From a0613bfd790b27f313470bddc08371bcbf54968d Mon Sep 17 00:00:00 2001
From: Vidhu Kant Sharma <vidhukant@vidhukant.com>
Date: Sun, 10 Sep 2023 23:06:48 +0530
Subject: actually hashing and comparing passwords (not empty strings)

---
 auth/controller.go | 6 ++++++
 main.go            | 2 +-
 user/user.go       | 2 +-
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/auth/controller.go b/auth/controller.go
index 71cdc6a..5b18b64 100644
--- a/auth/controller.go
+++ b/auth/controller.go
@@ -61,6 +61,9 @@ func handleSignUp (ctx *gin.Context) {
 		return
 	}
 
+	// remove password hash from response
+	user.Password = ""
+
 	ctx.JSON(http.StatusOK, gin.H{
 		"message": "success",
 		"data": user,
@@ -114,6 +117,9 @@ func handleSignIn (ctx *gin.Context) {
 		return
 	}
 
+	// remove password hash from response
+	u.Password = ""
+
 	ctx.JSON(http.StatusOK, gin.H{
 		"auth_token": authToken,
 		"refresh_token": refreshToken,
diff --git a/main.go b/main.go
index fb93766..18b2d44 100644
--- a/main.go
+++ b/main.go
@@ -37,7 +37,7 @@ import (
 	"log"
 )
 
-const OPENBILLS_VERSION = "v0.0.8"
+const OPENBILLS_VERSION = "v0.0.9"
 
 func init() {
 	if viper.GetBool("production_mode") {
diff --git a/user/user.go b/user/user.go
index 132acb6..ee36e95 100644
--- a/user/user.go
+++ b/user/user.go
@@ -40,7 +40,7 @@ type User struct {
 	gorm.Model
 	Username   string
 	Email      string
-  Password   string `json:"-"`
+	Password   string
 	IsVerified bool
 }
 
-- 
cgit v1.2.3