new_user: function(config,callback){
if (!config.firstname||!config.lastname||!config.username||!config.email||!config.password)
{
callback({"Error": {"error_message": "DATA_NOT_SET", "message_type": "CONFIG"}});
}else{
// Limit character input
config.firstname = config.firstname.replace(/[^a-zA-Z\-_]/,"");
config.lastname = config.lastname.replace(/[^a-zA-Z\-_]/,"");
config.username = config.username.replace(/[^a-zA-Z\-_]/,"");
var salt = crypto.random_hash();
var hash = crypto.pbkdf2(config.password,salt);
if (!hash.Error)
{
var new_user = {
username: config.username,
firstname: config.firstname,
lastname: config.lastname,
hash: hash,
salt: salt,
email: config.email,
};
database.insert('users', new_user, function(result){
if (result.Error)
{
if (result.Error.error_message.name == "MongoError" && result.Error.error_message.code == 11000)
{
callback({"Error": {"error_message": "USER_EXISTS", "message_type": "CONFIG"}});
}else{
callback(result);
}
}else{
var the_user = new user(new_user.username);
the_user.load(callback);
}
});
}else{
callback({"Error": {"error_message": hash.Error.error_message, "message_type": "CRYPTO"}});
}
}
},
database.findOne('users', {username: username}, function(error, result) {
if (result !== null) {
var salt = result.salt;
common_crypto.pbkdf2(password, salt, function(error, hash) {
if (!error) {
if (hash === null || result.password === null) {
callback(new Error("Login error"), null);
} else if (hash == result.password) {
create_new_session(username, callback);
} else {
callback(new Error("Invalid username/password"), null);
}
} else {
callback(error, null);
}
});
} else {
callback(new Error("Invalid username/password"), null);
}
});