3

I built a very simple flask app that uses socketIo in order to make a simple chatapp, where you can write messages. In my js file i built a function that every few seconds sends the current location of the user using geolocation.

Because im using the geolocation, i need my to use https instead of http that the flask created.

I found out about SSLify and tried it, but because im using also the socketIo it ran on http and not on https. In apps without socketIo it works, what is the problem?

this is my flask app:

from flask import Flask, render_template
from flask_socketio import SocketIO
from flask_sslify import SSLify

app = Flask(__name__)
app.config['SECRET_KEY'] = 'jsbcfsbfjefebw237u3gdbdc'

socketio = SocketIO(app)
sslify = SSLify(app)


@app.route('/')
def index():
    return render_template('./ChatApp.html')


def messageRecived():
    print('message was received!!!')


@socketio.on('my event')
def handle_my_custom_event(json):
    print('recived my event: ' + str(json))
    socketio.emit('my response', json, callback=messageRecived)


if __name__ == '__main__':
    socketio.run(app, debug=True, host='0.0.0.0')
Adi Portal
  • 55
  • 6
  • 1
    I would think you would need to `sslify` on the `socketio` which is different than `app` ... but fwiw i have always found this to be a terrible path to go down .. you would be much better off using nginx to handle the ssl, then upstream it to your http socket on the same server (or DMZ) – Joran Beasley Jun 04 '20 at 17:55
  • 1
    @JoranBeasley Do you maybe have a link to explanation of that? How to use the nginx? – Adi Portal Jun 04 '20 at 18:24
  • there are many many tutorials for this ... here is one https://github.com/joewalnes/websocketd/wiki/Websocketd-behind-Nginx (it was just the first one i came across...) ... it unfortunately usually requires some trial and error and Stackoverflow probably wont be super helpful for resolving it :/ – Joran Beasley Jun 04 '20 at 23:19

1 Answers1

0

The reason it does not work is that Flask-SSLify is applied to your Flask application (the app instance), and not to Socket.IO (the socketio instance).

To my knowledge there is no equivalent to Flask-SSLify for the Socket.IO server, so you will need to either build it yourself as a WSGI middleware, or else implement the HTTP to HTTPS redirection in a reverse proxy that sits above your Python server, such as nginx or Apache.

Miguel Grinberg
  • 65,299
  • 14
  • 133
  • 152
  • I read a lot of recommendation about using nginx, but as someone who is new to the subject I find it hard to find a clear explanation for nginx with socketio for truly beginners – Adi Portal Jun 06 '20 at 14:18
  • I wrote an article on using nginx and SSL with Flask apps: https://blog.miguelgrinberg.com/post/running-your-flask-application-over-https. The Flask-SocketIO documentation has a basic nginx configuration that is appropriate for Socket.IO. Fair warning, these may be a bit difficult to follow if you are a "truly beginner" as you say. – Miguel Grinberg Jun 06 '20 at 15:39