From 984178b935dae0a1b7a563c074f64a03764ee894 Mon Sep 17 00:00:00 2001
From: SSosedova <snejik1111@gmail.com>
Date: Mon, 17 Aug 2015 18:22:38 +0300
Subject: [PATCH 1/5] Added all methods

---
 app.js              |  10 ++--
 controllers/post.js |  61 +++++++++++++++++++++--
 controllers/user.js | 119 ++++++++++++++++++++++++++++++++++++++++----
 db.json             |   2 +-
 4 files changed, 172 insertions(+), 20 deletions(-)

diff --git a/app.js b/app.js
index 41a2eb0..a015efd 100644
--- a/app.js
+++ b/app.js
@@ -1,6 +1,7 @@
 var express = require('express');
 var bodyParser = require('body-parser');
 GLOBAL._ = require('underscore');
+GLOBAL.sha1 = require('sha1');
 var fs= require('fs')
 var app = express();
 GLOBAL.DB = {
@@ -14,11 +15,11 @@ GLOBAL.DB = {
 GLOBAL.DB.restore();
 DB.users = DB.users || [];
 DB.posts = DB.posts || [];
-
+console.log("run");
 
 app.use(bodyParser.json())
 app.use(function (req, res, next) {
-    console.log(req.originalUrl)
+    console.log(req.originalUrl);
     if(req.originalUrl =='/register'){
         next(null);
         return;
@@ -31,13 +32,14 @@ app.use(function (req, res, next) {
     var nick = parts[0];
     var pwd = parts[1];
     var user = _.find(DB.users, function (usr) {
-        return usr.nick == nick && pwd == usr.pwd;
+        return usr.nick == nick && sha1(pwd) == usr.pwd;
     })
     if (!user) {
         res.status(401).send({message: "invalid user or password"})
         return;
     }
-    req.currentUser =user;
+    req.currentUser = user;
+    
     next(null);
 })
 require('./controllers/user')(app)
diff --git a/controllers/post.js b/controllers/post.js
index 48c5b69..0d05637 100644
--- a/controllers/post.js
+++ b/controllers/post.js
@@ -1,18 +1,69 @@
 module.exports=function(app){
-    app.post('/user/:id/wall',function(req,res){
+    app.post('/user/:id/wall', function(req, res){
         if(!req.body.content){
             res.status(400).send({message:'content required'})
             return;
         }
+        var uniqueId = Date.now();
         var post = {
-            content:req.body.content,
-            id:Date.now(),
-            authorId:req.currentUser.id,
-            ownerId:req.params.id
+            content: req.body.content,
+            id: String(++uniqueId),
+            authorId: req.currentUser.id,
+            ownerId: req.params.id
         };
         DB.posts.push(post)
         DB.save();
         res.send(post);
     })
 
+    app.get('/post', function(req, res){
+        res.send(DB.posts);
+    })
+
+    app.get('/posts/:id', function(req, res){
+       var post = _.clone(_.findWhere(DB.posts,{"id":req.params.id}));
+        if(!post){
+            res.status(404).send({message:"not found"})
+            return;
+        }
+        res.send(post)
+    })
+
+    app.put('/posts/:id',function(req,res){
+        var post = _.findWhere(DB.posts,{"id":req.params.id});
+        if(!post){
+            res.status(404).send({message:"not found"})
+            return;
+        }
+        if(req.currentUser.id != post.authorId){
+            res.status(405).send({message: "Not Allowed"})
+            return;
+        }
+        if(!req.body.content){
+            res.status(400).send({message:'content required'})
+            return;
+        }
+        
+        post.content = req.body.content;
+        DB.save();
+        
+        res.send(post)
+    })
+
+    app.delete('/posts/:id', function(req, res){
+        var post = _.findWhere(DB.posts,{"id":req.params.id});
+        if(!post){
+            res.status(404).send({message:"not found"})
+            return;
+        }
+        if(!(req.currentUser.id == post.authorId || req.currentUser.id == post.ownerId)){
+             res.status(405).send({message: "Not Allowed"})
+            return;
+        }
+        
+        DB.posts.splice(DB.posts.indexOf(post),1);
+        DB.save();
+        
+        res.send("deleted")
+    })
 }
\ No newline at end of file
diff --git a/controllers/user.js b/controllers/user.js
index f543dd0..20c610f 100644
--- a/controllers/user.js
+++ b/controllers/user.js
@@ -1,42 +1,141 @@
-var uniqueId = Date.now();
+
 module.exports = function(app){
     app.get('/me',function(req,res){
         res.send(req.currentUser);
     })
-    app.get('/user', function (req, res) {
+
+    app.put('/me',function(req, res){
+        var user = _.findWhere(DB.users,{"id":req.currentUser.id});
+        if (req.body.email && req.body.email=="") {
+            res.status(400).send({message: "Email is required"})
+            return;
+        } else if (req.body.nick && req.body.nick=="") {
+            res.status(400).send({message: "Nick is required"})
+            return;
+        } else if ((req.body.pwd || req.body.repeatPwd)&&(!req.body.pwd || !req.body.repeatPwd || req.body.pwd != req.body.repeatPwd)){
+            res.status(400).send({message: "Passwords do not match"})
+            return;
+        }
+
+        if (_.findWhere(DB.users,{"email":req.body.email})){
+            res.status(400).send({message: "This Email is not available"})
+            return;
+        } else if (_.findWhere(DB.users,{"nick":req.body.nick})){
+            res.status(400).send({message: "This Nick is not available"})
+            return;
+        }
+
+        if (req.body.email){
+            user.email = req.body.email;
+        }
+        if (req.body.nick){
+            user.nick = req.body.nick;
+        }
+        if (req.body.pwd){
+            user.pwd = sha1(req.body.pwd);
+        }
+        DB.save();
+        res.send(user);
+    })
+
+    app.get('/user', function(req, res) {
         res.send(DB.users);
     })
-    app.get('/user/:id',function(req,res){
+
+    app.get('/user/:id', function(req, res){
         var user = _.clone(_.find(DB.users,function(usr){
-            return usr.id ==req.params.id;
+            return usr.id == req.params.id;
         }));
-        delete user.pwd;
+       // console.log(user);
         if(!user){
             res.status(404).send({message:"not found"})
             return;
         }
+        delete user.pwd;
+      
         res.send(user)
     })
+
     app.get('/user/:id/wall',function(req,res){
-       res.send(_.where( DB.posts,{ownerId:req.params.id}));
+       res.send(_.where( DB.posts,{ownerId: req.params.id}));
+    })
+
+    app.get('/user/:id/following', function(req, res){
+        var user = _.clone(_.find(DB.users,function(usr){
+            return usr.id == req.params.id;
+        }));
+
+        if(!user){
+            res.status(404).send({message:"not found"})
+            return;
+        }
+
+        var following = _.clone(_.filter(DB.users,function(usr){
+            return _.include(user.follow, usr.id);
+        }));
+        
+        res.send(following)
+    })
+
+    app.get('/user/:id/followers', function(req, res){
+
+        var followers = _.clone(_.filter(DB.users,function(user){
+            return user.follow && _.include(user.follow, req.params.id);
+        }));
+
+        res.send(followers)
+    })
+
+    app.post('/user/:id/follow', function(req, res){
+           
+        var user = _.findWhere(DB.users, {"id": req.currentUser.id});
+        user.follow = user.follow || [];
+        if(!_.include(user.follow, req.params.id)){
+            user.follow.push(req.params.id);
+            DB.save();
+        }
+        res.send("following "+req.params.id)
+    })
+
+    app.delete('/user/:id/follow', function(req, res){
+        var user = _.findWhere(DB.users, {"id": req.currentUser.id});
+        user.follow = user.follow || [];
+        user.follow = _.without(user.follow, req.params.id)
+        DB.save();
+        res.send("not following "+req.params.id)
     })
-    app.post('/register', function (req, res) {
+
+    app.post('/register', function(req, res) {
+        
+        var uniqueId = Date.now();
+        console.log(req.body);
         //проверить свободен ли ник и имейл
         if (!req.body.email) {
             res.status(400).send({message: "Email is required"})
             return;
-        } else if (!req.body.nick) {
+        } else if(req.body.email.indexOf("@")==-1){
+             res.status(400).send({message: "Invalid Email"})
+            return;
+        } else if (!req.body.nick || req.body.nick == "") {
             res.status(400).send({message: "Nick is required"})
             return;
         } else if (!req.body.pwd || !req.body.repeatPwd || req.body.pwd != req.body.repeatPwd) {
             res.status(400).send({message: "Passwords do not match"})
             return;
         }
+
+        if (_.findWhere(DB.users,{"email":req.body.email})){
+            res.status(400).send({message: "This Email is not available"})
+            return;
+        } else if (_.findWhere(DB.users,{"nick":req.body.nick})){
+            res.status(400).send({message: "This Nick is not available"})
+            return;
+        }
         var user = {
             email: req.body.email,
             nick: req.body.nick,
-            pwd: req.body.pwd,
-            id: ++uniqueId
+            pwd: sha1(req.body.pwd),
+            id: String(++uniqueId)
         };
 
         DB.users.push(_.clone(user))
diff --git a/db.json b/db.json
index d7084f4..93c8132 100644
--- a/db.json
+++ b/db.json
@@ -1 +1 @@
-{"users":[{"email":"gg@gg.gg","nick":"second","pwd":"123","id":1439224467621},{"email":"gg@gg.gg","nick":"second","pwd":"123","id":1439224467622},{"email":"gg@gg.gg","nick":"gena","pwd":"123","id":1439225345875}],"posts":[{"content":"Hellofrom gena","id":1439225509193,"authorId":1439225345875,"ownerId":"1439224467621"}]}
\ No newline at end of file
+{"users":[{"email":"xx@xx","nick":"XXX","pwd":"40bd001563085fc35165329ea1ff5c5ecbdbbeef","id":"1439819738770"},{"email":"aa@aa","nick":"AAA","pwd":"40bd001563085fc35165329ea1ff5c5ecbdbbeef","id":"1439819754935","follow":["1439819738770","1439819796295"]},{"email":"z@z","nick":"Z","pwd":"43814346e21444aaf4f70841bf7ed5ae93f55a9d","id":"1439819796295"}],"posts":[{"content":"it's me","id":"1439819864013","authorId":"1439819754935","ownerId":"1439819738770"},{"content":"hi","id":"1439823695463","authorId":"1439819754935","ownerId":"1439819738770"},{"content":"ta-ta","id":"1439823726162","authorId":"1439819754935","ownerId":"1439819796295"}]}
\ No newline at end of file

From 7ff6b4655a98697116d000fda92980f7518adb19 Mon Sep 17 00:00:00 2001
From: SSosedova <snejik1111@gmail.com>
Date: Mon, 24 Aug 2015 14:17:36 +0300
Subject: [PATCH 2/5] add deletion of pwd

---
 app.js              |  7 +++----
 controllers/post.js |  1 +
 controllers/user.js | 50 ++++++++++++++++++++++++++++++---------------
 db.json             |  2 +-
 4 files changed, 38 insertions(+), 22 deletions(-)

diff --git a/app.js b/app.js
index a015efd..0d5845b 100644
--- a/app.js
+++ b/app.js
@@ -12,7 +12,7 @@ GLOBAL.DB = {
         GLOBAL.DB = _.extend(GLOBAL.DB,JSON.parse(fs.readFileSync('./db.json','utf-8')))
     }
 }
-GLOBAL.DB.restore();
+DB.restore();
 DB.users = DB.users || [];
 DB.posts = DB.posts || [];
 console.log("run");
@@ -31,9 +31,8 @@ app.use(function (req, res, next) {
     var parts = req.headers['authorization'].split(":")
     var nick = parts[0];
     var pwd = parts[1];
-    var user = _.find(DB.users, function (usr) {
-        return usr.nick == nick && sha1(pwd) == usr.pwd;
-    })
+    var user = _.findWhere(DB.users, {"nick":nick, "pwd": sha1(pwd)})
+    
     if (!user) {
         res.status(401).send({message: "invalid user or password"})
         return;
diff --git a/controllers/post.js b/controllers/post.js
index 0d05637..392ed98 100644
--- a/controllers/post.js
+++ b/controllers/post.js
@@ -1,4 +1,5 @@
 module.exports=function(app){
+    
     app.post('/user/:id/wall', function(req, res){
         if(!req.body.content){
             res.status(400).send({message:'content required'})
diff --git a/controllers/user.js b/controllers/user.js
index 20c610f..d85a017 100644
--- a/controllers/user.js
+++ b/controllers/user.js
@@ -1,7 +1,7 @@
 
 module.exports = function(app){
     app.get('/me',function(req,res){
-        res.send(req.currentUser);
+        res.send(deletePwd(req.currentUser));
     })
 
     app.put('/me',function(req, res){
@@ -12,15 +12,18 @@ module.exports = function(app){
         } else if (req.body.nick && req.body.nick=="") {
             res.status(400).send({message: "Nick is required"})
             return;
-        } else if ((req.body.pwd || req.body.repeatPwd)&&(!req.body.pwd || !req.body.repeatPwd || req.body.pwd != req.body.repeatPwd)){
+        } else if ((req.body.pwd)&&(!req.body.repeatPwd || req.body.pwd != req.body.repeatPwd)){
             res.status(400).send({message: "Passwords do not match"})
             return;
         }
 
-        if (_.findWhere(DB.users,{"email":req.body.email})){
+        var userWithEmail = _.findWhere(DB.users,{"email":req.body.email});
+        var userWithNick = _.findWhere(DB.users,{"nick":req.body.nick});
+
+        if (userWithEmail && userWithEmail.id != user.id){
             res.status(400).send({message: "This Email is not available"})
             return;
-        } else if (_.findWhere(DB.users,{"nick":req.body.nick})){
+        } else if (userWithNick && userWithNick.id != user.id){
             res.status(400).send({message: "This Nick is not available"})
             return;
         }
@@ -35,31 +38,30 @@ module.exports = function(app){
             user.pwd = sha1(req.body.pwd);
         }
         DB.save();
-        res.send(user);
+        res.send(deletePwd(user));
     })
 
     app.get('/user', function(req, res) {
-        res.send(DB.users);
+        res.send(deletePwd(DB.users));
     })
 
     app.get('/user/:id', function(req, res){
         var user = _.clone(_.find(DB.users,function(usr){
             return usr.id == req.params.id;
         }));
-       // console.log(user);
         if(!user){
             res.status(404).send({message:"not found"})
             return;
         }
-        delete user.pwd;
-      
-        res.send(user)
+        res.send(deletePwd(user))
     })
 
     app.get('/user/:id/wall',function(req,res){
        res.send(_.where( DB.posts,{ownerId: req.params.id}));
     })
 
+
+
     app.get('/user/:id/following', function(req, res){
         var user = _.clone(_.find(DB.users,function(usr){
             return usr.id == req.params.id;
@@ -70,11 +72,11 @@ module.exports = function(app){
             return;
         }
 
-        var following = _.clone(_.filter(DB.users,function(usr){
+        var following = _.filter(DB.users,function(usr){
             return _.include(user.follow, usr.id);
-        }));
+        });
         
-        res.send(following)
+        res.send(deletePwd(following))
     })
 
     app.get('/user/:id/followers', function(req, res){
@@ -83,7 +85,7 @@ module.exports = function(app){
             return user.follow && _.include(user.follow, req.params.id);
         }));
 
-        res.send(followers)
+        res.send(deletePwd(followers))
     })
 
     app.post('/user/:id/follow', function(req, res){
@@ -138,9 +140,23 @@ module.exports = function(app){
             id: String(++uniqueId)
         };
 
-        DB.users.push(_.clone(user))
+        DB.users.push(user)
         DB.save();
-        delete user.pwd;
-        res.send(user)
+        res.send(deletePwd(user))
     })
+
+
+    function deletePwd(users){
+        if (_.isArray(users)){
+            return _.map(users, function(user){
+                var userCopy = _.clone(user)
+                delete userCopy.pwd;
+                return userCopy;
+            })
+        } else {
+            var userCopy = _.clone(users)
+            delete userCopy.pwd;
+            return userCopy;
+        }
+    }
 }
\ No newline at end of file
diff --git a/db.json b/db.json
index 93c8132..11f5aec 100644
--- a/db.json
+++ b/db.json
@@ -1 +1 @@
-{"users":[{"email":"xx@xx","nick":"XXX","pwd":"40bd001563085fc35165329ea1ff5c5ecbdbbeef","id":"1439819738770"},{"email":"aa@aa","nick":"AAA","pwd":"40bd001563085fc35165329ea1ff5c5ecbdbbeef","id":"1439819754935","follow":["1439819738770","1439819796295"]},{"email":"z@z","nick":"Z","pwd":"43814346e21444aaf4f70841bf7ed5ae93f55a9d","id":"1439819796295"}],"posts":[{"content":"it's me","id":"1439819864013","authorId":"1439819754935","ownerId":"1439819738770"},{"content":"hi","id":"1439823695463","authorId":"1439819754935","ownerId":"1439819738770"},{"content":"ta-ta","id":"1439823726162","authorId":"1439819754935","ownerId":"1439819796295"}]}
\ No newline at end of file
+{"users":[{"email":"a1@aa.ss","nick":"a11","pwd":"40bd001563085fc35165329ea1ff5c5ecbdbbeef","id":"1440414192088","follow":["1440414199369","1440414206623"]},{"email":"a2@aa.ss","nick":"a2","pwd":"40bd001563085fc35165329ea1ff5c5ecbdbbeef","id":"1440414199369"},{"email":"a3@aa.ss","nick":"a3","pwd":"40bd001563085fc35165329ea1ff5c5ecbdbbeef","id":"1440414206623"},{"email":"x1@aa.ss","nick":"x1","pwd":"cfa1150f1787186742a9a884b73a43d8cf219f9b","id":"1440414229782"}],"posts":[{"content":"bu!","id":"1440414489207","authorId":"1440414192088","ownerId":"1440414199369"},{"content":"that's me!","id":"1440414532295","authorId":"1440414192088","ownerId":"1440414206623"}]}
\ No newline at end of file

From 18870199451a53e047115f03be68a21d4b8dbf9c Mon Sep 17 00:00:00 2001
From: SSosedova <snejik1111@gmail.com>
Date: Mon, 24 Aug 2015 14:32:05 +0300
Subject: [PATCH 3/5] Without Mongo

---
 app.js | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/app.js b/app.js
index 0d5845b..4c248e6 100644
--- a/app.js
+++ b/app.js
@@ -17,6 +17,20 @@ DB.users = DB.users || [];
 DB.posts = DB.posts || [];
 console.log("run");
 
+app.use(function(req, res, next) {
+    res.header('Access-Control-Allow-Origin', '*');
+    res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
+    res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization, Content-Length, X-Requested-With');
+
+    // intercept OPTIONS method
+    if ('OPTIONS' == req.method) {
+      res.send(200);
+    }
+    else {
+      next();
+    }
+});
+
 app.use(bodyParser.json())
 app.use(function (req, res, next) {
     console.log(req.originalUrl);
@@ -32,7 +46,7 @@ app.use(function (req, res, next) {
     var nick = parts[0];
     var pwd = parts[1];
     var user = _.findWhere(DB.users, {"nick":nick, "pwd": sha1(pwd)})
-    
+
     if (!user) {
         res.status(401).send({message: "invalid user or password"})
         return;

From 0ec2accf650a51aec62843cf48e07aa2d45064a2 Mon Sep 17 00:00:00 2001
From: SSosedova <snejik1111@gmail.com>
Date: Mon, 31 Aug 2015 01:05:39 +0300
Subject: [PATCH 4/5] with Mongo

---
 app.js              |  68 +++++++----
 controllers/post.js | 140 +++++++++++++--------
 controllers/user.js | 287 +++++++++++++++++++++++++++++---------------
 db.json             |   1 -
 package.json        |   1 +
 5 files changed, 325 insertions(+), 172 deletions(-)
 delete mode 100644 db.json

diff --git a/app.js b/app.js
index 4c248e6..f856e29 100644
--- a/app.js
+++ b/app.js
@@ -1,20 +1,25 @@
-var express = require('express');
-var bodyParser = require('body-parser');
 GLOBAL._ = require('underscore');
 GLOBAL.sha1 = require('sha1');
-var fs= require('fs')
+GLOBAL.ObjectID = require('mongodb').ObjectID;
+GLOBAL.async = require('async');
+
+var express = require('express');
+var bodyParser = require('body-parser');
+var fs = require('fs')
 var app = express();
-GLOBAL.DB = {
-    save:function(){
-        fs.writeFileSync('./db.json',JSON.stringify(this))
-    },
-    restore: function(){
-        GLOBAL.DB = _.extend(GLOBAL.DB,JSON.parse(fs.readFileSync('./db.json','utf-8')))
-    }
-}
-DB.restore();
-DB.users = DB.users || [];
-DB.posts = DB.posts || [];
+var MongoClient = require('mongodb').MongoClient
+var url = 'mongodb://localhost:27017/socialNetwork'; // в консоли монго смотреть через: use socialNetwork, затем можно db.users.find({}) и т.п.
+MongoClient.connect(url, function(err, db){
+
+    console.log("Connected corretly to server");
+
+    GLOBAL.DB = db; 
+    GLOBAL.UsersCollection = DB.collection('users');
+    GLOBAL.PostsCollection = DB.collection('posts');
+
+    app.listen(100)
+})
+
 console.log("run");
 
 app.use(function(req, res, next) {
@@ -33,7 +38,6 @@ app.use(function(req, res, next) {
 
 app.use(bodyParser.json())
 app.use(function (req, res, next) {
-    console.log(req.originalUrl);
     if(req.originalUrl =='/register'){
         next(null);
         return;
@@ -45,18 +49,30 @@ app.use(function (req, res, next) {
     var parts = req.headers['authorization'].split(":")
     var nick = parts[0];
     var pwd = parts[1];
-    var user = _.findWhere(DB.users, {"nick":nick, "pwd": sha1(pwd)})
-
-    if (!user) {
+    DB.collection('users').findOne({nick:nick,pwd:sha1(pwd)}, function(err,data){
+        if (data) {
+            req.currentUser = data;
+            next(null);
+            return
+        }
         res.status(401).send({message: "invalid user or password"})
-        return;
-    }
-    req.currentUser = user;
-    
-    next(null);
+    })
 })
-require('./controllers/user')(app)
-require('./controllers/post')(app)
 
 
-app.listen(100)
\ No newline at end of file
+require('./controllers/user')(app);
+require('./controllers/post')(app);
+
+GLOBAL.deletePwd = function(users){
+    if (_.isArray(users)){
+        return _.map(users, function(user){
+            var userCopy = _.clone(user)
+            delete userCopy.pwd;
+            return userCopy;
+        })
+    } else {
+        var userCopy = _.clone(users)
+        delete userCopy.pwd;
+        return userCopy;
+    }
+}
\ No newline at end of file
diff --git a/controllers/post.js b/controllers/post.js
index 392ed98..d818608 100644
--- a/controllers/post.js
+++ b/controllers/post.js
@@ -1,70 +1,112 @@
-module.exports=function(app){
-    
+module.exports = function(app){
+
     app.post('/user/:id/wall', function(req, res){
+        
         if(!req.body.content){
             res.status(400).send({message:'content required'})
             return;
         }
-        var uniqueId = Date.now();
         var post = {
             content: req.body.content,
-            id: String(++uniqueId),
-            authorId: req.currentUser.id,
-            ownerId: req.params.id
+            authorId: {$ref: "users", $id: req.currentUser._id},
+            ownerId: {$ref: "users", $id: new ObjectID(req.params.id)}
         };
-        DB.posts.push(post)
-        DB.save();
-        res.send(post);
+
+        PostsCollection.insert(post, function(err, data){
+            res.send(post);
+        })
     })
 
-    app.get('/post', function(req, res){
-        res.send(DB.posts);
+    app.get('/posts', function(req, res){
+        
+        PostsCollection
+            .find({})
+            .toArray(function(err, posts){
+                async.mapLimit(
+                    posts, 
+                    5, 
+                    function(post, next){
+                        UsersCollection.findOne({_id: post.authorId.oid}, function(err, data){
+                                           
+                            post.author = deletePwd(data);
+
+                            UsersCollection.findOne({_id: post.ownerId.oid}, function(err, data){
+                                post.owner = deletePwd(data);
+                                delete post.authorId;
+                                delete post.ownerId;
+                                next(null, post);
+                            })
+                        })
+                    }, 
+                    function(err, data){
+                        res.send(data);
+                    }
+                )
+        })
     })
 
     app.get('/posts/:id', function(req, res){
-       var post = _.clone(_.findWhere(DB.posts,{"id":req.params.id}));
-        if(!post){
-            res.status(404).send({message:"not found"})
-            return;
-        }
-        res.send(post)
+       PostsCollection.findOne({_id: new ObjectID(req.params.id)}, function(err, post){
+            if(!post){
+                res.status(404).send({message:"not found"})
+                return;
+            }
+            UsersCollection.findOne({_id: post.authorId.oid}, function(err, data){
+                post.author = deletePwd(data);
+
+                UsersCollection.findOne({_id: post.ownerId.oid}, function(err, data){
+                    post.owner = deletePwd(data);
+                    delete post.authorId;
+                    delete post.ownerId;
+                    res.send(post)
+                })
+            })
+            
+        })
     })
 
-    app.put('/posts/:id',function(req,res){
-        var post = _.findWhere(DB.posts,{"id":req.params.id});
-        if(!post){
-            res.status(404).send({message:"not found"})
-            return;
-        }
-        if(req.currentUser.id != post.authorId){
-            res.status(405).send({message: "Not Allowed"})
-            return;
-        }
-        if(!req.body.content){
-            res.status(400).send({message:'content required'})
+    app.put('/posts/:id', function(req,res){
+        PostsCollection.findOne({_id: new ObjectID(req.params.id)}, function(err, post){
+            if(!post){
+                res.status(404).send({message:"not found"})
+                return;
+            }
+            if(req.currentUser._id.toString() != post.authorId.oid.toString()){
+                res.status(405).send({message: "Not Allowed"})
+                return;
+            }
+            if(!req.body.content){
+                res.status(400).send({message:'content required'})
             return;
-        }
-        
-        post.content = req.body.content;
-        DB.save();
-        
-        res.send(post)
+            }
+            
+            PostsCollection.update(
+                {_id: post._id},
+                {$set: {content: req.body.content}},
+                function(err, data){
+                    post.content = req.body.content
+                    res.send(post)    
+                }
+            )
+        })
     })
 
     app.delete('/posts/:id', function(req, res){
-        var post = _.findWhere(DB.posts,{"id":req.params.id});
-        if(!post){
-            res.status(404).send({message:"not found"})
-            return;
-        }
-        if(!(req.currentUser.id == post.authorId || req.currentUser.id == post.ownerId)){
-             res.status(405).send({message: "Not Allowed"})
-            return;
-        }
-        
-        DB.posts.splice(DB.posts.indexOf(post),1);
-        DB.save();
-        
-        res.send("deleted")
+        PostsCollection.findOne({_id: new ObjectID(req.params.id)}, function(err, post){
+            if(!post){
+                res.status(404).send({message:"not found"})
+                return;
+            }
+            if(!(req.currentUser._id.toString() == post.authorId.oid.toString() || req.currentUser._id.toString() == post.ownerId.oid.toString())){
+                res.status(405).send({message: "Not Allowed"})
+                return;
+            }  
+            PostsCollection.remove({_id: new ObjectID(req.params.id)}, function(err, post){
+               res.send("deleted") 
+            })
+            
+        })
+       
     })
+
 }
\ No newline at end of file
diff --git a/controllers/user.js b/controllers/user.js
index d85a017..2dbf6a2 100644
--- a/controllers/user.js
+++ b/controllers/user.js
@@ -5,7 +5,7 @@ module.exports = function(app){
     })
 
     app.put('/me',function(req, res){
-        var user = _.findWhere(DB.users,{"id":req.currentUser.id});
+        
         if (req.body.email && req.body.email=="") {
             res.status(400).send({message: "Email is required"})
             return;
@@ -17,105 +17,194 @@ module.exports = function(app){
             return;
         }
 
-        var userWithEmail = _.findWhere(DB.users,{"email":req.body.email});
-        var userWithNick = _.findWhere(DB.users,{"nick":req.body.nick});
+        var user = req.currentUser;
+   
+        async.parallel(
+            [
+                function(callback){
+                    UsersCollection.findOne({email: req.body.email}, function(err,data){
+                        callback(err, data)
+                    })
+                },
+                function(callback){
+                    UsersCollection.findOne({nick: req.body.nick}, function(err,data){
+                        callback(err, data)
+                    })
+                }
+            ], 
+            function(err, data){
+                var userWithEmail = data[0];
+                var userWithNick = data[1];
+              
+                
+                if (req.body.email && userWithEmail && userWithEmail._id.toString() != user._id.toString()){
+                    res.status(400).send({message: "This Email is not available"})
+                    return;
+                } else if (req.body.nick && userWithNick && userWithNick._id.toString() != user._id.toString()){
+                    res.status(400).send({message: "This Nick is not available"})
+                    return;
+                } else { 
 
-        if (userWithEmail && userWithEmail.id != user.id){
-            res.status(400).send({message: "This Email is not available"})
-            return;
-        } else if (userWithNick && userWithNick.id != user.id){
-            res.status(400).send({message: "This Nick is not available"})
-            return;
-        }
+                    if (req.body.email){
+                        user.email = req.body.email;
+                    }
+                    if (req.body.nick){
+                        user.nick = req.body.nick;
+                    }
+                    if (req.body.pwd){
+                        user.pwd = sha1(req.body.pwd);
+                    }
 
-        if (req.body.email){
-            user.email = req.body.email;
-        }
-        if (req.body.nick){
-            user.nick = req.body.nick;
-        }
-        if (req.body.pwd){
-            user.pwd = sha1(req.body.pwd);
-        }
-        DB.save();
-        res.send(deletePwd(user));
+                    UsersCollection.update(
+                        {_id: user._id}, 
+                        user, 
+                        function(err, data){
+                            res.send(deletePwd(user)); 
+                        }
+                    )
+                    
+                }
+
+            }
+        )
     })
 
     app.get('/user', function(req, res) {
-        res.send(deletePwd(DB.users));
+        UsersCollection.find({}).toArray(function(err,data){
+            res.send(deletePwd(data));
+        })
     })
 
     app.get('/user/:id', function(req, res){
-        var user = _.clone(_.find(DB.users,function(usr){
-            return usr.id == req.params.id;
-        }));
-        if(!user){
-            res.status(404).send({message:"not found"})
-            return;
-        }
-        res.send(deletePwd(user))
+
+        UsersCollection.findOne({_id: new ObjectID(req.params.id)}, function(err, user){
+            if(!user){
+                res.status(404).send({message:"not found"})
+                return;
+            }
+            res.send(deletePwd(user))
+        })
     })
 
     app.get('/user/:id/wall',function(req,res){
-       res.send(_.where( DB.posts,{ownerId: req.params.id}));
-    })
 
+       PostsCollection
+        .find({"ownerId.$id": new ObjectID(req.params.id)})
+        .toArray(function(err, posts){
+            async.mapLimit(
+                posts, 
+                5, 
+                function(post, next){
+                    UsersCollection.findOne({_id: post.authorId.oid}, function(err, data){
+                                       
+                        post.author = deletePwd(data);
 
+                        UsersCollection.findOne({_id: post.ownerId.oid}, function(err, data){
+                            post.owner = deletePwd(data);
+                            delete post.authorId;
+                            delete post.ownerId;
+                            next(null, post);
+                        })
+                    })
+                }, 
+                function(err, data){
+                    res.send(data);
+                }
+            )
+        })
+    })
 
     app.get('/user/:id/following', function(req, res){
-        var user = _.clone(_.find(DB.users,function(usr){
-            return usr.id == req.params.id;
-        }));
+       
+        UsersCollection.findOne({_id: new ObjectID(req.params.id)}, function(err, user){
+            if(!user){
+                res.status(404).send({message:"not found"})
+                return;
+            }
 
-        if(!user){
-            res.status(404).send({message:"not found"})
-            return;
-        }
-
-        var following = _.filter(DB.users,function(usr){
-            return _.include(user.follow, usr.id);
-        });
-        
-        res.send(deletePwd(following))
+            UsersCollection.find({_id: {$in: user.follow}}).toArray(function(err, data){
+                           
+                res.send(deletePwd(data))
+            })
+            
+        })
     })
 
     app.get('/user/:id/followers', function(req, res){
 
-        var followers = _.clone(_.filter(DB.users,function(user){
-            return user.follow && _.include(user.follow, req.params.id);
-        }));
+        UsersCollection.findOne({_id: new ObjectID(req.params.id)}, function(err, user){
+            if(!user){
+                res.status(404).send({message:"not found"})
+                return;
+            }
 
-        res.send(deletePwd(followers))
+            UsersCollection.find({follow: new ObjectID(req.params.id)}).toArray(function(err,data){
+                res.send(deletePwd(data))
+            })
+        })
+
+        
     })
 
     app.post('/user/:id/follow', function(req, res){
-           
-        var user = _.findWhere(DB.users, {"id": req.currentUser.id});
-        user.follow = user.follow || [];
-        if(!_.include(user.follow, req.params.id)){
-            user.follow.push(req.params.id);
-            DB.save();
-        }
-        res.send("following "+req.params.id)
+         
+         UsersCollection.findOne({_id: new ObjectID(req.params.id)}, function(err, user){
+            if(!user){
+                res.status(404).send({message:"not found"})
+                return;
+            }
+
+            var user = req.currentUser;
+            user.follow = user.follow || [];
+            var follower = _.find(user.follow, function(userId){
+                return userId.toString() == req.params.id;
+            })
+            if (follower) { 
+                res.send("already following " + req.params.id) 
+                return
+            }
+            
+            user.follow.push(new ObjectID(req.params.id));
+
+            UsersCollection.update(
+                {_id: user._id}, 
+                {$set: {
+                    follow: user.follow
+                    }
+                },
+                function(err, data){
+                    res.send("following " + req.params.id) 
+                }
+            )
+        })
     })
 
     app.delete('/user/:id/follow', function(req, res){
-        var user = _.findWhere(DB.users, {"id": req.currentUser.id});
+        var user = req.currentUser;
         user.follow = user.follow || [];
-        user.follow = _.without(user.follow, req.params.id)
-        DB.save();
-        res.send("not following "+req.params.id)
+        user.follow = _.filter(user.follow, function(userId){
+            return userId.toString() != req.params.id;
+        })
+        
+        UsersCollection.update(
+            {_id: user._id}, 
+            {$set: {
+                follow: user.follow
+                }
+            },
+            function(err,data){
+                res.send("not following " + req.params.id)   
+            }
+        )
+        
     })
 
     app.post('/register', function(req, res) {
         
-        var uniqueId = Date.now();
-        console.log(req.body);
-        //проверить свободен ли ник и имейл
         if (!req.body.email) {
             res.status(400).send({message: "Email is required"})
             return;
-        } else if(req.body.email.indexOf("@")==-1){
+        } else if(req.body.email.indexOf("@") == -1){
              res.status(400).send({message: "Invalid Email"})
             return;
         } else if (!req.body.nick || req.body.nick == "") {
@@ -126,37 +215,43 @@ module.exports = function(app){
             return;
         }
 
-        if (_.findWhere(DB.users,{"email":req.body.email})){
-            res.status(400).send({message: "This Email is not available"})
-            return;
-        } else if (_.findWhere(DB.users,{"nick":req.body.nick})){
-            res.status(400).send({message: "This Nick is not available"})
-            return;
-        }
-        var user = {
-            email: req.body.email,
-            nick: req.body.nick,
-            pwd: sha1(req.body.pwd),
-            id: String(++uniqueId)
-        };
-
-        DB.users.push(user)
-        DB.save();
-        res.send(deletePwd(user))
-    })
+        async.parallel(
+            [
+                function(callback){
+                    UsersCollection.findOne({email: req.body.email}, function(err,data){
+                        callback(err, data)
+                    })
+                },
+                function(callback){
+                    UsersCollection.findOne({nick: req.body.nick}, function(err,data){
+                        callback(err, data)
+                    })
+                }
+            ], 
+            function(err, data){
+                var userWithEmail = data[0];
+                var userWithNick = data[1];
+              
+                
+                if (userWithEmail){
+                    res.status(400).send({message: "This Email is not available"})
+                    return;
+                } else if (userWithNick){
+                    res.status(400).send({message: "This Nick is not available"})
+                    return;
+                } else { 
+                    var user = {
+                            email: req.body.email,
+                            nick: req.body.nick,
+                            pwd: sha1(req.body.pwd)
+                        };
 
+                    UsersCollection.insert(user, function(err, data){
+                            res.send(deletePwd(user));
+                    })
+                }
+            }
+        )
+    })
 
-    function deletePwd(users){
-        if (_.isArray(users)){
-            return _.map(users, function(user){
-                var userCopy = _.clone(user)
-                delete userCopy.pwd;
-                return userCopy;
-            })
-        } else {
-            var userCopy = _.clone(users)
-            delete userCopy.pwd;
-            return userCopy;
-        }
-    }
 }
\ No newline at end of file
diff --git a/db.json b/db.json
deleted file mode 100644
index 11f5aec..0000000
--- a/db.json
+++ /dev/null
@@ -1 +0,0 @@
-{"users":[{"email":"a1@aa.ss","nick":"a11","pwd":"40bd001563085fc35165329ea1ff5c5ecbdbbeef","id":"1440414192088","follow":["1440414199369","1440414206623"]},{"email":"a2@aa.ss","nick":"a2","pwd":"40bd001563085fc35165329ea1ff5c5ecbdbbeef","id":"1440414199369"},{"email":"a3@aa.ss","nick":"a3","pwd":"40bd001563085fc35165329ea1ff5c5ecbdbbeef","id":"1440414206623"},{"email":"x1@aa.ss","nick":"x1","pwd":"cfa1150f1787186742a9a884b73a43d8cf219f9b","id":"1440414229782"}],"posts":[{"content":"bu!","id":"1440414489207","authorId":"1440414192088","ownerId":"1440414199369"},{"content":"that's me!","id":"1440414532295","authorId":"1440414192088","ownerId":"1440414206623"}]}
\ No newline at end of file
diff --git a/package.json b/package.json
index 0d8bcba..2e4e4c1 100644
--- a/package.json
+++ b/package.json
@@ -4,6 +4,7 @@
   "dependencies": {
     "body-parser": "^1.13.3",
     "express": "^4.13.3",
+    "mongodb": "^2.0.42",
     "underscore": "^1.8.3"
   }
 }

From 61e441df0215eedf507dd60f52526c0d5a2c6884 Mon Sep 17 00:00:00 2001
From: SSosedova <snejik1111@gmail.com>
Date: Mon, 31 Aug 2015 01:22:01 +0300
Subject: [PATCH 5/5] with Mongo

---
 app.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app.js b/app.js
index f856e29..a5aaf96 100644
--- a/app.js
+++ b/app.js
@@ -8,7 +8,8 @@ var bodyParser = require('body-parser');
 var fs = require('fs')
 var app = express();
 var MongoClient = require('mongodb').MongoClient
-var url = 'mongodb://localhost:27017/socialNetwork'; // в консоли монго смотреть через: use socialNetwork, затем можно db.users.find({}) и т.п.
+var url = 'mongodb://localhost:27017/socialNetwork'; 
+
 MongoClient.connect(url, function(err, db){
 
     console.log("Connected corretly to server");
@@ -59,7 +60,6 @@ app.use(function (req, res, next) {
     })
 })
 
-
 require('./controllers/user')(app);
 require('./controllers/post')(app);