}).pre('save', function (next) {
var user = this;
user.updated_at = Date.now;
if (!user.isModified('password')) return next();
tools.pbkdf2(user.password,user.email,function(err,hash){
if(err) return next(err);
user.password = null;
user.pkey = hash;
next();
});
}));
User.findOne({email: auth_parts[1]}).lean().exec(function(err,user){
if(err) return;
if(user){
tools.sign(user.pkey,user.email+req.method+req.url+parseInt(auth_parts[3]),function(err,signhash){
if(err) that.res.json({"err":err});
if(auth_parts[2] == signhash)
{
user.id = user._id;
user._id = undefined;
user.password = undefined;
user.pkey = undefined;
user.__v = undefined;
req.current_user = user;
req.current_user.isAuth = true;
res.emit('next');
}else{
res.emit('next');
}
});
}else{
//invalid sign (bad password or exploit)
res.emit('next');
}
});