Securing requests and responses

Looking at the response we get from our POST /users endpoint, you might notice something disturbing.

We actually get the password, in plain text, in the response! That's obviously not very secure so in this video, we're going to fix that.

toJSON

We when use Express to load a Mongoose object and send it in a response, Mongoose will automatically transform the document to JSON using a method called toJSON.