Sanitize Credentials from Prisma Output
Is anyone here using credentials auth in their t3-app? Is there a way to santize the field output through either Prisma or Postgres to ensure you're not returning passwords back from queries that request the User as a related field? Just wondering if there's a convention for this.
Also if anyone has experience with implementing credentials auth I'm curious to see what your auth flow looks like. I've setup credentials auth, but am having having trouble wrapping my head around getting next-auth to use the session strategy for oauth and magic link, but create a JWT when credentials are used.
Thanks in advance !
1 Reply
It seems using a zob output schema helps do this on the server, but still haven't found a prisma specific way yet
*zod