KK
/
API
Archived
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added ignored fields

main
Netcup Gituser 2023-12-05 18:55:35 +01:00
parent 50ecea2a6b
commit b5a97350c2
3 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/controllers/adminController.ts
View File

@ -1,6 +1,9 @@
import { Request, Response } from "express"; import { Request, Response } from "express";
import { User } from "../models/user"; import { User } from "../models/user";
import { ADMIN_MAX_USERS_PER_PAGE } from "../utils/utils"; import {
ADMIN_MAX_USERS_PER_PAGE,
MONGODB_IGNORED_FIELDS,
} from "../utils/constants";
export async function GetAllUsers(req: Request, res: Response) { export async function GetAllUsers(req: Request, res: Response) {
try { try {
@ -21,7 +24,7 @@ export async function GetAllUsers(req: Request, res: Response) {
// Query for the current page with limit and skip // Query for the current page with limit and skip
const users = await User.find({}) const users = await User.find({})
.lean() .lean()
.select("-password -_id -__v") // Exclude password and other fields .select(MONGODB_IGNORED_FIELDS) // Exclude password and other fields
.skip(skip) .skip(skip)
.limit(pageSize); .limit(pageSize);

9
src/controllers/userController.ts
View File

@ -2,6 +2,7 @@ import { Request, Response } from "express";
import bcrypt from "bcrypt"; import bcrypt from "bcrypt";
import { User } from "../models/user"; import { User } from "../models/user";
import { saveSession } from "../utils/utils"; import { saveSession } from "../utils/utils";
import { MONGODB_IGNORED_FIELDS } from "../utils/constants";
export async function SignUp(req: Request, res: Response) { export async function SignUp(req: Request, res: Response) {
if (!req.body.accountName || !req.body.username || !req.body.password) { if (!req.body.accountName || !req.body.username || !req.body.password) {
@ -10,7 +11,9 @@ export async function SignUp(req: Request, res: Response) {
const { accountName, username, password } = req.body; const { accountName, username, password } = req.body;
const existingUser = await User.findOne({ accountName }).lean(); const existingUser = await User.findOne({ accountName })
.select("accountName -_id")
.lean();
if (existingUser) { if (existingUser) {
return res.status(400).json({ status: 1 }); return res.status(400).json({ status: 1 });
@ -89,7 +92,9 @@ export async function GetUserProfile(req: Request, res: Response) {
try { try {
const user = await User.findOne({ const user = await User.findOne({
accountName: req.params.accountName, accountName: req.params.accountName,
}).lean(); })
.select(MONGODB_IGNORED_FIELDS)
.lean();
if (!user) { if (!user) {
return res.status(404).json({ status: "err" }); return res.status(404).json({ status: "err" });

2
src/utils/constants.ts
View File

@ -3,3 +3,5 @@ export const DEFAULT_SESSION_EXPIRATION: number = 7 * 24 * 60 * 60 * 1000;
// Maximum number of users to display per page in the admin interface // Maximum number of users to display per page in the admin interface
export const ADMIN_MAX_USERS_PER_PAGE: number = 10; export const ADMIN_MAX_USERS_PER_PAGE: number = 10;
export const MONGODB_IGNORED_FIELDS: string = "-password -_id -__v";