hide many users info from endpoint me

2023-10-14 17:41:34 +02:00 · 2023-10-14 17:41:34 +02:00 · 9bfd25a908
commit 9bfd25a908
parent f2e7ca1e93
1 changed files with 3 additions and 1 deletions
--- a/app/routers/users.py
+++ b/app/routers/users.py
@ -6,6 +6,8 @@ from bson import ObjectId

 router = APIRouter()

+
+
@router.get("/users", tags=["users"], response_model=list[users.UserOut])
 async def read_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], skip: int = 0, limit: int = 20):
    if limit < 1 or skip < 0 or limit < skip:
@ -42,7 +44,7 @@ async def read_users_id(authorize: Annotated[bool, Depends(permissions_checker.P
    return listUsers


-@router.get("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["password"])
+@router.get("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["id", "password", "roles", "disabled"])
 async def read_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))]):
        return current_user