如何为以下设置安装 SSL(React 前端 + Nodejs 后端 + 自定义域 Heroku)
[英]How to install SSL for the following setup (React Frontend + Nodejs Backend + Custom Domain Heroku)
问题描述
General information about my setup
关于我的设置的一般信息
Currently I am building a web application using react and a nodejs API that is providing the data for this web application.目前,我正在使用react和nodejs API 构建一个 Web 应用程序,该 API 为该 Web 应用程序提供数据。 Both apps are hosted on heroku.com and run independently from each other.这两个应用程序都托管在heroku.com 上,并且彼此独立运行。 I have bought a custom domain from a different hosting provider and used the heroku custom domain option to point the DNS to my website.我从不同的托管服务提供商那里购买了一个自定义域,并使用heroku 自定义域选项将 DNS 指向我的网站。
Technical details about my setup
- NodeJS server: Express
- NodeJS version: v10.15.0
- React version: v16.2.0
- Custom domain: www.tabbs.nl
- Heroku domain: tabbs-web-app.herokuapp.com
The issue I am experiencing我遇到的问题
I have been digging into a lot of documentation and tutorials in order to setup SSL for react / NodeJS but couldn't find a decent tutorial about how to set SSL / security for my setup.我一直在研究很多文档和教程,以便为 react/NodeJS 设置 SSL,但找不到关于如何为我的设置设置 SSL/安全性的体面教程。
Tutorials I already have read:我已经读过的教程:
- Node + Express + Lets Encrypt Node + Express + Lets Encrypt
- How to use SSL/TLS with nodejs 如何在 nodejs 中使用 SSL/TLS
- Stack overflow posts and probably a whole lot more I am forgetting right now.堆栈溢出帖子,可能还有更多我现在忘记了。
What do I want to achieve?我想达到什么目标?
The goal I would like to achieve is setting up a secure connection between React web application (frontend) and NodeJS API (backend) so that all data between those is encrypted and safe.我想要实现的目标是在 React Web 应用程序(前端)和 NodeJS API(后端)之间建立安全连接,以便它们之间的所有数据都是加密和安全的。 Also I want my custom domain (bought by a different hosting provider than Heroku) to be secure and forced using https.此外,我希望我的自定义域(由与 Heroku 不同的托管服务提供商购买)安全并强制使用 https。
For any questions or additional information please do not hesitate to ask!如有任何问题或其他信息,请随时提问!
2 个解决方案
解决方案1
1 2019-01-03 02:58:37
Have you tried using the https module in node?您是否尝试过在节点中使用 https 模块?
You can do something like this:你可以这样做:
var express = require('express');
var https = require('https');
var http = require('http');
var app = express();
http.createServer(app).listen(80);
https.createServer(options, app).listen(443);
The app returned by express() is in fact a JavaScript Function, designed to be passed to Node's HTTP servers as a callback to handle requests. express() 返回的应用程序实际上是一个 JavaScript 函数,旨在作为回调传递给 Node 的 HTTP 服务器来处理请求。 This makes it easy to provide both HTTP and HTTPS versions of your app with the same code base, as the app does not inherit from these (it is simply a callback.这使您可以轻松地为您的应用程序的 HTTP 和 HTTPS 版本提供相同的代码库,因为应用程序不会从这些版本继承(它只是一个回调。
If you are using create react app, open your terminal and type “npm run build”.如果您使用的是 create react app,请打开您的终端并输入“npm run build”。 This creates a build folder with all of your static files.这将创建一个包含所有静态文件的构建文件夹。
Now go back to your node backend service and add the following:现在返回到您的节点后端服务并添加以下内容:
var express = require('express');
var path = require('path');
var https = require('https');
var http = require('http');
var app = express();
const options = {
key: fs.readFileSync("/srv/www/keys/my-site-key.pem"),
cert: fs.readFileSync("/srv/www/keys/chain.pem")
};
http.createServer(app).listen(80);
https.createServer(options, app).listen(443);
app.use(express.static(path.join(__dirname, 'build')));
app.get('/', function(req, res) {
res.sendFile(path.join(__dirname, 'build', 'index.html'));
});
If you're using react router to handle routing for you web app then you would amend the GET request as such:如果您使用 react router 为您的 web 应用程序处理路由,那么您将修改 GET 请求,如下所示:
var express = require('express');
const path = require('path');
var https = require('https');
var http = require('http');
var app = express();
const options = {
key: fs.readFileSync("/srv/www/keys/my-site-key.pem"),
cert: fs.readFileSync("/srv/www/keys/chain.pem")
};
http.createServer(app).listen(80);
https.createServer(options, app).listen(443);
app.use(express.static(path.join(__dirname, 'build')));
app.get('/*', function(req, res) {
res.sendFile(path.join(__dirname, 'build', 'index.html'));
});
解决方案2
0 2020-04-05 10:39:46
This ain't a complex issue, do not worry about ssl, just create your own certificate for Node.JS/Express and that's enough.这不是一个复杂的问题,不用担心 ssl,只需为 Node.JS/Express 创建您自己的证书就足够了。
and, React has a built-in way of doing api calls,并且,React 有一个内置的 API 调用方式,
add this line to package.json of your React installation,将此行添加到 React 安装的 package.json 中,
"proxy": "http://localhost:8000/"
and just call the api service like this,然后像这样调用 api 服务,
//Generic API Call
callApi = async () => {
const response = await fetch('/api/hello');
const body = await response.json();
if (response.status !== 200) throw Error(body.message);
return body;
};
// A Submit handler to proxy
handleSubmit = async e => {
e.preventDefault();
const response = await fetch('/api/myrequest', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({ post: this.state.post }),
});
const body = await response.text();
this.setState({ responseToPost: body });
};
it all works.一切正常。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.