chore: use toPublicUser on other user endpoints

andypols · andypols · commit aff837ab3c93 · 2025-07-09T19:46:43.000+01:00
diff --git a/src/service/routes/auth.js b/src/service/routes/auth.js
@@ -6,6 +6,7 @@ const passportLocal = require('../passport/local');
 const passportAD = require('../passport/activeDirectory');
 const authStrategies = require('../passport').authStrategies;
 const db = require('../../db');
+const { toPublicUser } = require('./publicApi');
 const { GIT_PROXY_UI_HOST: uiHost = 'http://localhost', GIT_PROXY_UI_PORT: uiPort = 3000 } =
   process.env;
 
@@ -70,7 +71,7 @@ router.post(
       );
       res.send({
         message: 'success',
-        user: currentUser,
+        user: toPublicUser(currentUser),
       });
     } catch (e) {
       console.log(`service.routes.auth.login: Error logging user in ${JSON.stringify(e)}`);
@@ -114,8 +115,7 @@ router.post('/logout', (req, res, next) => {
 router.get('/profile', async (req, res) => {
   if (req.user) {
     const userVal = await db.findUser(req.user.username);
-    delete userVal.password;
-    res.send(userVal);
+    res.send(toPublicUser(userVal));
   } else {
     res.status(401).end();
   }
@@ -156,12 +156,8 @@ router.post('/gitAccount', async (req, res) => {
 
 router.get('/me', async (req, res) => {
   if (req.user) {
-    const user = JSON.parse(JSON.stringify(req.user));
-    if (user && user.password) delete user.password;
-    const login = user.username;
-    const userVal = await db.findUser(login);
-    if (userVal && userVal.password) delete userVal.password;
-    res.send(userVal);
+    const userVal = await db.findUser(req.user.username);
+    res.send(toPublicUser(userVal));
   } else {
     res.status(401).end();
   }
diff --git a/src/service/routes/publicApi.js b/src/service/routes/publicApi.js
@@ -0,0 +1,10 @@
+export const toPublicUser = (user) => {
+  return {
+    username: user.username || '',
+    displayName: user.displayName || '',
+    email: user.email || '',
+    title: user.title || '',
+    gitAccount: user.gitAccount || '',
+    admin: user.admin || false,
+  }
+}
diff --git a/src/service/routes/users.js b/src/service/routes/users.js
@@ -1,17 +1,7 @@
 const express = require('express');
 const router = new express.Router();
 const db = require('../../db');
-
-const toPublicUser = (user) => {
-  return {
-    username: user.username || '',
-    displayName: user.displayName || '',
-    email: user.email || '',
-    title: user.title || '',
-    gitAccount: user.gitAccount || '',
-    admin: user.admin || false,
-  }
-}
+const { toPublicUser } = require('./publicApi');
 
 router.get('/', async (req, res) => {
   const query = {};
@@ -35,8 +25,7 @@ router.get('/', async (req, res) => {
 router.get('/:id', async (req, res) => {
   const username = req.params.id.toLowerCase();
   console.log(`Retrieving details for user: ${username}`);
-  const data = await db.findUser(username);
-  const user = JSON.parse(JSON.stringify(data));
+  const user = await db.findUser(username);
   res.send(toPublicUser(user));
 });
 
