cktricky/safe_request_handling.md

Last active January 2, 2016 15:59

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/cktricky/8327287.js"></script>
Save cktricky/8327287 to your computer and use it in GitHub Desktop.

Mass Assignment Part 2

Raw

##Web Application Code##

Within the request handling code:

_ = require('underscore');
var user = new User(_.pick(req.body, User.userCreateSafeFields));

Within the User model:

UserSchema.statics = {
    User.userCreateSafeFields: ['email', 'password', 'password_confirmation', 'first_name', 'last_name']
};