From 0c0aacd4c308cfd654c539ca10a88b64a6364652 Mon Sep 17 00:00:00 2001
From: Jan Philipp Timme <jan.philipp@timme.it>
Date: Mon, 16 Sep 2013 22:23:42 +0200
Subject: [PATCH] [TASK] Implement POST /user.

---
 src/User.api.js | 42 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)

diff --git a/src/User.api.js b/src/User.api.js
index e7729ad..5b2efca 100644
--- a/src/User.api.js
+++ b/src/User.api.js
@@ -63,7 +63,47 @@ var constructor = function(db) {
 		}
 
 		if(req.method == "POST") {
-			console.log(req);
+			var params = req.body;
+			if(req.session.data.login == false) {
+				res.send(200, JSON.stringify({
+					"success": false,
+					"err": "You are not logged in!"
+				}));
+				return;
+			}
+			var changeset = {};
+			//TODO: implement to ignore underscore attributes and type field!
+			if(tools.reqParamsGiven(["email"], params) != false) {
+				changeset["email"] = params["email"];
+			}
+			if(tools.reqParamsGiven(["password"], params) != false) {
+				//TODO: make this async!
+				changeset["auth"] = scrypt.passwordHashSync(params["password"], 10);
+			}
+			db.merge(req.session.data.user._id, changeset, function(err, result) {
+				if(err) {
+					console.log(err);
+					res.send(200, JSON.stringify({
+						"success": false,
+						"err": "Something went wrong updating the user document!"
+					}));
+				} else {
+					db.get(req.session.data.user._id, function(err, result) {
+						if(err) {
+							console.log(err);
+							res.send(200, JSON.stringify({
+								"success": false,
+								"err": "Something went wrong re-reading the user document!"
+							}));
+						} else {
+							req.session.data.user = result;
+							res.send(200, JSON.stringify({
+								"success": true
+							}));
+						}
+					});
+				}
+			});
 		}
 
 		if(req.method == "DELETE") {