Skip to content
Snippets Groups Projects
Commit 2174a619 authored by Embruch, Gerd's avatar Embruch, Gerd
Browse files

fixed hideConfidentialFields

parent 4b80f4b8
Branches
No related tags found
No related merge requests found
...@@ -78,6 +78,9 @@ export const login = async (req, res, next) => { ...@@ -78,6 +78,9 @@ export const login = async (req, res, next) => {
// remember document but remove confidential info // remember document but remove confidential info
const user = hideConfidentialFields(User, foundUser); const user = hideConfidentialFields(User, foundUser);
console.log("🚀 ~ login ~ user:", user);
// create jsonwebtoken // create jsonwebtoken
performance.mark('createAccessToken:start'); performance.mark('createAccessToken:start');
const accessToken = createAccessToken({ id: user._id, role: user.role }); const accessToken = createAccessToken({ id: user._id, role: user.role });
...@@ -135,7 +138,6 @@ export const renewAccessToken = async (req, res, next) => { ...@@ -135,7 +138,6 @@ export const renewAccessToken = async (req, res, next) => {
export const logout = async (req, res, next) => { export const logout = async (req, res, next) => {
try { try {
// delete // delete
console.log("🚀 ~ logout ~ req.cookies.refreshToken:", req.cookies.refreshToken);
if (req.cookies.refreshToken) await deleteRefreshToken(req.cookies.refreshToken); if (req.cookies.refreshToken) await deleteRefreshToken(req.cookies.refreshToken);
// return msg // return msg
return res.status(200).json({ message: 'See you soon.' }); return res.status(200).json({ message: 'See you soon.' });
......
...@@ -51,8 +51,8 @@ router.patch('/:id', verifyAccessToken, validate(updateUserSchema), prefetchUser ...@@ -51,8 +51,8 @@ router.patch('/:id', verifyAccessToken, validate(updateUserSchema), prefetchUser
* DELETE ONE * DELETE ONE
* @header {authorization} Bearer [required] access token * @header {authorization} Bearer [required] access token
* *
* @prop {string} id [required] id of the user to fetch * @prop {string} id [required] id of the user to delete
*/ */
router.delete('/:id', verifyAccessToken, prefetchUser, deleteUser); router.delete('/:id', verifyAccessToken, deleteUser);
export default router; export default router;
\ No newline at end of file
...@@ -25,17 +25,20 @@ export const getConfidentialFields = (model) => { ...@@ -25,17 +25,20 @@ export const getConfidentialFields = (model) => {
* *
* @return {object} cleansed object * @return {object} cleansed object
*/ */
export const hideConfidentialFields = (model, object) => { export const hideConfidentialFields = (model, record) => {
performance.mark('hideConfidentialFields:start'); performance.mark('hideConfidentialFields:start');
// turn mongoose record into js object
const object = record.toObject();
// get confidential fields from model
const confidentialFields = getConfidentialFields(model); const confidentialFields = getConfidentialFields(model);
// delete from object // delete confidential fields from object
confidentialFields.forEach(field => { confidentialFields.forEach(field => delete object[field]);
delete object[field];
});
performance.mark('hideConfidentialFields:end'); performance.mark('hideConfidentialFields:end');
return object; return object;
}; };
/** /**
* get array of all field names from a given model * get array of all field names from a given model
* *
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment