Merge 3216ffc into 8f7b00a

.docs/README.md

@@ -16,6 +16,7 @@ The middlewares / relay conception is a strong pattern with many benefits.
     - [BasePathMiddleware](#basepathmiddleware)
     - [BasicAuthMiddleware](#basicauthmiddleware)
     - [BuilderMiddleware](#buildermiddleware)
+    - [EnforceHttpsMiddleware](#enforcehttpsmiddleware)
     - [PresenterMiddleware](#presentermiddleware)
     - [SecurityMiddleware](#securitymiddleware)
     - [TracyMiddleware](#tracymiddleware)
@@ -258,6 +259,17 @@ services:
         - add(CspMiddleware())
 ```
 
+#### `EnforceHttpsMiddleware`
+
+Throw error if the request did not come from https.
+It is recommended behavior for apis (but not recommended for end-user applications).
+
+```yaml
+middleware:
+    middlewares:
+        - Contributte\Middlewares\EnforceHttpsMiddleware
+```
+
 #### `PresenterMiddleware`
 
 This middleware simulates original nette application behaviours. It converts Psr7Request to `Nette\Application\Request`

src/EnforceHttpsMiddleware.php

@@ -0,0 +1,23 @@
+<?php declare(strict_types = 1);
+
+namespace Contributte\Middlewares;
+
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+
+class EnforceHttpsMiddleware implements IMiddleware
+{
+
+	public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next): ResponseInterface
+	{
+		if (strtolower($request->getUri()->getScheme()) !== 'https') {
+			$response = $response->withStatus(400);
+			$response->getBody()->write('Encrypted connection is required. Please use https connection.');
+			return $response;
+		}
+
+		// Pass to next middleware
+		return $next($request, $response);
+	}
+
+}