diff --git a/server/controllers/session.controller.js b/server/controllers/session.controller.js index 4b4e3025..c096bb85 100644 --- a/server/controllers/session.controller.js +++ b/server/controllers/session.controller.js @@ -13,7 +13,7 @@ export function createSession(req, res, next) { email: req.user.email, username: req.user.username, preferences: req.user.preferences, - apiKeys: req.user.apiKeys, + apiKeys: req.user.publicApiKeys, verified: req.user.verified, id: req.user._id }); @@ -27,7 +27,7 @@ export function getSession(req, res) { email: req.user.email, username: req.user.username, preferences: req.user.preferences, - apiKeys: req.user.apiKeys, + apiKeys: req.user.publicApiKeys, verified: req.user.verified, id: req.user._id }); diff --git a/server/models/user.js b/server/models/user.js index 7e3dab45..ef0ded8f 100644 --- a/server/models/user.js +++ b/server/models/user.js @@ -16,6 +16,10 @@ const apiKeySchema = new Schema({ hashedKey: { type: String, required: true }, }, { timestamps: true, _id: true }); +apiKeySchema.virtual('publicFields').get(function publicFields() { + return { id: this.id, label: this.label, lastUsedAt: this.lastUsedAt }; +}); + apiKeySchema.virtual('id').get(function getApiKeyId() { return this._id.toHexString(); }); @@ -95,6 +99,11 @@ userSchema.virtual('id').get(function idToString() { return this._id.toHexString(); }); +userSchema.virtual('publicApiKeys').get(function publicApiKeys() { + return this.apiKeys.map(apiKey => apiKey.publicFields); +}); + + userSchema.set('toJSON', { virtuals: true });