0.1.00

HISTORY.md

@@ -1,3 +1,13 @@
+0.1.00 / 2011-06-23
+===================
+
+* Final release for SocketStream launch today!
+* Greatly improved SSL support. Now fully documented in README
+* A secondary HTTP server is now run by default in HTTPS mode to auto-redirect incorrect HTTP requests to the domain specified in the cert
+* HTTP API can now be configured to only run in HTTPS using SS.config.api.https_only
+* Changes to configuration file. Done now to prevent major changes here later on
+
+
 0.0.58 / 2011-06-21
 ===================
 

INSTALL.md

@@ -3,8 +3,49 @@ Install Instructions
 
 SocketStream runs on all UNIX based platforms, including OS X and Linux.
 
-TODO: Provide Mac OS X installation instructions
+### Mac OS X installation (tested on Snow Leopard 10.6.7)
 
+    # get XCode, required for compiling software
+
+    http://itunes.apple.com/gb/app/xcode/id422352214?mt=12
+
+    # get Redis
+
+    wget http://redis.googlecode.com/files/redis-2.2.10.tar.gz  # visit http://redis.io for the latest stable version
+    tar -xvzf redis-2.2.10.tar.gz
+    cd redis-2.2.4
+    make
+    make test # this is optional, but they recommend it
+    sudo make install
+    env redis-server > /tmp/redis.log 2>&1 & # make redis run in the background
+
+    # get Node.js
+
+    git clone --depth 1 https://github.com/joyent/node.git
+    cd node
+    git checkout origin/v0.4
+    export JOBS=2 # optional, sets number of parallel commands.
+    mkdir ~/local
+    ./configure --prefix=$HOME/local/node
+    make # this will take a couple of minutes
+    make install
+    echo 'export PATH=$HOME/local/node/bin:$PATH' >> ~/.profile
+    source ~/.profile
+
+    # get npm
+
+    curl http://npmjs.org/install.sh | sh
+
+    # get SocketStream
+
+    sudo npm install -g socketstream
+
+    # create a Socketstream app as a test
+
+    socketstream new test
+    cd test
+    socketstream start
+
 
 ### Ubuntu 10.04 server installation
 
@@ -36,11 +77,8 @@ Here is an example that shows how to install SocketStream and it's dependencies
     # install npm
     curl http://npmjs.org/install.sh | sudo sh
 
-    # build socketstream
-    cd ~
-    git clone https://github.com/socketstream/socketstream.git
-    cd socketstream
-    sudo npm link
+    # get SocketStream
+    sudo npm install -g socketstream
 
     # create a new socketstream project called 'test'
     cd ~
@@ -49,3 +87,6 @@ Here is an example that shows how to install SocketStream and it's dependencies
     # run test app
     cd test
     socketstream start
+
+
+

lib/client/socketstream.coffee

@@ -21,9 +21,6 @@ window.SS =
     log:
       level:        0               # no client-side logging by default
 
-# Maintain compatibility with $SS in previous versions. Will be removed before 0.1.0
-window.$SS = window.SS
-
 # Event handling
 SS.events =
 

lib/configurator.coffee

@@ -15,21 +15,30 @@ exports.configure = ->
 # Set sensible defaults so we can be up and running without an app-specific config file
 setDefaults = ->
   SS.config =
-    loaded:             true                  # allows us to check the app's config has been loaded
-    ss_var:             'SS'                  # the main SocketStream global variable server-side
-    port:               3000		              # if you want to run on port 80 or 443 node must be run as root
-    hostname:           '0.0.0.0'             # allows the server to be bound to a particular IP. listens on all by default
-    enable_color:       true                  # use colors when outputting to terminal
-    pack_assets:        true      	          # set this to false when developing to force the serving of all asset requests live
-    throw_errors:       true      	          # this needs to be false in production or the server will quit on any error
+    loaded:                   true            # allows us to check the app's config has been loaded
+    ss_var:                   'SS'            # the main SocketStream global variable server-side
+    enable_color:             true            # use colors when outputting to terminal
+    pack_assets:              true	          # set this to false when developing to force the serving of all asset requests live
+    throw_errors:             true            # this needs to be false in production or the server will quit on any error
+
+    # HTTP
+    http:
+      port:                   3000		        # if you want to run on port 80 or 443 node must be run as root
+      hostname:               '0.0.0.0'       # allows the server to be bound to a particular IP. listens on all by default
+
+    # HTTPS / SSL / TLS
+    https:
+      enabled:                false           # see readme for full details
+      port:                   443		          # if you want to run on port 80 or 443 node must be run as root
+      hostname:               '0.0.0.0'       # allows the server to be bound to a particular IP. listens on all by default
+      cert_name:              'site'          # allows you to use a different certificate name in different environments
+      domain:                 false           # enter the full host name here as it appears on your SSL cert: (e.g. www.test.com)
+      ensure_domain:          true            # if set, will auto-redirect traffic sent to different hosts to the domain specified above
+      redirect_http:          true            # automatically redirects requests to http:// to https://#{host}  Host must be set
 
     # Logger (only to the terminal for now)
     log:
-      level:            3         	          # 0 = none, 1 = calls only, 2 = calls + params, 3 = full, 4 = everything
-
-    # SSL (experimental)
-    ssl:
-      enabled:                false           # https support is currently highly experimental. turned off by default
+      level:                  3         	    # 0 = none, 1 = calls only, 2 = calls + params, 3 = full, 4 = everything
 
     # Redis
     redis:
@@ -43,6 +52,7 @@ setDefaults = ->
     api:
       enabled:                true
       prefix:                 'api'           # defines the URL namespace
+      https_only:             false           # only allow API requests over HTTPS
       auth:
         basic:          
           module_name:        false           # replace this with the name of the authentication module. false = basic auth disabled
@@ -51,8 +61,7 @@ setDefaults = ->
     # Incompatible Browser Checking
     browser_check:
       enabled:                true            
-      strict:                 false           # when enabled will serve a static page from /public/errors/incompatible when non websocket browsers connect
-
+      strict:                 false           # when enabled will serve a static page from /static/incompatible_browsers when non websocket browsers connect
 
     # Set params which will be passed directly to the client when they connect
     # The client config should match the server as closly as possible
@@ -79,12 +88,6 @@ setDefaults = ->
     # Realtime Models
     rtm:
       enabled:                false           # disabled by default as HIGHLY EXPERIMENTAL and subject to change
-
-    # Web Admin
-    admin:
-      enabled:                false
-      prefix:                 'admin'    
-
 
 # For now we override default config depending upon environment. This will still be overridden by any app config file in
 # /config/environments/SS_ENV.js . We may want to remove this in the future and insist upon seperate app config files, ala Rails
@@ -110,7 +113,7 @@ mergeConfigFile = (name) ->
       try
         merge(app_config)
       catch e
-        throw new Error("App config file #{name} loaded and parsed as JSON but unable to merge. Check syntax carefully.")
+        throw new Error("App config file #{name} loaded and parsed as JSON but unable to merge. Check syntax carefully and ensure config values exist.")
     catch e
       throw new Error("Loaded, but unable to parse app config file #{name}. Ensure it is in valid JSON format with double quotes (not single!) around all strings.")
   catch e

lib/http_middleware/http_redirect.coffee

@@ -0,0 +1,11 @@
+# Middleware: HTTP Redirect
+# --------------------------
+# Redirects HTTP requests to HTTPS
+
+server = require('../utils/server.coffee')
+
+exports.call = (request, response, next) ->  
+  old_url = 'http://' + request.headers.host + request.url
+  new_url = 'https://' + SS.config.https.domain + request.url
+  server.redirect request, response, new_url
+  SS.log.serve.httpsRedirect old_url, new_url

lib/http_middleware/https_redirect.coffee

@@ -0,0 +1,23 @@
+# Middleware: HTTPS Redirect
+# --------------------------
+# Redirects incorrect HTTPS sent to the wrong host to the correct host for the SSL certificate
+
+server = require('../utils/server.coffee')
+
+# Will automatically redirect requests to an incorrect domain to the correct one
+exports.call = (request, response, next) ->
+
+  if SS.config.https.enabled and hostsDiffer(request)
+    # Redirect URL to correct host
+    old_url = 'https://' + request.headers.host + request.url
+    new_url = 'https://' + SS.config.https.domain + request.url
+    server.redirect request, response, new_url
+    SS.log.serve.httpsRedirect old_url, new_url
+  else
+    next()
+
+
+# PRIVATE
+
+hostsDiffer = (request) ->
+  SS.config.https.domain and SS.config.https.ensure_domain and request.headers.host != SS.config.https.domain

lib/http_middleware/index.coffee

@@ -5,44 +5,54 @@
 util = require('util')
 copy = require('../utils/copy.coffee')
 
+#Load middleware stack for the primary HTTP/HTTPS server
+exports.primary = ->
+  stack = new Stack
+  stack.loadCustom()
+  stack.load('https_redirect')         if SS.config.https.enabled
+  stack.load('url_parser')             # required by other middleware below
+  stack.load('api')                    if SS.config.api.enabled
+  stack.load('browser_check')          if SS.config.browser_check.enabled
+  stack.load('compile')                if !SS.config.pack_assets
+  stack.load('static')                 # always serve static files last
+  stack
+
+# Load middleware stack for the secondary HTTP server (which serves the API or forwards website requests to HTTPS)
+exports.secondary = ->
+  stack = new Stack
+  stack.load('url_parser')             # required by other middleware below
+  stack.load('api')                    if SS.config.api.enabled and !SS.config.api.https_only
+  stack.load('http_redirect')          # redirect all non-API requests to HTTPS
+  stack
+
 # Define the stack
-stack = []
-
-# Load HTTP middleware stack
-exports.init = ->
-  loadCustom()
-  load('url_parser')             # must run first - required by other modules
-  load('api')                    if SS.config.api.enabled
-  load('browser_check')          if SS.config.browser_check.enabled
-  load('compile')                if !SS.config.pack_assets
-  load('static')                 # always serve static files last
-
-# Manage callback hell
-exports.execute = (request, response, i = 0) ->
-  stack[i].call request, response, ->
-    exports.execute(request, response, i + 1)
-
-
-# PRIVATE METHODS
-
-# Load custom HTTP config file and any custom middleware first
-loadCustom = ->
-  file = "/config/http.coffee"
-  try
-    custom_http_handler = require("#{SS.root}#{file}")
-    stack.push custom_http_handler
-  catch e
-    util.log "#{file} file missing! Attempting to copy default template..."
-    source = __dirname + '/../../new_project/config/http.coffee'
-    destination = "#{SS.root}/config/http.coffee"
-    copy.copyFile source, destination
-    util.log "#{file} file created!"
-
-# Load Internal Middleware
-load = (name) ->
-  try
-    stack.push processor = require("./#{name}.coffee")
-  catch e
-    unless processor
-      SS.log.error.message "Unable to load internal HTTP middleware: #{name}"
-      throw e
+class Stack
+
+  constructor: ->
+    @stack = []
+
+  execute: (request, response, i = 0) ->
+    @stack[i].call request, response, =>
+      @execute(request, response, i + 1)
+
+  # Load custom HTTP config file and any custom middleware first
+  loadCustom: ->
+    file = "/config/http.coffee"
+    try
+      custom_http_handler = require("#{SS.root}#{file}")
+      @stack.push custom_http_handler
+    catch e
+      util.log "#{file} file missing! Attempting to copy default template..."
+      source = __dirname + '/../../new_project/config/http.coffee'
+      destination = "#{SS.root}/config/http.coffee"
+      copy.copyFile source, destination
+      util.log "#{file} file created!"
+
+  # Load Internal Middleware
+  load: (name) ->
+    try
+      @stack.push processor = require("./#{name}.coffee")
+    catch e
+      unless processor
+        SS.log.error.message "Unable to load internal HTTP middleware: #{name}"
+        throw e

lib/logger.coffee

@@ -1,6 +1,8 @@
 # Logger
 # ------
 # Outputs to the console
+# NOTE: Let's be honest. This idea sucks. It seemed like a good idea at the time, but I'm sure we can lot better
+# We just need to do it with a nod to future internationalisation (note the 's' in there ;)
 
 util = require("util")
 
@@ -11,6 +13,9 @@ exports.serve =
 
   compiled: (file, benchmark_result) ->
     output 2, "DEV INFO: Compiled and served #{file} in #{benchmark_result}ms"
+
+  httpsRedirect: (from, to) ->
+    output 2, "REDIRECT: From #{from} to correct HTTPS host #{to}"
 
 exports.incoming =
 

lib/main.coffee

@@ -90,10 +90,11 @@ exports.start =
   server: ->
     util.log('Starting SocketStream server...')
     load.project()
-    require('./server.coffee').start()
-    protocol = if SS.config.ssl.enabled then SS.log.color('https', 'green') else "http"
+    servers = require('./server.coffee').start()
     SS.users.online.update() if SS.config.users.online.enabled
-    showBanner("Server running on #{protocol}://#{SS.config.hostname}:#{SS.config.port}")
+    text = ["Primary server running on #{formatProtocol(servers.primary.protocol)}://#{servers.primary.config.hostname}:#{servers.primary.config.port}"]
+    text.push "  Secondary server running on #{formatProtocol(servers.secondary.protocol)}://#{servers.secondary.config.hostname}:#{servers.secondary.config.port}" if servers.secondary
+    showBanner(text.join("\n"))
 
   console: ->
     load.project()
@@ -292,6 +293,10 @@ fatal = (message) ->
 apiToString = (obj) ->
   util.inspect(SS.server, false, 1000).replace(/\[Function\]/g, 'true')
 
+# Make HTTPS stand out
+formatProtocol = (protocol) ->
+  if protocol == 'https' then SS.log.color('https', 'green') else "http"
+
 # Show welcome banner
 showBanner = (additional_text) ->
   counters = SS.internal.counters.files_loaded