Can't make websocket connection from test client

dwyl / smart-home-security-system

Smart Home Security System

GNU General Public License v2.0

4 stars 2 forks source link

Can't make websocket connection from test client #20

Closed th0mas closed 4 years ago

th0mas commented 4 years ago

When attempting to connect from our test suite to the hub server we get some sort of https error:

2020-08-20T08:10:35.532582+00:00 heroku[router]: at=info method=GET path="/socket/websocket?name=Toms-MacBook-Pro&vsn=2.0.0" host=smart-home-auth-server.herokuapp.com request_id=a9db8c3a-588f-4f7c-8136-6dd602bac48a fwd="<My IP>" dyno=web.1 connect=0ms service=47ms status=301 bytes=263 protocol=http
2020-08-20T08:10:35.528217+00:00 app[web.1]: 08:10:35.528 [info] Plug.SSL is redirecting GET /socket/websocket to https://smart-home-auth-server.herokuapp.com with status 301

Seems like were not properly upgrading to a https connection...

th0mas commented 4 years ago

Looking at https://elixirforum.com/t/plug-ssl-redirects-socket-connection-problem-301/25347 it seems like we need to remove the line:

force_ssl: [rewrite_on: [:x_forwarded_proto]]

from prod.exs

@nelsonic Is there any reason this line is here/what does it do?

nelsonic commented 4 years ago

This is just to ensure SSL/TLS is used. It might not be strictly necessary for our CI App, but it would be good to setup for our home security in production, i.e. always enforce TLS. otherwise it would be trivial for a MITM for someone with physical access to the building. 💭

th0mas commented 4 years ago

Fixed by adding a config option to enable SSL on websocket connections:

config.exs

config :smart_home_firmware,
    ssl: true

hub_client.ex

defp get_scheme() do
    if Application.fetch_env!(:smart_home_firmware, :ssl) do
      "wss"
    else
      "ws"
    end
  end

nelsonic commented 4 years ago

Nice one @th0mas 👍