+                    else:
+                        paths.append(name)
+
+                if paths:
+                    remove_objects(paths)
+                    total_deleted += len(paths)
+
+                if len(entries) < limit:
+                    break
+                offset += limit
+
+            return total_deleted
+
+        return await asyncio.to_thread(_delete_prefix)
+
+    async def delete_auth_user(self, *, user_id: str) -> None:
+        def _delete_auth_user() -> None:
+            admin_client = self.get_admin_client()
+            auth_admin = getattr(getattr(admin_client, "auth", None), "admin", None)
+            delete_user = getattr(auth_admin, "delete_user", None)
+            if not callable(delete_user):
+                raise RuntimeError("Supabase admin delete_user API is unavailable")
+            delete_user(user_id)
+
+        await asyncio.to_thread(_delete_auth_user)
+
     def parse_signed_url(self, url: str) -> tuple[str, str]:
         from urllib.parse import urlparse
 

backend/src/v1/users/router.py

@@ -1,6 +1,6 @@
 from __future__ import annotations
 
-from fastapi import APIRouter, Depends, File, UploadFile
+from fastapi import APIRouter, Depends, File, Response, UploadFile
 
 from v1.users.dependencies import get_user_service
 from v1.users.schemas import (
@@ -54,3 +54,11 @@ async def upload_avatar(
     service: UserService = Depends(get_user_service),
 ) -> ProfileResponse:
     return await service.upload_avatar(file)
+
+
+@router.delete("/me", status_code=204)
+async def delete_my_account(
+    service: UserService = Depends(get_user_service),
+) -> Response:
+    await service.delete_account()
+    return Response(status_code=204)

backend/src/v1/users/service.py

@@ -290,6 +290,46 @@ class UserService:
         await self.repository.save()
         return await self.get_profile()
 
+    async def delete_account(self) -> None:
+        user_id = str(self.current_user.id)
+        avatar_bucket = config.storage.avatar.bucket
+        avatar_prefix = f"{self.current_user.id}/"
+
+        try:
+            await self.attachment_storage.delete_prefix(
+                bucket=avatar_bucket,
+                prefix=avatar_prefix,
+            )
+        except Exception as exc:
+            logger.exception(
+                "Account deletion failed while cleaning avatar objects",
+                user_id=user_id,
+                bucket=avatar_bucket,
+                prefix=avatar_prefix,
+            )
+            raise ApiProblemError(
+                status_code=502,
+                detail=problem_payload(
+                    code="PROFILE_DELETE_FAILED",
+                    detail="Failed to delete account data",
+                ),
+            ) from exc
+
+        try:
+            await self.attachment_storage.delete_auth_user(user_id=user_id)
+        except Exception as exc:
+            logger.exception(
+                "Account deletion failed while deleting auth user",
+                user_id=user_id,
+            )
+            raise ApiProblemError(
+                status_code=502,
+                detail=problem_payload(
+                    code="PROFILE_DELETE_FAILED",
+                    detail="Failed to delete account data",
+                ),
+            ) from exc
+
     async def _resolve_avatar_url(self, avatar_path: str | None) -> str | None:
         if avatar_path is None:
             return None