From cb17eb1433a8a805aa10490fa081c99210fbee19 Mon Sep 17 00:00:00 2001
From: stringsplit <77242831+nbitzz@users.noreply.github.com>
Date: Sun, 1 Oct 2023 10:31:18 -0700
Subject: [PATCH 1/3] initial: force-ssl

---
 config.json         | 4 +++-
 src/server/index.ts | 8 ++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/config.json b/config.json
index 3409ed3..a8b6a96 100644
--- a/config.json
+++ b/config.json
@@ -24,5 +24,7 @@
         "send": {
             "from": "mono@fyle.uk"
         }
-    }
+    },
+
+    "forceSSL": true
 }
\ No newline at end of file
diff --git a/src/server/index.ts b/src/server/index.ts
index 89f4fe6..d5a7b53 100644
--- a/src/server/index.ts
+++ b/src/server/index.ts
@@ -28,6 +28,14 @@ app.use("/static/js",express.static("out/client"))
 
 app.use(cookieParser())
 
+// check for ssl, if not redirect
+if (config.forceSSL) {
+    app.use((req,res,next) => {
+        if (!req.secure) res.redirect(`https://${req.get("host")}${req.originalUrl}`)
+        else next()
+    })
+}
+
 app.get("/server",(req,res) => {
     res.send(JSON.stringify({
         ...config,

From 1d387de3dd7673c4146189d48b7fa11795a58a06 Mon Sep 17 00:00:00 2001
From: stringsplit <77242831+nbitzz@users.noreply.github.com>
Date: Sun, 1 Oct 2023 10:40:03 -0700
Subject: [PATCH 2/3] force-ssl: switch to req.protocol?

---
 src/server/index.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/server/index.ts b/src/server/index.ts
index d5a7b53..b259b11 100644
--- a/src/server/index.ts
+++ b/src/server/index.ts
@@ -31,7 +31,7 @@ app.use(cookieParser())
 // check for ssl, if not redirect
 if (config.forceSSL) {
     app.use((req,res,next) => {
-        if (!req.secure) res.redirect(`https://${req.get("host")}${req.originalUrl}`)
+        if (req.protocol == "http") res.redirect(`https://${req.get("host")}${req.originalUrl}`)
         else next()
     })
 }

From 3bf0e7491a09bc5e1d9f3d5bda1ebcbb9945e901 Mon Sep 17 00:00:00 2001
From: stringsplit <77242831+nbitzz@users.noreply.github.com>
Date: Sun, 1 Oct 2023 10:50:05 -0700
Subject: [PATCH 3/3] force-ssl: trustproxy

---
 config.json         | 1 +
 src/server/index.ts | 1 +
 2 files changed, 2 insertions(+)

diff --git a/config.json b/config.json
index a8b6a96..985642f 100644
--- a/config.json
+++ b/config.json
@@ -26,5 +26,6 @@
         }
     },
 
+    "trustProxy": true,
     "forceSSL": true
 }
\ No newline at end of file
diff --git a/src/server/index.ts b/src/server/index.ts
index b259b11..05eaeb8 100644
--- a/src/server/index.ts
+++ b/src/server/index.ts
@@ -29,6 +29,7 @@ app.use("/static/js",express.static("out/client"))
 app.use(cookieParser())
 
 // check for ssl, if not redirect
+if (config.trustProxy) app.enable("trust proxy")
 if (config.forceSSL) {
     app.use((req,res,next) => {
         if (req.protocol == "http") res.redirect(`https://${req.get("host")}${req.originalUrl}`)