1 files changed, 16 insertions, 0 deletions

diff --git a/src/controllers/UserTokenController.php b/src/controllers/UserTokenController.php
index d894b52..2c2fe1e 100644
--- a/src/controllers/UserTokenController.php
+++ b/src/controllers/UserTokenController.php
@@ -12,19 +12,35 @@ class UserTokenController extends BaseController {
         $this->userToken = $userToken;
     }
 
+    /**
+     * Only the tokens of the authenticated user are shown
+     */
     public function index() {
         return $this->userToken->where('userId', '=', Auth::user()->id)->get();
     }
     
+    /**
+     * Only the tokens of the authenticated user are available
+     */
     public function show($id) {
         return $this->userToken->where('userId', '=', Auth::user()->id)->findOrFail($id);
     }
 
+    /**
+     * Set the userId and create a random token
+     */
     public function store() {
         $this->userToken->userId = Auth::user()->id;
         $this->userToken->token = sha1(mt_rand());
 
         if ($this->userToken->save()) {
+            // Remove the token field from the hidden fields
+            $hidden = $this->userToken->getHidden();
+            foreach ($hidden as $k => $v)
+                if ($v == 'token')
+                    unset($hidden[$k]);
+            $this->userToken->setHidden($hidden);
+
             return $this->userToken;
         } else {
             throw new Dingo\Api\Exception\StoreResourceFailedException;