vodorod/parcer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: exclude hashed password when return user

Browse Source
This commit is contained in:
karishmas6
2024-09-24 17:46:35 +05:30
parent 37dab830bf
commit fd3d65e632
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/src/routes/auth.ts
View File

@@ -21,7 +21,7 @@ router.post('/register', async (req, res) => {
const user = await User.create({ email, password });
const token = jwt.sign({ id: user.id }, process.env.JWT_SECRET as string, { expiresIn: '1h' });
// user.password = undefined
user.password = undefined as unknown as string
res.cookie('token', token, {
httpOnly: true
})
@@ -44,7 +44,9 @@ router.post('/login', async (req, res) => {
const token = jwt.sign({ id: user?.id }, process.env.JWT_SECRET as string, { expiresIn: '1h' });
// return user and token to client, exclude hashed password
// user.password = undefined
if (user) {
user.password = undefined as unknown as string;
}
res.cookie('token', token, {
httpOnly: true
})