'while performing search operation in node.js, it returns all properties of a search object. How should one avoid it from returning all properties?
const lodash = require('lodash');
const {User, validate} = require('../models/user');
const mongoose = require('mongoose');
const express = require('express');
// const auth = require('./auth');
const router = express.Router();
router.get('/:name', (req, res) => {
const regex = new RegExp(req.params.name, 'i');
User.find({name:regex}).then((result) => {
//res.send(lodash.pick(result, ['_id', 'name', 'number']));
res.json(result);
})
});
It returns all properties of a search object including sensitive information too. How should one avoid that ?
Solution 1:[1]
Default JS operator delete could be a good helper for you.
It can be used to specify the fields you need to remove before sending the result.
Here is an example of deleting _id field from result object:
let result = {name:'James',number:'12334',_id:3};
delete result._id;
// now object will looks like this
// {name:'James',number:'12334'}
res.json(result);
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 |