Remove sensitive fields from sanitize user in the admin

2025-12-27 15:13:21 +00:00 · 2022-05-10 07:00:19 +02:00 · 2022-05-10 07:00:19 +02:00 · 620418c9a6
commit 620418c9a6
parent b11623d365
1 changed files with 1 additions and 1 deletions
--- a/packages/core/admin/server/services/user.js
+++ b/packages/core/admin/server/services/user.js
@ -17,7 +17,7 @@ const sanitizeUserRoles = role => _.pick(role, ['id', 'name', 'description', 'co
 */
 const sanitizeUser = user => {
  return {
-    ..._.omit(user, ['password', 'resetPasswordToken', 'roles']),
+    ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),
    roles: user.roles && user.roles.map(sanitizeUserRoles),
  };
 };