This is my answer to a Question on Support site for LampCMS project
Completely deleting user in production is a really bad idea.
First of all if you delete a user from the database the questions and answers from that user will still be in the database, the name of user and possibly an avatar will still be shown next to user's posts but link to profile will point to deleted account.
Link to a deleted account is not really a problem.
The problem is that you don't want someone else to later register with the same username that used to belong to deleted user.
This will just create confusion. Imagine you had a user that was so annoying that you deleted his or her account. First of all you don't want the same user to be able to just re-register with the same account.
Second you don't want someone else to just register with the account that used to belong to some really bad user.
Having said that, I agree that sometimes there could be a case when a user really wants his or her information to be completely removed from your database. I have not yet designed a way to completely delete a user in such a way that noone can re-register with the same email address or same username.
I think there should be a feature like this where user can be completely deleted but the hash of the email address will remain in the database. This way the user is deleted but same email address cannot be used again to just re-register. We can also store the timestamp where the email address was deleted. We will also need to keep the username in the database so than noone else can register with the same username.
I think this can be a good feature.
Right now if you want to completely delete user the best way is to manually delete from Mongo database using either mongo shell or some tool like robomongo or mongoVUE.
No comments:
Post a Comment