Commented some things.

server/auth/auth-controller.js

@@ -1,4 +1,5 @@
 var authController = {};
+//Function to get the user info and return it in json
 authController.getUser = function (req, res) {
     if (req.user && req.user.id) {
         res.json(req.user);
@@ -6,11 +7,12 @@ authController.getUser = function (req, res) {
     }
     res.status(400).json(null);
 };
+//Function to logout
 authController.logout = function (req, res) {
     req.logout();
     res.redirect('/');
 };
-
+//Function to login? Not sure, might be able to remove this or move some router functions to here?
 authController.login = function (req, res) {
     res.redirect('/');
 };

server/auth/auth-router.js

@@ -7,50 +7,61 @@ var r = require('../db');
 
 var bcrypt = require('bcryptjs');
 
-// GitHub
+//GitHub authentication routes
+//GitHub authentication callback route
 authRouter.use('/login/callback/github', auth.authenticate('github'), function (req, res) {
     res.redirect('/');
 });
-authRouter.get('/login/github', auth.authenticate('github', { scope: [ 'user:email' ] }));
+//GitHub authentication route
+authRouter.get('/login/github', auth.authenticate('github'));
 
-// Local
+//Local authentication routes
+//Local login route
 authRouter.get('/login', auth.authenticate('local', {successRedirect: '/auth/user', failureRedirect: '/login'}), function(req, res) {
     // If this function gets called, authentication was successful.
     // `req.user` contains the authenticated user.
     res.redirect("/auth/user");
 });
 
-// Local
+//Local register route
 authRouter.get('/register', function(req, res) {
+    //Checks if the email, username and password are valid
     req.checkQuery('email', 'Invalid email').isEmail();
     req.checkQuery('username', 'Invalid getparam').notEmpty();
     req.checkQuery('password', 'Invalid getparam').notEmpty();
+
     var query = req.query;
 
+    //Check to see if there are any errors, and throw them if so
     var errors = req.validationErrors();
     if (errors) {
         res.send('There have been validation errors: ', 400);
         return;
     } else {
         //TODO Check if username/email already exists
+        //Check to see if a user with that username already exists
         r.table("users").getAll(query.username.toLowerCase(), {index: "usernameL"}).isEmpty().run(r.conn, function(err, result) {
             if (err) throw err;
             if (result) {
+                //Check to see if a user with that email already exists
                 r.table("users").getAll(query.email.toLowerCase(), {index: "email"}).isEmpty().run(r.conn, function(err, result) {
                     if (err) throw err;
                     if (result) {
                         //TODO Hash password
                         var hash;
+                        //Generating a salt
                         bcrypt.genSalt(10, function (err, salt) {
                             if (err) {
                                 //TODO Throw error
                             } else {
+                                //Hashing the password with the salt
                                 bcrypt.hash(query.password, salt, function (err, hash) {
                                     if (err) {
                                         //TODO Throw error
                                     } else {
                                         var email = query.email.toLowerCase();
                                         var usernameL = query.username.toLowerCase();
+                                        //Inserting the user object into the database
                                         r.table('users')
                                             .insert({
                                                 username: query.username,
@@ -63,10 +74,12 @@ authRouter.get('/register', function(req, res) {
                                             .then(function (response) {
 
                                                 return r.table('users')
+                                                    //Getting the newly created user
                                                     .get(response.generated_keys[0])
                                                     .run(r.conn);
                                             })
                                             .then(function (newUser) {
+                                                //Logging in
                                                 //TODO Log in
                                             });
                                     }
@@ -84,8 +97,9 @@ authRouter.get('/register', function(req, res) {
     }
 });
 
-// All
+//Route to get user info
 authRouter.use('/user', authControllers.getUser);
+//Route to logout
 authRouter.use('/logout', authControllers.logout);
 
 module.exports = authRouter;

server/auth/index.js

@@ -4,10 +4,12 @@ var LocalStrategy = require('passport-local').Strategy;
 var r = require('../db');
 var bcrypt = require('bcryptjs');
 
+//This stores the user id in the session as a reference, and is used to call deserializeUser when it needs all info
 passport.serializeUser(function (user, done) {
     return done(null, user.id);
 });
 
+//This returns the user the user info from the user id
 passport.deserializeUser(function (id, done) {
     r
         .table('users')
@@ -19,6 +21,7 @@ passport.deserializeUser(function (id, done) {
         });
 });
 
+//This function gets called when trying to log in, to make the code more efficient and not using repetitive code
 var loginCallbackHandler = function (objectMapper, type) {
     return function (arg1, arg2, arg3, arg4) {
         /*
@@ -42,6 +45,7 @@ var loginCallbackHandler = function (objectMapper, type) {
             done = arg3;
         }
 
+        //Arg1 is the accessToken when using GitHub, so we are checking if it's not null to make sure everything is fine
         if (arg1 !== null) {
             r
                 .table('users')
@@ -57,6 +61,7 @@ var loginCallbackHandler = function (objectMapper, type) {
                                 } else if (userType === "local" && userType === type) {
                                     var hash = users[0].password;
                                     console.log("Checking password...");
+                                    //This compares the user hash with the password put in
                                     bcrypt.compare(arg2, hash, function(err, isMatch) {
                                         if (err || isMatch === false) {
                                             //Incorrect password/error occured
@@ -76,6 +81,8 @@ var loginCallbackHandler = function (objectMapper, type) {
                                     }
                                 }
                             } else if (type === "github") {
+                                //TODO Check if this allows you to have duplicate emails/usernames
+                                //This gets called to create an account with GitHub if none exist yet
                                 return r.table('users')
                                     .insert(objectMapper(arg3))
                                     .run(r.conn)
@@ -100,15 +107,18 @@ var loginCallbackHandler = function (objectMapper, type) {
         }
     };
 };
+//This is the callback url which gets used with the GitHub authentication
+//TODO Make this config dependent so it's not hardcoded
 var callbackURL = 'http://127.0.0.1:3000/auth/login/callback';
 
-// Github
+//Github strategy
 passport.use(new GitHubStrategy({
         clientID: "c5516f218aa8682ac67d",
-        clientSecret: "5a3ee482ab2eb4ade56ab6ea01fd7544dd9a9be9",
+        clientSecret: "5a3ee482ab2eb4ade56ab6ea01fd7544dd9a9be9",//TODO Make this secret
         callbackURL: callbackURL + '/github'
     },
     loginCallbackHandler(function (profile) {
+        //The object that gets created with the GitHub API response, which will be inserted into the users table
         return {
             'username': profile.username,
             'usernameL': profile.username.toLowerCase(),
@@ -119,12 +129,13 @@ passport.use(new GitHubStrategy({
     }, 'github')
 ));
 
-// Local
+//Local strategy
 passport.use(new LocalStrategy(
     {},
     loginCallbackHandler(undefined, 'local')
 ));
 
+//Function to check if user is logged in
 passport.checkIfLoggedIn = function (req, res, next) {
     if (req.user) {
         return next();

server/db/index.js

@@ -2,6 +2,8 @@ var r = require('rethinkdb');
 require('rethinkdb-init')(r);
 
 r.connections = [];
+
+//Creates new connection
 r.getNewConnection = function () {
     return r.connect({host: 'localhost', port: 28015, db: 'musare'}).then(function (conn) {
         conn.use("musare");
@@ -10,6 +12,7 @@ r.getNewConnection = function () {
     });
 };
 
+//Sets up the tables for the database
 r.init({host: 'localhost', port: 28015, db: 'musare'}, [
     {
         name: 'users',