Update to work with Express 4

package.json

@@ -11,11 +11,18 @@
     "bcrypt": "~0.7.7",
     "underscore": "~1.5.2",
     "hbs": "~2.4.0",
-    "express": "~3.x.x"
+    "express": "~4.x.x",
+    "compression": "1.2.0",
+    "body-parser": "1.9.2",
+    "cookie-parser": "1.3.3",
+    "express-session": "1.9.1",
+    "method-override": "2.3.0",
+    "errorhandler": "1.2.2",
+    "csurf": "1.6.3"
   },
   "engines": {
     "node": "0.10.x",
     "npm": "1.2.x"
   },
   "subdomain": "backbone-login"
-}
+}

server.js

@@ -15,11 +15,18 @@ var express = require('express'),
     sqlite = require("sqlite3"),
     _ = require("underscore"),
 
+    compression = require('compression');
+    bodyParser = require('body-parser'),
+    cookieParser = require('cookie-parser'),
+    session = require('express-session'),
+    methodOverride = require('method-override'),
+    errorHandler = require('errorhandler'),
+    csrf = require('csurf'),
+
     app = express(),
     server = http.createServer(app).listen( process.env.PORT || config.port);
 
 
-
 // Initialize sqlite and create our db if it doesnt exist
 var sqlite3 = require("sqlite3").verbose();
 var db = new sqlite3.Database(__dirname+'/db/bb-login.db');
@@ -32,41 +39,26 @@ db.run("CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY, name TEXT, use
 // Allow node to be run with proxy passing
 app.enable('trust proxy');
 
-// Logging config
-app.configure('local', function(){
-    app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
-});
-app.configure('development', function(){
-    app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
-});
-app.configure('production', function(){
-    app.use(express.errorHandler());
-});
-
-
-// Compression (gzip)
-app.use( express.compress() );
-app.use( express.methodOverride() );
-app.use( express.urlencoded() );            // Needed to parse POST data sent as JSON payload
-app.use( express.json() );
-
-
-// Cookie config
-app.use( express.cookieParser( config.cookieSecret ) );           // populates req.signedCookies
-app.use( express.cookieSession( config.sessionSecret ) );         // populates req.session, needed for CSRF
-
 // We need serverside view templating to initially set the CSRF token in the <head> metadata
 // Otherwise, the html could just be served statically from the public directory
 app.set('view engine', 'html');
 app.set('views', __dirname + '/views' );
 app.engine('html', require('hbs').__express);
 
+// Compression (gzip)
+app.use( compression({ threshold: 512 }) );
+app.use( methodOverride() );
+app.use( bodyParser.json() );
+app.use( bodyParser.urlencoded({ extended: false }) );            // Needed to parse POST data sent as JSON payload
 
-app.use(express.static(__dirname+'/public'));
-app.use(express.csrf());
+
+// Cookie config
+app.use( cookieParser( config.cookieSecret ) );           // populates req.signedCookies
+app.use( session( { secret: config.sessionSecret, resave: true, saveUninitialized: true } ) );         // populates req.session, needed for CSRF
 
 
-app.use( app.router );
+app.use(express.static(__dirname+'/public'));
+app.use(csrf());
 
 
 app.get("/", function(req, res){
@@ -162,6 +154,21 @@ app.post("/api/auth/remove_account", function(req, res){
 });
 
 
+// catch 404 and forward to error handler
+app.use(function(req, res, next) {
+	var err = new Error('Not Found');
+	err.status = 404;
+	next(err);
+});
+
+if (app.get('env') === 'development') {
+  app.use(errorHandler( { dumpExceptions: true, showStack: true } ));
+}
+
+// do not use this for production
+app.use(errorHandler());
+
+
 // Close the db connection on process exit 
 // (should already happen, but to be safe)
 process.on("exit", function(){