Normally, I use https.createServer method to server my node application over HTTPS, but in this case, I am not sure.
Apparently this is the code,
INDEX.JS
'use strict';
Object.defineProperty(exports, "__esModule", {
value: true
});
var _config = require('./config/config');
var _config2 = _interopRequireDefault(_config);
var _express = require('./config/express');
var _express2 = _interopRequireDefault(_express);
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
// config should be imported before importing any other file
var debug = require('debug')('ibs-backend:index');
// make bluebird default Promise
Promise = require('bluebird'); // eslint-disable-line no-global-assign
// module.parent check is required to support mocha watch
// src: https://github.com/mochajs/mocha/issues/1912
if (!module.parent) {
// listen on port config.port
_express2.default.listen(_config2.default.port, function () {
debug('server started on port ' + _config2.default.port + ' (' + _config2.default.env + ')');
});
}
exports.default = _express2.default;
module.exports = exports['default'];
//# sourceMappingURL=index.js.map
config/express.js
import express from 'express';
import expressJwt from 'express-jwt';
import logger from 'morgan';
import bodyParser from 'body-parser';
import cookieParser from 'cookie-parser';
import compress from 'compression';
import methodOverride from 'method-override';
import cors from 'cors';
import httpStatus from 'http-status';
import expressWinston from 'express-winston';
import expressValidation from 'express-validation';
import helmet from 'helmet';
import winstonInstance from './winston';
import routes from '../server/routes/index.route';
import config from './config';
import APIError from '../server/helpers/APIError';
const app = express();
if (config.env === 'development') {
app.use(logger('dev'));
}
/* Define the routes that work without a JWT token */
const allowedPaths = [
'/api/auth/token',
'/api/auth/token-fan',
'/api/auth/token-celebrity',
'/api/auth/token-host',
'/api/event/get-events-by-admin',
'/api/event/get-current-admin-event'
];
// parse body params and attache them to req.body
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(expressJwt({ secret: config.jwtSecret }).unless({ path: allowedPaths }));
app.use(cookieParser());
app.use(compress());
app.use(methodOverride());
// secure apps by setting various HTTP headers
app.use(helmet());
// enable CORS - Cross Origin Resource Sharing
app.use(cors());
// enable detailed API logging in dev env
if (config.env === 'development') {
expressWinston.requestWhitelist.push('body');
expressWinston.responseWhitelist.push('body');
app.use(expressWinston.logger({
winstonInstance,
meta: true, // optional: log meta data about request (defaults to true)
msg: 'HTTP {{req.method}} {{req.url}} {{res.statusCode}} {{res.responseTime}}ms',
colorStatus: true // Color the status code (default green, 3XX cyan, 4XX yellow, 5XX red).
}));
}
// mount all routes on /api path
app.use('/api', routes);
// if error is not an instanceOf APIError, convert it.
app.use((err, req, res, next) => {
if (err instanceof expressValidation.ValidationError) {
// validation error contains errors which is an array of error each containing message[]
const unifiedErrorMessage = err.errors.map(error => error.messages.join('. ')).join(' and ');
const error = new APIError(unifiedErrorMessage, err.status, true);
return next(error);
} else if (!(err instanceof APIError)) {
const apiError = new APIError(err.message, err.status, err.isPublic);
return next(apiError);
}
return next(err);
});
// catch 404 and forward to error handler
app.use((req, res, next) => {
const err = new APIError('API not found', httpStatus.NOT_FOUND);
return next(err);
});
// log error in winston transports except when executing test suite
if (config.env !== 'test') {
app.use(expressWinston.errorLogger({
winstonInstance
}));
}
// error handler, send stacktrace only during development
app.use((err, req, res, next) => // eslint-disable-line no-unused-vars
res.status(err.status).json({
message: err.isPublic ? err.message : httpStatus[err.status],
stack: config.env === 'development' ? err.stack : {}
})
);
export default app;
Normally, I can use letsencrypt ssl with nodejs applications like this
const options = {
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem')
};
https.createServer(options, (req, res) => {
res.writeHead(200);
res.end('Hello!\n');
}).listen(443);
But in this particular scenario, I cant understand, how to do it.
This is the github repository
Thanks for your replies in advance.
You could pass the express
app instance to https.createServer()
, since express was meant to be used this way.
// We need to import https!
const https = require("https");
// Or, like this
import https from "https";
// Define the key and certificate.
const options = {
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem')
};
// Then...
https.createServer(options, app).listen(443);
It should work the same as any other express app.
Here is a link for more information on that: https://expressjs.com/en/4x/api.html#app.listen
I have fixed this, by installing SSL through Nginx. I have included all certificates in Nginx site configuration and it worked very well.
Thank you for your help.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.