What would be the recommended flow with supertokens to allow user-triggered account deletion for thirdparty login? For emailpassword, it is good practice to require a password entry even for logged-in users to prevent unauthorized people from deleting the account when accessing the device. Is there a similar mechanism for the social login?