file upload with size, number and types, csrf tokens added to posting

5 years ago · ff1d5e5fe7
parent e631b6f026
commit ff1d5e5fe7
7 changed files with 226 additions and 324 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 node_modules/
 configs/*.json
+static/img/*
--- a/controllers/api.js
+++ b/controllers/api.js
@ -10,9 +10,7 @@ const express  = require('express')
 // make new post
 router.post('/board/:board', Boards.exists, async (req, res, next) => {

-
-
-	//ghetto setting to 0 so expres validator doesnt skip null value. needs looking into.
+	// check if this is responding to an existing thread
 	if (req.body.thread) {
 		let thread;
 		try {
@ -25,22 +23,28 @@ router.post('/board/:board', Boards.exists, async (req, res, next) => {
 		}
 	}

-	try {
-		await files.uploadAndThumb(req, res);
-	} catch (err) {
-		console.error(err);
-		return res.status(500).json({ 'message': 'Error uploading file' });
+	let filename = '';
+	//we got a file
+	if (req.files != null && Object.keys(req.files).length > 0) {
+		try {
+			// save and thumb it
+			filename = await files.uploadAndThumb(req, res);
+		} catch (err) {
+			console.error(err);
+			return res.status(500).json({ 'message': 'Error uploading file' });
+		}
 	}

-	//add the post
-	const post = await Posts.insertOne(req.params.board, {
-		'author': req.body.author || 'Anonymous',
-		'subject': req.body.subject || '',
-		'date': new Date(),
-		'content': req.body.content,
-		'thread': req.body.thread || null,
-		'file': req.file ? req.file.filename : ''
-	})
+	const data = {
+        'author': req.body.author || 'Anonymous',
+        'subject': req.body.subject || '',
+        'date': new Date(),
+        'content': req.body.content,
+        'thread': req.body.thread || null,
+        'file': filename
+    };
+
+	const post = await Posts.insertOne(req.params.board, data)

 	const redirect = '/' + req.params.board + '/thread/' + (req.body.thread || post.insertedId);

@ -56,8 +60,7 @@ router.delete('/board/:board/post/:id(\\d+)', Boards.exists, async (req, res, ne
 // get recent threads and preview posts
 router.get('/board/:board/recent/:page(\\d+)?', Boards.exists, async (req, res, next) => {

-	//get the recently bumped thread & preview posts
-	let threads;
+	//get the recently bumped thread & preview po	let threads;
 	try {
 		threads = await Posts.getRecent(req.params.board, req.params.page || 1);
 	} catch (err) {
--- a/helpers/file.js
+++ b/helpers/file.js
@ -1,48 +1,37 @@
 'use strict';
-const multer = require('multer')
-	, fileFilter = require(__dirname+'/filefilter.js')
+const isValidFile = require(__dirname+'/filefilter.js')
 	, path = require('path')
 	, uploadDest = path.join(__dirname, '/../static/img/')
 	, uuidv4 = require('uuid/v4')
-	, storage = multer.diskStorage({
-		destination: function (req, file, cb) {
-			cb(null, uploadDest)
-		},
-		filename: function (req, file, cb) {
-			cb(null, uuidv4() + path.extname(file.originalname))
-		}
-	})
-	, upload = multer({
-		storage: storage,
-		limits: { fileSize: 1 * 1024 * 1024 }, //1MB for now
-		fileFilter: fileFilter
-	}).single('file')
 	, gm = require('@tohru/gm');

 module.exports = {

-	upload,
-
 	uploadDest,

 	uploadAndThumb: (req, res) => {
 		return new Promise((resolve, reject) => {
-			upload(req, res, function (err) {
+			const file = req.files.file;
+			//check type
+			if (!isValidFile(file)) {
+				return reject(new Error('Unsupported file type'))
+			}
+			//save it
+			const filename = uuidv4() + path.extname(file.name);
+			file.mv(uploadDest + filename, function (err) {
 				if (err) {
-					return reject(err)
-				}
-				if (req.file) {
-					//thumbnail it
-					gm(uploadDest+req.file.filename)
-						.resize(128, 128)
-						.noProfile()
-						.write(uploadDest+'thumb-'+req.file.filename, function (err) {
-						if (err) {
-							return reject(err);
-						}
-						return resolve()
-					});
+					return reject(err);
 				}
+				//thumbnail it
+				gm(uploadDest + filename)
+					.resize(128, 128)
+					.noProfile()
+					.write(uploadDest + 'thumb-' + filename, function (err) {
+					if (err) {
+						return reject(err);
+					}
+					return resolve(filename);
+				});
 			});
 		});
 	},
--- a/helpers/filefilter.js
+++ b/helpers/filefilter.js
@ -2,12 +2,4 @@

 const allowedMimeTypes = new Set(['image/jpeg', 'image/pjpeg', 'image/png', 'image/gif']);

-module.exports = (req, file, cb) => {
-
-	if (!allowedMimeTypes.has(file.mimetype)) {
-		cb(new Error('file type must be jpg, png or gif'))
-	}
-
-	cb(null, true)
-
-}
+module.exports = (file) => allowedMimeTypes.has(file.mimetype);
--- a/package-lock.json
+++ b/package-lock.json
@ -6,13 +6,12 @@
  "dependencies": {
    "@tohru/gm": {
      "version": "git+https://github.com/iCrawl/gm.git#70ade5ebee96db0e38d621eb8f9744e5eee159c7",
-      "from": "git+https://github.com/iCrawl/gm.git",
      "requires": {
-        "array-parallel": "^0.1.3",
-        "array-series": "^0.1.5",
-        "cross-spawn": "^4.0.0",
-        "debug": "^3.1.0",
-        "tmp": "^0.0.33"
+        "array-parallel": "0.1.3",
+        "array-series": "0.1.5",
+        "cross-spawn": "4.0.2",
+        "debug": "3.2.6",
+        "tmp": "0.0.33"
      },
      "dependencies": {
        "debug": {
@ -20,7 +19,7 @@
          "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz",
          "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==",
          "requires": {
-            "ms": "^2.1.1"
+            "ms": "2.1.1"
          }
        },
        "ms": {
@ -40,7 +39,7 @@
      "resolved": "https://registry.npmjs.org/@types/babylon/-/babylon-6.16.3.tgz",
      "integrity": "sha512-lyJ8sW1PbY3uwuvpOBZ9zMYKshMnQpXmeDHh8dj9j2nJm/xrW0FgB5gLSYOArj5X0IfaXnmhFoJnhS4KbqIMug==",
      "requires": {
-        "@types/babel-types": "*"
+        "@types/babel-types": "7.0.4"
      }
    },
    "accepts": {
@ -48,7 +47,7 @@
      "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.5.tgz",
      "integrity": "sha1-63d99gEXI6OxTopywIBcjoZ0a9I=",
      "requires": {
-        "mime-types": "~2.1.18",
+        "mime-types": "2.1.19",
        "negotiator": "0.6.1"
      }
    },
@ -62,7 +61,7 @@
      "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-3.1.0.tgz",
      "integrity": "sha1-/YJw9x+7SZawBPqIDuXUZXOnMb8=",
      "requires": {
-        "acorn": "^4.0.4"
+        "acorn": "4.0.13"
      },
      "dependencies": {
        "acorn": {
@ -77,16 +76,11 @@
      "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz",
      "integrity": "sha1-DNkKVhCT810KmSVsIrcGlDP60Rc=",
      "requires": {
-        "kind-of": "^3.0.2",
-        "longest": "^1.0.1",
-        "repeat-string": "^1.5.2"
+        "kind-of": "3.2.2",
+        "longest": "1.0.1",
+        "repeat-string": "1.6.1"
      }
    },
-    "append-field": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/append-field/-/append-field-1.0.0.tgz",
-      "integrity": "sha1-HjRA6RXwsSA9I3SOeO3XubW0PlY="
-    },
    "array-flatten": {
      "version": "1.1.1",
      "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz",
@ -112,8 +106,8 @@
      "resolved": "https://registry.npmjs.org/babel-runtime/-/babel-runtime-6.26.0.tgz",
      "integrity": "sha1-llxwWGaOgrVde/4E/yM3vItWR/4=",
      "requires": {
-        "core-js": "^2.4.0",
-        "regenerator-runtime": "^0.11.0"
+        "core-js": "2.5.7",
+        "regenerator-runtime": "0.11.1"
      }
    },
    "babel-types": {
@ -121,10 +115,10 @@
      "resolved": "https://registry.npmjs.org/babel-types/-/babel-types-6.26.0.tgz",
      "integrity": "sha1-o7Bz+Uq0nrb6Vc1lInozQ4BjJJc=",
      "requires": {
-        "babel-runtime": "^6.26.0",
-        "esutils": "^2.0.2",
-        "lodash": "^4.17.4",
-        "to-fast-properties": "^1.0.3"
+        "babel-runtime": "6.26.0",
+        "esutils": "2.0.2",
+        "lodash": "4.17.11",
+        "to-fast-properties": "1.0.3"
      }
    },
    "babylon": {
@ -138,15 +132,15 @@
      "integrity": "sha1-WykhmP/dVTs6DyDe0FkrlWlVyLQ=",
      "requires": {
        "bytes": "3.0.0",
-        "content-type": "~1.0.4",
+        "content-type": "1.0.4",
        "debug": "2.6.9",
-        "depd": "~1.1.2",
-        "http-errors": "~1.6.3",
+        "depd": "1.1.2",
+        "http-errors": "1.6.3",
        "iconv-lite": "0.4.23",
-        "on-finished": "~2.3.0",
+        "on-finished": "2.3.0",
        "qs": "6.5.2",
        "raw-body": "2.3.3",
-        "type-is": "~1.6.16"
+        "type-is": "1.6.16"
      }
    },
    "bson": {
@ -154,11 +148,6 @@
      "resolved": "https://registry.npmjs.org/bson/-/bson-1.0.9.tgz",
      "integrity": "sha512-IQX9/h7WdMBIW/q/++tGd+emQr0XMdeZ6icnT/74Xk9fnabWn+gZgpE+9V+gujL3hhJOoNrnDVY7tWdzc7NUTg=="
    },
-    "buffer-from": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz",
-      "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A=="
-    },
    "buffer-shims": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/buffer-shims/-/buffer-shims-1.0.0.tgz",
@ -170,7 +159,7 @@
      "integrity": "sha1-bCpiLvz0fFe7vh4qnDetNseSVFM=",
      "requires": {
        "dicer": "0.2.5",
-        "readable-stream": "1.1.x"
+        "readable-stream": "1.1.14"
      },
      "dependencies": {
        "isarray": {
@ -183,10 +172,10 @@
          "resolved": "http://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz",
          "integrity": "sha1-fPTFTvZI44EwhMY23SB54WbAgdk=",
          "requires": {
-            "core-util-is": "~1.0.0",
-            "inherits": "~2.0.1",
+            "core-util-is": "1.0.2",
+            "inherits": "2.0.3",
            "isarray": "0.0.1",
-            "string_decoder": "~0.10.x"
+            "string_decoder": "0.10.31"
          }
        },
        "string_decoder": {
@ -216,8 +205,8 @@
      "resolved": "https://registry.npmjs.org/center-align/-/center-align-0.1.3.tgz",
      "integrity": "sha1-qg0yYptu6XIgBBHL1EYckHvCt60=",
      "requires": {
-        "align-text": "^0.1.3",
-        "lazy-cache": "^1.0.3"
+        "align-text": "0.1.4",
+        "lazy-cache": "1.0.4"
      }
    },
    "character-parser": {
@ -225,7 +214,7 @@
      "resolved": "https://registry.npmjs.org/character-parser/-/character-parser-2.2.0.tgz",
      "integrity": "sha1-x84o821LzZdE5f/CxfzeHHMmH8A=",
      "requires": {
-        "is-regex": "^1.0.3"
+        "is-regex": "1.0.4"
      }
    },
    "clean-css": {
@ -233,7 +222,7 @@
      "resolved": "https://registry.npmjs.org/clean-css/-/clean-css-4.2.1.tgz",
      "integrity": "sha512-4ZxI6dy4lrY6FHzfiy1aEOXgu4LIsW2MhwG0VBKdcoGoH/XLFgaHSdLTGr4O8Be6A8r3MOphEiI8Gc1n0ecf3g==",
      "requires": {
-        "source-map": "~0.6.0"
+        "source-map": "0.6.1"
      }
    },
    "cliui": {
@ -241,28 +230,17 @@
      "resolved": "https://registry.npmjs.org/cliui/-/cliui-2.1.0.tgz",
      "integrity": "sha1-S0dXYP+AJkx2LDoXGQMukcf+oNE=",
      "requires": {
-        "center-align": "^0.1.1",
-        "right-align": "^0.1.1",
+        "center-align": "0.1.3",
+        "right-align": "0.1.3",
        "wordwrap": "0.0.2"
      }
    },
-    "concat-stream": {
-      "version": "1.6.2",
-      "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-1.6.2.tgz",
-      "integrity": "sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==",
-      "requires": {
-        "buffer-from": "^1.0.0",
-        "inherits": "^2.0.3",
-        "readable-stream": "^2.2.2",
-        "typedarray": "^0.0.6"
-      }
-    },
    "connect-mongo": {
      "version": "2.0.3",
      "resolved": "https://registry.npmjs.org/connect-mongo/-/connect-mongo-2.0.3.tgz",
      "integrity": "sha512-Vs+QZ/6X6gbCrP1Ls7Oh/wlyY6pgpbPSrUKF5yRT+zd+4GZPNbjNquxquZ+Clv2+03HBXE7T4lVM0PUcaBhihg==",
      "requires": {
-        "mongodb": "^2.0.36"
+        "mongodb": "2.2.36"
      },
      "dependencies": {
        "mongodb": {
@ -285,13 +263,13 @@
          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.2.7.tgz",
          "integrity": "sha1-BwV6y+JGeyIELTb5jFrVBwVOlbE=",
          "requires": {
-            "buffer-shims": "~1.0.0",
-            "core-util-is": "~1.0.0",
-            "inherits": "~2.0.1",
-            "isarray": "~1.0.0",
-            "process-nextick-args": "~1.0.6",
-            "string_decoder": "~1.0.0",
-            "util-deprecate": "~1.0.1"
+            "buffer-shims": "1.0.0",
+            "core-util-is": "1.0.2",
+            "inherits": "2.0.3",
+            "isarray": "1.0.0",
+            "process-nextick-args": "1.0.7",
+            "string_decoder": "1.0.3",
+            "util-deprecate": "1.0.2"
          }
        },
        "string_decoder": {
@ -299,7 +277,7 @@
          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz",
          "integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==",
          "requires": {
-            "safe-buffer": "~5.1.0"
+            "safe-buffer": "5.1.2"
          }
        }
      }
@ -309,10 +287,10 @@
      "resolved": "https://registry.npmjs.org/constantinople/-/constantinople-3.1.2.tgz",
      "integrity": "sha512-yePcBqEFhLOqSBtwYOGGS1exHo/s1xjekXiinh4itpNQGCu4KA1euPh1fg07N2wMITZXQkBz75Ntdt1ctGZouw==",
      "requires": {
-        "@types/babel-types": "^7.0.0",
-        "@types/babylon": "^6.16.2",
-        "babel-types": "^6.26.0",
-        "babylon": "^6.18.0"
+        "@types/babel-types": "7.0.4",
+        "@types/babylon": "6.16.3",
+        "babel-types": "6.26.0",
+        "babylon": "6.18.0"
      }
    },
    "content-disposition": {
@ -369,8 +347,8 @@
      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-4.0.2.tgz",
      "integrity": "sha1-e5JHYhwjrf3ThWAEqCPL45dCTUE=",
      "requires": {
-        "lru-cache": "^4.0.1",
-        "which": "^1.2.9"
+        "lru-cache": "4.1.5",
+        "which": "1.3.1"
      }
    },
    "csrf": {
@ -390,8 +368,8 @@
      "requires": {
        "cookie": "0.3.1",
        "cookie-signature": "1.0.6",
-        "csrf": "~3.0.3",
-        "http-errors": "~1.5.0"
+        "csrf": "3.0.6",
+        "http-errors": "1.5.1"
      },
      "dependencies": {
        "http-errors": {
@ -401,7 +379,7 @@
          "requires": {
            "inherits": "2.0.3",
            "setprototypeof": "1.0.2",
-            "statuses": ">= 1.3.1 < 2"
+            "statuses": "1.5.0"
          }
        },
        "setprototypeof": {
@ -444,7 +422,7 @@
      "resolved": "https://registry.npmjs.org/dicer/-/dicer-0.2.5.tgz",
      "integrity": "sha1-WZbAhrszIYyBLAkL3cCc0S+stw8=",
      "requires": {
-        "readable-stream": "1.1.x",
+        "readable-stream": "1.1.14",
        "streamsearch": "0.1.2"
      },
      "dependencies": {
@ -458,10 +436,10 @@
          "resolved": "http://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz",
          "integrity": "sha1-fPTFTvZI44EwhMY23SB54WbAgdk=",
          "requires": {
-            "core-util-is": "~1.0.0",
-            "inherits": "~2.0.1",
+            "core-util-is": "1.0.2",
+            "inherits": "2.0.3",
            "isarray": "0.0.1",
-            "string_decoder": "~0.10.x"
+            "string_decoder": "0.10.31"
          }
        },
        "string_decoder": {
@ -526,36 +504,36 @@
      "resolved": "https://registry.npmjs.org/express/-/express-4.16.3.tgz",
      "integrity": "sha1-avilAjUNsyRuzEvs9rWjTSL37VM=",
      "requires": {
-        "accepts": "~1.3.5",
+        "accepts": "1.3.5",
        "array-flatten": "1.1.1",
        "body-parser": "1.18.2",
        "content-disposition": "0.5.2",
-        "content-type": "~1.0.4",
+        "content-type": "1.0.4",
        "cookie": "0.3.1",
        "cookie-signature": "1.0.6",
        "debug": "2.6.9",
-        "depd": "~1.1.2",
-        "encodeurl": "~1.0.2",
-        "escape-html": "~1.0.3",
-        "etag": "~1.8.1",
+        "depd": "1.1.2",
+        "encodeurl": "1.0.2",
+        "escape-html": "1.0.3",
+        "etag": "1.8.1",
        "finalhandler": "1.1.1",
        "fresh": "0.5.2",
        "merge-descriptors": "1.0.1",
-        "methods": "~1.1.2",
-        "on-finished": "~2.3.0",
-        "parseurl": "~1.3.2",
+        "methods": "1.1.2",
+        "on-finished": "2.3.0",
+        "parseurl": "1.3.2",
        "path-to-regexp": "0.1.7",
-        "proxy-addr": "~2.0.3",
+        "proxy-addr": "2.0.4",
        "qs": "6.5.1",
-        "range-parser": "~1.2.0",
+        "range-parser": "1.2.0",
        "safe-buffer": "5.1.1",
        "send": "0.16.2",
        "serve-static": "1.13.2",
        "setprototypeof": "1.1.0",
-        "statuses": "~1.4.0",
-        "type-is": "~1.6.16",
+        "statuses": "1.4.0",
+        "type-is": "1.6.16",
        "utils-merge": "1.0.1",
-        "vary": "~1.1.2"
+        "vary": "1.1.2"
      },
      "dependencies": {
        "body-parser": {
@ -564,15 +542,15 @@
          "integrity": "sha1-h2eKGdhLR9hZuDGZvVm84iKxBFQ=",
          "requires": {
            "bytes": "3.0.0",
-            "content-type": "~1.0.4",
+            "content-type": "1.0.4",
            "debug": "2.6.9",
-            "depd": "~1.1.1",
-            "http-errors": "~1.6.2",
+            "depd": "1.1.2",
+            "http-errors": "1.6.3",
            "iconv-lite": "0.4.19",
-            "on-finished": "~2.3.0",
+            "on-finished": "2.3.0",
            "qs": "6.5.1",
            "raw-body": "2.3.2",
-            "type-is": "~1.6.15"
+            "type-is": "1.6.16"
          }
        },
        "iconv-lite": {
@ -609,7 +587,7 @@
                "depd": "1.1.1",
                "inherits": "2.0.3",
                "setprototypeof": "1.0.3",
-                "statuses": ">= 1.3.1 < 2"
+                "statuses": "1.4.0"
              }
            },
            "setprototypeof": {
@ -636,7 +614,7 @@
      "resolved": "https://registry.npmjs.org/express-fileupload/-/express-fileupload-1.1.3-alpha.2.tgz",
      "integrity": "sha512-askIbniNmGzLBsmzDzfy9aR3vOFCUgNBOKesplC8XAYT85rOOTlgK0gdJMwgDKQ8tw4sdfgYpAnAbuPbYoyQKg==",
      "requires": {
-        "busboy": "^0.2.14"
+        "busboy": "0.2.14"
      }
    },
    "express-session": {
@ -648,10 +626,10 @@
        "cookie-signature": "1.0.6",
        "crc": "3.4.4",
        "debug": "2.6.9",
-        "depd": "~1.1.1",
-        "on-headers": "~1.0.1",
-        "parseurl": "~1.3.2",
-        "uid-safe": "~2.1.5",
+        "depd": "1.1.2",
+        "on-headers": "1.0.1",
+        "parseurl": "1.3.2",
+        "uid-safe": "2.1.5",
        "utils-merge": "1.0.1"
      },
      "dependencies": {
@ -660,7 +638,7 @@
          "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
          "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
          "requires": {
-            "random-bytes": "~1.0.0"
+            "random-bytes": "1.0.0"
          }
        }
      }
@ -671,12 +649,12 @@
      "integrity": "sha512-Y1GUDo39ez4aHAw7MysnUD5JzYX+WaIj8I57kO3aEPT1fFRL4sr7mjei97FgnwhAyyzRYmQZaTHb2+9uZ1dPtg==",
      "requires": {
        "debug": "2.6.9",
-        "encodeurl": "~1.0.2",
-        "escape-html": "~1.0.3",
-        "on-finished": "~2.3.0",
-        "parseurl": "~1.3.2",
-        "statuses": "~1.4.0",
-        "unpipe": "~1.0.0"
+        "encodeurl": "1.0.2",
+        "escape-html": "1.0.3",
+        "on-finished": "2.3.0",
+        "parseurl": "1.3.2",
+        "statuses": "1.4.0",
+        "unpipe": "1.0.0"
      },
      "dependencies": {
        "statuses": {
@ -716,7 +694,7 @@
      "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz",
      "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==",
      "requires": {
-        "function-bind": "^1.1.1"
+        "function-bind": "1.1.1"
      }
    },
    "helmet": {
@ -775,10 +753,10 @@
      "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz",
      "integrity": "sha1-i1VoC7S+KDoLW/TqLjhYC+HZMg0=",
      "requires": {
-        "depd": "~1.1.2",
+        "depd": "1.1.2",
        "inherits": "2.0.3",
        "setprototypeof": "1.1.0",
-        "statuses": ">= 1.4.0 < 2"
+        "statuses": "1.5.0"
      }
    },
    "iconv-lite": {
@ -786,7 +764,7 @@
      "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.23.tgz",
      "integrity": "sha512-neyTUVFtahjf0mB3dZT77u+8O0QB89jFdnBkd5P1JgYPbPaia3gXXOVL2fq8VyU2gMMD7SaN7QukTB/pmXYvDA==",
      "requires": {
-        "safer-buffer": ">= 2.1.2 < 3"
+        "safer-buffer": "2.1.2"
      }
    },
    "ienoopen": {
@ -814,8 +792,8 @@
      "resolved": "https://registry.npmjs.org/is-expression/-/is-expression-3.0.0.tgz",
      "integrity": "sha1-Oayqa+f9HzRx3ELHQW5hwkMXrJ8=",
      "requires": {
-        "acorn": "~4.0.2",
-        "object-assign": "^4.0.1"
+        "acorn": "4.0.13",
+        "object-assign": "4.1.1"
      },
      "dependencies": {
        "acorn": {
@ -835,7 +813,7 @@
      "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.0.4.tgz",
      "integrity": "sha1-VRdIm1RwkbCTDglWVM7SXul+lJE=",
      "requires": {
-        "has": "^1.0.1"
+        "has": "1.0.3"
      }
    },
    "isarray": {
@ -858,8 +836,8 @@
      "resolved": "https://registry.npmjs.org/jstransformer/-/jstransformer-1.0.0.tgz",
      "integrity": "sha1-7Yvwkh4vPx7U1cGkT2hwntJHIsM=",
      "requires": {
-        "is-promise": "^2.0.0",
-        "promise": "^7.0.1"
+        "is-promise": "2.1.0",
+        "promise": "7.3.1"
      }
    },
    "kind-of": {
@ -867,7 +845,7 @@
      "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz",
      "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=",
      "requires": {
-        "is-buffer": "^1.1.5"
+        "is-buffer": "1.1.6"
      }
    },
    "lazy-cache": {
@ -890,8 +868,8 @@
      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.5.tgz",
      "integrity": "sha512-sWZlbEP2OsHNkXrMl5GYk/jKk70MBng6UU4YI/qGDYbgf6YbP4EvmqISbXCoJiRKs+1bSpFHVgQxvJ17F2li5g==",
      "requires": {
-        "pseudomap": "^1.0.2",
-        "yallist": "^2.1.2"
+        "pseudomap": "1.0.2",
+        "yallist": "2.1.2"
      }
    },
    "media-typer": {
@ -930,20 +908,7 @@
      "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.19.tgz",
      "integrity": "sha512-P1tKYHVSZ6uFo26mtnve4HQFE3koh1UWVkp8YUC+ESBHe945xWSoXuHHiGarDqcEZ+whpCDnlNw5LON0kLo+sw==",
      "requires": {
-        "mime-db": "~1.35.0"
-      }
-    },
-    "minimist": {
-      "version": "0.0.8",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz",
-      "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0="
-    },
-    "mkdirp": {
-      "version": "0.5.1",
-      "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz",
-      "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=",
-      "requires": {
-        "minimist": "0.0.8"
+        "mime-db": "1.35.0"
      }
    },
    "mongodb": {
@ -952,7 +917,7 @@
      "integrity": "sha512-xQ6apOOV+w7VFApdaJpWhYhzartpjIDFQjG0AwgJkLh7dBs7PTsq4A3Bia2QWpDohmAzTBIdQVLMqqLy0mwt3Q==",
      "requires": {
        "mongodb-core": "3.2.2",
-        "safe-buffer": "^5.1.2"
+        "safe-buffer": "5.1.2"
      },
      "dependencies": {
        "bson": {
@ -965,10 +930,10 @@
          "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.2.2.tgz",
          "integrity": "sha512-YRgC39MuzKL0uoGoRdTmV1e9m47NbMnYmuEx4IOkgWAGXPSEzRY7cwb3N0XMmrDMnD9vp7MysNyAriIIeGgIQg==",
          "requires": {
-            "bson": "^1.1.1",
-            "require_optional": "^1.0.1",
-            "safe-buffer": "^5.1.2",
-            "saslprep": "^1.0.0"
+            "bson": "1.1.1",
+            "require_optional": "1.0.1",
+            "safe-buffer": "5.1.2",
+            "saslprep": "1.0.2"
          }
        }
      }
@ -978,8 +943,8 @@
      "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-2.1.20.tgz",
      "integrity": "sha512-IN57CX5/Q1bhDq6ShAR6gIv4koFsZP7L8WOK1S0lR0pVDQaScffSMV5jxubLsmZ7J+UdqmykKw4r9hG3XQEGgQ==",
      "requires": {
-        "bson": "~1.0.4",
-        "require_optional": "~1.0.0"
+        "bson": "1.0.9",
+        "require_optional": "1.0.1"
      }
    },
    "ms": {
@ -987,21 +952,6 @@
      "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
      "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g="
    },
-    "multer": {
-      "version": "1.4.1",
-      "resolved": "https://registry.npmjs.org/multer/-/multer-1.4.1.tgz",
-      "integrity": "sha512-zzOLNRxzszwd+61JFuAo0fxdQfvku12aNJgnla0AQ+hHxFmfc/B7jBVuPr5Rmvu46Jze/iJrFpSOsD7afO8SDw==",
-      "requires": {
-        "append-field": "^1.0.0",
-        "busboy": "^0.2.11",
-        "concat-stream": "^1.5.2",
-        "mkdirp": "^0.5.1",
-        "object-assign": "^4.1.1",
-        "on-finished": "^2.3.0",
-        "type-is": "^1.6.4",
-        "xtend": "^4.0.0"
-      }
-    },
    "negotiator": {
      "version": "0.6.1",
      "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz",
@ -1045,8 +995,8 @@
      "resolved": "https://registry.npmjs.org/path/-/path-0.12.7.tgz",
      "integrity": "sha1-1NwqUGxM4hl+tIHr/NWzbAFAsQ8=",
      "requires": {
-        "process": "^0.11.1",
-        "util": "^0.10.3"
+        "process": "0.11.10",
+        "util": "0.10.4"
      }
    },
    "path-parse": {
@ -1069,17 +1019,12 @@
      "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz",
      "integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI="
    },
-    "process-nextick-args": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.0.tgz",
-      "integrity": "sha512-MtEC1TqN0EU5nephaJ4rAtThHtC86dNN9qCuEhtshvpVBkAW5ZO7BASN9REnF9eoXGcRub+pFuKEpOHE+HbEMw=="
-    },
    "promise": {
      "version": "7.3.1",
      "resolved": "https://registry.npmjs.org/promise/-/promise-7.3.1.tgz",
      "integrity": "sha512-nolQXZ/4L+bP/UGlkfaIujX9BKxGwmQ9OT4mOt5yvy8iK1h3wqTEJCijzGANTCCl9nWjY41juyAn2K3Q1hLLTg==",
      "requires": {
-        "asap": "~2.0.3"
+        "asap": "2.0.6"
      }
    },
    "proxy-addr": {
@ -1087,7 +1032,7 @@
      "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.4.tgz",
      "integrity": "sha512-5erio2h9jp5CHGwcybmxmVqHmnCBZeewlfJ0pex+UW7Qny7OOZXTtH56TGNyBizkgiOwhJtMKrVzDTeKcySZwA==",
      "requires": {
-        "forwarded": "~0.1.2",
+        "forwarded": "0.1.2",
        "ipaddr.js": "1.8.0"
      }
    },
@ -1101,14 +1046,14 @@
      "resolved": "https://registry.npmjs.org/pug/-/pug-2.0.3.tgz",
      "integrity": "sha1-ccuoJTfJWl6rftBGluQiH1Oqh44=",
      "requires": {
-        "pug-code-gen": "^2.0.1",
-        "pug-filters": "^3.1.0",
-        "pug-lexer": "^4.0.0",
-        "pug-linker": "^3.0.5",
-        "pug-load": "^2.0.11",
-        "pug-parser": "^5.0.0",
-        "pug-runtime": "^2.0.4",
-        "pug-strip-comments": "^1.0.3"
+        "pug-code-gen": "2.0.1",
+        "pug-filters": "3.1.0",
+        "pug-lexer": "4.0.0",
+        "pug-linker": "3.0.5",
+        "pug-load": "2.0.11",
+        "pug-parser": "5.0.0",
+        "pug-runtime": "2.0.4",
+        "pug-strip-comments": "1.0.3"
      }
    },
    "pug-attrs": {
@ -1116,9 +1061,9 @@
      "resolved": "https://registry.npmjs.org/pug-attrs/-/pug-attrs-2.0.3.tgz",
      "integrity": "sha1-owlflw5kFR972tlX7vVftdeQXRU=",
      "requires": {
-        "constantinople": "^3.0.1",
-        "js-stringify": "^1.0.1",
-        "pug-runtime": "^2.0.4"
+        "constantinople": "3.1.2",
+        "js-stringify": "1.0.2",
+        "pug-runtime": "2.0.4"
      }
    },
    "pug-code-gen": {
@ -1126,14 +1071,14 @@
      "resolved": "https://registry.npmjs.org/pug-code-gen/-/pug-code-gen-2.0.1.tgz",
      "integrity": "sha1-CVHsgyJddNjPxHan+Zolm199BQw=",
      "requires": {
-        "constantinople": "^3.0.1",
-        "doctypes": "^1.1.0",
-        "js-stringify": "^1.0.1",
-        "pug-attrs": "^2.0.3",
-        "pug-error": "^1.3.2",
-        "pug-runtime": "^2.0.4",
-        "void-elements": "^2.0.1",
-        "with": "^5.0.0"
+        "constantinople": "3.1.2",
+        "doctypes": "1.1.0",
+        "js-stringify": "1.0.2",
+        "pug-attrs": "2.0.3",
+        "pug-error": "1.3.2",
+        "pug-runtime": "2.0.4",
+        "void-elements": "2.0.1",
+        "with": "5.1.1"
      }
    },
    "pug-error": {
@ -1146,13 +1091,13 @@
      "resolved": "https://registry.npmjs.org/pug-filters/-/pug-filters-3.1.0.tgz",
      "integrity": "sha1-JxZVVbwEwjbkqisDZiRt+gIbYm4=",
      "requires": {
-        "clean-css": "^4.1.11",
-        "constantinople": "^3.0.1",
+        "clean-css": "4.2.1",
+        "constantinople": "3.1.2",
        "jstransformer": "1.0.0",
-        "pug-error": "^1.3.2",
-        "pug-walk": "^1.1.7",
-        "resolve": "^1.1.6",
-        "uglify-js": "^2.6.1"
+        "pug-error": "1.3.2",
+        "pug-walk": "1.1.7",
+        "resolve": "1.8.1",
+        "uglify-js": "2.8.29"
      }
    },
    "pug-lexer": {
@ -1160,9 +1105,9 @@
      "resolved": "https://registry.npmjs.org/pug-lexer/-/pug-lexer-4.0.0.tgz",
      "integrity": "sha1-IQwYRX7y4XYCQnQMXmR715TOwng=",
      "requires": {
-        "character-parser": "^2.1.1",
-        "is-expression": "^3.0.0",
-        "pug-error": "^1.3.2"
+        "character-parser": "2.2.0",
+        "is-expression": "3.0.0",
+        "pug-error": "1.3.2"
      }
    },
    "pug-linker": {
@ -1170,8 +1115,8 @@
      "resolved": "https://registry.npmjs.org/pug-linker/-/pug-linker-3.0.5.tgz",
      "integrity": "sha1-npp65ABWgtAn3uuWsAD4juuDoC8=",
      "requires": {
-        "pug-error": "^1.3.2",
-        "pug-walk": "^1.1.7"
+        "pug-error": "1.3.2",
+        "pug-walk": "1.1.7"
      }
    },
    "pug-load": {
@ -1179,8 +1124,8 @@
      "resolved": "https://registry.npmjs.org/pug-load/-/pug-load-2.0.11.tgz",
      "integrity": "sha1-5kjlftET/iwfRdV4WOorrWvAFSc=",
      "requires": {
-        "object-assign": "^4.1.0",
-        "pug-walk": "^1.1.7"
+        "object-assign": "4.1.1",
+        "pug-walk": "1.1.7"
      }
    },
    "pug-parser": {
@ -1188,7 +1133,7 @@
      "resolved": "https://registry.npmjs.org/pug-parser/-/pug-parser-5.0.0.tgz",
      "integrity": "sha1-45Stmz/KkxI5QK/4hcBuRKt+aOQ=",
      "requires": {
-        "pug-error": "^1.3.2",
+        "pug-error": "1.3.2",
        "token-stream": "0.0.1"
      }
    },
@ -1202,7 +1147,7 @@
      "resolved": "https://registry.npmjs.org/pug-strip-comments/-/pug-strip-comments-1.0.3.tgz",
      "integrity": "sha1-8VWVkiBu3G+FMQ2s9K+0igJa9Z8=",
      "requires": {
-        "pug-error": "^1.3.2"
+        "pug-error": "1.3.2"
      }
    },
    "pug-walk": {
@ -1236,20 +1181,6 @@
        "unpipe": "1.0.0"
      }
    },
-    "readable-stream": {
-      "version": "2.3.6",
-      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz",
-      "integrity": "sha512-tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==",
-      "requires": {
-        "core-util-is": "~1.0.0",
-        "inherits": "~2.0.3",
-        "isarray": "~1.0.0",
-        "process-nextick-args": "~2.0.0",
-        "safe-buffer": "~5.1.1",
-        "string_decoder": "~1.1.1",
-        "util-deprecate": "~1.0.1"
-      }
-    },
    "referrer-policy": {
      "version": "1.1.0",
      "resolved": "https://registry.npmjs.org/referrer-policy/-/referrer-policy-1.1.0.tgz",
@ -1270,8 +1201,8 @@
      "resolved": "https://registry.npmjs.org/require_optional/-/require_optional-1.0.1.tgz",
      "integrity": "sha512-qhM/y57enGWHAe3v/NcwML6a3/vfESLe/sGM2dII+gEO0BpKRUkWZow/tyloNqJyN6kXSl3RyyM8Ll5D/sJP8g==",
      "requires": {
-        "resolve-from": "^2.0.0",
-        "semver": "^5.1.0"
+        "resolve-from": "2.0.0",
+        "semver": "5.5.1"
      }
    },
    "resolve": {
@ -1279,7 +1210,7 @@
      "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.8.1.tgz",
      "integrity": "sha512-AicPrAC7Qu1JxPCZ9ZgCZlY35QgFnNqc+0LtbRNxnVw4TXvjQ72wnuL9JQcEBgXkI9JM8MsT9kaQoHcpCRJOYA==",
      "requires": {
-        "path-parse": "^1.0.5"
+        "path-parse": "1.0.6"
      }
    },
    "resolve-from": {
@ -1292,7 +1223,7 @@
      "resolved": "https://registry.npmjs.org/right-align/-/right-align-0.1.3.tgz",
      "integrity": "sha1-YTObci/mo1FWiSENJOFMlhSGE+8=",
      "requires": {
-        "align-text": "^0.1.1"
+        "align-text": "0.1.4"
      }
    },
    "rndm": {
@ -1316,7 +1247,7 @@
      "integrity": "sha512-4cDsYuAjXssUSjxHKRe4DTZC0agDwsCqcMqtJAQPzC74nJ7LfAJflAtC1Zed5hMzEQKj82d3tuzqdGNRsLJ4Gw==",
      "optional": true,
      "requires": {
-        "sparse-bitfield": "^3.0.3"
+        "sparse-bitfield": "3.0.3"
      }
    },
    "semver": {
@ -1330,18 +1261,18 @@
      "integrity": "sha512-E64YFPUssFHEFBvpbbjr44NCLtI1AohxQ8ZSiJjQLskAdKuriYEP6VyGEsRDH8ScozGpkaX1BGvhanqCwkcEZw==",
      "requires": {
        "debug": "2.6.9",
-        "depd": "~1.1.2",
-        "destroy": "~1.0.4",
-        "encodeurl": "~1.0.2",
-        "escape-html": "~1.0.3",
-        "etag": "~1.8.1",
+        "depd": "1.1.2",
+        "destroy": "1.0.4",
+        "encodeurl": "1.0.2",
+        "escape-html": "1.0.3",
+        "etag": "1.8.1",
        "fresh": "0.5.2",
-        "http-errors": "~1.6.2",
+        "http-errors": "1.6.3",
        "mime": "1.4.1",
        "ms": "2.0.0",
-        "on-finished": "~2.3.0",
-        "range-parser": "~1.2.0",
-        "statuses": "~1.4.0"
+        "on-finished": "2.3.0",
+        "range-parser": "1.2.0",
+        "statuses": "1.4.0"
      },
      "dependencies": {
        "statuses": {
@ -1356,9 +1287,9 @@
      "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.13.2.tgz",
      "integrity": "sha512-p/tdJrO4U387R9oMjb1oj7qSMaMfmOyd4j9hOFoxZe2baQszgHcSWjuya/CiT5kgZZKRudHNOA0pYXOl8rQ5nw==",
      "requires": {
-        "encodeurl": "~1.0.2",
-        "escape-html": "~1.0.3",
-        "parseurl": "~1.3.2",
+        "encodeurl": "1.0.2",
+        "escape-html": "1.0.3",
+        "parseurl": "1.3.2",
        "send": "0.16.2"
      }
    },
@ -1378,7 +1309,7 @@
      "integrity": "sha1-/0rm5oZWBWuks+eSqzM004JzyhE=",
      "optional": true,
      "requires": {
-        "memory-pager": "^1.0.2"
+        "memory-pager": "1.5.0"
      }
    },
    "statuses": {
@ -1391,20 +1322,12 @@
      "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-0.1.2.tgz",
      "integrity": "sha1-gIudDlb8Jz2Am6VzOOkpkZoanxo="
    },
-    "string_decoder": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
-      "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
-      "requires": {
-        "safe-buffer": "~5.1.0"
-      }
-    },
    "tmp": {
      "version": "0.0.33",
      "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz",
      "integrity": "sha512-jRCJlojKnZ3addtTOjdIqoRuPEKBvNXcGYqzO6zWZX8KfKEpnGY5jfggJQ3EjKuu8D4bJRr0y+cYJFmYbImXGw==",
      "requires": {
-        "os-tmpdir": "~1.0.2"
+        "os-tmpdir": "1.0.2"
      }
    },
    "to-fast-properties": {
@ -1428,22 +1351,17 @@
      "integrity": "sha512-HRkVv/5qY2G6I8iab9cI7v1bOIdhm94dVjQCPFElW9W+3GeDOSHmy2EBYe4VTApuzolPcmgFTN3ftVJRKR2J9Q==",
      "requires": {
        "media-typer": "0.3.0",
-        "mime-types": "~2.1.18"
+        "mime-types": "2.1.19"
      }
    },
-    "typedarray": {
-      "version": "0.0.6",
-      "resolved": "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz",
-      "integrity": "sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c="
-    },
    "uglify-js": {
      "version": "2.8.29",
      "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.8.29.tgz",
      "integrity": "sha1-KcVzMUgFe7Th913zW3qcty5qWd0=",
      "requires": {
-        "source-map": "~0.5.1",
-        "uglify-to-browserify": "~1.0.0",
-        "yargs": "~3.10.0"
+        "source-map": "0.5.7",
+        "uglify-to-browserify": "1.0.2",
+        "yargs": "3.10.0"
      },
      "dependencies": {
        "source-map": {
@ -1464,7 +1382,7 @@
      "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.4.tgz",
      "integrity": "sha1-Otbzg2jG1MjHXsF2I/t5qh0HHYE=",
      "requires": {
-        "random-bytes": "~1.0.0"
+        "random-bytes": "1.0.0"
      }
    },
    "unpipe": {
@ -1510,7 +1428,7 @@
      "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz",
      "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==",
      "requires": {
-        "isexe": "^2.0.0"
+        "isexe": "2.0.0"
      }
    },
    "window-size": {
@ -1523,8 +1441,8 @@
      "resolved": "https://registry.npmjs.org/with/-/with-5.1.1.tgz",
      "integrity": "sha1-+k2qktrzLE6pTtRTyB8EaGtXXf4=",
      "requires": {
-        "acorn": "^3.1.0",
-        "acorn-globals": "^3.0.0"
+        "acorn": "3.3.0",
+        "acorn-globals": "3.1.0"
      }
    },
    "wordwrap": {
@ -1537,11 +1455,6 @@
      "resolved": "https://registry.npmjs.org/x-xss-protection/-/x-xss-protection-1.1.0.tgz",
      "integrity": "sha512-rx3GzJlgEeZ08MIcDsU2vY2B1QEriUKJTSiNHHUIem6eg9pzVOr2TL3Y4Pd6TMAM5D5azGjcxqI62piITBDHVg=="
    },
-    "xtend": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.1.tgz",
-      "integrity": "sha1-pcbVMr5lbiPbgg77lDofBJmNY68="
-    },
    "yallist": {
      "version": "2.1.2",
      "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz",
@ -1552,9 +1465,9 @@
      "resolved": "https://registry.npmjs.org/yargs/-/yargs-3.10.0.tgz",
      "integrity": "sha1-9+572FfdfB0tOMDnTvvWgdFDH9E=",
      "requires": {
-        "camelcase": "^1.0.2",
-        "cliui": "^2.1.0",
-        "decamelize": "^1.0.0",
+        "camelcase": "1.2.1",
+        "cliui": "2.1.0",
+        "decamelize": "1.2.0",
        "window-size": "0.1.0"
      }
    }
--- a/package.json
+++ b/package.json
@ -15,7 +15,6 @@
    "fs": "0.0.1-security",
    "helmet": "^3.13.0",
    "mongodb": "^3.2.2",
-    "multer": "^1.4.1",
    "path": "^0.12.7",
    "pug": "^2.0.3",
    "uuid": "^3.3.2"
--- a/server.js
+++ b/server.js
@ -28,8 +28,13 @@ const express  = require('express')
 		createParentPath: true,
 		safeFileNames: true,
 		preserveExtension: true,
-		limits: { fileSize: 1 * 1024 * 1024 },
-		abortOnLimit: true
+		limits: {
+			fileSize: 1 * 1024 * 1024,
+			files: 1
+		},
+		abortOnLimit: true,
+		useTempFile: true,
+		tempFileDir: path.join(__dirname+'/tmp/')
 	}));

 	// session store