From abb5a99c34c274d4fdfcecc3747da2a4f3ad4c57 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pedro=20Narciso=20Garc=C3=ADa=20Revington?=
 <p.revington@gmail.com>
Date: Sat, 20 Oct 2012 17:45:28 +0200
Subject: [PATCH] Example update

---
 README.md | 55 +++++++++++++++++++++++--------------------------------
 1 file changed, 23 insertions(+), 32 deletions(-)

diff --git a/README.md b/README.md
index 64f1021..9c1cae4 100644
--- a/README.md
+++ b/README.md
@@ -1,39 +1,30 @@
 [![build status](https://secure.travis-ci.org/revington/connect-bruteforce.png)](http://travis-ci.org/revington/connect-bruteforce)
 # connect-bruteforce
 
-> A connect middleware to prevent bruteforce.
+> A connect middleware to prevent brute force by delaying responses.
 
-## Example:
-
-```js
-// A simple application
-// we want to require a captcha validation after 3 
-// failed login attemts. 
-
-// We want to introduce a delay in server response.
-// Each failed login increments delay by 2 seconds. 
-// With a maximun delay of 30 seconds.
-
-var bruteForce = new (require('connect-bruteforce'))({banFactor: 2000, banMax: 30000});
-
-/*...*/
-
-app.post('/login', bruteForce.prevent, function(req,res){
-	var useCaptcha = res.delay && res.delay.counter > 3;
-	if(req.body.login === 'user' && req.body.password === 'root' && (!useCaptcha || testCaptcha(req))){
-		// just in case client was already banned
-		bruteForce.unban(req);
-		// set user in session and bla, bla, bla…
-		res.render('members');
-	}else{
-		bruteForce.ban(req);
-	}
-	res.render('login', {badLogin: true, useCaptcha: useCaptcha});
-});
-
-/*...*/
-
-```
 ## Install 
 	$ npm install connect-bruteforce
 
+## Usage (express)
+
+	// See examples/express-hello-world/index.js
+	var loginBruteforce = require('connect-bruteforce')();
+
+	app.get('/login', function (req, res) {
+    	res.render('login');
+	});
+	app.post('/login', loginBruteForce.prevent, function (req, res, next) {
+    	authenticate(req.body.username, req.body.password, function (err, user) {
+        	if (user) {
+            	req.session.user = user;
+            	loginBruteForce.unban(req);
+            	req.session.success = 'Authenticated as ' + user + ' click to <a href="/logout">logout</a>. ' + ' You may now access <a href="/restricted">/restricted</a>.';
+            	res.redirect('back');
+        	} else {
+            	loginBruteForce.ban(req);
+            	req.session.error = 'Authentication failed. Hint u: root, p: root';
+            	res.redirect('login');
+        	}
+    	});
+	});