From 5f97897418b1286bd73ad30b02f3e0d5c8a8f45e Mon Sep 17 00:00:00 2001
From: Tom Moor <tom.moor@gmail.com>
Date: Sun, 4 Nov 2018 10:15:37 -0800
Subject: [PATCH] SSLify

---
 package.json    | 1 +
 server/index.js | 8 ++++++++
 yarn.lock       | 4 ++++
 3 files changed, 13 insertions(+)

diff --git a/package.json b/package.json
index cfd559dd..5a217c0a 100644
--- a/package.json
+++ b/package.json
@@ -127,6 +127,7 @@
     "koa-router": "7.0.1",
     "koa-sendfile": "2.0.0",
     "koa-static": "^4.0.1",
+    "koa-sslify": "2.1.2",
     "localforage": "^1.5.0",
     "lodash": "^4.17.4",
     "mobx": "^3.1.9",
diff --git a/server/index.js b/server/index.js
index 4439c4c6..9b5582a6 100644
--- a/server/index.js
+++ b/server/index.js
@@ -3,6 +3,7 @@ import compress from 'koa-compress';
 import { contentSecurityPolicy } from 'koa-helmet';
 import logger from 'koa-logger';
 import mount from 'koa-mount';
+import enforceHttps from 'koa-sslify';
 import Koa from 'koa';
 import bugsnag from 'bugsnag';
 import onerror from 'koa-onerror';
@@ -70,6 +71,13 @@ if (process.env.NODE_ENV === 'development') {
 
   app.use(mount('/emails', emails));
 } else if (process.env.NODE_ENV === 'production') {
+  // Force HTTPS on all pages
+  app.use(
+    enforceHttps({
+      trustProtoHeader: true,
+    })
+  );
+
   // trust header fields set by our proxy. eg X-Forwarded-For
   app.proxy = true;
 
diff --git a/yarn.lock b/yarn.lock
index 1c0e06b8..1cf22515 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -5881,6 +5881,10 @@ koa-sendfile@2.0.0:
     etag "^1.5.1"
     mz "2"
 
+koa-sslify@2.1.2:
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/koa-sslify/-/koa-sslify-2.1.2.tgz#8947fd53949d69d539607814097863c1ecf38f30"
+
 koa-static@^4.0.1:
   version "4.0.1"
   resolved "https://registry.npmjs.org/koa-static/-/koa-static-4.0.1.tgz#b99521ed848d7adb79acae9c824d8d8277a8c4d5"