Retrieving User Collection from API / MongoDB but exclude Password Field?

Multi tool use
Multi tool use


Retrieving User Collection from API / MongoDB but exclude Password Field?



I am constructing an api which retrieves articles. I also have users in my database, and would like to have one endpoint which returns the user. /api/users/:userid. This returns something along these lines:


/api/users/:userid


{
"articles": , //array w. references to articles the user has written
"_id": "5b1321321bcda0e3364251d7e4a",
"email": "user@email.com",
"password": "$2a$1231241gi14k41k42bk12bh3k127iP/k1LAqwPdbgF/bXXpRia",
"__v": 0
}



-- However, I am not sure whether it's a good idea to return the (encrypted) password in the API. Can I somehow exclude this field, or would you recommend to store emails + user_ids in a separate collection on mongodb, or how are things like this usually handled?




2 Answers
2



you can use Project Fields to Return from Query to exclude password field from your response.


Project Fields to Return from Query


db.users.find( { email: "user@email.com" }, { password: 0} )





are you sure this is correct? I just tried it and it gives me email and password only - so it doesn't excludes the password, but everything else it seems?
– R. Kohlisch
Jul 1 at 12:39






I just looked it up: To exclude is 0, not a -1 - so that works! Is this solution recommended as well or are there still security concerns involved?
– R. Kohlisch
Jul 1 at 12:41


0


-1





yes for excluding any field, correct is 0 instead of -1
– Devratna
Jul 1 at 12:42


0


-1





if it helps you then plz vote up
– Devratna
Jul 1 at 12:54




Alright It is not best practice and advisable to return a user's password. What I normally do is use the lodash library for operations like this for example, you can have a utility function that omits the password field before your API returns a response like so


password


lodash



function omitPassword(user) {
return _.omit(user.toObject(), ['password']);
}

basically _.omit is a method from lodash. I hope this helps what you are looking for.


function omitPassword(user) {
return _.omit(user.toObject(), ['password']);
}


_.omit






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

viQ6c vW9L5ALu Qfv42 SDrpvpnsMr fGQGP1MliRzhWI Uhb
-
r0rSEGYVFE

Popular posts from this blog

Rothschild family

Image
"House of Rothschild" redirects here. For the film, see The House of Rothschild. For other uses, see Rothschild (disambiguation). Rothschild Jewish noble banking family Coat of arms granted to the Barons Rothschild in 1822 by Emperor Francis I of Austria Ethnicity Jewish Current region Western Europe (mainly United Kingdom, France, and Germany) [1] Etymology Rothschild (German): "red shield" Place of origin Frankfurter Judengasse, Frankfurt, Holy Roman Empire Founded 1760s (1577  ( 1577 ) ) Founder Mayer Amschel Rothschild (1744–1812) (Elchanan Rothschild, b. 1577) Titles List Freiherr von Rothschild (1822) Baronet, of Tring Park (1847) Baron Rothschild (1885) Traditions Judaism, Goût Rothschild Motto Concordia, Integritas, Industria (English: Harmony, Integrity, Industry ) Estate(s) List British properties Château de Ferrières Palais Rothschild Cadet branches List Austrian branch English branch French branch Neapolitan branch A Rothschild house,...
Read more

Cinema of Italy

Image
Cinema of Italy Some of the notable actors and filmmakers [a] No. of screens 3,217 (2011) [1]  • Per capita 5.9 per 100,000 (2011) [1] Main distributors Medusa Film (16.7%) Warner Bros. (13.8%) 20th Century Fox (13.7%) [2] Produced feature films (2013) [3] Total 167 Number of admissions (2013) [3] Total 97,380,572  • Per capita 1.50 (2012) [4] National films 30,208,422 (31.0%) Gross box office (2013) [3] Total €618 million National films €188 million (30.5%) The Cinema of Italy comprises the films made within Italy or by Italian directors. Since the development of the Italian film industry in the early 1900s, Italian filmmakers and performers have, at times, experienced both domestic and international success, and have influenced film movements throughout the world. As of 2014, Italian films have won 14 Academy Awards for Best Foreign Language Film, the most of any country, as well as 12 Palmes d'Or, the second-most ...
Read more