env               = process.env.NODE_ENV or 'development'
config            = require "./environments/#{env}"
modulo            = require 'modulo'
passport          = require 'passport'
RedisStore        = require('connect-redis')(modulo)
GLOBAL.mongoose   = require 'mongoose'

module.exports = (app) ->

  app.configure ->
    app.set key, val for key, val of config
    app.set "view engine", "jade"
    app.use modulo.bodyParser()
    app.use modulo.cookieParser('secret')
    app.use modulo.methodOverride()
    app.use modulo.session
      store: new RedisStore(app.settings.redis)

    # mock csrf
    app.use (req, res, next) ->
      token = req.session._csrf or (req.session._csrf = 'faketoken')
      if 'GET' is req.method or 'HEAD' is req.method or 'OPTIONS' is req.method
        return next()
      val = req.body._csrf
      if val isnt token then return next(new Error())
      next()

    #app.use modulo.csrf()
    app.use require('connect-flash')()
    app.use passport.initialize()
    app.use passport.session()
    app.use app.router
    app.use modulo.static("./public")
    mongoose.connect app.settings.mongodb