From 0fd6e88496fffd4d5504dac80cba28010f69f405 Mon Sep 17 00:00:00 2001
From: Bilal Catic <bilal.catic@hotmail.com>
Date: Wed, 16 Oct 2019 12:49:58 +0200
Subject: [PATCH] redirect http to https

---
 app/helpers/forceSSL.js | 25 +++++++++++++++++++++++++
 index.js                |  2 ++
 2 files changed, 27 insertions(+)
 create mode 100644 app/helpers/forceSSL.js

diff --git a/app/helpers/forceSSL.js b/app/helpers/forceSSL.js
new file mode 100644
index 0000000..e1b0502
--- /dev/null
+++ b/app/helpers/forceSSL.js
@@ -0,0 +1,25 @@
+/**
+ * Force load with https on production environment
+ * https://devcenter.heroku.com/articles/http-routing#heroku-headers
+ */
+module.exports = function(environments, status) {
+  environments = environments || ["production"];
+  status = status || 301;
+  console.log("New force SSL ");
+  console.log("\tenvs : ", environments);
+  console.log("\tstatus: ", status);
+  console.log("\tENV : ", process.env.NODE_ENV);
+  return function(req, res, next) {
+    if (environments.indexOf(process.env.NODE_ENV) >= 0) {
+      if (req.headers["x-forwarded-proto"] !== "https") {
+        const urlToRedirectTo = `https://${req.hostname}${req.originalUrl}`;
+        console.log("\tRedirect :", urlToRedirectTo);
+        res.redirect(status, urlToRedirectTo);
+      } else {
+        next();
+      }
+    } else {
+      next();
+    }
+  };
+};
diff --git a/index.js b/index.js
index 3ac5a92..074099b 100644
--- a/index.js
+++ b/index.js
@@ -3,6 +3,7 @@ const path = require("path");
 const bodyParser = require("body-parser");
 const layout = require("express-layout");
 const compression = require("compression");
+const forceSSL = require("./app/helpers/forceSSL");
 
 const {
   APP_PORT,
@@ -17,6 +18,7 @@ const {
 
 const app = express();
 
+app.use(forceSSL());
 app.use(bodyParser.json());
 app.use(bodyParser.urlencoded({ extended: true }));
 
-- 
2.47.3