IT4Change/Ocelot-Social
3
0
Fork 0
mirror of https://github.com/IT4Change/Ocelot-Social.git synced 2025-12-13 07:45:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't expose private RSA key

Browse Source 
cc @Tirokk
This commit is contained in:
Robert Schäfer 2019-04-04 18:02:48 +02:00
parent 262655a1d8
commit 8627d57906
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
backend/src/middleware/passwordMiddleware.js
View File

@ -11,10 +11,15 @@ export default {
}
},
Query: async (resolve, root, args, context, info) => {
const result = await resolve(root, args, context, info)
return walkRecursive(result, ['password'], () => {
let result = await resolve(root, args, context, info)
result = walkRecursive(result, ['password'], () => {
// replace password with asterisk
return '*****'
})
result = walkRecursive(result, ['privateKey'], () => {
// replace password with asterisk
return '*****'
})
return result
}
}

3
backend/src/middleware/permissionsMiddleware.js
View File

@ -73,7 +73,8 @@ const permissions = shield({
},
User: {
email: isMyOwn,
password: isMyOwn
password: isMyOwn,
privateKey: isMyOwn
}
})