From 9fdff36b54ec279c99d931c7569b7d133b5ab266 Mon Sep 17 00:00:00 2001
From: Martin McKeaveney <martin@shogunsystems.co.uk>
Date: Thu, 22 Apr 2021 14:53:19 +0100
Subject: [PATCH] only keep userId in payload

---
 packages/auth/src/db/utils.js                  | 2 +-
 packages/auth/src/middleware/passport/local.js | 2 --
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/packages/auth/src/db/utils.js b/packages/auth/src/db/utils.js
index d80d1f0662..393e03e492 100644
--- a/packages/auth/src/db/utils.js
+++ b/packages/auth/src/db/utils.js
@@ -119,7 +119,7 @@ const getConfigParams = ({ type, group, user }, otherProps = {}) => {
 
 /**
  * Returns the most granular configuration document from the DB based on the type, group and userID passed.
- * @param {*} db - db instance to quer
+ * @param {Object} db - db instance to query
  * @param {Object} scopes - the type, group and userID scopes of the configuration.
  * @returns The most granular configuration document based on the scope.
  */
diff --git a/packages/auth/src/middleware/passport/local.js b/packages/auth/src/middleware/passport/local.js
index 1942d0c424..5b8bf307d7 100644
--- a/packages/auth/src/middleware/passport/local.js
+++ b/packages/auth/src/middleware/passport/local.js
@@ -33,8 +33,6 @@ exports.authenticate = async function(email, password, done) {
   if (await compare(password, dbUser.password)) {
     const payload = {
       userId: dbUser._id,
-      builder: dbUser.builder,
-      email: dbUser.email,
     }
 
     dbUser.token = jwt.sign(payload, env.JWT_SECRET, {