From ca0d6a9e55416e64304ca87cac4fe9be76a7cc96 Mon Sep 17 00:00:00 2001
From: Amos Haviv <amos@Amoss-MacBook-Pro.local>
Date: Fri, 22 Nov 2013 02:39:12 +0200
Subject: [PATCH] Fixing 'me' password leak

---
 config/passport.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/passport.js b/config/passport.js
index 731c5ce2..7ee2ca60 100755
--- a/config/passport.js
+++ b/config/passport.js
@@ -17,7 +17,7 @@ module.exports = function(passport) {
     passport.deserializeUser(function(id, done) {
         User.findOne({
             _id: id
-        }, function(err, user) {
+        }, '-salt -hashed_password', function(err, user) {
             done(err, user);
         });
     });