When for example using GET all users, Postman returns the entire User, passwords included. Same goes for creating a gameAd with user reference, it returns all user info in the response. Fix needed to prevent access to sensitive information. DTO might be needed here?
When for example using GET all users, Postman returns the entire User, passwords included. Same goes for creating a gameAd with user reference, it returns all user info in the response. Fix needed to prevent access to sensitive information. DTO might be needed here?