From 7cfce92c538bbd5cb5dc95e0ee3b7ce78959657e Mon Sep 17 00:00:00 2001 From: Tor Andersson Date: Tue, 1 Feb 2022 01:26:29 +0100 Subject: Redirect HTTP to HTTPS. --- server.js | 43 ++++++++++++++++++++++++++++--------------- 1 file changed, 28 insertions(+), 15 deletions(-) (limited to 'server.js') diff --git a/server.js b/server.js index 5cd511c..52ae0c6 100644 --- a/server.js +++ b/server.js @@ -12,9 +12,18 @@ const sqlite3 = require('better-sqlite3'); require('dotenv').config(); -const SITE_URL = process.env.SITE_URL || "http://localhost:8080"; -const SITE_NAME = process.env.SITE_NAME || "Untitled"; -const SITE_HOST = process.env.SITE_HOST; +let HTTP_PORT = process.env.HTTP_PORT || 8080; +let HTTPS_PORT = process.env.HTTPS_PORT; + +let SITE_HOST = process.env.SITE_HOST || "localhost"; +let SITE_NAME = process.env.SITE_NAME || "Untitled"; +let SITE_URL = process.env.SITE_URL; +if (!SITE_URL) { + if (HTTPS_PORT) + SITE_URL = "https://" + SITE_HOST + ":" + HTTPS_PORT; + else + SITE_URL = "http://" + SITE_HOST + ":" + HTTP_PORT; +} /* * Main database. @@ -56,7 +65,7 @@ const login_sql_delete = SQL("delete from logins where sid = ?"); const login_sql_touch = SQL("update logins set expires = julianday() + 28 where sid = ? and expires < julianday() + 27"); function make_cookie(sid, age) { - if (SITE_HOST) + if (SITE_HOST !== "localhost") return `login=${sid}; Path=/; Domain=${SITE_HOST}; Max-Age=${age}; HttpOnly`; return `login=${sid}; Path=/; Max-Age=${age}; HttpOnly`; } @@ -107,23 +116,27 @@ app.use(express.urlencoded({extended:false})); app.locals.SITE_NAME = SITE_NAME; app.locals.SITE_URL = SITE_URL; -let http_port = process.env.HTTP_PORT || 8080; -let http_server = http.createServer(app); -let http_wss = new WebSocketServer({server: http_server}); -http_server.keepAliveTimeout = 0; -http_server.listen(http_port, '0.0.0.0', () => console.log('listening HTTP on *:' + http_port)); -let wss = http_wss; +let wss; -let https_port = process.env.HTTPS_PORT; -if (https_port) { +if (HTTPS_PORT) { let https_server = https.createServer({ key: fs.readFileSync(process.env.SSL_KEY || "key.pem"), cert: fs.readFileSync(process.env.SSL_CERT || "cert.pem") }, app); - let https_wss = new WebSocketServer({server: https_server}); - https_server.listen(https_port, '0.0.0.0', () => console.log('listening HTTPS on *:' + https_port)); + wss = new WebSocketServer({server: https_server}); + https_server.listen(HTTPS_PORT, "0.0.0.0", () => console.log("Listening to HTTPS on *:" + HTTPS_PORT)); https_server.keepAliveTimeout = 0; - wss = { on: function (ev,fn) { http_wss.on(ev,fn); https_wss.on(ev,fn); } }; + + // Force HTTPS by redirecting HTTP. + let redirect_app = express(); + redirect_app.all("*", (req, res) => res.redirect(308, SITE_URL + req.url)); + let redirect_server = http.createServer(redirect_app); + redirect_server.listen(HTTP_PORT, "0.0.0.0", () => console.log("Redirecting from HTTP on *:" + HTTP_PORT)); +} else { + let http_server = http.createServer(app); + wss = new WebSocketServer({server: http_server}); + http_server.keepAliveTimeout = 0; + http_server.listen(HTTP_PORT, "0.0.0.0", () => console.log("Listening to HTTP on *:" + HTTP_PORT)); } /* -- cgit v1.2.3