koa-enforces-ssl

This simple module enforces HTTPS connections on any incoming requests. In case of a non-encrypted HTTP request, koa-enforces-ssl automatically redirects to an HTTPS address using a 301 permanent redirect.

koa-enforces-ssl also works behind reverse proxies (load balancers) as they are for example used by Heroku and nodejitsu. In such cases, however, the proxy parameter has to be set to true (see below).

Usage

npm install koa-enforces-ssl --save

const Koa = require('koa')
const ssl = require('koa-enforces-ssl')
 
const app = new Koa()
 
app.proxy = true
 
app.use(ssl)
 
app.use(async ctx => {
  ctx.body = 'Hello World'
})
 
const port = process.env.PORT || 3000
 
app.listen(port, () => {
  console.log(`Example app listening on port ${port}!`)
})

Prior art

This module was heavily inspired by Hengki Sihombing's express-enforces-ssl module.