flip_api.user_services.delete_user
==================================

.. py:module:: flip_api.user_services.delete_user


Attributes
----------

.. autoapisummary::

   flip_api.user_services.delete_user.router


Functions
---------

.. autoapisummary::

   flip_api.user_services.delete_user.delete_user


Module Contents
---------------

.. py:data:: router

.. py:function:: delete_user(user_id: uuid.UUID, request: fastapi.Request, db: sqlmodel.Session = Depends(get_session), token_id: uuid.UUID = Depends(verify_token)) -> dict[str, Any]

   Delete a user from Cognito and revoke their role grants.

   DB cleanup (delete role grants + write audit row) commits before the
   Cognito delete so a Cognito failure leaves a Cognito user with no
   app-side authority — preferable to dangling role grants on a deleted
   user. Idempotent: if the Cognito user is already gone, the DB-side
   cleanup still runs so any ghost role grants are reaped.

   :param user_id: Cognito ``sub`` of the user to delete. FastAPI
                   validates the path segment, returning 422 on malformed input.
   :type user_id: UUID
   :param request: The FastAPI request object.
   :type request: Request
   :param db: The database session.
   :type db: Session
   :param token_id: ID of the authenticated user performing the delete.
   :type token_id: UUID

   :returns: Empty dictionary on success.
   :rtype: dict[str, Any]

   :raises HTTPException: If the caller lacks permission or an unexpected error
       (other than a Cognito 404) occurs.