Upgrading Our “Easy Node Authentication” Series to ExpressJS 4.0

Chris Sevilleja

With ExpressJS 4.0 coming out, a lot of people have been asking how to upgrade this tutorial to using Express and all of its great new features and awesome router. Let's go through and update our application so that we are using Express 4.0 and its new separated out dependencies.

The previous tutorials have been updated for Express 4. This tutorial will be for those that have already implemented this code and want to upgrade.

Is this a big change? As with any upgrade, you'll have to be careful of what features you've implemented and how they'll function after the upgrade. For our purposes, the big changes for us have to be done in how we set up our application. Since Express 4.0 removed a lot of its middleware into their own packages, we have to go grab those and configure them for our application. We'll only be looking at our

package.json and our server.js files.

Package Dependencies package.json We are using

four packages that were moved into their own repositories. These packages are: * express.logger (now morgan) * express.cookieParser (now cookie-parser) * express.bodyParser (now body-parser) * express.session (now session) Let's add those dependencies to our

package.json file. Also, we'll update our express dependency to version 4!

{
  "name": "node-authentication",
  "main": "server.js",
  "dependencies" : {
    "express" : "~4.0.0",           
    "ejs" : "~0.8.5",               
    "mongoose" : "~3.8.1",          
    "passport" : "~0.1.17",         
    "passport-local" : "~0.1.6",    
    "passport-facebook" : "~1.0.2", 
    "passport-twitter" : "~1.0.2",  
    "passport-google-oauth" : "~0.1.5",
    "connect-flash" : "~0.1.1",     
    "bcrypt-nodejs" : "latest",

    "morgan": "~1.0.0",
    "body-parser": "~1.0.0",
    "cookie-parser": "~1.0.0",
    "express-session": "~1.0.0"
  }
}

Now we can run:


$ npm install

to pull in our new dependencies. With our new packages, let's go use them in our

server.js file.

Setting Up Our Application server.js Let's go step by step. First, we will need to call our new packages.

// server.js

// set up ======================================================================
// get all the tools we need
var express  = require('express');
var app      = express();
var port     = process.env.PORT || 8080;
var mongoose = require('mongoose');
var passport = require('passport');
var flash    = require('connect-flash');

var morgan       = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser   = require('body-parser');
var session      = require('express-session');


With those new packages we will adjust our application to use them. We will also get rid of

app.configure() since that has been deprecated in Express 4.

Old Code Express 3

// server.js

...

app.configure(function() {

    // set up our express application
    app.use(express.logger('dev')); // log every request to the console
    app.use(express.cookieParser()); // read cookies (needed for auth)
    app.use(express.bodyParser()); // get information from html forms

    app.set('view engine', 'ejs'); // set up ejs for templating

    // required for passport
    app.use(express.session({ secret: 'ilovescotchscotchyscotchscotch' })); // session secret
    app.use(passport.initialize());
    app.use(passport.session()); // persistent login sessions
    app.use(flash()); // use connect-flash for flash messages stored in session

});

...

New Code Express 4

// server.js

...

    // set up our express application
    app.use(morgan('dev')); // log every request to the console
    app.use(cookieParser()); // read cookies (needed for auth)
    app.use(bodyParser.json()); // get information from html forms
        app.use(bodyParser.urlencoded({ extended: true }));

    app.set('view engine', 'ejs'); // set up ejs for templating

    // required for passport
    app.use(session({ secret: 'ilovescotchscotchyscotchscotch' })); // session secret
    app.use(passport.initialize());
    app.use(passport.session()); // persistent login sessions
    app.use(flash()); // use connect-flash for flash messages stored in session

...

We have removed

app.configure() which is no longer supported by Express 4. Notice how we also called the new packages that we created like bodyParser instead of express.bodyParser.

We're Done! With those quick changes, we're fully upgraded and can start taking advantage of the new features of Express 4 like its

router. Edit #1: Added bodyParser.json() and bodyParser.urlencoded({ extended: true });. Thanks for the tip DavideRoss12.

Chris Sevilleja

156 posts

Co-founder of Scotch.io. Slapping the keyboard until something good happens.