discovery: sanitize dtos to entities before repository write #136

jd2rogers2 · 2022-01-29T21:20:42Z

This ticket may simply require making sure that the data returned by back end doesn't return sensitive data like passwords, etc.

https://automapperts.netlify.app/docs/introduction/what-why/
needs a bit of research
not sure i see the downside of writing the DTO object (which already has it's shape enforced by the DTO (used at runtime))
but worth a look

if so clean up of all services needed

Acceptance criteria:

Scope limited to account controller
password and/or other sensitive data is not returned in results
controller should return an instance of a dto class. You could approach this by using the automation that class-transformer provides in this example https://salwoch.hashnode.dev/how-to-serialize-responses-in-nestjs . If you go in this route, use the existing returnDtos instead of the entities
Endpoints:
- Register
- Get user
- Profile

The text was updated successfully, but these errors were encountered:

jd2rogers2 mentioned this issue Jan 29, 2022

Create transactions resource #92

Merged

esteban-gs added this to the Clean up before beta milestone Nov 2, 2022

esteban-gs added the Back End label Nov 10, 2022

esteban-gs self-assigned this Sep 10, 2023

esteban-gs linked a pull request Sep 12, 2023 that will close this issue

136/sanitize returned api data #373

Merged

esteban-gs closed this as completed in #373 Sep 16, 2023

esteban-gs reopened this Sep 16, 2023

esteban-gs removed their assignment Sep 16, 2023

Provide feedback