search

bradtraversy / proshop-v2

ProShop ecommerce website built with MERN & Redux Toolkit
532 stars 267 forks source link

Remove User's Hashed passwords access from /users endpoint. #34

Open Shubhofficial1 opened 6 months ago

Shubhofficial1 commented 6 months ago

https://github.com/bradtraversy/proshop-v2/blob/2e3eb75f94caa23108663b19eac7945020409410/backend/controllers/userController.js#L124C26-L124C26

Even for admin , access should be restricted.

Issue line : 124 : const users = await User.find({});

Fix : const users = await User.find({}).select("-password");

Govind-Upadhyay-12 commented 5 months ago

solved check my pullr request