Shared helper to strip encrypted credential values from a project before sending it to the client. Used by both project routes and the recycle-bin routes.
- Source:
Methods
(static) sanitiseEnvCredentialsForClient(decryptedCreds) → {Object|null}
DIF-012: Strip the password from an environment row before sending to the
client. Environments only carry { username, password } (no selectors —
the crawler auto-detects login fields), so the safe shape mirrors
sanitiseProjectForClient minus the selector echo.
The router calls decryptCredentials() on the stored row first; this
helper takes the decrypted result and returns { username, _hasAuth: true }
so the EnvironmentsTab can render the username (for at-a-glance "which
account is this env using") without ever shipping the secret over the
wire. REVIEW.md security checklist explicitly forbids returning plaintext
passwords in API responses.
Parameters:
| Name | Type | Description |
|---|---|---|
decryptedCreds |
Object | null | Result of |
- Source:
Returns:
- Type
- Object | null
(static) sanitiseProjectForClient(project) → {Object}
Strip encrypted credential values from a project before sending to the client. Only returns whether auth is configured, not the actual secrets.
Parameters:
| Name | Type | Description |
|---|---|---|
project |
Object |
- Source:
Returns:
- Type
- Object