From f19236b3f77b1e78eacdbde1e8e63cf51f18e2b4 Mon Sep 17 00:00:00 2001 From: Anthony Debucquoy Date: Sun, 7 Apr 2024 14:46:14 +0200 Subject: [PATCH] Avoid password leakage The password should never be parsed to json ever so can be safely ignored. --- backend/src/main/java/ovh/herisson/Clyde/Tables/User.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java index 2badd32..0aa43a9 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java @@ -7,6 +7,8 @@ import ovh.herisson.Clyde.Tables.Msg.Message; import java.util.Date; import java.util.List; +import com.fasterxml.jackson.annotation.JsonIgnore; + @Entity @Table(name = "Users") @@ -22,7 +24,8 @@ public class User { private String country; private Date birthDate; private String profilePictureUrl; - private ovh.herisson.Clyde.Tables.Role role; + private Role role; + @JsonIgnore private String password; ////// Extension Messagerie /////