From 9bfd25a908647501c84b956fc9c4b3d69721f1a2 Mon Sep 17 00:00:00 2001
From: Valentin CZERYBA <valcze80@gmail.com>
Date: Sat, 14 Oct 2023 17:41:34 +0200
Subject: [PATCH] hide many users info from endpoint me

---
 app/routers/users.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/routers/users.py b/app/routers/users.py
index 8b1b7be..702dbe5 100644
--- a/app/routers/users.py
+++ b/app/routers/users.py
@@ -6,6 +6,8 @@ from bson import ObjectId
 
 router = APIRouter()
 
+
+
 @router.get("/users", tags=["users"], response_model=list[users.UserOut])
 async def read_users(authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin"]))], skip: int = 0, limit: int = 20):
     if limit < 1 or skip < 0 or limit < skip:
@@ -42,7 +44,7 @@ async def read_users_id(authorize: Annotated[bool, Depends(permissions_checker.P
     return listUsers
 
 
-@router.get("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["password"])
+@router.get("/users/me",tags=["users"], response_model=users.User, response_model_exclude=["id", "password", "roles", "disabled"])
 async def read_users_me(current_user: Annotated[users.User, Depends(users_token.get_current_active_user)], authorize: Annotated[bool, Depends(permissions_checker.PermissionChecker(roles=["Admin", "User"]))]):
         return current_user