From 95309cf4257c4edc333ba8eabf3ad3de87c5c28d Mon Sep 17 00:00:00 2001
From: Pierre Brisorgueil <pierrebrisorgueil@me.com>
Date: Fri, 12 Apr 2019 11:36:21 +0200
Subject: [PATCH] =?UTF-8?q?docs(wiki):=20add=20SSL=20informations=20?=
 =?UTF-8?q?=F0=9F=93=9D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

fix #115
---
 README.md |  2 +-
 WIKI.md   | 90 ++++++++++++++++++++++++++++++++++---------------------
 2 files changed, 57 insertions(+), 35 deletions(-)

diff --git a/README.md b/README.md
index 2482ad274..17c1d90af 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,7 @@ Our stack node is actually in Beta.
 | DataBase  | [Mongo 4.x LTS](https://www.mongodb.com/download-center/community) &  [mongoose](https://github.com/Automattic/mongoose) (user management & crud Task example) <br> [Sequelize](https://github.com/sequelize/sequelize) : PostgreSQL, MySQL, SQLit 4.x (option - crud Task example) <br> [JOI](https://github.com/hapijs/joi) Models & Repository for database code abstraction <br> seed functions
 | Testing |  [Jest](https://github.com/facebook/jest) & [SuperTest](https://github.com/visionmedia/supertest) (Coverage & Watch) <br> *example of mocha with gulp available*
 | Linter  | [ESLint](https://github.com/eslint/eslint) ecmaVersion 10 (2019)
-| Security | JWT Stateless - [passport-jwt](https://github.com/themikenicholson/passport-jwt) <br> Passwords: [bcrypt](https://en.wikipedia.org/wiki/Bcrypt) - [zxcvbn](https://github.com/dropbox/zxcvbn) <br> DataBases options available (auth, ssl ..) <br> SSL options availble 
+| Security | JWT Stateless - [passport-jwt](https://github.com/themikenicholson/passport-jwt) <br> Passwords: [bcrypt](https://en.wikipedia.org/wiki/Bcrypt) - [zxcvbn](https://github.com/dropbox/zxcvbn) <br> DataBases options available (auth, ssl ..) <br> [SSL](https://github.com/weareopensource/Node/blob/master/WIKI.md#SSL) Express / Reverse Proxy (must be activated, otherwise => plain text password)
 | API | Default answer wrapper (helper) : [jsend](https://github.com/omniti-labs/jsend) like : status, message, data or error <br>  Default error handling (helper) : formatted by the controller, Custom ES6 errors for other layers
 | CI  | [Travis CI](https://travis-ci.org/weareopensource/Node) 
 | Developer  | [Coveralls](https://coveralls.io/github/weareopensource/Node) - [Code Climate](https://codeclimate.com/github/weareopensource/Node) - [Dependency status](https://david-dm.org/weareopensource/node) - [GreenKeeper](https://greenkeeper.io) - [Snyk](https://snyk.io/test/github/weareopensource/node) <br> [standard-version](https://github.com/conventional-changelog/standard-version) - [commitlint](https://github.com/conventional-changelog/commitlint) - [commitizen](https://github.com/commitizen/cz-cli) - [waos-conventional-changelog](https://github.com/WeAreOpenSourceProjects/waos-conventional-changelog)
diff --git a/WIKI.md b/WIKI.md
index 051cf5df6..d570b3e21 100644
--- a/WIKI.md
+++ b/WIKI.md
@@ -11,7 +11,8 @@ Welcome to the Node wiki! Here you will find various information about this repo
 #### Node Wiki 
 
 * [Api](https://github.com/weareopensource/Node/blob/master/WIKI.md#API)
-* [Errors](https://github.com/weareopensource/Node/blob/master/WIKI.md#Errors)
+* [SSL](https://github.com/weareopensource/Node/blob/master/WIKI.md#SSL)
+
 
 #### Other informations
 
@@ -31,9 +32,7 @@ Welcome to the Node wiki! Here you will find various information about this repo
 
 ## API
 
-### API answers rules : 
-
-#### success
+### success
 
 `responses.success(res, 'task created')({});`
 
@@ -47,25 +46,11 @@ body :
 }
 ```
 
-#### error
+### errors
 
-`responses.error(res, 422, 'task creation failed')({err});`
-
-body : 
+#### default
 
-```
-{ 
-	type: 'error', 
-	message: 'task creation failed' 
-	error: {err}
-}
-```
-
-## Errors
-
-#### controller
-
-`responses.error(res, 422, errors.getMessage(err))({err});`
+`responses.error(res, 422, 'task creation failed')({err});`
 
 body : 
 
@@ -77,7 +62,7 @@ body :
 }
 ```
 
-#### schema errors
+#### schema
 
 `responses.error(res, 422, errors.getMessage(err))({err});`
 
@@ -86,21 +71,21 @@ body :
 ```
 { 
 	type: 'error',
-   message: 'schema validation error',
-   error: { 
-       original: { 
-            title: 2, 
-            description: 'do something about something else' 
-       },
-       details: [{ 
+	message: 'schema validation error',
+	error: { 
+		original: { 
+			title: 2, 
+			description: 'do something about something else' 
+		},
+       details: [{
        	message: 'title must be a string', 
-       	type: 'string.base' 
-       } ] 
+       	type: 'string.base'
+       }] 
    } 
 }
 ```
 
-#### service & others errors
+#### service & others
 
 `throw new AppError('invalid user or password.', { code: 'SERVICE_ERROR', details: [] });`
 
@@ -112,12 +97,12 @@ body :
    message: 'invalid user or password.',
    error: { 
 	   code: 'SERVICE_ERROR',
-       details: [] 
+	   details: [] 
    } 
 }
 ```
 
-#### Authentication errors
+#### Authentication
 
 status : 401 
 error : 
@@ -127,3 +112,40 @@ error :
 	text: 'Unauthorized'
 }
 ```
+
+## SSL
+
+There are two ways to set up https, the most used way is to set up a reverse proxy in front of the server node, and enable let's encrypt.
+
+The second is to set up https directly at the node server.
+
+Both are possible with the stack.
+
+### Reverse Proxy with Let's Encrypt 
+
+We recommend this method, however we will not explain it. Many [tutorials](https://www.google.com/search?client=safari&rls=en&ei=ZFqwXNGMB43jgweCnbXgCg&q=node+let%27s+encrypt+nginx&oq=node+let%27s+encrypt+nginx&gs_l=psy-ab.3..0i8i13i30l3.9384.13054..13286...0.0..0.52.1036.24......0....1..gws-wiz.......0i71j0i67j0j0i131j0i22i30j0i13i30j0i13i10i30j0i19j0i13i30i19j0i22i30i19j0i22i10i30i19j0i8i13i30i19.ejqWS4vw2Qs) already exist, and it depends on what you use, [apache](https://httpd.apache.org), [nginx](https://www.nginx.com), [traeffik](https://traefik.io), [Let's Encrypt](https://letsencrypt.org) ...
+
+### Express TLS - SSL
+
+To run your application in a secure manner with express you'll need to use OpenSSL and generate a set of self-signed certificates. 
+
+* Unix-based users can use the following command:
+
+	```bash
+	$ npm run generate-ssl-certs
+	```
+this will create cert and key files and place them in *config/sslcerts* folder.
+
+* Windows users can follow instructions found [here](http://www.websense.com/support/article/kbarticle/How-to-use-OpenSSL-and-Microsoft-Certification-Authority).
+After you've generated the key and certificate, place them in the *config/sslcerts* folder.
+
+Finally, uncomment and activate ssl in configuration (*config/defaults/development.js*) :
+
+```
+// SSL on express server (FYI : Wiki)
+secure: {
+   ssl: true,
+   key: './config/sslcerts/key.pem',
+   cert: './config/sslcerts/cert.pem',
+},
+```