From f09e2879d603e94aa28ddf81e8d9ca3727be098a Mon Sep 17 00:00:00 2001
From: Bereket Engida <bekacru@gmail.com>
Date: Thu, 7 Nov 2024 16:08:07 +0300
Subject: [PATCH] fix: remove senstive fields on list accounts from being
 exposed to the client

---
 packages/better-auth/src/api/routes/account.ts | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/packages/better-auth/src/api/routes/account.ts b/packages/better-auth/src/api/routes/account.ts
index 5efab1e097..adca7e5ff7 100644
--- a/packages/better-auth/src/api/routes/account.ts
+++ b/packages/better-auth/src/api/routes/account.ts
@@ -16,7 +16,14 @@ export const listUserAccounts = createAuthEndpoint(
 		const accounts = await c.context.internalAdapter.findAccounts(
 			session.user.id,
 		);
-		return c.json(accounts);
+		return c.json(
+			accounts.map((a) => {
+				return {
+					id: a.id,
+					provider: a.providerId,
+				};
+			}),
+		);
 	},
 );