From dac1e10b5d6f7a0d6601c09fe45febe04074c4f9 Mon Sep 17 00:00:00 2001
From: yiekheng <yiekheng@04080616.xyz>
Date: Sat, 2 May 2026 21:15:21 +0800
Subject: [PATCH] feat(api): add /delete-acc-data and /delete-user-data routes

---
 app/cm_api.py | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)

diff --git a/app/cm_api.py b/app/cm_api.py
index 565cd1f..a521316 100644
--- a/app/cm_api.py
+++ b/app/cm_api.py
@@ -55,6 +55,10 @@ class CM_API:
         # Update routes
         self.app.route('/update-acc-data', methods=['POST'])(self.update_acc_data)
         self.app.route('/update-user-data', methods=['POST'])(self.update_user_data)
+
+        # Delete routes
+        self.app.route('/delete-acc-data', methods=['POST'])(self.delete_acc_data)
+        self.app.route('/delete-user-data', methods=['POST'])(self.delete_user_data)
     
     def _check_database_available(self):
         db = self._get_database_connection()
@@ -168,6 +172,58 @@ class CM_API:
         finally:
             self._close_database_connection(db)
     
+    def delete_acc_data(self):
+        is_available, db, error_response = self._check_database_available()
+        if not is_available:
+            return error_response
+
+        try:
+            data = request.get_json() or {}
+            username = data.get('username')
+
+            if not username:
+                return jsonify({"error": "Username is required"}), 400
+
+            result = db.execute(
+                "DELETE FROM acc WHERE username = %s",
+                [username]
+            )
+
+            if result:
+                return jsonify({"deleted": username})
+            return jsonify({"error": "Failed to delete account"}), 500
+
+        except Exception as error:
+            return self._handle_error(error, "Error deleting account"), 500
+        finally:
+            self._close_database_connection(db)
+
+    def delete_user_data(self):
+        is_available, db, error_response = self._check_database_available()
+        if not is_available:
+            return error_response
+
+        try:
+            data = request.get_json() or {}
+            f_username = data.get('f_username')
+
+            if not f_username:
+                return jsonify({"error": "f_username is required"}), 400
+
+            result = db.execute(
+                "DELETE FROM user WHERE f_username = %s",
+                [f_username]
+            )
+
+            if result:
+                return jsonify({"deleted": f_username})
+            return jsonify({"error": "Failed to delete user"}), 500
+
+        except Exception as error:
+            return self._handle_error(error, "Error deleting user"), 500
+        finally:
+            self._close_database_connection(db)
+
     def run(self, port=3000, debug=None):
         if debug is None:
             debug = _debug_enabled()