From a0613bfd790b27f313470bddc08371bcbf54968d Mon Sep 17 00:00:00 2001
From: Vidhu Kant Sharma <vidhukant@vidhukant.com>
Date: Sun, 10 Sep 2023 23:06:48 +0530
Subject: actually hashing and comparing passwords (not empty strings)

---
 auth/controller.go | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'auth/controller.go')

diff --git a/auth/controller.go b/auth/controller.go
index 71cdc6a..5b18b64 100644
--- a/auth/controller.go
+++ b/auth/controller.go
@@ -61,6 +61,9 @@ func handleSignUp (ctx *gin.Context) {
 		return
 	}
 
+	// remove password hash from response
+	user.Password = ""
+
 	ctx.JSON(http.StatusOK, gin.H{
 		"message": "success",
 		"data": user,
@@ -114,6 +117,9 @@ func handleSignIn (ctx *gin.Context) {
 		return
 	}
 
+	// remove password hash from response
+	u.Password = ""
+
 	ctx.JSON(http.StatusOK, gin.H{
 		"auth_token": authToken,
 		"refresh_token": refreshToken,
-- 
cgit v1.2.3