From 73260b22214a8c95f39bd39ba6db8b6101dd9b14 Mon Sep 17 00:00:00 2001
From: Alex Kern <alex@kern.io>
Date: Sun, 18 Oct 2015 22:45:19 -0700
Subject: [PATCH] Use SSL.

---
 .gitignore    |  3 +++
 lib/server.js | 21 +++++++++++++++++++--
 package.json  |  1 +
 3 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/.gitignore b/.gitignore
index e4fa392..f0eda12 100644
--- a/.gitignore
+++ b/.gitignore
@@ -34,3 +34,6 @@ css/index.css
 
 # New Relic
 newrelic.js
+
+# SSL Keys
+*.pem
diff --git a/lib/server.js b/lib/server.js
index fbc74f1..2033dd1 100644
--- a/lib/server.js
+++ b/lib/server.js
@@ -1,15 +1,30 @@
 var db = require('./db')
 var express = require('express')
 var expressWinston = require('express-winston')
+var forceSSL = require('express-force-ssl')
 var fs = require('fs')
 var http = require('http')
+var https = require('https')
 var ice = require('./ice')
 var path = require('path')
 var socketIO = require('socket.io')
 var winston = require('winston')
 
 var app = express()
-var server = http.Server(app)
+
+if (process.env.SECURE) {
+  var server = https.Server({
+    key: fs.readFileSync(process.env.SSL_KEY || 'key.pem'),
+    cert: fs.readFileSync(process.env.SSL_CERT || 'cert.pem')
+  }, app)
+  var port = process.env.PORT || 443
+  var insecurePort = process.env.INSECURE_PORT || 80
+  http.Server(app).listen(80)
+} else {
+  var server = http.Server(app)
+  var port = process.env.PORT || (process.env.NODE_ENV === 'production' ? 80 : 3000)
+}
+
 var io = socketIO(server)
 
 var logDir = path.resolve(__dirname, '../log')
@@ -31,7 +46,7 @@ server.on('error', function (err) {
   process.exit(1)
 })
 
-server.listen(process.env.PORT || 3000, function (err) {
+server.listen(port, function (err) {
   var host = server.address().address
   var port = server.address().port
   console.log('FilePizza listening on %s:%s', host, port)
@@ -42,6 +57,8 @@ app.use(expressWinston.logger({
   expressFormat: true
 }))
 
+app.use(forceSSL)
+
 app.get('/js', require('./middleware/javascript'))
 app.get('/css', require('./middleware/css'))
 app.use(require('./middleware/static'))
diff --git a/package.json b/package.json
index abaf5d3..ede0375 100644
--- a/package.json
+++ b/package.json
@@ -28,6 +28,7 @@
     "alt": "^0.14.4",
     "classnames": "^1.2.0",
     "express": "^4.12.0",
+    "express-force-ssl": "^0.3.0",
     "express-winston": "^0.3.1",
     "filepizza-socket": "^1.0.0",
     "newrelic": "^1.21.1",