return db settings only to client, sanitize keys

ajhollid · ajhollid · commit 7a855ef47adf · 2025-05-08T13:24:24.000-07:00
diff --git a/server/controllers/settingsController.js b/server/controllers/settingsController.js
@@ -11,16 +11,15 @@ class SettingsController {
 	}
 
 	getAppSettings = async (req, res, next) => {
-		try {
-			const settings = { ...(await this.settingsService.getSettings()) };
-			delete settings.jwtSecret;
-			return res.success({
-				msg: this.stringService.getAppSettings,
-				data: settings,
-			});
-		} catch (error) {
-			next(handleError(error, SERVICE_NAME, "getAppSettings"));
+		const dbSettings = await this.settingsService.getDBSettings();
+		const sanitizedSettings = { ...dbSettings };
+		if (typeof sanitizedSettings.pagespeedApiKey !== "undefined") {
+			sanitizedSettings.pagespeedApiKey = "********";
 		}
+		return res.success({
+			msg: this.stringService.getAppSettings,
+			data: sanitizedSettings,
+		});
 	};
 
 	updateAppSettings = async (req, res, next) => {
@@ -32,7 +31,6 @@ class SettingsController {
 		}
 
 		try {
-			console.log(req.body);
 			await this.db.updateAppSettings(req.body);
 			const updatedSettings = { ...(await this.settingsService.reloadSettings()) };
 			delete updatedSettings.jwtSecret;
diff --git a/server/service/settingsService.js b/server/service/settingsService.js
@@ -54,6 +54,11 @@ class SettingsService {
 		}
 		return this.settings;
 	}
+
+	async getDBSettings() {
+		const settings = await this.appSettings.findOne({ singleton: true }).lean();
+		return settings;
+	}
 }
 
 export default SettingsService;

Original file line number	Diff line number	Diff line change
`@@ -54,6 +54,11 @@ class SettingsService {`
`54`	`54`	`}`
`55`	`55`	`return this.settings;`
`56`	`56`	`}`
	`57`	`+`
	`58`	`+ async getDBSettings() {`
	`59`	`+ const settings = await this.appSettings.findOne({ singleton: true }).lean();`
	`60`	`+ return settings;`
	`61`	`+ }`
`57`	`62`	`}`
`58`	`63`
`59`	`64`	`export default SettingsService;`