Home > database >  How to remove a specific key from JSON response coming from MongoDB in ExpressJS
How to remove a specific key from JSON response coming from MongoDB in ExpressJS

Time:05-21

I'm creating a simple application using MEAN stack. My code is working fine but i want to remove one key from the response. Please look at my ocde.

models/user.js

const mongoose = require('mongoose');

const Schema = mongoose.Schema;
const userSchema = new Schema({
    firstName: String,
    lastName: String,
    email: String,
    //password: String, // <--------- commented out
    userid: String,
    skills: []
})

module.exports = mongoose.model('user', userSchema, 'users');

Notice that I've commented out password key. But I guess that's not enough. As I can still see password in response:

Postman screenshot

(Note: Email Id and encrypted Password in this image are absolutely fake and hence there's no security issue)

enter image description here

api.js

const User = require('../models/user');
...
router.get('/users', function (req, res) {
    console.log('Get request for all users');
    User.find({})
        .exec(function (err, user) {
            if (err) {
                console.log("Error retrieving users");
            } else {
                res.json(user);
            }
        });
});

Now tomorrow When I'll be using real email and password, though I'll encrypt the password but still i don't want to show password key whatsoever. It should not be displayed in the network tab of browser also.

Please give me some directions.

CodePudding user response:

You can use the mongoose select method to exclude certain fields. https://mongoosejs.com/docs/api.html#query_Query-select

User.find({})
        .select('-password')
        .exec(function (err, user) {
            if (err) {
                console.log("Error retrieving users");
            } else {
                res.json(user);
            }
        });

CodePudding user response:

You can try this :

const User = require('../models/user');
...
router.get('/users', function (req, res) {
    console.log('Get request for all users');
    const user = User.find({} , {password:0});

    return res.json({ user: user });
});
  • Related