🧑‍💻 refactor: Secure Field Selection for 2FA & API Build Sourcemap (#9087)

* refactor: `packages/api` build scripts for better inline debugging * refactor: Explicitly select secure fields as no longer returned by default, exclude backupCodes from user data retrieval in authentication and 2FA processes * refactor: Backup Codes UI to not expect backup codes, only regeneration * refactor: Ensure secure fields are deleted from user data in getUserController
2026-01-05 18:18:51 +01:00 · 2025-08-15 18:55:49 -04:00 · 2025-08-15 18:55:49 -04:00 · 3547873bc4
commit 3547873bc4
parent 50b7bd6643
15 changed files with 82 additions and 31 deletions
--- a/packages/data-schemas/package.json
+++ b/packages/data-schemas/package.json
@ -1,6 +1,6 @@
 {
  "name": "@librechat/data-schemas",
-  "version": "0.0.16",
+  "version": "0.0.17",
  "description": "Mongoose schemas and models for LibreChat",
  "type": "module",
  "main": "dist/index.cjs",
--- a/packages/data-schemas/src/schema/user.ts
+++ b/packages/data-schemas/src/schema/user.ts
@ -119,6 +119,7 @@ const userSchema = new Schema<IUser>(
    },
    backupCodes: {
      type: [BackupCodeSchema],
+      select: false,
    },
    refreshToken: {
      type: [SessionSchema],