Though its trite as hell we'll be starting with a users collection. If it helps assume all your users are hot chicks and superheros.

var mongoose = require('mongoose');
var db = require('./db');
//var address = require('./address');

 * NOTE: username stored in _id
 * @TODO: salted password "double blind" encryption
var db = require('./db');

module.exports = {
    _schema: null,
    _schema_def: {
         _id: String
       , name: String
       , password: {type: String, required: true}
       , validated: {type: Boolean, default: false}
       , email: String
       , roles: [String]
       , cans: [String]     // a denormalized list of things this user can do derived from aggreate of roles
       , notes: [String]
       //, address: address.schema()
    schema: function(){
        if (!module.exports._schema){
            module.exports._schema = new mongoose.Schema(module.exports._schema_def);
        return module.exports._schema;
    _model: null,
     * note - a lot of "find" type functions of model are
     *        static functions of the model object.
     *        If you want to create a new record, save it, etc.
     *        call model(true) and treat the result as an activeRecord.
    model: function(new_instance){
        if (!module.exports._model){
            var schema = module.exports.schema();
         //   console.log('schema for users');
         //   console.log(schema);
            mongoose.model('Users', schema);
            module.exports._model = mongoose.model('Users');
        return new_instance ?
           new module.exports._model() :
    authenticate: function(id, password, callback){
        var m = module.exports.model();
        m.findOne({_id: id, password: password}, callback); // not checking password yet

That being done lets take a look.

The only outwardly important method is model.

Model returns one of two possible results - its overloaded. With no parameters it returns the raw model; this is an object that you can use to find() data from, etc. its effctively a "table" class. This is used in the authenticate method of the user module.

If you call model(true) it returns an active record that you can use to create a new record as in:

var user_module = require('./../model/user');
var new_user = user_module.model();
// assume you are sure that the username "bill" has not been taken yet
new_user._id = "bill";
new_user.password = "Folger$";, result){
 // and go on.

Another takeaway from this example: while _id is by default an object with a hashed value, in Mongo - and in Mongoose this is not the ONLY valid type for a Mongo _id - if you have a specific and unique key for a dataset - and a username is definately one of those - then it makes a lovely key and in that case this is what we have done.