From 429fc5a8ac8afde68b379a7f59c69d99c32a62f0 Mon Sep 17 00:00:00 2001
From: Sahat Yalkabov <sakhat@gmail.com>
Date: Fri, 18 Apr 2014 14:37:06 -0400
Subject: [PATCH] Code cleanup, updated README packages table

---
 README.md    |  2 +-
 app.js       | 13 +++++++++----
 package.json |  3 +--
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 8c11948e56..27759f1fe4 100644
--- a/README.md
+++ b/README.md
@@ -348,7 +348,6 @@ List of Packages
 | static-favicon                  | Express 4.0 middleware. |
 | express-session                 | Express 4.0 middleware. |
 | morgan                          | Express 4.0 middleware. |
-| csurf                           | Express 4.0 middleware. |
 | compression                     | Express 4.0 middleware. |
 | errorhandler                    | Express 4.0 middleware. |
 | method-override                 | Express 4.0 middleware. |
@@ -359,6 +358,7 @@ List of Packages
 | jade                            | Template engine for Express. |
 | lastfm                          | Last.fm API library. |
 | less                            | LESS compiler. Used implicitly by connect-assets. |
+| lusca                           | CSRF middleware.        |
 | mongoose                        | MongoDB ODM. |
 | node-foursquare                 | Foursquare API library. |
 | node-linkedin                   | LinkedIn API library. |
diff --git a/app.js b/app.js
index 26eba7449c..afc58de08e 100755
--- a/app.js
+++ b/app.js
@@ -62,7 +62,7 @@ var day = hour * 24;
 var week = day * 7;
 
 var csrfWhitelist = [
-  '/signup'
+  '/this-url-will-bypass-csrf'
 ];
 
 app.set('port', process.env.PORT || 3000);
@@ -96,7 +96,6 @@ app.use(function(req, res, next) {
 });
 app.use(function(req, res, next) {
   res.locals.user = req.user;
-  res.locals.secrets = secrets;
   next();
 });
 app.use(flash());
@@ -196,13 +195,19 @@ app.get('/auth/venmo/callback', passport.authorize('venmo', { failureRedirect: '
 });
 
 
-// 404 error handler
+/**
+ * 404 Error Handler
+ */
+
 app.use(function(req, res) {
   res.status(404);
   res.render('404');
 });
 
-// 500 error handler
+/**
+ * 500 Error Handler.
+ */
+
 app.use(errorHandler());
 
 /**
diff --git a/package.json b/package.json
index 7adf6fac98..9608f9743c 100755
--- a/package.json
+++ b/package.json
@@ -23,7 +23,6 @@
     "static-favicon": "^1.0.2",
     "express-session": "^1.0.2",
     "morgan": "^1.0.0",
-    "csurf": "^1.1.0",
     "compression": "^1.0.1",
     "errorhandler": "^1.0.0",
     "method-override": "^1.0.0",
@@ -34,6 +33,7 @@
     "jade": "^1.3.1",
     "lastfm": "^0.9.0",
     "less": "^1.7.0",
+    "lusca": "^1.0.0",
     "mongoose": "^3.8.8",
     "node-foursquare": "^0.2.0",
     "node-linkedin": "^0.1.6",
@@ -54,7 +54,6 @@
     "underscore": "^1.6.0",
     "uglify-js": "^2.4.12",
     "validator": "^3.9.0",
-    "lusca": "^1.0.0"
   },
   "devDependencies": {
     "mocha": "^1.18.2",