From cbb07b05aa6606f81f2167065208ff26504a235d Mon Sep 17 00:00:00 2001 From: Mark Smith Date: Fri, 27 Jul 2018 18:53:51 +0700 Subject: [PATCH] Add SSL capability for connection to mongodb in production environment - Add mongoOptions containing SSL details to mongoose.connect - Upgrade mongoose from 4.4.10 to 5.2.5 - Upgrade mongoose-unique-validator from 1.0.2 to 2.0.1 --- app.js | 15 +++++++++++++-- package.json | 4 ++-- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/app.js b/app.js index 6eaf1ef6a..bab478511 100644 --- a/app.js +++ b/app.js @@ -8,7 +8,8 @@ var fs = require('fs'), cors = require('cors'), passport = require('passport'), errorhandler = require('errorhandler'), - mongoose = require('mongoose'); + mongoose = require('mongoose'), + fs = require('fs'); var isProduction = process.env.NODE_ENV === 'production'; @@ -31,8 +32,18 @@ if (!isProduction) { app.use(errorhandler()); } +const mongoOptions = {}; +if (parseInt(process.env.MONGODB_USESSL)) { + mongoOptions.ssl = true; + mongoOptions.user = process.env.MONGODB_USER; + mongoOptions.pass = process.env.MONGODB_PASS; + mongoOptions.sslKey = fs.readFileSync(process.env.MONGODB_SSLKEYFILE); + mongoOptions.sslCert = fs.readFileSync(process.env.MONGODB_SSLCERTFILE); + mongoOptions.sslCA = fs.readFileSync(process.env.MONGODB_SSLCAFILE); +} + if(isProduction){ - mongoose.connect(process.env.MONGODB_URI); + mongoose.connect(process.env.MONGODB_URI, mongoOptions); } else { mongoose.connect('mongodb://localhost/conduit'); mongoose.set('debug', true); diff --git a/package.json b/package.json index 62369452c..c648005dd 100644 --- a/package.json +++ b/package.json @@ -25,8 +25,8 @@ "jsonwebtoken": "7.1.9", "method-override": "2.3.5", "methods": "1.1.2", - "mongoose": "4.4.10", - "mongoose-unique-validator": "1.0.2", + "mongoose": "5.2.5", + "mongoose-unique-validator": "2.0.1", "morgan": "1.7.0", "passport": "0.3.2", "passport-local": "1.0.0",