adding secure.js environment option, reverting production.js, and adding openssl options to gen-certs

Author: jloveland

README.md

@@ -82,10 +82,15 @@ To create an HTTPS server, you need an SSL certificate.
 
 You can provide a certificate signed by a Certificate Authority (CA) or a self-signed certificate. In a production environment, it is recommended to use a CA-signed certificate. For development and test environment, a self-signed certificate can be used.
 
-To generate a self-signed certificate, run the following in your shell:
+To generate a self-signed certificate, run script:
 ```
 $ cd config/sslcert/
-$ openssl genrsa -out key.pem
+$ ./gen-certs
+```
+or run the following in your shell:
+```
+$ cd config/sslcert/
+$ openssl genrsa -out key.pem -aes256 1024
 $ openssl req -new -key key.pem -out csr.pem
 $ openssl x509 -req -days 9999 -in csr.pem -signkey key.pem -out cert.pem
 $ rm csr.pem
@@ -95,7 +100,7 @@ This will leave you with cert.pem (the certificate) and key.pem (the private key
 
 Now you can run your app securely in production mode:
 ```
-sudo NODE_ENV=production grunt
+sudo NODE_ENV=secure grunt
 ```
 NOTE: if you use higher port numbers, you don't need to run with sudo
 

config/env/production.js

@@ -1,8 +1,6 @@
 'use strict';
 
 module.exports = {
-	secure: true,
-	port: 443,
 	db: process.env.MONGOHQ_URL || process.env.MONGOLAB_URI || 'mongodb://localhost/mean',
 	assets: {
 		lib: {
@@ -25,27 +23,27 @@ module.exports = {
 	facebook: {
 		clientID: process.env.FACEBOOK_ID || 'APP_ID',
 		clientSecret: process.env.FACEBOOK_SECRET || 'APP_SECRET',
-		callbackURL: 'https://localhost:443/auth/facebook/callback'
+		callbackURL: 'http://localhost:3000/auth/facebook/callback'
 	},
 	twitter: {
 		clientID: process.env.TWITTER_KEY || 'CONSUMER_KEY',
 		clientSecret: process.env.TWITTER_SECRET || 'CONSUMER_SECRET',
-		callbackURL: 'https://localhost:443/auth/twitter/callback'
+		callbackURL: 'http://localhost:3000/auth/twitter/callback'
 	},
 	google: {
 		clientID: process.env.GOOGLE_ID || 'APP_ID',
 		clientSecret: process.env.GOOGLE_SECRET || 'APP_SECRET',
-		callbackURL: 'https://localhost:443/auth/google/callback'
+		callbackURL: 'http://localhost:3000/auth/google/callback'
 	},
 	linkedin: {
 		clientID: process.env.LINKEDIN_ID || 'APP_ID',
 		clientSecret: process.env.LINKEDIN_SECRET || 'APP_SECRET',
-		callbackURL: 'https://localhost:443/auth/linkedin/callback'
+		callbackURL: 'http://localhost:3000/auth/linkedin/callback'
 	},
 	github: {
 		clientID: process.env.GITHUB_ID || 'APP_ID',
 		clientSecret: process.env.GITHUB_SECRET || 'APP_SECRET',
-		callbackURL: 'https://localhost:443/auth/github/callback'
+		callbackURL: 'http://localhost:3000/auth/github/callback'
 	},
 	mailer: {
 		from: process.env.MAILER_FROM || 'MAILER_FROM',

config/env/secure.js

@@ -0,0 +1,60 @@
+'use strict';
+
+module.exports = {
+  secure: true,
+  port: 443,
+  db: process.env.MONGOHQ_URL || process.env.MONGOLAB_URI || 'mongodb://localhost/mean',
+  assets: {
+    lib: {
+      css: [
+        'public/lib/bootstrap/dist/css/bootstrap.min.css',
+        'public/lib/bootstrap/dist/css/bootstrap-theme.min.css',
+      ],
+      js: [
+        'public/lib/angular/angular.min.js',
+        'public/lib/angular-resource/angular-resource.min.js',
+        'public/lib/angular-animate/angular-animate.min.js',
+        'public/lib/angular-ui-router/release/angular-ui-router.min.js',
+        'public/lib/angular-ui-utils/ui-utils.min.js',
+        'public/lib/angular-bootstrap/ui-bootstrap-tpls.min.js'
+      ]
+    },
+    css: 'public/dist/application.min.css',
+    js: 'public/dist/application.min.js'
+  },
+  facebook: {
+    clientID: process.env.FACEBOOK_ID || 'APP_ID',
+    clientSecret: process.env.FACEBOOK_SECRET || 'APP_SECRET',
+    callbackURL: 'https://localhost:443/auth/facebook/callback'
+  },
+  twitter: {
+    clientID: process.env.TWITTER_KEY || 'CONSUMER_KEY',
+    clientSecret: process.env.TWITTER_SECRET || 'CONSUMER_SECRET',
+    callbackURL: 'https://localhost:443/auth/twitter/callback'
+  },
+  google: {
+    clientID: process.env.GOOGLE_ID || 'APP_ID',
+    clientSecret: process.env.GOOGLE_SECRET || 'APP_SECRET',
+    callbackURL: 'https://localhost:443/auth/google/callback'
+  },
+  linkedin: {
+    clientID: process.env.LINKEDIN_ID || 'APP_ID',
+    clientSecret: process.env.LINKEDIN_SECRET || 'APP_SECRET',
+    callbackURL: 'https://localhost:443/auth/linkedin/callback'
+  },
+  github: {
+    clientID: process.env.GITHUB_ID || 'APP_ID',
+    clientSecret: process.env.GITHUB_SECRET || 'APP_SECRET',
+    callbackURL: 'https://localhost:443/auth/github/callback'
+  },
+  mailer: {
+    from: process.env.MAILER_FROM || 'MAILER_FROM',
+    options: {
+      service: process.env.MAILER_SERVICE_PROVIDER || 'MAILER_SERVICE_PROVIDER',
+      auth: {
+        user: process.env.MAILER_EMAIL_ID || 'MAILER_EMAIL_ID',
+        pass: process.env.MAILER_PASSWORD || 'MAILER_PASSWORD'
+      }
+    }
+  }
+};

config/sslcert/gen-certs

@@ -1,6 +1,6 @@
 #!/bin/bash
 echo "Generating self-signed certificates..."
-aopenssl genrsa -out key.pem
+openssl genrsa -out key.pem -aes256 1024
 openssl req -new -key key.pem -out csr.pem
 openssl x509 -req -days 9999 -in csr.pem -signkey key.pem -out cert.pem
 rm csr.pem