How to Install SSL Certificate on Apache? SSL stands for Secure Sockets Layer, the protocol which provides the encryption. It provides secure, encrypted communications between a website and an internet browser. and are typically installed on pages that require end-users to submit sensitive information over the internet like credit card details or passwords, used to secure our website and web app. 1. Install OpenSSL OpenSSL is a software library to be used in applications that need to secure communication over the internet. To install on Ubuntu/Debian run the following command. sudo apt-get update sudo apt-get install openssl 2. Generate Key and CSR CSR stands for Certificate Signing request, To generate server key and CSR file run the following command, replace example.com to your domain name on which you want to install SSL certificate. openssl genrsa -out example.com.key 2048 openssl req -new -sha256 -key example.com.key -out example.com.csr When you will run the above command it will ask your information like Country: IN State or Province: XYZ City or Locality: XYZ Organization Unit: XYZ Organization: XYZ Common Name: www.example.com Fill out your details and hit enter, In Country provide two digits of your country code(example India: IN, USA: US etc ) Download these two files (example.com.key and example.com.csr) and submit it to the certificate provider, then they will issue the certificate. The certificate should contains two file .crt and .ca-bundle or bundle.crt Put your certificate file, bundle file and key file in the directory /etc/ssl/certs/ SSLCertificateFile — Certificate file SSLCertificateKeyFile — Server key file SSLCertificateChainFile — bundle file 3. Configure Apache Web Server Create the virtual host in apache, edit the file and make the virtual host for your domain and include the domain name, port 443, certificate file path etc. sudo nano /etc/apache2/site-enabled/000-default.conf If you want to redirect all your traffic to https than make sure you are also adding redirect rule. The virtual host may look like. <VirtualHost *:443> ServerAdmin admin@example.com DocumentRoot /var/www/html ServerName example.com ServerAlias www.example.com SSLEngine on SSLCertificateFile /etc/ssl/certs/example.com.crt SSLCertificateKeyFile /etc/ssl/certs/example.com.key SSLCertificateChainFile /etc/ssl/certs/example_bundle.crt <Directory /var/www/html> Options FollowSymLinks AllowOverride All </Directory> </VirtualHost> #Redirect all http traffic to https <VirtualHost *:80> ServerName example.com ServerAlias www.example.com Redirect permanent / https://www.example.com </VirtualHost> 4. Enable SSL Mode and restart apache services sudo a2enmod ssl sudo service apache2 restart Open your website URL in web browser eg. example.com or www.example.com and you will see a green(Secure) lock before the URL.

Is modifying request in service a normal prartice?

Kelly

There is case where I'm trying to handle session for user. I have different controllers for handling different auth methods, but all of them at the end should do the same - add/update req.session variable. Here is the example of my code for auth on "twitch" platform (and for all other code looks similar):

import { Controller, Get, Req, Res, UseGuards } from "@nestjs/common";
import { AuthGuard } from "@nestjs/passport";

@Controller('auth/twitch')
export class TwitchController {
  @Get('finishAuth')
  async finishAuth(
    @Req() req, 
    @Query('code') code,
  ) {
    const profile = await this.authTwitchService.getProfile(code);
    req.session = profile;
  }
}

Would it be a good idea to move this req.session = profile; code to some service? Or is it a bad practice because we modify things that should be modified only on controller level?

My suggestion is to do something like this:

import { Injectable } from '@nestjs/common';

@Injectable()
export class SessionManager {
  updateProfile(
    profile: {id: string, username: string, email: string},
    req: Request,
  ) {
    req.session = profile;
  }
}

And then rework controller:

import { Controller, Get, Req, Res, UseGuards } from "@nestjs/common";
import { AuthGuard } from "@nestjs/passport";

@Controller('auth/twitch')
export class TwitchController {
  constructor(private sessionManager: SessionManager) {}

  @Get('finishAuth')
  async finishAuth(
    @Req() req, 
    @Query('code') code,
  ) {
    const profile = await this.authTwitchService.getProfile(code);
    this.sessionManager.update(profile, req);
  }
}