From 43464cefb0dfa1660bd3add3f178ae9000705a33 Mon Sep 17 00:00:00 2001
From: rob <rob@digitaltelepresence.com>
Date: Sat, 1 Oct 2022 19:17:36 -0400
Subject: [PATCH] manually load BrowserSync in dev environments

We are simply no longer using the BrowserSync proxy and will be loading
directly from Express in dev.
---
 app/views/layouts/main.pug |  3 +++
 gulpfile.js                |  9 ++++++---
 lib/site-platform.js       | 17 ++++++++++++++---
 3 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/app/views/layouts/main.pug b/app/views/layouts/main.pug
index c22e0d1..9f765fa 100644
--- a/app/views/layouts/main.pug
+++ b/app/views/layouts/main.pug
@@ -89,6 +89,9 @@ html(lang='en')
       script(src=`/numeral/numeral.min.js?v=${pkg.version}`)
       script(src=`/socket.io/socket.io.js?v=${pkg.version}`)
 
+      if process.env.NODE_ENV !== 'production'
+        script(src="https://localhost:3310/browser-sync/browser-sync-client.js?v=2.27.7")
+
       block vendorjs
 
       script.
diff --git a/gulpfile.js b/gulpfile.js
index 34821b3..4deede3 100644
--- a/gulpfile.js
+++ b/gulpfile.js
@@ -24,12 +24,15 @@ function util_start_browsersync ( ) {
       proxy: {
         target: 'https://dev.base.digitaltelepresence.com:3410',
         ws: true,
+        reqHeaders: {
+          'X-Forwarded-For': '127.0.0.1, 127.0.0.1',
+        },
       },
       host: 'dev.base.digitaltelepresence.com',
-      open: 'local',
+      open: 'external',
       https: {
-        key: path.join(__dirname, 'ssl', 'dtp-webapp.key'),
-        cert: path.join(__dirname, 'ssl', 'dtp-webapp.crt'),
+        key: path.join(__dirname, 'ssl', 'dtp-base.key'),
+        cert: path.join(__dirname, 'ssl', 'dtp-base.crt'),
       },
       port: 3310,
       cors: true,
diff --git a/lib/site-platform.js b/lib/site-platform.js
index 7f7b0e3..b8b5e34 100644
--- a/lib/site-platform.js
+++ b/lib/site-platform.js
@@ -202,6 +202,7 @@ module.exports.startPlatform = async (dtp) => {
 };
 
 module.exports.startWebServer = async (dtp) => {
+  const IS_PRODUCTION = (process.env.NODE_ENV === 'production');
   dtp.app = module.app = express();
 
   module.app.set('views', path.join(dtp.config.root, 'app', 'views'));
@@ -288,6 +289,7 @@ module.exports.startWebServer = async (dtp) => {
   /*
    * Express sessions
    */
+
   module.log.info('initializing redis session store');
   var sessionStore = new RedisSessionStore({ client: module.redis });
 
@@ -296,19 +298,28 @@ module.exports.startWebServer = async (dtp) => {
     name: `dtp:${process.env.DTP_SITE_DOMAIN_KEY}.${process.env.NODE_ENV}`,
     secret: process.env.HTTP_SESSION_SECRET,
     resave: true,
+    proxy: IS_PRODUCTION,
     saveUninitialized: true,
     cookie: {
-      domain: process.env.DTP_SITE_DOMAIN,
+      domain: process.env.DTP_SITE_DOMAIN_KEY,
       path: '/',
       httpOnly: true,
-      secure: process.env.HTTP_COOKIE_SECURE === 'enabled',
+      secure: true,
       sameSite: process.env.HTTP_COOKIE_SAMESITE || false,
       expires: SESSION_DURATION,
     },
     store: null,
   };
+  module.log.info('configuring session handler', {
+    domain: module.sessionConfig.cookie.domain,
+    httpOnly: module.sessionConfig.cookie.httpOnly,
+    secure: module.sessionConfig.cookie.secure,
+    sameSite: module.sessionConfig.cookie.sameSite,
+    expires: module.sessionConfig.cookie.expires,
+  });
   module.sessionConfig.store = sessionStore;
-  if (process.env.NODE_ENV === 'production') {
+  if (IS_PRODUCTION && module.sessionConfig.cookie.secure) {
+    module.log.info('session will be trusting first proxy');
     module.app.set('trust proxy', 1);
   }
   module.app.use(session(module.sessionConfig));