editing profile

1 files changed, 18 insertions, 4 deletions

diff --git a/server/lib/api.js b/server/lib/api.js
index 9ff9f38..85c5b85 100644
--- a/server/lib/api.js
+++ b/server/lib/api.js
@@ -1,7 +1,6 @@
 /* jshint node: true */
 
 var passport = require('passport'),
-	_ = require('lodash'),
 	Entities = require('html-entities').XmlEntities,
 	entities = new Entities(),
 	crypto = require('crypto'),
@@ -19,13 +18,28 @@ var api = {
 				res.json(err || user)
 			})
 		},
+		
 		update: function(req, res){
-			var data = req.cleanQuery(req.body)
-			if (data.new_password.length && req.user.checkPassword(data.old_password)) {
-				data.password = data.new_password
+			var data = util.cleanQuery(req.body)
+			if (data.new_password.length) {
+				if (req.user.checkPassword(data.old_password)) {
+					res.json({ error: { errors: { username: { message: "Old password is incorrect" } } } })
+				}
+				
+				var shasum = crypto.createHash('sha1')
+				shasum.update(data.new_password)
+				password = shasum.digest('hex');
+				
+				req.user.password = password
 			}
 			delete data.old_password
 			delete data.new_password
+			delete data.isAdmin
+			_.extend( req.user, data )
+			req.user.save(function(err, msg) {
+				err ? res.json({ status: "FAIL", error: err })
+					: res.json({ status: "OK", payload: req.user })
+			})
 		}
 	}