The user service exposes listing and fetching users. This PR adds DELETE /users/:id, which soft-deletes the account by setting a deleted_at timestamp instead of removing the row. Review the implementation for correctness across all existing endpoints, access control, and edge cases.