// routes/auth
router.get("/current-user", requireSignin, auth.currentUser);

// controllers/auth
export const currentUser = async (req, res) => {
  try {
    const user = await User.findById(req.user._id);
    user.password = undefined;
    user.resetCode = undefined;
    res.json(user);
  } catch (err) {
    console.log(err);
    return res.status(403).json({ error: "Unauthorized" });
  }
};

To test this, send Authorization token in req.headers using Postman