4 files changed, 37 insertions, 9 deletions

diff --git a/server/lib/api.js b/server/lib/api.js
index 9ff9f38..85c5b85 100644
--- a/server/lib/api.js
+++ b/server/lib/api.js
@@ -1,7 +1,6 @@
 /* jshint node: true */
 
 var passport = require('passport'),
-	_ = require('lodash'),
 	Entities = require('html-entities').XmlEntities,
 	entities = new Entities(),
 	crypto = require('crypto'),
@@ -19,13 +18,28 @@ var api = {
 				res.json(err || user)
 			})
 		},
+		
 		update: function(req, res){
-			var data = req.cleanQuery(req.body)
-			if (data.new_password.length && req.user.checkPassword(data.old_password)) {
-				data.password = data.new_password
+			var data = util.cleanQuery(req.body)
+			if (data.new_password.length) {
+				if (req.user.checkPassword(data.old_password)) {
+					res.json({ error: { errors: { username: { message: "Old password is incorrect" } } } })
+				}
+				
+				var shasum = crypto.createHash('sha1')
+				shasum.update(data.new_password)
+				password = shasum.digest('hex');
+				
+				req.user.password = password
 			}
 			delete data.old_password
 			delete data.new_password
+			delete data.isAdmin
+			_.extend( req.user, data )
+			req.user.save(function(err, msg) {
+				err ? res.json({ status: "FAIL", error: err })
+					: res.json({ status: "OK", payload: req.user })
+			})
 		}
 	}
 
diff --git a/server/lib/auth.js b/server/lib/auth.js
index e7b7a75..5a952f5 100644
--- a/server/lib/auth.js
+++ b/server/lib/auth.js
@@ -72,7 +72,22 @@ var auth = {
 			failureRedirect: '/login'
 		});
 	},
-	
+
+	loggedInLocal: function (req, res, next) {
+		passport.authenticate("local", function(err, user, info){
+			if (err) {
+				return res.json({ error: err });
+			}
+			if (! user) {
+				return info ? res.json(info) : res.redirect("/login");
+			}
+			req.logIn(user, function(err) {
+				if (err) { return next(err); }
+				return res.json({ status: "OK" })
+			});
+		})(req, res, next);
+	},
+
 	logout: function (req, res) {
 		req.logout();
 		res.redirect('/');
diff --git a/server/lib/util.js b/server/lib/util.js
index 7a63507..88d16cb 100644
--- a/server/lib/util.js
+++ b/server/lib/util.js
@@ -1,4 +1,6 @@
 
+var _ = require('lodash');
+
 var whitespaceHead = /^\s+/
 var whitespaceTail = /\s+$/
 
diff --git a/server/lib/views.js b/server/lib/views.js
index 4f2402b..224dd3f 100644
--- a/server/lib/views.js
+++ b/server/lib/views.js
@@ -18,15 +18,12 @@ views.home = function (req, res) {
 }
 
 views.profile = function (req, res) {
-	var username = req.params[0]
+	var username = req.params[0] || req.user.username
 	if (username) {
 		User.findOne({ username: username }, function (err, user) {
 			user ? next(user) : done(err, {}, [])
 		})
 	}
-	else if (req.user) {
-		next(req.user)
-	}
 	else {
 		done()
 	}