From f62b580d460a97eb2dcceb9189040bd056f744ef Mon Sep 17 00:00:00 2001
From: Leonetienne <leon@etiennes.de>
Date: Fri, 8 Apr 2022 21:41:43 +0200
Subject: [PATCH] Implement https/ssl

---
 .gitignore        |  2 ++
 config.toml       |  7 +++++++
 package-lock.json |  8 ++++----
 package.json      |  2 +-
 readme.md         | 10 ++++++++++
 server.js         | 14 +++++++++-----
 6 files changed, 33 insertions(+), 10 deletions(-)
 create mode 100644 readme.md

diff --git a/.gitignore b/.gitignore
index 2003b28..2ff9464 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,5 @@
 /downloads/
 *index-*.html
 /node_modules/
+*.pem
+
diff --git a/config.toml b/config.toml
index aa4985e..289a67a 100644
--- a/config.toml
+++ b/config.toml
@@ -6,3 +6,10 @@ PASSWD_HASH = 'a3c1443b087cf5338d3696f6029fdf791ee4829a27e19c9f257a06ca0d88b5b51
 # Sessions stay valid this many seconds, if inactive. Default: 600 (=10 minutes)
 SESSION_DURATION = 600
 
+# The port the webserver runs on
+WEBSERVER_PORT = 443
+
+# SSL key and certificate (you have to generate these yourself)
+SSL_KEY_FILE = "key.pem"
+SSL_CERT_FILE = "cert.pem"
+
diff --git a/package-lock.json b/package-lock.json
index 666a788..0a2d96b 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -45,10 +45,10 @@
       "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz",
       "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA=="
     },
-    "http": {
-      "version": "0.0.1-security",
-      "resolved": "https://registry.npmjs.org/http/-/http-0.0.1-security.tgz",
-      "integrity": "sha512-RnDvP10Ty9FxqOtPZuxtebw1j4L/WiqNMDtuc1YMH1XQm5TgDRaR1G9u8upL6KD1bXHSp9eSXo/ED+8Q7FAr+g=="
+    "https": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/https/-/https-1.0.0.tgz",
+      "integrity": "sha1-PDfHrhqO65ZpBKKtHpdaGUt+06Q="
     },
     "imurmurhash": {
       "version": "0.1.4",
diff --git a/package.json b/package.json
index 332b826..ad9c747 100644
--- a/package.json
+++ b/package.json
@@ -11,7 +11,7 @@
   "license": "BSD-2-Clause",
   "dependencies": {
     "crypto": "^1.0.1",
-    "http": "0.0.1-security",
+    "https": "^1.0.0",
     "querystring": "^0.2.1",
     "session-file-store": "^1.5.0",
     "toml": "^3.0.0"
diff --git a/readme.md b/readme.md
new file mode 100644
index 0000000..1e9af0b
--- /dev/null
+++ b/readme.md
@@ -0,0 +1,10 @@
+# Sellery
+
+## How to generate your ssl pem files:
+```sh
+openssl genrsa -out key.pem
+openssl req -new -key key.pem -out csr.pem
+openssl x509 -req -days 9999 -in csr.pem -signkey key.pem -out cert.pem
+rm csr.pem
+```
+
diff --git a/server.js b/server.js
index 82295ba..a5a55e2 100755
--- a/server.js
+++ b/server.js
@@ -1,4 +1,4 @@
-var http = require('http');
+var https = require('https');
 var fs = require('fs');
 var path = require('path');
 var querystring = require('querystring');
@@ -203,7 +203,12 @@ function serverStaticFiles(request, response) {
   });
 }
 
-var server = http.createServer(function (request, response) {
+const serverOptions = {
+  key: fs.readFileSync(config.SSL_KEY_FILE),
+  cert: fs.readFileSync(config.SSL_CERT_FILE)
+};
+
+var server = https.createServer(serverOptions, function (request, response) {
   // Handle requests here...
   console.log(request.headers.referer);
 
@@ -230,7 +235,6 @@ var server = http.createServer(function (request, response) {
   }
 });
 
-const port = 80;
-server.listen(port);
-console.log('Node.js sellery server running and listening to port ' + port);
+server.listen(config.WEBSERVER_PORT);
+console.log('Node.js sellery server running and listening to port ' + config.WEBSERVER_PORT);