Merge pull request #412 from tcet-opensource/hotfixsecurity

added securitymd for development

Author: TejasNair9977

SECURITY.md

@@ -0,0 +1,9 @@
+# Security Policy
+
+## Supported Versions
+
+The project is still in its development phase, so plase report issues only if they are in the `main` or the `development` branch!
+
+## Reporting a Vulnerability
+
+Please report (suspected) security vulnerabilities to **[me](mailto:[email protected])**. You will probably receive a response from me within 48 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity but historically within a few days.

controller/auth.js

@@ -6,15 +6,13 @@ async function login(req, res) {
   const { id, password } = req.body;
   try {
     const userValidated = await authenticateUser(id, password);
-    console.log(userValidated);
     const userDetails = {
       uid: userValidated.uid,
       name: userValidated.name,
       emailId: userValidated.emailId,
       type: userValidated.userType,
     };
     const token = util.generateToken(userDetails, req.ip);
-    console.log("generated");
     userDetails.token = token;
     res.json({ res: "welcome", user: userDetails });
   } catch (error) {

services/user.js

@@ -40,7 +40,6 @@ export async function createUser(name, password, emailId, uid, userType) {
     uid,
     userType,
   });
-  console.log(newUser);
   if (newUser.uid === uid) {
     return newUser;
   }