fix(core): Remove sensitive data from User entity during serialization (no-changelog) (#8773)

2025-12-17 18:12:04 +00:00 · 2024-02-29 14:20:39 +01:00
parent 75e4df138f
commit d1b48ddcac
2 changed files with 25 additions and 0 deletions
--- a/packages/cli/test/unit/databases/entities/user.entity.test.ts
+++ b/packages/cli/test/unit/databases/entities/user.entity.test.ts
@@ -0,0 +1,20 @@
+import { User } from '@db/entities/User';
+
+describe('User Entity', () => {
+	describe('JSON.stringify', () => {
+		it('should not serialize sensitive data', () => {
+			const user = Object.assign(new User(), {
+				email: 'test@example.com',
+				firstName: 'Don',
+				lastName: 'Joe',
+				password: '123456789',
+				apiKey: '123',
+				mfaSecret: '123',
+				mfaRecoveryCodes: ['123'],
+			});
+			expect(JSON.stringify(user)).toEqual(
+				'{"email":"test@example.com","firstName":"Don","lastName":"Joe"}',
+			);
+		});
+	});
+});