chore: draw.io diagram of authentication

2025-12-10 19:34:34 +00:00 · 2022-02-10 18:38:24 +05:00
66 changed files with 39611 additions and 8117 deletions
--- a/.env.example
+++ b/.env.example
@@ -1,5 +1,4 @@
-SAS_EXEC_PATH=<path to folder containing SAS executable>
-SAS_EXEC_NAME=<name of SAS executable file>
+SAS_EXEC=<path to folder containing SAS executable 'sas'>
 PORT_API=<port for sasjs server (api)>
 PORT_WEB=<port for sasjs web component(react)>
 ACCESS_TOKEN_SECRET=<secret>
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -1,115 +0,0 @@
-# CONTRIBUTING
-
-Contributions are very welcome!  Feel free to raise an issue or start a discussion, for help in getting started.
-
-
-## Configuration
-
-Configuration is made in the `configuration` section of `package.json`:
-
- Provide path to SAS9 executable.
-
-
-### Using dockers:
-
-There is `.env.example` file present at root of the project. [for Production]
-
-There is `.env.example` file present at `./api` of the project. [for Development]
-
-There is `.env.example` file present at `./web` of the project. [for Development]
-
-Remember to provide enviornment variables.
-
-#### Development
-
-Command to run docker for development:
-
-```
-docker-compose up -d
-```
-
-It uses default docker compose file i.e. `docker-compose.yml` present at root.
-It will build following images if running first time:
-
- `sasjs_server_api` - image for sasjs api server app based on _ExpressJS_
- `sasjs_server_web` - image for sasjs web component app based on _ReactJS_
- `mongodb` - image for mongo database
- `mongo-seed-users` - will be populating user data specified in _./mongo-seed/users/user.json_
- `mongo-seed-clients` - will be populating client data specified in _./mongo-seed/clients/client.json_
-
-
-#### Production
-
-Command to run docker for production:
-
-```
-docker-compose -f docker-compose.prod.yml up -d
-```
-
-It uses specified docker compose file i.e. `docker-compose.prod.yml` present at root.
-It will build following images if running first time:
-
- `sasjs_server_prod` - image for sasjs server app containing api and web component's build served at route `/`
- `mongodb` - image for mongo database
- `mongo-seed-users` - will be populating user data specified in _./mongo-seed/users/user.json_
- `mongo-seed-clients` - will be populating client data specified in _./mongo-seed/clients/client.json_
-
-### Using node:
-
-#### Development (running api and web seperately):
-
-##### API
-
-Navigate to `./api`
-There is `.env.example` file present at `./api` directory. Remember to provide enviornment variables else default values will be used mentioned in `.env.example` files
-Command to install and run api server.
-
-```
-npm install
-npm start
-```
-
-##### Web
-
-Navigate to `./web`
-There is `.env.example` file present at `./web` directory. Remember to provide enviornment variables else default values will be used mentioned in `.env.example` files
-Command to install and run api server.
-
-```
-npm install
-npm start
-```
-
-#### Development (running only api server and have web build served):
-
-##### API server also serving Web build files
-
-There is `.env.example` file present at `./api` directory. Remember to provide enviornment variables else default values will be used mentioned in `.env.example` files
-Command to install and run api server.
-
-```
-cd ./web && npm i && npm build && cd ../
-cd ./api && npm i && npm start
-```
-
-#### Production
-
-##### API & WEB
-
-```
-npm run server
-```
-
-This will install/build `web` and install `api`, then start prod server.
-
-
-## Executables
-
-Command to generate executables
-
-```
-cd ./web && npm i && npm build && cd ../
-cd ./api && npm i && npm run exe
-```
-
-This will install/build web app and install/create executables of sasjs server at root `./executables`
--- a/.gitignore
+++ b/.gitignore
@@ -7,7 +7,6 @@ sas/
 tmp/
 build/
 sasjsbuild/
-sasjscore/
 certificates/
 executables/
 .env
--- a/.gitpod.yml
+++ b/.gitpod.yml
@@ -1,10 +0,0 @@
-# This configuration file was automatically generated by Gitpod.
-# Please adjust to your needs (see https://www.gitpod.io/docs/config-gitpod-file)
-# and commit this file to your remote git repository to share the goodness with others.
-
-tasks:
-  - init: npm install
-vscode:
-  extensions:
-    - dbaeumer.vscode-eslint
-    - sasjs.sasjs-for-vscode
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,83 +2,6 @@

 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

-### [0.0.30](https://github.com/sasjs/server/compare/v0.0.29...v0.0.30) (2022-03-05)
-
-
-### Features
-
-* parse log to array ([c5ad72c](https://github.com/sasjs/server/commit/c5ad72c931ec8fbd7d5a6475838adcbd380c8aee))
-* set response headers provded by SAS Code execution ([2c4aa42](https://github.com/sasjs/server/commit/2c4aa420b3119890cafde4265ed5dddbc9d6a636))
-
-
-### Bug Fixes
-
-* added http headers to /code api as well ([da899b9](https://github.com/sasjs/server/commit/da899b90e26d5ee393eefc302be985eb7c9055a5))
-* code api is updated return type ([e2a6810](https://github.com/sasjs/server/commit/e2a6810e9531a8102d3c51fd8df2e1f78f0d965f))
-* **file:** fixes response headers ([ef41691](https://github.com/sasjs/server/commit/ef41691e408ef1c1c7a921cc1050bdd533651331))
-* get file instead of it's content ([efaf38d](https://github.com/sasjs/server/commit/efaf38d3039391392ce0e14a3accddd8f34ea7d6))
-* hot fix for web component ([0a4b202](https://github.com/sasjs/server/commit/0a4b202428e14effc8014a6813cecf7761ce3715))
-* improvement in flow of uploading ([8c1941a](https://github.com/sasjs/server/commit/8c1941a87bc184be4e0e09eeff73fc6cb69e3041))
-* macros are available Sessions with SASAUTOS ([95843fa](https://github.com/sasjs/server/commit/95843fa4c711aa695ee63ad265b8def4ba56360d))
-* minor changes ([0b5f958](https://github.com/sasjs/server/commit/0b5f958f456d291ec7a8697236657c7819d5c654))
-* multi-part file upload + validations + specs ([e60f172](https://github.com/sasjs/server/commit/e60f17268d1fa9ab623313026d46bd3f63756f69))
-* organized code for usage of multer ([ce0a5e1](https://github.com/sasjs/server/commit/ce0a5e1229bed69c450061fac2bc19711448da56))
-* return buffer in case of file response ([3e6234e](https://github.com/sasjs/server/commit/3e6234e6019c5f3ae4280fac079ecc9cb0effc07))
-* **stp:** return json for webout ([5005f20](https://github.com/sasjs/server/commit/5005f203b8d6b1d577cdf094b83886bd1fc817a2))
-* updating docs ([7312763](https://github.com/sasjs/server/commit/7312763339d6769826328561e2c8d11bbfc0c9f4))
-* **upload:** added query param as well for filepath ([feeec4e](https://github.com/sasjs/server/commit/feeec4eb149e9a47e5a52320d1fc95243bf5eb15))
-
-### [0.0.29](https://github.com/sasjs/server/compare/v0.0.28...v0.0.29) (2022-02-16)
-
-
-### Bug Fixes
-
-* adding .. in folder path ([5931fc1](https://github.com/sasjs/server/commit/5931fc1e712c545ef80454dea5b36e684017c367))
-* adding sasjs stpsrv_header() path to autoexec.  Relates to [#58](https://github.com/sasjs/server/issues/58) ([ce9bde5](https://github.com/sasjs/server/commit/ce9bde5717369de2d76dc183319be8830b2362b2))
-
-### [0.0.28](https://github.com/sasjs/server/compare/v0.0.27...v0.0.28) (2022-02-16)
-
-
-### Features
-
-* default macros and bumping core ([6f19d3d](https://github.com/sasjs/server/commit/6f19d3d0ea3815815f246a3e455495c72c8604c7))
-
-
-### Bug Fixes
-
-* moving core ([f10138b](https://github.com/sasjs/server/commit/f10138b0f2005a958f63cb3a8351e1afa52f086a))
-
-### [0.0.27](https://github.com/sasjs/server/compare/v0.0.26...v0.0.27) (2022-02-16)
-
-
-### Features
-
-* removing stpsrv_header and updating README with auth details ([d3674c7](https://github.com/sasjs/server/commit/d3674c7f9449d77977e482cd63ccdf7e974fa838))
-* **stp-execution:** add returnLog option to execution query ([bf5767e](https://github.com/sasjs/server/commit/bf5767eadfb87f7ed902659347a18361a6a6c74b))
-
-### [0.0.26](https://github.com/sasjs/server/compare/v0.0.25...v0.0.26) (2022-02-14)
-
-
-### Bug Fixes
-
-* refactored + removed unused package ([d7e1aca](https://github.com/sasjs/server/commit/d7e1aca7e33c3264c784d406fa766e29a6b15ae9))
-* release should also has https protocol ([0cfe724](https://github.com/sasjs/server/commit/0cfe724ffa089b84a9f8bca49c9033b56f51c9cb))
-* updated token expiry times ([d17a3dd](https://github.com/sasjs/server/commit/d17a3dd5900d5eb88120af8575e3fc7c2cb71ed6))
-
-### [0.0.25](https://github.com/sasjs/server/compare/v0.0.24...v0.0.25) (2022-02-11)
-
-
-### Bug Fixes
-
-* adding global macvar and bumping sasjs/core with additional server support ([404f1ec](https://github.com/sasjs/server/commit/404f1ec0593a027ed5e84b1d6a84cb9f2d09d99e))
-
-### [0.0.24](https://github.com/sasjs/server/compare/v0.0.23...v0.0.24) (2022-02-11)
-
-
-### Bug Fixes
-
-* removing sysmacdelete ([480ee4d](https://github.com/sasjs/server/commit/480ee4da831d2a89888c58ebec26bd89802ee2f5))
-
 ### [0.0.23](https://github.com/sasjs/server/compare/v0.0.22...v0.0.23) (2022-02-08)

 ### [0.0.22](https://github.com/sasjs/server/compare/v0.0.17...v0.0.22) (2022-02-08)
--- a/README.md
+++ b/README.md
@@ -8,94 +8,127 @@ SASjs Server provides a NodeJS wrapper for calling the SAS binary executable. It

 One major benefit of using SASjs Server (alongside other components of the SASjs framework such as the [CLI](https://cli.sasjs.io), [Adapter](https://adapter.sasjs.io) and [Core](https://core.sasjs.io) library) is that the projects you create can be very easily ported to SAS 9 (Stored Process server) or Viya (Job Execution server).

-SASjs Server is available in two modes - Desktop (without authentication) and Server (with authentiation, and a database)
+## Installation

-
-## Configuration
-
-When launching the app, it will make use of specific environment variables. These can be set in the following places:
-
- Configured globally in /etc/environment file
- Export in terminal or shell script (`export VAR=VALUE`)
- Prepend in command
- Enter in the `.env` file alongside the executable
-
-Example variables:
-
-```
-MODE=[desktop|server] default considered as desktop
-CORS=[disable|enable] default considered as disable
-PROTOCOL=[http|https] default considered as http
-PORT=[5000] default value is 5000
-PORT_WEB=[port for sasjs web component(react)] default value is 3000
-SAS_PATH=/path/to/sas/executable.exe
-DRIVE_PATH=./tmp
-PROTOCOL=[http|https] default considered as http. Use pems below if htttps.
-PRIVATE_KEY=privkey.pem
-FULL_CHAIN=fullchain.pem
-```
-
-## Desktop Version
-
-### Manual Installation
-
-Download the relevant package from the [releases](https://github.com/sasjs/server/releases) page
-
-Next, trigger by double clicking (windows) or executing from commandline.
-
-You are presented with two prompts (if not set as ENV vars):
-
- Location of your `sas.exe` / `sas.sh` executable
- Path to a filesystem location for Stored Programs and temporary files
-
-## Programmatic Installation
-
-Fetch the relevant package from github using `curl`, eg as follows (for linux):
+First, download the relevant package from the [releases](https://github.com/sasjs/server/releases) page - either manually, or with commandline, eg as follow:

 ```bash
 curl -L https://github.com/sasjs/server/releases/latest/download/linux.zip > linux.zip
 unzip linux.zip
+./api-linux
 ```

-The app can then be launched with `./api-linux` and prompts followed (if ENV vars not set).
+Second, trigger by double clicking (windows) or executing from commandline.

-Normally the server process will stop when your terminal dies. To keep it going you can use the npm package [pm2](https://www.npmjs.com/package/pm2) (`npm install pm2@latest -g`) as follows:
+You are presented with two prompts:

-```bash
-export SAS_PATH=/opt/sas9/SASHome/SASFoundation/9.4/sasexe/sas
-export PORT=5001
-export DRIVE_PATH=./tmp
+* Location of your `sas.exe` / `sas.sh` executable
+* Path to a filesystem location for Stored Programs and temporary files

-pm2 start api-linux
-```
+## Configuration

-To get the logs (and some usefull commands):
+Configuration is made in the `configuration` section of `package.json`:

-```bash
-pm2 [list|ls|status]
-pm2 logs
-pm2 logs --lines 200
-```
+- Provide path to SAS9 executable.

-Managing processes:
+### Using dockers:
+
+There is `.env.example` file present at root of the project. [for Production]
+
+There is `.env.example` file present at `./api` of the project. [for Development]
+
+There is `.env.example` file present at `./web` of the project. [for Development]
+
+Remember to provide enviornment variables.
+
+#### Development
+
+Command to run docker for development:

 ```
-pm2 restart app_name
-pm2 reload app_name
-pm2 stop app_name
-pm2 delete app_name
+docker-compose up -d
 ```

-Instead of `app_name` you can pass:
+It uses default docker compose file i.e. `docker-compose.yml` present at root.
+It will build following images if running first time:

- `all` to act on all processes
- `id` to act on a specific process id
+- `sasjs_server_api` - image for sasjs api server app based on _ExpressJS_
+- `sasjs_server_web` - image for sasjs web component app based on _ReactJS_
+- `mongodb` - image for mongo database
+- `mongo-seed-users` - will be populating user data specified in _./mongo-seed/users/user.json_
+- `mongo-seed-clients` - will be populating client data specified in _./mongo-seed/clients/client.json_

+#### Production

-## Server Version
+Command to run docker for production:

-The following credentials can be used for the initial connection to SASjs/server.  It is recommended to change these on first use.
+```
+docker-compose -f docker-compose.prod.yml up -d
+```

-* CLIENTID:  `clientID1`
-* USERNAME:  `secretuser`
-* PASSWORD:  `secretpassword`
+It uses specified docker compose file i.e. `docker-compose.prod.yml` present at root.
+It will build following images if running first time:
+
+- `sasjs_server_prod` - image for sasjs server app containing api and web component's build served at route `/`
+- `mongodb` - image for mongo database
+- `mongo-seed-users` - will be populating user data specified in _./mongo-seed/users/user.json_
+- `mongo-seed-clients` - will be populating client data specified in _./mongo-seed/clients/client.json_
+
+### Using node:
+
+#### Development (running api and web seperately):
+
+##### API
+
+Navigate to `./api`
+There is `.env.example` file present at `./api` directory. Remember to provide enviornment variables else default values will be used mentioned in `.env.example` files
+Command to install and run api server.
+
+```
+npm install
+npm start
+```
+
+##### Web
+
+Navigate to `./web`
+There is `.env.example` file present at `./web` directory. Remember to provide enviornment variables else default values will be used mentioned in `.env.example` files
+Command to install and run api server.
+
+```
+npm install
+npm start
+```
+
+#### Development (running only api server and have web build served):
+
+##### API server also serving Web build files
+
+There is `.env.example` file present at `./api` directory. Remember to provide enviornment variables else default values will be used mentioned in `.env.example` files
+Command to install and run api server.
+
+```
+cd ./web && npm i && npm build && cd ../
+cd ./api && npm i && npm start
+```
+
+#### Production
+
+##### API & WEB
+
+```
+npm run server
+```
+
+This will install/build `web` and install `api`, then start prod server.
+
+## Executables
+
+Command to generate executables
+
+```
+cd ./web && npm i && npm build && cd ../
+cd ./api && npm i && npm run exe
+```
+
+This will install/build web app and install/create executables of sasjs server at root `./executables`
--- a/SASjsServer.drawio
+++ b/SASjsServer.drawio
@@ -1,84 +1,206 @@
 <mxfile host="65bd71144e">
    <diagram id="HJy_QFGaI9JSrArARLup" name="Page-1">
-        <mxGraphModel dx="1908" dy="2140" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
+        <mxGraphModel dx="3103" dy="2723" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
            <root>
                <mxCell id="0"/>
                <mxCell id="1" parent="0"/>
-                <mxCell id="4" value="End user" style="shape=umlActor;verticalLabelPosition=bottom;verticalAlign=top;html=1;outlineConnect=0;fontStyle=0" vertex="1" parent="1">
-                    <mxGeometry x="-360" y="-120" width="40" height="80" as="geometry"/>
+                <mxCell id="7" value="SASjs Server" style="whiteSpace=wrap;html=1;verticalAlign=top;fontStyle=0;fontSize=30;" parent="1" vertex="1">
+                    <mxGeometry x="30" y="-150" width="360" height="1250" as="geometry"/>
                </mxCell>
-                <mxCell id="7" value="SASjs Server" style="whiteSpace=wrap;html=1;verticalAlign=top;fontStyle=0;fontSize=30;" vertex="1" parent="1">
-                    <mxGeometry x="30" y="-150" width="360" height="850" as="geometry"/>
+                <mxCell id="36" value="&lt;font style=&quot;font-size: 22px&quot;&gt;Internal Authentication&lt;/font&gt;" style="whiteSpace=wrap;html=1;verticalAlign=top;fontStyle=0;" vertex="1" parent="1">
+                    <mxGeometry x="50" y="-60" width="320" height="330" as="geometry"/>
                </mxCell>
-                <mxCell id="8" value="" style="edgeStyle=none;html=1;entryX=0;entryY=0.25;entryDx=0;entryDy=0;" edge="1" parent="1" target="28">
+                <mxCell id="4" value="End user" style="shape=umlActor;verticalLabelPosition=bottom;verticalAlign=top;html=1;outlineConnect=0;fontStyle=0" parent="1" vertex="1">
+                    <mxGeometry x="-740" y="-120" width="40" height="80" as="geometry"/>
+                </mxCell>
+                <mxCell id="8" value="" style="edgeStyle=none;html=1;entryX=0;entryY=0.25;entryDx=0;entryDy=0;" parent="1" target="28" edge="1">
                    <mxGeometry relative="1" as="geometry">
-                        <mxPoint x="-340" y="23" as="sourcePoint"/>
+                        <mxPoint x="-530" y="23" as="sourcePoint"/>
                        <mxPoint x="115" y="22.586363636363558" as="targetPoint"/>
                    </mxGeometry>
                </mxCell>
-                <mxCell id="11" value="&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px ; line-height: 18px&quot;&gt;&lt;span style=&quot;color: #a31515&quot;&gt;/SASjsApi/auth/authorize&lt;br&gt;(username,password,clientId)&lt;/span&gt;&lt;/div&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" vertex="1" connectable="0" parent="8">
+                <mxCell id="11" value="&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px ; line-height: 18px&quot;&gt;&lt;span style=&quot;color: #a31515&quot;&gt;/SASjsApi/auth/authorize&lt;br&gt;(username,password,clientId)&lt;/span&gt;&lt;/div&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="8" vertex="1" connectable="0">
                    <mxGeometry x="-0.1257" y="2" relative="1" as="geometry">
                        <mxPoint as="offset"/>
                    </mxGeometry>
                </mxCell>
-                <mxCell id="14" value="" style="edgeStyle=none;html=1;exitX=-0.002;exitY=0.874;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="28">
+                <mxCell id="14" value="" style="edgeStyle=none;html=1;exitX=-0.002;exitY=0.874;exitDx=0;exitDy=0;exitPerimeter=0;" parent="1" source="28" edge="1">
                    <mxGeometry relative="1" as="geometry">
                        <mxPoint x="110" y="80" as="sourcePoint"/>
-                        <mxPoint x="-340" y="80" as="targetPoint"/>
+                        <mxPoint x="-530" y="80" as="targetPoint"/>
                    </mxGeometry>
                </mxCell>
-                <mxCell id="16" value="&lt;font color=&quot;#a31515&quot; face=&quot;menlo, monaco, courier new, monospace&quot;&gt;&lt;span style=&quot;font-size: 12px&quot;&gt;`code`&lt;/span&gt;&lt;/font&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" vertex="1" connectable="0" parent="14">
+                <mxCell id="16" value="&lt;font color=&quot;#a31515&quot; face=&quot;menlo, monaco, courier new, monospace&quot;&gt;&lt;span style=&quot;font-size: 12px&quot;&gt;`code`&lt;/span&gt;&lt;/font&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="14" vertex="1" connectable="0">
                    <mxGeometry x="0.1931" y="-1" relative="1" as="geometry">
                        <mxPoint as="offset"/>
                    </mxGeometry>
                </mxCell>
-                <mxCell id="21" value="End user" style="shape=umlActor;verticalLabelPosition=bottom;verticalAlign=top;html=1;outlineConnect=0;fontStyle=0" vertex="1" parent="1">
-                    <mxGeometry x="-360" y="545" width="40" height="80" as="geometry"/>
+                <mxCell id="21" value="End user" style="shape=umlActor;verticalLabelPosition=bottom;verticalAlign=top;html=1;outlineConnect=0;fontStyle=0" parent="1" vertex="1">
+                    <mxGeometry x="-730" y="1100" width="40" height="80" as="geometry"/>
                </mxCell>
-                <mxCell id="22" value="" style="edgeStyle=none;html=1;entryX=0;entryY=0.25;entryDx=0;entryDy=0;" edge="1" parent="1" target="30">
+                <mxCell id="22" value="" style="edgeStyle=none;html=1;entryX=0;entryY=0.25;entryDx=0;entryDy=0;" parent="1" target="30" edge="1">
                    <mxGeometry relative="1" as="geometry">
-                        <mxPoint x="-340" y="165" as="sourcePoint"/>
+                        <mxPoint x="-530" y="163" as="sourcePoint"/>
                        <mxPoint x="115" y="165" as="targetPoint"/>
                    </mxGeometry>
                </mxCell>
-                <mxCell id="23" value="&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px ; line-height: 18px&quot;&gt;&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; line-height: 18px&quot;&gt;&lt;span style=&quot;color: #a31515&quot;&gt;/SASjsApi/auth/token&lt;/span&gt;&lt;/div&gt;&lt;span style=&quot;color: #a31515&quot;&gt;(clientId,code)&lt;/span&gt;&lt;/div&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" vertex="1" connectable="0" parent="22">
+                <mxCell id="23" value="&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px ; line-height: 18px&quot;&gt;&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; line-height: 18px&quot;&gt;&lt;span style=&quot;color: #a31515&quot;&gt;/SASjsApi/auth/token&lt;/span&gt;&lt;/div&gt;&lt;span style=&quot;color: #a31515&quot;&gt;(clientId,code)&lt;/span&gt;&lt;/div&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="22" vertex="1" connectable="0">
                    <mxGeometry x="-0.1257" y="2" relative="1" as="geometry">
                        <mxPoint as="offset"/>
                    </mxGeometry>
                </mxCell>
-                <mxCell id="24" value="" style="edgeStyle=none;html=1;exitX=0.009;exitY=0.905;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="30">
+                <mxCell id="24" value="" style="edgeStyle=none;html=1;exitX=0.009;exitY=0.905;exitDx=0;exitDy=0;exitPerimeter=0;" parent="1" source="30" edge="1">
                    <mxGeometry relative="1" as="geometry">
                        <mxPoint x="210" y="222.5" as="sourcePoint"/>
-                        <mxPoint x="-340" y="223" as="targetPoint"/>
+                        <mxPoint x="-530" y="223" as="targetPoint"/>
                    </mxGeometry>
                </mxCell>
-                <mxCell id="25" value="&lt;font color=&quot;#a31515&quot; face=&quot;menlo, monaco, courier new, monospace&quot;&gt;&lt;span style=&quot;font-size: 12px&quot;&gt;`&lt;/span&gt;&lt;/font&gt;&lt;span style=&quot;color: rgb(163 , 21 , 21) ; font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px&quot;&gt;accessToken&lt;/span&gt;&lt;span style=&quot;font-size: 12px ; color: rgb(163 , 21 , 21) ; font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace&quot;&gt;` &amp;amp; `&lt;/span&gt;&lt;span style=&quot;color: rgb(163 , 21 , 21) ; font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px&quot;&gt;refreshToken&lt;/span&gt;&lt;span style=&quot;color: rgb(163 , 21 , 21) ; font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px&quot;&gt;`&lt;/span&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" vertex="1" connectable="0" parent="24">
+                <mxCell id="25" value="&lt;font color=&quot;#a31515&quot; face=&quot;menlo, monaco, courier new, monospace&quot;&gt;&lt;span style=&quot;font-size: 12px&quot;&gt;`&lt;/span&gt;&lt;/font&gt;&lt;span style=&quot;color: rgb(163 , 21 , 21) ; font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px&quot;&gt;accessToken&lt;/span&gt;&lt;span style=&quot;font-size: 12px ; color: rgb(163 , 21 , 21) ; font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace&quot;&gt;` &amp;amp; `&lt;/span&gt;&lt;span style=&quot;color: rgb(163 , 21 , 21) ; font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px&quot;&gt;refreshToken&lt;/span&gt;&lt;span style=&quot;color: rgb(163 , 21 , 21) ; font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px&quot;&gt;`&lt;/span&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="24" vertex="1" connectable="0">
                    <mxGeometry x="0.1931" y="-1" relative="1" as="geometry">
                        <mxPoint as="offset"/>
                    </mxGeometry>
                </mxCell>
-                <mxCell id="26" value="" style="endArrow=none;dashed=1;html=1;dashPattern=1 3;strokeWidth=2;" edge="1" parent="1" source="21" target="4">
+                <mxCell id="26" value="" style="endArrow=none;dashed=1;html=1;dashPattern=1 3;strokeWidth=2;" parent="1" source="21" target="4" edge="1">
                    <mxGeometry width="50" height="50" relative="1" as="geometry">
-                        <mxPoint x="40" y="240" as="sourcePoint"/>
-                        <mxPoint x="90" y="190" as="targetPoint"/>
+                        <mxPoint x="-340" y="240" as="sourcePoint"/>
+                        <mxPoint x="-290" y="190" as="targetPoint"/>
                    </mxGeometry>
                </mxCell>
-                <mxCell id="28" value="&lt;span&gt;Validates&lt;/span&gt;&lt;br&gt;&lt;span&gt;username/password/clientId&lt;/span&gt;&lt;br&gt;&lt;span&gt;and issue short&lt;/span&gt;&lt;br&gt;&lt;span&gt;Authorization code&lt;/span&gt;" style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="1">
+                <mxCell id="28" value="&lt;span&gt;Validates&lt;/span&gt;&lt;br&gt;&lt;span&gt;username/password/clientId&lt;/span&gt;&lt;br&gt;&lt;span&gt;and issue short&lt;/span&gt;&lt;br&gt;&lt;span&gt;Authorization code&lt;/span&gt;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
                    <mxGeometry x="115" width="190" height="90" as="geometry"/>
                </mxCell>
-                <mxCell id="30" value="Validates&lt;br&gt;clientId &amp;amp; authorization code&lt;br&gt;and issue&lt;br&gt;Access Token &amp;amp; Refresh Token" style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="1">
+                <mxCell id="30" value="Validates&lt;br&gt;clientId &amp;amp; authorization code&lt;br&gt;and issue&lt;br&gt;Access Token &amp;amp; Refresh Token" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1">
                    <mxGeometry x="115" y="140" width="190" height="90" as="geometry"/>
                </mxCell>
-                <mxCell id="32" value="Protected APIs&lt;br&gt;Authenticate requests &lt;br&gt;with provided Bearer Token" style="whiteSpace=wrap;html=1;verticalAlign=top;fontStyle=0;" vertex="1" parent="1">
-                    <mxGeometry x="50" y="280" width="320" height="400" as="geometry"/>
+                <mxCell id="32" value="Protected APIs&lt;br&gt;Authenticate requests &lt;br&gt;with provided Bearer Token" style="whiteSpace=wrap;html=1;verticalAlign=top;fontStyle=0;" parent="1" vertex="1">
+                    <mxGeometry x="50" y="920" width="320" height="150" as="geometry"/>
                </mxCell>
-                <mxCell id="33" value="" style="edgeStyle=none;html=1;entryX=0;entryY=0.373;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" target="32">
+                <mxCell id="33" value="" style="edgeStyle=none;html=1;entryX=-0.012;entryY=0.384;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" target="32" edge="1">
                    <mxGeometry relative="1" as="geometry">
-                        <mxPoint x="-340" y="432.5" as="sourcePoint"/>
-                        <mxPoint x="-10" y="430" as="targetPoint"/>
+                        <mxPoint x="-520" y="978" as="sourcePoint"/>
+                        <mxPoint x="-80" y="819" as="targetPoint"/>
                    </mxGeometry>
                </mxCell>
-                <mxCell id="34" value="&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px ; line-height: 18px&quot;&gt;&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; line-height: 18px&quot;&gt;&lt;font color=&quot;#a31515&quot;&gt;Request with Access Token&lt;/font&gt;&lt;/div&gt;&lt;/div&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" vertex="1" connectable="0" parent="33">
+                <mxCell id="34" value="&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px ; line-height: 18px&quot;&gt;&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; line-height: 18px&quot;&gt;&lt;font color=&quot;#a31515&quot;&gt;Request with Access Token&lt;/font&gt;&lt;/div&gt;&lt;/div&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" parent="33" vertex="1" connectable="0">
+                    <mxGeometry x="-0.1257" y="2" relative="1" as="geometry">
+                        <mxPoint as="offset"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="37" value="Browser" style="rounded=0;whiteSpace=wrap;html=1;fontSize=22;" vertex="1" parent="1">
+                    <mxGeometry x="-590" y="-100" width="120" height="60" as="geometry"/>
+                </mxCell>
+                <mxCell id="38" value="Browser" style="rounded=0;whiteSpace=wrap;html=1;fontSize=22;" vertex="1" parent="1">
+                    <mxGeometry x="-590" y="1110" width="120" height="60" as="geometry"/>
+                </mxCell>
+                <mxCell id="39" value="" style="endArrow=none;dashed=1;html=1;fontSize=22;entryX=0.5;entryY=1;entryDx=0;entryDy=0;exitX=0.5;exitY=0;exitDx=0;exitDy=0;" edge="1" parent="1" source="38" target="37">
+                    <mxGeometry width="50" height="50" relative="1" as="geometry">
+                        <mxPoint x="-340" y="390" as="sourcePoint"/>
+                        <mxPoint x="-290" y="340" as="targetPoint"/>
+                        <Array as="points"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="40" value="&lt;font style=&quot;font-size: 22px&quot;&gt;Okta Authentication&lt;/font&gt;" style="whiteSpace=wrap;html=1;verticalAlign=top;fontStyle=0;" vertex="1" parent="1">
+                    <mxGeometry x="50" y="300" width="320" height="560" as="geometry"/>
+                </mxCell>
+                <mxCell id="41" value="" style="edgeStyle=none;html=1;entryX=-0.013;entryY=0.092;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" target="49">
+                    <mxGeometry relative="1" as="geometry">
+                        <mxPoint x="-530" y="373" as="sourcePoint"/>
+                        <mxPoint x="115" y="372.58636363636356" as="targetPoint"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="42" value="&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px ; line-height: 18px&quot;&gt;&lt;span style=&quot;color: #a31515&quot;&gt;/SASjsApi/auth/okta/authorize&lt;br&gt;&lt;/span&gt;&lt;/div&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" vertex="1" connectable="0" parent="41">
+                    <mxGeometry x="-0.1257" y="2" relative="1" as="geometry">
+                        <mxPoint as="offset"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="49" value="redirects to okta server&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;OKTA OIDC middleware&lt;br&gt;https://github.com/okta/okta-oidc-middleware&lt;br&gt;&lt;br&gt;&lt;br&gt;&lt;br&gt;OKTA nodeJS Express implementation&lt;br&gt;https://github.com/okta/samples-nodejs-express-4/tree/master/okta-hosted-login&lt;br&gt;" style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="1">
+                    <mxGeometry x="115" y="350" width="190" height="280" as="geometry"/>
+                </mxCell>
+                <mxCell id="75" style="edgeStyle=none;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontSize=14;" edge="1" parent="1" source="50" target="32">
+                    <mxGeometry relative="1" as="geometry"/>
+                </mxCell>
+                <mxCell id="50" value="Validates express session &lt;br&gt;through OKTA OIDC middleware" style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="1">
+                    <mxGeometry x="115" y="710" width="190" height="90" as="geometry"/>
+                </mxCell>
+                <mxCell id="51" value="&lt;span style=&quot;font-size: 22px&quot;&gt;Okta Authorization Server&lt;br&gt;&lt;/span&gt;" style="whiteSpace=wrap;html=1;verticalAlign=top;fontStyle=0;" vertex="1" parent="1">
+                    <mxGeometry x="600" y="300" width="320" height="380" as="geometry"/>
+                </mxCell>
+                <mxCell id="52" value="" style="rounded=1;whiteSpace=wrap;html=1;" vertex="1" parent="1">
+                    <mxGeometry x="665" y="350" width="190" height="280" as="geometry"/>
+                </mxCell>
+                <mxCell id="53" value="" style="endArrow=classic;html=1;fontSize=22;exitX=1.002;exitY=0.123;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="49">
+                    <mxGeometry width="50" height="50" relative="1" as="geometry">
+                        <mxPoint x="400" y="480" as="sourcePoint"/>
+                        <mxPoint x="660" y="384" as="targetPoint"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="54" value="&lt;span style=&quot;color: rgb(163 , 21 , 21) ; font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px&quot;&gt;/authorize&lt;/span&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=22;" vertex="1" connectable="0" parent="53">
+                    <mxGeometry x="0.0222" y="1" relative="1" as="geometry">
+                        <mxPoint as="offset"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="58" value="" style="endArrow=classic;html=1;fontSize=22;exitX=-0.016;exitY=0.291;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="52">
+                    <mxGeometry relative="1" as="geometry">
+                        <mxPoint x="-300" y="470" as="sourcePoint"/>
+                        <mxPoint x="-530" y="431" as="targetPoint"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="61" value="302 redirect to authentication prompt&amp;nbsp;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=22;" vertex="1" connectable="0" parent="58">
+                    <mxGeometry x="-0.659" y="3" relative="1" as="geometry">
+                        <mxPoint x="-630" as="offset"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="62" value="" style="endArrow=classic;html=1;fontSize=22;" edge="1" parent="1">
+                    <mxGeometry relative="1" as="geometry">
+                        <mxPoint x="-530" y="500" as="sourcePoint"/>
+                        <mxPoint x="665" y="500.48" as="targetPoint"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="64" value="Authentication &amp;amp; Consent" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=22;" vertex="1" connectable="0" parent="62">
+                    <mxGeometry x="-0.4695" y="6" relative="1" as="geometry">
+                        <mxPoint as="offset"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="65" value="" style="endArrow=classic;html=1;fontSize=22;exitX=0;exitY=0.679;exitDx=0;exitDy=0;exitPerimeter=0;entryX=0.995;entryY=0.679;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="52" target="49">
+                    <mxGeometry width="50" height="50" relative="1" as="geometry">
+                        <mxPoint x="230" y="560" as="sourcePoint"/>
+                        <mxPoint x="280" y="510" as="targetPoint"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="66" value="Authorization Code to redirect uri" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=14;" vertex="1" connectable="0" parent="65">
+                    <mxGeometry x="0.0583" y="1" relative="1" as="geometry">
+                        <mxPoint x="26" as="offset"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="67" value="" style="endArrow=classic;html=1;fontSize=22;exitX=0;exitY=0.679;exitDx=0;exitDy=0;exitPerimeter=0;entryX=0.995;entryY=0.679;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1">
+                    <mxGeometry width="50" height="50" relative="1" as="geometry">
+                        <mxPoint x="304.0500000000002" y="569.9999999999999" as="sourcePoint"/>
+                        <mxPoint x="665.0000000000005" y="569.9999999999999" as="targetPoint"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="68" value="&lt;span style=&quot;color: rgb(163 , 21 , 21) ; font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px&quot;&gt;/token&lt;/span&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=14;" vertex="1" connectable="0" parent="67">
+                    <mxGeometry x="0.0583" y="1" relative="1" as="geometry">
+                        <mxPoint x="-5" y="1" as="offset"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="69" value="" style="endArrow=classic;html=1;fontSize=22;exitX=0;exitY=0.679;exitDx=0;exitDy=0;exitPerimeter=0;entryX=0.995;entryY=0.679;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1">
+                    <mxGeometry width="50" height="50" relative="1" as="geometry">
+                        <mxPoint x="665.9500000000005" y="599.9999999999999" as="sourcePoint"/>
+                        <mxPoint x="305.00000000000017" y="599.9999999999999" as="targetPoint"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="70" value="Access Token" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontSize=14;" vertex="1" connectable="0" parent="69">
+                    <mxGeometry x="0.0583" y="1" relative="1" as="geometry">
+                        <mxPoint x="26" as="offset"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="71" value="" style="edgeStyle=none;html=1;entryX=-0.012;entryY=0.384;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1">
+                    <mxGeometry relative="1" as="geometry">
+                        <mxPoint x="-530" y="760" as="sourcePoint"/>
+                        <mxPoint x="115.00000000000031" y="759.9999999999999" as="targetPoint"/>
+                    </mxGeometry>
+                </mxCell>
+                <mxCell id="72" value="&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 12px ; line-height: 18px&quot;&gt;&lt;div style=&quot;font-family: &amp;#34;menlo&amp;#34; , &amp;#34;monaco&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; line-height: 18px&quot;&gt;&lt;font color=&quot;#a31515&quot;&gt;Request with OKTA mechanism&lt;/font&gt;&lt;/div&gt;&lt;/div&gt;" style="edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];" vertex="1" connectable="0" parent="71">
                    <mxGeometry x="-0.1257" y="2" relative="1" as="geometry">
                        <mxPoint as="offset"/>
                    </mxGeometry>
--- a/SASjsServer.svg
+++ b/SASjsServer.svg
--- a/api/.env.example
+++ b/api/.env.example
@@ -1,8 +1,5 @@
 MODE=[desktop|server] default considered as desktop
 CORS=[disable|enable] default considered as disable
-PROTOCOL=[http|https] default considered as http
-PRIVATE_KEY=privkey.pem
-FULL_CHAIN=fullchain.pem
 PORT=[5000] default value is 5000
 PORT_WEB=[port for sasjs web component(react)] default value is 3000
 ACCESS_TOKEN_SECRET=<secret>
--- a/api/.vscode/launch.json
+++ b/api/.vscode/launch.json
@@ -1,13 +0,0 @@
-{
-  "version": "0.2.0",
-  "configurations": [
-    {
-      "name": "Launch via NPM",
-      "request": "launch",
-      "runtimeArgs": ["run-script", "start"],
-      "runtimeExecutable": "npm",
-      "skipFiles": ["<node_internals>/**"],
-      "type": "pwa-node"
-    }
-  ]
-}
--- a/api/package-lock.json
+++ b/api/package-lock.json
--- a/api/package.json
+++ b/api/package.json
@@ -4,25 +4,26 @@
  "description": "Api of SASjs server",
  "main": "./src/server.ts",
  "scripts": {
-    "initial": "npm run swagger && npm run compileSysInit && npm run copySASjsCore",
+    "initial": "npm run swagger && npm run compileSysInit",
    "prestart": "npm run initial",
+    "prestart:prod": "npm run initial",
    "prebuild": "npm run initial",
    "start": "nodemon ./src/server.ts",
+    "start:prod": "nodemon ./src/prod-server.ts",
    "build": "rimraf build && tsc",
    "swagger": "tsoa spec",
+    "semantic-release": "semantic-release -d",
    "prepare": "[ -d .git ] && git config core.hooksPath ./.git-hooks || true",
    "test": "mkdir -p tmp && mkdir -p ../web/build && jest --silent --coverage",
    "lint:fix": "npx prettier --write \"src/**/*.{ts,tsx,js,jsx,html,css,sass,less,yml,md,graphql}\"",
    "lint": "npx prettier --check \"src/**/*.{ts,tsx,js,jsx,html,css,sass,less,yml,md,graphql}\"",
    "package:lib": "npm run build && cp ./package.json build && cp README.md build && cd build && npm version \"5.0.0\" && npm pack",
    "exe": "npm run build && npm run exe:copy && pkg .",
-    "exe:copy": "npm run public:copy && npm run sasjsbuild:copy && npm run sasjscore:copy && npm run web:copy",
+    "exe:copy": "npm run public:copy && npm run sasjsbuild:copy && npm run web:copy",
    "public:copy": "cp -r ./public/ ./build/public/",
    "sasjsbuild:copy": "cp -r ./sasjsbuild/ ./build/sasjsbuild/",
-    "sasjscore:copy": "cp -r ./sasjscore/ ./build/sasjscore/",
    "web:copy": "rimraf web && mkdir web && cp -r ../web/build/ ./web/build/",
-    "compileSysInit": "ts-node ./scripts/compileSysInit.ts",
-    "copySASjsCore": "ts-node ./scripts/copySASjsCore.ts"
+    "compileSysInit": "ts-node ./scripts/compileSysInit.ts"
  },
  "bin": "./build/src/server.js",
  "pkg": {
@@ -45,7 +46,7 @@
  },
  "author": "4GL Ltd",
  "dependencies": {
-    "@sasjs/core": "4.9.0",
+    "@sasjs/core": "3.11.1",
    "@sasjs/utils": "2.34.1",
    "bcryptjs": "^2.4.3",
    "cors": "^2.8.5",
@@ -57,7 +58,7 @@
    "morgan": "^1.10.0",
    "multer": "^1.4.3",
    "swagger-ui-express": "^4.1.6",
-    "tsoa": "3.14.1"
+    "tsoa": "^3.14.0"
  },
  "devDependencies": {
    "@types/bcryptjs": "^2.4.2",
@@ -72,13 +73,13 @@
    "@types/supertest": "^2.0.11",
    "@types/swagger-ui-express": "^4.1.3",
    "dotenv": "^10.0.0",
-    "http-headers-validation": "^0.0.1",
    "jest": "^27.0.6",
    "mongodb-memory-server": "^8.0.0",
    "nodemon": "^2.0.7",
    "pkg": "^5.4.1",
    "prettier": "^2.3.1",
    "rimraf": "^3.0.2",
+    "semantic-release": "^17.4.3",
    "supertest": "^6.1.3",
    "ts-jest": "^27.0.3",
    "ts-node": "^10.0.0",
--- a/api/public/swagger.yaml
+++ b/api/public/swagger.yaml
@@ -92,48 +92,6 @@ components:
                - clientSecret
            type: object
            additionalProperties: false
-        IRecordOfAny:
-            properties: {}
-            type: object
-            additionalProperties: {}
-        LogLine:
-            properties:
-                line:
-                    type: string
-            required:
-                - line
-            type: object
-            additionalProperties: false
-        HTTPHeaders:
-            properties: {}
-            type: object
-            additionalProperties:
-                type: string
-        ExecuteReturnJsonResponse:
-            properties:
-                status:
-                    type: string
-                _webout:
-                    anyOf:
-                        -
-                            type: string
-                        -
-                            $ref: '#/components/schemas/IRecordOfAny'
-                log:
-                    items:
-                        $ref: '#/components/schemas/LogLine'
-                    type: array
-                message:
-                    type: string
-                httpHeaders:
-                    $ref: '#/components/schemas/HTTPHeaders'
-            required:
-                - status
-                - _webout
-                - log
-                - httpHeaders
-            type: object
-            additionalProperties: false
        ExecuteSASCodePayload:
            properties:
                code:
@@ -223,6 +181,18 @@ components:
                - fileTree
            type: object
            additionalProperties: false
+        GetFileResponse:
+            properties:
+                status:
+                    type: string
+                fileContent:
+                    type: string
+                message:
+                    type: string
+            required:
+                - status
+            type: object
+            additionalProperties: false
        UpdateFileResponse:
            properties:
                status:
@@ -398,6 +368,21 @@ components:
                - description
            type: object
            additionalProperties: false
+        ExecuteReturnJsonResponse:
+            properties:
+                status:
+                    type: string
+                _webout:
+                    type: string
+                log:
+                    type: string
+                message:
+                    type: string
+            required:
+                - status
+                - _webout
+            type: object
+            additionalProperties: false
        ExecuteReturnJsonPayload:
            properties:
                _program:
@@ -413,7 +398,7 @@ components:
            bearerFormat: JWT
 info:
    title: api
-    version: 0.0.2
+    version: 0.0.1
    description: 'Api of SASjs server'
    contact:
        name: '4GL Ltd'
@@ -535,7 +520,7 @@ paths:
                    content:
                        application/json:
                            schema:
-                                $ref: '#/components/schemas/ExecuteReturnJsonResponse'
+                                type: string
            description: 'Execute SAS code.'
            summary: 'Run SAS Code and returns log'
            tags:
@@ -598,8 +583,24 @@ paths:
        get:
            operationId: GetFile
            responses:
-                '204':
-                    description: 'No content'
+                '200':
+                    description: Ok
+                    content:
+                        application/json:
+                            schema:
+                                $ref: '#/components/schemas/GetFileResponse'
+                            examples:
+                                'Example 1':
+                                    value: {status: success, fileContent: 'Contents of the File'}
+                '400':
+                    description: 'Unable to get File'
+                    content:
+                        application/json:
+                            schema:
+                                $ref: '#/components/schemas/GetFileResponse'
+                            examples:
+                                'Example 1':
+                                    value: {status: failure, message: 'File request failed.'}
            summary: 'Get file from SASjs Drive'
            tags:
                - Drive
@@ -635,36 +636,19 @@ paths:
                            examples:
                                'Example 1':
                                    value: {status: failure, message: 'File request failed.'}
-            description: "It's optional to either provide `_filePath` in url as query parameter\nOr provide `filePath` in body as form field.\nBut it's required to provided else API will respond with Bad Request."
            summary: 'Create a file in SASjs Drive'
            tags:
                - Drive
            security:
                -
                    bearerAuth: []
-            parameters:
-                -
-                    description: 'Location of SAS program'
-                    in: query
-                    name: _filePath
-                    required: false
-                    schema:
-                        type: string
-                    example: /Public/somefolder/some.file.sas
+            parameters: []
            requestBody:
                required: true
                content:
-                    multipart/form-data:
+                    application/json:
                        schema:
-                            type: object
-                            properties:
-                                file:
-                                    type: string
-                                    format: binary
-                                filePath:
-                                    type: string
-                            required:
-                                - file
+                            $ref: '#/components/schemas/FilePayload'
        patch:
            operationId: UpdateFile
            responses:
@@ -1051,11 +1035,9 @@ paths:
                    content:
                        application/json:
                            schema:
-                                anyOf:
-                                    - {type: string}
-                                    - {type: string, format: byte}
-            description: "Trigger a SAS program using it's location in the _program URL parameter.\nEnable debugging using the _debug URL parameter.  Setting _debug=131 will\ncause the log to be streamed in the output.\n\nAdditional URL parameters are turned into SAS macro variables.\n\nAny files provided in the request body are placed into the SAS session with\ncorresponding _WEBIN_XXX variables created.\n\nThe response headers can be adjusted using the mfs_httpheader() macro.  Any\nfile type can be returned, including binary files such as zip or xls.\n\nThis behaviour differs for POST requests, in which case the reponse is\nalways JSON."
-            summary: 'Execute Stored Program, return raw _webout content.'
+                                type: string
+            description: "Trigger a SAS program using it's location in the _program parameter.\nEnable debugging using the _debug parameter.\nAdditional URL parameters are turned into SAS macro variables.\nAny files provided are placed into the session and\ncorresponding _WEBIN_XXX variables are created."
+            summary: 'Execute Stored Program, return raw content'
            tags:
                - STP
            security:
@@ -1063,7 +1045,6 @@ paths:
                    bearerAuth: []
            parameters:
                -
-                    description: 'Location of SAS program'
                    in: query
                    name: _program
                    required: true
@@ -1079,10 +1060,7 @@ paths:
                        application/json:
                            schema:
                                $ref: '#/components/schemas/ExecuteReturnJsonResponse'
-                            examples:
-                                'Example 1':
-                                    value: {status: success, _webout: 'webout content', log: [], httpHeaders: {Content-type: application/zip, Cache-Control: 'public, max-age=1000'}}
-            description: "Trigger a SAS program using it's location in the _program URL parameter.\nEnable debugging using the _debug URL parameter.  In any case, the log is\nalways returned in the log object.\n\nAdditional URL parameters are turned into SAS macro variables.\n\nAny files provided in the request body are placed into the SAS session with\ncorresponding _WEBIN_XXX variables created.\n\nThe response will be a JSON object with the following root attributes: log,\nwebout, headers.\n\nThe webout will be a nested JSON object ONLY if the response-header\ncontains a content-type of application/json AND it is valid JSON.\nOtherwise it will be a stringified version of the webout content.\n\nResponse headers from the mfs_httpheader macro are simply listed in the\nheaders object, for POST requests they have no effect on the actual\nresponse header."
+            description: "Trigger a SAS program using it's location in the _program parameter.\nEnable debugging using the _debug parameter.\nAdditional URL parameters are turned into SAS macro variables.\nAny files provided are placed into the session and\ncorresponding _WEBIN_XXX variables are created."
            summary: 'Execute Stored Program, return JSON'
            tags:
                - STP
@@ -1091,7 +1069,6 @@ paths:
                    bearerAuth: []
            parameters:
                -
-                    description: 'Location of SAS program'
                    in: query
                    name: _program
                    required: false
--- a/api/scripts/compileSysInit.ts
+++ b/api/scripts/compileSysInit.ts
@@ -21,6 +21,7 @@ const compiledSystemInit = async (systemInit: string) =>
  }))

 const createSysInitFile = async () => {
+  console.log('macroCorePath', macroCorePath)
  const systemInitContent = await readFile(
    path.join(__dirname, 'systemInit.sas')
  )
--- a/api/scripts/copySASjsCore.ts
+++ b/api/scripts/copySASjsCore.ts
@@ -1,25 +0,0 @@
-import path from 'path'
-import { asyncForEach, copy, createFolder, deleteFolder } from '@sasjs/utils'
-
-import { apiRoot, sasJSCoreMacros } from '../src/utils'
-
-const macroCorePath = path.join(apiRoot, 'node_modules', '@sasjs', 'core')
-
-export const copySASjsCore = async () => {
-  await deleteFolder(sasJSCoreMacros)
-  await createFolder(sasJSCoreMacros)
-
-  console.log('Copying SASjs Core Macros...')
-
-  const foldersToCopy = ['base', 'ddl', 'fcmp', 'lua', 'server']
-
-  await asyncForEach(foldersToCopy, async (coreSubFolder) => {
-    const coreSubFolderPath = path.join(macroCorePath, coreSubFolder)
-
-    await copy(coreSubFolderPath, sasJSCoreMacros)
-  })
-
-  console.log('Macros available at: ', sasJSCoreMacros)
-}
-
-copySASjsCore()
--- a/api/scripts/systemInit.sas
+++ b/api/scripts/systemInit.sas
@@ -4,24 +4,10 @@
  @details This program is inserted into every sasjs/server program invocation,
  _before_ any user-provided content.

-  A number of useful CORE macros are also compiled below, so that they can be
-  available "out of the box".
-
  <h4> SAS Macros </h4>
  @li mcf_stpsrv_header.sas
-  @li mf_getuser.sas
-  @li mf_getvarlist.sas
-  @li mf_mkdir.sas
-  @li mf_nobs.sas
-  @li mf_uid.sas
-  @li mfs_httpheader.sas
-  @li mp_dirlist.sas
-  @li mp_ds2ddl.sas
-  @li mp_ds2md.sas
-  @li mp_getdbml.sas
-  @li mp_init.sas
-  @li mp_makedata.sas
-  @li mp_zip.sas

 **/

+
+%mcf_stpsrv_header(wrap=YES, insert_cmplib=YES)
--- a/api/src/app.ts
+++ b/api/src/app.ts
@@ -1,10 +1,12 @@
 import path from 'path'
-import express, { ErrorRequestHandler } from 'express'
+import express from 'express'
 import morgan from 'morgan'
 import dotenv from 'dotenv'
 import cors from 'cors'

-import { connectDB, getWebBuildFolderPath, setProcessVariables } from './utils'
+import webRouter from './routes/web'
+import apiRouter from './routes/api'
+import { connectDB, getWebBuildFolderPath } from './utils'

 dotenv.config()

@@ -24,21 +26,11 @@ if (MODE?.trim() !== 'server' || CORS?.trim() === 'enable') {
 app.use(express.json({ limit: '50mb' }))
 app.use(morgan('tiny'))
 app.use(express.static(path.join(__dirname, '../public')))
+
+app.use('/', webRouter)
+app.use('/SASjsApi', apiRouter)
+app.use(express.json({ limit: '50mb' }))
+
 app.use(express.static(getWebBuildFolderPath()))

-const onError: ErrorRequestHandler = (err, req, res, next) => {
-  console.error(err.stack)
-  res.status(500).send('Something broke!')
-}
-
-export default setProcessVariables().then(async () => {
-  // loading these modules after setting up variables due to
-  // multer's usage of process var process.driveLoc
-  const { setupRoutes } = await import('./routes/setupRoutes')
-  setupRoutes(app)
-
-  app.use(onError)
-
-  await connectDB()
-  return app
-})
+export default connectDB().then(() => app)
--- a/api/src/controllers/code.ts
+++ b/api/src/controllers/code.ts
@@ -1,9 +1,7 @@
 import express from 'express'
 import { Request, Security, Route, Tags, Post, Body } from 'tsoa'
-import { ExecuteReturnJson, ExecutionController } from './internal'
+import { ExecutionController } from './internal'
 import { PreProgramVars } from '../types'
-import { ExecuteReturnJsonResponse } from '.'
-import { parseLogToArray } from '../utils'

 interface ExecuteSASCodePayload {
  /**
@@ -25,28 +23,22 @@ export class CodeController {
  public async executeSASCode(
    @Request() request: express.Request,
    @Body() body: ExecuteSASCodePayload
-  ): Promise<ExecuteReturnJsonResponse> {
+  ): Promise<string> {
    return executeSASCode(request, body)
  }
 }

 const executeSASCode = async (req: any, { code }: ExecuteSASCodePayload) => {
  try {
-    const { webout, log, httpHeaders } =
-      (await new ExecutionController().executeProgram(
-        code,
-        getPreProgramVariables(req),
-        { ...req.query, _debug: 131 },
-        undefined,
-        true
-      )) as ExecuteReturnJson
+    const result = await new ExecutionController().executeProgram(
+      code,
+      getPreProgramVariables(req),
+      { ...req.query, _debug: 131 },
+      undefined,
+      true
+    )

-    return {
-      status: 'success',
-      _webout: webout as string,
-      log: parseLogToArray(log),
-      httpHeaders
-    }
+    return result as string
  } catch (err: any) {
    throw {
      code: 400,
--- a/api/src/controllers/drive.ts
+++ b/api/src/controllers/drive.ts
@@ -1,8 +1,5 @@
-import path from 'path'
-import express, { Express } from 'express'
 import {
  Security,
-  Request,
  Route,
  Tags,
  Example,
@@ -11,14 +8,13 @@ import {
  Response,
  Query,
  Get,
-  Patch,
-  UploadedFile,
-  FormField
+  Patch
 } from 'tsoa'
-import { fileExists, createFile, moveFile, createFolder } from '@sasjs/utils'
+import { fileExists, readFile, createFile } from '@sasjs/utils'
 import { createFileTree, ExecutionController, getTreeExample } from './internal'

 import { FileTree, isFileTree, TreeNode } from '../types'
+import path from 'path'
 import { getTmpFilesFolderPath } from '../utils'

 interface DeployPayload {
@@ -97,22 +93,21 @@ export class DriveController {
   * @query filePath Location of SAS program
   * @example filePath "/Public/somefolder/some.file"
   */
+  @Example<GetFileResponse>({
+    status: 'success',
+    fileContent: 'Contents of the File'
+  })
+  @Response<GetFileResponse>(400, 'Unable to get File', {
+    status: 'failure',
+    message: 'File request failed.'
+  })
  @Get('/file')
-  public async getFile(
-    @Request() request: express.Request,
-    @Query() filePath: string
-  ) {
-    return getFile(request, filePath)
+  public async getFile(@Query() filePath: string): Promise<GetFileResponse> {
+    return getFile(filePath)
  }

  /**
-   * It's optional to either provide `_filePath` in url as query parameter
-   * Or provide `filePath` in body as form field.
-   * But it's required to provided else API will respond with Bad Request.
-   *
   * @summary Create a file in SASjs Drive
-   * @param _filePath Location of SAS program
-   * @example _filePath "/Public/somefolder/some.file.sas"
   *
   */
  @Example<UpdateFileResponse>({
@@ -124,11 +119,9 @@ export class DriveController {
  })
  @Post('/file')
  public async saveFile(
-    @UploadedFile() file: Express.Multer.File,
-    @Query() _filePath?: string,
-    @FormField() filePath?: string
+    @Body() body: FilePayload
  ): Promise<UpdateFileResponse> {
-    return saveFile((_filePath ?? filePath)!, file)
+    return saveFile(body)
  }

  /**
@@ -160,7 +153,7 @@ export class DriveController {
 }

 const getFileTree = () => {
-  const tree = new ExecutionController().buildDirectoryTree()
+  const tree = new ExecutionController().buildDirectorytree()
  return { status: 'success', tree }
 }

@@ -179,47 +172,47 @@ const deploy = async (data: DeployPayload) => {
  return successDeployResponse
 }

-const getFile = async (req: express.Request, filePath: string) => {
-  const driveFilesPath = getTmpFilesFolderPath()
+const getFile = async (filePath: string): Promise<GetFileResponse> => {
+  try {
+    const filePathFull = path
+      .join(getTmpFilesFolderPath(), filePath)
+      .replace(new RegExp('/', 'g'), path.sep)

-  const filePathFull = path
-    .join(getTmpFilesFolderPath(), filePath)
-    .replace(new RegExp('/', 'g'), path.sep)
+    await validateFilePath(filePathFull)
+    const fileContent = await readFile(filePathFull)

-  if (!filePathFull.includes(driveFilesPath)) {
-    throw new Error('Cannot get file outside drive.')
+    return { status: 'success', fileContent: fileContent }
+  } catch (err: any) {
+    throw {
+      code: 400,
+      status: 'failure',
+      message: 'File request failed.',
+      error: typeof err === 'object' ? err.toString() : err
+    }
  }
-
-  if (!(await fileExists(filePathFull))) {
-    throw new Error('File does not exist.')
-  }
-
-  req.res?.download(filePathFull)
 }

-const saveFile = async (
-  filePath: string,
-  multerFile: Express.Multer.File
-): Promise<GetFileResponse> => {
-  const driveFilesPath = getTmpFilesFolderPath()
+const saveFile = async (body: FilePayload): Promise<GetFileResponse> => {
+  const { filePath, fileContent } = body
+  try {
+    const filePathFull = path
+      .join(getTmpFilesFolderPath(), filePath)
+      .replace(new RegExp('/', 'g'), path.sep)

-  const filePathFull = path
-    .join(driveFilesPath, filePath)
-    .replace(new RegExp('/', 'g'), path.sep)
+    if (await fileExists(filePathFull)) {
+      throw 'DriveController: File already exists.'
+    }
+    await createFile(filePathFull, fileContent)

-  if (!filePathFull.includes(driveFilesPath)) {
-    throw new Error('Cannot put file outside drive.')
+    return { status: 'success' }
+  } catch (err: any) {
+    throw {
+      code: 400,
+      status: 'failure',
+      message: 'File request failed.',
+      error: typeof err === 'object' ? err.toString() : err
+    }
  }
-
-  if (await fileExists(filePathFull)) {
-    throw new Error('File already exists.')
-  }
-
-  const folderPath = path.dirname(filePathFull)
-  await createFolder(folderPath)
-  await moveFile(multerFile.path, filePathFull)
-
-  return { status: 'success' }
 }

 const updateFile = async (body: FilePayload): Promise<GetFileResponse> => {
--- a/api/src/controllers/internal/Execution.ts
+++ b/api/src/controllers/internal/Execution.ts
@@ -1,42 +1,15 @@
 import path from 'path'
 import fs from 'fs'
 import { getSessionController } from './'
-import {
-  readFile,
-  fileExists,
-  createFile,
-  moveFile,
-  readFileBinary
-} from '@sasjs/utils'
+import { readFile, fileExists, createFile, moveFile } from '@sasjs/utils'
 import { PreProgramVars, TreeNode } from '../../types'
-import {
-  extractHeaders,
-  generateFileUploadSasCode,
-  getTmpFilesFolderPath,
-  HTTPHeaders,
-  sasJSCoreMacros
-} from '../../utils'
-
-export interface ExecutionVars {
-  [key: string]: string | number | undefined
-}
-
-export interface ExecuteReturnRaw {
-  httpHeaders: HTTPHeaders
-  result: string | Buffer
-}
-
-export interface ExecuteReturnJson {
-  httpHeaders: HTTPHeaders
-  webout: string | Buffer
-  log?: string
-}
+import { generateFileUploadSasCode, getTmpFilesFolderPath } from '../../utils'

 export class ExecutionController {
  async executeFile(
    programPath: string,
    preProgramVariables: PreProgramVars,
-    vars: ExecutionVars,
+    vars: { [key: string]: string | number | undefined },
    otherArgs?: any,
    returnJson?: boolean
  ) {
@@ -53,14 +26,13 @@ export class ExecutionController {
      returnJson
    )
  }
-
  async executeProgram(
    program: string,
    preProgramVariables: PreProgramVars,
-    vars: ExecutionVars,
+    vars: { [key: string]: string | number | undefined },
    otherArgs?: any,
    returnJson?: boolean
-  ): Promise<ExecuteReturnRaw | ExecuteReturnJson> {
+  ) {
    const sessionController = getSessionController()

    const session = await sessionController.getSession()
@@ -68,11 +40,11 @@ export class ExecutionController {
    session.consumed = true

    const logPath = path.join(session.path, 'log.log')
-    const headersPath = path.join(session.path, 'stpsrv_header.txt')
-    const weboutPath = path.join(session.path, 'webout.txt')
-    const tokenFile = path.join(session.path, 'accessToken.txt')

+    const weboutPath = path.join(session.path, 'webout.txt')
    await createFile(weboutPath, '')
+
+    const tokenFile = path.join(session.path, 'accessToken.txt')
    await createFile(
      tokenFile,
      preProgramVariables?.accessToken ?? 'accessToken'
@@ -83,7 +55,6 @@ export class ExecutionController {
        `${computed}%let ${key}=${vars[key]};\n`,
      ''
    )
-
    const preProgramVarStatments = `
 %let _sasjs_tokenfile=${tokenFile};
 %let _sasjs_username=${preProgramVariables?.username};
@@ -94,19 +65,17 @@ export class ExecutionController {
 %let _metaperson=&_sasjs_displayname;
 %let _metauser=&_sasjs_username;
 %let sasjsprocessmode=Stored Program;
-%let sasjs_stpsrv_header_loc=%sysfunc(pathname(work))/../stpsrv_header.txt;

-%global SYSPROCESSMODE SYSTCPIPHOSTNAME SYSHOSTINFOLONG;
+%global SYSPROCESSMODE SYSTCPIPHOSTNAME;
 %macro _sasjs_server_init();
  %if "&SYSPROCESSMODE"="" %then %let SYSPROCESSMODE=&sasjsprocessmode;
  %if "&SYSTCPIPHOSTNAME"="" %then %let SYSTCPIPHOSTNAME=&_sasjs_apiserverurl;
 %mend;
 %_sasjs_server_init()
+%sysmacdelete _sasjs_server_init;
 `

    program = `
-options insert=(SASAUTOS="${sasJSCoreMacros}");
-
 /* runtime vars */
 ${varStatments}
 filename _webout "${weboutPath}" mod;
@@ -147,17 +116,8 @@ ${program}`
    }

    const log = (await fileExists(logPath)) ? await readFile(logPath) : ''
-    const headersContent = (await fileExists(headersPath))
-      ? await readFile(headersPath)
-      : ''
-    const httpHeaders: HTTPHeaders = extractHeaders(headersContent)
-    const fileResponse: boolean =
-      httpHeaders.hasOwnProperty('content-type') && !returnJson
-
    const webout = (await fileExists(weboutPath))
-      ? fileResponse
-        ? await readFileBinary(weboutPath)
-        : await readFile(weboutPath)
+      ? await readFile(weboutPath)
      : ''

    const debugValue =
@@ -168,24 +128,18 @@ ${program}`

    if (returnJson) {
      return {
-        httpHeaders,
        webout,
        log:
          (debugValue && debugValue >= 131) || session.crashed ? log : undefined
      }
    }

-    return {
-      httpHeaders,
-      result: fileResponse
-        ? webout
-        : (debugValue && debugValue >= 131) || session.crashed
-        ? `<html><body>${webout}<div style="text-align:left"><hr /><h2>SAS Log</h2><pre>${log}</pre></div></body></html>`
-        : webout
-    }
+    return (debugValue && debugValue >= 131) || session.crashed
+      ? `<html><body>${webout}<div style="text-align:left"><hr /><h2>SAS Log</h2><pre>${log}</pre></div></body></html>`
+      : webout
  }

-  buildDirectoryTree() {
+  buildDirectorytree() {
    const root: TreeNode = {
      name: 'files',
      relativePath: '',
--- a/api/src/controllers/internal/FileUploadController.ts
+++ b/api/src/controllers/internal/FileUploadController.ts
@@ -18,7 +18,7 @@ export class FileUploadController {

  //It will intercept request and generate unique uuid to be used as a subfolder name
  //that will store the files uploaded
-  public preUploadMiddleware = async (req: any, res: any, next: any) => {
+  public preuploadMiddleware = async (req: any, res: any, next: any) => {
    let session

    const sessionController = getSessionController()
--- a/api/src/controllers/internal/Session.ts
+++ b/api/src/controllers/internal/Session.ts
@@ -67,10 +67,7 @@ export class SessionController {

    // the autoexec file is executed on SAS startup
    const autoExecPath = path.join(sessionFolder, 'autoexec.sas')
-    const contentForAutoExec = `/* compiled systemInit */
-${compiledSystemInitContent}
-/* autoexec */
-${autoExecContent}`
+    const contentForAutoExec = `/* compiled systemInit */\n${compiledSystemInitContent}\n/* autoexec */\n${autoExecContent}`
    await createFile(autoExecPath, contentForAutoExec)

    // create empty code.sas as SAS will not start without a SYSIN
--- a/api/src/controllers/stp.ts
+++ b/api/src/controllers/stp.ts
@@ -1,30 +1,9 @@
 import express from 'express'
 import path from 'path'
-import {
-  Request,
-  Security,
-  Route,
-  Tags,
-  Post,
-  Body,
-  Get,
-  Query,
-  Example
-} from 'tsoa'
-import {
-  ExecuteReturnJson,
-  ExecuteReturnRaw,
-  ExecutionController,
-  ExecutionVars
-} from './internal'
+import { Request, Security, Route, Tags, Post, Body, Get, Query } from 'tsoa'
+import { ExecutionController } from './internal'
 import { PreProgramVars } from '../types'
-import {
-  getTmpFilesFolderPath,
-  HTTPHeaders,
-  LogLine,
-  makeFilesNamesMap,
-  parseLogToArray
-} from '../utils'
+import { getTmpFilesFolderPath, makeFilesNamesMap } from '../utils'

 interface ExecuteReturnJsonPayload {
  /**
@@ -33,16 +12,11 @@ interface ExecuteReturnJsonPayload {
   */
  _program?: string
 }
-
-interface IRecordOfAny {
-  [key: string]: any
-}
-export interface ExecuteReturnJsonResponse {
+interface ExecuteReturnJsonResponse {
  status: string
-  _webout: string | IRecordOfAny
-  log: LogLine[]
+  _webout: string
+  log?: string
  message?: string
-  httpHeaders: HTTPHeaders
 }

@Security('bearerAuth')
@@ -50,67 +24,33 @@ export interface ExecuteReturnJsonResponse {
@Tags('STP')
 export class STPController {
  /**
-   * Trigger a SAS program using it's location in the _program URL parameter.
-   * Enable debugging using the _debug URL parameter.  Setting _debug=131 will
-   * cause the log to be streamed in the output.
-   *
+   * Trigger a SAS program using it's location in the _program parameter.
+   * Enable debugging using the _debug parameter.
   * Additional URL parameters are turned into SAS macro variables.
-   *
-   * Any files provided in the request body are placed into the SAS session with
-   * corresponding _WEBIN_XXX variables created.
-   *
-   * The response headers can be adjusted using the mfs_httpheader() macro.  Any
-   * file type can be returned, including binary files such as zip or xls.
-   *
-   * This behaviour differs for POST requests, in which case the reponse is
-   * always JSON.
-   *
-   * @summary Execute Stored Program, return raw _webout content.
-   * @param _program Location of SAS program
+   * Any files provided are placed into the session and
+   * corresponding _WEBIN_XXX variables are created.
+   * @summary Execute Stored Program, return raw content
+   * @query _program Location of SAS program
   * @example _program "/Public/somefolder/some.file"
   */
  @Get('/execute')
  public async executeReturnRaw(
    @Request() request: express.Request,
    @Query() _program: string
-  ): Promise<string | Buffer> {
+  ): Promise<string> {
    return executeReturnRaw(request, _program)
  }

  /**
-   * Trigger a SAS program using it's location in the _program URL parameter.
-   * Enable debugging using the _debug URL parameter.  In any case, the log is
-   * always returned in the log object.
-   *
+   * Trigger a SAS program using it's location in the _program parameter.
+   * Enable debugging using the _debug parameter.
   * Additional URL parameters are turned into SAS macro variables.
-   *
-   * Any files provided in the request body are placed into the SAS session with
-   * corresponding _WEBIN_XXX variables created.
-   *
-   * The response will be a JSON object with the following root attributes: log,
-   * webout, headers.
-   *
-   * The webout will be a nested JSON object ONLY if the response-header
-   * contains a content-type of application/json AND it is valid JSON.
-   * Otherwise it will be a stringified version of the webout content.
-   *
-   * Response headers from the mfs_httpheader macro are simply listed in the
-   * headers object, for POST requests they have no effect on the actual
-   * response header.
-   *
+   * Any files provided are placed into the session and
+   * corresponding _WEBIN_XXX variables are created.
   * @summary Execute Stored Program, return JSON
-   * @param _program Location of SAS program
+   * @query _program Location of SAS program
   * @example _program "/Public/somefolder/some.file"
   */
-  @Example<ExecuteReturnJsonResponse>({
-    status: 'success',
-    _webout: 'webout content',
-    log: [],
-    httpHeaders: {
-      'Content-type': 'application/zip',
-      'Cache-Control': 'public, max-age=1000'
-    }
-  })
  @Post('/execute')
  public async executeReturnJson(
    @Request() request: express.Request,
@@ -125,28 +65,21 @@ export class STPController {
 const executeReturnRaw = async (
  req: express.Request,
  _program: string
-): Promise<string | Buffer> => {
-  const query = req.query as ExecutionVars
+): Promise<string> => {
+  const query = req.query as { [key: string]: string | number | undefined }
  const sasCodePath =
    path
      .join(getTmpFilesFolderPath(), _program)
      .replace(new RegExp('/', 'g'), path.sep) + '.sas'

  try {
-    const { result, httpHeaders } =
-      (await new ExecutionController().executeFile(
-        sasCodePath,
-        getPreProgramVariables(req),
-        query
-      )) as ExecuteReturnRaw
+    const result = await new ExecutionController().executeFile(
+      sasCodePath,
+      getPreProgramVariables(req),
+      query
+    )

-    req.res?.set(httpHeaders)
-
-    if (result instanceof Buffer) {
-      ;(req as any).sasHeaders = httpHeaders
-    }
-
-    return result
+    return result as string
  } catch (err: any) {
    throw {
      code: 400,
@@ -169,27 +102,17 @@ const executeReturnJson = async (
  const filesNamesMap = req.files?.length ? makeFilesNamesMap(req.files) : null

  try {
-    const { webout, log, httpHeaders } =
-      (await new ExecutionController().executeFile(
-        sasCodePath,
-        getPreProgramVariables(req),
-        { ...req.query, ...req.body },
-        { filesNamesMap: filesNamesMap },
-        true
-      )) as ExecuteReturnJson
-
-    let weboutRes: string | IRecordOfAny = webout
-    if (httpHeaders['content-type']?.toLowerCase() === 'application/json') {
-      try {
-        weboutRes = JSON.parse(webout as string)
-      } catch (_) {}
-    }
-
+    const { webout, log } = (await new ExecutionController().executeFile(
+      sasCodePath,
+      getPreProgramVariables(req),
+      { ...req.query, ...req.body },
+      { filesNamesMap: filesNamesMap },
+      true
+    )) as { webout: string; log: string }
    return {
      status: 'success',
-      _webout: weboutRes,
-      log: parseLogToArray(log),
-      httpHeaders
+      _webout: webout,
+      log
    }
  } catch (err: any) {
    throw {
--- a/api/src/middlewares/multer.ts
+++ b/api/src/middlewares/multer.ts
@@ -1,77 +0,0 @@
-import path from 'path'
-import { Request } from 'express'
-import multer, { FileFilterCallback, Options } from 'multer'
-import { getTmpUploadsPath } from '../utils'
-
-const acceptableExtensions = ['.sas']
-const fieldNameSize = 300
-const fileSize = 10485760 // 10 MB
-
-const storage = multer.diskStorage({
-  destination: getTmpUploadsPath(),
-  filename: function (
-    _req: Request,
-    file: Express.Multer.File,
-    callback: (error: Error | null, filename: string) => void
-  ) {
-    callback(
-      null,
-      file.fieldname + path.extname(file.originalname) + '-' + Date.now()
-    )
-  }
-})
-
-const limits: Options['limits'] = {
-  fieldNameSize,
-  fileSize
-}
-
-const fileFilter: Options['fileFilter'] = (
-  req: Request,
-  file: Express.Multer.File,
-  callback: FileFilterCallback
-) => {
-  const fileExtension = path.extname(file.originalname).toLocaleLowerCase()
-
-  if (!acceptableExtensions.includes(fileExtension)) {
-    return callback(
-      new Error(
-        `File extension '${fileExtension}' not acceptable. Valid extension(s): ${acceptableExtensions.join(
-          ', '
-        )}`
-      )
-    )
-  }
-
-  const uploadFileSize = parseInt(req.headers['content-length'] ?? '')
-  if (uploadFileSize > fileSize) {
-    return callback(
-      new Error(
-        `File size is over limit. File limit is: ${fileSize / 1024 / 1024} MB`
-      )
-    )
-  }
-
-  callback(null, true)
-}
-
-const options: Options = { storage, limits, fileFilter }
-
-const multerInstance = multer(options)
-
-export const multerSingle = (fileName: string, arg: any) => {
-  const [req, res, next] = arg
-  const upload = multerInstance.single(fileName)
-
-  upload(req, res, function (err) {
-    if (err instanceof multer.MulterError) {
-      return res.status(500).send(err.message)
-    } else if (err) {
-      return res.status(400).send(err.message)
-    }
-    // Everything went fine.
-    next()
-  })
-}
-
-export default multerInstance
--- a/api/src/prod-server.ts
+++ b/api/src/prod-server.ts
@@ -0,0 +1,21 @@
+import path from 'path'
+import { readFileSync } from 'fs'
+import * as https from 'https'
+import appPromise from './app'
+
+const keyPath = path.join('..', 'certificates', 'privkey.pem')
+const certPath = path.join('..', 'certificates', 'fullchain.pem')
+
+const key = readFileSync(keyPath)
+const cert = readFileSync(certPath)
+
+appPromise.then((app) => {
+  const httpsServer = https.createServer({ key, cert }, app)
+
+  const sasJsPort = process.env.PORT ?? 5000
+  httpsServer.listen(sasJsPort, () => {
+    console.log(
+      `⚡️[server]: Server is running at https://localhost:${sasJsPort}`
+    )
+  })
+})
--- a/api/src/routes/api/code.ts
+++ b/api/src/routes/api/code.ts
@@ -12,12 +12,6 @@ runRouter.post('/execute', async (req, res) => {

  try {
    const response = await controller.executeSASCode(req, body)
-
-    if (response instanceof Buffer) {
-      res.writeHead(200, (req as any).sasHeaders)
-      return res.end(response)
-    }
-
    res.send(response)
  } catch (err: any) {
    const statusCode = err.code
--- a/api/src/routes/api/drive.ts
+++ b/api/src/routes/api/drive.ts
@@ -1,20 +1,11 @@
 import express from 'express'
-import { deleteFile } from '@sasjs/utils'
-
-import { multerSingle } from '../../middlewares/multer'
 import { DriveController } from '../../controllers/'
-import {
-  getFileDriveValidation,
-  updateFileDriveValidation,
-  uploadFileBodyValidation,
-  uploadFileParamValidation
-} from '../../utils'
-
-const controller = new DriveController()
+import { getFileDriveValidation, updateFileDriveValidation } from '../../utils'

 const driveRouter = express.Router()

 driveRouter.post('/deploy', async (req, res) => {
+  const controller = new DriveController()
  try {
    const response = await controller.deploy(req.body)
    res.send(response)
@@ -31,45 +22,41 @@ driveRouter.get('/file', async (req, res) => {
  const { error, value: query } = getFileDriveValidation(req.query)
  if (error) return res.status(400).send(error.details[0].message)

+  const controller = new DriveController()
  try {
-    await controller.getFile(req, query.filePath)
+    const response = await controller.getFile(query.filePath)
+    res.send(response)
  } catch (err: any) {
-    res.status(403).send(err.toString())
+    const statusCode = err.code
+
+    delete err.code
+
+    res.status(statusCode).send(err)
  }
 })

-driveRouter.post(
-  '/file',
-  (...arg) => multerSingle('file', arg),
-  async (req, res) => {
-    const { error: errQ, value: query } = uploadFileParamValidation(req.query)
-    const { error: errB, value: body } = uploadFileBodyValidation(req.body)
+driveRouter.post('/file', async (req, res) => {
+  const { error, value: body } = updateFileDriveValidation(req.body)
+  if (error) return res.status(400).send(error.details[0].message)

-    if (errQ && errB) {
-      if (req.file) await deleteFile(req.file.path)
-      return res.status(400).send(errB.details[0].message)
-    }
+  const controller = new DriveController()
+  try {
+    const response = await controller.saveFile(body)
+    res.send(response)
+  } catch (err: any) {
+    const statusCode = err.code

-    if (!req.file) return res.status(400).send('"file" is not present.')
+    delete err.code

-    try {
-      const response = await controller.saveFile(
-        req.file,
-        query._filePath,
-        body.filePath
-      )
-      res.send(response)
-    } catch (err: any) {
-      await deleteFile(req.file.path)
-      res.status(403).send(err.toString())
-    }
+    res.status(statusCode).send(err)
  }
-)
+})

 driveRouter.patch('/file', async (req, res) => {
  const { error, value: body } = updateFileDriveValidation(req.body)
  if (error) return res.status(400).send(error.details[0].message)

+  const controller = new DriveController()
  try {
    const response = await controller.updateFile(body)
    res.send(response)
@@ -83,6 +70,7 @@ driveRouter.patch('/file', async (req, res) => {
 })

 driveRouter.get('/fileTree', async (req, res) => {
+  const controller = new DriveController()
  try {
    const response = await controller.getFileTree()
    res.send(response)
--- a/api/src/routes/api/session.ts
+++ b/api/src/routes/api/session.ts
@@ -1,5 +1,6 @@
 import express from 'express'
 import { SessionController } from '../../controllers'
+import { authenticateAccessToken } from '../../middlewares'

 const sessionRouter = express.Router()

--- a/api/src/routes/api/spec/drive.spec.ts
+++ b/api/src/routes/api/spec/drive.spec.ts
@@ -1,34 +1,15 @@
-import path from 'path'
 import { Express } from 'express'
 import mongoose, { Mongoose } from 'mongoose'
 import { MongoMemoryServer } from 'mongodb-memory-server'
 import request from 'supertest'
-
-import {
-  folderExists,
-  fileExists,
-  readFile,
-  deleteFolder,
-  generateTimestamp,
-  copy
-} from '@sasjs/utils'
-import * as fileUtilModules from '../../../utils/file'
-
-const timestamp = generateTimestamp()
-const tmpFolder = path.join(process.cwd(), `tmp-${timestamp}`)
-jest
-  .spyOn(fileUtilModules, 'getTmpFolderPath')
-  .mockImplementation(() => tmpFolder)
-jest
-  .spyOn(fileUtilModules, 'getTmpUploadsPath')
-  .mockImplementation(() => path.join(tmpFolder, 'uploads'))
-
 import appPromise from '../../../app'
 import { UserController } from '../../../controllers/'
 import { getTreeExample } from '../../../controllers/internal'
+import { getTmpFilesFolderPath } from '../../../utils/file'
+import { folderExists, fileExists, readFile, deleteFolder } from '@sasjs/utils'
+import path from 'path'
+import { generateAccessToken, saveTokensInDB } from '../../../utils'
 import { FolderMember, ServiceMember } from '../../../types'
-import { generateAccessToken, saveTokensInDB } from '../../../utils/'
-const { getTmpFilesFolderPath } = fileUtilModules

 let app: Express
 appPromise.then((_app) => {
@@ -49,27 +30,28 @@ describe('files', () => {
  let mongoServer: MongoMemoryServer
  const controller = new UserController()

-  let accessToken: string
-
  beforeAll(async () => {
    mongoServer = await MongoMemoryServer.create()
    con = await mongoose.connect(mongoServer.getUri())
-
-    const dbUser = await controller.createUser(user)
-    accessToken = generateAccessToken({
-      clientId,
-      userId: dbUser.id
-    })
-    await saveTokensInDB(dbUser.id, clientId, accessToken, 'refreshToken')
  })

  afterAll(async () => {
    await con.connection.dropDatabase()
    await con.connection.close()
    await mongoServer.stop()
-    await deleteFolder(tmpFolder)
  })
  describe('deploy', () => {
+    let accessToken: string
+    let dbUser: any
+
+    beforeAll(async () => {
+      dbUser = await controller.createUser(user)
+      accessToken = generateAccessToken({
+        clientId,
+        userId: dbUser.id
+      })
+      await saveTokensInDB(dbUser.id, clientId, accessToken, 'refreshToken')
+    })
    const shouldFailAssertion = async (payload: any) => {
      const res = await request(app)
        .post('/SASjsApi/drive/deploy')
@@ -162,6 +144,8 @@ describe('files', () => {
      const exampleService = getExampleService()
      const testJobFile = path.join(testJobFolder, exampleService.name) + '.sas'

+      console.log(`[testJobFile]`, testJobFile)
+
      await expect(fileExists(testJobFile)).resolves.toEqual(true)

      await expect(readFile(testJobFile)).resolves.toEqual(exampleService.code)
@@ -169,159 +153,6 @@ describe('files', () => {
      await deleteFolder(getTmpFilesFolderPath())
    })
  })
-
-  describe('file', () => {
-    describe('create', () => {
-      it('should create a SAS file on drive having filePath as form field', async () => {
-        const res = await request(app)
-          .post('/SASjsApi/drive/file')
-          .auth(accessToken, { type: 'bearer' })
-          .field('filePath', '/my/path/code.sas')
-          .attach('file', path.join(__dirname, 'files', 'sample.sas'))
-
-        expect(res.statusCode).toEqual(200)
-        expect(res.body).toEqual({
-          status: 'success'
-        })
-      })
-
-      it('should create a SAS file on drive having _filePath as query param', async () => {
-        const res = await request(app)
-          .post('/SASjsApi/drive/file')
-          .auth(accessToken, { type: 'bearer' })
-          .query({ _filePath: '/my/path/code1.sas' })
-          .attach('file', path.join(__dirname, 'files', 'sample.sas'))
-
-        expect(res.statusCode).toEqual(200)
-        expect(res.body).toEqual({
-          status: 'success'
-        })
-      })
-
-      it('should respond with Unauthorized if access token is not present', async () => {
-        const res = await request(app)
-          .post('/SASjsApi/drive/file')
-          .field('filePath', '/my/path/code.sas')
-          .attach('file', path.join(__dirname, 'files', 'sample.sas'))
-          .expect(401)
-
-        expect(res.text).toEqual('Unauthorized')
-        expect(res.body).toEqual({})
-      })
-
-      it('should respond with Forbidden if file is already present', async () => {
-        const fileToAttachPath = path.join(__dirname, 'files', 'sample.sas')
-        const pathToUpload = '/my/path/code.sas'
-
-        const pathToCopy = path.join(
-          fileUtilModules.getTmpFilesFolderPath(),
-          pathToUpload
-        )
-        await copy(fileToAttachPath, pathToCopy)
-
-        const res = await request(app)
-          .post('/SASjsApi/drive/file')
-          .auth(accessToken, { type: 'bearer' })
-          .field('filePath', pathToUpload)
-          .attach('file', fileToAttachPath)
-          .expect(403)
-
-        expect(res.text).toEqual('Error: File already exists.')
-        expect(res.body).toEqual({})
-      })
-
-      it('should respond with Forbidden if filePath outside Drive', async () => {
-        const fileToAttachPath = path.join(__dirname, 'files', 'sample.sas')
-        const pathToUpload = '/../path/code.sas'
-
-        const res = await request(app)
-          .post('/SASjsApi/drive/file')
-          .auth(accessToken, { type: 'bearer' })
-          .field('filePath', pathToUpload)
-          .attach('file', fileToAttachPath)
-          .expect(403)
-
-        expect(res.text).toEqual('Error: Cannot put file outside drive.')
-        expect(res.body).toEqual({})
-      })
-
-      it('should respond with Bad Request if filePath is missing', async () => {
-        const fileToAttachPath = path.join(__dirname, 'files', 'sample.sas')
-
-        const res = await request(app)
-          .post('/SASjsApi/drive/file')
-          .auth(accessToken, { type: 'bearer' })
-          .attach('file', fileToAttachPath)
-          .expect(400)
-
-        expect(res.text).toEqual(`"filePath" is required`)
-        expect(res.body).toEqual({})
-      })
-
-      it("should respond with Bad Request if filePath doesn't has correct extension", async () => {
-        const fileToAttachPath = path.join(__dirname, 'files', 'sample.sas')
-        const pathToUpload = '/my/path/code.oth'
-
-        const res = await request(app)
-          .post('/SASjsApi/drive/file')
-          .auth(accessToken, { type: 'bearer' })
-          .field('filePath', pathToUpload)
-          .attach('file', fileToAttachPath)
-          .expect(400)
-
-        expect(res.text).toEqual('Valid extensions for filePath: .sas')
-        expect(res.body).toEqual({})
-      })
-
-      it('should respond with Bad Request if file is missing', async () => {
-        const pathToUpload = '/my/path/code.sas'
-
-        const res = await request(app)
-          .post('/SASjsApi/drive/file')
-          .auth(accessToken, { type: 'bearer' })
-          .field('filePath', pathToUpload)
-          .expect(400)
-
-        expect(res.text).toEqual('"file" is not present.')
-        expect(res.body).toEqual({})
-      })
-
-      it("should respond with Bad Request if attached file doesn't has correct extension", async () => {
-        const fileToAttachPath = path.join(__dirname, 'files', 'sample.oth')
-        const pathToUpload = '/my/path/code.sas'
-
-        const res = await request(app)
-          .post('/SASjsApi/drive/file')
-          .auth(accessToken, { type: 'bearer' })
-          .field('filePath', pathToUpload)
-          .attach('file', fileToAttachPath)
-          .expect(400)
-
-        expect(res.text).toEqual(
-          `File extension '.oth' not acceptable. Valid extension(s): .sas`
-        )
-        expect(res.body).toEqual({})
-      })
-
-      it('should respond with Bad Request if attached file exceeds file limit', async () => {
-        const pathToUpload = '/my/path/code.sas'
-
-        const attachedFile = Buffer.from('.'.repeat(20 * 1024 * 1024))
-
-        const res = await request(app)
-          .post('/SASjsApi/drive/file')
-          .auth(accessToken, { type: 'bearer' })
-          .field('filePath', pathToUpload)
-          .attach('file', attachedFile, 'another.sas')
-          .expect(400)
-
-        expect(res.text).toEqual(
-          'File size is over limit. File limit is: 10 MB'
-        )
-        expect(res.body).toEqual({})
-      })
-    })
-  })
 })

 const getExampleService = (): ServiceMember =>
--- a/api/src/routes/api/spec/files/sample.oth
+++ b/api/src/routes/api/spec/files/sample.oth
@@ -1 +0,0 @@
-some code of sas
--- a/api/src/routes/api/spec/files/sample.sas
+++ b/api/src/routes/api/spec/files/sample.sas
@@ -1 +0,0 @@
-some code of sas
--- a/api/src/routes/api/stp.ts
+++ b/api/src/routes/api/stp.ts
@@ -1,5 +1,5 @@
 import express from 'express'
-import { executeProgramRawValidation } from '../../utils'
+import { executeProgramRawValidation, runSASValidation } from '../../utils'
 import { STPController } from '../../controllers/'
 import { FileUploadController } from '../../controllers/internal'

@@ -14,12 +14,6 @@ stpRouter.get('/execute', async (req, res) => {

  try {
    const response = await controller.executeReturnRaw(req, query._program)
-
-    if (response instanceof Buffer) {
-      res.writeHead(200, (req as any).sasHeaders)
-      return res.end(response)
-    }
-
    res.send(response)
  } catch (err: any) {
    const statusCode = err.code
@@ -32,7 +26,7 @@ stpRouter.get('/execute', async (req, res) => {

 stpRouter.post(
  '/execute',
-  fileUploadController.preUploadMiddleware,
+  fileUploadController.preuploadMiddleware,
  fileUploadController.getMulterUploadObject().any(),
  async (req: any, res: any) => {
    const { error: errQ, value: query } = executeProgramRawValidation(req.query)
@@ -46,12 +40,6 @@ stpRouter.post(
        body,
        query?._program
      )
-
-      if (response instanceof Buffer) {
-        res.writeHead(200, (req as any).sasHeaders)
-        return res.end(response)
-      }
-
      res.send(response)
    } catch (err: any) {
      const statusCode = err.code
--- a/api/src/routes/setupRoutes.ts
+++ b/api/src/routes/setupRoutes.ts
@@ -1,9 +0,0 @@
-import { Express } from 'express'
-
-import webRouter from './web'
-import apiRouter from './api'
-
-export const setupRoutes = (app: Express) => {
-  app.use('/', webRouter)
-  app.use('/SASjsApi', apiRouter)
-}
--- a/api/src/server.ts
+++ b/api/src/server.ts
@@ -1,28 +1,10 @@
-import { createServer } from 'https'
-
 import appPromise from './app'
-import { getCertificates } from './utils'

-appPromise.then(async (app) => {
-  const protocol = process.env.PROTOCOL ?? 'http'
+appPromise.then((app) => {
  const sasJsPort = process.env.PORT ?? 5000
-
-  console.log('PROTOCOL: ', protocol)
-
-  if (protocol !== 'https') {
-    app.listen(sasJsPort, () => {
-      console.log(
-        `⚡️[server]: Server is running at http://localhost:${sasJsPort}`
-      )
-    })
-  } else {
-    const { key, cert } = await getCertificates()
-
-    const httpsServer = createServer({ key, cert }, app)
-    httpsServer.listen(sasJsPort, () => {
-      console.log(
-        `⚡️[server]: Server is running at https://localhost:${sasJsPort}`
-      )
-    })
-  }
+  app.listen(sasJsPort, () => {
+    console.log(
+      `⚡️[server]: Server is running at http://localhost:${sasJsPort}`
+    )
+  })
 })
--- a/api/src/utils/connectDB.ts
+++ b/api/src/utils/connectDB.ts
@@ -1,19 +1,40 @@
+import path from 'path'
 import mongoose from 'mongoose'
+import { configuration } from '../../package.json'
+import { getDesktopFields } from '.'
 import { populateClients } from '../routes/api/auth'
+import { getRealPath } from '@sasjs/utils'

 export const connectDB = async () => {
  // NOTE: when exporting app.js as agent for supertest
  // we should exclude connecting to the real database
  if (process.env.NODE_ENV === 'test') {
+    process.driveLoc = path.join(process.cwd(), 'tmp')
    return
  } else {
    const { MODE } = process.env

    if (MODE?.trim() !== 'server') {
      console.log('Running in Destop Mode, no DB to connect.')
-      return
+
+      const { sasLoc, driveLoc } = await getDesktopFields()
+
+      process.sasLoc = sasLoc
+      process.driveLoc = driveLoc
+    } else {
+      const { SAS_PATH, DRIVE_PATH } = process.env
+
+      process.sasLoc = SAS_PATH ?? configuration.sasPath
+      process.driveLoc = getRealPath(
+        path.join(process.cwd(), DRIVE_PATH ?? 'tmp')
+      )
    }

+    console.log('sasLoc: ', process.sasLoc)
+    console.log('sasDrive: ', process.driveLoc)
+
+    if (MODE?.trim() !== 'server') return
+
    mongoose.connect(process.env.DB_CONNECT as string, async (err) => {
      if (err) throw err

--- a/api/src/utils/extractHeaders.ts
+++ b/api/src/utils/extractHeaders.ts
@@ -1,25 +0,0 @@
-const headerUtils = require('http-headers-validation')
-
-export interface HTTPHeaders {
-  [key: string]: string
-}
-
-export const extractHeaders = (content?: string): HTTPHeaders => {
-  const headersObj: HTTPHeaders = {}
-  const headersArr = content
-    ?.split('\n')
-    .map((line) => line.trim())
-    .filter((line) => !!line)
-
-  headersArr?.forEach((headerStr) => {
-    const [key, value] = headerStr.split(':').map((data) => data.trim())
-
-    if (value && headerUtils.validateHeader(key, value)) {
-      headersObj[key.toLowerCase()] = value
-    } else {
-      delete headersObj[key.toLowerCase()]
-    }
-  })
-
-  return headersObj
-}
--- a/api/src/utils/file.ts
+++ b/api/src/utils/file.ts
@@ -8,15 +8,11 @@ export const sysInitCompiledPath = path.join(
  'systemInitCompiled.sas'
 )

-export const sasJSCoreMacros = path.join(apiRoot, 'sasjscore')
-
 export const getWebBuildFolderPath = () =>
  path.join(codebaseRoot, 'web', 'build')

 export const getTmpFolderPath = () => process.driveLoc

-export const getTmpUploadsPath = () => path.join(getTmpFolderPath(), 'uploads')
-
 export const getTmpFilesFolderPath = () =>
  path.join(getTmpFolderPath(), 'files')

--- a/api/src/utils/generateAccessToken.ts
+++ b/api/src/utils/generateAccessToken.ts
@@ -3,5 +3,5 @@ import { InfoJWT } from '../types'

 export const generateAccessToken = (data: InfoJWT) =>
  jwt.sign(data, process.env.ACCESS_TOKEN_SECRET as string, {
-    expiresIn: '1day'
+    expiresIn: '1h'
  })
--- a/api/src/utils/generateRefreshToken.ts
+++ b/api/src/utils/generateRefreshToken.ts
@@ -3,5 +3,5 @@ import { InfoJWT } from '../types'

 export const generateRefreshToken = (data: InfoJWT) =>
  jwt.sign(data, process.env.REFRESH_TOKEN_SECRET as string, {
-    expiresIn: '30 days'
+    expiresIn: '1day'
  })
--- a/api/src/utils/getCertificates.ts
+++ b/api/src/utils/getCertificates.ts
@@ -1,36 +0,0 @@
-import path from 'path'
-import { fileExists, getString, readFile } from '@sasjs/utils'
-
-export const getCertificates = async () => {
-  const { PRIVATE_KEY, FULL_CHAIN } = process.env
-
-  const keyPath = PRIVATE_KEY ?? (await getFileInput('Private Key (PEM)'))
-  const certPath = FULL_CHAIN ?? (await getFileInput('Full Chain (PEM)'))
-
-  console.log('keyPath: ', keyPath)
-  console.log('certPath: ', certPath)
-
-  const key = await readFile(keyPath)
-  const cert = await readFile(certPath)
-
-  return { key, cert }
-}
-
-const getFileInput = async (filename: string): Promise<string> => {
-  const validator = async (filePath: string) => {
-    if (!filePath) return `Path to ${filename} is required.`
-
-    if (!(await fileExists(path.join(process.cwd(), filePath)))) {
-      return 'No file found at provided path.'
-    }
-
-    return true
-  }
-
-  const targetName = await getString(
-    `Please enter path to ${filename} (relative path): `,
-    validator
-  )
-
-  return targetName
-}
--- a/api/src/utils/index.ts
+++ b/api/src/utils/index.ts
@@ -1,15 +1,11 @@
 export * from './connectDB'
-export * from './extractHeaders'
 export * from './file'
 export * from './generateAccessToken'
 export * from './generateAuthCode'
 export * from './generateRefreshToken'
-export * from './getCertificates'
 export * from './getDesktopFields'
-export * from './parseLogToArray'
 export * from './removeTokensInDB'
 export * from './saveTokensInDB'
-export * from './setProcessVariables'
 export * from './sleep'
 export * from './upload'
 export * from './validation'
--- a/api/src/utils/parseLogToArray.ts
+++ b/api/src/utils/parseLogToArray.ts
@@ -1,9 +0,0 @@
-export interface LogLine {
-  line: string
-}
-
-export const parseLogToArray = (content?: string): LogLine[] => {
-  if (!content) return []
-
-  return content.split('\n').map((line) => ({ line: line }))
-}
--- a/api/src/utils/setProcessVariables.ts
+++ b/api/src/utils/setProcessVariables.ts
@@ -1,31 +0,0 @@
-import path from 'path'
-import { getRealPath } from '@sasjs/utils'
-
-import { configuration } from '../../package.json'
-import { getDesktopFields } from '.'
-
-export const setProcessVariables = async () => {
-  if (process.env.NODE_ENV === 'test') {
-    process.driveLoc = path.join(process.cwd(), 'tmp')
-    return
-  }
-
-  const { MODE } = process.env
-
-  if (MODE?.trim() !== 'server') {
-    const { sasLoc, driveLoc } = await getDesktopFields()
-
-    process.sasLoc = sasLoc
-    process.driveLoc = driveLoc
-  } else {
-    const { SAS_PATH, DRIVE_PATH } = process.env
-
-    process.sasLoc = SAS_PATH ?? configuration.sasPath
-    process.driveLoc = getRealPath(
-      path.join(process.cwd(), DRIVE_PATH ?? 'tmp')
-    )
-  }
-
-  console.log('sasLoc: ', process.sasLoc)
-  console.log('sasDrive: ', process.driveLoc)
-}
--- a/api/src/utils/specs/extractHeaders.spec.ts
+++ b/api/src/utils/specs/extractHeaders.spec.ts
@@ -1,52 +0,0 @@
-import { extractHeaders } from '..'
-
-describe('extractHeaders', () => {
-  it('should return valid http headers', () => {
-    const headers = extractHeaders(`
-      Content-type: application/csv
-      Cache-Control: public, max-age=2000
-      Content-type: application/text
-      Cache-Control: public, max-age=1500
-      Content-type: application/zip
-      Cache-Control: public, max-age=1000
-    `)
-
-    expect(headers).toEqual({
-      'content-type': 'application/zip',
-      'cache-control': 'public, max-age=1000'
-    })
-  })
-
-  it('should not return http headers if last occurrence is blank', () => {
-    const headers = extractHeaders(`
-      Content-type: application/csv
-      Cache-Control: public, max-age=1000
-      Content-type: application/text
-      Content-type:    
-    `)
-
-    expect(headers).toEqual({ 'cache-control': 'public, max-age=1000' })
-  })
-
-  it('should return only valid http headers', () => {
-    const headers = extractHeaders(`
-      Content-type[]: application/csv
-      Content//-type: application/text
-      Content()-type: application/zip
-    `)
-
-    expect(headers).toEqual({})
-  })
-
-  it('should return http headers if empty', () => {
-    const headers = extractHeaders('')
-
-    expect(headers).toEqual({})
-  })
-
-  it('should return http headers if not provided', () => {
-    const headers = extractHeaders()
-
-    expect(headers).toEqual({})
-  })
-})
--- a/api/src/utils/specs/parseLogToArray.spec.ts
+++ b/api/src/utils/specs/parseLogToArray.spec.ts
@@ -1,33 +0,0 @@
-import { parseLogToArray } from '..'
-
-describe('parseLogToArray', () => {
-  it('should parse log to array type', () => {
-    const log = parseLogToArray(`
-line 1 of log content
-line 2 of log content
-line 3 of log content
-line 4 of log content
-    `)
-
-    expect(log).toEqual([
-      { line: '' },
-      { line: 'line 1 of log content' },
-      { line: 'line 2 of log content' },
-      { line: 'line 3 of log content' },
-      { line: 'line 4 of log content' },
-      { line: '    ' }
-    ])
-  })
-
-  it('should parse log to array type if empty', () => {
-    const log = parseLogToArray('')
-
-    expect(log).toEqual([])
-  })
-
-  it('should parse log to array type if not provided', () => {
-    const log = parseLogToArray()
-
-    expect(log).toEqual([])
-  })
-})
--- a/api/src/utils/validation.ts
+++ b/api/src/utils/validation.ts
@@ -77,20 +77,6 @@ export const updateFileDriveValidation = (data: any): Joi.ValidationResult =>
    fileContent: Joi.string().required()
  }).validate(data)

-export const uploadFileBodyValidation = (data: any): Joi.ValidationResult =>
-  Joi.object({
-    filePath: Joi.string().pattern(/.sas$/).required().messages({
-      'string.pattern.base': `Valid extensions for filePath: .sas`
-    })
-  }).validate(data)
-
-export const uploadFileParamValidation = (data: any): Joi.ValidationResult =>
-  Joi.object({
-    _filePath: Joi.string().pattern(/.sas$/).required().messages({
-      'string.pattern.base': `Valid extensions for filePath: .sas`
-    })
-  }).validate(data)
-
 export const runSASValidation = (data: any): Joi.ValidationResult =>
  Joi.object({
    code: Joi.string().required()
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -14,14 +14,14 @@ services:
      REFRESH_TOKEN_SECRET: ${REFRESH_TOKEN_SECRET}
      AUTH_CODE_SECRET: ${AUTH_CODE_SECRET}
      DB_CONNECT: mongodb://mongodb:27017/sasjs
-      SAS_PATH: /usr/server/sasexe/${SAS_EXEC_NAME}
+      SAS_PATH: /usr/server/sasexe
    expose:
      - ${PORT_API}
    ports:
      - ${PORT_API}:${PORT_API}
    volumes:
      - type: bind
-        source: ${SAS_EXEC_PATH}
+        source: ${SAS_EXEC}
        target: /usr/server/sasexe
        read_only: true
    links:
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -1,12 +1,12 @@
 {
  "name": "server",
-  "version": "0.0.30",
+  "version": "0.0.23",
  "description": "NodeJS wrapper for calling the SAS binary executable",
  "repository": "https://github.com/sasjs/server",
  "scripts": {
    "server": "npm run server:prepare && npm run server:start",
    "server:prepare": "cd web && npm ci && npm run build && cd ../api && npm ci && cd ..",
-    "server:start": "cd api && npm run start",
+    "server:start": "cd api && npm run start:prod",
    "release": "standard-version",
    "lint-api:fix": "npx prettier --write \"api/src/**/*.{ts,tsx,js,jsx,html,css,sass,less,yml,md,graphql}\"",
    "lint-api": "npx prettier --check \"api/src/**/*.{ts,tsx,js,jsx,html,css,sass,less,yml,md,graphql}\"",
--- a/restClient/auth.rest
+++ b/restClient/auth.rest
@@ -1,22 +0,0 @@
-### Get Auth Code
-POST http://localhost:5000/SASjsApi/auth/authorize
-Content-Type: application/json
-
-{
-  "username": "secretuser",
-  "password": "secretpassword",
-  "client_id": "clientID1"
-}
-
-### Exchange AuthCode with Access/Refresh Tokens
-POST http://localhost:5000/SASjsApi/auth/token
-Content-Type: application/json
-
-{
-  "client_id": "clientID1",
-  "client_secret": "clientID1secret",
-  "code": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRfaWQiOiJjbGllbnRJRDEiLCJ1c2VybmFtZSI6InVzZXJuYW1lMSIsImlzYWRtaW4iOmZhbHNlLCJpc2FjdGl2ZSI6dHJ1ZSwiaWF0IjoxNjM1ODA0MDYxLCJleHAiOjE2MzU4MDQwOTF9.jV7DpBWG7XAGODs22zAW_kWOqVLZvOxmmYJGpSNQ-KM"
-}
-
-### Perform logout to deactivate access token instantly
-DELETE http://localhost:5000/SASjsApi/auth/logout
--- a/restClient/drive.rest
+++ b/restClient/drive.rest
@@ -1,45 +0,0 @@
-###
-POST http://localhost:5000/SASjsApi/drive/deploy
-Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRfaWQiOiJjbGllbnRJRDEiLCJ1c2VybmFtZSI6InVzZXJuYW1lMSIsImlzYWRtaW4iOmZhbHNlLCJpc2FjdGl2ZSI6dHJ1ZSwiaWF0IjoxNjM1ODA0MDc2LCJleHAiOjE2MzU4OTA0NzZ9.Cx1F54ILgAUtnkit0Wg1K1YVO2RdNjOnTKdPhUtDm5I
-
-### multipart upload to sas server file
-POST http://localhost:5000/SASjsApi/drive/file
-Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW
-
------WebKitFormBoundary7MA4YWxkTrZu0gW
-Content-Disposition: form-data; name="filePath"
-
-/saad/files/new.sas
------WebKitFormBoundary7MA4YWxkTrZu0gW
-Content-Disposition: form-data; name="file"; filename="sample_new.sas"
-Content-Type: application/octet-stream
-
-< ./sample.sas
------WebKitFormBoundary7MA4YWxkTrZu0gW--
-
-### multipart upload to sas server file text
-POST http://localhost:5000/SASjsApi/drive/file
-Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW
-  
------WebKitFormBoundary7MA4YWxkTrZu0gW \n
-Content-Disposition: form-data; name="filePath"
-
-/saad/files/new2.sas
------WebKitFormBoundary7MA4YWxkTrZu0gW
-Content-Disposition: form-data; name="file"; filename="sample_new.sas"
-Content-Type: text/plain
-
-SOME CONTENTS OF SAS FILE IN REQUEST
-
------WebKitFormBoundary7MA4YWxkTrZu0gW--
-
-
-Users
-  "username": "username1",
-  "password": "some password",
-
-  "username": "username2",
-  "password": "some password",
-Admins
-  "username": "secretuser",
-  "password": "secretpassword",
--- a/restClient/sample.sas
+++ b/restClient/sample.sas
@@ -1 +0,0 @@
-some code of sas
--- a/restClient/session.rest
+++ b/restClient/session.rest
@@ -1,2 +0,0 @@
-### Get current user's info via access token
-GET http://localhost:5000/SASjsApi/session
--- a/restClient/users.rest
+++ b/restClient/users.rest
@@ -1,10 +0,0 @@
-### Create User
-POST http://localhost:5000/SASjsApi/user
-Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRfaWQiOiJjbGllbnRJRDEiLCJ1c2VybmFtZSI6InNlY3JldHVzZXIiLCJpc2FkbWluIjp0cnVlLCJpc2FjdGl2ZSI6dHJ1ZSwiaWF0IjoxNjM1ODAzOTc3LCJleHAiOjE2MzU4OTAzNzd9.f-FLgLwryKvB5XrihdzaGZajO3d5E5OHEEuJI_03GRI
-Content-Type: application/json
-
-{
-  "displayname": "User 2",
-  "username": "username2",
-  "password": "some password"
-}
--- a/restClient/routes.rest
+++ b/restClient/routes.rest
@@ -23,7 +23,7 @@ Content-Type: application/json
  "client_secret": "newClientSecret"
 }
 ###
-POST http://localhost:5000/SASjsApi/auth/authorize
+POST https://sas.analytium.co.uk:5002/SASjsApi/auth/authorize
 Content-Type: application/json

 {
@@ -45,41 +45,6 @@ Content-Type: application/json
 ###
 DELETE http://localhost:5000/SASjsApi/auth/logout

-###
-GET http://localhost:5000/SASjsApi/session
-
-
-### multipart upload to sas server file
-POST http://localhost:5000/SASjsApi/drive/file
-Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW
-
------WebKitFormBoundary7MA4YWxkTrZu0gW
-Content-Disposition: form-data; name="filePath"
-
-/saad/files/new.sas
------WebKitFormBoundary7MA4YWxkTrZu0gW
-Content-Disposition: form-data; name="file"; filename="sample_new.sas"
-Content-Type: application/octet-stream
-
-< ./sample.sas
------WebKitFormBoundary7MA4YWxkTrZu0gW--
-
-### multipart upload to sas server file text
-POST http://localhost:5000/SASjsApi/drive/file
-Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW
-  
------WebKitFormBoundary7MA4YWxkTrZu0gW \n
-Content-Disposition: form-data; name="filePath"
-
-/saad/files/new2.sas
------WebKitFormBoundary7MA4YWxkTrZu0gW
-Content-Disposition: form-data; name="file"; filename="sample_new.sas"
-Content-Type: text/plain
-
-SOME CONTENTS OF SAS FILE IN REQUEST
-
------WebKitFormBoundary7MA4YWxkTrZu0gW--
-

 Users
  "username": "username1",
--- a/web/.babelrc
+++ b/web/.babelrc
@@ -1,4 +0,0 @@
-{
-  "presets": ["@babel/env", "@babel/react", "@babel/preset-typescript"],
-  "plugins": ["@babel/plugin-proposal-class-properties"]
-}
--- a/web/.env.example
+++ b/web/.env.example
@@ -1,2 +1,2 @@
-PORT_API=[place sasjs server port] default value is 5000
-CLIENT_ID=<place clientId here>
+REACT_APP_PORT_API=[place sasjs server port] default value is 5000
+REACT_APP_CLIENT_ID=<place clientId here>
--- a/web/package-lock.json
+++ b/web/package-lock.json
--- a/web/package.json
+++ b/web/package.json
@@ -3,8 +3,10 @@
  "version": "0.1.0",
  "private": true,
  "scripts": {
-    "start": "npx webpack-dev-server --config webpack.dev.ts --hot",
-    "build": "npx webpack --config webpack.prod.ts"
+    "start": "react-scripts start",
+    "build": "react-scripts build",
+    "test": "react-scripts test",
+    "eject": "react-scripts eject"
  },
  "dependencies": {
    "@emotion/react": "^11.4.1",
@@ -20,43 +22,19 @@
    "@types/jest": "^26.0.24",
    "@types/node": "^12.20.28",
    "@types/react": "^17.0.27",
-    "axios": "^0.24.0",
+    "@types/react-dom": "^17.0.9",
+    "axios": "^0.22.0",
    "react": "^17.0.2",
    "react-dom": "^17.0.2",
-    "react-router-dom": "^5.3.0"
+    "react-router-dom": "^5.3.0",
+    "react-scripts": "4.0.3",
+    "typescript": "^4.4.3"
  },
  "devDependencies": {
-    "@babel/core": "^7.16.0",
-    "@babel/node": "^7.16.0",
-    "@babel/plugin-proposal-class-properties": "^7.16.0",
-    "@babel/preset-env": "^7.16.4",
-    "@babel/preset-react": "^7.16.0",
-    "@babel/preset-typescript": "^7.16.0",
-    "@types/dotenv-webpack": "^7.0.3",
    "@types/prismjs": "^1.16.6",
-    "@types/react": "^17.0.37",
-    "@types/react-dom": "^17.0.11",
    "@types/react-router-dom": "^5.3.1",
-    "babel-loader": "^8.2.3",
    "babel-plugin-prismjs": "^2.1.0",
-    "copy-webpack-plugin": "^10.0.0",
-    "css-loader": "^6.5.1",
-    "dotenv-webpack": "^7.1.0",
-    "eslint": "^8.5.0",
-    "eslint-config-react-app": "^7.0.0",
-    "eslint-webpack-plugin": "^3.1.1",
-    "file-loader": "^6.2.0",
-    "html-webpack-plugin": "5.5.0",
-    "path": "0.12.7",
-    "prettier": "^2.4.1",
-    "sass": "^1.44.0",
-    "sass-loader": "^12.3.0",
-    "style-loader": "^3.3.1",
-    "ts-loader": "^9.2.6",
-    "typescript": "^4.5.2",
-    "webpack": "5.64.3",
-    "webpack-cli": "^4.9.2",
-    "webpack-dev-server": "4.7.4"
+    "prettier": "^2.4.1"
  },
  "eslintConfig": {
    "extends": [
--- a/web/public/index.html
+++ b/web/public/index.html
@@ -2,7 +2,7 @@
 <html lang="en">
  <head>
    <meta charset="utf-8" />
-    <link rel="icon" href="favicon.ico" />
+    <link rel="icon" href="%PUBLIC_URL%/favicon.ico" />
    <meta name="viewport" content="width=device-width, initial-scale=1" />
    <meta name="theme-color" content="#000000" />
    <meta name="description" content="SASjs Server Web Interface" />
@@ -10,7 +10,7 @@
      manifest.json provides metadata used when your web app is installed on a
      user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
    -->
-    <link rel="manifest" href="manifest.json" />
+    <link rel="manifest" href="%PUBLIC_URL%/manifest.json" />
    <!--
      Notice the use of %PUBLIC_URL% in the tags above.
      It will be replaced with the URL of the `public` folder during the build.
--- a/web/src/components/login.tsx
+++ b/web/src/components/login.tsx
@@ -8,10 +8,11 @@ const headers = {
  Accept: 'application/json',
  'Content-Type': 'application/json'
 }
-const NODE_ENV = process.env.NODE_ENV
-const PORT_API = process.env.PORT_API
+const { NODE_ENV, REACT_APP_PORT_API } = process.env
 const baseUrl =
-  NODE_ENV === 'development' ? `http://localhost:${PORT_API ?? 5000}` : ''
+  NODE_ENV === 'development'
+    ? `http://localhost:${REACT_APP_PORT_API ?? 5000}`
+    : ''

 const getAuthCode = async (credentials: any) => {
  return fetch(`${baseUrl}/SASjsApi/auth/authorize`, {
@@ -45,7 +46,7 @@ const Login = ({ setTokens, getCodeOnly }: any) => {
    error = false
    setErrorMessage('')
    e.preventDefault()
-    let clientId = process.env.CLIENT_ID
+    let { REACT_APP_CLIENT_ID: clientId } = process.env

    if (getCodeOnly) {
      const params = new URLSearchParams(location.search)
--- a/web/src/components/useTokens.ts
+++ b/web/src/components/useTokens.ts
@@ -36,10 +36,11 @@ export default function useTokens() {
  }
 }

-const NODE_ENV = process.env.NODE_ENV
-const PORT_API = process.env.PORT_API
+const { NODE_ENV, REACT_APP_PORT_API } = process.env
 const baseUrl =
-  NODE_ENV === 'development' ? `http://localhost:${PORT_API ?? 5000}` : ''
+  NODE_ENV === 'development'
+    ? `http://localhost:${REACT_APP_PORT_API ?? 5000}`
+    : ''

 const isAbsoluteURLRegex = /^(?:\w+:)\/\//

--- a/web/src/containers/Studio/index.tsx
+++ b/web/src/containers/Studio/index.tsx
@@ -46,11 +46,7 @@ const Studio = () => {
    axios
      .post(`/SASjsApi/code/execute`, { code })
      .then((res: any) => {
-        const parsedLog = res?.data?.log
-          .map((logLine: any) => logLine.line)
-          .join('\n')
-
-        setLog(`<div><h2>SAS Log</h2><pre>${parsedLog}</pre></div>`)
+        setLog(`<div><h2>SAS Log</h2><pre>${res?.data?.log}</pre></div>`)

        let weboutString: string
        try {
--- a/web/webpack.common.ts
+++ b/web/webpack.common.ts
@@ -1,60 +0,0 @@
-import path from 'path'
-import { Configuration } from 'webpack'
-import HtmlWebpackPlugin from 'html-webpack-plugin'
-import CopyPlugin from 'copy-webpack-plugin'
-import dotenv from 'dotenv-webpack'
-
-const config: Configuration = {
-  entry: path.join(__dirname, 'src', 'index.tsx'),
-  resolve: {
-    extensions: ['.tsx', '.ts', '.js', '.jsx']
-  },
-  module: {
-    rules: [
-      {
-        test: /\.(js|jsx)$/,
-        exclude: /node_modules/,
-        use: ['babel-loader']
-      },
-      {
-        test: /\.(ts|tsx)$/,
-        exclude: /node_modules/,
-        use: [
-          {
-            loader: 'ts-loader',
-            options: {
-              compilerOptions: {
-                noEmit: false
-              }
-            }
-          }
-        ]
-      },
-      {
-        test: /\.css$/,
-        exclude: ['/node_modules/'],
-        use: ['style-loader', 'css-loader']
-      },
-      {
-        test: /\.scss$/,
-        exclude: ['/node_modules/'],
-        use: ['style-loader', 'css-loader', 'sass-loader']
-      },
-      {
-        test: /\.(jpg|jpeg|png|gif|mp3|svg)$/,
-        use: ['file-loader']
-      }
-    ]
-  },
-  plugins: [
-    new HtmlWebpackPlugin({
-      template: path.join(__dirname, 'src', 'index.html')
-    }),
-    new CopyPlugin({
-      patterns: [{ from: 'public' }]
-    }),
-    new dotenv()
-  ]
-}
-
-export default config
--- a/web/webpack.dev.ts
+++ b/web/webpack.dev.ts
@@ -1,28 +0,0 @@
-import path from 'path'
-import { Configuration as WebpackConfiguration } from 'webpack'
-import { Configuration as WebpackDevServerConfiguration } from 'webpack-dev-server'
-import { merge } from 'webpack-merge'
-
-import common from './webpack.common'
-
-interface Configuration extends WebpackConfiguration {
-  devServer?: WebpackDevServerConfiguration
-}
-
-const devConfig: Configuration = merge(common, {
-  mode: 'development',
-  output: {
-    path: path.join(__dirname, 'build'),
-    filename: 'index.bundle.js',
-    publicPath: '/'
-  },
-  devServer: {
-    static: {
-      directory: path.join(__dirname, 'build')
-    },
-    historyApiFallback: true,
-    port: 3000
-  }
-})
-
-export default devConfig
--- a/web/webpack.prod.ts
+++ b/web/webpack.prod.ts
@@ -1,19 +0,0 @@
-import path from 'path'
-import { Configuration } from 'webpack'
-import { merge } from 'webpack-merge'
-
-import common from './webpack.common'
-
-const prodConfig: Configuration = merge(common, {
-  mode: 'production',
-  output: {
-    path: path.join(__dirname, 'build'),
-    filename: 'index.bundle.js',
-    publicPath: './'
-  },
-  performance: {
-    hints: false
-  }
-})
-
-export default prodConfig