如何使用 Dart 正确创建安全的 Web 服务器?
How to properly create a secure web server with Dart?
这是 Dart 为使用 Shelf 包的服务器提供的典型代码:
import 'dart:io';
import 'package:shelf/shelf.dart';
import 'package:shelf/shelf_io.dart';
import 'package:shelf_router/shelf_router.dart';
// Configure routes.
final _router = Router()
..get('/', _rootHandler)
..get('/echo/<message>', _echoHandler);
Response _rootHandler(Request req) {
return Response.ok('Hello, World!\n');
}
Response _echoHandler(Request request) {
final message = request.params['message'];
return Response.ok('$message\n');
}
void main(List<String> args) async {
// Use any available host or container IP (usually `0.0.0.0`).
final ip = InternetAddress.anyIPv4;
// Configure a pipeline that logs requests.
final _handler = Pipeline().addMiddleware(logRequests()).addHandler(_router);
// For running in containers, we respect the PORT environment variable.
final port = int.parse(Platform.environment['PORT'] ?? '8080');
final server = await serve(_handler, ip, port);
print('Server listening on port ${server.port}');
}
What/How 是否需要修改以支持安全连接 (HTTPS) 仅?
我不太了解证书,所以如果你能详细解释如何 generate/buy 它们以及如何 link 它们到服务器或任何参考资料,它会很棒。
P.S.:我的主机是 Linux 发行版 (Manjaro) 运行 以下 Docker 容器:一个文件服务器(Dart with Shelf)和 GraphQL 服务器(Postgraphile)。我需要为主机中的每个服务 运行 进行配置吗?
你见过https://api.dart.dev/dev/2.16.0-7.0.dev/dart-io/HttpServer-class.html吗?
您可以在 pkg:shelf
中将 HttpServer 实例传递给 serveRequests (https://pub.dev/documentation/shelf/latest/shelf_io/serveRequests.html)
首先,感谢@KevinMoore 的回答,但它并不像我希望的那样完整,所以这是我的回答:
根据Dart help以上代码修改如下:
import 'dart:io';
import 'package:shelf/shelf.dart';
import 'package:shelf/shelf_io.dart';
import 'package:shelf_router/shelf_router.dart';
// Configure routes.
final _router = Router()
..get('/', _rootHandler)
..get('/echo/<message>', _echoHandler);
Response _rootHandler(Request req) {
return Response.ok('Hello, World!\n');
}
Response _echoHandler(Request request) {
final message = request.params['message'];
return Response.ok('$message\n');
}
SecurityContext getSecurityContext() { // Bind with a secure HTTPS connection
final chain = Platform.script.resolve('certificates/server_chain.pem').toFilePath();
final key = Platform.script.resolve('certificates/server_key.pem').toFilePath();
return SecurityContext()
..useCertificateChain(chain)
..usePrivateKey(key, password: 'dartdart');
}
void main(List<String> args) async {
// Use any available host or container IP (usually `0.0.0.0`).
final ip = InternetAddress.anyIPv4;
// Configure a pipeline that logs requests.
final _handler = Pipeline().addMiddleware(logRequests()).addHandler(_router);
// For running in containers, we respect the PORT environment variable.
final port = int.parse(Platform.environment['PORT'] ?? '443');
final server = await serve(_handler, ip, port, securityContext: getSecurityContext());
print('Server listening on port ${server.port}');
}
对于该代码,我使用 Dart Team 在 its repository 中提供的证书和密码仅用于教育目的。
如果您的生产服务器需要证书,您可以通过 Let's Encrypt 免费获得它们。
这些视频对于如何获取和使用这些证书很有用:
- Contratar un certificado SSL GRATIS con Let's Encrypt | DevOps Automation
- Let's Encrypt Explained: Free SSL
This tutorial(日文)也是一个很好的参考。
这是 Dart 为使用 Shelf 包的服务器提供的典型代码:
import 'dart:io';
import 'package:shelf/shelf.dart';
import 'package:shelf/shelf_io.dart';
import 'package:shelf_router/shelf_router.dart';
// Configure routes.
final _router = Router()
..get('/', _rootHandler)
..get('/echo/<message>', _echoHandler);
Response _rootHandler(Request req) {
return Response.ok('Hello, World!\n');
}
Response _echoHandler(Request request) {
final message = request.params['message'];
return Response.ok('$message\n');
}
void main(List<String> args) async {
// Use any available host or container IP (usually `0.0.0.0`).
final ip = InternetAddress.anyIPv4;
// Configure a pipeline that logs requests.
final _handler = Pipeline().addMiddleware(logRequests()).addHandler(_router);
// For running in containers, we respect the PORT environment variable.
final port = int.parse(Platform.environment['PORT'] ?? '8080');
final server = await serve(_handler, ip, port);
print('Server listening on port ${server.port}');
}
What/How 是否需要修改以支持安全连接 (HTTPS) 仅?
我不太了解证书,所以如果你能详细解释如何 generate/buy 它们以及如何 link 它们到服务器或任何参考资料,它会很棒。
P.S.:我的主机是 Linux 发行版 (Manjaro) 运行 以下 Docker 容器:一个文件服务器(Dart with Shelf)和 GraphQL 服务器(Postgraphile)。我需要为主机中的每个服务 运行 进行配置吗?
你见过https://api.dart.dev/dev/2.16.0-7.0.dev/dart-io/HttpServer-class.html吗?
您可以在 pkg:shelf
中将HttpServer 实例传递给 serveRequests (https://pub.dev/documentation/shelf/latest/shelf_io/serveRequests.html)
首先,感谢@KevinMoore 的回答,但它并不像我希望的那样完整,所以这是我的回答:
根据Dart help以上代码修改如下:
import 'dart:io';
import 'package:shelf/shelf.dart';
import 'package:shelf/shelf_io.dart';
import 'package:shelf_router/shelf_router.dart';
// Configure routes.
final _router = Router()
..get('/', _rootHandler)
..get('/echo/<message>', _echoHandler);
Response _rootHandler(Request req) {
return Response.ok('Hello, World!\n');
}
Response _echoHandler(Request request) {
final message = request.params['message'];
return Response.ok('$message\n');
}
SecurityContext getSecurityContext() { // Bind with a secure HTTPS connection
final chain = Platform.script.resolve('certificates/server_chain.pem').toFilePath();
final key = Platform.script.resolve('certificates/server_key.pem').toFilePath();
return SecurityContext()
..useCertificateChain(chain)
..usePrivateKey(key, password: 'dartdart');
}
void main(List<String> args) async {
// Use any available host or container IP (usually `0.0.0.0`).
final ip = InternetAddress.anyIPv4;
// Configure a pipeline that logs requests.
final _handler = Pipeline().addMiddleware(logRequests()).addHandler(_router);
// For running in containers, we respect the PORT environment variable.
final port = int.parse(Platform.environment['PORT'] ?? '443');
final server = await serve(_handler, ip, port, securityContext: getSecurityContext());
print('Server listening on port ${server.port}');
}
对于该代码,我使用 Dart Team 在 its repository 中提供的证书和密码仅用于教育目的。
如果您的生产服务器需要证书,您可以通过 Let's Encrypt 免费获得它们。
这些视频对于如何获取和使用这些证书很有用:
- Contratar un certificado SSL GRATIS con Let's Encrypt | DevOps Automation
- Let's Encrypt Explained: Free SSL
This tutorial(日文)也是一个很好的参考。