improving login flow.

config/dev.edn

@@ -1 +1,2 @@
-{:db {:server "localhost"}}
+{:db {:server "localhost"}
+ :scheme "http"}

config/prod.edn

@@ -1 +1,2 @@
-{:db {:server "database"}}
+{:db {:server "database"}
+ :scheme "https"}

docker-compose.prod.yml

@@ -1,8 +1,27 @@
-version: '2'
+version: '3'
 services:
-  app:
-    ports:
-      - 80:3000
+  nginx-proxy:
     restart: always
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - /opt/integreat/certs/:/etc/nginx/certs:ro
+      - /opt/integreat/etc/nginx/vhost.d:/etc/nginx/vhost.d
+      - /opt/integreat/usr/share/nginx/html:/usr/share/nginx/html
+  letsencrypt:
+    restart: always
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /opt/integreat/certs/:/etc/nginx/certs
+      - /opt/integreat/etc/nginx/vhost.d:/etc/nginx/vhost.d
+      - /opt/integreat/usr/share/nginx/html:/usr/share/nginx/html
+  app:
+    restart: always
+    environment:
+      config: /usr/local/config/prod.edn
+      VIRTUAL_HOST: integreat.aws.brycecovertoperations.com
+      LETSENCRYPT_HOST: integreat.aws.brycecovertoperations.com
+      LETSENCRYPT_EMAIL: le@brycecovertoperations.com
   database:
     restart: always
+    volumes:
+      - /opt/integreat/var/lib/postgresql/data:/var/lib/postgresql/data

docker-compose.yml

@@ -1,13 +1,33 @@
-version: '2'
+version: '3'
 services:
+  nginx-proxy:
+    image: jwilder/nginx-proxy:alpine
+    ports:
+      - "80:80"
+      - "443:443"
+    labels:
+      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true"
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - ./data/certs/:/etc/nginx/certs:ro
+      - ./data/etc/nginx/vhost.d:/etc/nginx/vhost.d
+      - ./data/usr/share/nginx/html:/usr/share/nginx/html
+  letsencrypt:
+    image: jrcs/letsencrypt-nginx-proxy-companion:stable
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./data/certs/:/etc/nginx/certs
+      - ./data/etc/nginx/vhost.d:/etc/nginx/vhost.d
+      - ./data/usr/share/nginx/html:/usr/share/nginx/html
   app:
     build: .
-    ports:
-    - 3000:3000
+    expose:
+      - 3000
     depends_on:
     - database
     environment:
       config: /usr/local/config/prod.edn
+      VIRTUAL_HOST: local.integreat.aws.brycecovertoperations.com
   database:
     image: postgres:9-alpine
     ports:
@@ -16,6 +36,8 @@ services:
       POSTGRES_USER: ap
       POSTGRES_PASSWORD: fifteen-invoices-imported!
       POSTGRES_DB: autoap
+    volumes:
+      - ./data/var/lib/postgresql/data:/var/lib/postgresql/data
   migrator:
     build: ./migrator
     depends_on:

src/clj/auto_ap/handler.clj

@@ -17,6 +17,7 @@
             [clj-fuzzy.metrics :as m]
             [clj-http.client :as http]
             [clj-time.core :as time]
+            [config.core :refer [env]]
 
             [buddy.auth :refer [authenticated?]]
             
@@ -42,16 +43,18 @@
   (GET "/"  [] 
        (response/resource-response "index.html" {:root "public"}))
   (GET "/api/oauth" {{:strs [code]} :query-params :keys [scheme] :as r {:strs [host]} :headers}
+       
        (try
          (let [auth (-> "https://accounts.google.com/o/oauth2/token"
                          (http/post 
                           {:form-params {"client_id" google-client-id
                                          "client_secret" google-client-secret
                                          "code" code
-                                         "redirect_uri" (str (name scheme) "://" host  "/api/oauth")
+                                         "redirect_uri" (str (:scheme env) "://" host  "/api/oauth")
                                          "grant_type" "authorization_code"}
                            :as :json})
                          :body)
+               _ (println auth)
                token (:access_token auth)
                profile (-> (http/get "https://www.googleapis.com/oauth2/v1/userinfo"
                                      {:headers {"Authorization" (str "Bearer " token)} :as :json})