Skip to content
This repository has been archived by the owner on Aug 30, 2021. It is now read-only.

Commit

Permalink
Merge pull request #548 from jloveland/generate-sslcerts
Browse files Browse the repository at this point in the history
Add SSL support back into 0.4.0
  • Loading branch information
ilanbiala committed May 28, 2015
2 parents f24ce65 + 3e1d0b5 commit 3ea400f
Show file tree
Hide file tree
Showing 6 changed files with 72 additions and 49 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,4 @@ public/dist/
.idea/
uploads
modules/users/client/img/profile/uploads
*.pem
2 changes: 2 additions & 0 deletions config/env/production.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
'use strict';

module.exports = {
secure: true,
port: process.env.PORT || 8443,
db: process.env.MONGOHQ_URL || process.env.MONGOLAB_URI || 'mongodb://' + (process.env.DB_1_PORT_27017_TCP_ADDR || 'localhost') + '/mean',
facebook: {
clientID: process.env.FACEBOOK_ID || 'APP_ID',
Expand Down
1 change: 1 addition & 0 deletions config/lib/express.js
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ module.exports.initLocalVariables = function (app) {
// Setting application local variables
app.locals.title = config.app.title;
app.locals.description = config.app.description;
app.locals.secure = config.secure;
app.locals.keywords = config.app.keywords;
app.locals.googleAnalyticsTrackingID = config.app.googleAnalyticsTrackingID;
app.locals.facebookAppId = config.facebook.clientID;
Expand Down
99 changes: 57 additions & 42 deletions config/lib/socket.io.js
Original file line number Diff line number Diff line change
Expand Up @@ -2,60 +2,75 @@

// Load the module dependencies
var config = require('../config'),
path = require('path'),
path = require('path'),
fs = require('fs'),
http = require('http'),
https = require('https'),
cookieParser = require('cookie-parser'),
passport = require('passport'),
socketio = require('socket.io'),
session = require('express-session'),
MongoStore = require('connect-mongo')(session),
http = require('http');
session = require('express-session'),
MongoStore = require('connect-mongo')(session);

// Define the Socket.io configuration method
module.exports = function(app, db) {
// Create a new HTTP server
var server = http.createServer(app);
var server;
if (config.secure === true) {
// Load SSL key and certificate
var privateKey = fs.readFileSync('./config/sslcerts/key.pem', 'utf8');
var certificate = fs.readFileSync('./config/sslcerts/cert.pem', 'utf8');
var options = {
key: privateKey,
cert: certificate
};

// Create a new Socket.io server
var io = socketio.listen(server);
// Create new HTTPS Server
server = https.createServer(options, app);
} else {
// Create a new HTTP server
server = http.createServer(app);
}
// Create a new Socket.io server
var io = socketio.listen(server);

// Create a MongoDB storage object
var mongoStore = new MongoStore({
mongooseConnection: db.connection,
collection: config.sessionCollection
});
// Create a MongoDB storage object
var mongoStore = new MongoStore({
mongooseConnection: db.connection,
collection: config.sessionCollection
});

// Intercept Socket.io's handshake request
io.use(function(socket, next) {
// Use the 'cookie-parser' module to parse the request cookies
cookieParser(config.sessionSecret)(socket.request, {}, function(err) {
// Get the session id from the request cookies
var sessionId = socket.request.signedCookies['connect.sid'];

// Intercept Socket.io's handshake request
io.use(function(socket, next) {
// Use the 'cookie-parser' module to parse the request cookies
cookieParser(config.sessionSecret)(socket.request, {}, function(err) {
// Get the session id from the request cookies
var sessionId = socket.request.signedCookies['connect.sid'];

// Use the mongoStorage instance to get the Express session information
mongoStore.get(sessionId, function(err, session) {
// Set the Socket.io session information
socket.request.session = session;

// Use Passport to populate the user details
passport.initialize()(socket.request, {}, function() {
passport.session()(socket.request, {}, function() {
if (socket.request.user) {
next(null, true);
} else {
next(new Error('User is not authenticated'), false);
}
});
});
});
// Use the mongoStorage instance to get the Express session information
mongoStore.get(sessionId, function(err, session) {
// Set the Socket.io session information
socket.request.session = session;

// Use Passport to populate the user details
passport.initialize()(socket.request, {}, function() {
passport.session()(socket.request, {}, function() {
if (socket.request.user) {
next(null, true);
} else {
next(new Error('User is not authenticated'), false);
}
});
});
});
});
});

// Add an event listener to the 'connection' event
io.on('connection', function(socket) {
config.files.server.sockets.forEach(function(socketConfiguration) {
require(path.resolve(socketConfiguration))(io, socket);
});
// Add an event listener to the 'connection' event
io.on('connection', function(socket) {
config.files.server.sockets.forEach(function(socketConfiguration) {
require(path.resolve(socketConfiguration))(io, socket);
});
});

return server;
return server;
};
7 changes: 0 additions & 7 deletions generate-ssl-certs.sh

This file was deleted.

11 changes: 11 additions & 0 deletions scripts/generate-ssl-certs.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
#!/bin/bash
echo "Generating self-signed certificates..."
openssl genrsa -out ./config/sslcerts/key.pem -aes256 1024
openssl req -new -key ./config/sslcerts/key.pem -out ./config/sslcerts/csr.pem
openssl x509 -req -days 9999 -in ./config/sslcerts/csr.pem -signkey ./config/sslcerts/key.pem -out ./config/sslcerts/cert.pem
rm ./config/sslcerts/csr.pem
# resolve issue with bad password...
# Error: error:0906A068:PEM routines:PEM_do_header:bad password read
# reference: http://blog.mgechev.com/2014/02/19/create-https-tls-ssl-application-with-express-nodejs/
openssl rsa -in ./config/sslcerts/key.pem -out ./config/sslcerts/newkey.pem && mv ./config/sslcerts/newkey.pem ./config/sslcerts/key.pem
chmod 0400 ./config/sslcerts/key.pem ./config/sslcerts/cert.pem

0 comments on commit 3ea400f

Please sign in to comment.