Skip to content
Permalink
Browse files Browse the repository at this point in the history
do not publish password bcrypt token
  • Loading branch information
SachaG committed Mar 25, 2015
1 parent ed0e7ef commit 827a15d
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
5 changes: 5 additions & 0 deletions lib/publications.js
Expand Up @@ -25,6 +25,11 @@ privacyOptions = { // true means exposed
'votes.upvotedPosts': true
};

// options for your own user account (for security reasons, block certain properties)
ownUserOptions = {
'services.password.bcrypt': false
}

// minimum required properties to display avatars
avatarOptions = {
_id: true,
Expand Down
2 changes: 1 addition & 1 deletion server/publications/users.js
@@ -1,7 +1,7 @@
// Publish the current user

Meteor.publish('currentUser', function() {
var user = Meteor.users.find({_id: this.userId});
var user = Meteor.users.find({_id: this.userId}, {fields: ownUserOptions});
return user;
});

Expand Down

0 comments on commit 827a15d

Please sign in to comment.