How to create an API without a reasonable field using Doctrine2?

Question

I really use Doctrine2 in a Zend Framework project.

I am creating an API that will be used as a Restfull web service, and I actually use the Serializer Entity and / or the result of the array.

However, my problem is that my entity is completely serialized, so fields such as password or email are returned.

This is not a problem when working with a private call, but for a public API.

How can I solve this problem?

+4

Trent Mar 28 '12 at 18:11

1 answer

Andrés · Accepted Answer · 2012-04-01T17:36:27+0000

If you thought about these alternatives:

Intelligent Information Encryption
Use secure https connection
Return a copy of the bean without the necessary information (libraries such as dozer of morph can do the job).

The latter option is actually a good estimate, so sometimes it is not recommended to use the Entity bean at the presentation, service or API level.