diff --git a/app.js b/app.js
index 12f8c7d061..9e1b053c28 100755
--- a/app.js
+++ b/app.js
@@ -35,23 +35,23 @@ app.use(passport.session());
 app.use(express.static(path.join(__dirname, 'public')));
 app.use(app.router);
 
-// Routes
+// Routes (url path, corresponding controller)
 app.get('/', home.index);
 
 app.get('/login', user.getLogin);
-app.get('/signup', user.getSignup);
+app.post('/login', user.postlogin);
 
 app.get('/logout', user.logout);
 
-app.post('/login', user.postlogin);
+app.get('/signup', user.getSignup);
 app.post('/signup', user.postSignup);
 
 app.get('/account', auth.ensureAuthenticated, user.account);
 
-
 app.get('/admin', auth.ensureAuthenticated, auth.ensureAdmin(), user.admin);
 app.get('/api/name', api.name);
 app.get('/partials/:name', home.partials);
+
 app.get('*', home.index);
 
 
diff --git a/controllers/user.js b/controllers/user.js
index e50cdaf9d6..74389d3c37 100644
--- a/controllers/user.js
+++ b/controllers/user.js
@@ -13,11 +13,30 @@ exports.getLogin = function(req, res) {
 };
 
 exports.getSignup = function(req, res) {
-  res.render('signup', { user: req.user, message: req.session.messages });
+  res.render('signup', {
+    user: req.user,
+    message: req.session.messages
+  });
 };
 
 exports.postSignup = function(req, res) {
-  console.log('posted signup');
+
+  var user = new User({
+    firstName: req.body.firstName,
+    lastName: req.body.lastName,
+    email: req.body.email,
+    password: req.body.password
+  });
+
+  // TODO: add User.schema.path validation
+  // TODO: check if user already exists in user.save() by catching that error
+  user.save(function(err) {
+    console.log('New user created');
+    req.login(user, function(err) {
+      if (err) throw err;
+      res.redirect('/');
+    });
+  });
 };
 
 exports.admin = function(req, res) {