From 6299a6d79e7f568585686ce6b37c4b3988f3e198 Mon Sep 17 00:00:00 2001 From: Anthony Debucquoy Date: Sun, 7 Apr 2024 14:46:14 +0200 Subject: [PATCH] Avoid password leakage The password should never be parsed to json ever so can be safely ignored. --- backend/src/main/java/ovh/herisson/Clyde/Tables/User.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java index de958df..2b939ee 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java @@ -3,6 +3,8 @@ package ovh.herisson.Clyde.Tables; import jakarta.persistence.*; import java.util.Date; +import com.fasterxml.jackson.annotation.JsonIgnore; + @Entity @Table(name = "Users") @@ -18,7 +20,8 @@ public class User { private String country; private Date birthDate; private String profilePictureUrl; - private ovh.herisson.Clyde.Tables.Role role; + private Role role; + @JsonIgnore private String password; public User(String lastName, String firstName, String email, String address, String country, Date birthDate, String profilePictureUrl, Role role, String password)