Can I configure expressjs to serve some pages over http and others over https?

Question

Based on the response to this question:

How do I configure nodejs/expressjs to serve pages over https?

I've been trying to set up the equivalent of:

var express = require('express');
var fs = require("fs");
var crypto = require('crypto');

var app = express.createServer();
var appSecure = express.createServer();
var privateKey = fs.readFileSync('privatekey.pem').toString();
var certificate = fs.readFileSync('certificate.pem').toString();
var credentials = crypto.createCredentials({key: privateKey, cert: certificate});
appSecure.setSecure(credentials);


app.get('/secretStuff', function(req,res) {
//redirect to https
}

appSecure.get('/secretStuff', function(req, res) {
//show you the secret stuff
}

Is this something that's doable with the current release of expressjs and node 2.4?

Answer 1

Yes, this can be done and it looks like you already have most of what you need. Just send the redirect in your app.get handler

app.get('/secretStuff', function(req,res) {
  res.redirect('https://' + req.header('Host') + req.url);
}

Also make sure you do something like app.listen(80) and appSecure.listen(443) to actually start the servers on the appropriate port. Otherwise be sure to construct the HTTPS URL with the correct port. For production, this thing is typically handled outside of your app server (node.js) with a reverse proxy like nginx. It is trivial to do this in nginx which will let your node.js process run as non-root and remove the need to have clients directly connecting to node.js, which is not as battle-hardened as nginx for serving live internect TCP connections (I'm paraphrasing Ryan Dahl himself here).