We would like to secure various pages of our node.js boilerplate; we have in place a very crude but functioning login form. This post will demonstrate the steps involved in order to get forms authentication working over a secure channel using SSL/TLS.
Create a certificate using openssl
Follow the steps in the below post in order to create a certificate:
Create certificate using openssl
Simply create the following security options object using the certificates and key created from the above:
Now create a server via nodes http module and pass it the express server; binding the app.
Now change the login form to post via https and if you require socket.io on any of the secured pages (those under https); when you create the socket.io object; connect via https like so:
This post is part of a series of posts tagged under node-plates a boilerplate mobile/web application written in node.js, express, socket.io, mongooose, jquery.mobile & html 5.
You can grab this from github ->