Add instructions to readme for setting up the local dev to work with …

…https

.env.example

@@ -6,4 +6,8 @@ KUKSA_USER=
 PARTIOID_CALLBACK=
 ISSUER=
 CLIENT_URL=
-METADATA_URL=
+METADATA_URL=
+
+## For HTTPS
+# CLIENT_URL=https://partio.ngrok.io:3000
+# LOCALHOST_WITH_HTTPS=enabled

README.md

@@ -1,6 +1,6 @@
 # Partio-ohjelmasovellus backend
 
-# 1. Project purpose 
+# 1. Project purpose
 
 TODO
 
@@ -33,8 +33,79 @@ No tests at the moment.
 
 ## 3.3. Start the application locally
 
+### 3.3.1 HTTP
+
 To start the dev env run `yarn dev`.
 
+### 3.3.2 HTTPS
+
+NOTE: You will need to generate certificates for the localhost https environment. See the steps below.
+
+To start the app in https mode
+
+- run `yarn dev` (requires that you have the certificate files in the `certs` folder)
+
+To generate the required certificate follow these steps (Mac):<br>
+NOTE 1: Make sure you have all the https related environment variables set (see .env.example).<br>
+NOTE 2: If you've already created and added the root key and root certificate during the frontend https setup you can skip step 1.<br>
+
+1. First create a folder (e.g. `certificates`) somewhere on your Mac
+   - for example to your Work/Projects folder if you have them or your Desktop/Downloads folder
+   - If you created the folder in finder open a terminal and `cd` to the folder
+   - Next run the following commands to create the required files for generating the certificates
+     - Create a root key: `openssl genrsa -des3 -out rootCA.key 2048`
+     - Create a root certificate: `openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem`
+       - It's enough to only fill some fields here. E.g. Country as `fi` and location as `Helsinki`
+   - Next you need to add the created root certificate as trusted in your Keychain Access application
+     - Open Keychain Access
+     - Select `File` -> `Import items...` from the app menu
+     - Navigate to the folder where you created
+     - Select System from the left side menu and then the Certificates tab
+     - Double-click the certificate you added and change its Trust setting to Always Trust
+2. Create a separate folder for backend inside your certificates folder: `mkdir backend`
+
+   - Create a `server.csr.cnf` file inside the `backend` folder with the following information
+
+     - ```
+       [req]
+       default_bits = 2048
+        prompt = no
+       default_md = sha256
+       distinguished_name = dn
+       ```
+
+     [dn]
+     C=fi
+     L=Helsinki
+     CN = pos-api-dev.ngrok.io
+
+     ```
+
+     ```
+
+   - Create a `v3.ext` file inside the `backend` folder with the following information
+
+     - ```
+       authorityKeyIdentifier=keyid,issuer
+       basicConstraints=CA:FALSE
+       keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
+       subjectAltName = @alt_names
+       ```
+
+     [alt_names]
+     DNS.1 = pos-api-dev.ngrok.io
+
+     ```
+
+     ```
+
+   - Run `openssl req -new -sha256 -nodes -out server.csr -newkey rsa:2048 -keyout server.key -config <( cat backend/server.csr.cnf )`
+   - Run `openssl x509 -req -in backend/server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 500 -sha256 -extfile backend/v3.ext`
+   - Now the certificates are ready so all you need to do is move the `server.crt` and `server.key` files inside the `backend` folder to the backend project
+     - Create a `certs` folder inside the backend project
+     - Move the `server.crt` and `server.key` inside the `certs` folder
+   - Run `yarn dev` to start the app and navigate to https://partio.ngrok.io:3000
+
 ## 3.4. Version control
 
 When working on a new feature or fixing a bug always create a new branch from the master branch. When the feature or fix is complete create a pull request (from now on PR) for the branch. There should always be at least one or two reviewers for the PR and once the PR has been approved it can be merged to master.