Merge pull request #85 from javorszky/master

User authentication / registration, fixture fix closes #82

config.js

@@ -68,7 +68,8 @@
             connection: {
                 filename: './core/shared/data/testdb.db'
             },
-            debug: true
+            debug: false
+            // debug: true
         },
 
         staging: {},

core/admin/controllers/index.js

@@ -64,9 +64,9 @@
                 console.log('user found: ', user);
                 req.session.user = "ghostadmin";
                 res.redirect(req.query.redirect || '/ghost/');
-            }, function (err) {
+            }, function (error) {
                 // Do something here to signal the reason for an error
-                console.log(err.stack);
+                req.flash('error', error.message);
                 res.redirect('/ghost/login/');
             });
         },
@@ -78,16 +78,19 @@
             });
         },
         'doRegister': function (req, res) {
-             // console.log(req.body);
-            if (req.body.email_address !== '' && req.body.password.length > 5) {
+            var email = req.body.email_address,
+                password = req.body.password;
+
+            if (email !== '' && password.length > 5) {
                 api.users.add({
-                    email_address: req.body.email_address,
-                    password: req.body.password
+                    email_address: email,
+                    password: password
                 }).then(function (user) {
                     console.log('user added', user);
                     res.redirect('/ghost/login/');
                 }, function (error) {
-                    console.log('there was an error', error);
+                    req.flash('error', error.message);
+                    res.redirect('/ghost/register/');
                 });
             } else {
                 req.flash('error', "The password is too short. Have at least 6 characters in there");

core/shared/models/dataProvider.bookshelf.users.js

@@ -30,11 +30,17 @@
             // Clone the _user so we don't expose the hashed password unnecessarily
             userData = _.extend({}, _user);
 
-        return nodefn.call(bcrypt.hash, _user.password, null, null).then(function (hash) {
-            userData.password = hash;
-            return BaseProvider.prototype.add.call(self, userData);
+        return self.model.forge({email_address: userData.email_address}).fetch().then(function (user) {
+            if (!!user.attributes.email_address) {
+                return when.reject(new Error('A user with that email address already exists.'));
+            }
 
+            return nodefn.call(bcrypt.hash, _user.password, null, null).then(function (hash) {
+                userData.password = hash;
+                return BaseProvider.prototype.add.call(self, userData);
+            });
         });
+
     };
 
     /**
@@ -47,12 +53,15 @@
         return this.model.forge({
             email_address: _userdata.email
         }).fetch().then(function (user) {
-            return nodefn.call(bcrypt.compare, _userdata.pw, user.get('password')).then(function (matched) {
-                if (!matched) {
-                    return when.reject(new Error('Password does not match'));
-                }
-                return user;
-            });
+            if (!!user.attributes.email_address) {
+                return nodefn.call(bcrypt.compare, _userdata.pw, user.get('password')).then(function (matched) {
+                    if (!matched) {
+                        return when.reject(new Error('Passwords do not match'));
+                    }
+                    return user;
+                });
+            }
+            return when.reject(new Error('We do not have a record for such user.'));
         });
     };