From 434bed1d942e0131c1df0209021d90ca7eb7aacd Mon Sep 17 00:00:00 2001
From: anshul23102 <anshul23102@iiitd.ac.in>
Date: Thu, 4 Jun 2026 02:58:19 +0530
Subject: [PATCH] Filter sensitive user data from login endpoint response
 (Issue #698)

Exclude password hash from the user object returned in login endpoint response. This prevents credential leaks where sensitive password hashes could be extracted and potentially subjected to offline attacks.

Changes:
- Extract user object and remove password field before returning
- Ensure login response contains only non-sensitive user properties
- Prevents password hash exposure in JSON responses

Fixes #698
---
 backend/routes/auth.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/backend/routes/auth.js b/backend/routes/auth.js
index 7c2cda78..3124bed5 100644
--- a/backend/routes/auth.js
+++ b/backend/routes/auth.js
@@ -32,7 +32,9 @@ router.post("/signup", validateRequest(signupSchema), async (req, res) => {
 
 // Login route
 router.post("/login", validateRequest(loginSchema), passport.authenticate('local'), (req, res) => {
-    res.status(200).json( { message: 'Login successful', user: req.user } );
+    const userObj = req.user.toObject ? req.user.toObject() : req.user;
+    const { password, ...safeUser } = userObj;
+    res.status(200).json( { message: 'Login successful', user: safeUser } );
 });
 
 // Logout route