Update content to latest markdown renderer.

concepts/authentication/facebook/index.html

@@ -142,8 +142,7 @@ <h5 data-control=""><i class="icon-budicon-461"></i><a href="/concepts/authentic
 <h2 id="install">Install</h2>
 <p>To install <code>passport-facebook</code>, execute the following command:</p>
 <pre><code class="bash">$ npm install passport-facebook
-</code></pre>
-<h2 id="configure">Configure</h2>
+</code></pre><h2 id="configure">Configure</h2>
 <p>Before your application can make use of Facebook Login, you must register your
 app with Facebook.  This can be done in the <a href="https://developers.facebook.com/apps">App dashboard</a>
 at <a href="https://developers.facebook.com/">Facebook for Developers</a>.  Once
@@ -172,7 +171,7 @@ <h2 id="configure">Configure</h2>
           profile.<span class="property">displayName</span>
         ], <span class="keyword">function</span>(<span class="params">err</span>) {
           <span class="keyword">if</span> (err) { <span class="keyword">return</span> <span class="title function_">cb</span>(err); }
-
+      
           <span class="keyword">var</span> id = <span class="variable language_">this</span>.<span class="property">lastID</span>;
           db.<span class="title function_">run</span>(<span class="string">&#x27;INSERT INTO federated_credentials (user_id, provider, subject) VALUES (?, ?, ?)&#x27;</span>, [
             id,
@@ -199,8 +198,7 @@ <h2 id="configure">Configure</h2>
     };
   }
 ));
-</code></pre>
-<p>The options to the <code>FacebookStrategy</code> constructor must include a <code>clientID</code> and
+</code></pre><p>The options to the <code>FacebookStrategy</code> constructor must include a <code>clientID</code> and
 <code>clientSecret</code>, the values of which are set to the app ID and secret that were
 obtained when registering your application.  A <code>callbackURL</code> must also be
 included.  Facebook will redirect users to this location after they have
@@ -232,18 +230,15 @@ <h2 id="prompt">Prompt</h2>
 <p>Place a button on the application&#39;s login page, prompting the user to sign in
 with Facebook.</p>
 <pre><code class="html"><span class="tag">&lt;<span class="name">a</span> <span class="attr">href</span>=<span class="string">&quot;/login/facebook&quot;</span> <span class="attr">class</span>=<span class="string">&quot;button&quot;</span>&gt;</span>Log In With Facebook<span class="tag">&lt;/<span class="name">a</span>&gt;</span>
-</code></pre>
-<p>Define a route that, when the button is clicked, will redirect the user to
+</code></pre><p>Define a route that, when the button is clicked, will redirect the user to
 Facebook, where they will authenticate.</p>
 <pre><code class="javascript">app.<span class="title function_">get</span>(<span class="string">&#x27;/login/facebook&#x27;</span>, passport.<span class="title function_">authenticate</span>(<span class="string">&#x27;facebook&#x27;</span>));
-</code></pre>
-<p>If your application needs additional permissions from the user, they can be
+</code></pre><p>If your application needs additional permissions from the user, they can be
 requested with the <code>scope</code> option:</p>
 <pre><code class="javascript">app.<span class="title function_">get</span>(<span class="string">&#x27;/login/facebook&#x27;</span>, passport.<span class="title function_">authenticate</span>(<span class="string">&#x27;facebook&#x27;</span>, {
   <span class="attr">scope</span>: [ <span class="string">&#x27;email&#x27;</span>, <span class="string">&#x27;user_location&#x27;</span> ]
 }));
-</code></pre>
-<h2 id="authenticate">Authenticate</h2>
+</code></pre><h2 id="authenticate">Authenticate</h2>
 <p>After the user has authenticated with Facebook, they will be redirected back
 to your application.  Define a route which will handle this redirect.</p>
 <pre><code><span class="selector-tag">app</span><span class="selector-class">.get</span>(<span class="string">&#x27;/oauth2/redirect/facebook&#x27;</span>,

concepts/authentication/google/index.html

@@ -142,8 +142,7 @@ <h5 data-control=""><i class="icon-budicon-461"></i><a href="/concepts/authentic
 <h2 id="install">Install</h2>
 <p>To install <code>passport-google-oidc</code>, execute the following command:</p>
 <pre><code class="bash">$ npm install passport-google-oidc
-</code></pre>
-<h2 id="configure">Configure</h2>
+</code></pre><h2 id="configure">Configure</h2>
 <p>Before your application can make use of Sign In With Google, you must register
 your app with Google.  This can be done in the <a href="https://console.cloud.google.com/apis">APIs &amp; Services</a>
 page of the <a href="https://console.cloud.google.com/">Google Cloud Platform console</a>.
@@ -172,7 +171,7 @@ <h2 id="configure">Configure</h2>
           profile.<span class="property">displayName</span>
         ], <span class="keyword">function</span>(<span class="params">err</span>) {
           <span class="keyword">if</span> (err) { <span class="keyword">return</span> <span class="title function_">cb</span>(err); }
-
+      
           <span class="keyword">var</span> id = <span class="variable language_">this</span>.<span class="property">lastID</span>;
           db.<span class="title function_">run</span>(<span class="string">&#x27;INSERT INTO federated_credentials (user_id, provider, subject) VALUES (?, ?, ?)&#x27;</span>, [
             id,
@@ -199,8 +198,7 @@ <h2 id="configure">Configure</h2>
     };
   }
 ));
-</code></pre>
-<p>The options to the <code>GoogleStrategy</code> constructor must include a <code>clientID</code> and
+</code></pre><p>The options to the <code>GoogleStrategy</code> constructor must include a <code>clientID</code> and
 <code>clientSecret</code>, the values of which are set to the client ID and secret that
 were obtained when registering your application.  A <code>callbackURL</code> must also be
 included.  Google will redirect users to this location after they have
@@ -231,18 +229,15 @@ <h2 id="prompt">Prompt</h2>
 <p>Place a button on the application&#39;s login page, prompting the user to sign in
 with Google.</p>
 <pre><code class="html"><span class="tag">&lt;<span class="name">a</span> <span class="attr">href</span>=<span class="string">&quot;/login/google&quot;</span> <span class="attr">class</span>=<span class="string">&quot;button&quot;</span>&gt;</span>Sign in with Google<span class="tag">&lt;/<span class="name">a</span>&gt;</span>
-</code></pre>
-<p>Define a route that, when the button is clicked, will redirect the user to
+</code></pre><p>Define a route that, when the button is clicked, will redirect the user to
 Google, where they will authenticate.</p>
 <pre><code class="javascript">app.<span class="title function_">get</span>(<span class="string">&#x27;/login/google&#x27;</span>, passport.<span class="title function_">authenticate</span>(<span class="string">&#x27;google&#x27;</span>));
-</code></pre>
-<p>If your application needs additional information about the user, that can be
+</code></pre><p>If your application needs additional information about the user, that can be
 requested with the <code>scope</code> option:</p>
 <pre><code class="javascript">app.<span class="title function_">get</span>(<span class="string">&#x27;/login/google&#x27;</span>, passport.<span class="title function_">authenticate</span>(<span class="string">&#x27;google&#x27;</span>, {
   <span class="attr">scope</span>: [ <span class="string">&#x27;email&#x27;</span> ]
 }));
-</code></pre>
-<h2 id="authenticate">Authenticate</h2>
+</code></pre><h2 id="authenticate">Authenticate</h2>
 <p>After the user has authenticated with Google, they will be redirected back
 to your application.  Define a route which will handle this redirect.</p>
 <pre><code><span class="selector-tag">app</span><span class="selector-class">.get</span>(<span class="string">&#x27;/oauth2/redirect/google&#x27;</span>,

concepts/authentication/http-basic/index.html

@@ -134,7 +134,7 @@ <h5 data-control=""><i class="icon-budicon-461"></i><a href="/concepts/authentic
             </nav>
           </div><a id="go-top" href="#top"><i class="icon-budicon-462"></i></a>
           <div class="contents">
-            <section class="chapter"><h1 id="basic-digest">Basic &amp; Digest</h1>
+            <section class="chapter"><h1 id="basic--digest">Basic &amp; Digest</h1>
 <p>Along with defining HTTP&#39;s authentication framework, <a href="http://tools.ietf.org/html/rfc2617">RFC 2617</a>
 also defined the Basic and Digest authentications schemes.  These two schemes
 both use usernames and passwords as credentials to authenticate users, and are
@@ -147,8 +147,7 @@ <h5 data-control=""><i class="icon-budicon-461"></i><a href="/concepts/authentic
 module.</p>
 <h2 id="install">Install</h2>
 <pre><code class="bash">$ npm install passport-http
-</code></pre>
-<h3 id="basic">Basic</h3>
+</code></pre><h3 id="basic">Basic</h3>
 <p>The Basic scheme uses a username and password to authenticate a user.  These
 credentials are transported in plain text, so it is advised to use HTTPS when
 implementing this scheme.</p>
@@ -163,23 +162,21 @@ <h2 id="configuration">Configuration</h2>
     });
   }
 ));
-</code></pre>
-<p>The verify callback for Basic authentication accepts <code>username</code> and <code>password</code>
+</code></pre><p>The verify callback for Basic authentication accepts <code>username</code> and <code>password</code>
 arguments.</p>
 <h2 id="protect-endpoints">Protect Endpoints</h2>
 <pre><code class="javascript">app.<span class="title function_">get</span>(<span class="string">&#x27;/api/me&#x27;</span>,
   passport.<span class="title function_">authenticate</span>(<span class="string">&#x27;basic&#x27;</span>, { <span class="attr">session</span>: <span class="literal">false</span> }),
   <span class="keyword">function</span>(<span class="params">req, res</span>) {
     res.<span class="title function_">json</span>(req.<span class="property">user</span>);
   });
-</code></pre>
-<p>Specify <code>passport.authenticate()</code> with the <code>basic</code> strategy to protect API
+</code></pre><p>Specify <code>passport.authenticate()</code> with the <code>basic</code> strategy to protect API
 endpoints.  Sessions are not typically needed by APIs, so they can be disabled.</p>
 <h3 id="digest">Digest</h3>
 <p>The Digest scheme uses a username and password to authenticate a user.  Its
 primary benefit over Basic is that it uses a challenge-response paradigm to
 avoid sending the password in the clear.</p>
-<h2 id="configuration">Configuration</h2>
+<h2 id="configuration-1">Configuration</h2>
 <pre><code class="javascript">passport.<span class="title function_">use</span>(<span class="keyword">new</span> <span class="title class_">DigestStrategy</span>({ <span class="attr">qop</span>: <span class="string">&#x27;auth&#x27;</span> },
   <span class="keyword">function</span>(<span class="params">username, done</span>) {
     <span class="title class_">User</span>.<span class="title function_">findOne</span>({ <span class="attr">username</span>: username }, <span class="keyword">function</span> (<span class="params">err, user</span>) {
@@ -193,22 +190,20 @@ <h2 id="configuration">Configuration</h2>
     <span class="title function_">done</span>(<span class="literal">null</span>, <span class="literal">true</span>)
   }
 ));
-</code></pre>
-<p>The Digest strategy utilizes two callbacks, the second of which is optional.</p>
+</code></pre><p>The Digest strategy utilizes two callbacks, the second of which is optional.</p>
 <p>The first callback, known as the &quot;secret callback&quot; accepts the username and
 calls <code>done</code> supplying a user and the corresponding secret password.  The
 password is used to compute a hash, and authentication fails if it does not
 match that contained in the request.</p>
 <p>The second &quot;validate callback&quot; accepts nonce related params, which can be
 checked to avoid replay attacks.</p>
-<h2 id="protect-endpoints">Protect Endpoints</h2>
+<h2 id="protect-endpoints-1">Protect Endpoints</h2>
 <pre><code class="javascript">app.<span class="title function_">get</span>(<span class="string">&#x27;/api/me&#x27;</span>,
   passport.<span class="title function_">authenticate</span>(<span class="string">&#x27;digest&#x27;</span>, { <span class="attr">session</span>: <span class="literal">false</span> }),
   <span class="keyword">function</span>(<span class="params">req, res</span>) {
     res.<span class="title function_">json</span>(req.<span class="property">user</span>);
   });
-</code></pre>
-<p>Specify <code>passport.authenticate()</code> with the <code>digest</code> strategy to protect API
+</code></pre><p>Specify <code>passport.authenticate()</code> with the <code>digest</code> strategy to protect API
 endpoints.  Sessions are not typically needed by APIs, so they can be disabled.</p>
 </section>
           </div>

concepts/authentication/http-bearer/index.html

@@ -134,7 +134,7 @@ <h5 data-control=""><i class="icon-budicon-461"></i><a href="/concepts/authentic
             </nav>
           </div><a id="go-top" href="#top"><i class="icon-budicon-462"></i></a>
           <div class="contents">
-            <section class="chapter"><h1 id="oauth-2-0">OAuth 2.0</h1>
+            <section class="chapter"><h1 id="oauth-20">OAuth 2.0</h1>
 <p>OAuth 2.0 (formally specified by <a href="http://tools.ietf.org/html/rfc6749">RFC 6749</a>)
 provides an authorization framework which allows users to authorize access to
 third-party applications.  When authorized, the application is issued a token to
@@ -180,8 +180,7 @@ <h2 id="bearer-tokens">Bearer Tokens</h2>
 module.</p>
 <h2 id="install">Install</h2>
 <pre><code class="bash">$ npm install passport-http-bearer
-</code></pre>
-<h2 id="configuration">Configuration</h2>
+</code></pre><h2 id="configuration">Configuration</h2>
 <pre><code class="javascript">passport.<span class="title function_">use</span>(<span class="keyword">new</span> <span class="title class_">BearerStrategy</span>(
   <span class="keyword">function</span>(<span class="params">token, done</span>) {
     <span class="title class_">User</span>.<span class="title function_">findOne</span>({ <span class="attr">token</span>: token }, <span class="keyword">function</span> (<span class="params">err, user</span>) {
@@ -191,8 +190,7 @@ <h2 id="configuration">Configuration</h2>
     });
   }
 ));
-</code></pre>
-<p>The verify callback for bearer tokens accepts the <code>token</code> as an argument.
+</code></pre><p>The verify callback for bearer tokens accepts the <code>token</code> as an argument.
 When invoking <code>done</code>, optional <code>info</code> can be passed, which will be set by
 Passport at <code>req.authInfo</code>.  This is typically used to convey the scope of the
 token, and can be used when making access control checks.</p>
@@ -202,8 +200,7 @@ <h2 id="protect-endpoints">Protect Endpoints</h2>
   <span class="keyword">function</span>(<span class="params">req, res</span>) {
     res.<span class="title function_">json</span>(req.<span class="property">user</span>);
   });
-</code></pre>
-<p>Specify <code>passport.authenticate()</code> with the <code>bearer</code> strategy to protect API
+</code></pre><p>Specify <code>passport.authenticate()</code> with the <code>bearer</code> strategy to protect API
 endpoints.  Sessions are not typically needed by APIs, so they can be disabled.</p>
 </section>
           </div>

concepts/authentication/http-oauth/index.html

@@ -171,8 +171,7 @@ <h2 id="authenticating-tokens">Authenticating Tokens</h2>
 module.</p>
 <h2 id="install">Install</h2>
 <pre><code class="bash">$ npm install passport-http-oauth
-</code></pre>
-<h2 id="configuration">Configuration</h2>
+</code></pre><h2 id="configuration">Configuration</h2>
 <pre><code class="javascript">passport.<span class="title function_">use</span>(<span class="string">&#x27;token&#x27;</span>, <span class="keyword">new</span> <span class="title class_">TokenStrategy</span>(
   <span class="keyword">function</span>(<span class="params">consumerKey, done</span>) {
     <span class="title class_">Consumer</span>.<span class="title function_">findOne</span>({ <span class="attr">key</span>: consumerKey }, <span class="keyword">function</span> (<span class="params">err, consumer</span>) {
@@ -199,8 +198,7 @@ <h2 id="configuration">Configuration</h2>
     <span class="title function_">done</span>(<span class="literal">null</span>, <span class="literal">true</span>)
   }
 ));
-</code></pre>
-<p>In contrast to other strategies, there are two callbacks required by OAuth.  In
+</code></pre><p>In contrast to other strategies, there are two callbacks required by OAuth.  In
 OAuth, both an identifier for the requesting application and the user-specific
 token are encoded as credentials.</p>
 <p>The first callback is known as the &quot;consumer callback&quot;, and is used to find the
@@ -217,8 +215,7 @@ <h2 id="protect-endpoints">Protect Endpoints</h2>
   <span class="keyword">function</span>(<span class="params">req, res</span>) {
     res.<span class="title function_">json</span>(req.<span class="property">user</span>);
   });
-</code></pre>
-<p>Specify <code>passport.authenticate()</code> with the <code>token</code> strategy to protect API
+</code></pre><p>Specify <code>passport.authenticate()</code> with the <code>token</code> strategy to protect API
 endpoints.  Sessions are not typically needed by APIs, so they can be disabled.</p>
 </section>
           </div>

concepts/authentication/index.html

@@ -158,8 +158,7 @@ <h5 data-control=""><i class="icon-budicon-461"></i><a href="/concepts/authentic
 of any of these authentication mechanisms.  Passport reduces the complexity of
 authenticating a request to a simple statement:</p>
 <pre><code class="javascript">app.<span class="title function_">post</span>(<span class="string">&#x27;/login/password&#x27;</span>, passport.<span class="title function_">authenticate</span>(<span class="string">&#x27;local&#x27;</span>));
-</code></pre>
-<p>Hidden behind that simple statement are three fundamental concepts:</p>
+</code></pre><p>Hidden behind that simple statement are three fundamental concepts:</p>
 <ol>
 <li>Middleware</li>
 <li>Strategies</li>

concepts/authentication/login/index.html

@@ -141,8 +141,7 @@ <h5 data-control=""><i class="icon-budicon-461"></i><a href="/concepts/authentic
   <span class="keyword">if</span> (err) { <span class="keyword">return</span> <span class="title function_">next</span>(err); }
   <span class="keyword">return</span> res.<span class="title function_">redirect</span>(<span class="string">&#x27;/users/&#x27;</span> + req.<span class="property">user</span>.<span class="property">username</span>);
 });
-</code></pre>
-<p>When the login operation completes, <code>user</code> will be assigned to <code>req.user</code>.</p>
+</code></pre><p>When the login operation completes, <code>user</code> will be assigned to <code>req.user</code>.</p>
 <p>Note: <code>passport.authenticate()</code> middleware invokes <code>req.login()</code> automatically.
 This function is primarily used when users sign up, during which <code>req.login()</code>
 can be invoked to automatically log in the newly registered user.</p>

concepts/authentication/logout/index.html

@@ -147,8 +147,7 @@ <h5 data-control=""><i class="icon-budicon-461"></i><a href="/concepts/authentic
     res.<span class="title function_">redirect</span>(<span class="string">&#x27;/&#x27;</span>);
   });
 });
-</code></pre>
-</section>
+</code></pre></section>
           </div>
         </div>
       </div>

concepts/authentication/middleware/index.html

@@ -146,8 +146,7 @@ <h5 data-control=""><i class="icon-budicon-461"></i><a href="/concepts/authentic
   <span class="keyword">function</span>(<span class="params">req, res</span>) {
     res.<span class="title function_">redirect</span>(<span class="string">&#x27;/~&#x27;</span> + req.<span class="property">user</span>.<span class="property">username</span>);
   });
-</code></pre>
-<p>In this route, <code>passport.authenticate()</code> is <a href="https://expressjs.com/en/guide/using-middleware.html">middleware</a>
+</code></pre><p>In this route, <code>passport.authenticate()</code> is <a href="https://expressjs.com/en/guide/using-middleware.html">middleware</a>
 which will authenticate the request.  By default, when authentication succeeds,
 the <code>req.user</code> property is set to the authenticated user, a login session is
 established, and the next function in the stack is called.  This next function