calendar events

@@ -3,10 +3,22 @@ var express = require('express');
 var path = require('path');
 var path = require('path');
 var cookieParser = require('cookie-parser');
 var cookieParser = require('cookie-parser');
 var logger = require('morgan');
 var logger = require('morgan');
-
+var passport = require('passport');
+var session = require('express-session');
 var index = require('./routes/index');
 var index = require('./routes/index');
 var users = require('./routes/users');
 var users = require('./routes/users');
 var calendar = require('./routes/calendar');
 var calendar = require('./routes/calendar');
+var login = require('./routes/login');
+
+passport.serializeUser(function(user,done) {
+  console.log('serialized');
+  done(null,user);
+});
+passport.deserializeUser(function(user,done){
+  console.log('deserialized');
+  done(null,user);
+})
+
 var app = express();
 var app = express();
 
 
 // view engine setup (뷰 폴더 경로 설정)
 // view engine setup (뷰 폴더 경로 설정)
@@ -19,9 +31,19 @@ app.use(express.urlencoded({ extended: false }));
 app.use(cookieParser());
 app.use(cookieParser());
 app.use(express.static(path.join(__dirname, 'public')));
 app.use(express.static(path.join(__dirname, 'public')));
 
 
+app.use(session({
+  secret: 'secrettexthere',
+  saveUninitialized: true,
+  resave: true
+}));
+
+
+app.use(passport.initialize());
+app.use(passport.session());
 app.use('/', index);
 app.use('/', index);
 app.use('/users', users);
 app.use('/users', users);
 app.use('/calendar',calendar);
 app.use('/calendar',calendar);
+app.use('/login',login);
 
 
 // catch 404 and forward to error handler
 // catch 404 and forward to error handler
 app.use(function(req, res, next) {
 app.use(function(req, res, next) {

-{"web":{"client_id":"978869138601-u3euf0c04sbdor68r30m599gilvjn91e.apps.googleusercontent.com","project_id":"reminder-talk","auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://oauth2.googleapis.com/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_secret":"N7Uh_oVQZt-almzA4DkM4bm_","redirect_uris":["http://localhost:3000"],"javascript_origins":["http://localhost:3000"]}}
\ No newline at end of file
+{"web":{"client_id":"978869138601-u3euf0c04sbdor68r30m599gilvjn91e.apps.googleusercontent.com","project_id":"reminder-talk","auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://oauth2.googleapis.com/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_secret":"N7Uh_oVQZt-almzA4DkM4bm_","redirect_uris":["http://localhost:3000","http://localhost:3000/auth/success","http://localhost:3000/auth","http://localhost/auth/callback"],"javascript_origins":["http://localhost:3000"]}}
\ No newline at end of file

+#!/bin/sh
+basedir=$(dirname "$(echo "$0" | sed -e 's,\\,/,g')")
+
+case `uname` in
+    *CYGWIN*|*MINGW*|*MSYS*) basedir=`cygpath -w "$basedir"`;;
+esac
+
+if [ -x "$basedir/node" ]; then
+  "$basedir/node"  "$basedir/../needle/bin/needle" "$@"
+  ret=$?
+else 
+  node  "$basedir/../needle/bin/needle" "$@"
+  ret=$?
+fi
+exit $ret

+@ECHO off
+SETLOCAL
+CALL :find_dp0
+
+IF EXIST "%dp0%\node.exe" (
+  SET "_prog=%dp0%\node.exe"
+) ELSE (
+  SET "_prog=node"
+  SET PATHEXT=%PATHEXT:;.JS;=;%
+)
+
+"%_prog%"  "%dp0%\..\needle\bin\needle" %*
+ENDLOCAL
+EXIT /b %errorlevel%
+:find_dp0
+SET dp0=%~dp0
+EXIT /b

+#!/usr/bin/env pwsh
+$basedir=Split-Path $MyInvocation.MyCommand.Definition -Parent
+
+$exe=""
+if ($PSVersionTable.PSVersion -lt "6.0" -or $IsWindows) {
+  # Fix case when both the Windows and Linux builds of Node
+  # are installed in the same directory
+  $exe=".exe"
+}
+$ret=0
+if (Test-Path "$basedir/node$exe") {
+  & "$basedir/node$exe"  "$basedir/../needle/bin/needle" $args
+  $ret=$LASTEXITCODE
+} else {
+  & "node$exe"  "$basedir/../needle/bin/needle" $args
+  $ret=$LASTEXITCODE
+}
+exit $ret

+node_modules
\ No newline at end of file

+language: node_js
+node_js:
+  - 0.6
+  - 0.8
+notifications:
+  email:
+    recipients:
+      - brianloveswords@gmail.com
\ No newline at end of file

+# buffer-crc32
+
+[![Build Status](https://secure.travis-ci.org/brianloveswords/buffer-crc32.png?branch=master)](http://travis-ci.org/brianloveswords/buffer-crc32)
+
+crc32 that works with binary data and fancy character sets, outputs
+buffer, signed or unsigned data and has tests.
+
+Derived from the sample CRC implementation in the PNG specification: http://www.w3.org/TR/PNG/#D-CRCAppendix
+
+# install
+```
+npm install buffer-crc32
+```
+
+# example
+```js
+var crc32 = require('buffer-crc32');
+// works with buffers
+var buf = Buffer([0x00, 0x73, 0x75, 0x70, 0x20, 0x62, 0x72, 0x6f, 0x00])
+crc32(buf) // -> <Buffer 94 5a ab 4a>
+
+// has convenience methods for getting signed or unsigned ints
+crc32.signed(buf) // -> -1805997238
+crc32.unsigned(buf) // -> 2488970058
+
+// will cast to buffer if given a string, so you can
+// directly use foreign characters safely
+crc32('自動販売機') // -> <Buffer cb 03 1a c5>
+
+// and works in append mode too
+var partialCrc = crc32('hey');
+var partialCrc = crc32(' ', partialCrc);
+var partialCrc = crc32('sup', partialCrc);
+var partialCrc = crc32(' ', partialCrc);
+var finalCrc = crc32('bros', partialCrc); // -> <Buffer 47 fa 55 70>
+```
+
+# tests
+This was tested against the output of zlib's crc32 method. You can run
+the tests with`npm test` (requires tap)
+
+# see also
+https://github.com/alexgorbatchev/node-crc, `crc.buffer.crc32` also
+supports buffer inputs and return unsigned ints (thanks @tjholowaychuk).
+
+# license
+MIT/X11

+var Buffer = require('buffer').Buffer;
+
+var CRC_TABLE = [
+  0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419,
+  0x706af48f, 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4,
+  0xe0d5e91e, 0x97d2d988, 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07,
+  0x90bf1d91, 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de,
+  0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, 0x136c9856,
+  0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9,
+  0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4,
+  0xa2677172, 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b,
+  0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3,
+  0x45df5c75, 0xdcd60dcf, 0xabd13d59, 0x26d930ac, 0x51de003a,
+  0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599,
+  0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
+  0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190,
+  0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f,
+  0x9fbfe4a5, 0xe8b8d433, 0x7807c9a2, 0x0f00f934, 0x9609a88e,
+  0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01,
+  0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, 0x6c0695ed,
+  0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,
+  0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3,
+  0xfbd44c65, 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2,
+  0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a,
+  0x346ed9fc, 0xad678846, 0xda60b8d0, 0x44042d73, 0x33031de5,
+  0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa, 0xbe0b1010,
+  0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
+  0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17,
+  0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6,
+  0x03b6e20c, 0x74b1d29a, 0xead54739, 0x9dd277af, 0x04db2615,
+  0x73dc1683, 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8,
+  0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, 0xf00f9344,
+  0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,
+  0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a,
+  0x67dd4acc, 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5,
+  0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1,
+  0xa6bc5767, 0x3fb506dd, 0x48b2364b, 0xd80d2bda, 0xaf0a1b4c,
+  0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef,
+  0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
+  0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe,
+  0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31,
+  0x2cd99e8b, 0x5bdeae1d, 0x9b64c2b0, 0xec63f226, 0x756aa39c,
+  0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713,
+  0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, 0x92d28e9b,
+  0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,
+  0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1,
+  0x18b74777, 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c,
+  0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, 0xa00ae278,
+  0xd70dd2ee, 0x4e048354, 0x3903b3c2, 0xa7672661, 0xd06016f7,
+  0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc, 0x40df0b66,
+  0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
+  0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605,
+  0xcdd70693, 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8,
+  0x5d681b02, 0x2a6f2b94, 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b,
+  0x2d02ef8d
+];
+
+function bufferizeInt(num) {
+  var tmp = Buffer(4);
+  tmp.writeInt32BE(num, 0);
+  return tmp;
+}
+
+function _crc32(buf, previous) {
+  if (!Buffer.isBuffer(buf)) {
+    buf = Buffer(buf);
+  }
+  if (Buffer.isBuffer(previous)) {
+    previous = previous.readUInt32BE(0);
+  }
+  var crc = ~~previous ^ -1;
+  for (var n = 0; n < buf.length; n++) {
+    crc = CRC_TABLE[(crc ^ buf[n]) & 0xff] ^ (crc >>> 8);
+  }
+  return (crc ^ -1);
+}
+
+function crc32() {
+  return bufferizeInt(_crc32.apply(null, arguments));
+}
+crc32.signed = function () {
+  return _crc32.apply(null, arguments);
+};
+crc32.unsigned = function () {
+  return _crc32.apply(null, arguments) >>> 0;
+};
+
+module.exports = crc32;

+{
+  "_from": "buffer-crc32@0.2.1",
+  "_id": "buffer-crc32@0.2.1",
+  "_inBundle": false,
+  "_integrity": "sha1-vj5TgvwCttYySVasGvmKqYsIU0w=",
+  "_location": "/buffer-crc32",
+  "_phantomChildren": {},
+  "_requested": {
+    "type": "version",
+    "registry": true,
+    "raw": "buffer-crc32@0.2.1",
+    "name": "buffer-crc32",
+    "escapedName": "buffer-crc32",
+    "rawSpec": "0.2.1",
+    "saveSpec": null,
+    "fetchSpec": "0.2.1"
+  },
+  "_requiredBy": [
+    "/connect",
+    "/google-calendar/express"
+  ],
+  "_resolved": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.1.tgz",
+  "_shasum": "be3e5382fc02b6d6324956ac1af98aa98b08534c",
+  "_spec": "buffer-crc32@0.2.1",
+  "_where": "C:\\Users\\LG\\Desktop\\4-1\\Reminder-Talk\\node_modules\\google-calendar\\node_modules\\express",
+  "author": {
+    "name": "Brian J. Brennan",
+    "email": "brianloveswords@gmail.com",
+    "url": "http://bjb.io"
+  },
+  "bugs": {
+    "url": "https://github.com/brianloveswords/buffer-crc32/issues"
+  },
+  "bundleDependencies": false,
+  "contributors": [
+    {
+      "name": "Vladimir Kuznetsov"
+    }
+  ],
+  "dependencies": {},
+  "deprecated": false,
+  "description": "A pure javascript CRC32 algorithm that plays nice with binary data",
+  "devDependencies": {
+    "tap": "~0.2.5"
+  },
+  "engines": {
+    "node": "*"
+  },
+  "homepage": "https://github.com/brianloveswords/buffer-crc32",
+  "main": "index.js",
+  "name": "buffer-crc32",
+  "optionalDependencies": {},
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/brianloveswords/buffer-crc32.git"
+  },
+  "scripts": {
+    "test": "tap tests/*.test.js"
+  },
+  "version": "0.2.1"
+}

+var crc32 = require('..');
+var test = require('tap').test;
+
+test('simple crc32 is no problem', function (t) {
+  var input = Buffer('hey sup bros');
+  var expected = Buffer([0x47, 0xfa, 0x55, 0x70]);
+  t.same(crc32(input), expected);
+  t.end();
+});
+
+test('another simple one', function (t) {
+  var input = Buffer('IEND');
+  var expected = Buffer([0xae, 0x42, 0x60, 0x82]);
+  t.same(crc32(input), expected);
+  t.end();
+});
+
+test('slightly more complex', function (t) {
+  var input = Buffer([0x00, 0x00, 0x00]);
+  var expected = Buffer([0xff, 0x41, 0xd9, 0x12]);
+  t.same(crc32(input), expected);
+  t.end();
+});
+
+test('complex crc32 gets calculated like a champ', function (t) {
+  var input = Buffer('शीर्षक');
+  var expected = Buffer([0x17, 0xb8, 0xaf, 0xf1]);
+  t.same(crc32(input), expected);
+  t.end();
+});
+
+test('casts to buffer if necessary', function (t) {
+  var input = 'शीर्षक';
+  var expected = Buffer([0x17, 0xb8, 0xaf, 0xf1]);
+  t.same(crc32(input), expected);
+  t.end();
+});
+
+test('can do signed', function (t) {
+  var input = 'ham sandwich';
+  var expected = -1891873021;
+  t.same(crc32.signed(input), expected);
+  t.end();
+});
+
+test('can do unsigned', function (t) {
+  var input = 'bear sandwich';
+  var expected = 3711466352;
+  t.same(crc32.unsigned(input), expected);
+  t.end();
+});
+
+
+test('simple crc32 in append mode', function (t) {
+  var input = [Buffer('hey'), Buffer(' '), Buffer('sup'), Buffer(' '), Buffer('bros')];
+  var expected = Buffer([0x47, 0xfa, 0x55, 0x70]);
+  for (var crc = 0, i = 0; i < input.length; i++) {
+    crc = crc32(input[i], crc);
+  }
+  t.same(crc, expected);
+  t.end();
+});
+
+
+test('can do signed in append mode', function (t) {
+  var input1 = 'ham';
+  var input2 = ' ';
+  var input3 = 'sandwich';
+  var expected = -1891873021;
+
+  var crc = crc32.signed(input1);
+  crc = crc32.signed(input2, crc);
+  crc = crc32.signed(input3, crc);
+
+  t.same(crc, expected);
+  t.end();
+});
+
+test('can do unsigned in append mode', function (t) {
+  var input1 = 'bear san';
+  var input2 = 'dwich';
+  var expected = 3711466352;
+
+  var crc = crc32.unsigned(input1);
+  crc = crc32.unsigned(input2, crc);
+  t.same(crc, expected);
+  t.end();
+});
+

+*.markdown
+*.md
+.git*
+Makefile
+benchmarks/
+docs/
+examples/
+install.sh
+support/
+test/
+.DS_Store
+coverage.html

+language: node_js
+node_js:
+  - "0.8"
+  - "0.10"
\ No newline at end of file

+(The MIT License)
+
+Copyright (c) 2010 Sencha Inc.
+Copyright (c) 2011 LearnBoost
+Copyright (c) 2011 TJ Holowaychuk
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
\ No newline at end of file

+[![build status](https://secure.travis-ci.org/senchalabs/connect.png)](http://travis-ci.org/senchalabs/connect)
+# Connect
+
+  Connect is an extensible HTTP server framework for [node](http://nodejs.org), providing high performance "plugins" known as _middleware_.
+
+ Connect is bundled with over _20_ commonly used middleware, including
+ a logger, session support, cookie parser, and [more](http://senchalabs.github.com/connect). Be sure to view the 2.x [documentation](http://senchalabs.github.com/connect/).
+
+```js
+var connect = require('connect')
+  , http = require('http');
+
+var app = connect()
+  .use(connect.favicon())
+  .use(connect.logger('dev'))
+  .use(connect.static('public'))
+  .use(connect.directory('public'))
+  .use(connect.cookieParser())
+  .use(connect.session({ secret: 'my secret here' }))
+  .use(function(req, res){
+    res.end('Hello from Connect!\n');
+  });
+
+http.createServer(app).listen(3000);
+```
+
+## Middleware
+
+  - [csrf](http://www.senchalabs.org/connect/csrf.html)
+  - [basicAuth](http://www.senchalabs.org/connect/basicAuth.html)
+  - [bodyParser](http://www.senchalabs.org/connect/bodyParser.html)
+  - [json](http://www.senchalabs.org/connect/json.html)
+  - [multipart](http://www.senchalabs.org/connect/multipart.html)
+  - [urlencoded](http://www.senchalabs.org/connect/urlencoded.html)
+  - [cookieParser](http://www.senchalabs.org/connect/cookieParser.html)
+  - [directory](http://www.senchalabs.org/connect/directory.html)
+  - [compress](http://www.senchalabs.org/connect/compress.html)
+  - [errorHandler](http://www.senchalabs.org/connect/errorHandler.html)
+  - [favicon](http://www.senchalabs.org/connect/favicon.html)
+  - [limit](http://www.senchalabs.org/connect/limit.html)
+  - [logger](http://www.senchalabs.org/connect/logger.html)
+  - [methodOverride](http://www.senchalabs.org/connect/methodOverride.html)
+  - [query](http://www.senchalabs.org/connect/query.html)
+  - [responseTime](http://www.senchalabs.org/connect/responseTime.html)
+  - [session](http://www.senchalabs.org/connect/session.html)
+  - [static](http://www.senchalabs.org/connect/static.html)
+  - [staticCache](http://www.senchalabs.org/connect/staticCache.html)
+  - [vhost](http://www.senchalabs.org/connect/vhost.html)
+  - [subdomains](http://www.senchalabs.org/connect/subdomains.html)
+  - [cookieSession](http://www.senchalabs.org/connect/cookieSession.html)
+
+## Running Tests
+
+first:
+
+    $ npm install -d
+
+then:
+
+    $ make test
+
+## Authors
+
+ Below is the output from [git-summary](http://github.com/visionmedia/git-extras).
+
+
+     project: connect
+     commits: 2033
+     active : 301 days
+     files  : 171
+     authors: 
+      1414	Tj Holowaychuk          69.6%
+       298	visionmedia             14.7%
+       191	Tim Caswell             9.4%
+        51	TJ Holowaychuk          2.5%
+        10	Ryan Olds               0.5%
+         8	Astro                   0.4%
+         5	Nathan Rajlich          0.2%
+         5	Jakub Nešetřil          0.2%
+         3	Daniel Dickison         0.1%
+         3	David Rio Deiros        0.1%
+         3	Alexander Simmerl       0.1%
+         3	Andreas Lind Petersen   0.1%
+         2	Aaron Heckmann          0.1%
+         2	Jacques Crocker         0.1%
+         2	Fabian Jakobs           0.1%
+         2	Brian J Brennan         0.1%
+         2	Adam Malcontenti-Wilson 0.1%
+         2	Glen Mailer             0.1%
+         2	James Campos            0.1%
+         1	Trent Mick              0.0%
+         1	Troy Kruthoff           0.0%
+         1	Wei Zhu                 0.0%
+         1	comerc                  0.0%
+         1	darobin                 0.0%
+         1	nateps                  0.0%
+         1	Marco Sanson            0.0%
+         1	Arthur Taylor           0.0%
+         1	Aseem Kishore           0.0%
+         1	Bart Teeuwisse          0.0%
+         1	Cameron Howey           0.0%
+         1	Chad Weider             0.0%
+         1	Craig Barnes            0.0%
+         1	Eran Hammer-Lahav       0.0%
+         1	Gregory McWhirter       0.0%
+         1	Guillermo Rauch         0.0%
+         1	Jae Kwon                0.0%
+         1	Jakub Nesetril          0.0%
+         1	Joshua Peek             0.0%
+         1	Jxck                    0.0%
+         1	AJ ONeal                0.0%
+         1	Michael Hemesath        0.0%
+         1	Morten Siebuhr          0.0%
+         1	Samori Gorse            0.0%
+         1	Tom Jensen              0.0%
+
+## Node Compatibility
+
+  Connect `< 1.x` is compatible with node 0.2.x
+
+
+  Connect `1.x` is compatible with node 0.4.x
+
+
+  Connect (_master_) `2.x` is compatible with node 0.6.x
+
+## CLA
+
+ [http://sencha.com/cla](http://sencha.com/cla)
+
+## License
+
+View the [LICENSE](https://github.com/senchalabs/connect/blob/master/LICENSE) file. The [Silk](http://www.famfamfam.com/lab/icons/silk/) icons used by the `directory` middleware created by/copyright of [FAMFAMFAM](http://www.famfamfam.com/).

+
+module.exports = process.env.CONNECT_COV
+  ? require('./lib-cov/connect')
+  : require('./lib/connect');
\ No newline at end of file

+
+/*!
+ * Connect - Cache
+ * Copyright(c) 2011 Sencha Inc.
+ * MIT Licensed
+ */
+
+/**
+ * Expose `Cache`.
+ */
+
+module.exports = Cache;
+
+/**
+ * LRU cache store.
+ *
+ * @param {Number} limit
+ * @api private
+ */
+
+function Cache(limit) {
+  this.store = {};
+  this.keys = [];
+  this.limit = limit;
+}
+
+/**
+ * Touch `key`, promoting the object.
+ *
+ * @param {String} key
+ * @param {Number} i
+ * @api private
+ */
+
+Cache.prototype.touch = function(key, i){
+  this.keys.splice(i,1);
+  this.keys.push(key);
+};
+
+/**
+ * Remove `key`.
+ *
+ * @param {String} key
+ * @api private
+ */
+
+Cache.prototype.remove = function(key){
+  delete this.store[key];
+};
+
+/**
+ * Get the object stored for `key`.
+ *
+ * @param {String} key
+ * @return {Array}
+ * @api private
+ */
+
+Cache.prototype.get = function(key){
+  return this.store[key];
+};
+
+/**
+ * Add a cache `key`.
+ *
+ * @param {String} key
+ * @return {Array}
+ * @api private
+ */
+
+Cache.prototype.add = function(key){
+  // initialize store
+  var len = this.keys.push(key);
+
+  // limit reached, invalidate LRU
+  if (len > this.limit) this.remove(this.keys.shift());
+
+  var arr = this.store[key] = [];
+  arr.createdAt = new Date;
+  return arr;
+};

+/*!
+ * Connect
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var EventEmitter = require('events').EventEmitter
+  , proto = require('./proto')
+  , utils = require('./utils')
+  , path = require('path')
+  , basename = path.basename
+  , fs = require('fs');
+
+// node patches
+
+require('./patch');
+
+// expose createServer() as the module
+
+exports = module.exports = createServer;
+
+/**
+ * Framework version.
+ */
+
+exports.version = '2.7.11';
+
+/**
+ * Expose mime module.
+ */
+
+exports.mime = require('./middleware/static').mime;
+
+/**
+ * Expose the prototype.
+ */
+
+exports.proto = proto;
+
+/**
+ * Auto-load middleware getters.
+ */
+
+exports.middleware = {};
+
+/**
+ * Expose utilities.
+ */
+
+exports.utils = utils;
+
+/**
+ * Create a new connect server.
+ *
+ * @return {Function}
+ * @api public
+ */
+
+function createServer() {
+  function app(req, res, next){ app.handle(req, res, next); }
+  utils.merge(app, proto);
+  utils.merge(app, EventEmitter.prototype);
+  app.route = '/';
+  app.stack = [];
+  for (var i = 0; i < arguments.length; ++i) {
+    app.use(arguments[i]);
+  }
+  return app;
+};
+
+/**
+ * Support old `.createServer()` method.
+ */
+
+createServer.createServer = createServer;
+
+/**
+ * Auto-load bundled middleware with getters.
+ */
+
+fs.readdirSync(__dirname + '/middleware').forEach(function(filename){
+  if (!/\.js$/.test(filename)) return;
+  var name = basename(filename, '.js');
+  function load(){ return require('./middleware/' + name); }
+  exports.middleware.__defineGetter__(name, load);
+  exports.__defineGetter__(name, load);
+});

+
+/**
+ * Connect is a middleware framework for node,
+ * shipping with over 18 bundled middleware and a rich selection of
+ * 3rd-party middleware.
+ *
+ *     var app = connect()
+ *       .use(connect.logger('dev'))
+ *       .use(connect.static('public'))
+ *       .use(function(req, res){
+ *         res.end('hello world\n');
+ *       })
+ *      .listen(3000);
+ *     
+ * Installation:
+ * 
+ *     $ npm install connect
+ *
+ * Middleware:
+ *
+ *  - [logger](logger.html) request logger with custom format support
+ *  - [csrf](csrf.html) Cross-site request forgery protection
+ *  - [compress](compress.html) Gzip compression middleware
+ *  - [basicAuth](basicAuth.html) basic http authentication
+ *  - [bodyParser](bodyParser.html) extensible request body parser
+ *  - [json](json.html) application/json parser
+ *  - [urlencoded](urlencoded.html) application/x-www-form-urlencoded parser
+ *  - [multipart](multipart.html) multipart/form-data parser
+ *  - [timeout](timeout.html) request timeouts
+ *  - [cookieParser](cookieParser.html) cookie parser
+ *  - [session](session.html) session management support with bundled MemoryStore
+ *  - [cookieSession](cookieSession.html) cookie-based session support
+ *  - [methodOverride](methodOverride.html) faux HTTP method support
+ *  - [responseTime](responseTime.html) calculates response-time and exposes via X-Response-Time
+ *  - [staticCache](staticCache.html) memory cache layer for the static() middleware
+ *  - [static](static.html) streaming static file server supporting `Range` and more
+ *  - [directory](directory.html) directory listing middleware
+ *  - [vhost](vhost.html) virtual host sub-domain mapping middleware
+ *  - [favicon](favicon.html) efficient favicon server (with default icon)
+ *  - [limit](limit.html) limit the bytesize of request bodies
+ *  - [query](query.html) automatic querystring parser, populating `req.query`
+ *  - [errorHandler](errorHandler.html) flexible error handler
+ *
+ * Links:
+ * 
+ *   - list of [3rd-party](https://github.com/senchalabs/connect/wiki) middleware
+ *   - GitHub [repository](http://github.com/senchalabs/connect)
+ *   - [test documentation](https://github.com/senchalabs/connect/blob/gh-pages/tests.md)
+ * 
+ */
\ No newline at end of file

+
+/*!
+ * Connect - basicAuth
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('../utils')
+  , unauthorized = utils.unauthorized;
+
+/**
+ * Basic Auth:
+ *
+ * Enfore basic authentication by providing a `callback(user, pass)`,
+ * which must return `true` in order to gain access. Alternatively an async
+ * method is provided as well, invoking `callback(user, pass, callback)`. Populates
+ * `req.user`. The final alternative is simply passing username / password
+ * strings.
+ *
+ *  Simple username and password
+ *
+ *     connect(connect.basicAuth('username', 'password'));
+ *
+ *  Callback verification
+ *
+ *     connect()
+ *       .use(connect.basicAuth(function(user, pass){
+ *         return 'tj' == user & 'wahoo' == pass;
+ *       }))
+ *
+ *  Async callback verification, accepting `fn(err, user)`.
+ *
+ *     connect()
+ *       .use(connect.basicAuth(function(user, pass, fn){
+ *         User.authenticate({ user: user, pass: pass }, fn);
+ *       }))
+ *
+ * @param {Function|String} callback or username
+ * @param {String} realm
+ * @api public
+ */
+
+module.exports = function basicAuth(callback, realm) {
+  var username, password;
+
+  // user / pass strings
+  if ('string' == typeof callback) {
+    username = callback;
+    password = realm;
+    if ('string' != typeof password) throw new Error('password argument required');
+    realm = arguments[2];
+    callback = function(user, pass){
+      return user == username && pass == password;
+    }
+  }
+
+  realm = realm || 'Authorization Required';
+
+  return function(req, res, next) {
+    var authorization = req.headers.authorization;
+
+    if (req.user) return next();
+    if (!authorization) return unauthorized(res, realm);
+
+    var parts = authorization.split(' ');
+
+    if (parts.length !== 2) return next(utils.error(400));
+
+    var scheme = parts[0]
+      , credentials = new Buffer(parts[1], 'base64').toString()
+      , index = credentials.indexOf(':');
+
+    if ('Basic' != scheme || index < 0) return next(utils.error(400));
+    
+    var user = credentials.slice(0, index)
+      , pass = credentials.slice(index + 1);
+
+    // async
+    if (callback.length >= 3) {
+      var pause = utils.pause(req);
+      callback(user, pass, function(err, user){
+        if (err || !user)  return unauthorized(res, realm);
+        req.user = req.remoteUser = user;
+        next();
+        pause.resume();
+      });
+    // sync
+    } else {
+      if (callback(user, pass)) {
+        req.user = req.remoteUser = user;
+        next();
+      } else {
+        unauthorized(res, realm);
+      }
+    }
+  }
+};
+

+
+/*!
+ * Connect - bodyParser
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var multipart = require('./multipart')
+  , urlencoded = require('./urlencoded')
+  , json = require('./json');
+
+/**
+ * Body parser:
+ * 
+ *   Parse request bodies, supports _application/json_,
+ *   _application/x-www-form-urlencoded_, and _multipart/form-data_.
+ *
+ *   This is equivalent to: 
+ *
+ *     app.use(connect.json());
+ *     app.use(connect.urlencoded());
+ *     app.use(connect.multipart());
+ *
+ * Examples:
+ *
+ *      connect()
+ *        .use(connect.bodyParser())
+ *        .use(function(req, res) {
+ *          res.end('viewing user ' + req.body.user.name);
+ *        });
+ *
+ *      $ curl -d 'user[name]=tj' http://local/
+ *      $ curl -d '{"user":{"name":"tj"}}' -H "Content-Type: application/json" http://local/
+ *
+ *  View [json](json.html), [urlencoded](urlencoded.html), and [multipart](multipart.html) for more info.
+ *
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+exports = module.exports = function bodyParser(options){
+  var _urlencoded = urlencoded(options)
+    , _multipart = multipart(options)
+    , _json = json(options);
+
+  return function bodyParser(req, res, next) {
+    _json(req, res, function(err){
+      if (err) return next(err);
+      _urlencoded(req, res, function(err){
+        if (err) return next(err);
+        _multipart(req, res, next);
+      });
+    });
+  }
+};
\ No newline at end of file

+/*!
+ * Connect - compress
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var zlib = require('zlib');
+var utils = require('../utils');
+
+/**
+ * Supported content-encoding methods.
+ */
+
+exports.methods = {
+    gzip: zlib.createGzip
+  , deflate: zlib.createDeflate
+};
+
+/**
+ * Default filter function.
+ */
+
+exports.filter = function(req, res){
+  return /json|text|javascript|dart|image\/svg\+xml|application\/x-font-ttf|application\/vnd\.ms-opentype|application\/vnd\.ms-fontobject/.test(res.getHeader('Content-Type'));
+};
+
+/**
+ * Compress:
+ *
+ * Compress response data with gzip/deflate.
+ *
+ * Filter:
+ *
+ *  A `filter` callback function may be passed to
+ *  replace the default logic of:
+ *
+ *     exports.filter = function(req, res){
+ *       return /json|text|javascript/.test(res.getHeader('Content-Type'));
+ *     };
+ *
+ * Threshold:
+ *
+ *  Only compress the response if the byte size is at or above a threshold.
+ *  Always compress while streaming.
+ *
+ *   - `threshold` - string representation of size or bytes as an integer.
+ *
+ * Options:
+ *
+ *  All remaining options are passed to the gzip/deflate
+ *  creation functions. Consult node's docs for additional details.
+ *
+ *   - `chunkSize` (default: 16*1024)
+ *   - `windowBits`
+ *   - `level`: 0-9 where 0 is no compression, and 9 is slow but best compression
+ *   - `memLevel`: 1-9 low is slower but uses less memory, high is fast but uses more
+ *   - `strategy`: compression strategy
+ *
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function compress(options) {
+  options = options || {};
+  var names = Object.keys(exports.methods)
+    , filter = options.filter || exports.filter
+    , threshold;
+
+  if (false === options.threshold || 0 === options.threshold) {
+    threshold = 0
+  } else if ('string' === typeof options.threshold) {
+    threshold = utils.parseBytes(options.threshold)
+  } else {
+    threshold = options.threshold || 1024
+  }
+
+  return function compress(req, res, next){
+    var accept = req.headers['accept-encoding']
+      , vary = res.getHeader('Vary')
+      , write = res.write
+      , end = res.end
+      , compress = true
+      , stream
+      , method;
+
+    // vary
+    if (!vary) {
+      res.setHeader('Vary', 'Accept-Encoding');
+    } else if (!~vary.indexOf('Accept-Encoding')) {
+      res.setHeader('Vary', vary + ', Accept-Encoding');
+    }
+
+    // see #724
+    req.on('close', function(){
+      res.write = res.end = function(){};
+    });
+
+    // proxy
+
+    res.write = function(chunk, encoding){
+      if (!this.headerSent) this._implicitHeader();
+      return stream
+        ? stream.write(new Buffer(chunk, encoding))
+        : write.call(res, chunk, encoding);
+    };
+
+    res.end = function(chunk, encoding){
+      if (chunk) {
+        if (!this.headerSent && getSize(chunk) < threshold) compress = false;
+        this.write(chunk, encoding);
+      } else if (!this.headerSent) {
+        // response size === 0
+        compress = false;
+      }
+      return stream
+        ? stream.end()
+        : end.call(res);
+    };
+
+    res.on('header', function(){
+      if (!compress) return;
+
+      var encoding = res.getHeader('Content-Encoding') || 'identity';
+
+      // already encoded
+      if ('identity' != encoding) return;
+
+      // default request filter
+      if (!filter(req, res)) return;
+
+      // SHOULD use identity
+      if (!accept) return;
+
+      // head
+      if ('HEAD' == req.method) return;
+
+      // default to gzip
+      if ('*' == accept.trim()) method = 'gzip';
+
+      // compression method
+      if (!method) {
+        for (var i = 0, len = names.length; i < len; ++i) {
+          if (~accept.indexOf(names[i])) {
+            method = names[i];
+            break;
+          }
+        }
+      }
+
+      // compression method
+      if (!method) return;
+
+      // compression stream
+      stream = exports.methods[method](options);
+
+      // header fields
+      res.setHeader('Content-Encoding', method);
+      res.removeHeader('Content-Length');
+
+      // compression
+
+      stream.on('data', function(chunk){
+        write.call(res, chunk);
+      });
+
+      stream.on('end', function(){
+        end.call(res);
+      });
+
+      stream.on('drain', function() {
+        res.emit('drain');
+      });
+    });
+
+    next();
+  };
+};
+
+function getSize(chunk) {
+  return Buffer.isBuffer(chunk)
+    ? chunk.length
+    : Buffer.byteLength(chunk);
+}

+
+/*!
+ * Connect - cookieParser
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('./../utils')
+  , cookie = require('cookie');
+
+/**
+ * Cookie parser:
+ *
+ * Parse _Cookie_ header and populate `req.cookies`
+ * with an object keyed by the cookie names. Optionally
+ * you may enabled signed cookie support by passing
+ * a `secret` string, which assigns `req.secret` so
+ * it may be used by other middleware.
+ *
+ * Examples:
+ *
+ *     connect()
+ *       .use(connect.cookieParser('optional secret string'))
+ *       .use(function(req, res, next){
+ *         res.end(JSON.stringify(req.cookies));
+ *       })
+ *
+ * @param {String} secret
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function cookieParser(secret){
+  return function cookieParser(req, res, next) {
+    if (req.cookies) return next();
+    var cookies = req.headers.cookie;
+
+    req.secret = secret;
+    req.cookies = {};
+    req.signedCookies = {};
+
+    if (cookies) {
+      try {
+        req.cookies = cookie.parse(cookies);
+        if (secret) {
+          req.signedCookies = utils.parseSignedCookies(req.cookies, secret);
+          req.signedCookies = utils.parseJSONCookies(req.signedCookies);
+        }
+        req.cookies = utils.parseJSONCookies(req.cookies);
+      } catch (err) {
+        err.status = 400;
+        return next(err);
+      }
+    }
+    next();
+  };
+};

+/*!
+ * Connect - cookieSession
+ * Copyright(c) 2011 Sencha Inc.
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('./../utils')
+  , Cookie = require('./session/cookie')
+  , debug = require('debug')('connect:cookieSession')
+  , signature = require('cookie-signature')
+  , crc32 = require('buffer-crc32');
+
+/**
+ * Cookie Session:
+ *
+ *   Cookie session middleware.
+ *
+ *      var app = connect();
+ *      app.use(connect.cookieParser());
+ *      app.use(connect.cookieSession({ secret: 'tobo!', cookie: { maxAge: 60 * 60 * 1000 }}));
+ *
+ * Options:
+ *
+ *   - `key` cookie name defaulting to `connect.sess`
+ *   - `secret` prevents cookie tampering
+ *   - `cookie` session cookie settings, defaulting to `{ path: '/', httpOnly: true, maxAge: null }`
+ *   - `proxy` trust the reverse proxy when setting secure cookies (via "x-forwarded-proto")
+ *
+ * Clearing sessions:
+ *
+ *  To clear the session simply set its value to `null`,
+ *  `cookieSession()` will then respond with a 1970 Set-Cookie.
+ *
+ *     req.session = null;
+ *
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function cookieSession(options){
+  // TODO: utilize Session/Cookie to unify API
+  options = options || {};
+  var key = options.key || 'connect.sess'
+    , trustProxy = options.proxy;
+
+  return function cookieSession(req, res, next) {
+
+    // req.secret is for backwards compatibility
+    var secret = options.secret || req.secret;
+    if (!secret) throw new Error('`secret` option required for cookie sessions');
+
+    // default session
+    req.session = {};
+    var cookie = req.session.cookie = new Cookie(options.cookie);
+
+    // pathname mismatch
+    if (0 != req.originalUrl.indexOf(cookie.path)) return next();
+
+    // cookieParser secret
+    if (!options.secret && req.secret) {
+      req.session = req.signedCookies[key] || {};
+      req.session.cookie = cookie;
+    } else {
+      // TODO: refactor
+      var rawCookie = req.cookies[key];
+      if (rawCookie) {
+        var unsigned = utils.parseSignedCookie(rawCookie, secret);
+        if (unsigned) {
+          var originalHash = crc32.signed(unsigned);
+          req.session = utils.parseJSONCookie(unsigned) || {};
+          req.session.cookie = cookie;
+        }
+      }
+    }
+
+    res.on('header', function(){
+      // removed
+      if (!req.session) {
+        debug('clear session');
+        cookie.expires = new Date(0);
+        res.setHeader('Set-Cookie', cookie.serialize(key, ''));
+        return;
+      }
+
+      delete req.session.cookie;
+
+      // check security
+      var proto = (req.headers['x-forwarded-proto'] || '').toLowerCase()
+        , tls = req.connection.encrypted || (trustProxy && 'https' == proto.split(/\s*,\s*/)[0]);
+
+      // only send secure cookies via https
+      if (cookie.secure && !tls) return debug('not secured');
+
+      // serialize
+      debug('serializing %j', req.session);
+      var val = 'j:' + JSON.stringify(req.session);
+
+      // compare hashes, no need to set-cookie if unchanged
+      if (originalHash == crc32.signed(val)) return debug('unmodified session');
+
+      // set-cookie
+      val = 's:' + signature.sign(val, secret);
+      val = cookie.serialize(key, val);
+      debug('set-cookie %j', cookie);
+      res.setHeader('Set-Cookie', val);
+    });
+
+    next();
+  };
+};

+/*!
+ * Connect - csrf
+ * Copyright(c) 2011 Sencha Inc.
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('../utils');
+var uid = require('uid2');
+var crypto = require('crypto');
+
+/**
+ * Anti CSRF:
+ *
+ * CSRF protection middleware.
+ *
+ * This middleware adds a `req.csrfToken()` function to make a token
+ * which should be added to requests which mutate
+ * state, within a hidden form field, query-string etc. This
+ * token is validated against the visitor's session.
+ *
+ * The default `value` function checks `req.body` generated
+ * by the `bodyParser()` middleware, `req.query` generated
+ * by `query()`, and the "X-CSRF-Token" header field.
+ *
+ * This middleware requires session support, thus should be added
+ * somewhere _below_ `session()` and `cookieParser()`.
+ *
+ * Options:
+ *
+ *    - `value` a function accepting the request, returning the token
+ *
+ * @param {Object} options
+ * @api public
+ */
+
+module.exports = function csrf(options) {
+  options = options || {};
+  var value = options.value || defaultValue;
+
+  return function(req, res, next){
+    
+    // already have one
+    var secret = req.session._csrfSecret;
+    if (secret) return createToken(secret);
+
+    // generate secret
+    uid(24, function(err, secret){
+      if (err) return next(err);
+      req.session._csrfSecret = secret;
+      createToken(secret);
+    });
+    
+    // generate the token
+    function createToken(secret) {
+      var token;
+
+      // lazy-load token
+      req.csrfToken = function csrfToken() {
+        return token || (token = saltedToken(secret));
+      };
+      
+      // compatibility with old middleware
+      Object.defineProperty(req.session, '_csrf', {
+        configurable: true,
+        get: function() {
+          console.warn('req.session._csrf is deprecated, use req.csrfToken([callback]) instead');
+          return req.csrfToken();
+        }
+      });
+      
+      // ignore these methods
+      if ('GET' == req.method || 'HEAD' == req.method || 'OPTIONS' == req.method) return next();
+      
+      // determine user-submitted value
+      var val = value(req);
+      
+      // check
+      if (!checkToken(val, secret)) return next(utils.error(403));
+      
+      next();
+    }
+  }
+};
+
+/**
+ * Default value function, checking the `req.body`
+ * and `req.query` for the CSRF token.
+ *
+ * @param {IncomingMessage} req
+ * @return {String}
+ * @api private
+ */
+
+function defaultValue(req) {
+  return (req.body && req.body._csrf)
+    || (req.query && req.query._csrf)
+    || (req.headers['x-csrf-token'])
+    || (req.headers['x-xsrf-token']);
+}
+
+/**
+ * Return salted token.
+ *
+ * @param {String} secret
+ * @return {String}
+ * @api private
+ */
+
+function saltedToken(secret) {
+  return createToken(generateSalt(10), secret);
+}
+
+/**
+ * Creates a CSRF token from a given salt and secret.
+ *
+ * @param {String} salt (should be 10 characters)
+ * @param {String} secret
+ * @return {String}
+ * @api private
+ */
+
+function createToken(salt, secret) {
+  return salt + crypto
+    .createHash('sha1')
+    .update(salt + secret)
+    .digest('base64');
+}
+
+/**
+ * Checks if a given CSRF token matches the given secret.
+ *
+ * @param {String} token
+ * @param {String} secret
+ * @return {Boolean}
+ * @api private
+ */
+
+function checkToken(token, secret) {
+  if ('string' != typeof token) return false;
+  return token === createToken(token.slice(0, 10), secret);
+}
+
+/**
+ * Generates a random salt, using a fast non-blocking PRNG (Math.random()).
+ *
+ * @param {Number} length
+ * @return {String}
+ * @api private
+ */
+
+function generateSalt(length) {
+  var i, r = [];
+  for (i = 0; i < length; ++i) {
+    r.push(SALTCHARS[Math.floor(Math.random() * SALTCHARS.length)]);
+  }
+  return r.join('');
+}
+
+var SALTCHARS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';

+
+/*!
+ * Connect - directory
+ * Copyright(c) 2011 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+// TODO: icon / style for directories
+// TODO: arrow key navigation
+// TODO: make icons extensible
+
+/**
+ * Module dependencies.
+ */
+
+var fs = require('fs')
+  , parse = require('url').parse
+  , utils = require('../utils')
+  , path = require('path')
+  , normalize = path.normalize
+  , extname = path.extname
+  , join = path.join;
+
+/*!
+ * Icon cache.
+ */
+
+var cache = {};
+
+/**
+ * Directory:
+ *
+ * Serve directory listings with the given `root` path.
+ *
+ * Options:
+ *
+ *  - `hidden` display hidden (dot) files. Defaults to false.
+ *  - `icons`  display icons. Defaults to false.
+ *  - `filter` Apply this filter function to files. Defaults to false.
+ *
+ * @param {String} root
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+exports = module.exports = function directory(root, options){
+  options = options || {};
+
+  // root required
+  if (!root) throw new Error('directory() root path required');
+  var hidden = options.hidden
+    , icons = options.icons
+    , filter = options.filter
+    , root = normalize(root);
+
+  return function directory(req, res, next) {
+    if ('GET' != req.method && 'HEAD' != req.method) return next();
+
+    var accept = req.headers.accept || 'text/plain'
+      , url = parse(req.url)
+      , dir = decodeURIComponent(url.pathname)
+      , path = normalize(join(root, dir))
+      , originalUrl = parse(req.originalUrl)
+      , originalDir = decodeURIComponent(originalUrl.pathname)
+      , showUp = path != root && path != root + '/';
+
+    // null byte(s), bad request
+    if (~path.indexOf('\0')) return next(utils.error(400));
+
+    // malicious path, forbidden
+    if (0 != path.indexOf(root)) return next(utils.error(403));
+
+    // check if we have a directory
+    fs.stat(path, function(err, stat){
+      if (err) return 'ENOENT' == err.code
+        ? next()
+        : next(err);
+
+      if (!stat.isDirectory()) return next();
+
+      // fetch files
+      fs.readdir(path, function(err, files){
+        if (err) return next(err);
+        if (!hidden) files = removeHidden(files);
+        if (filter) files = files.filter(filter);
+        files.sort();
+
+        // content-negotiation
+        for (var key in exports) {
+          if (~accept.indexOf(key) || ~accept.indexOf('*/*')) {
+            exports[key](req, res, files, next, originalDir, showUp, icons);
+            return;
+          }
+        }
+
+        // not acceptable
+        next(utils.error(406));
+      });
+    });
+  };
+};
+
+/**
+ * Respond with text/html.
+ */
+
+exports.html = function(req, res, files, next, dir, showUp, icons){
+  fs.readFile(__dirname + '/../public/directory.html', 'utf8', function(err, str){
+    if (err) return next(err);
+    fs.readFile(__dirname + '/../public/style.css', 'utf8', function(err, style){
+      if (err) return next(err);
+      if (showUp) files.unshift('..');
+      str = str
+        .replace('{style}', style)
+        .replace('{files}', html(files, dir, icons))
+        .replace('{directory}', dir)
+        .replace('{linked-path}', htmlPath(dir));
+      res.setHeader('Content-Type', 'text/html');
+      res.setHeader('Content-Length', str.length);
+      res.end(str);
+    });
+  });
+};
+
+/**
+ * Respond with application/json.
+ */
+
+exports.json = function(req, res, files){
+  files = JSON.stringify(files);
+  res.setHeader('Content-Type', 'application/json');
+  res.setHeader('Content-Length', files.length);
+  res.end(files);
+};
+
+/**
+ * Respond with text/plain.
+ */
+
+exports.plain = function(req, res, files){
+  files = files.join('\n') + '\n';
+  res.setHeader('Content-Type', 'text/plain');
+  res.setHeader('Content-Length', files.length);
+  res.end(files);
+};
+
+/**
+ * Map html `dir`, returning a linked path.
+ */
+
+function htmlPath(dir) {
+  var curr = [];
+  return dir.split('/').map(function(part){
+    curr.push(part);
+    return '<a href="' + curr.join('/') + '">' + part + '</a>';
+  }).join(' / ');
+}
+
+/**
+ * Map html `files`, returning an html unordered list.
+ */
+
+function html(files, dir, useIcons) {
+  return '<ul id="files">' + files.map(function(file){
+    var icon = ''
+      , classes = [];
+
+    if (useIcons && '..' != file) {
+      icon = icons[extname(file)] || icons.default;
+      icon = '<img src="data:image/png;base64,' + load(icon) + '" />';
+      classes.push('icon');
+    }
+
+    return '<li><a href="'
+      + join(dir, file)
+      + '" class="'
+      + classes.join(' ') + '"'
+      + ' title="' + file + '">'
+      + icon + file + '</a></li>';
+
+  }).join('\n') + '</ul>';
+}
+
+/**
+ * Load and cache the given `icon`.
+ *
+ * @param {String} icon
+ * @return {String}
+ * @api private
+ */
+
+function load(icon) {
+  if (cache[icon]) return cache[icon];
+  return cache[icon] = fs.readFileSync(__dirname + '/../public/icons/' + icon, 'base64');
+}
+
+/**
+ * Filter "hidden" `files`, aka files
+ * beginning with a `.`.
+ *
+ * @param {Array} files
+ * @return {Array}
+ * @api private
+ */
+
+function removeHidden(files) {
+  return files.filter(function(file){
+    return '.' != file[0];
+  });
+}
+
+/**
+ * Icon map.
+ */
+
+var icons = {
+    '.js': 'page_white_code_red.png'
+  , '.c': 'page_white_c.png'
+  , '.h': 'page_white_h.png'
+  , '.cc': 'page_white_cplusplus.png'
+  , '.php': 'page_white_php.png'
+  , '.rb': 'page_white_ruby.png'
+  , '.cpp': 'page_white_cplusplus.png'
+  , '.swf': 'page_white_flash.png'
+  , '.pdf': 'page_white_acrobat.png'
+  , 'default': 'page_white.png'
+};

+/*!
+ * Connect - errorHandler
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('../utils')
+  , fs = require('fs');
+
+// environment
+
+var env = process.env.NODE_ENV || 'development';
+
+/**
+ * Error handler:
+ *
+ * Development error handler, providing stack traces
+ * and error message responses for requests accepting text, html,
+ * or json.
+ *
+ * Text:
+ *
+ *   By default, and when _text/plain_ is accepted a simple stack trace
+ *   or error message will be returned.
+ *
+ * JSON:
+ *
+ *   When _application/json_ is accepted, connect will respond with
+ *   an object in the form of `{ "error": error }`.
+ *
+ * HTML:
+ *
+ *   When accepted connect will output a nice html stack trace.
+ *
+ * @return {Function}
+ * @api public
+ */
+
+exports = module.exports = function errorHandler(){
+  return function errorHandler(err, req, res, next){
+    if (err.status) res.statusCode = err.status;
+    if (res.statusCode < 400) res.statusCode = 500;
+    if ('test' != env) console.error(err.stack);
+    var accept = req.headers.accept || '';
+    // html
+    if (~accept.indexOf('html')) {
+      fs.readFile(__dirname + '/../public/style.css', 'utf8', function(e, style){
+        fs.readFile(__dirname + '/../public/error.html', 'utf8', function(e, html){
+          var stack = (err.stack || '')
+            .split('\n').slice(1)
+            .map(function(v){ return '<li>' + v + '</li>'; }).join('');
+            html = html
+              .replace('{style}', style)
+              .replace('{stack}', stack)
+              .replace('{title}', exports.title)
+              .replace('{statusCode}', res.statusCode)
+              .replace(/\{error\}/g, utils.escape(err.toString()));
+            res.setHeader('Content-Type', 'text/html; charset=utf-8');
+            res.end(html);
+        });
+      });
+    // json
+    } else if (~accept.indexOf('json')) {
+      var error = { message: err.message, stack: err.stack };
+      for (var prop in err) error[prop] = err[prop];
+      var json = JSON.stringify({ error: error });
+      res.setHeader('Content-Type', 'application/json');
+      res.end(json);
+    // plain text
+    } else {
+      res.writeHead(res.statusCode, { 'Content-Type': 'text/plain' });
+      res.end(err.stack);
+    }
+  };
+};
+
+/**
+ * Template title, framework authors may override this value.
+ */
+
+exports.title = 'Connect';

+/*!
+ * Connect - favicon
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var fs = require('fs')
+  , utils = require('../utils');
+
+/**
+ * Favicon:
+ *
+ * By default serves the connect favicon, or the favicon
+ * located by the given `path`.
+ *
+ * Options:
+ *
+ *   - `maxAge`  cache-control max-age directive, defaulting to 1 day
+ *
+ * Examples:
+ *
+ *   Serve default favicon:
+ *
+ *     connect()
+ *       .use(connect.favicon())
+ *
+ *   Serve favicon before logging for brevity:
+ *
+ *     connect()
+ *       .use(connect.favicon())
+ *       .use(connect.logger('dev'))
+ *
+ *   Serve custom favicon:
+ *
+ *     connect()
+ *       .use(connect.favicon('public/favicon.ico'))
+ *
+ * @param {String} path
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function favicon(path, options){
+  var options = options || {}
+    , path = path || __dirname + '/../public/favicon.ico'
+    , maxAge = options.maxAge || 86400000
+    , icon; // favicon cache
+
+  return function favicon(req, res, next){
+    if ('/favicon.ico' == req.url) {
+      if (icon) {
+        res.writeHead(200, icon.headers);
+        res.end(icon.body);
+      } else {
+        fs.readFile(path, function(err, buf){
+          if (err) return next(err);
+          icon = {
+            headers: {
+                'Content-Type': 'image/x-icon'
+              , 'Content-Length': buf.length
+              , 'ETag': '"' + utils.md5(buf) + '"'
+              , 'Cache-Control': 'public, max-age=' + (maxAge / 1000)
+            },
+            body: buf
+          };
+          res.writeHead(200, icon.headers);
+          res.end(icon.body);
+        });
+      }
+    } else {
+      next();
+    }
+  };
+};

+
+/*!
+ * Connect - json
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('../utils')
+  , _limit = require('./limit');
+
+/**
+ * noop middleware.
+ */
+
+function noop(req, res, next) {
+  next();
+}
+
+/**
+ * JSON:
+ *
+ * Parse JSON request bodies, providing the
+ * parsed object as `req.body`.
+ *
+ * Options:
+ *
+ *   - `strict`  when `false` anything `JSON.parse()` accepts will be parsed
+ *   - `reviver`  used as the second "reviver" argument for JSON.parse
+ *   - `limit`  byte limit disabled by default
+ *
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+exports = module.exports = function(options){
+  var options = options || {}
+    , strict = options.strict !== false;
+
+  var limit = options.limit
+    ? _limit(options.limit)
+    : noop;
+
+  return function json(req, res, next) {
+    if (req._body) return next();
+    req.body = req.body || {};
+
+    if (!utils.hasBody(req)) return next();
+
+    // check Content-Type
+    if (!exports.regexp.test(utils.mime(req))) return next();
+
+    // flag as parsed
+    req._body = true;
+
+    // parse
+    limit(req, res, function(err){
+      if (err) return next(err);
+      var buf = '';
+      req.setEncoding('utf8');
+      req.on('data', function(chunk){ buf += chunk });
+      req.on('end', function(){
+        var first = buf.trim()[0];
+
+        if (0 == buf.length) {
+          return next(utils.error(400, 'invalid json, empty body'));
+        }
+        
+        if (strict && '{' != first && '[' != first) return next(utils.error(400, 'invalid json'));
+        try {
+          req.body = JSON.parse(buf, options.reviver);
+        } catch (err){
+          err.body = buf;
+          err.status = 400;
+          return next(err);
+        }
+        next();
+      });
+    });
+  };
+};
+
+exports.regexp = /^application\/([\w!#\$%&\*`\-\.\^~]*\+)?json$/i;
+

+
+/*!
+ * Connect - limit
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('../utils'),
+  brokenPause = utils.brokenPause;
+
+/**
+ * Limit:
+ *
+ *   Limit request bodies to the given size in `bytes`.
+ *
+ *   A string representation of the bytesize may also be passed,
+ *   for example "5mb", "200kb", "1gb", etc.
+ *
+ *     connect()
+ *       .use(connect.limit('5.5mb'))
+ *       .use(handleImageUpload)
+ *
+ * @param {Number|String} bytes
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function limit(bytes){
+  if ('string' == typeof bytes) bytes = utils.parseBytes(bytes);
+  if ('number' != typeof bytes) throw new Error('limit() bytes required');
+  return function limit(req, res, next){
+    var received = 0
+      , len = req.headers['content-length']
+        ? parseInt(req.headers['content-length'], 10)
+        : null;
+
+    // self-awareness
+    if (req._limit) return next();
+    req._limit = true;
+
+    // limit by content-length
+    if (len && len > bytes) return next(utils.error(413));
+
+    // limit
+    if (brokenPause) {
+      listen();
+    } else {
+      req.on('newListener', function handler(event) {
+        if (event !== 'data') return;
+
+        req.removeListener('newListener', handler);
+        // Start listening at the end of the current loop
+        // otherwise the request will be consumed too early.
+        // Sideaffect is `limit` will miss the first chunk,
+        // but that's not a big deal.
+        // Unfortunately, the tests don't have large enough
+        // request bodies to test this.
+        process.nextTick(listen);
+      });
+    };
+
+    next();
+
+    function listen() {
+      req.on('data', function(chunk) {
+        received += Buffer.isBuffer(chunk)
+          ? chunk.length :
+          Buffer.byteLength(chunk);
+
+        if (received > bytes) req.destroy();
+      });
+    };
+  };
+};
\ No newline at end of file

+/*!
+ * Connect - logger
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var bytes = require('bytes');
+
+/*!
+ * Log buffer.
+ */
+
+var buf = [];
+
+/*!
+ * Default log buffer duration.
+ */
+
+var defaultBufferDuration = 1000;
+
+/**
+ * Logger:
+ *
+ * Log requests with the given `options` or a `format` string.
+ *
+ * Options:
+ *
+ *   - `format`  Format string, see below for tokens
+ *   - `stream`  Output stream, defaults to _stdout_
+ *   - `buffer`  Buffer duration, defaults to 1000ms when _true_
+ *   - `immediate`  Write log line on request instead of response (for response times)
+ *
+ * Tokens:
+ *
+ *   - `:req[header]` ex: `:req[Accept]`
+ *   - `:res[header]` ex: `:res[Content-Length]`
+ *   - `:http-version`
+ *   - `:response-time`
+ *   - `:remote-addr`
+ *   - `:date`
+ *   - `:method`
+ *   - `:url`
+ *   - `:referrer`
+ *   - `:user-agent`
+ *   - `:status`
+ *
+ * Formats:
+ *
+ *   Pre-defined formats that ship with connect:
+ *
+ *    - `default` ':remote-addr - - [:date] ":method :url HTTP/:http-version" :status :res[content-length] ":referrer" ":user-agent"'
+ *    - `short` ':remote-addr - :method :url HTTP/:http-version :status :res[content-length] - :response-time ms'
+ *    - `tiny`  ':method :url :status :res[content-length] - :response-time ms'
+ *    - `dev` concise output colored by response status for development use
+ *
+ * Examples:
+ *
+ *      connect.logger() // default
+ *      connect.logger('short')
+ *      connect.logger('tiny')
+ *      connect.logger({ immediate: true, format: 'dev' })
+ *      connect.logger(':method :url - :referrer')
+ *      connect.logger(':req[content-type] -> :res[content-type]')
+ *      connect.logger(function(tokens, req, res){ return 'some format string' })
+ *
+ * Defining Tokens:
+ *
+ *   To define a token, simply invoke `connect.logger.token()` with the
+ *   name and a callback function. The value returned is then available
+ *   as ":type" in this case.
+ *
+ *      connect.logger.token('type', function(req, res){ return req.headers['content-type']; })
+ *
+ * Defining Formats:
+ *
+ *   All default formats are defined this way, however it's public API as well:
+ *
+ *       connect.logger.format('name', 'string or function')
+ *
+ * @param {String|Function|Object} format or options
+ * @return {Function}
+ * @api public
+ */
+
+exports = module.exports = function logger(options) {
+  if ('object' == typeof options) {
+    options = options || {};
+  } else if (options) {
+    options = { format: options };
+  } else {
+    options = {};
+  }
+
+  // output on request instead of response
+  var immediate = options.immediate;
+
+  // format name
+  var fmt = exports[options.format] || options.format || exports.default;
+
+  // compile format
+  if ('function' != typeof fmt) fmt = compile(fmt);
+
+  // options
+  var stream = options.stream || process.stdout
+    , buffer = options.buffer;
+
+  // buffering support
+  if (buffer) {
+    var realStream = stream
+      , interval = 'number' == typeof buffer
+        ? buffer
+        : defaultBufferDuration;
+
+    // flush interval
+    setInterval(function(){
+      if (buf.length) {
+        realStream.write(buf.join(''));
+        buf.length = 0;
+      }
+    }, interval); 
+
+    // swap the stream
+    stream = {
+      write: function(str){
+        buf.push(str);
+      }
+    };
+  }
+
+  return function logger(req, res, next) {
+    req._startTime = new Date;
+
+    // immediate
+    if (immediate) {
+      var line = fmt(exports, req, res);
+      if (null == line) return;
+      stream.write(line + '\n');
+    // proxy end to output logging
+    } else {
+      var end = res.end;
+      res.end = function(chunk, encoding){
+        res.end = end;
+        res.end(chunk, encoding);
+        var line = fmt(exports, req, res);
+        if (null == line) return;
+        stream.write(line + '\n');
+      };
+    }
+
+
+    next();
+  };
+};
+
+/**
+ * Compile `fmt` into a function.
+ *
+ * @param {String} fmt
+ * @return {Function}
+ * @api private
+ */
+
+function compile(fmt) {
+  fmt = fmt.replace(/"/g, '\\"');
+  var js = '  return "' + fmt.replace(/:([-\w]{2,})(?:\[([^\]]+)\])?/g, function(_, name, arg){
+    return '"\n    + (tokens["' + name + '"](req, res, "' + arg + '") || "-") + "';
+  }) + '";'
+  return new Function('tokens, req, res', js);
+};
+
+/**
+ * Define a token function with the given `name`,
+ * and callback `fn(req, res)`.
+ *
+ * @param {String} name
+ * @param {Function} fn
+ * @return {Object} exports for chaining
+ * @api public
+ */
+
+exports.token = function(name, fn) {
+  exports[name] = fn;
+  return this;
+};
+
+/**
+ * Define a `fmt` with the given `name`.
+ *
+ * @param {String} name
+ * @param {String|Function} fmt
+ * @return {Object} exports for chaining
+ * @api public
+ */
+
+exports.format = function(name, str){
+  exports[name] = str;
+  return this;
+};
+
+/**
+ * Default format.
+ */
+
+exports.format('default', ':remote-addr - - [:date] ":method :url HTTP/:http-version" :status :res[content-length] ":referrer" ":user-agent"');
+
+/**
+ * Short format.
+ */
+
+exports.format('short', ':remote-addr - :method :url HTTP/:http-version :status :res[content-length] - :response-time ms');
+
+/**
+ * Tiny format.
+ */
+
+exports.format('tiny', ':method :url :status :res[content-length] - :response-time ms');
+
+/**
+ * dev (colored)
+ */
+
+exports.format('dev', function(tokens, req, res){
+  var status = res.statusCode
+    , len = parseInt(res.getHeader('Content-Length'), 10)
+    , color = 32;
+
+  if (status >= 500) color = 31
+  else if (status >= 400) color = 33
+  else if (status >= 300) color = 36;
+
+  len = isNaN(len)
+    ? ''
+    : len = ' - ' + bytes(len);
+
+  return '\x1b[90m' + req.method
+    + ' ' + req.originalUrl + ' '
+    + '\x1b[' + color + 'm' + res.statusCode
+    + ' \x1b[90m'
+    + (new Date - req._startTime)
+    + 'ms' + len
+    + '\x1b[0m';
+});
+
+/**
+ * request url
+ */
+
+exports.token('url', function(req){
+  return req.originalUrl || req.url;
+});
+
+/**
+ * request method
+ */
+
+exports.token('method', function(req){
+  return req.method;
+});
+
+/**
+ * response time in milliseconds
+ */
+
+exports.token('response-time', function(req){
+  return new Date - req._startTime;
+});
+
+/**
+ * UTC date
+ */
+
+exports.token('date', function(){
+  return new Date().toUTCString();
+});
+
+/**
+ * response status code
+ */
+
+exports.token('status', function(req, res){
+  return res.statusCode;
+});
+
+/**
+ * normalized referrer
+ */
+
+exports.token('referrer', function(req){
+  return req.headers['referer'] || req.headers['referrer'];
+});
+
+/**
+ * remote address
+ */
+
+exports.token('remote-addr', function(req){
+  if (req.ip) return req.ip;
+  var sock = req.socket;
+  if (sock.socket) return sock.socket.remoteAddress;
+  return sock.remoteAddress;
+});
+
+/**
+ * HTTP version
+ */
+
+exports.token('http-version', function(req){
+  return req.httpVersionMajor + '.' + req.httpVersionMinor;
+});
+
+/**
+ * UA string
+ */
+
+exports.token('user-agent', function(req){
+  return req.headers['user-agent'];
+});
+
+/**
+ * request header
+ */
+
+exports.token('req', function(req, res, field){
+  return req.headers[field.toLowerCase()];
+});
+
+/**
+ * response header
+ */
+
+exports.token('res', function(req, res, field){
+  return (res._headers || {})[field.toLowerCase()];
+});
+

+
+/*!
+ * Connect - methodOverride
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var methods = require('methods');
+
+/**
+ * Method Override:
+ *
+ * Provides faux HTTP method support.
+ *
+ * Pass an optional `key` to use when checking for
+ * a method override, othewise defaults to _\_method_.
+ * The original method is available via `req.originalMethod`.
+ *
+ * @param {String} key
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function methodOverride(key){
+  key = key || "_method";
+  return function methodOverride(req, res, next) {
+    var method;
+    req.originalMethod = req.originalMethod || req.method;
+
+    // req.body
+    if (req.body && key in req.body) {
+      method = req.body[key].toLowerCase();
+      delete req.body[key];
+    }
+
+    // check X-HTTP-Method-Override
+    if (req.headers['x-http-method-override']) {
+      method = req.headers['x-http-method-override'].toLowerCase();
+    }
+
+    // replace
+    if (supports(method)) req.method = method.toUpperCase();
+
+    next();
+  };
+};
+
+/**
+ * Check if node supports `method`.
+ */
+
+function supports(method) {
+  return ~methods.indexOf(method);
+}

+/*!
+ * Connect - multipart
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var formidable = require('formidable')
+  , _limit = require('./limit')
+  , utils = require('../utils')
+  , qs = require('qs');
+
+/**
+ * noop middleware.
+ */
+
+function noop(req, res, next) {
+  next();
+}
+
+/**
+ * Multipart:
+ * 
+ * Parse multipart/form-data request bodies,
+ * providing the parsed object as `req.body`
+ * and `req.files`.
+ *
+ * Configuration:
+ *
+ *  The options passed are merged with [formidable](https://github.com/felixge/node-formidable)'s
+ *  `IncomingForm` object, allowing you to configure the upload directory,
+ *  size limits, etc. For example if you wish to change the upload dir do the following.
+ *
+ *     app.use(connect.multipart({ uploadDir: path }));
+ *
+ * Options:
+ *
+ *   - `limit`  byte limit defaulting to none
+ *   - `defer`  defers processing and exposes the Formidable form object as `req.form`.
+ *              `next()` is called without waiting for the form's "end" event.
+ *              This option is useful if you need to bind to the "progress" event, for example.
+ *
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+exports = module.exports = function(options){
+  options = options || {};
+
+  var limit = options.limit
+    ? _limit(options.limit)
+    : noop;
+
+  return function multipart(req, res, next) {
+    if (req._body) return next();
+    req.body = req.body || {};
+    req.files = req.files || {};
+
+    if (!utils.hasBody(req)) return next();
+
+    // ignore GET
+    if ('GET' == req.method || 'HEAD' == req.method) return next();
+
+    // check Content-Type
+    if ('multipart/form-data' != utils.mime(req)) return next();
+
+    // flag as parsed
+    req._body = true;
+
+    // parse
+    limit(req, res, function(err){
+      if (err) return next(err);
+
+      var form = new formidable.IncomingForm
+        , data = {}
+        , files = {}
+        , done;
+
+      Object.keys(options).forEach(function(key){
+        form[key] = options[key];
+      });
+
+      function ondata(name, val, data){
+        if (Array.isArray(data[name])) {
+          data[name].push(val);
+        } else if (data[name]) {
+          data[name] = [data[name], val];
+        } else {
+          data[name] = val;
+        }
+      }
+
+      form.on('field', function(name, val){
+        ondata(name, val, data);
+      });
+
+      form.on('file', function(name, val){
+        ondata(name, val, files);
+      });
+
+      form.on('error', function(err){
+        if (!options.defer) {
+          err.status = 400;
+          next(err);
+        }
+        done = true;
+      });
+
+      form.on('end', function(){
+        if (done) return;
+        try {
+          req.body = qs.parse(data);
+          req.files = qs.parse(files);
+        } catch (err) {
+          form.emit('error', err);
+          return;
+        }
+        if (!options.defer) next();
+      });
+
+      form.parse(req);
+
+      if (options.defer) {
+        req.form = form;
+        next();
+      }
+    });
+  }
+};

+/*!
+ * Connect - query
+ * Copyright(c) 2011 TJ Holowaychuk
+ * Copyright(c) 2011 Sencha Inc.
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var qs = require('qs')
+  , parse = require('../utils').parseUrl;
+
+/**
+ * Query:
+ *
+ * Automatically parse the query-string when available,
+ * populating the `req.query` object.
+ *
+ * Examples:
+ *
+ *     connect()
+ *       .use(connect.query())
+ *       .use(function(req, res){
+ *         res.end(JSON.stringify(req.query));
+ *       });
+ *
+ *  The `options` passed are provided to qs.parse function.
+ *
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function query(options){
+  return function query(req, res, next){
+    if (!req.query) {
+      req.query = ~req.url.indexOf('?')
+        ? qs.parse(parse(req).query, options)
+        : {};
+    }
+
+    next();
+  };
+};

+
+/*!
+ * Connect - responseTime
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Reponse time:
+ *
+ * Adds the `X-Response-Time` header displaying the response
+ * duration in milliseconds.
+ *
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function responseTime(){
+  return function(req, res, next){
+    var start = new Date;
+
+    if (res._responseTime) return next();
+    res._responseTime = true;
+
+    res.on('header', function(){
+      var duration = new Date - start;
+      res.setHeader('X-Response-Time', duration + 'ms');
+    });
+
+    next();
+  };
+};

+
+/*!
+ * Connect - session - Cookie
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('../../utils')
+  , cookie = require('cookie');
+
+/**
+ * Initialize a new `Cookie` with the given `options`.
+ *
+ * @param {IncomingMessage} req
+ * @param {Object} options
+ * @api private
+ */
+
+var Cookie = module.exports = function Cookie(options) {
+  this.path = '/';
+  this.maxAge = null;
+  this.httpOnly = true;
+  if (options) utils.merge(this, options);
+  this.originalMaxAge = undefined == this.originalMaxAge
+    ? this.maxAge
+    : this.originalMaxAge;
+};
+
+/*!
+ * Prototype.
+ */
+
+Cookie.prototype = {
+
+  /**
+   * Set expires `date`.
+   *
+   * @param {Date} date
+   * @api public
+   */
+
+  set expires(date) {
+    this._expires = date;
+    this.originalMaxAge = this.maxAge;
+  },
+
+  /**
+   * Get expires `date`.
+   *
+   * @return {Date}
+   * @api public
+   */
+
+  get expires() {
+    return this._expires;
+  },
+
+  /**
+   * Set expires via max-age in `ms`.
+   *
+   * @param {Number} ms
+   * @api public
+   */
+
+  set maxAge(ms) {
+    this.expires = 'number' == typeof ms
+      ? new Date(Date.now() + ms)
+      : ms;
+  },
+
+  /**
+   * Get expires max-age in `ms`.
+   *
+   * @return {Number}
+   * @api public
+   */
+
+  get maxAge() {
+    return this.expires instanceof Date
+      ? this.expires.valueOf() - Date.now()
+      : this.expires;
+  },
+
+  /**
+   * Return cookie data object.
+   *
+   * @return {Object}
+   * @api private
+   */
+
+  get data() {
+    return {
+        originalMaxAge: this.originalMaxAge
+      , expires: this._expires
+      , secure: this.secure
+      , httpOnly: this.httpOnly
+      , domain: this.domain
+      , path: this.path
+    }
+  },
+
+  /**
+   * Check if the cookie has a reasonably large max-age.
+   *
+   * @return {Boolean}
+   * @api private
+   */
+
+  get hasLongExpires() {
+    var week = 604800000;
+    return this.maxAge > (4 * week);
+  },
+
+  /**
+   * Return a serialized cookie string.
+   *
+   * @return {String}
+   * @api public
+   */
+
+  serialize: function(name, val){
+    return cookie.serialize(name, val, this.data);
+  },
+
+  /**
+   * Return JSON representation of this cookie.
+   *
+   * @return {Object}
+   * @api private
+   */
+
+  toJSON: function(){
+    return this.data;
+  }
+};

+
+/*!
+ * Connect - session - MemoryStore
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var Store = require('./store');
+
+/**
+ * Initialize a new `MemoryStore`.
+ *
+ * @api public
+ */
+
+var MemoryStore = module.exports = function MemoryStore() {
+  this.sessions = {};
+};
+
+/**
+ * Inherit from `Store.prototype`.
+ */
+
+MemoryStore.prototype.__proto__ = Store.prototype;
+
+/**
+ * Attempt to fetch session by the given `sid`.
+ *
+ * @param {String} sid
+ * @param {Function} fn
+ * @api public
+ */
+
+MemoryStore.prototype.get = function(sid, fn){
+  var self = this;
+  process.nextTick(function(){
+    var expires
+      , sess = self.sessions[sid];
+    if (sess) {
+      sess = JSON.parse(sess);
+      expires = 'string' == typeof sess.cookie.expires
+        ? new Date(sess.cookie.expires)
+        : sess.cookie.expires;
+      if (!expires || new Date < expires) {
+        fn(null, sess);
+      } else {
+        self.destroy(sid, fn);
+      }
+    } else {
+      fn();
+    }
+  });
+};
+
+/**
+ * Commit the given `sess` object associated with the given `sid`.
+ *
+ * @param {String} sid
+ * @param {Session} sess
+ * @param {Function} fn
+ * @api public
+ */
+
+MemoryStore.prototype.set = function(sid, sess, fn){
+  var self = this;
+  process.nextTick(function(){
+    self.sessions[sid] = JSON.stringify(sess);
+    fn && fn();
+  });
+};
+
+/**
+ * Destroy the session associated with the given `sid`.
+ *
+ * @param {String} sid
+ * @api public
+ */
+
+MemoryStore.prototype.destroy = function(sid, fn){
+  var self = this;
+  process.nextTick(function(){
+    delete self.sessions[sid];
+    fn && fn();
+  });
+};
+
+/**
+ * Invoke the given callback `fn` with all active sessions.
+ *
+ * @param {Function} fn
+ * @api public
+ */
+
+MemoryStore.prototype.all = function(fn){
+  var arr = []
+    , keys = Object.keys(this.sessions);
+  for (var i = 0, len = keys.length; i < len; ++i) {
+    arr.push(this.sessions[keys[i]]);
+  }
+  fn(null, arr);
+};
+
+/**
+ * Clear all sessions.
+ *
+ * @param {Function} fn
+ * @api public
+ */
+
+MemoryStore.prototype.clear = function(fn){
+  this.sessions = {};
+  fn && fn();
+};
+
+/**
+ * Fetch number of sessions.
+ *
+ * @param {Function} fn
+ * @api public
+ */
+
+MemoryStore.prototype.length = function(fn){
+  fn(null, Object.keys(this.sessions).length);
+};

+
+/*!
+ * Connect - session - Session
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('../../utils');
+
+/**
+ * Create a new `Session` with the given request and `data`.
+ *
+ * @param {IncomingRequest} req
+ * @param {Object} data
+ * @api private
+ */
+
+var Session = module.exports = function Session(req, data) {
+  Object.defineProperty(this, 'req', { value: req });
+  Object.defineProperty(this, 'id', { value: req.sessionID });
+  if ('object' == typeof data) utils.merge(this, data);
+};
+
+/**
+ * Update reset `.cookie.maxAge` to prevent
+ * the cookie from expiring when the
+ * session is still active.
+ *
+ * @return {Session} for chaining
+ * @api public
+ */
+
+Session.prototype.touch = function(){
+  return this.resetMaxAge();
+};
+
+/**
+ * Reset `.maxAge` to `.originalMaxAge`.
+ *
+ * @return {Session} for chaining
+ * @api public
+ */
+
+Session.prototype.resetMaxAge = function(){
+  this.cookie.maxAge = this.cookie.originalMaxAge;
+  return this;
+};
+
+/**
+ * Save the session data with optional callback `fn(err)`.
+ *
+ * @param {Function} fn
+ * @return {Session} for chaining
+ * @api public
+ */
+
+Session.prototype.save = function(fn){
+  this.req.sessionStore.set(this.id, this, fn || function(){});
+  return this;
+};
+
+/**
+ * Re-loads the session data _without_ altering
+ * the maxAge properties. Invokes the callback `fn(err)`,
+ * after which time if no exception has occurred the
+ * `req.session` property will be a new `Session` object,
+ * although representing the same session.
+ *
+ * @param {Function} fn
+ * @return {Session} for chaining
+ * @api public
+ */
+
+Session.prototype.reload = function(fn){
+  var req = this.req
+    , store = this.req.sessionStore;
+  store.get(this.id, function(err, sess){
+    if (err) return fn(err);
+    if (!sess) return fn(new Error('failed to load session'));
+    store.createSession(req, sess);
+    fn();
+  });
+  return this;
+};
+
+/**
+ * Destroy `this` session.
+ *
+ * @param {Function} fn
+ * @return {Session} for chaining
+ * @api public
+ */
+
+Session.prototype.destroy = function(fn){
+  delete this.req.session;
+  this.req.sessionStore.destroy(this.id, fn);
+  return this;
+};
+
+/**
+ * Regenerate this request's session.
+ *
+ * @param {Function} fn
+ * @return {Session} for chaining
+ * @api public
+ */
+
+Session.prototype.regenerate = function(fn){
+  this.req.sessionStore.regenerate(this.req, fn);
+  return this;
+};

+
+/*!
+ * Connect - session - Store
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var EventEmitter = require('events').EventEmitter
+  , Session = require('./session')
+  , Cookie = require('./cookie');
+
+/**
+ * Initialize abstract `Store`.
+ *
+ * @api private
+ */
+
+var Store = module.exports = function Store(options){};
+
+/**
+ * Inherit from `EventEmitter.prototype`.
+ */
+
+Store.prototype.__proto__ = EventEmitter.prototype;
+
+/**
+ * Re-generate the given requests's session.
+ *
+ * @param {IncomingRequest} req
+ * @return {Function} fn
+ * @api public
+ */
+
+Store.prototype.regenerate = function(req, fn){
+  var self = this;
+  this.destroy(req.sessionID, function(err){
+    self.generate(req);
+    fn(err);
+  });
+};
+
+/**
+ * Load a `Session` instance via the given `sid`
+ * and invoke the callback `fn(err, sess)`.
+ *
+ * @param {String} sid
+ * @param {Function} fn
+ * @api public
+ */
+
+Store.prototype.load = function(sid, fn){
+  var self = this;
+  this.get(sid, function(err, sess){
+    if (err) return fn(err);
+    if (!sess) return fn();
+    var req = { sessionID: sid, sessionStore: self };
+    sess = self.createSession(req, sess);
+    fn(null, sess);
+  });
+};
+
+/**
+ * Create session from JSON `sess` data.
+ *
+ * @param {IncomingRequest} req
+ * @param {Object} sess
+ * @return {Session}
+ * @api private
+ */
+
+Store.prototype.createSession = function(req, sess){
+  var expires = sess.cookie.expires
+    , orig = sess.cookie.originalMaxAge;
+  sess.cookie = new Cookie(sess.cookie);
+  if ('string' == typeof expires) sess.cookie.expires = new Date(expires);
+  sess.cookie.originalMaxAge = orig;
+  req.session = new Session(req, sess);
+  return req.session;
+};

+/*!
+ * Connect - static
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var send = require('send')
+  , utils = require('../utils')
+  , parse = utils.parseUrl
+  , url = require('url');
+
+/**
+ * Static:
+ *
+ *   Static file server with the given `root` path.
+ *
+ * Examples:
+ *
+ *     var oneDay = 86400000;
+ *
+ *     connect()
+ *       .use(connect.static(__dirname + '/public'))
+ *
+ *     connect()
+ *       .use(connect.static(__dirname + '/public', { maxAge: oneDay }))
+ *
+ * Options:
+ *
+ *    - `maxAge`     Browser cache maxAge in milliseconds. defaults to 0
+ *    - `hidden`     Allow transfer of hidden files. defaults to false
+ *    - `redirect`   Redirect to trailing "/" when the pathname is a dir. defaults to true
+ *    - `index`      Default file name, defaults to 'index.html'
+ *
+ * @param {String} root
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+exports = module.exports = function(root, options){
+  options = options || {};
+
+  // root required
+  if (!root) throw new Error('static() root path required');
+
+  // default redirect
+  var redirect = false !== options.redirect;
+
+  return function staticMiddleware(req, res, next) {
+    if ('GET' != req.method && 'HEAD' != req.method) return next();
+    var path = parse(req).pathname;
+    var pause = utils.pause(req);
+
+    function resume() {
+      next();
+      pause.resume();
+    }
+
+    function directory() {
+      if (!redirect) return resume();
+      var pathname = url.parse(req.originalUrl).pathname;
+      res.statusCode = 303;
+      res.setHeader('Location', pathname + '/');
+      res.end('Redirecting to ' + utils.escape(pathname) + '/');
+    }
+
+    function error(err) {
+      if (404 == err.status) return resume();
+      next(err);
+    }
+
+    send(req, path)
+      .maxage(options.maxAge || 0)
+      .root(root)
+      .index(options.index || 'index.html')
+      .hidden(options.hidden)
+      .on('error', error)
+      .on('directory', directory)
+      .pipe(res);
+  };
+};
+
+/**
+ * Expose mime module.
+ *
+ * If you wish to extend the mime table use this
+ * reference to the "mime" module in the npm registry.
+ */
+
+exports.mime = send.mime;

+
+/*!
+ * Connect - staticCache
+ * Copyright(c) 2011 Sencha Inc.
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('../utils')
+  , Cache = require('../cache')
+  , fresh = require('fresh');
+
+/**
+ * Static cache:
+ *
+ * Enables a memory cache layer on top of
+ * the `static()` middleware, serving popular
+ * static files.
+ *
+ * By default a maximum of 128 objects are
+ * held in cache, with a max of 256k each,
+ * totalling ~32mb.
+ *
+ * A Least-Recently-Used (LRU) cache algo
+ * is implemented through the `Cache` object,
+ * simply rotating cache objects as they are
+ * hit. This means that increasingly popular
+ * objects maintain their positions while
+ * others get shoved out of the stack and
+ * garbage collected.
+ *
+ * Benchmarks:
+ *
+ *     static(): 2700 rps
+ *     node-static: 5300 rps
+ *     static() + staticCache(): 7500 rps
+ *
+ * Options:
+ *
+ *   - `maxObjects`  max cache objects [128]
+ *   - `maxLength`  max cache object length 256kb
+ *
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function staticCache(options){
+  var options = options || {}
+    , cache = new Cache(options.maxObjects || 128)
+    , maxlen = options.maxLength || 1024 * 256;
+
+  console.warn('connect.staticCache() is deprecated and will be removed in 3.0');
+  console.warn('use varnish or similar reverse proxy caches.');
+
+  return function staticCache(req, res, next){
+    var key = cacheKey(req)
+      , ranges = req.headers.range
+      , hasCookies = req.headers.cookie
+      , hit = cache.get(key);
+
+    // cache static
+    // TODO: change from staticCache() -> cache()
+    // and make this work for any request
+    req.on('static', function(stream){
+      var headers = res._headers
+        , cc = utils.parseCacheControl(headers['cache-control'] || '')
+        , contentLength = headers['content-length']
+        , hit;
+
+      // dont cache set-cookie responses
+      if (headers['set-cookie']) return hasCookies = true;
+
+      // dont cache when cookies are present
+      if (hasCookies) return;
+
+      // ignore larger files
+      if (!contentLength || contentLength > maxlen) return;
+
+      // don't cache partial files
+      if (headers['content-range']) return;
+
+      // dont cache items we shouldn't be
+      // TODO: real support for must-revalidate / no-cache
+      if ( cc['no-cache']
+        || cc['no-store']
+        || cc['private']
+        || cc['must-revalidate']) return;
+
+      // if already in cache then validate
+      if (hit = cache.get(key)){
+        if (headers.etag == hit[0].etag) {
+          hit[0].date = new Date;
+          return;
+        } else {
+          cache.remove(key);
+        }
+      }
+
+      // validation notifiactions don't contain a steam
+      if (null == stream) return;
+
+      // add the cache object
+      var arr = [];
+
+      // store the chunks
+      stream.on('data', function(chunk){
+        arr.push(chunk);
+      });
+
+      // flag it as complete
+      stream.on('end', function(){
+        var cacheEntry = cache.add(key);
+        delete headers['x-cache']; // Clean up (TODO: others)
+        cacheEntry.push(200);
+        cacheEntry.push(headers);
+        cacheEntry.push.apply(cacheEntry, arr);
+      });
+    });
+
+    if (req.method == 'GET' || req.method == 'HEAD') {
+      if (ranges) {
+        next();
+      } else if (!hasCookies && hit && !mustRevalidate(req, hit)) {
+        res.setHeader('X-Cache', 'HIT');
+        respondFromCache(req, res, hit);
+      } else {
+        res.setHeader('X-Cache', 'MISS');
+        next();
+      }
+    } else {
+      next();
+    }
+  }
+};
+
+/**
+ * Respond with the provided cached value.
+ * TODO: Assume 200 code, that's iffy.
+ *
+ * @param {Object} req
+ * @param {Object} res
+ * @param {Object} cacheEntry
+ * @return {String}
+ * @api private
+ */
+
+function respondFromCache(req, res, cacheEntry) {
+  var status = cacheEntry[0]
+    , headers = utils.merge({}, cacheEntry[1])
+    , content = cacheEntry.slice(2);
+
+  headers.age = (new Date - new Date(headers.date)) / 1000 || 0;
+
+  switch (req.method) {
+    case 'HEAD':
+      res.writeHead(status, headers);
+      res.end();
+      break;
+    case 'GET':
+      if (utils.conditionalGET(req) && fresh(req.headers, headers)) {
+        headers['content-length'] = 0;
+        res.writeHead(304, headers);
+        res.end();
+      } else {
+        res.writeHead(status, headers);
+
+        function write() {
+          while (content.length) {
+            if (false === res.write(content.shift())) {
+              res.once('drain', write);
+              return;
+            }
+          }
+          res.end();
+        }
+
+        write();
+      }
+      break;
+    default:
+      // This should never happen.
+      res.writeHead(500, '');
+      res.end();
+  }
+}
+
+/**
+ * Determine whether or not a cached value must be revalidated.
+ *
+ * @param {Object} req
+ * @param {Object} cacheEntry
+ * @return {String}
+ * @api private
+ */
+
+function mustRevalidate(req, cacheEntry) {
+  var cacheHeaders = cacheEntry[1]
+    , reqCC = utils.parseCacheControl(req.headers['cache-control'] || '')
+    , cacheCC = utils.parseCacheControl(cacheHeaders['cache-control'] || '')
+    , cacheAge = (new Date - new Date(cacheHeaders.date)) / 1000 || 0;
+
+  if ( cacheCC['no-cache']
+    || cacheCC['must-revalidate']
+    || cacheCC['proxy-revalidate']) return true;
+
+  if (reqCC['no-cache']) return true;
+
+  if (null != reqCC['max-age']) return reqCC['max-age'] < cacheAge;
+
+  if (null != cacheCC['max-age']) return cacheCC['max-age'] < cacheAge;
+
+  return false;
+}
+
+/**
+ * The key to use in the cache. For now, this is the URL path and query.
+ *
+ * 'http://example.com?key=value' -> '/?key=value'
+ *
+ * @param {Object} req
+ * @return {String}
+ * @api private
+ */
+
+function cacheKey(req) {
+  return utils.parseUrl(req).path;
+}

+/*!
+ * Connect - timeout
+ * Ported from https://github.com/LearnBoost/connect-timeout
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var debug = require('debug')('connect:timeout');
+
+/**
+ * Timeout:
+ *
+ * Times out the request in `ms`, defaulting to `5000`. The
+ * method `req.clearTimeout()` is added to revert this behaviour
+ * programmatically within your application's middleware, routes, etc.
+ *
+ * The timeout error is passed to `next()` so that you may customize
+ * the response behaviour. This error has the `.timeout` property as
+ * well as `.status == 503`.
+ *
+ * @param {Number} ms
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function timeout(ms) {
+  ms = ms || 5000;
+
+  return function(req, res, next) {
+    var id = setTimeout(function(){
+      req.emit('timeout', ms);
+    }, ms);
+
+    req.on('timeout', function(){
+      if (res.headerSent) return debug('response started, cannot timeout');
+      var err = new Error('Response timeout');
+      err.timeout = ms;
+      err.status = 503;
+      next(err);
+    });
+
+    req.clearTimeout = function(){
+      clearTimeout(id);
+    };
+
+    res.on('header', function(){
+      clearTimeout(id);
+    });
+
+    next();
+  };
+};

+
+/*!
+ * Connect - urlencoded
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('../utils')
+  , _limit = require('./limit')
+  , qs = require('qs');
+
+/**
+ * noop middleware.
+ */
+
+function noop(req, res, next) {
+  next();
+}
+
+/**
+ * Urlencoded:
+ * 
+ *  Parse x-ww-form-urlencoded request bodies,
+ *  providing the parsed object as `req.body`.
+ *
+ * Options:
+ *
+ *    - `limit`  byte limit disabled by default
+ *
+ * @param {Object} options
+ * @return {Function}
+ * @api public
+ */
+
+exports = module.exports = function(options){
+  options = options || {};
+
+  var limit = options.limit
+    ? _limit(options.limit)
+    : noop;
+
+  return function urlencoded(req, res, next) {
+    if (req._body) return next();
+    req.body = req.body || {};
+
+    if (!utils.hasBody(req)) return next();
+
+    // check Content-Type
+    if ('application/x-www-form-urlencoded' != utils.mime(req)) return next();
+
+    // flag as parsed
+    req._body = true;
+
+    // parse
+    limit(req, res, function(err){
+      if (err) return next(err);
+      var buf = '';
+      req.setEncoding('utf8');
+      req.on('data', function(chunk){ buf += chunk });
+      req.on('end', function(){
+        try {
+          req.body = buf.length
+            ? qs.parse(buf, options)
+            : {};
+        } catch (err){
+          err.body = buf;
+          return next(err);
+        }
+        next();
+      });
+    });
+  }
+};

+
+/*!
+ * Connect - vhost
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Vhost:
+ *
+ *   Setup vhost for the given `hostname` and `server`.
+ *
+ *     connect()
+ *       .use(connect.vhost('foo.com', fooApp))
+ *       .use(connect.vhost('bar.com', barApp))
+ *       .use(connect.vhost('*.com', mainApp))
+ *
+ *  The `server` may be a Connect server or
+ *  a regular Node `http.Server`.
+ *
+ * @param {String} hostname
+ * @param {Server} server
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function vhost(hostname, server){
+  if (!hostname) throw new Error('vhost hostname required');
+  if (!server) throw new Error('vhost server required');
+  var regexp = new RegExp('^' + hostname.replace(/[^*\w]/g, '\\$&').replace(/[*]/g, '(?:.*?)')  + '$', 'i');
+  if (server.onvhost) server.onvhost(hostname);
+  return function vhost(req, res, next){
+    if (!req.headers.host) return next();
+    var host = req.headers.host.split(':')[0];
+    if (!regexp.test(host)) return next();
+    if ('function' == typeof server) return server(req, res, next);
+    server.emit('request', req, res);
+  };
+};

+
+/*!
+ * Connect
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var http = require('http')
+  , res = http.ServerResponse.prototype
+  , setHeader = res.setHeader
+  , _renderHeaders = res._renderHeaders
+  , writeHead = res.writeHead;
+
+// apply only once
+
+if (!res._hasConnectPatch) {
+
+  /**
+   * Provide a public "header sent" flag
+   * until node does.
+   *
+   * @return {Boolean}
+   * @api public
+   */
+
+  res.__defineGetter__('headerSent', function(){
+    return this._header;
+  });
+
+  /**
+   * Set header `field` to `val`, special-casing
+   * the `Set-Cookie` field for multiple support.
+   *
+   * @param {String} field
+   * @param {String} val
+   * @api public
+   */
+
+  res.setHeader = function(field, val){
+    var key = field.toLowerCase()
+      , prev;
+
+    // special-case Set-Cookie
+    if (this._headers && 'set-cookie' == key) {
+      if (prev = this.getHeader(field)) {
+        val = Array.isArray(prev)
+          ? prev.concat(val)
+          : [prev, val];
+      }
+    // charset
+    } else if ('content-type' == key && this.charset) {
+      val += '; charset=' + this.charset;
+    }
+
+    return setHeader.call(this, field, val);
+  };
+
+  /**
+   * Proxy to emit "header" event.
+   */
+
+  res._renderHeaders = function(){
+    if (!this._emittedHeader) this.emit('header');
+    this._emittedHeader = true;
+    return _renderHeaders.call(this);
+  };
+
+  res.writeHead = function(){
+    if (!this._emittedHeader) this.emit('header');
+    this._emittedHeader = true;
+    return writeHead.apply(this, arguments);
+  };
+
+  res._hasConnectPatch = true;
+}

+
+/*!
+ * Connect - HTTPServer
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var http = require('http')
+  , utils = require('./utils')
+  , debug = require('debug')('connect:dispatcher');
+
+// prototype
+
+var app = module.exports = {};
+
+// environment
+
+var env = process.env.NODE_ENV || 'development';
+
+/**
+ * Utilize the given middleware `handle` to the given `route`,
+ * defaulting to _/_. This "route" is the mount-point for the
+ * middleware, when given a value other than _/_ the middleware
+ * is only effective when that segment is present in the request's
+ * pathname.
+ *
+ * For example if we were to mount a function at _/admin_, it would
+ * be invoked on _/admin_, and _/admin/settings_, however it would
+ * not be invoked for _/_, or _/posts_.
+ *
+ * Examples:
+ *
+ *      var app = connect();
+ *      app.use(connect.favicon());
+ *      app.use(connect.logger());
+ *      app.use(connect.static(__dirname + '/public'));
+ *
+ * If we wanted to prefix static files with _/public_, we could
+ * "mount" the `static()` middleware:
+ *
+ *      app.use('/public', connect.static(__dirname + '/public'));
+ *
+ * This api is chainable, so the following is valid:
+ *
+ *      connect()
+ *        .use(connect.favicon())
+ *        .use(connect.logger())
+ *        .use(connect.static(__dirname + '/public'))
+ *        .listen(3000);
+ *
+ * @param {String|Function|Server} route, callback or server
+ * @param {Function|Server} callback or server
+ * @return {Server} for chaining
+ * @api public
+ */
+
+app.use = function(route, fn){
+  // default route to '/'
+  if ('string' != typeof route) {
+    fn = route;
+    route = '/';
+  }
+
+  // wrap sub-apps
+  if ('function' == typeof fn.handle) {
+    var server = fn;
+    fn.route = route;
+    fn = function(req, res, next){
+      server.handle(req, res, next);
+    };
+  }
+
+  // wrap vanilla http.Servers
+  if (fn instanceof http.Server) {
+    fn = fn.listeners('request')[0];
+  }
+
+  // strip trailing slash
+  if ('/' == route[route.length - 1]) {
+    route = route.slice(0, -1);
+  }
+
+  // add the middleware
+  debug('use %s %s', route || '/', fn.name || 'anonymous');
+  this.stack.push({ route: route, handle: fn });
+
+  return this;
+};
+
+/**
+ * Handle server requests, punting them down
+ * the middleware stack.
+ *
+ * @api private
+ */
+
+app.handle = function(req, res, out) {
+  var stack = this.stack
+    , fqdn = ~req.url.indexOf('://')
+    , removed = ''
+    , slashAdded = false
+    , index = 0;
+
+  function next(err) {
+    var layer, path, status, c;
+
+    if (slashAdded) {
+      req.url = req.url.substr(1);
+      slashAdded = false;
+    }
+
+    req.url = removed + req.url;
+    req.originalUrl = req.originalUrl || req.url;
+    removed = '';
+
+    // next callback
+    layer = stack[index++];
+
+    // all done
+    if (!layer || res.headerSent) {
+      // delegate to parent
+      if (out) return out(err);
+
+      // unhandled error
+      if (err) {
+        // default to 500
+        if (res.statusCode < 400) res.statusCode = 500;
+        debug('default %s', res.statusCode);
+
+        // respect err.status
+        if (err.status) res.statusCode = err.status;
+
+        // production gets a basic error message
+        var msg = 'production' == env
+          ? http.STATUS_CODES[res.statusCode]
+          : err.stack || err.toString();
+
+        // log to stderr in a non-test env
+        if ('test' != env) console.error(err.stack || err.toString());
+        if (res.headerSent) return req.socket.destroy();
+        res.setHeader('Content-Type', 'text/plain');
+        res.setHeader('Content-Length', Buffer.byteLength(msg));
+        if ('HEAD' == req.method) return res.end();
+        res.end(msg);
+      } else {
+        debug('default 404');
+        res.statusCode = 404;
+        res.setHeader('Content-Type', 'text/plain');
+        if ('HEAD' == req.method) return res.end();
+        res.end('Cannot ' + utils.escape(req.method) + ' ' + utils.escape(req.originalUrl));
+      }
+      return;
+    }
+
+    try {
+      path = utils.parseUrl(req).pathname;
+      if (undefined == path) path = '/';
+
+      // skip this layer if the route doesn't match.
+      if (0 != path.toLowerCase().indexOf(layer.route.toLowerCase())) return next(err);
+
+      c = path[layer.route.length];
+      if (c && '/' != c && '.' != c) return next(err);
+
+      // Call the layer handler
+      // Trim off the part of the url that matches the route
+      removed = layer.route;
+      req.url = req.url.substr(removed.length);
+
+      // Ensure leading slash
+      if (!fqdn && '/' != req.url[0]) {
+        req.url = '/' + req.url;
+        slashAdded = true;
+      }
+
+      debug('%s %s : %s', layer.handle.name || 'anonymous', layer.route, req.originalUrl);
+      var arity = layer.handle.length;
+      if (err) {
+        if (arity === 4) {
+          layer.handle(err, req, res, next);
+        } else {
+          next(err);
+        }
+      } else if (arity < 4) {
+        layer.handle(req, res, next);
+      } else {
+        next();
+      }
+    } catch (e) {
+      next(e);
+    }
+  }
+  next();
+};
+
+/**
+ * Listen for connections.
+ *
+ * This method takes the same arguments
+ * as node's `http.Server#listen()`.
+ *
+ * HTTP and HTTPS:
+ *
+ * If you run your application both as HTTP
+ * and HTTPS you may wrap them individually,
+ * since your Connect "server" is really just
+ * a JavaScript `Function`.
+ *
+ *      var connect = require('connect')
+ *        , http = require('http')
+ *        , https = require('https');
+ *
+ *      var app = connect();
+ *
+ *      http.createServer(app).listen(80);
+ *      https.createServer(options, app).listen(443);
+ *
+ * @return {http.Server}
+ * @api public
+ */
+
+app.listen = function(){
+  var server = http.createServer(this);
+  return server.listen.apply(server, arguments);
+};

+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset='utf-8'> 
+    <title>listing directory {directory}</title>
+    <style>{style}</style>
+    <script>
+      function $(id){
+        var el = 'string' == typeof id
+          ? document.getElementById(id)
+          : id;
+
+        el.on = function(event, fn){
+          if ('content loaded' == event) {
+            event = window.attachEvent ? "load" : "DOMContentLoaded";
+          }
+          el.addEventListener
+            ? el.addEventListener(event, fn, false)
+            : el.attachEvent("on" + event, fn);
+        };
+
+        el.all = function(selector){
+          return $(el.querySelectorAll(selector));
+        };
+
+        el.each = function(fn){
+          for (var i = 0, len = el.length; i < len; ++i) {
+            fn($(el[i]), i);
+          }
+        };
+
+        el.getClasses = function(){
+          return this.getAttribute('class').split(/\s+/);
+        };
+
+        el.addClass = function(name){
+          var classes = this.getAttribute('class');
+          el.setAttribute('class', classes
+            ? classes + ' ' + name
+            : name);
+        };
+
+        el.removeClass = function(name){
+          var classes = this.getClasses().filter(function(curr){
+            return curr != name;
+          });
+          this.setAttribute('class', classes);
+        };
+
+        return el;
+      }
+
+      function search() {
+        var str = $('search').value
+          , links = $('files').all('a');
+
+        links.each(function(link){
+          var text = link.textContent;
+
+          if ('..' == text) return;
+          if (str.length && ~text.indexOf(str)) {
+            link.addClass('highlight');
+          } else {
+            link.removeClass('highlight');
+          }
+        });
+      }
+
+      $(window).on('content loaded', function(){
+        $('search').on('keyup', search);
+      });
+    </script>
+  </head>
+  <body class="directory">
+    <input id="search" type="text" placeholder="Search" autocomplete="off" />
+    <div id="wrapper">
+      <h1>{linked-path}</h1>
+      {files}
+    </div>
+  </body>
+</html>
\ No newline at end of file

+<html>
+  <head>
+    <meta charset='utf-8'> 
+    <title>{error}</title>
+    <style>{style}</style>
+  </head>
+  <body>
+    <div id="wrapper">
+      <h1>{title}</h1>
+      <h2><em>{statusCode}</em> {error}</h2>
+      <ul id="stacktrace">{stack}</ul>
+    </div>
+  </body>
+</html>