This article will explain how to set up a secure web server with NodeJS which only accepts connection from users with SSL certificates that you have signed. This is an efficient way to ensure that no other people are able to access the web server, without building a login system which will be significantly weaker.
I will not explain how to create a certificate authority (CA), create certificates or sign them. If you need to read up on this, have a look at this excelent article on how to do it with OpenSSL (Mac and Linux): https://help.ubuntu.com/community/OpenSSL#Practical_OpenSSL_Usage It is also possible to do this on a Mac with the keychain application, and I assume it is possible on a Windows machine aswell.
This architecture will allow you to have one web server communicating with an array of trusted clients, the web server itself can be on the public internet, that will not decrease the level of security, but it will only ser