Middleware

    • body-parser
    • connect.compress (gzip)
    • cookie parser
    • cookie-session
    • express-session
    • app.use(require(csurf());
    • protects against cross-site request forgery (CSRF)) attacks
    • must be linked after express-session

    directory

    • provides directory listing for static files

    errorhandler

    • app.use(require(errorhandler)())
    • Do not use in production.
    • serves favicon

    morgan

    • automated logging from all requests

    method-override

    • provides support for x-http-method-override request header to allow browsers to fake using HTTP methods other than GET & POST. Useful for debugging. Only needed if writting APIs.
    • parses `querystring``
    • Already comes in express

    response-time

    • Adds header to the response (milliseconds)
    • Useful for performance tunning

    static

    • Provides support to serve static files
    • You can use it multiple times to specify multiple directories
    • virtual hosts