DEV Community

Akshat Singhania
Akshat Singhania

Posted on

How to exclude password from mongoose mongodb

#mongodb #mongoose #node #auth

While logging or registering the user , we generally return the user data , password or hashed password is also returned along with the data , we do not want to send the hashed password to frontend so how do we exclude.

exclude password from returned object

Register

After creating user

const createdUser = await User.create({
  email: email,
  password: await argon2.hash(password),
});
if (createdUser) {
  const { password, ...responseUser } = createdUser._doc;
  return { user: responseUser };
}
Enter fullscreen mode Exit fullscreen mode

the ._doc contains the data like email , username , password which we specify in the schema

Login 

let user = await User.findOne({ email: email });
if (user) {
  if (await argon2.verify(user.password, password)) {
    const { password, ...responseUser } = user._doc;
    return { user: responseUser };
  } else {
    return {
      error: [{ field: "password", message: "wrong password" }],
    };
  }
}
Enter fullscreen mode Exit fullscreen mode

We do the same thing but after finding the user

Thanks for reading, hearts ❤️ if you liked it and unicorns 🦄 if you loved it, follow if you wanna read more awesome blogs

Top comments (1)

Collapse
 
agboola_iyanu profile image
Qliqsee

This was helpful

Read next

nesterow profile image

A take on Go Style Error Handling in JavaScript

Anton Nesterov -

florianrappl profile image

🎃 50 Articles to Avoid Web Dev Nightmares

Florian Rappl -

usman_awan profile image

Exploring REST and GraphQL APIs: Advantages, Challenges, and Use Cases

USMAN AWAN -

probir-sarkar profile image

Hono.js Benchmark: Node.js vs. Deno 2.0 vs. Bun — Which Is the Fastest?

Probir Sarkar -