denmerc

Secure private web server with NodeJS

This article will explain how to set up a secure web server with NodeJS which only accepts connection from users with SSL certificates that you have signed. This is an efficient way to ensure that no other people are able to access the web server, without building a login system which will be significantly weaker.

I will not explain how to create a certificate authority (CA), create certificates or sign them. If you need to read up on this, have a look at this excelent article on how to do it with OpenSSL (Mac and Linux): https://help.ubuntu.com/community/OpenSSL#Practical_OpenSSL_Usage It is also possible to do this on a Mac with the keychain application, and I assume it is possible on a Windows machine aswell.

This architecture will allow you to have one web server communicating with an array of trusted clients, the web server itself can be on the public internet, that will not decrease the level of security, but it will only ser


	.buttons{
	border: 1px solid grey;
	-webkit-border-radius: 5px;
	-moz-border-radius: 5px;
	border-radius: 5px;
	height:84px;
	width:600px;
	overflow:hidden;
	}

	echo 'export PATH=$HOME/local/bin:$PATH' >> ~/.bashrc
	. ~/.bashrc
	mkdir ~/local
	mkdir ~/node-latest-install
	cd ~/node-latest-install
	curl http://nodejs.org/dist/node-latest.tar.gz \| tar xz --strip-components=1
	./configure --prefix=~/local
	make install # ok, fine, this step probably takes more than 30 seconds...
	curl https://npmjs.org/install.sh \| sh

	# Cookbook Name:: mongodb
	# Recipe:: default

	case node['platform']
	when "ubuntu"
	execute "apt-get update" do
	action :nothing
	end

	execute "add gpg key" do

	#!/usr/bin/env sh

	VBOX_LATEST_VERSION=$(curl http://download.virtualbox.org/virtualbox/LATEST.TXT)

	wget -c http://download.virtualbox.org/virtualbox/${VBOX_LATEST_VERSION}/VBoxGuestAdditions_${VBOX_LATEST_VERSION}.iso -O /tmp/VBoxGuestAdditions_${VBOX_LATEST_VERSION}.iso
	sudo mkdir -p /media/guestadditions ; sudo mount -o loop /tmp/VBoxGuestAdditions_${VBOX_LATEST_VERSION}.iso /media/guestadditions
	sudo /media/guestadditions/VBoxLinuxAdditions.run
	sudo umount /media/guestadditions && sudo rm -rf /tmp/VBoxGuestAdditions_$VBOX_VERSION.iso /media/guestadditions

	echo 'You may safely ignore the message that reads: "Could not find the X.Org or XFree86 Window System."'

	var mod = {};

	mod.AuthCtrl = [
	'$scope', 'requests401', '$http', 'Ping', '$location', function($scope, requests401, $http, Ping, $location) {
	var fadespeed = 300;

	$scope.user = {
	"username": "test",
	"password": "test"
	};

	-- Add Portable software to your msysgit-PATH --

	If you like to work with your *nix shell even under Windows, you'll
	likely use the git-bash provided by msysgit a lot.

	A problem might be, that you don't have your tools in the PATH of that
	shell and therefore can't use them. Those tools might be on the same
	USB-drive as the git-shell, so you would have to adjust the PATH
	(if you're allowed to) every time the drive-letter changes.

	var express = require('express');

	var app = express.createServer();

	app.configure('development', function () {
	app.use(express.logger());
	app.use(express.errorHandler({
	dumpExceptions: true,
	showStack: true
	}));

	// database.js
	sys = require('sys');

	var mongo = require('./lib/node-mongodb-native/lib/mongodb'),
	Connection = mongo.Connection,
	Server = mongo.Server,
	BSON = mongo.BSONNative;

	var host = process.env['MONGO_NODE_DRIVER_HOST'] != null ? process.env['MONGO_NODE_DRIVER_HOST'] : 'localhost';
	var port = process.env['MONGO_NODE_DRIVER_PORT'] != null ? process.env['MONGO_NODE_DRIVER_PORT'] : Connection.DEFAULT_PORT;