2 files changed, 19 insertions, 4 deletions

diff --git a/bucky/util/auth.js b/bucky/util/auth.js
index 3cc01f0..4556733 100644
--- a/bucky/util/auth.js
+++ b/bucky/util/auth.js
@@ -125,6 +125,20 @@ var auth = module.exports = {
     return user.get('password') === auth.makePassword(user.get('username'), pw);
   },
 
+  changePassword: function(req, res, next) {
+    if (! req.body.oldpassword && ! req.body.newpassword) return next()
+    if (req.body.newpassword !== req.body.newpassword2) {
+      return res.send({ error: 'Passwords don\'t match.' })
+    }
+    if (! auth.validPassword(res.user, req.body.oldpassword)) {
+      return res.send({ error: 'Password is incorrect.' })
+    }
+    var username = req.user.get('username')
+    var newPassword = auth.makePassword(username, req.body.newpassword)
+    res.user.set('password', newPassword)
+    next()
+  },
+
 	verifyLocalUser: function (username, password, done) {
     // handle passwords!!
 		db.getUserByUsername(username).then(function(user){
@@ -143,7 +157,7 @@ var auth = module.exports = {
 	
   checkin: function (req, res) {
     var user = util.sanitizeUser(req.user)
-    res.json(user)
+    res.json({ user: user })
   },
 
 	logout: function (req, res) {
diff --git a/bucky/util/upload.js b/bucky/util/upload.js
index d7bf822..5bc8190 100644
--- a/bucky/util/upload.js
+++ b/bucky/util/upload.js
@@ -35,10 +35,11 @@ module.exports.put = function (opt) {
   var types = opt.types
 	var extension = types && types[file.mimetype]
 	
-	if (opt.preserveFilename) {
+	if (opt.filename) {
+	  filename = opt.filename
+	} else if (opt.preserveFilename) {
 	  filename = file.originalname
-	}
-	else {
+	} else {
     filename = uuid.v1() + "." + extension;
 	}