hash of passwords with md5 done

controllers/userController.js

@@ -2,6 +2,8 @@
 var mongoose = require('mongoose');
 var userModel  = mongoose.model('userModel');
 
+var md5 = require('md5');
+
 /* */
 var jwt    = require('jsonwebtoken'); // used to create, sign, and verify tokens
 var express         = require("express");
@@ -70,7 +72,7 @@ exports.addUser = function(req, res) {
 
 	var user = new userModel({
 		username: req.body.username,
-		password: req.body.password,
+		password: md5(req.body.password),
 	    description:   req.body.description,
 	    avatar:   req.body.avatar,
 	    mail:   req.body.mail,
@@ -88,7 +90,7 @@ exports.addUser = function(req, res) {
 exports.updateUser = function(req, res) {
 	userModel.findById(req.params.id, function(err, user) {
 		user.username   = req.body.username;
-		user.password    = req.body.password;
+		user.password    = md5(req.body.password);
 		user.description = req.body.description;
 		user.avatar  = req.body.avatar;
 		user.mail = req.body.mail;
@@ -128,6 +130,8 @@ exports.login = function(req, res) {
       res.json({ success: false, message: 'Authentication failed. User not found.' });
     } else if (user) {
 
+			req.body.password=md5(req.body.password);
+
       // check if password matches
       if (user.password != req.body.password) {
         res.json({ success: false, message: 'Authentication failed. Wrong password.' });

package.json

@@ -12,6 +12,7 @@
     "jsonwebtoken": "latest",
     "method-override": "^2.1.2",
     "mongoose": "latest",
-    "morgan": "latest"
+    "morgan": "latest",
+    "md5": "latest"
   }
 }