grav-plugin-api icon indicating copy to clipboard operation
grav-plugin-api copied to clipboard

Published 20 hours ago verified publisher icon Regaez

feat: consider "public" and "private" user fields

Open Regaez opened this issue 7 years ago • 0 comments

Perhaps the UserResource object should not expose fields such as access or state... unless the request is authenticated for that user, or an admin?

We currently always filter out hashed_password so that it is not exposed publicly.

Regaez avatar Nov 08 '17 11:11 Regaez