FlexMeasures · nhoening · Mar 13, 2024 · Mar 11, 2024 · Mar 13, 2024 · Mar 13, 2024
diff --git a/.vscode/spellright.dict b/.vscode/spellright.dict
@@ -272,3 +272,9 @@ cron
 CSV
 UI
 frontend
+http
+https
+balancer
+url
+HTTPS
+Werkzeug
diff --git a/documentation/changelog.rst b/documentation/changelog.rst
@@ -7,6 +7,8 @@ FlexMeasures Changelog
 v0.20.0 | April XX, 2024
 ============================
 
+.. warning:: From this version on, the config setting `FLEXMEASURES_FORCE_HTTPS` decides whether to enforce HTTPS on requests - and it defaults to `False`. Previously, this was governed by `Flask_ENV` or `FLEXMEASURES_ENV` being set to something else than "documentation" or "development". This new way is more clear, but you might be in need of using this setting before upgrading.
+
 New features
 -------------   
 

diff --git a/documentation/configuration.rst b/documentation/configuration.rst
@@ -455,6 +455,14 @@ Allows users to make authenticated requests. If true, injects the Access-Control
 Default: ``True``
 
 
+FLEXMEASURES_FORCE_HTTPS
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Set to ``True`` if all requests should be forced to be HTTPS.
+
+Default: ``False``
+
+
 FLEXMEASURES_ENFORCE_SECURE_CONTENT_POLICY
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 

diff --git a/flexmeasures/app.py b/flexmeasures/app.py
@@ -106,7 +106,7 @@ def create(  # noqa C901
     set_secret_key(app)
     if app.config.get("SECURITY_PASSWORD_SALT", None) is None:
         app.config["SECURITY_PASSWORD_SALT"] = app.config["SECRET_KEY"]
-    if app.config.get("FLEXMEASURES_ENV") not in ("documentation", "development"):
+    if app.config.get("FLEXMEASURES_FORCE_HTTPS", False):
         SSLify(app)
 
     # Prepare profiling, if needed

diff --git a/flexmeasures/ui/crud/api_wrapper.py b/flexmeasures/ui/crud/api_wrapper.py
@@ -41,17 +41,28 @@ def _maybe_raise(
         if response.status_code not in do_not_raise_for:
             response.raise_for_status()
 
+    def _url_root(self) -> str:
+        """
+        Get the root for the URLs this API should use to call FlexMeasures.
+        """
+        url_root = request.url_root
+        if current_app.config.get("FLEXMEASURES_FORCE_HTTPS", False):
+            # this replacement is for the case we are behind a load balancer who talks http internally
+            url_root = url_root.replace("http://", "https://")
+        return url_root
+
     def get(
         self,
         url: str,
         query: dict[str, Any] | None = None,
         do_not_raise_for: list | None = None,
     ) -> requests.Response:
+        full_url = f"{self._url_root()}{url}"
         current_app.logger.debug(
-            f"{self._log_prefix} GETting {url} with query {query} ..."
+            f"{self._log_prefix} Calling GET to {full_url} with query {query} ..."
         )
         response = requests.get(
-            f"{request.url_root}{url}",
+            full_url,
             params=query,
             headers=self._auth_headers(),
         )
@@ -64,11 +75,12 @@ def post(
         args: dict | None = None,
         do_not_raise_for: list | None = None,
     ) -> requests.Response:
+        full_url = f"{self._url_root()}{url}"
         current_app.logger.debug(
-            f"{self._log_prefix} POSTing {url} with json data {args} ..."
+            f"{self._log_prefix} Call POST to {full_url} with json data {args} ..."
         )
         response = requests.post(
-            f"{request.url_root}{url}",
+            full_url,
             headers=self._auth_headers(),
             json=args if args else {},
         )
@@ -81,11 +93,12 @@ def patch(
         args: dict | None = None,
         do_not_raise_for: list | None = None,
     ) -> requests.Response:
+        full_url = f"{self._url_root()}{url}"
         current_app.logger.debug(
-            f"{self._log_prefix} PATCHing {url} with json data {args} ..."
+            f"{self._log_prefix} Calling PATCH to {full_url} with json data {args} ..."
         )
         response = requests.patch(
-            f"{request.url_root}{url}",
+            full_url,
             headers=self._auth_headers(),
             json=args if args else {},
         )
@@ -97,9 +110,10 @@ def delete(
         url: str,
         do_not_raise_for: list | None = None,
     ) -> requests.Response:
-        current_app.logger.debug(f"{self._log_prefix} DELETEing {url} ...")
+        full_url = f"{self._url_root()}{url}"
+        current_app.logger.debug(f"{self._log_prefix} Calling DELETE to {full_url} ...")
         response = requests.delete(
-            f"{request.url_root}{url}",
+            full_url,
             headers=self._auth_headers(),
         )
         self._maybe_raise(response, do_not_raise_for)

diff --git a/flexmeasures/utils/config_defaults.py b/flexmeasures/utils/config_defaults.py
@@ -138,6 +138,8 @@ class Config(object):
     FLEXMEASURES_API_SUNSET_DATE: str | None = None  # e.g. 2023-05-01
     FLEXMEASURES_API_SUNSET_LINK: str | None = None  # e.g. https://flexmeasures.readthedocs.io/en/latest/api/introduction.html#deprecation-and-sunset
 
+    # if True, all requests are forced to be via HTTPS.
+    FLEXMEASURES_FORCE_HTTPS: bool = False
     # if True, the content could be accessed via HTTPS.
     FLEXMEASURES_ENFORCE_SECURE_CONTENT_POLICY: bool = False