procore · timdoherty · Nov 22, 2019 · Nov 23, 2019 · Nov 23, 2019 · Nov 25, 2019
diff --git a/packages/server/Dockerfile b/packages/server/Dockerfile
@@ -0,0 +1,9 @@
+FROM node:12.13.0-alpine as builder
+RUN apk add yarn
+RUN apk add git
+WORKDIR /app
+COPY . ./
+RUN yarn --pure-lockfile
+
+CMD yarn start
+
diff --git a/packages/server/package.json b/packages/server/package.json
@@ -15,10 +15,6 @@
     "format": "prettier --config ./../../prettier.config.js --write **/*.{js,jsx}"
   },
   "dependencies": {
-    "@hapi/cookie": "10.1.2",
-    "@hapi/hapi": "18.4.0",
-    "@hapi/inert": "5.2.2",
-    "@hapi/vision": "5.5.4",
     "@procore/js-sdk": "2.3.0",
     "cookie-parser": "1.4.4",
     "cookie-session": "1.3.3",

diff --git a/packages/server/src/routes/auth.js b/packages/server/src/routes/auth.js
@@ -5,33 +5,60 @@ export const authRouter = Router();
 
 authRouter.get('/', (_req, res) => {
   return res.redirect(
-    authorize({
-      clientId: process.env.CLIENT_ID,
-      uri: process.env.REDIRECT_URL,
-    })
+    authorize(
+      {
+        clientId: process.env.CLIENT_ID,
+        uri: process.env.REDIRECT_URL,
+      },
+      process.env.PROCORE_SERVER
+    )
   );
 });
 
 authRouter.get('/callback', async (req, res) => {
-  const account = await token({
-    id: process.env.CLIENT_ID,
-    secret: process.env.CLIENT_SECRET,
-    uri: process.env.REDIRECT_URL,
-    code: req.query.code,
-  });
+  console.log({ callBackHeaders: req.headers });
+  const account = await token(
+    {
+      id: process.env.CLIENT_ID,
+      secret: process.env.CLIENT_SECRET,
+      uri: process.env.REDIRECT_URL,
+      code: req.query.code,
+    },
+    process.env.PROCORE_SERVER
+  );
+  console.log({ account });
   req.session.accessToken = account.access_token;
   req.session.refreshToken = account.refresh_token;
-  return res.redirect('/');
+  let redirect = '/';
+  const isLocalhost = Boolean(
+    process.env.HOSTNAME === 'localhost' ||
+      // [::1] is the IPv6 localhost address.
+      process.env.HOSTNAME === '[::1]' ||
+      // 127.0.0.0/8 are considered localhost for IPv4.
+      process.env.HOSTNAME.match(
+        /^127(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$/
+      )
+  );
+  if (!isLocalhost) {
+    const protocol = process.env.PROTOCOL || 'http';
+    const host = process.env.HOSTNAME;
+    const path = process.env.ROOT_PATH || '/';
+    redirect = `${protocol}://${host}${path}`;
+  }
+  return res.redirect(redirect);
 });
 
 authRouter.post('/refresh', async (req, res) => {
-  const account = await refresh({
-    id: process.env.CLIENT_ID,
-    secret: process.env.CLIENT_SECRET,
-    uri: process.env.REDIRECT_URL,
-    token: req.session.accessToken,
-    refresh: req.session.refreshToken,
-  });
+  const account = await refresh(
+    {
+      id: process.env.CLIENT_ID,
+      secret: process.env.CLIENT_SECRET,
+      uri: process.env.REDIRECT_URL,
+      token: req.session.accessToken,
+      refresh: req.session.refreshToken,
+    },
+    process.env.PROCORE_SERVER
+  );
   req.session.accessToken = account.access_token;
   req.session.refreshToken = account.refresh_token;
   res.json(account);