acao/users_controller.js

## users_controller.js
var bcrypt = require('bcrypt');

load('application');

before(loadUser, {only: ['show', 'edit', 'update', 'destroy']});
before(loadGroups, {only: ['new', 'edit']});

action('new', function () {
    this.title = 'New user';
    this.user = new User;
    render();
});

action(function create() {
    var user = {};
    user = req.body.User;

    //create temporary password
    //hash password
    var salt = bcrypt.genSaltSync(10);
    user.password = bcrypt.hashSync('password', salt);

    //create token
    var tokensalt = bcrypt.genSaltSync(10);
    user.token = bcrypt.hashSync(req.body.User['email'], tokensalt);

    User.create(user, function (err, user) {
        if (err) {
            flash('error', 'User can not be created');
            render('new', {
                user: user,
                title: 'New user'
            });
        } else {
            flash('info', 'User created');
            redirect(path_to.users());
        }
    });
});

action(function index() {
    var query = {};
    if (session.passport.user.role == 'participant') {
        query = {user: session.passport.user.id};
    } else if (session.passport.user.role == 'group') {
        query = {group: session.passport.user.group};
    }
    this.title = 'Users index';
    User.find(query, function (err, users) {
        render({
            users: users
        });
    });
});

action(function show() {
    this.title = 'User show';
    render();
});

action(function edit() {
    this.title = 'User edit';
    render();
});

action(function update() {
    var user = body.User

    //hash password
    var salt = bcrypt.genSaltSync(10);
    user.password = bcrypt.hashSync(user.password, salt);

    //find doc by id
    User.findOne({_id: user._id}, function (err, doc) {
        if (!err) {
            //update doc with user input
            for(var key in user) {
                if (user.hasOwnProperty(key)) {
                    doc[key] = user[key];
                }
            }
            //save updates
            doc.save(function (err) {
                if (!err) {
                    flash('info', 'Update successful.');
                    redirect('/users/' + user._id);
                }
            });
        } else {
            flash('error', 'Update failed.');
            this.title = 'Edit details';
            render('edit');
        }
    }.bind(this));
});

action(function destroy() {
    User.findOne({_id: this.user._id}, function (err, doc) {
        if (err) {
            flash('error', 'Can not destroy user');
        } else {
            doc.remove();
            flash('info', 'User successfully removed');
        }
        send("'" + path_to.users() + "'");
    });
});

function loadUser() {
    User.findOne({_id: params.id}, function (err, user) {
        if (err) {
            redirect(path_to.users());
        } else {
            this.user = user;
            next();
        }
    }.bind(this));
}

function loadGroups() {
    Group.find({}, function (err, groups){
        this.groups = groups;
        next();
    }.bind(this));
}
	var bcrypt = require('bcrypt');

	load('application');

	before(loadUser, {only: ['show', 'edit', 'update', 'destroy']});
	before(loadGroups, {only: ['new', 'edit']});

	action('new', function () {
	this.title = 'New user';
	this.user = new User;
	render();
	});

	action(function create() {
	var user = {};
	user = req.body.User;

	//create temporary password
	//hash password
	var salt = bcrypt.genSaltSync(10);
	user.password = bcrypt.hashSync('password', salt);

	//create token
	var tokensalt = bcrypt.genSaltSync(10);
	user.token = bcrypt.hashSync(req.body.User['email'], tokensalt);

	User.create(user, function (err, user) {
	if (err) {
	flash('error', 'User can not be created');
	render('new', {
	user: user,
	title: 'New user'
	});
	} else {
	flash('info', 'User created');
	redirect(path_to.users());
	}
	});
	});

	action(function index() {
	var query = {};
	if (session.passport.user.role == 'participant') {
	query = {user: session.passport.user.id};
	} else if (session.passport.user.role == 'group') {
	query = {group: session.passport.user.group};
	}
	this.title = 'Users index';
	User.find(query, function (err, users) {
	render({
	users: users
	});
	});
	});

	action(function show() {
	this.title = 'User show';
	render();
	});

	action(function edit() {
	this.title = 'User edit';
	render();
	});

	action(function update() {
	var user = body.User

	//hash password
	var salt = bcrypt.genSaltSync(10);
	user.password = bcrypt.hashSync(user.password, salt);

	//find doc by id
	User.findOne({_id: user._id}, function (err, doc) {
	if (!err) {
	//update doc with user input
	for(var key in user) {
	if (user.hasOwnProperty(key)) {
	doc[key] = user[key];
	}
	}
	//save updates
	doc.save(function (err) {
	if (!err) {
	flash('info', 'Update successful.');
	redirect('/users/' + user._id);
	}
	});
	} else {
	flash('error', 'Update failed.');
	this.title = 'Edit details';
	render('edit');
	}
	}.bind(this));
	});

	action(function destroy() {
	User.findOne({_id: this.user._id}, function (err, doc) {
	if (err) {
	flash('error', 'Can not destroy user');
	} else {
	doc.remove();
	flash('info', 'User successfully removed');
	}
	send("'" + path_to.users() + "'");
	});
	});

	function loadUser() {
	User.findOne({_id: params.id}, function (err, user) {
	if (err) {
	redirect(path_to.users());
	} else {
	this.user = user;
	next();
	}
	}.bind(this));
	}

	function loadGroups() {
	Group.find({}, function (err, groups){
	this.groups = groups;
	next();
	}.bind(this));
	}