Add: forceHttps (Closes #24)

config.js

@@ -14,6 +14,10 @@ const config =  {
   "sslPort": 8443,
   "sslKeyFile": false,
   "sslCertFile": false,
+  // Force redirect to https
+  // can be true or a specific url like https://example.com:8443
+  // keep empty to disable
+  "forceHttps": '',
   // retention options in seconds:label
   "retentions": {
     "one-time": "one time download",

lib/endpoints.js

@@ -32,6 +32,15 @@ if (config.accessLog) {
   app.use(morgan(config.accessLog));
 }
 
+if(config.forceHttps) {
+  app.enable('trust proxy');
+  app.use(function(req, res, next) {
+    if (req.secure) return next();
+    const target = config.forceHttps === 'true' ? 'https://' + req.headers.host : config.forceHttps;
+    res.redirect(target + req.url);
+  });
+}
+
 // Static files
 app.use('/app', express.static(path.join(__dirname, '../public/app')));
 app.use('/assets', express.static(path.join(__dirname, '../public/assets')));