From f79790e701b2d1ef6b40a9603cdfc402b5fc8bf3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hande=20=C3=96zaygen?= Date: Thu, 13 Nov 2014 17:48:24 +0100 Subject: [PATCH 1/2] updated dependencies to use express 4 API --- package.json | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index ab6a227..81751b2 100644 --- a/package.json +++ b/package.json @@ -11,11 +11,18 @@ "bcrypt": "~0.7.7", "underscore": "~1.5.2", "hbs": "~2.4.0", - "express": "~3.x.x" + "express": "~4.x.x", + "compression": "1.2.0", + "body-parser": "1.9.2", + "cookie-parser": "1.3.3", + "express-session": "1.9.1", + "method-override": "2.3.0", + "errorhandler": "1.2.2", + "csurf": "1.6.3" }, "engines": { "node": "0.10.x", "npm": "1.2.x" }, "subdomain": "backbone-login" -} \ No newline at end of file +} From 43c8d0a3c49a412b8afe50bba5e361c5bf9c71e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hande=20=C3=96zaygen?= Date: Thu, 13 Nov 2014 17:49:10 +0100 Subject: [PATCH 2/2] updated to work with express 4 --- server.js | 61 +++++++++++++++++++++++++++++++------------------------ 1 file changed, 34 insertions(+), 27 deletions(-) diff --git a/server.js b/server.js index 9f04a21..8b74981 100644 --- a/server.js +++ b/server.js @@ -15,11 +15,18 @@ var express = require('express'), sqlite = require("sqlite3"), _ = require("underscore"), + compression = require('compression'); + bodyParser = require('body-parser'), + cookieParser = require('cookie-parser'), + session = require('express-session'), + methodOverride = require('method-override'), + errorHandler = require('errorhandler'), + csrf = require('csurf'), + app = express(), server = http.createServer(app).listen( process.env.PORT || config.port); - // Initialize sqlite and create our db if it doesnt exist var sqlite3 = require("sqlite3").verbose(); var db = new sqlite3.Database(__dirname+'/db/bb-login.db'); @@ -32,41 +39,26 @@ db.run("CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY, name TEXT, use // Allow node to be run with proxy passing app.enable('trust proxy'); -// Logging config -app.configure('local', function(){ - app.use(express.errorHandler({ dumpExceptions: true, showStack: true })); -}); -app.configure('development', function(){ - app.use(express.errorHandler({ dumpExceptions: true, showStack: true })); -}); -app.configure('production', function(){ - app.use(express.errorHandler()); -}); - - -// Compression (gzip) -app.use( express.compress() ); -app.use( express.methodOverride() ); -app.use( express.urlencoded() ); // Needed to parse POST data sent as JSON payload -app.use( express.json() ); - - -// Cookie config -app.use( express.cookieParser( config.cookieSecret ) ); // populates req.signedCookies -app.use( express.cookieSession( config.sessionSecret ) ); // populates req.session, needed for CSRF - // We need serverside view templating to initially set the CSRF token in the metadata // Otherwise, the html could just be served statically from the public directory app.set('view engine', 'html'); app.set('views', __dirname + '/views' ); app.engine('html', require('hbs').__express); +// Compression (gzip) +app.use( compression({ threshold: 512 }) ); +app.use( methodOverride() ); +app.use( bodyParser.json() ); +app.use( bodyParser.urlencoded({ extended: false }) ); // Needed to parse POST data sent as JSON payload -app.use(express.static(__dirname+'/public')); -app.use(express.csrf()); + +// Cookie config +app.use( cookieParser( config.cookieSecret ) ); // populates req.signedCookies +app.use( session( { secret: config.sessionSecret, resave: true, saveUninitialized: true } ) ); // populates req.session, needed for CSRF -app.use( app.router ); +app.use(express.static(__dirname+'/public')); +app.use(csrf()); app.get("/", function(req, res){ @@ -162,6 +154,21 @@ app.post("/api/auth/remove_account", function(req, res){ }); +// catch 404 and forward to error handler +app.use(function(req, res, next) { + var err = new Error('Not Found'); + err.status = 404; + next(err); +}); + +if (app.get('env') === 'development') { + app.use(errorHandler( { dumpExceptions: true, showStack: true } )); +} + +// do not use this for production +app.use(errorHandler()); + + // Close the db connection on process exit // (should already happen, but to be safe) process.on("exit", function(){