chore(release): 0.0.60

Merge pull request #155 from sasjs/api-access-via-session-authentication
fix: added CSRF check for granting access via session authentication
2025-12-10 11:24:35 +00:00 · 2022-04-30 18:53:44 +00:00 · 2022-04-30 21:44:35 +03:00 · 2022-04-30 06:32:24 +05:00 · 2022-04-30 05:04:27 +05:00 · 2022-04-29 13:28:34 +01:00
74 changed files with 2078 additions and 662 deletions
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -2,25 +2,22 @@
 Contributions are very welcome!  Feel free to raise an issue or start a discussion, for help in getting started.
 The app can be deployed using Docker or NodeJS.
 ## Configuration
-Configuration is made in the `configuration` section of `package.json`:
+Configuration is made using `.env` files (per [README.md](https://github.com/sasjs/server#env-var-configuration) settings), _except_ for one case, when running in NodeJS in production - in which case the path to the SAS executable is made in the `configuration` section of `package.json`.
- Provide path to SAS9 executable.
+The `.env` file should be created in the location(s) below.  Each folder contains a `.env.example` file that may be adjusted and renamed.
 * `.env` - the root .env file is used only for Docker deploys.
 * `api/.env` - this is the primary file used in NodeJS deploys
 * `web/.env` - this file is only necessary in NodeJS when running `web` and `api` seperately (on different ports).
-### Using dockers:
+## Using Docker
-There is `.env.example` file present at root of the project. [for Production]
+### Docker Development Mode
 There is `.env.example` file present at `./api` of the project. [for Development]
 There is `.env.example` file present at `./web` of the project. [for Development]
 Remember to provide enviornment variables.
 #### Development
 Command to run docker for development:
@@ -38,7 +35,7 @@ It will build following images if running first time:
 - `mongo-seed-clients` - will be populating client data specified in _./mongo-seed/clients/client.json_
-#### Production
+### Docker Production Mode
 Command to run docker for production:
@@ -54,47 +51,45 @@ It will build following images if running first time:
 - `mongo-seed-users` - will be populating user data specified in _./mongo-seed/users/user.json_
 - `mongo-seed-clients` - will be populating client data specified in _./mongo-seed/clients/client.json_
-### Using node:
+## Using NodeJS:
-#### Development (running api and web seperately):
+Be sure to use v16 or above, and to set your environment variables in the relevant `.env` file(s) - else defaults will be used.
-##### API
+### NodeJS Development Mode
-Navigate to `./api`
+SASjs Server is split between an API server (serving REST requests) and a WEB Server (everything else).  These can be run together, or on seperate ports.
-There is `.env.example` file present at `./api` directory. Remember to provide enviornment variables else default values will be used mentioned in `.env.example` files
+
-Command to install and run api server.
+### NodeJS Dev - Single Port
 Here the environment variables should be configured under `api.env`.  Then:
 ```
 cd ./web && npm i && npm build
 cd ../api && npm i && npm start
 ```
 ### NodeJS Dev - Seperate Ports
 Set the backend variables in `api/.env` and the frontend variables in `web/.env`. Then:
 #### API server
 ```
 cd api
 npm install
 npm start
 ```
-##### Web
+#### Web Server 
 Navigate to `./web`
 There is `.env.example` file present at `./web` directory. Remember to provide enviornment variables else default values will be used mentioned in `.env.example` files
 Command to install and run api server.
 ```
 cd web
 npm install
 npm start
 ```
-#### Development (running only api server and have web build served):
+#### NodeJS Production Mode
-##### API server also serving Web build files
+Update the `.env` file in the *api* folder.  Then:
 There is `.env.example` file present at `./api` directory. Remember to provide enviornment variables else default values will be used mentioned in `.env.example` files
 Command to install and run api server.
 ```
 cd ./web && npm i && npm build && cd ../
 cd ./api && npm i && npm start
 ```
 #### Production
 ##### API & WEB
 ```
 npm run server
@@ -105,7 +100,7 @@ This will install/build `web` and install `api`, then start prod server.
 ## Executables
-Command to generate executables
+In order to generate the final executables:
 ```
 cd ./web && npm i && npm build && cd ../
@@ -113,3 +108,7 @@ cd ./api && npm i && npm run exe
 ```
 This will install/build web app and install/create executables of sasjs server at root `./executables`
 ## Releases
 To cut a release, run `npm run release` on the main branch, then push the tags (per the console log link)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,146 @@
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 ### [0.0.60](https://github.com/sasjs/server/compare/v0.0.59...v0.0.60) (2022-04-30)
 ### Bug Fixes
 * added CSRF check for granting access via session authentication ([b060ad1](https://github.com/sasjs/server/commit/b060ad1b8e0bbc61c20dc25be553bba4cc4d2716))
 * setting CSRF Token for only rendering SPA ([b4b60c6](https://github.com/sasjs/server/commit/b4b60c69cf67a42f4797f7f1afe68b7a5eec2998))
 ### [0.0.59](https://github.com/sasjs/server/compare/v0.0.58...v0.0.59) (2022-04-29)
 ### Features
 * enabled csrf tokens for web component ([e462aeb](https://github.com/sasjs/server/commit/e462aebdc01f3c0068ed0074473a2063412dcf45))
 * enabled session based authentication for web ([5da93f3](https://github.com/sasjs/server/commit/5da93f318aad10b1c67032a467191e4dbb99f411))
 ### Bug Fixes
 * fetch client from DB for each request ([4ad8c81](https://github.com/sasjs/server/commit/4ad8c81e4927c1a82220ec015a781b095c8e859e))
 * **web:** show display name instead of username ([e57443f](https://github.com/sasjs/server/commit/e57443f1ed662a022494bb93d79c3d2f10a2d082))
 ### [0.0.58](https://github.com/sasjs/server/compare/v0.0.57...v0.0.58) (2022-04-24)
 ### Bug Fixes
 * bumping core library to get latest user management macros ([4862071](https://github.com/sasjs/server/commit/486207128da58fc4866bd0919c1bed2bd98097ea))
 * missing dependency ([d09876c](https://github.com/sasjs/server/commit/d09876c05f89166eec20064f7aa7ed5b867be081))
 ### [0.0.57](https://github.com/sasjs/server/compare/v0.0.56...v0.0.57) (2022-04-21)
 ### Features
 * create AppContext ([84ee743](https://github.com/sasjs/server/commit/84ee743eae16e87eaa91969393bebf01e2d15a44))
 ### [0.0.56](https://github.com/sasjs/server/compare/v0.0.55...v0.0.56) (2022-04-20)
 ### Bug Fixes
 * shortening min length of username.  Closes [#61](https://github.com/sasjs/server/issues/61) ([f02996f](https://github.com/sasjs/server/commit/f02996facf1019ec4022ccfbc99c1d0137074e1b))
 ### [0.0.55](https://github.com/sasjs/server/compare/v0.0.53...v0.0.55) (2022-04-20)
 ### Bug Fixes
 * added db seed at server startup ([2e63831](https://github.com/sasjs/server/commit/2e63831b90c7457e0e322719ebb1193fd6181cc3))
 * drive path in server mode ([c4cea4a](https://github.com/sasjs/server/commit/c4cea4a12b7eda4daeed995f41c0b10bcea79871))
 ### [0.0.54](https://github.com/sasjs/server/compare/v0.0.53...v0.0.54) (2022-04-19)
 ### Bug Fixes
 * added db seed at server startup ([2e63831](https://github.com/sasjs/server/commit/2e63831b90c7457e0e322719ebb1193fd6181cc3))
 ### [0.0.53](https://github.com/sasjs/server/compare/v0.0.49...v0.0.53) (2022-04-19)
 ### Features
 * add api for getting server info ([9fb5f1f](https://github.com/sasjs/server/commit/9fb5f1f8e7d4e2d767cc1ff7285c99514834cf32))
 * **appstream:** Upload an app from appStream page ([74ba65f](https://github.com/sasjs/server/commit/74ba65f9f330bf8c98c12a9c66bb60773d5a7b77))
 * run button running man, sub menu added ([68e84b0](https://github.com/sasjs/server/commit/68e84b0994a3fa6ff56b07635c637c6e3a57bfda))
 * running code with CTRL+ENTER ([b93a0da](https://github.com/sasjs/server/commit/b93a0da3a380926c87548b69309b2d0c1b7e617f))
 ### Bug Fixes
 * provide clientId to web component ([db70b1c](https://github.com/sasjs/server/commit/db70b1ce555df6b29fb09c0c960d38b911c97b1b))
 * session death time has to be a valid string number ([23db7e7](https://github.com/sasjs/server/commit/23db7e7b7df2f22bbf7ce16865f83091624d8047))
 * web component added tooltip for webout in studio ([61080d4](https://github.com/sasjs/server/commit/61080d4694859306049346d2e3174f27bb6dac16))
 * web component UI fix for studio scrolling ([f257602](https://github.com/sasjs/server/commit/f25760283492140cc1f14e51ed27673ec28baaf3))
 ### [0.0.52](https://github.com/sasjs/server/compare/v0.0.51...v0.0.52) (2022-04-17)
 ### Features
 * add api for getting server info ([9fb5f1f](https://github.com/sasjs/server/commit/9fb5f1f8e7d4e2d767cc1ff7285c99514834cf32))
 ### [0.0.51](https://github.com/sasjs/server/compare/v0.0.50...v0.0.51) (2022-04-15)
 ### Features
 * run button running man, sub menu added ([68e84b0](https://github.com/sasjs/server/commit/68e84b0994a3fa6ff56b07635c637c6e3a57bfda))
 * running code with CTRL+ENTER ([b93a0da](https://github.com/sasjs/server/commit/b93a0da3a380926c87548b69309b2d0c1b7e617f))
 ### [0.0.50](https://github.com/sasjs/server/compare/v0.0.49...v0.0.50) (2022-04-07)
 ### Features
 * **appstream:** Upload an app from appStream page ([74ba65f](https://github.com/sasjs/server/commit/74ba65f9f330bf8c98c12a9c66bb60773d5a7b77))
 ### Bug Fixes
 * session death time has to be a valid string number ([23db7e7](https://github.com/sasjs/server/commit/23db7e7b7df2f22bbf7ce16865f83091624d8047))
 * web component added tooltip for webout in studio ([61080d4](https://github.com/sasjs/server/commit/61080d4694859306049346d2e3174f27bb6dac16))
 * web component UI fix for studio scrolling ([f257602](https://github.com/sasjs/server/commit/f25760283492140cc1f14e51ed27673ec28baaf3))
 ### [0.0.49](https://github.com/sasjs/server/compare/v0.0.48...v0.0.49) (2022-04-02)
 ### Bug Fixes
 * **stp:** read file in non-binary mode if debug one ([527f70e](https://github.com/sasjs/server/commit/527f70e90dd7369766e375ac2d6fc38b2a114d11))
 ### [0.0.48](https://github.com/sasjs/server/compare/v0.0.47...v0.0.48) (2022-04-02)
 ### Features
 * **deploy:** new route added for deploy with build.json ([18d0604](https://github.com/sasjs/server/commit/18d0604bdd0b20ad468f9345474b4de034ee3a67))
 ### Bug Fixes
 * remove uploaded build.json from temp folder in all cases ([9d167ab](https://github.com/sasjs/server/commit/9d167abe2adb743bca161862b4561bf573182c00))
 * **stp:** return log+webout for debug on ([3ff6f5e](https://github.com/sasjs/server/commit/3ff6f5e86581cd2ac23bbe0b8e2c367fbea890ed))
 ### [0.0.47](https://github.com/sasjs/server/compare/v0.0.46...v0.0.47) (2022-03-29)
 ### Bug Fixes
 * **web:** updated STUDIO log and webout ([f700561](https://github.com/sasjs/server/commit/f700561e1a8d06c18ca2bdbe4605d7ab34f7a761))
 ### [0.0.46](https://github.com/sasjs/server/compare/v0.0.45...v0.0.46) (2022-03-29)
 ### Features
 * **drive:** GET folder contents API added ([0ac9e4a](https://github.com/sasjs/server/commit/0ac9e4af7d67c4431053e80eb2384bf5bdc3f8b3))
 ### [0.0.45](https://github.com/sasjs/server/compare/v0.0.43...v0.0.45) (2022-03-29)
--- a/README.md
+++ b/README.md
@@ -52,6 +52,7 @@ Example contents of a `.env` file:
 MODE=
 # options: [disable|enable] default: `disable` for `server` & `enable` for `desktop`
 # If enabled, be sure to also configure the WHITELIST of third party servers.
 CORS=
 # options: <http://localhost:3000 https://abc.com ...> space separated urls
@@ -83,12 +84,35 @@ FULL_CHAIN=fullchain.pem
 ACCESS_TOKEN_SECRET=<secret>
 REFRESH_TOKEN_SECRET=<secret>
 AUTH_CODE_SECRET=<secret>
 SESSION_SECRET=<secret>
 DB_CONNECT=mongodb+srv://<DB_USERNAME>:<DB_PASSWORD>@<CLUSTER>/<DB_NAME>?retryWrites=true&w=majority
 # SAS Options
 # On windows use SAS_OPTIONS and on unix use SASV9_OPTIONS
 # Any options set here are automatically applied in the SAS session
 # See: https://documentation.sas.com/doc/en/pgmsascdc/9.4_3.5/hostunx/p0wrdmqp8k0oyyn1xbx3bp3qy2wl.htm
 # And: https://documentation.sas.com/doc/en/pgmsascdc/9.4_3.5/hostwin/p0drw76qo0gig2n1kcoliekh605k.htm#p09y7hx0grw1gin1giuvrjyx61m6
 SAS_OPTIONS= -NOXCMD
 SASV9_OPTIONS= -NOXCMD
 ```
 ## Persisting the Session
-Normally the server process will stop when your terminal dies. To keep it going you can use the npm package [pm2](https://www.npmjs.com/package/pm2) (`npm install pm2@latest -g`) as follows:
+Normally the server process will stop when your terminal dies. To keep it going you can use the following suggested approaches:
 1. Linux Background Job
 2. NPM package `pm2`
 ### Background Job
 Trigger the command using NOHUP, redirecting the output commands, eg `nohup ./api-linux > server.log 2>&1 &`.
 You can now see the job running using the `jobs` command. To ensure that it will still run when your terminal is closed, execute the `disown` command. To kill it later, use the `kill -9 <pid>` command. You can see your sessions using `top -u <userid>`. Type `c` to see the commands being run against each pid.
 ### PM2
 Install the npm package [pm2](https://www.npmjs.com/package/pm2) (`npm install pm2@latest -g`) and execute, eg as follows:
 ```bash
 export SAS_PATH=/opt/sas9/SASHome/SASFoundation/9.4/sasexe/sas
@@ -122,7 +146,7 @@ Instead of `app_name` you can pass:
 ## Server Version
-The following credentials can be used for the initial connection to SASjs/server. It is recommended to change these on first use.
+The following credentials can be used for the initial connection to SASjs/server. It is highly recommended to change these on first use.
 - CLIENTID: `clientID1`
 - USERNAME: `secretuser`
--- a/api/.env.example
+++ b/api/.env.example
@@ -1,13 +1,17 @@
 MODE=[desktop|server] default considered as desktop
 CORS=[disable|enable] default considered as disable for server MODE & enable for desktop MODE
 WHITELIST=<space separated urls, each starting with protocol `http` or `https`>
 PROTOCOL=[http|https] default considered as http
 PRIVATE_KEY=privkey.pem
 FULL_CHAIN=fullchain.pem
 PORT=[5000] default value is 5000
 ACCESS_TOKEN_SECRET=<secret>
 REFRESH_TOKEN_SECRET=<secret>
 AUTH_CODE_SECRET=<secret>
 SESSION_SECRET=<secret>
 DB_CONNECT=mongodb+srv://<DB_USERNAME>:<DB_PASSWORD>@<CLUSTER>/<DB_NAME>?retryWrites=true&w=majority
 SAS_PATH=/opt/sas/sas9/SASHome/SASFoundation/9.4/sas
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -8,12 +8,16 @@
      "name": "api",
      "version": "0.0.2",
      "dependencies": {
-        "@sasjs/core": "4.9.0",
+        "@sasjs/core": "^4.19.0",
-        "@sasjs/utils": "2.36.2",
+        "@sasjs/utils": "2.42.1",
        "bcryptjs": "^2.4.3",
        "connect-mongo": "^4.6.0",
        "cookie-parser": "^1.4.6",
        "cors": "^2.8.5",
        "csurf": "^1.11.0",
        "express": "^4.17.1",
        "express-session": "^1.17.2",
        "helmet": "^5.0.2",
        "joi": "^17.4.2",
        "jsonwebtoken": "^8.5.1",
        "mongoose": "^6.0.12",
@@ -29,7 +33,9 @@
        "@types/bcryptjs": "^2.4.2",
        "@types/cookie-parser": "^1.4.2",
        "@types/cors": "^2.8.12",
        "@types/csurf": "^1.11.2",
        "@types/express": "^4.17.12",
        "@types/express-session": "^1.17.4",
        "@types/jest": "^26.0.24",
        "@types/jsonwebtoken": "^8.5.5",
        "@types/mongoose-sequence": "^3.0.6",
@@ -1379,14 +1385,14 @@
      }
    },
    "node_modules/@sasjs/core": {
-      "version": "4.9.0",
+      "version": "4.19.0",
-      "resolved": "https://registry.npmjs.org/@sasjs/core/-/core-4.9.0.tgz",
+      "resolved": "https://registry.npmjs.org/@sasjs/core/-/core-4.19.0.tgz",
-      "integrity": "sha512-zc1Ey0ylHt/eRZAfK0mVG3EqNyq//wLxbiguiK0R6FhVqwYFEkprs3IiLGZ5M9ttKs2rHRIjOe/ckklHm+6HNQ=="
+      "integrity": "sha512-vG2YHJveQUQqN0YBhapXb8y+Qp4OniHzRedlqKRxyL0Pc+kwXx5co4Vo+dcOI5/MX0p+8oERP2aCR77s4FEUJg=="
    },
    "node_modules/@sasjs/utils": {
-      "version": "2.36.2",
+      "version": "2.42.1",
-      "resolved": "https://registry.npmjs.org/@sasjs/utils/-/utils-2.36.2.tgz",
+      "resolved": "https://registry.npmjs.org/@sasjs/utils/-/utils-2.42.1.tgz",
-      "integrity": "sha512-r0O9vkNIK5+2peBiGbcKc3Ei62eAMDt+1SQl17U9Vv26LYqezxQBwIYYMUjnkZE8Q7XlTI/FUS+SIHTCZMr4Jg==",
+      "integrity": "sha512-DzHNYjeoj2eUkwV7Sa4eHCKRoTrYaQ6eyv6c1U5qOYXwVdZpMoYA3HFsHj55UcMOn2U3CXI5nrR7PZlUmVwVbQ==",
      "hasInstallScript": true,
      "dependencies": {
        "@types/fs-extra": "9.0.13",
@@ -1833,6 +1839,15 @@
      "integrity": "sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw==",
      "dev": true
    },
    "node_modules/@types/csurf": {
      "version": "1.11.2",
      "resolved": "https://registry.npmjs.org/@types/csurf/-/csurf-1.11.2.tgz",
      "integrity": "sha512-9bc98EnwmC1S0aSJiA8rWwXtgXtXHHOQOsGHptImxFgqm6CeH+mIOunHRg6+/eg2tlmDMX3tY7XrWxo2M/nUNQ==",
      "dev": true,
      "dependencies": {
        "@types/express-serve-static-core": "*"
      }
    },
    "node_modules/@types/express": {
      "version": "4.17.12",
      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.12.tgz",
@@ -1856,6 +1871,15 @@
        "@types/range-parser": "*"
      }
    },
    "node_modules/@types/express-session": {
      "version": "1.17.4",
      "resolved": "https://registry.npmjs.org/@types/express-session/-/express-session-1.17.4.tgz",
      "integrity": "sha512-7cNlSI8+oOBUHTfPXMwDxF/Lchx5aJ3ho7+p9jJZYVg9dVDJFh3qdMXmJtRsysnvS+C6x46k9DRYmrmCkE+MVg==",
      "dev": true,
      "dependencies": {
        "@types/express": "*"
      }
    },
    "node_modules/@types/fs-extra": {
      "version": "9.0.13",
      "resolved": "https://registry.npmjs.org/@types/fs-extra/-/fs-extra-9.0.13.tgz",
@@ -2447,10 +2471,21 @@
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/asn1.js": {
      "version": "5.4.1",
      "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz",
      "integrity": "sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==",
      "dependencies": {
        "bn.js": "^4.0.0",
        "inherits": "^2.0.1",
        "minimalistic-assert": "^1.0.0",
        "safer-buffer": "^2.1.0"
      }
    },
    "node_modules/async": {
-      "version": "2.6.3",
+      "version": "2.6.4",
-      "resolved": "https://registry.npmjs.org/async/-/async-2.6.3.tgz",
+      "resolved": "https://registry.npmjs.org/async/-/async-2.6.4.tgz",
-      "integrity": "sha512-zflvls11DCy+dQWzTW2dzuilv8Z5X/pjfmZOWba6TNIVDm+2UDaJmXSOXlasHKfNBs8oo3M0aT50fDEWfKZjXg==",
+      "integrity": "sha512-mzo5dfJYwAn29PeiJ0zvwTo04zj8HDJj0Mn8TD7sno7q12prdbnasKJHhkm2c1LgrhlJ0teaea8860oxi51mGA==",
      "dependencies": {
        "lodash": "^4.17.14"
      }
@@ -2674,6 +2709,11 @@
      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==",
      "dev": true
    },
    "node_modules/bn.js": {
      "version": "4.12.0",
      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
      "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA=="
    },
    "node_modules/body-parser": {
      "version": "1.19.0",
      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.0.tgz",
@@ -3238,6 +3278,42 @@
        "node": ">=8"
      }
    },
    "node_modules/connect-mongo": {
      "version": "4.6.0",
      "resolved": "https://registry.npmjs.org/connect-mongo/-/connect-mongo-4.6.0.tgz",
      "integrity": "sha512-8new4Z7NLP3CGP65Aw6ls3xDBeKVvHRSh39CXuDZTQsvpeeU9oNMzfFgvqmHqZ6gWpxIl663RyoVEmCAGf1yOg==",
      "dependencies": {
        "debug": "^4.3.1",
        "kruptein": "^3.0.0"
      },
      "engines": {
        "node": ">=10"
      },
      "peerDependencies": {
        "mongodb": "^4.1.0"
      }
    },
    "node_modules/connect-mongo/node_modules/debug": {
      "version": "4.3.4",
      "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz",
      "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==",
      "dependencies": {
        "ms": "2.1.2"
      },
      "engines": {
        "node": ">=6.0"
      },
      "peerDependenciesMeta": {
        "supports-color": {
          "optional": true
        }
      }
    },
    "node_modules/connect-mongo/node_modules/ms": {
      "version": "2.1.2",
      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
      "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
    },
    "node_modules/consola": {
      "version": "2.15.0",
      "resolved": "https://registry.npmjs.org/consola/-/consola-2.15.0.tgz",
@@ -3362,6 +3438,19 @@
        "node": ">=8"
      }
    },
    "node_modules/csrf": {
      "version": "3.1.0",
      "resolved": "https://registry.npmjs.org/csrf/-/csrf-3.1.0.tgz",
      "integrity": "sha512-uTqEnCvWRk042asU6JtapDTcJeeailFy4ydOQS28bj1hcLnYRiqi8SsD2jS412AY1I/4qdOwWZun774iqywf9w==",
      "dependencies": {
        "rndm": "1.2.0",
        "tsscmp": "1.0.6",
        "uid-safe": "2.1.5"
      },
      "engines": {
        "node": ">= 0.8"
      }
    },
    "node_modules/cssom": {
      "version": "0.4.4",
      "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz",
@@ -3386,6 +3475,40 @@
      "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==",
      "dev": true
    },
    "node_modules/csurf": {
      "version": "1.11.0",
      "resolved": "https://registry.npmjs.org/csurf/-/csurf-1.11.0.tgz",
      "integrity": "sha512-UCtehyEExKTxgiu8UHdGvHj4tnpE/Qctue03Giq5gPgMQ9cg/ciod5blZQ5a4uCEenNQjxyGuzygLdKUmee/bQ==",
      "dependencies": {
        "cookie": "0.4.0",
        "cookie-signature": "1.0.6",
        "csrf": "3.1.0",
        "http-errors": "~1.7.3"
      },
      "engines": {
        "node": ">= 0.8.0"
      }
    },
    "node_modules/csurf/node_modules/http-errors": {
      "version": "1.7.3",
      "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.3.tgz",
      "integrity": "sha512-ZTTX0MWrsQ2ZAhA1cejAwDLycFsd7I7nVtnkT3Ol0aqodaKW+0CTZDQ1uBv5whptCnc8e8HeRRJxRs0kmm/Qfw==",
      "dependencies": {
        "depd": "~1.1.2",
        "inherits": "2.0.4",
        "setprototypeof": "1.1.1",
        "statuses": ">= 1.5.0 < 2",
        "toidentifier": "1.0.0"
      },
      "engines": {
        "node": ">= 0.6"
      }
    },
    "node_modules/csurf/node_modules/inherits": {
      "version": "2.0.4",
      "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="
    },
    "node_modules/csv-stringify": {
      "version": "5.6.5",
      "resolved": "https://registry.npmjs.org/csv-stringify/-/csv-stringify-5.6.5.tgz",
@@ -4027,6 +4150,59 @@
        "node": ">= 0.10.0"
      }
    },
    "node_modules/express-session": {
      "version": "1.17.2",
      "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.2.tgz",
      "integrity": "sha512-mPcYcLA0lvh7D4Oqr5aNJFMtBMKPLl++OKKxkHzZ0U0oDq1rpKBnkR5f5vCHR26VeArlTOEF9td4x5IjICksRQ==",
      "dependencies": {
        "cookie": "0.4.1",
        "cookie-signature": "1.0.6",
        "debug": "2.6.9",
        "depd": "~2.0.0",
        "on-headers": "~1.0.2",
        "parseurl": "~1.3.3",
        "safe-buffer": "5.2.1",
        "uid-safe": "~2.1.5"
      },
      "engines": {
        "node": ">= 0.8.0"
      }
    },
    "node_modules/express-session/node_modules/cookie": {
      "version": "0.4.1",
      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.1.tgz",
      "integrity": "sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA==",
      "engines": {
        "node": ">= 0.6"
      }
    },
    "node_modules/express-session/node_modules/depd": {
      "version": "2.0.0",
      "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
      "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==",
      "engines": {
        "node": ">= 0.8"
      }
    },
    "node_modules/express-session/node_modules/safe-buffer": {
      "version": "5.2.1",
      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
      "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
      "funding": [
        {
          "type": "github",
          "url": "https://github.com/sponsors/feross"
        },
        {
          "type": "patreon",
          "url": "https://www.patreon.com/feross"
        },
        {
          "type": "consulting",
          "url": "https://feross.org/support"
        }
      ]
    },
    "node_modules/fast-glob": {
      "version": "3.2.11",
      "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.2.11.tgz",
@@ -4642,6 +4818,14 @@
        "node": ">=8"
      }
    },
    "node_modules/helmet": {
      "version": "5.0.2",
      "resolved": "https://registry.npmjs.org/helmet/-/helmet-5.0.2.tgz",
      "integrity": "sha512-QWlwUZZ8BtlvwYVTSDTBChGf8EOcQ2LkGMnQJxSzD1mUu8CCjXJZq/BXP8eWw4kikRnzlhtYo3lCk0ucmYA3Vg==",
      "engines": {
        "node": ">=12.0.0"
      }
    },
    "node_modules/html-encoding-sniffer": {
      "version": "2.0.1",
      "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-2.0.1.tgz",
@@ -6828,6 +7012,17 @@
        "node": ">=6"
      }
    },
    "node_modules/kruptein": {
      "version": "3.0.4",
      "resolved": "https://registry.npmjs.org/kruptein/-/kruptein-3.0.4.tgz",
      "integrity": "sha512-614v+4fgOkcw98lI7rMO9HZ+Y2cK6MGYcR/NSVhRXcClUb72LTAf2NibAh8CKSjalY81rfrrjLQgb8TW9RP03Q==",
      "dependencies": {
        "asn1.js": "^5.4.1"
      },
      "engines": {
        "node": ">8"
      }
    },
    "node_modules/latest-version": {
      "version": "5.1.0",
      "resolved": "https://registry.npmjs.org/latest-version/-/latest-version-5.1.0.tgz",
@@ -7095,6 +7290,11 @@
        "node": ">=4"
      }
    },
    "node_modules/minimalistic-assert": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz",
      "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A=="
    },
    "node_modules/minimatch": {
      "version": "3.0.4",
      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
@@ -7107,9 +7307,9 @@
      }
    },
    "node_modules/minimist": {
-      "version": "1.2.5",
+      "version": "1.2.6",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
-      "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw=="
+      "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q=="
    },
    "node_modules/mkdirp": {
      "version": "1.0.4",
@@ -7133,7 +7333,6 @@
      "version": "4.1.4",
      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.1.4.tgz",
      "integrity": "sha512-Cv/sk8on/tpvvqbEvR1h03mdyNdyvvO+WhtFlL4jrZ+DSsN/oSQHVqmJQI/sBCqqbOArFcYCAYDfyzqFwV4GSQ==",
      "dev": true,
      "dependencies": {
        "bson": "^4.5.4",
        "denque": "^2.0.1",
@@ -8367,6 +8566,14 @@
        }
      ]
    },
    "node_modules/random-bytes": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz",
      "integrity": "sha1-T2ih3Arli9P7lYSMMDJNt11kNgs=",
      "engines": {
        "node": ">= 0.8"
      }
    },
    "node_modules/range-parser": {
      "version": "1.2.1",
      "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz",
@@ -8547,6 +8754,11 @@
        "url": "https://github.com/sponsors/isaacs"
      }
    },
    "node_modules/rndm": {
      "version": "1.2.0",
      "resolved": "https://registry.npmjs.org/rndm/-/rndm-1.2.0.tgz",
      "integrity": "sha1-8z/pz7Urv9UgqhgyO8ZdsRCht2w="
    },
    "node_modules/run-parallel": {
      "version": "1.2.0",
      "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz",
@@ -9532,6 +9744,14 @@
        "yarn": ">=1.9.4"
      }
    },
    "node_modules/tsscmp": {
      "version": "1.0.6",
      "resolved": "https://registry.npmjs.org/tsscmp/-/tsscmp-1.0.6.tgz",
      "integrity": "sha512-LxhtAkPDTkVCMQjt2h6eBVY28KCjikZqZfMcC15YBeNjkgUpdCfBu5HoiOTDu86v6smE8yOjyEktJ8hlbANHQA==",
      "engines": {
        "node": ">=0.6.x"
      }
    },
    "node_modules/tunnel-agent": {
      "version": "0.6.0",
      "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz",
@@ -9626,6 +9846,17 @@
        "node": ">=0.8.0"
      }
    },
    "node_modules/uid-safe": {
      "version": "2.1.5",
      "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
      "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
      "dependencies": {
        "random-bytes": "~1.0.0"
      },
      "engines": {
        "node": ">= 0.8"
      }
    },
    "node_modules/unbox-primitive": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/unbox-primitive/-/unbox-primitive-1.0.1.tgz",
@@ -11127,14 +11358,14 @@
      }
    },
    "@sasjs/core": {
-      "version": "4.9.0",
+      "version": "4.19.0",
-      "resolved": "https://registry.npmjs.org/@sasjs/core/-/core-4.9.0.tgz",
+      "resolved": "https://registry.npmjs.org/@sasjs/core/-/core-4.19.0.tgz",
-      "integrity": "sha512-zc1Ey0ylHt/eRZAfK0mVG3EqNyq//wLxbiguiK0R6FhVqwYFEkprs3IiLGZ5M9ttKs2rHRIjOe/ckklHm+6HNQ=="
+      "integrity": "sha512-vG2YHJveQUQqN0YBhapXb8y+Qp4OniHzRedlqKRxyL0Pc+kwXx5co4Vo+dcOI5/MX0p+8oERP2aCR77s4FEUJg=="
    },
    "@sasjs/utils": {
-      "version": "2.36.2",
+      "version": "2.42.1",
-      "resolved": "https://registry.npmjs.org/@sasjs/utils/-/utils-2.36.2.tgz",
+      "resolved": "https://registry.npmjs.org/@sasjs/utils/-/utils-2.42.1.tgz",
-      "integrity": "sha512-r0O9vkNIK5+2peBiGbcKc3Ei62eAMDt+1SQl17U9Vv26LYqezxQBwIYYMUjnkZE8Q7XlTI/FUS+SIHTCZMr4Jg==",
+      "integrity": "sha512-DzHNYjeoj2eUkwV7Sa4eHCKRoTrYaQ6eyv6c1U5qOYXwVdZpMoYA3HFsHj55UcMOn2U3CXI5nrR7PZlUmVwVbQ==",
      "requires": {
        "@types/fs-extra": "9.0.13",
        "@types/prompts": "2.0.13",
@@ -11525,6 +11756,15 @@
      "integrity": "sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw==",
      "dev": true
    },
    "@types/csurf": {
      "version": "1.11.2",
      "resolved": "https://registry.npmjs.org/@types/csurf/-/csurf-1.11.2.tgz",
      "integrity": "sha512-9bc98EnwmC1S0aSJiA8rWwXtgXtXHHOQOsGHptImxFgqm6CeH+mIOunHRg6+/eg2tlmDMX3tY7XrWxo2M/nUNQ==",
      "dev": true,
      "requires": {
        "@types/express-serve-static-core": "*"
      }
    },
    "@types/express": {
      "version": "4.17.12",
      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.12.tgz",
@@ -11548,6 +11788,15 @@
        "@types/range-parser": "*"
      }
    },
    "@types/express-session": {
      "version": "1.17.4",
      "resolved": "https://registry.npmjs.org/@types/express-session/-/express-session-1.17.4.tgz",
      "integrity": "sha512-7cNlSI8+oOBUHTfPXMwDxF/Lchx5aJ3ho7+p9jJZYVg9dVDJFh3qdMXmJtRsysnvS+C6x46k9DRYmrmCkE+MVg==",
      "dev": true,
      "requires": {
        "@types/express": "*"
      }
    },
    "@types/fs-extra": {
      "version": "9.0.13",
      "resolved": "https://registry.npmjs.org/@types/fs-extra/-/fs-extra-9.0.13.tgz",
@@ -12059,10 +12308,21 @@
        "is-string": "^1.0.7"
      }
    },
    "asn1.js": {
      "version": "5.4.1",
      "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz",
      "integrity": "sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==",
      "requires": {
        "bn.js": "^4.0.0",
        "inherits": "^2.0.1",
        "minimalistic-assert": "^1.0.0",
        "safer-buffer": "^2.1.0"
      }
    },
    "async": {
-      "version": "2.6.3",
+      "version": "2.6.4",
-      "resolved": "https://registry.npmjs.org/async/-/async-2.6.3.tgz",
+      "resolved": "https://registry.npmjs.org/async/-/async-2.6.4.tgz",
-      "integrity": "sha512-zflvls11DCy+dQWzTW2dzuilv8Z5X/pjfmZOWba6TNIVDm+2UDaJmXSOXlasHKfNBs8oo3M0aT50fDEWfKZjXg==",
+      "integrity": "sha512-mzo5dfJYwAn29PeiJ0zvwTo04zj8HDJj0Mn8TD7sno7q12prdbnasKJHhkm2c1LgrhlJ0teaea8860oxi51mGA==",
      "requires": {
        "lodash": "^4.17.14"
      }
@@ -12234,6 +12494,11 @@
        }
      }
    },
    "bn.js": {
      "version": "4.12.0",
      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.0.tgz",
      "integrity": "sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA=="
    },
    "body-parser": {
      "version": "1.19.0",
      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.0.tgz",
@@ -12681,6 +12946,30 @@
        "xdg-basedir": "^4.0.0"
      }
    },
    "connect-mongo": {
      "version": "4.6.0",
      "resolved": "https://registry.npmjs.org/connect-mongo/-/connect-mongo-4.6.0.tgz",
      "integrity": "sha512-8new4Z7NLP3CGP65Aw6ls3xDBeKVvHRSh39CXuDZTQsvpeeU9oNMzfFgvqmHqZ6gWpxIl663RyoVEmCAGf1yOg==",
      "requires": {
        "debug": "^4.3.1",
        "kruptein": "^3.0.0"
      },
      "dependencies": {
        "debug": {
          "version": "4.3.4",
          "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz",
          "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==",
          "requires": {
            "ms": "2.1.2"
          }
        },
        "ms": {
          "version": "2.1.2",
          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
        }
      }
    },
    "consola": {
      "version": "2.15.0",
      "resolved": "https://registry.npmjs.org/consola/-/consola-2.15.0.tgz",
@@ -12783,6 +13072,16 @@
      "integrity": "sha512-v1plID3y9r/lPhviJ1wrXpLeyUIGAZ2SHNYTEapm7/8A9nLPoyvVp3RK/EPFqn5kEznyWgYZNsRtYYIWbuG8KA==",
      "dev": true
    },
    "csrf": {
      "version": "3.1.0",
      "resolved": "https://registry.npmjs.org/csrf/-/csrf-3.1.0.tgz",
      "integrity": "sha512-uTqEnCvWRk042asU6JtapDTcJeeailFy4ydOQS28bj1hcLnYRiqi8SsD2jS412AY1I/4qdOwWZun774iqywf9w==",
      "requires": {
        "rndm": "1.2.0",
        "tsscmp": "1.0.6",
        "uid-safe": "2.1.5"
      }
    },
    "cssom": {
      "version": "0.4.4",
      "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz",
@@ -12806,6 +13105,36 @@
        }
      }
    },
    "csurf": {
      "version": "1.11.0",
      "resolved": "https://registry.npmjs.org/csurf/-/csurf-1.11.0.tgz",
      "integrity": "sha512-UCtehyEExKTxgiu8UHdGvHj4tnpE/Qctue03Giq5gPgMQ9cg/ciod5blZQ5a4uCEenNQjxyGuzygLdKUmee/bQ==",
      "requires": {
        "cookie": "0.4.0",
        "cookie-signature": "1.0.6",
        "csrf": "3.1.0",
        "http-errors": "~1.7.3"
      },
      "dependencies": {
        "http-errors": {
          "version": "1.7.3",
          "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.3.tgz",
          "integrity": "sha512-ZTTX0MWrsQ2ZAhA1cejAwDLycFsd7I7nVtnkT3Ol0aqodaKW+0CTZDQ1uBv5whptCnc8e8HeRRJxRs0kmm/Qfw==",
          "requires": {
            "depd": "~1.1.2",
            "inherits": "2.0.4",
            "setprototypeof": "1.1.1",
            "statuses": ">= 1.5.0 < 2",
            "toidentifier": "1.0.0"
          }
        },
        "inherits": {
          "version": "2.0.4",
          "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
          "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="
        }
      }
    },
    "csv-stringify": {
      "version": "5.6.5",
      "resolved": "https://registry.npmjs.org/csv-stringify/-/csv-stringify-5.6.5.tgz",
@@ -13303,6 +13632,38 @@
        "vary": "~1.1.2"
      }
    },
    "express-session": {
      "version": "1.17.2",
      "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.2.tgz",
      "integrity": "sha512-mPcYcLA0lvh7D4Oqr5aNJFMtBMKPLl++OKKxkHzZ0U0oDq1rpKBnkR5f5vCHR26VeArlTOEF9td4x5IjICksRQ==",
      "requires": {
        "cookie": "0.4.1",
        "cookie-signature": "1.0.6",
        "debug": "2.6.9",
        "depd": "~2.0.0",
        "on-headers": "~1.0.2",
        "parseurl": "~1.3.3",
        "safe-buffer": "5.2.1",
        "uid-safe": "~2.1.5"
      },
      "dependencies": {
        "cookie": {
          "version": "0.4.1",
          "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.1.tgz",
          "integrity": "sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA=="
        },
        "depd": {
          "version": "2.0.0",
          "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
          "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
        },
        "safe-buffer": {
          "version": "5.2.1",
          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
          "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="
        }
      }
    },
    "fast-glob": {
      "version": "3.2.11",
      "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.2.11.tgz",
@@ -13774,6 +14135,11 @@
      "integrity": "sha512-UqBRqi4ju7T+TqGNdqAO0PaSVGsDGJUBQvk9eUWNGRY1CFGDzYhLWoM7JQEemnlvVcv/YEmc2wNW8BC24EnUsw==",
      "dev": true
    },
    "helmet": {
      "version": "5.0.2",
      "resolved": "https://registry.npmjs.org/helmet/-/helmet-5.0.2.tgz",
      "integrity": "sha512-QWlwUZZ8BtlvwYVTSDTBChGf8EOcQ2LkGMnQJxSzD1mUu8CCjXJZq/BXP8eWw4kikRnzlhtYo3lCk0ucmYA3Vg=="
    },
    "html-encoding-sniffer": {
      "version": "2.0.1",
      "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-2.0.1.tgz",
@@ -15409,6 +15775,14 @@
      "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz",
      "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w=="
    },
    "kruptein": {
      "version": "3.0.4",
      "resolved": "https://registry.npmjs.org/kruptein/-/kruptein-3.0.4.tgz",
      "integrity": "sha512-614v+4fgOkcw98lI7rMO9HZ+Y2cK6MGYcR/NSVhRXcClUb72LTAf2NibAh8CKSjalY81rfrrjLQgb8TW9RP03Q==",
      "requires": {
        "asn1.js": "^5.4.1"
      }
    },
    "latest-version": {
      "version": "5.1.0",
      "resolved": "https://registry.npmjs.org/latest-version/-/latest-version-5.1.0.tgz",
@@ -15615,6 +15989,11 @@
      "integrity": "sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ==",
      "dev": true
    },
    "minimalistic-assert": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz",
      "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A=="
    },
    "minimatch": {
      "version": "3.0.4",
      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
@@ -15624,9 +16003,9 @@
      }
    },
    "minimist": {
-      "version": "1.2.5",
+      "version": "1.2.6",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
-      "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw=="
+      "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q=="
    },
    "mkdirp": {
      "version": "1.0.4",
@@ -15644,7 +16023,6 @@
      "version": "4.1.4",
      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.1.4.tgz",
      "integrity": "sha512-Cv/sk8on/tpvvqbEvR1h03mdyNdyvvO+WhtFlL4jrZ+DSsN/oSQHVqmJQI/sBCqqbOArFcYCAYDfyzqFwV4GSQ==",
      "dev": true,
      "requires": {
        "bson": "^4.5.4",
        "denque": "^2.0.1",
@@ -16555,6 +16933,11 @@
      "integrity": "sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==",
      "dev": true
    },
    "random-bytes": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz",
      "integrity": "sha1-T2ih3Arli9P7lYSMMDJNt11kNgs="
    },
    "range-parser": {
      "version": "1.2.1",
      "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz",
@@ -16692,6 +17075,11 @@
        "glob": "^7.1.3"
      }
    },
    "rndm": {
      "version": "1.2.0",
      "resolved": "https://registry.npmjs.org/rndm/-/rndm-1.2.0.tgz",
      "integrity": "sha1-8z/pz7Urv9UgqhgyO8ZdsRCht2w="
    },
    "run-parallel": {
      "version": "1.2.0",
      "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz",
@@ -17429,6 +17817,11 @@
        "@tsoa/runtime": "^3.13.0"
      }
    },
    "tsscmp": {
      "version": "1.0.6",
      "resolved": "https://registry.npmjs.org/tsscmp/-/tsscmp-1.0.6.tgz",
      "integrity": "sha512-LxhtAkPDTkVCMQjt2h6eBVY28KCjikZqZfMcC15YBeNjkgUpdCfBu5HoiOTDu86v6smE8yOjyEktJ8hlbANHQA=="
    },
    "tunnel-agent": {
      "version": "0.6.0",
      "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz",
@@ -17495,6 +17888,14 @@
      "dev": true,
      "optional": true
    },
    "uid-safe": {
      "version": "2.1.5",
      "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
      "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
      "requires": {
        "random-bytes": "~1.0.0"
      }
    },
    "unbox-primitive": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/unbox-primitive/-/unbox-primitive-1.0.1.tgz",
--- a/api/package.json
+++ b/api/package.json
@@ -8,6 +8,7 @@
    "prestart": "npm run initial",
    "prebuild": "npm run initial",
    "start": "nodemon ./src/server.ts",
    "start:prod": "node ./build/src/server.js",
    "build": "rimraf build && tsc",
    "postbuild": "npm run copy:files",
    "swagger": "tsoa spec",
@@ -46,12 +47,16 @@
  },
  "author": "4GL Ltd",
  "dependencies": {
-    "@sasjs/core": "4.9.0",
+    "@sasjs/core": "^4.19.0",
-    "@sasjs/utils": "2.36.2",
+    "@sasjs/utils": "2.42.1",
    "bcryptjs": "^2.4.3",
    "connect-mongo": "^4.6.0",
    "cookie-parser": "^1.4.6",
    "cors": "^2.8.5",
    "csurf": "^1.11.0",
    "express": "^4.17.1",
    "express-session": "^1.17.2",
    "helmet": "^5.0.2",
    "joi": "^17.4.2",
    "jsonwebtoken": "^8.5.1",
    "mongoose": "^6.0.12",
@@ -64,7 +69,9 @@
    "@types/bcryptjs": "^2.4.2",
    "@types/cookie-parser": "^1.4.2",
    "@types/cors": "^2.8.12",
    "@types/csurf": "^1.11.2",
    "@types/express": "^4.17.12",
    "@types/express-session": "^1.17.4",
    "@types/jest": "^26.0.24",
    "@types/jsonwebtoken": "^8.5.5",
    "@types/mongoose-sequence": "^3.0.6",
--- a/api/public/plus.png
+++ b/api/public/plus.png
--- a/api/public/swagger.yaml
+++ b/api/public/swagger.yaml
@@ -5,6 +5,21 @@ components:
    requestBodies: {}
    responses: {}
    schemas:
        LoginPayload:
            properties:
                username:
                    type: string
                    description: 'Username for user'
                    example: secretuser
                password:
                    type: string
                    description: 'Password for user'
                    example: secretpassword
            required:
                - username
                - password
            type: object
            additionalProperties: false
        AuthorizeResponse:
            properties:
                code:
@@ -418,6 +433,25 @@ components:
                    example: /Public/somefolder/some.file
            type: object
            additionalProperties: false
        InfoResponse:
            properties:
                mode:
                    type: string
                cors:
                    type: string
                whiteList:
                    items:
                        type: string
                    type: array
                protocol:
                    type: string
            required:
                - mode
                - cors
                - whiteList
                - protocol
            type: object
            additionalProperties: false
    securitySchemes:
        bearerAuth:
            type: http
@@ -431,6 +465,47 @@ info:
        name: '4GL Ltd'
 openapi: 3.0.0
 paths:
    /login:
        post:
            operationId: Login
            responses:
                '200':
                    description: Ok
                    content:
                        application/json:
                            schema:
                                properties:
                                    user: {properties: {displayName: {type: string}, username: {type: string}}, required: [displayName, username], type: object}
                                    loggedIn: {type: boolean}
                                required:
                                    - user
                                    - loggedIn
                                type: object
            summary: 'Accept a valid username/password'
            tags:
                - Web
            security: []
            parameters: []
            requestBody:
                required: true
                content:
                    application/json:
                        schema:
                            $ref: '#/components/schemas/LoginPayload'
    /logout:
        get:
            operationId: Logout
            responses:
                '200':
                    description: Ok
                    content:
                        application/json:
                            schema: {}
            summary: 'Accept a valid username/password'
            tags:
                - Web
            security: []
            parameters: []
    /SASjsApi/auth/authorize:
        post:
            operationId: Authorize
@@ -606,13 +681,62 @@ paths:
                    application/json:
                        schema:
                            $ref: '#/components/schemas/DeployPayload'
    /SASjsApi/drive/deploy/upload:
        post:
            operationId: DeployUpload
            responses:
                '200':
                    description: Ok
                    content:
                        application/json:
                            schema:
                                $ref: '#/components/schemas/DeployResponse'
                            examples:
                                'Example 1':
                                    value: {status: success, message: 'Files deployed successfully to @sasjs/server.'}
                '400':
                    description: 'Invalid Format'
                    content:
                        application/json:
                            schema:
                                $ref: '#/components/schemas/DeployResponse'
                            examples:
                                'Example 1':
                                    value: {status: failure, message: 'Provided not supported data format.'}
                '500':
                    description: 'Execution Error'
                    content:
                        application/json:
                            schema:
                                $ref: '#/components/schemas/DeployResponse'
                            examples:
                                'Example 1':
                                    value: {status: failure, message: 'Deployment failed!'}
            summary: 'Creates/updates files within SASjs Drive using uploaded JSON file.'
            tags:
                - Drive
            security:
                -
                    bearerAuth: []
            parameters: []
            requestBody:
                required: true
                content:
                    multipart/form-data:
                        schema:
                            type: object
                            properties:
                                file:
                                    type: string
                                    format: binary
                            required:
                                - file
    /SASjsApi/drive/file:
        get:
            operationId: GetFile
            responses:
                '204':
                    description: 'No content'
            description: "It's optional to either provide `_filePath` in url as query parameter\nOr provide `filePath` in body as form field.\nBut it's required to provide else API will respond with Bad Request."
            summary: 'Get file from SASjs Drive'
            tags:
                - Drive
@@ -623,19 +747,10 @@ paths:
                -
                    in: query
                    name: _filePath
-                    required: false
+                    required: true
                    schema:
                        type: string
                    example: /Public/somefolder/some.file
            requestBody:
                required: false
                content:
                    multipart/form-data:
                        schema:
                            type: object
                            properties:
                                filePath:
                                    type: string
        delete:
            operationId: DeleteFile
            responses:
@@ -765,6 +880,36 @@ paths:
                                    type: string
                            required:
                                - file
    /SASjsApi/drive/folder:
        get:
            operationId: GetFolder
            responses:
                '200':
                    description: Ok
                    content:
                        application/json:
                            schema:
                                properties:
                                    folders: {items: {type: string}, type: array}
                                    files: {items: {type: string}, type: array}
                                required:
                                    - folders
                                    - files
                                type: object
            summary: 'Get folder contents from SASjs Drive'
            tags:
                - Drive
            security:
                -
                    bearerAuth: []
            parameters:
                -
                    in: query
                    name: _folderPath
                    required: false
                    schema:
                        type: string
                    example: /Public/somefolder
    /SASjsApi/drive/filetree:
        get:
            operationId: GetFileTree
@@ -1170,10 +1315,31 @@ paths:
                    application/json:
                        schema:
                            $ref: '#/components/schemas/ExecuteReturnJsonPayload'
    /SASjsApi/info:
        get:
            operationId: Info
            responses:
                '200':
                    description: Ok
                    content:
                        application/json:
                            schema:
                                $ref: '#/components/schemas/InfoResponse'
                            examples:
                                'Example 1':
                                    value: {mode: desktop, cors: enable, whiteList: ['http://example.com', 'http://example2.com'], protocol: http}
            summary: 'Get server info (mode, cors, whiteList, protocol).'
            tags:
                - Info
            security: []
            parameters: []
 servers:
    -
        url: /
 tags:
    -
        name: Info
        description: 'Get Server Info'
    -
        name: Session
        description: 'Get Session information'
@@ -1198,3 +1364,6 @@ tags:
    -
        name: CODE
        description: 'Operations on SAS code'
    -
        name: Web
        description: 'Operations on Web'
--- a/api/scripts/compileSysInit.ts
+++ b/api/scripts/compileSysInit.ts
@@ -1,5 +1,6 @@
 import path from 'path'
 import {
  CompileTree,
  createFile,
  loadDependenciesFile,
  readFile,
@@ -18,7 +19,8 @@ const compiledSystemInit = async (systemInit: string) =>
    macroFolders: [],
    buildSourceFolder: '',
    binaryFolders: [],
-    macroCorePath
+    macroCorePath,
    compileTree: new CompileTree('') // dummy compileTree
  }))
 const createSysInitFile = async () => {
--- a/api/scripts/systemInit.sas
+++ b/api/scripts/systemInit.sas
@@ -5,23 +5,12 @@
  _before_ any user-provided content.
  A number of useful CORE macros are also compiled below, so that they can be
-  available "out of the box".
+  available by default for Stored Programs.
  Note that the full CORE library is available to sessions in SASjs Studio.
  <h4> SAS Macros </h4>
  @li mcf_stpsrv_header.sas
  @li mf_getuser.sas
  @li mf_getvarlist.sas
  @li mf_mkdir.sas
  @li mf_nobs.sas
  @li mf_uid.sas
  @li mfs_httpheader.sas
-  @li mp_dirlist.sas
+  @li ms_webout.sas
  @li mp_ds2ddl.sas
  @li mp_ds2md.sas
  @li mp_getdbml.sas
  @li mp_init.sas
  @li mp_makedata.sas
  @li mp_zip.sas
 **/
--- a/api/src/app.ts
+++ b/api/src/app.ts
@@ -1,47 +1,100 @@
 import path from 'path'
 import express, { ErrorRequestHandler } from 'express'
 import csrf from 'csurf'
 import session from 'express-session'
 import MongoStore from 'connect-mongo'
 import morgan from 'morgan'
 import cookieParser from 'cookie-parser'
 import dotenv from 'dotenv'
 import cors from 'cors'
 import helmet from 'helmet'
 import {
  connectDB,
  copySASjsCore,
  getWebBuildFolderPath,
  loadAppStreamConfig,
-  setProcessVariables
+  setProcessVariables,
  setupFolders
 } from './utils'
 dotenv.config()
 const app = express()
-const { MODE, CORS, WHITELIST } = process.env
+app.use(cookieParser())
 app.use(morgan('tiny'))
 const { MODE, CORS, WHITELIST, PROTOCOL } = process.env
 export const cookieOptions = {
  secure: PROTOCOL === 'https',
  httpOnly: true,
  maxAge: 24 * 60 * 60 * 1000 // 24 hours
 }
 /***********************************
 *         CSRF Protection         *
 ***********************************/
 export const csrfProtection = csrf({ cookie: cookieOptions })
 /***********************************
 *   Handle security and origin    *
 ***********************************/
 app.use(helmet())
 /***********************************
 *         Enabling CORS           *
 ***********************************/
 if (MODE?.trim() !== 'server' || CORS?.trim() === 'enable') {
  const whiteList: string[] = []
-  WHITELIST?.split(' ')?.forEach((url) => {
+  WHITELIST?.split(' ')
-    if (url.startsWith('http'))
+    ?.filter((url) => !!url)
-      // removing trailing slash of URLs listing for CORS
+    .forEach((url) => {
-      whiteList.push(url.replace(/\/$/, ''))
+      if (url.startsWith('http'))
-  })
+        // removing trailing slash of URLs listing for CORS
        whiteList.push(url.replace(/\/$/, ''))
    })
  console.log('All CORS Requests are enabled for:', whiteList)
  app.use(cors({ credentials: true, origin: whiteList }))
 }
-app.use(cookieParser())
+/***********************************
-app.use(morgan('tiny'))
+ *         DB Connection &          *
 *        Express Sessions          *
 *        With Mongo Store          *
 ***********************************/
 if (MODE?.trim() === 'server') {
  // NOTE: when exporting app.js as agent for supertest
  // we should exclude connecting to the real database
  if (process.env.NODE_ENV !== 'test') {
    const clientPromise = connectDB().then((conn) => conn!.getClient() as any)
    app.use(
      session({
        secret: process.env.SESSION_SECRET as string,
        saveUninitialized: false, // don't create session until something stored
        resave: false, //don't save session if unmodified
        store: MongoStore.create({ clientPromise, collectionName: 'sessions' }),
        cookie: cookieOptions
      })
    )
  }
 }
 app.use(express.json({ limit: '100mb' }))
 app.use(express.static(path.join(__dirname, '../public')))
 const onError: ErrorRequestHandler = (err, req, res, next) => {
  if (err.code === 'EBADCSRFTOKEN')
    return res.status(400).send('Invalid CSRF token!')
  console.error(err.stack)
  res.status(500).send('Something broke!')
 }
 export default setProcessVariables().then(async () => {
  await setupFolders()
  await copySASjsCore()
  // loading these modules after setting up variables due to
@@ -57,6 +110,5 @@ export default setProcessVariables().then(async () => {
  app.use(onError)
  await connectDB()
  return app
 })
--- a/api/src/controllers/auth.ts
+++ b/api/src/controllers/auth.ts
@@ -1,6 +1,7 @@
 import { Security, Route, Tags, Example, Post, Body, Query, Hidden } from 'tsoa'
 import jwt from 'jsonwebtoken'
 import User from '../model/User'
 import Client from '../model/Client'
 import { InfoJWT } from '../types'
 import {
  generateAccessToken,
@@ -81,6 +82,9 @@ export class AuthController {
 const authorize = async (data: any): Promise<AuthorizeResponse> => {
  const { username, password, clientId } = data
  const client = await Client.findOne({ clientId })
  if (!client) throw new Error('Invalid clientId.')
  // Authenticate User
  const user = await User.findOne({ username })
  if (!user) throw new Error('Username is not found.')
--- a/api/src/controllers/drive.ts
+++ b/api/src/controllers/drive.ts
@@ -14,17 +14,24 @@ import {
  Patch,
  UploadedFile,
  FormField,
-  Delete
+  Delete,
  Hidden
 } from 'tsoa'
 import {
  fileExists,
  moveFile,
  createFolder,
-  deleteFile as deleteFileOnSystem
+  deleteFile as deleteFileOnSystem,
  folderExists,
  listFilesInFolder,
  listSubFoldersInFolder,
  isFolder,
  FileTree,
  isFileTree
 } from '@sasjs/utils'
 import { createFileTree, ExecutionController, getTreeExample } from './internal'
-import { FileTree, isFileTree, TreeNode } from '../types'
+import { TreeNode } from '../types'
 import { getTmpFilesFolderPath } from '../utils'
 interface DeployPayload {
@@ -89,9 +96,21 @@ export class DriveController {
  }
  /**
-   * It's optional to either provide `_filePath` in url as query parameter
+   * @summary Creates/updates files within SASjs Drive using uploaded JSON file.
-   * Or provide `filePath` in body as form field.
+   *
-   * But it's required to provide else API will respond with Bad Request.
+   */
  @Example<DeployResponse>(successDeployResponse)
  @Response<DeployResponse>(400, 'Invalid Format', invalidDeployFormatResponse)
  @Response<DeployResponse>(500, 'Execution Error', execDeployErrorResponse)
  @Post('/deploy/upload')
  public async deployUpload(
    @UploadedFile() file: Express.Multer.File, // passing here for API docs
    @Query() @Hidden() body?: DeployPayload // Hidden decorator has be optional
  ): Promise<DeployResponse> {
    return deploy(body!)
  }
  /**
   *
   * @summary Get file from SASjs Drive
   * @query _filePath Location of SAS program
@@ -100,11 +119,20 @@ export class DriveController {
  @Get('/file')
  public async getFile(
    @Request() request: express.Request,
-
+    @Query() _filePath: string
    @Query() _filePath?: string,
    @FormField() filePath?: string
  ) {
-    return getFile(request, (_filePath ?? filePath)!)
+    return getFile(request, _filePath)
  }
  /**
   *
   * @summary Get folder contents from SASjs Drive
   * @query _folderPath Location of SAS program
   * @example _folderPath "/Public/somefolder"
   */
  @Get('/folder')
  public async getFolder(@Query() _folderPath?: string) {
    return getFolder(_folderPath)
  }
  /**
@@ -221,7 +249,7 @@ const getFile = async (req: express.Request, filePath: string) => {
  }
  if (!(await fileExists(filePathFull))) {
-    throw new Error('File does not exist.')
+    throw new Error("File doesn't exist.")
  }
  const extension = path.extname(filePathFull).toLowerCase()
@@ -232,6 +260,36 @@ const getFile = async (req: express.Request, filePath: string) => {
  req.res?.sendFile(path.resolve(filePathFull))
 }
 const getFolder = async (folderPath?: string) => {
  const driveFilesPath = getTmpFilesFolderPath()
  if (folderPath) {
    const folderPathFull = path
      .join(getTmpFilesFolderPath(), folderPath)
      .replace(new RegExp('/', 'g'), path.sep)
    if (!folderPathFull.includes(driveFilesPath)) {
      throw new Error('Cannot get folder outside drive.')
    }
    if (!(await folderExists(folderPathFull))) {
      throw new Error("Folder doesn't exist.")
    }
    if (!(await isFolder(folderPathFull))) {
      throw new Error('Not a Folder.')
    }
    const files: string[] = await listFilesInFolder(folderPathFull)
    const folders: string[] = await listSubFoldersInFolder(folderPathFull)
    return { files, folders }
  }
  const files: string[] = await listFilesInFolder(driveFilesPath)
  const folders: string[] = await listSubFoldersInFolder(driveFilesPath)
  return { files, folders }
 }
 const deleteFile = async (filePath: string) => {
  const driveFilesPath = getTmpFilesFolderPath()
--- a/api/src/controllers/index.ts
+++ b/api/src/controllers/index.ts
@@ -6,3 +6,4 @@ export * from './group'
 export * from './session'
 export * from './stp'
 export * from './user'
 export * from './info'
--- a/api/src/controllers/info.ts
+++ b/api/src/controllers/info.ts
@@ -0,0 +1,36 @@
 import { Route, Tags, Example, Get } from 'tsoa'
 export interface InfoResponse {
  mode: string
  cors: string
  whiteList: string[]
  protocol: string
 }
@Route('SASjsApi/info')
@Tags('Info')
 export class InfoController {
  /**
   * @summary Get server info (mode, cors, whiteList, protocol).
   *
   */
  @Example<InfoResponse>({
    mode: 'desktop',
    cors: 'enable',
    whiteList: ['http://example.com', 'http://example2.com'],
    protocol: 'http'
  })
  @Get('/')
  public info(): InfoResponse {
    const response = {
      mode: process.env.MODE ?? 'desktop',
      cors:
        process.env.CORS ||
        (process.env.MODE === 'server' ? 'disable' : 'enable'),
      whiteList:
        process.env.WHITELIST?.split(' ')?.filter((url) => !!url) ?? [],
      protocol: process.env.PROTOCOL ?? 'http'
    }
    return response
  }
 }
--- a/api/src/controllers/internal/Execution.ts
+++ b/api/src/controllers/internal/Execution.ts
@@ -157,7 +157,9 @@ ${program}`
      : ''
    const httpHeaders: HTTPHeaders = extractHeaders(headersContent)
    const fileResponse: boolean =
-      httpHeaders.hasOwnProperty('content-type') && !returnJson
+      httpHeaders.hasOwnProperty('content-type') &&
      !returnJson && // not a POST Request
      !isDebugOn(vars) // Debug is not enabled
    const webout = (await fileExists(weboutPath))
      ? fileResponse
@@ -178,11 +180,10 @@ ${program}`
    return {
      httpHeaders,
-      result: fileResponse
+      result:
-        ? webout
+        isDebugOn(vars) || session.crashed
-        : isDebugOn(vars) || session.crashed
+          ? `<html><body>${webout}<div style="text-align:left"><hr /><h2>SAS Log</h2><pre>${log}</pre></div></body></html>`
-        ? `<html><body>${webout}<div style="text-align:left"><hr /><h2>SAS Log</h2><pre>${log}</pre></div></body></html>`
+          : webout
        : webout
    }
  }
--- a/api/src/controllers/internal/Session.ts
+++ b/api/src/controllers/internal/Session.ts
@@ -12,8 +12,7 @@ import {
  createFile,
  fileExists,
  generateTimestamp,
-  readFile,
+  readFile
  moveFile
 } from '@sasjs/utils'
 const execFilePromise = promisify(execFile)
@@ -41,6 +40,7 @@ export class SessionController {
    const sessionFolder = path.join(getTmpSessionsFolderPath(), sessionId)
    const creationTimeStamp = sessionId.split('-').pop() as string
    // death time of session is 15 mins from creation
    const deathTimeStamp = (
      parseInt(creationTimeStamp) +
      15 * 60 * 1000 -
@@ -140,7 +140,9 @@ ${autoExecContent}`
  private scheduleSessionDestroy(session: Session) {
    setTimeout(async () => {
      if (session.inUse) {
-        session.deathTimeStamp = session.deathTimeStamp + 1000 * 10
+        // adding 10 more minutes
        const newDeathTimeStamp = parseInt(session.deathTimeStamp) + 10 * 1000
        session.deathTimeStamp = newDeathTimeStamp.toString()
        this.scheduleSessionDestroy(session)
      } else {
--- a/api/src/controllers/internal/deploy.ts
+++ b/api/src/controllers/internal/deploy.ts
@@ -1,13 +1,15 @@
 import path from 'path'
 import { getTmpFilesFolderPath } from '../../utils/file'
 import {
-  MemberType,
+  createFolder,
  createFile,
  asyncForEach,
  FolderMember,
  ServiceMember,
-  FileTree,
+  FileMember,
-  FileMember
+  MemberType,
-} from '../../types'
+  FileTree
-import { getTmpFilesFolderPath } from '../../utils/file'
+} from '@sasjs/utils'
 import { createFolder, createFile, asyncForEach } from '@sasjs/utils'
 // REFACTOR: export FileTreeCpntroller
 export const createFileTree = async (
--- a/api/src/controllers/session.ts
+++ b/api/src/controllers/session.ts
@@ -24,7 +24,7 @@ export class SessionController {
 }
 const session = (req: any) => ({
-  id: req.user.id,
+  id: req.user.userId,
  username: req.user.username,
  displayName: req.user.displayName
 })
--- a/api/src/controllers/web.ts
+++ b/api/src/controllers/web.ts
@@ -0,0 +1,75 @@
 import express from 'express'
 import { Request, Route, Tags, Post, Body, Get } from 'tsoa'
 import User from '../model/User'
@Route('/')
@Tags('Web')
 export class WebController {
  /**
   * @summary Accept a valid username/password
   *
   */
  @Post('/login')
  public async login(
    @Request() req: express.Request,
    @Body() body: LoginPayload
  ) {
    return login(req, body)
  }
  /**
   * @summary Accept a valid username/password
   *
   */
  @Get('/logout')
  public async logout(@Request() req: express.Request) {
    return new Promise((resolve) => {
      req.session.destroy(() => {
        resolve(true)
      })
    })
  }
 }
 const login = async (
  req: express.Request,
  { username, password }: LoginPayload
 ) => {
  // Authenticate User
  const user = await User.findOne({ username })
  if (!user) throw new Error('Username is not found.')
  const validPass = user.comparePassword(password)
  if (!validPass) throw new Error('Invalid password.')
  req.session.loggedIn = true
  req.session.user = {
    userId: user.id,
    clientId: 'web_app',
    username: user.username,
    displayName: user.displayName,
    isAdmin: user.isAdmin,
    isActive: user.isActive
  }
  return {
    loggedIn: true,
    user: {
      username: user.username,
      displayName: user.displayName
    }
  }
 }
 interface LoginPayload {
  /**
   * Username for user
   * @example "secretuser"
   */
  username: string
  /**
   * Password for user
   * @example "secretpassword"
   */
  password: string
 }
--- a/api/src/middlewares/authenticateToken.ts
+++ b/api/src/middlewares/authenticateToken.ts
@@ -1,7 +1,16 @@
 import jwt from 'jsonwebtoken'
 import { csrfProtection } from '../app'
 import { verifyTokenInDB } from '../utils'
 export const authenticateAccessToken = (req: any, res: any, next: any) => {
  // if request is coming from web and has valid session
  // we can validate the request and check for CSRF Token
  if (req.session?.loggedIn) {
    req.user = req.session.user
    return csrfProtection(req, res, next)
  }
  authenticateToken(
    req,
    res,
@@ -43,9 +52,7 @@ const authenticateToken = (
  }
  const authHeader = req.headers['authorization']
-  const token =
+  const token = authHeader?.split(' ')[1]
    authHeader?.split(' ')[1] ??
    (tokenType === 'accessToken' ? req.cookies.accessToken : '')
  if (!token) return res.sendStatus(401)
  jwt.verify(token, key, async (err: any, data: any) => {
--- a/api/src/middlewares/multer.ts
+++ b/api/src/middlewares/multer.ts
@@ -4,7 +4,7 @@ import multer, { FileFilterCallback, Options } from 'multer'
 import { blockFileRegex, getTmpUploadsPath } from '../utils'
 const fieldNameSize = 300
-const fileSize = 10485760 // 10 MB
+const fileSize = 104857600 // 100 MB
 const storage = multer.diskStorage({
  destination: getTmpUploadsPath(),
--- a/api/src/routes/api/auth.ts
+++ b/api/src/routes/api/auth.ts
@@ -1,44 +1,22 @@
 import express from 'express'
 import { AuthController } from '../../controllers/'
 import Client from '../../model/Client'
 import {
  authenticateAccessToken,
  authenticateRefreshToken
 } from '../../middlewares'
-import {
+import { authorizeValidation, tokenValidation } from '../../utils'
  authorizeValidation,
  getDesktopFields,
  tokenValidation
 } from '../../utils'
 import { InfoJWT } from '../../types'
 const authRouter = express.Router()
-
+const controller = new AuthController()
 const clientIDs = new Set()
 export const populateClients = async () => {
  const result = await Client.find()
  clientIDs.clear()
  result.forEach((r) => {
    clientIDs.add(r.clientId)
  })
 }
 authRouter.post('/authorize', async (req, res) => {
  const { error, value: body } = authorizeValidation(req.body)
  if (error) return res.status(400).send(error.details[0].message)
  const { clientId } = body
  // Verify client ID
  if (!clientIDs.has(clientId)) {
    return res.status(403).send('Invalid clientId.')
  }
  const controller = new AuthController()
  try {
    const response = await controller.authorize(body)
@@ -52,12 +30,10 @@ authRouter.post('/token', async (req, res) => {
  const { error, value: body } = tokenValidation(req.body)
  if (error) return res.status(400).send(error.details[0].message)
  const controller = new AuthController()
  try {
    const response = await controller.token(body)
    const { accessToken } = response
-    res.cookie('accessToken', accessToken).send(response)
+    res.send(response)
  } catch (err: any) {
    res.status(403).send(err.toString())
  }
@@ -66,7 +42,6 @@ authRouter.post('/token', async (req, res) => {
 authRouter.post('/refresh', authenticateRefreshToken, async (req: any, res) => {
  const userInfo: InfoJWT = req.user
  const controller = new AuthController()
  try {
    const response = await controller.refresh(userInfo)
@@ -79,7 +54,6 @@ authRouter.post('/refresh', authenticateRefreshToken, async (req: any, res) => {
 authRouter.delete('/logout', authenticateAccessToken, async (req: any, res) => {
  const userInfo: InfoJWT = req.user
  const controller = new AuthController()
  try {
    await controller.logout(userInfo)
  } catch (e) {}
--- a/api/src/routes/api/drive.ts
+++ b/api/src/routes/api/drive.ts
@@ -1,5 +1,5 @@
 import express from 'express'
-import { deleteFile } from '@sasjs/utils'
+import { deleteFile, readFile } from '@sasjs/utils'
 import { publishAppStream } from '../appStream'
@@ -8,7 +8,8 @@ import { DriveController } from '../../controllers/'
 import {
  deployValidation,
  fileBodyValidation,
-  fileParamValidation
+  fileParamValidation,
  folderParamValidation
 } from '../../utils'
 const controller = new DriveController()
@@ -42,14 +43,74 @@ driveRouter.post('/deploy', async (req, res) => {
  }
 })
 driveRouter.post(
  '/deploy/upload',
  (...arg) => multerSingle('file', arg),
  async (req, res) => {
    if (!req.file) return res.status(400).send('"file" is not present.')
    const fileContent = await readFile(req.file.path)
    let jsonContent
    try {
      jsonContent = JSON.parse(fileContent)
    } catch (err) {
      deleteFile(req.file.path)
      return res.status(400).send('File containing invalid JSON content.')
    }
    const { error, value: body } = deployValidation(jsonContent)
    if (error) {
      deleteFile(req.file.path)
      return res.status(400).send(error.details[0].message)
    }
    try {
      const response = await controller.deployUpload(req.file, body)
      if (body.streamWebFolder) {
        const { streamServiceName } = await publishAppStream(
          body.appLoc,
          body.streamWebFolder,
          body.streamServiceName,
          body.streamLogo
        )
        response.streamServiceName = streamServiceName
      }
      res.send(response)
    } catch (err: any) {
      const statusCode = err.code
      delete err.code
      res.status(statusCode).send(err)
    } finally {
      deleteFile(req.file.path)
    }
  }
 )
 driveRouter.get('/file', async (req, res) => {
  const { error: errQ, value: query } = fileParamValidation(req.query)
  const { error: errB, value: body } = fileBodyValidation(req.body)
-  if (errQ && errB) return res.status(400).send(errQ.details[0].message)
+  if (errQ) return res.status(400).send(errQ.details[0].message)
  try {
-    await controller.getFile(req, query._filePath, body.filePath)
+    await controller.getFile(req, query._filePath)
  } catch (err: any) {
    res.status(403).send(err.toString())
  }
 })
 driveRouter.get('/folder', async (req, res) => {
  const { error: errQ, value: query } = folderParamValidation(req.query)
  if (errQ) return res.status(400).send(errQ.details[0].message)
  try {
    const response = await controller.getFolder(query._folderPath)
    res.send(response)
  } catch (err: any) {
    res.status(403).send(err.toString())
  }
--- a/api/src/routes/api/index.ts
+++ b/api/src/routes/api/index.ts
@@ -9,6 +9,7 @@ import {
  verifyAdmin
 } from '../../middlewares'
 import infoRouter from './info'
 import driveRouter from './drive'
 import stpRouter from './stp'
 import codeRouter from './code'
@@ -20,6 +21,7 @@ import sessionRouter from './session'
 const router = express.Router()
 router.use('/info', infoRouter)
 router.use('/session', desktopUsername, authenticateAccessToken, sessionRouter)
 router.use('/auth', desktopRestrict, authRouter)
 router.use(
--- a/api/src/routes/api/info.ts
+++ b/api/src/routes/api/info.ts
@@ -0,0 +1,16 @@
 import express from 'express'
 import { InfoController } from '../../controllers'
 const infoRouter = express.Router()
 infoRouter.get('/', async (req, res) => {
  const controller = new InfoController()
  try {
    const response = controller.info()
    res.send(response)
  } catch (err: any) {
    res.status(403).send(err.toString())
  }
 })
 export default infoRouter
--- a/api/src/routes/api/spec/auth.spec.ts
+++ b/api/src/routes/api/spec/auth.spec.ts
@@ -8,7 +8,6 @@ import {
  ClientController,
  AuthController
 } from '../../../controllers/'
 import { populateClients } from '../auth'
 import { InfoJWT } from '../../../types'
 import {
  generateAccessToken,
@@ -18,11 +17,6 @@ import {
  verifyTokenInDB
 } from '../../../utils'
 let app: Express
 appPromise.then((_app) => {
  app = _app
 })
 const clientId = 'someclientID'
 const clientSecret = 'someclientSecret'
 const user = {
@@ -35,16 +29,18 @@ const user = {
 }
 describe('auth', () => {
  let app: Express
  let con: Mongoose
  let mongoServer: MongoMemoryServer
  const userController = new UserController()
  const clientController = new ClientController()
  beforeAll(async () => {
    app = await appPromise
    mongoServer = await MongoMemoryServer.create()
    con = await mongoose.connect(mongoServer.getUri())
    await clientController.createClient({ clientId, clientSecret })
    await populateClients()
  })
  afterAll(async () => {
@@ -156,7 +152,7 @@ describe('auth', () => {
        })
        .expect(403)
-      expect(res.text).toEqual('Invalid clientId.')
+      expect(res.text).toEqual('Error: Invalid clientId.')
      expect(res.body).toEqual({})
    })
  })
--- a/api/src/routes/api/spec/client.spec.ts
+++ b/api/src/routes/api/spec/client.spec.ts
@@ -6,11 +6,6 @@ import appPromise from '../../../app'
 import { UserController, ClientController } from '../../../controllers/'
 import { generateAccessToken, saveTokensInDB } from '../../../utils'
 let app: Express
 appPromise.then((_app) => {
  app = _app
 })
 const client = {
  clientId: 'someclientID',
  clientSecret: 'someclientSecret'
@@ -28,12 +23,15 @@ const newClient = {
 }
 describe('client', () => {
  let app: Express
  let con: Mongoose
  let mongoServer: MongoMemoryServer
  const userController = new UserController()
  const clientController = new ClientController()
  beforeAll(async () => {
    app = await appPromise
    mongoServer = await MongoMemoryServer.create()
    con = await mongoose.connect(mongoServer.getUri())
  })
--- a/api/src/routes/api/spec/drive.spec.ts
+++ b/api/src/routes/api/spec/drive.spec.ts
@@ -10,7 +10,11 @@ import {
  readFile,
  deleteFolder,
  generateTimestamp,
-  copy
+  copy,
  createFolder,
  createFile,
  ServiceMember,
  FolderMember
 } from '@sasjs/utils'
 import * as fileUtilModules from '../../../utils/file'
@@ -26,15 +30,9 @@ jest
 import appPromise from '../../../app'
 import { UserController } from '../../../controllers/'
 import { getTreeExample } from '../../../controllers/internal'
 import { FolderMember, ServiceMember } from '../../../types'
 import { generateAccessToken, saveTokensInDB } from '../../../utils/'
 const { getTmpFilesFolderPath } = fileUtilModules
 let app: Express
 appPromise.then((_app) => {
  app = _app
 })
 const clientId = 'someclientID'
 const user = {
  displayName: 'Test User',
@@ -44,7 +42,8 @@ const user = {
  isActive: true
 }
-describe('files', () => {
+describe('drive', () => {
  let app: Express
  let con: Mongoose
  let mongoServer: MongoMemoryServer
  const controller = new UserController()
@@ -52,6 +51,8 @@ describe('files', () => {
  let accessToken: string
  beforeAll(async () => {
    app = await appPromise
    mongoServer = await MongoMemoryServer.create()
    con = await mongoose.connect(mongoServer.getUri())
@@ -69,6 +70,7 @@ describe('files', () => {
    await mongoServer.stop()
    await deleteFolder(tmpFolder)
  })
  describe('deploy', () => {
    const shouldFailAssertion = async (payload: any) => {
      const res = await request(app)
@@ -172,17 +174,126 @@ describe('files', () => {
      await expect(readFile(testJobFile)).resolves.toEqual(exampleService.code)
-      await deleteFolder(getTmpFilesFolderPath())
+      await deleteFolder(path.join(getTmpFilesFolderPath(), 'public'))
    })
  })
  describe('folder', () => {
    describe('get', () => {
      const getFolderApi = '/SASjsApi/drive/folder'
      it('should get root SAS folder on drive', async () => {
        const res = await request(app)
          .get(getFolderApi)
          .auth(accessToken, { type: 'bearer' })
        expect(res.statusCode).toEqual(200)
        expect(res.body).toEqual({ files: [], folders: [] })
      })
      it('should get a SAS folder on drive having _folderPath as query param', async () => {
        const pathToDrive = fileUtilModules.getTmpFilesFolderPath()
        const dirLevel1 = 'level1'
        const dirLevel2 = 'level2'
        const fileLevel1 = 'file1'
        const fileLevel2 = 'file2'
        await createFolder(path.join(pathToDrive, dirLevel1, dirLevel2))
        await createFile(
          path.join(pathToDrive, dirLevel1, fileLevel1),
          'some file content'
        )
        await createFile(
          path.join(pathToDrive, dirLevel1, dirLevel2, fileLevel2),
          'some file content'
        )
        const res1 = await request(app)
          .get(getFolderApi)
          .query({ _folderPath: '/' })
          .auth(accessToken, { type: 'bearer' })
        expect(res1.statusCode).toEqual(200)
        expect(res1.body).toEqual({ files: [], folders: [dirLevel1] })
        const res2 = await request(app)
          .get(getFolderApi)
          .query({ _folderPath: dirLevel1 })
          .auth(accessToken, { type: 'bearer' })
        expect(res2.statusCode).toEqual(200)
        expect(res2.body).toEqual({ files: [fileLevel1], folders: [dirLevel2] })
        const res3 = await request(app)
          .get(getFolderApi)
          .query({ _folderPath: `${dirLevel1}/${dirLevel2}` })
          .auth(accessToken, { type: 'bearer' })
        expect(res3.statusCode).toEqual(200)
        expect(res3.body).toEqual({ files: [fileLevel2], folders: [] })
      })
      it('should respond with Unauthorized if access token is not present', async () => {
        const res = await request(app).get(getFolderApi).expect(401)
        expect(res.text).toEqual('Unauthorized')
        expect(res.body).toEqual({})
      })
      it('should respond with Forbidden if folder is not present', async () => {
        const res = await request(app)
          .get(getFolderApi)
          .auth(accessToken, { type: 'bearer' })
          .query({ _folderPath: `/my/path/code-${generateTimestamp()}` })
          .expect(403)
        expect(res.text).toEqual(`Error: Folder doesn't exist.`)
        expect(res.body).toEqual({})
      })
      it('should respond with Forbidden if folderPath outside Drive', async () => {
        const res = await request(app)
          .get(getFolderApi)
          .auth(accessToken, { type: 'bearer' })
          .query({ _folderPath: '/../path/code.sas' })
          .expect(403)
        expect(res.text).toEqual('Error: Cannot get folder outside drive.')
        expect(res.body).toEqual({})
      })
      it('should respond with Forbidden if folderPath is of a file', async () => {
        const fileToCopyPath = path.join(__dirname, 'files', 'sample.sas')
        const filePath = '/my/path/code.sas'
        const pathToCopy = path.join(
          fileUtilModules.getTmpFilesFolderPath(),
          filePath
        )
        await copy(fileToCopyPath, pathToCopy)
        const res = await request(app)
          .get(getFolderApi)
          .auth(accessToken, { type: 'bearer' })
          .query({ _folderPath: filePath })
          .expect(403)
        expect(res.text).toEqual('Error: Not a Folder.')
        expect(res.body).toEqual({})
      })
    })
  })
  describe('file', () => {
    describe('create', () => {
      it('should create a SAS file on drive having filePath as form field', async () => {
        const pathToUpload = `/my/path/code-1.sas`
        const res = await request(app)
          .post('/SASjsApi/drive/file')
          .auth(accessToken, { type: 'bearer' })
-          .field('filePath', '/my/path/code.sas')
+          .field('filePath', pathToUpload)
          .attach('file', path.join(__dirname, 'files', 'sample.sas'))
        expect(res.statusCode).toEqual(200)
@@ -192,10 +303,12 @@ describe('files', () => {
      })
      it('should create a SAS file on drive having _filePath as query param', async () => {
        const pathToUpload = `/my/path/code-2.sas`
        const res = await request(app)
          .post('/SASjsApi/drive/file')
          .auth(accessToken, { type: 'bearer' })
-          .query({ _filePath: '/my/path/code1.sas' })
+          .query({ _filePath: pathToUpload })
          .attach('file', path.join(__dirname, 'files', 'sample.sas'))
        expect(res.statusCode).toEqual(200)
@@ -217,7 +330,7 @@ describe('files', () => {
      it('should respond with Forbidden if file is already present', async () => {
        const fileToAttachPath = path.join(__dirname, 'files', 'sample.sas')
-        const pathToUpload = '/my/path/code.sas'
+        const pathToUpload = `/my/path/code-${generateTimestamp()}.sas`
        const pathToCopy = path.join(
          fileUtilModules.getTmpFilesFolderPath(),
@@ -310,7 +423,7 @@ describe('files', () => {
      it('should respond with Bad Request if attached file exceeds file limit', async () => {
        const pathToUpload = '/my/path/code.sas'
-        const attachedFile = Buffer.from('.'.repeat(20 * 1024 * 1024))
+        const attachedFile = Buffer.from('.'.repeat(110 * 1024 * 1024)) // 110mb
        const res = await request(app)
          .post('/SASjsApi/drive/file')
@@ -320,7 +433,7 @@ describe('files', () => {
          .expect(400)
        expect(res.text).toEqual(
-          'File size is over limit. File limit is: 10 MB'
+          'File size is over limit. File limit is: 100 MB'
        )
        expect(res.body).toEqual({})
      })
@@ -386,7 +499,7 @@ describe('files', () => {
        const res = await request(app)
          .patch('/SASjsApi/drive/file')
          .auth(accessToken, { type: 'bearer' })
-          .field('filePath', `/my/path/code-${generateTimestamp()}.sas`)
+          .field('filePath', `/my/path/code-3.sas`)
          .attach('file', path.join(__dirname, 'files', 'sample.sas'))
          .expect(403)
@@ -427,9 +540,9 @@ describe('files', () => {
        const pathToUpload = '/my/path/code.exe'
        const res = await request(app)
-          .patch(`/SASjsApi/drive/file?_filePath=${pathToUpload}`)
+          .patch('/SASjsApi/drive/file')
          .auth(accessToken, { type: 'bearer' })
-          // .field('filePath', pathToUpload)
+          .query({ _filePath: pathToUpload })
          .attach('file', fileToAttachPath)
          .expect(400)
@@ -468,7 +581,7 @@ describe('files', () => {
      it('should respond with Bad Request if attached file exceeds file limit', async () => {
        const pathToUpload = '/my/path/code.sas'
-        const attachedFile = Buffer.from('.'.repeat(20 * 1024 * 1024))
+        const attachedFile = Buffer.from('.'.repeat(110 * 1024 * 1024)) // 110mb
        const res = await request(app)
          .patch('/SASjsApi/drive/file')
@@ -478,11 +591,84 @@ describe('files', () => {
          .expect(400)
        expect(res.text).toEqual(
-          'File size is over limit. File limit is: 10 MB'
+          'File size is over limit. File limit is: 100 MB'
        )
        expect(res.body).toEqual({})
      })
    })
    describe('get', () => {
      it('should get a SAS file on drive having _filePath as query param', async () => {
        const fileToCopyPath = path.join(__dirname, 'files', 'sample.sas')
        const fileToCopyContent = await readFile(fileToCopyPath)
        const filePath = '/my/path/code.sas'
        const pathToCopy = path.join(
          fileUtilModules.getTmpFilesFolderPath(),
          filePath
        )
        await copy(fileToCopyPath, pathToCopy)
        const res = await request(app)
          .get('/SASjsApi/drive/file')
          .auth(accessToken, { type: 'bearer' })
          .query({ _filePath: filePath })
        expect(res.statusCode).toEqual(200)
        expect(res.body).toEqual({})
        expect(res.text).toEqual(fileToCopyContent)
      })
      it('should respond with Unauthorized if access token is not present', async () => {
        const res = await request(app).get('/SASjsApi/drive/file').expect(401)
        expect(res.text).toEqual('Unauthorized')
        expect(res.body).toEqual({})
      })
      it('should respond with Forbidden if file is not present', async () => {
        const res = await request(app)
          .get('/SASjsApi/drive/file')
          .auth(accessToken, { type: 'bearer' })
          .query({ _filePath: `/my/path/code-4.sas` })
          .expect(403)
        expect(res.text).toEqual(`Error: File doesn't exist.`)
        expect(res.body).toEqual({})
      })
      it('should respond with Forbidden if filePath outside Drive', async () => {
        const res = await request(app)
          .get('/SASjsApi/drive/file')
          .auth(accessToken, { type: 'bearer' })
          .query({ _filePath: '/../path/code.sas' })
          .expect(403)
        expect(res.text).toEqual('Error: Cannot get file outside drive.')
        expect(res.body).toEqual({})
      })
      it("should respond with Bad Request if filePath doesn't has correct extension", async () => {
        const res = await request(app)
          .patch('/SASjsApi/drive/file')
          .auth(accessToken, { type: 'bearer' })
          .query({ _filePath: '/my/path/code.exe' })
          .expect(400)
        expect(res.text).toEqual('Invalid file extension')
        expect(res.body).toEqual({})
      })
      it('should respond with Bad Request if filePath is missing', async () => {
        const res = await request(app)
          .post('/SASjsApi/drive/file')
          .auth(accessToken, { type: 'bearer' })
          .expect(400)
        expect(res.text).toEqual(`"_filePath" is required`)
        expect(res.body).toEqual({})
      })
    })
  })
 })
--- a/api/src/routes/api/spec/group.spec.ts
+++ b/api/src/routes/api/spec/group.spec.ts
@@ -6,11 +6,6 @@ import appPromise from '../../../app'
 import { UserController, GroupController } from '../../../controllers/'
 import { generateAccessToken, saveTokensInDB } from '../../../utils'
 let app: Express
 appPromise.then((_app) => {
  app = _app
 })
 const clientId = 'someclientID'
 const adminUser = {
  displayName: 'Test Admin',
@@ -36,11 +31,14 @@ const userController = new UserController()
 const groupController = new GroupController()
 describe('group', () => {
  let app: Express
  let con: Mongoose
  let mongoServer: MongoMemoryServer
  let adminAccessToken: string
  beforeAll(async () => {
    app = await appPromise
    mongoServer = await MongoMemoryServer.create()
    con = await mongoose.connect(mongoServer.getUri())
--- a/api/src/routes/api/spec/info.spec.ts
+++ b/api/src/routes/api/spec/info.spec.ts
@@ -0,0 +1,20 @@
 import { Express } from 'express'
 import request from 'supertest'
 import appPromise from '../../../app'
 describe('Info', () => {
  let app: Express
  beforeAll(async () => {
    app = await appPromise
  })
  it('should should return configured information of the server instance', async () => {
    const res = await request(app).get('/SASjsApi/info').expect(200)
    expect(res.body.mode).toEqual('server')
    expect(res.body.cors).toEqual('disable')
    expect(res.body.whiteList).toEqual([])
    expect(res.body.protocol).toEqual('http')
  })
 })
--- a/api/src/routes/api/spec/user.spec.ts
+++ b/api/src/routes/api/spec/user.spec.ts
@@ -6,11 +6,6 @@ import appPromise from '../../../app'
 import { UserController } from '../../../controllers/'
 import { generateAccessToken, saveTokensInDB } from '../../../utils'
 let app: Express
 appPromise.then((_app) => {
  app = _app
 })
 const clientId = 'someclientID'
 const adminUser = {
  displayName: 'Test Admin',
@@ -30,10 +25,13 @@ const user = {
 const controller = new UserController()
 describe('user', () => {
  let app: Express
  let con: Mongoose
  let mongoServer: MongoMemoryServer
  beforeAll(async () => {
    app = await appPromise
    mongoServer = await MongoMemoryServer.create()
    con = await mongoose.connect(mongoServer.getUri())
  })
--- a/api/src/routes/appStream/appStreamHtml.ts
+++ b/api/src/routes/appStream/appStreamHtml.ts
@@ -1,27 +1,6 @@
 import { AppStreamConfig } from '../../types'
-
+import { script } from './script'
-const style = `<style>
+import { style } from './style'
 * {
  font-family: 'Roboto', sans-serif;
 }
 .app-container {
  display: flex;
  flex-wrap: wrap;
  align-items: baseline;
  justify-content: center;
 }
 .app-container .app {
  width: 150px;
  margin: 10px;
  overflow: hidden;
  text-align: center;
 }
 .app-container .app img{
  width: 100%;
  margin-bottom: 10px;
  border-radius: 10px;
 }
 </style>`
 const defaultAppLogo = '/sasjs-logo.svg'
@@ -52,6 +31,14 @@ export const appStreamHtml = (appStreamConfig: AppStreamConfig) => `
          singleAppStreamHtml(streamServiceName, entry.appLoc, entry.streamLogo)
        )
        .join('')}
        <a class="app" title="Upload build.json">
          <input id="fileId" type="file" hidden />
          <button id="uploadButton" style="margin-bottom: 5px; cursor: pointer">
            <img src="/plus.png" />
          </button>
          <span id="uploadMessage">Upload New App</span>
        </a>
    </div>
    ${script}
  </body>
 </html>`
--- a/api/src/routes/appStream/index.ts
+++ b/api/src/routes/appStream/index.ts
@@ -52,7 +52,7 @@ export const publishAppStream = async (
      addEntryToFile
    )
-    const sasJsPort = process.env.PORT ?? 5000
+    const sasJsPort = process.env.PORT || 5000
    console.log(
      'Serving Stream App: ',
      `http://localhost:${sasJsPort}/AppStream/${streamServiceName}`
--- a/api/src/routes/appStream/script.ts
+++ b/api/src/routes/appStream/script.ts
@@ -0,0 +1,58 @@
 export const script = `<script>
  const inputElement = document.getElementById('fileId')
  document
    .getElementById('uploadButton')
    .addEventListener('click', function () {
      inputElement.click()
    })
  inputElement.addEventListener(
    'change',
    function () {
      const fileList = this.files /* now you can work with the file list */
      updateFileUploadMessage('Requesting ...')
      const file = fileList[0]
      const formData = new FormData()
      formData.append('file', file)
      fetch('/SASjsApi/drive/deploy/upload', {
        method: 'POST',
        body: formData
      })
        .then(async (res) => {
          const { status, ok } = res
          if (status === 200 && ok) {
            const data = await res.json()
            return (
              data.message +
              '\\nstreamServiceName: ' +
              data.streamServiceName +
              '\\nrefreshing page once alert box closes.'
            )
          }
          throw await res.text()
        })
        .then((message) => {
          alert(message)
          location.reload()
        })
        .catch((error) => {
          alert(error)
          resetFileUpload()
          updateFileUploadMessage('Upload New App')
        })
    },
    false
  )
  function updateFileUploadMessage(message) {
    document.getElementById('uploadMessage').innerHTML = message
  }
  function resetFileUpload() {
    inputElement.value = null
  }
 </script>`
--- a/api/src/routes/appStream/style.ts
+++ b/api/src/routes/appStream/style.ts
@@ -0,0 +1,22 @@
 export const style = `<style>
 * {
  font-family: 'Roboto', sans-serif;
 }
 .app-container {
  display: flex;
  flex-wrap: wrap;
  align-items: baseline;
  justify-content: center;
 }
 .app-container .app {
  width: 150px;
  margin: 10px;
  overflow: hidden;
  text-align: center;
 }
 .app-container .app img{
  width: 100%;
  margin-bottom: 10px;
  border-radius: 10px;
 }
 </style>`
--- a/api/src/routes/setupRoutes.ts
+++ b/api/src/routes/setupRoutes.ts
@@ -5,7 +5,6 @@ import apiRouter from './api'
 import appStreamRouter from './appStream'
 export const setupRoutes = (app: Express) => {
  app.use('/', webRouter)
  app.use('/SASjsApi', apiRouter)
  app.use('/AppStream', function (req, res, next) {
@@ -13,4 +12,6 @@ export const setupRoutes = (app: Express) => {
    // whatever the current router is
    appStreamRouter(req, res, next)
  })
  app.use('/', webRouter)
 }
--- a/api/src/routes/web/index.ts
+++ b/api/src/routes/web/index.ts
@@ -1,8 +1,11 @@
 import express from 'express'
 import { csrfProtection } from '../../app'
 import webRouter from './web'
 const router = express.Router()
 router.use(csrfProtection)
 router.use('/', webRouter)
 export default router
--- a/api/src/routes/web/web.ts
+++ b/api/src/routes/web/web.ts
@@ -1,34 +1,43 @@
 import { readFile } from '@sasjs/utils'
 import express from 'express'
 import path from 'path'
-import { getWebBuildFolderPath } from '../../utils'
+import express from 'express'
 import { fileExists } from '@sasjs/utils'
 import { WebController } from '../../controllers/web'
 import { getWebBuildFolderPath, loginWebValidation } from '../../utils'
 const webRouter = express.Router()
-const codeToInject = `
+webRouter.get('/', async (req, res) => {
-<script>
+  const indexHtmlPath = path.join(getWebBuildFolderPath(), 'index.html')
  localStorage.setItem('accessToken', JSON.stringify('accessToken'))
  localStorage.setItem('refreshToken', JSON.stringify('refreshToken'))
 </script>`
-webRouter.get('/', async (_, res) => {
+  if (await fileExists(indexHtmlPath)) {
-  let content: string
+    res.cookie('XSRF-TOKEN', req.csrfToken())
    return res.sendFile(indexHtmlPath)
  }
  return res.send('Web Build is not present')
 })
 webRouter.post('/login', async (req, res) => {
  const { error, value: body } = loginWebValidation(req.body)
  if (error) return res.status(400).send(error.details[0].message)
  const controller = new WebController()
  try {
-    const indexHtmlPath = path.join(getWebBuildFolderPath(), 'index.html')
+    const response = await controller.login(req, body)
-    content = await readFile(indexHtmlPath)
+    res.send(response)
-  } catch (_) {
+  } catch (err: any) {
-    return res.send('Web Build is not present')
+    res.status(400).send(err.toString())
  }
 })
-  const { MODE } = process.env
+webRouter.get('/logout', async (req, res) => {
-  if (MODE?.trim() !== 'server') {
+  const controller = new WebController()
-    const injectedContent = content.replace('</head>', `${codeToInject}</head>`)
+  try {
-
+    await controller.logout(req)
-    res.setHeader('Content-Type', 'text/html')
+    res.status(200).send()
-    return res.send(injectedContent)
+  } catch (err: any) {
    res.status(400).send(err.toString())
  }
  return res.send(content)
 })
 export default webRouter
--- a/api/src/server.ts
+++ b/api/src/server.ts
@@ -4,8 +4,8 @@ import appPromise from './app'
 import { getCertificates } from './utils'
 appPromise.then(async (app) => {
-  const protocol = process.env.PROTOCOL ?? 'http'
+  const protocol = process.env.PROTOCOL || 'http'
-  const sasJsPort = process.env.PORT ?? 5000
+  const sasJsPort = process.env.PORT || 5000
  console.log('PROTOCOL: ', protocol)
--- a/api/src/types/FileTree.ts
+++ b/api/src/types/FileTree.ts
@@ -1,62 +0,0 @@
 export enum MemberType {
  service = 'service',
  file = 'file',
  folder = 'folder'
 }
 export interface ServiceMember {
  name: string
  type: MemberType.service
  code: string
 }
 export interface FileMember {
  name: string
  type: MemberType.file
  code: string
 }
 export interface FolderMember {
  name: string
  type: MemberType.folder
  members: (FolderMember | ServiceMember | FileMember)[]
 }
 export interface FileTree {
  members: (FolderMember | ServiceMember | FileMember)[]
 }
 export const isFileTree = (arg: any): arg is FileTree =>
  arg &&
  arg.members &&
  Array.isArray(arg.members) &&
  arg.members.filter(
    (member: ServiceMember | FileMember | FolderMember) =>
      !isServiceMember(member, '-') &&
      !isFileMember(member, '-') &&
      !isFolderMember(member, '-')
  ).length === 0
 const isServiceMember = (arg: any, pre: string): arg is ServiceMember =>
  arg &&
  typeof arg.name === 'string' &&
  arg.type === MemberType.service &&
  typeof arg.code === 'string'
 const isFileMember = (arg: any, pre: string): arg is ServiceMember =>
  arg &&
  typeof arg.name === 'string' &&
  arg.type === MemberType.file &&
  typeof arg.code === 'string'
 const isFolderMember = (arg: any, pre: string): arg is FolderMember =>
  arg &&
  typeof arg.name === 'string' &&
  arg.type === MemberType.folder &&
  arg.members &&
  Array.isArray(arg.members) &&
  arg.members.filter(
    (member: FolderMember | ServiceMember) =>
      !isServiceMember(member, pre + '-') &&
      !isFileMember(member, pre + '-') &&
      !isFolderMember(member, pre + '-')
  ).length === 0
--- a/api/src/types/Process.d.ts
+++ b/api/src/types/Process.d.ts
@@ -1,8 +0,0 @@
 declare namespace NodeJS {
  export interface Process {
    sasLoc: string
    driveLoc: string
    sessionController?: import('../controllers/internal').SessionController
    appStreamConfig: import('./').AppStreamConfig
  }
 }
--- a/api/src/types/Request.ts
+++ b/api/src/types/Request.ts
@@ -1,17 +0,0 @@
 import { MacroVars } from '@sasjs/utils'
 export interface ExecutionQuery {
  _program: string
  macroVars?: MacroVars
  _debug?: number
 }
 export interface FileQuery {
  filePath: string
 }
 export const isExecutionQuery = (arg: any): arg is ExecutionQuery =>
  arg && !Array.isArray(arg) && typeof arg._program === 'string'
 export const isFileQuery = (arg: any): arg is FileQuery =>
  arg && !Array.isArray(arg) && typeof arg.filePath === 'string'
--- a/api/src/types/index.ts
+++ b/api/src/types/index.ts
@@ -1,9 +1,7 @@
 // TODO: uppercase types
 export * from './AppStreamConfig'
 export * from './Execution'
 export * from './FileTree'
 export * from './InfoJWT'
 export * from './PreProgramVars'
 export * from './Request'
 export * from './Session'
 export * from './TreeNode'
--- a/api/src/types/system/express-session.d.ts
+++ b/api/src/types/system/express-session.d.ts
@@ -0,0 +1,14 @@
 import express from 'express'
 declare module 'express-session' {
  interface SessionData {
    loggedIn: boolean
    user: {
      userId: number
      clientId: string
      username: string
      displayName: string
      isAdmin: boolean
      isActive: boolean
    }
  }
 }
--- a/api/src/types/system/global.d.ts
+++ b/api/src/types/system/global.d.ts
@@ -0,0 +1 @@
 import 'jest-extended'
--- a/api/src/types/system/process.d.ts
+++ b/api/src/types/system/process.d.ts
@@ -0,0 +1,8 @@
 declare namespace NodeJS {
  export interface Process {
    sasLoc: string
    driveLoc: string
    sessionController?: import('../../controllers/internal').SessionController
    appStreamConfig: import('../').AppStreamConfig
  }
 }
--- a/api/src/utils/connectDB.ts
+++ b/api/src/utils/connectDB.ts
@@ -1,25 +1,15 @@
 import mongoose from 'mongoose'
-import { populateClients } from '../routes/api/auth'
+import { seedDB } from './seedDB'
 export const connectDB = async () => {
-  // NOTE: when exporting app.js as agent for supertest
+  try {
-  // we should exclude connecting to the real database
+    await mongoose.connect(process.env.DB_CONNECT as string)
-  if (process.env.NODE_ENV === 'test') {
+  } catch (err) {
-    return
+    throw new Error('Unable to connect to DB!')
  } else {
    const { MODE } = process.env
    if (MODE?.trim() !== 'server') {
      console.log('Running in Destop Mode, no DB to connect.')
      return
    }
    mongoose.connect(process.env.DB_CONNECT as string, async (err) => {
      if (err) throw err
      console.log('Connected to db!')
      await populateClients()
    })
  }
  console.log('Connected to DB!')
  await seedDB()
  return mongoose.connection
 }
--- a/api/src/utils/file.ts
+++ b/api/src/utils/file.ts
@@ -9,7 +9,7 @@ export const sysInitCompiledPath = path.join(
 )
 export const sasJSCoreMacros = path.join(apiRoot, 'sasjscore')
-export const sasJSCoreMacrosInfo = path.join(apiRoot, 'sasjscore', '.macrolist')
+export const sasJSCoreMacrosInfo = path.join(sasJSCoreMacros, '.macrolist')
 export const getWebBuildFolderPath = () =>
  path.join(codebaseRoot, 'web', 'build')
--- a/api/src/utils/index.ts
+++ b/api/src/utils/index.ts
@@ -12,8 +12,9 @@ export * from './isDebugOn'
 export * from './parseLogToArray'
 export * from './removeTokensInDB'
 export * from './saveTokensInDB'
 export * from './seedDB'
 export * from './setProcessVariables'
-export * from './sleep'
+export * from './setupFolders'
 export * from './upload'
 export * from './validation'
 export * from './verifyTokenInDB'
--- a/api/src/utils/seedDB.ts
+++ b/api/src/utils/seedDB.ts
@@ -0,0 +1,35 @@
 import Client from '../model/Client'
 import User from '../model/User'
 const CLIENT = {
  clientId: 'clientID1',
  clientSecret: 'clientSecret'
 }
 const ADMIN_USER = {
  id: 1,
  displayName: 'Super Admin',
  username: 'secretuser',
  password: '$2a$10$hKvcVEZdhEQZCcxt6npazO6mY4jJkrzWvfQ5stdBZi8VTTwVMCVXO',
  isAdmin: true,
  isActive: true
 }
 export const seedDB = async () => {
  // Checking if client is already in the database
  const clientExist = await Client.findOne({ clientId: CLIENT.clientId })
  if (!clientExist) {
    const client = new Client(CLIENT)
    await client.save()
    console.log(`DB Seed - client created: ${CLIENT.clientId}`)
  }
  // Checking if user is already in the database
  const usernameExist = await User.findOne({ username: ADMIN_USER.username })
  if (!usernameExist) {
    const user = new User(ADMIN_USER)
    await user.save()
    console.log(`DB Seed - admin account created: ${ADMIN_USER.username}`)
  }
 }
--- a/api/src/utils/setProcessVariables.ts
+++ b/api/src/utils/setProcessVariables.ts
@@ -1,5 +1,5 @@
 import path from 'path'
-import { getRealPath } from '@sasjs/utils'
+import { getAbsolutePath, getRealPath } from '@sasjs/utils'
 import { configuration } from '../../package.json'
 import { getDesktopFields } from '.'
@@ -12,18 +12,17 @@ export const setProcessVariables = async () => {
  const { MODE } = process.env
-  if (MODE?.trim() !== 'server') {
+  if (MODE?.trim() === 'server') {
    const { SAS_PATH, DRIVE_PATH } = process.env
    process.sasLoc = SAS_PATH ?? configuration.sasPath
    const absPath = getAbsolutePath(DRIVE_PATH ?? 'tmp', process.cwd())
    process.driveLoc = getRealPath(absPath)
  } else {
    const { sasLoc, driveLoc } = await getDesktopFields()
    process.sasLoc = sasLoc
    process.driveLoc = driveLoc
  } else {
    const { SAS_PATH, DRIVE_PATH } = process.env
    process.sasLoc = SAS_PATH ?? configuration.sasPath
    process.driveLoc = getRealPath(
      path.join(process.cwd(), DRIVE_PATH ?? 'tmp')
    )
  }
  console.log('sasLoc: ', process.sasLoc)
--- a/api/src/utils/setupFolders.ts
+++ b/api/src/utils/setupFolders.ts
@@ -0,0 +1,7 @@
 import { createFolder } from '@sasjs/utils'
 import { getTmpFilesFolderPath } from './file'
 export const setupFolders = async () => {
  const drivePath = getTmpFilesFolderPath()
  await createFolder(drivePath)
 }
--- a/api/src/utils/sleep.ts
+++ b/api/src/utils/sleep.ts
@@ -1,3 +0,0 @@
 export const sleep = async (delay: number) => {
  await new Promise((resolve) => setTimeout(resolve, delay))
 }
--- a/api/src/utils/validation.ts
+++ b/api/src/utils/validation.ts
@@ -1,10 +1,16 @@
 import Joi from 'joi'
-const usernameSchema = Joi.string().alphanum().min(6).max(20)
+const usernameSchema = Joi.string().alphanum().min(3).max(16)
 const passwordSchema = Joi.string().min(6).max(1024)
 export const blockFileRegex = /\.(exe|sh|htaccess)$/i
 export const loginWebValidation = (data: any): Joi.ValidationResult =>
  Joi.object({
    username: usernameSchema.required(),
    password: passwordSchema.required()
  }).validate(data)
 export const authorizeValidation = (data: any): Joi.ValidationResult =>
  Joi.object({
    username: usernameSchema.required(),
@@ -98,6 +104,11 @@ export const fileParamValidation = (data: any): Joi.ValidationResult =>
    _filePath: filePathSchema
  }).validate(data)
 export const folderParamValidation = (data: any): Joi.ValidationResult =>
  Joi.object({
    _folderPath: Joi.string()
  }).validate(data)
 export const runSASValidation = (data: any): Joi.ValidationResult =>
  Joi.object({
    code: Joi.string().required()
--- a/api/tsoa.json
+++ b/api/tsoa.json
@@ -11,6 +11,10 @@
      }
    },
    "tags": [
      {
        "name": "Info",
        "description": "Get Server Info"
      },
      {
        "name": "Session",
        "description": "Get Session information"
@@ -42,6 +46,10 @@
      {
        "name": "CODE",
        "description": "Operations on SAS code"
      },
      {
        "name": "Web",
        "description": "Operations on Web"
      }
    ],
    "yaml": true,
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
  "name": "server",
-  "version": "0.0.45",
+  "version": "0.0.60",
  "lockfileVersion": 2,
  "requires": true,
  "packages": {
    "": {
      "name": "server",
-      "version": "0.0.45",
+      "version": "0.0.60",
      "devDependencies": {
        "prettier": "^2.3.1",
        "standard-version": "^9.3.2"
@@ -1350,9 +1350,9 @@
      }
    },
    "node_modules/minimist": {
-      "version": "1.2.5",
+      "version": "1.2.6",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
-      "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
+      "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==",
      "dev": true
    },
    "node_modules/minimist-options": {
@@ -3158,9 +3158,9 @@
      }
    },
    "minimist": {
-      "version": "1.2.5",
+      "version": "1.2.6",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
-      "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
+      "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==",
      "dev": true
    },
    "minimist-options": {
--- a/package.json
+++ b/package.json
@@ -1,12 +1,12 @@
 {
  "name": "server",
-  "version": "0.0.45",
+  "version": "0.0.60",
  "description": "NodeJS wrapper for calling the SAS binary executable",
  "repository": "https://github.com/sasjs/server",
  "scripts": {
    "server": "npm run server:prepare && npm run server:start",
-    "server:prepare": "cd web && npm ci && npm run build && cd ../api && npm ci && cd ..",
+    "server:prepare": "cd web && npm ci && npm run build && cd ../api && npm ci && npm run build && cd ..",
-    "server:start": "cd api && npm run start",
+    "server:start": "cd api && npm run start:prod",
    "release": "standard-version",
    "lint-api:fix": "npx prettier --write \"api/src/**/*.{ts,tsx,js,jsx,html,css,sass,less,yml,md,graphql}\"",
    "lint-api": "npx prettier --check \"api/src/**/*.{ts,tsx,js,jsx,html,css,sass,less,yml,md,graphql}\"",
--- a/restClient/drive.rest
+++ b/restClient/drive.rest
@@ -1,3 +1,6 @@
 ### Get contents of folder
 GET http://localhost:5000/SASjsApi/drive/folder?_path=/Public/app/react-seed-app/services/web
 ###
 POST http://localhost:5000/SASjsApi/drive/deploy
 Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRfaWQiOiJjbGllbnRJRDEiLCJ1c2VybmFtZSI6InVzZXJuYW1lMSIsImlzYWRtaW4iOmZhbHNlLCJpc2FjdGl2ZSI6dHJ1ZSwiaWF0IjoxNjM1ODA0MDc2LCJleHAiOjE2MzU4OTA0NzZ9.Cx1F54ILgAUtnkit0Wg1K1YVO2RdNjOnTKdPhUtDm5I
--- a/web/.env.example
+++ b/web/.env.example
@@ -1,2 +1 @@
-PORT_API=[place sasjs server port] default value is 5000
+PORT_API=[place sasjs server port] default value is 5000
 CLIENT_ID=<place clientId here>
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -4191,9 +4191,9 @@
      "dev": true
    },
    "node_modules/async": {
-      "version": "2.6.3",
+      "version": "2.6.4",
-      "resolved": "https://registry.npmjs.org/async/-/async-2.6.3.tgz",
+      "resolved": "https://registry.npmjs.org/async/-/async-2.6.4.tgz",
-      "integrity": "sha512-zflvls11DCy+dQWzTW2dzuilv8Z5X/pjfmZOWba6TNIVDm+2UDaJmXSOXlasHKfNBs8oo3M0aT50fDEWfKZjXg==",
+      "integrity": "sha512-mzo5dfJYwAn29PeiJ0zvwTo04zj8HDJj0Mn8TD7sno7q12prdbnasKJHhkm2c1LgrhlJ0teaea8860oxi51mGA==",
      "dev": true,
      "dependencies": {
        "lodash": "^4.17.14"
@@ -8472,9 +8472,9 @@
      }
    },
    "node_modules/minimist": {
-      "version": "1.2.5",
+      "version": "1.2.6",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
-      "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw=="
+      "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q=="
    },
    "node_modules/mkdirp": {
      "version": "0.5.5",
@@ -8581,9 +8581,9 @@
      }
    },
    "node_modules/node-forge": {
-      "version": "1.2.1",
+      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.2.1.tgz",
+      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.3.0.tgz",
-      "integrity": "sha512-Fcvtbb+zBcZXbTTVwqGA5W+MKBj56UjVRevvchv5XrcyXbmNdesfZL37nlcWOfpgHhgmxApw3tQbTr4CqNmX4w==",
+      "integrity": "sha512-08ARB91bUi6zNKzVmaj3QO7cr397uiDT2nJ63cHjyNtCTWIgvS47j3eT0WfzUwS9+6Z5YshRaoasFkXCKrIYbA==",
      "dev": true,
      "engines": {
        "node": ">= 6.13.0"
@@ -14381,9 +14381,9 @@
      "dev": true
    },
    "async": {
-      "version": "2.6.3",
+      "version": "2.6.4",
-      "resolved": "https://registry.npmjs.org/async/-/async-2.6.3.tgz",
+      "resolved": "https://registry.npmjs.org/async/-/async-2.6.4.tgz",
-      "integrity": "sha512-zflvls11DCy+dQWzTW2dzuilv8Z5X/pjfmZOWba6TNIVDm+2UDaJmXSOXlasHKfNBs8oo3M0aT50fDEWfKZjXg==",
+      "integrity": "sha512-mzo5dfJYwAn29PeiJ0zvwTo04zj8HDJj0Mn8TD7sno7q12prdbnasKJHhkm2c1LgrhlJ0teaea8860oxi51mGA==",
      "dev": true,
      "requires": {
        "lodash": "^4.17.14"
@@ -17622,9 +17622,9 @@
      }
    },
    "minimist": {
-      "version": "1.2.5",
+      "version": "1.2.6",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
-      "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw=="
+      "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q=="
    },
    "mkdirp": {
      "version": "0.5.5",
@@ -17715,9 +17715,9 @@
      }
    },
    "node-forge": {
-      "version": "1.2.1",
+      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.2.1.tgz",
+      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-1.3.0.tgz",
-      "integrity": "sha512-Fcvtbb+zBcZXbTTVwqGA5W+MKBj56UjVRevvchv5XrcyXbmNdesfZL37nlcWOfpgHhgmxApw3tQbTr4CqNmX4w==",
+      "integrity": "sha512-08ARB91bUi6zNKzVmaj3QO7cr397uiDT2nJ63cHjyNtCTWIgvS47j3eT0WfzUwS9+6Z5YshRaoasFkXCKrIYbA==",
      "dev": true
    },
    "node-releases": {
--- a/web/public/logo.png
+++ b/web/public/logo.png
--- a/web/public/running-sas-white.png
+++ b/web/public/running-sas-white.png
--- a/web/public/running-sas.png
+++ b/web/public/running-sas.png
--- a/web/src/App.tsx
+++ b/web/src/App.tsx
@@ -1,4 +1,4 @@
-import React from 'react'
+import React, { useContext } from 'react'
 import { Route, HashRouter, Switch } from 'react-router-dom'
 import { ThemeProvider } from '@mui/material/styles'
 import { theme } from './theme'
@@ -9,12 +9,12 @@ import Home from './components/home'
 import Drive from './containers/Drive'
 import Studio from './containers/Studio'
-import useTokens from './components/useTokens'
+import { AppContext } from './context/appContext'
 function App() {
-  const { tokens, setTokens } = useTokens()
+  const appContext = useContext(AppContext)
-  if (!tokens) {
+  if (!appContext.loggedIn) {
    return (
      <ThemeProvider theme={theme}>
        <HashRouter>
@@ -24,7 +24,7 @@ function App() {
              <Login getCodeOnly />
            </Route>
            <Route path="/">
-              <Login setTokens={setTokens} />
+              <Login />
            </Route>
          </Switch>
        </HashRouter>
--- a/web/src/components/header.tsx
+++ b/web/src/components/header.tsx
@@ -1,13 +1,20 @@
-import React, { useState } from 'react'
+import React, { useState, useContext } from 'react'
 import { Link, useHistory, useLocation } from 'react-router-dom'
-import AppBar from '@mui/material/AppBar'
+import {
-import Toolbar from '@mui/material/Toolbar'
+  AppBar,
-import Tabs from '@mui/material/Tabs'
+  Toolbar,
-import Tab from '@mui/material/Tab'
+  Tabs,
-import Button from '@mui/material/Button'
+  Tab,
  Button,
  Menu,
  MenuItem
 } from '@mui/material'
 import OpenInNewIcon from '@mui/icons-material/OpenInNew'
 import Username from './username'
 import { AppContext } from '../context/appContext'
 const NODE_ENV = process.env.NODE_ENV
 const PORT_API = process.env.PORT_API
 const baseUrl =
@@ -16,11 +23,29 @@ const baseUrl =
 const Header = (props: any) => {
  const history = useHistory()
  const { pathname } = useLocation()
  const appContext = useContext(AppContext)
  const [tabValue, setTabValue] = useState(pathname)
  const [anchorEl, setAnchorEl] = useState<
    (EventTarget & HTMLButtonElement) | null
  >(null)
  const handleMenu = (
    event: React.MouseEvent<HTMLButtonElement, MouseEvent>
  ) => {
    setAnchorEl(event.currentTarget)
  }
  const handleClose = () => {
    setAnchorEl(null)
  }
  const handleTabChange = (event: React.SyntheticEvent, value: string) => {
    setTabValue(value)
  }
  const handleLogout = () => {
    if (appContext.logout) appContext.logout()
  }
  return (
    <AppBar
      position="fixed"
@@ -28,10 +53,10 @@ const Header = (props: any) => {
    >
      <Toolbar variant="dense">
        <img
-          src="logo-white.png"
+          src="logo.png"
          alt="logo"
          style={{
-            width: '50px',
+            width: '35px',
            cursor: 'pointer',
            marginRight: '25px'
          }}
@@ -81,6 +106,39 @@ const Header = (props: any) => {
        >
          App Stream
        </Button>
        <div
          style={{
            display: 'flex',
            flexGrow: 1,
            justifyContent: 'flex-end'
          }}
        >
          <Username
            username={appContext.displayName || appContext.username}
            onClickHandler={handleMenu}
          />
          <Menu
            id="menu-appbar"
            anchorEl={anchorEl}
            anchorOrigin={{
              vertical: 'bottom',
              horizontal: 'center'
            }}
            keepMounted
            transformOrigin={{
              vertical: 'top',
              horizontal: 'center'
            }}
            open={!!anchorEl}
            onClose={handleClose}
          >
            <MenuItem onClick={handleLogout} sx={{ justifyContent: 'center' }}>
              <Button variant="contained" color="primary">
                Logout
              </Button>
            </MenuItem>
          </Menu>
        </div>
      </Toolbar>
    </AppBar>
  )
--- a/web/src/components/login.tsx
+++ b/web/src/components/login.tsx
@@ -1,41 +1,21 @@
-import React, { useState } from 'react'
+import axios from 'axios'
 import React, { useState, useContext } from 'react'
 import { useLocation } from 'react-router-dom'
 import PropTypes from 'prop-types'
 import { CssBaseline, Box, TextField, Button, Typography } from '@mui/material'
 import { AppContext } from '../context/appContext'
-const headers = {
+const getAuthCode = async (credentials: any) =>
-  Accept: 'application/json',
+  axios.post('/SASjsApi/auth/authorize', credentials).then((res) => res.data)
  'Content-Type': 'application/json'
 }
 const NODE_ENV = process.env.NODE_ENV
 const PORT_API = process.env.PORT_API
 const baseUrl =
  NODE_ENV === 'development' ? `http://localhost:${PORT_API ?? 5000}` : ''
-const getAuthCode = async (credentials: any) => {
+const login = async (payload: { username: string; password: string }) =>
-  return fetch(`${baseUrl}/SASjsApi/auth/authorize`, {
+  axios.post('/login', payload).then((res) => res.data)
    method: 'POST',
    headers,
    body: JSON.stringify(credentials)
  }).then(async (response) => {
    const resText = await response.text()
    if (response.status !== 200) throw resText
-    return JSON.parse(resText)
+const Login = ({ getCodeOnly }: any) => {
  })
 }
 const getTokens = async (payload: any) => {
  return fetch(`${baseUrl}/SASjsApi/auth/token`, {
    method: 'POST',
    headers,
    body: JSON.stringify(payload)
  }).then((data) => data.json())
 }
 const Login = ({ setTokens, getCodeOnly }: any) => {
  const location = useLocation()
-  const [username, setUserName] = useState('')
+  const appContext = useContext(AppContext)
  const [username, setUsername] = useState('')
  const [password, setPassword] = useState('')
  const [errorMessage, setErrorMessage] = useState('')
  let error: boolean
@@ -45,34 +25,40 @@ const Login = ({ setTokens, getCodeOnly }: any) => {
    error = false
    setErrorMessage('')
    e.preventDefault()
    let clientId = process.env.CLIENT_ID
    if (getCodeOnly) {
      const params = new URLSearchParams(location.search)
      const responseType = params.get('response_type')
-      if (responseType === 'code')
+      if (responseType === 'code') {
-        clientId = params.get('client_id') ?? undefined
+        const clientId = params.get('client_id')
        const { code } = await getAuthCode({
          clientId,
          username,
          password
        }).catch((err: any) => {
          error = true
          setErrorMessage(err.response.data)
          return {}
        })
        if (!error) return setDisplayCode(code)
        return
      }
    }
-    const { code } = await getAuthCode({
+    const { loggedIn, user } = await login({
      clientId,
      username,
      password
-    }).catch((err: string) => {
+    }).catch((err: any) => {
      error = true
-      setErrorMessage(err)
+      setErrorMessage(err.response.data)
      return {}
    })
-    if (!error) {
+    if (loggedIn) {
-      if (getCodeOnly) return setDisplayCode(code)
+      appContext.setLoggedIn?.(loggedIn)
-
+      appContext.setUsername?.(user.username)
-      const { accessToken, refreshToken } = await getTokens({
+      appContext.setDisplayName?.(user.displayName)
        clientId,
        code
      })
      setTokens(accessToken, refreshToken)
    }
  }
@@ -115,7 +101,7 @@ const Login = ({ setTokens, getCodeOnly }: any) => {
        label="Username"
        type="text"
        variant="outlined"
-        onChange={(e: any) => setUserName(e.target.value)}
+        onChange={(e: any) => setUsername(e.target.value)}
        required
      />
      <TextField
@@ -127,7 +113,11 @@ const Login = ({ setTokens, getCodeOnly }: any) => {
        required
      />
      {errorMessage && <span>{errorMessage}</span>}
-      <Button type="submit" variant="outlined">
+      <Button
        type="submit"
        variant="outlined"
        disabled={!appContext.setLoggedIn}
      >
        Submit
      </Button>
    </Box>
@@ -135,7 +125,6 @@ const Login = ({ setTokens, getCodeOnly }: any) => {
 }
 Login.propTypes = {
  setTokens: PropTypes.func,
  getCodeOnly: PropTypes.bool
 }
--- a/web/src/components/useTokens.ts
+++ b/web/src/components/useTokens.ts
@@ -1,94 +0,0 @@
 import axios from 'axios'
 import { useEffect, useState } from 'react'
 export default function useTokens() {
  const getTokens = () => {
    const accessToken = localStorage.getItem('accessToken')
    const refreshToken = localStorage.getItem('refreshToken')
    if (accessToken && refreshToken) {
      setAxiosRequestHeader(accessToken)
      return { accessToken, refreshToken }
    }
    return undefined
  }
  const [tokens, setTokens] = useState(getTokens())
  useEffect(() => {
    if (tokens === undefined) {
      localStorage.removeItem('accessToken')
      localStorage.removeItem('refreshToken')
    }
  }, [tokens])
  setAxiosResponse(setTokens)
  const saveTokens = (accessToken: string, refreshToken: string) => {
    localStorage.setItem('accessToken', accessToken)
    localStorage.setItem('refreshToken', refreshToken)
    setAxiosRequestHeader(accessToken)
    setTokens({ accessToken, refreshToken })
  }
  return {
    setTokens: saveTokens,
    tokens
  }
 }
 const NODE_ENV = process.env.NODE_ENV
 const PORT_API = process.env.PORT_API
 const baseUrl =
  NODE_ENV === 'development' ? `http://localhost:${PORT_API ?? 5000}` : ''
 const isAbsoluteURLRegex = /^(?:\w+:)\/\//
 const setAxiosRequestHeader = (accessToken: string) => {
  axios.interceptors.request.use(function (config) {
    if (baseUrl && !isAbsoluteURLRegex.test(config.url as string)) {
      config.url = baseUrl + config.url
    }
    config.headers!['Authorization'] = `Bearer ${accessToken}`
    config.withCredentials = true
    return config
  })
 }
 const setAxiosResponse = (setTokens: Function) => {
  // Add a response interceptor
  axios.interceptors.response.use(
    function (response) {
      // Any status code that lie within the range of 2xx cause this function to trigger
      return response
    },
    async function (error) {
      if (error.response?.status === 401) {
        // refresh token
        // const { accessToken, refreshToken: newRefresh } = await refreshMyToken(
        //   refreshToken
        // )
        // if (accessToken && newRefresh) {
        //   setTokens(accessToken, newRefresh)
        //   error.config.headers['Authorization'] = 'Bearer ' + accessToken
        //   error.config.baseURL = undefined
        //   return axios.request(error.config)
        // }
        setTokens(undefined)
      }
      return Promise.reject(error)
    }
  )
 }
 // const refreshMyToken = async (refreshToken: string) => {
 //   return fetch('http://localhost:5000/SASjsApi/auth/refresh', {
 //     method: 'POST',
 //     headers: {
 //       Authorization: `Bearer ${refreshToken}`
 //     }
 //   }).then((data) => data.json())
 // }
--- a/web/src/components/username.tsx
+++ b/web/src/components/username.tsx
@@ -0,0 +1,30 @@
 import React from 'react'
 import { Typography, IconButton } from '@mui/material'
 import AccountCircle from '@mui/icons-material/AccountCircle'
 const Username = (props: any) => {
  return (
    <IconButton
      aria-label="account of current user"
      aria-controls="menu-appbar"
      aria-haspopup="true"
      onClick={props.onClickHandler}
      color="inherit"
    >
      {props.avatarContent ? (
        <img
          src={props.avatarContent}
          alt="user-avatar"
          style={{ width: '25px' }}
        />
      ) : (
        <AccountCircle></AccountCircle>
      )}
      <Typography variant="h6" sx={{ color: 'white', padding: '0 8px' }}>
        {props.username}
      </Typography>
    </IconButton>
  )
 }
 export default Username
--- a/web/src/containers/Drive/index.tsx
+++ b/web/src/containers/Drive/index.tsx
@@ -90,7 +90,11 @@ const Drive = () => {
  return (
    <Box sx={{ display: 'flex' }}>
      <CssBaseline />
-      <SideBar directoryData={directoryData} handleSelect={handleSelect} />
+      <SideBar
        selectedFilePath={selectedFilePath}
        directoryData={directoryData}
        handleSelect={handleSelect}
      />
      <Main
        selectedFilePath={selectedFilePath}
        removeFileFromTree={removeFileFromTree}
--- a/web/src/containers/Drive/sideBar.tsx
+++ b/web/src/containers/Drive/sideBar.tsx
@@ -1,4 +1,4 @@
-import React from 'react'
+import React, { useMemo } from 'react'
 import { makeStyles } from '@mui/styles'
@@ -30,13 +30,27 @@ const useStyles = makeStyles(() => ({
 const drawerWidth = 240
 type Props = {
  selectedFilePath: string
  directoryData: TreeNode | null
  handleSelect: (node: TreeNode) => void
 }
-const SideBar = ({ directoryData, handleSelect }: Props) => {
+const SideBar = ({ selectedFilePath, directoryData, handleSelect }: Props) => {
  const classes = useStyles()
  const defaultExpanded = useMemo(() => {
    const splittedPath = selectedFilePath.split('/')
    const arr = ['']
    let nodeId = ''
    splittedPath.forEach((path) => {
      if (path !== '') {
        nodeId += '/' + path
        arr.push(nodeId)
      }
    })
    return arr
  }, [selectedFilePath])
  const renderTree = (nodes: TreeNode) => (
    <TreeItem
      classes={{ root: classes.root }}
@@ -72,7 +86,8 @@ const SideBar = ({ directoryData, handleSelect }: Props) => {
          <TreeView
            defaultCollapseIcon={<ExpandMoreIcon />}
            defaultExpandIcon={<ChevronRightIcon />}
-            defaultExpanded={[directoryData.relativePath]}
+            defaultExpanded={defaultExpanded}
            selected={defaultExpanded.slice(-1)}
          >
            {renderTree(directoryData)}
          </TreeView>
--- a/web/src/containers/Studio/index.tsx
+++ b/web/src/containers/Studio/index.tsx
@@ -2,7 +2,7 @@ import React, { useEffect, useRef, useState } from 'react'
 import axios from 'axios'
 import Box from '@mui/material/Box'
-import { Button, Paper, Stack, Tab } from '@mui/material'
+import { Button, Paper, Stack, Tab, Tooltip } from '@mui/material'
 import { makeStyles } from '@mui/styles'
 import Editor, { OnMount } from '@monaco-editor/react'
 import { useLocation } from 'react-router-dom'
@@ -15,6 +15,17 @@ const useStyles = makeStyles(() => ({
    '&.Mui-selected': {
      color: 'black'
    }
  },
  subMenu: {
    marginTop: '25px',
    display: 'flex',
    justifyContent: 'center'
  },
  runButton: {
    display: 'flex',
    alignItems: 'center',
    padding: '5px 5px',
    minWidth: 'unset'
  }
 }))
@@ -22,8 +33,10 @@ const Studio = () => {
  const location = useLocation()
  const [fileContent, setFileContent] = useState('')
  const [log, setLog] = useState('')
  const [ctrlPressed, setCtrlPressed] = useState(false)
  const [webout, setWebout] = useState('')
  const [tab, setTab] = React.useState('1')
  const handleTabChange = (_e: any, newValue: string) => {
    setTab(newValue)
  }
@@ -50,25 +63,9 @@ const Studio = () => {
          .map((logLine: any) => logLine.line)
          .join('\n')
-        setLog(`<div><h2>SAS Log</h2><pre>${parsedLog}</pre></div>`)
+        setLog(parsedLog)
-        let weboutString: string
+        setWebout(`${res.data?._webout}`)
        try {
          weboutString = res.data._webout
            .split('>>weboutBEGIN<<')[1]
            .split('>>weboutEND<<')[0]
        } catch (_) {
          weboutString = res?.data?._webout ?? ''
        }
        let webout: string
        try {
          webout = JSON.stringify(JSON.parse(weboutString), null, 4)
        } catch (_) {
          webout = weboutString
        }
        setWebout(`<pre><code>${webout}</code></pre>`)
        setTab('2')
        // Scroll to bottom of log
@@ -77,6 +74,21 @@ const Studio = () => {
      .catch((err) => console.log(err))
  }
  const handleKeyDown = (event: any) => {
    if (event.ctrlKey) {
      if (event.key === 'v') {
        setCtrlPressed(false)
      }
      if (event.key === 'Enter') runCode(getSelection() || fileContent)
      if (!ctrlPressed) setCtrlPressed(true)
    }
  }
  const handleKeyUp = (event: any) => {
    if (!event.ctrlKey && ctrlPressed) setCtrlPressed(false)
  }
  useEffect(() => {
    const content = localStorage.getItem('fileContent') ?? ''
    setFileContent(content)
@@ -100,73 +112,89 @@ const Studio = () => {
  }, [location.search])
  const classes = useStyles()
  return (
-    <>
+    <Box
-      <br />
+      onKeyUp={handleKeyUp}
-      <br />
+      onKeyDown={handleKeyDown}
-      <br />
+      sx={{ width: '100%', typography: 'body1', marginTop: '50px' }}
-      <Box sx={{ width: '100%', typography: 'body1' }}>
+    >
-        <TabContext value={tab}>
+      <TabContext value={tab}>
-          <Box
+        <Box
-            sx={{
+          sx={{
-              borderBottom: 1,
+            borderBottom: 1,
-              borderColor: 'divider'
+            borderColor: 'divider'
-            }}
+          }}
-            style={{ position: 'fixed', background: 'white', width: '100%' }}
+          style={{ position: 'fixed', background: 'white', width: '100%' }}
-          >
+        >
-            <TabList onChange={handleTabChange} centered>
+          <TabList onChange={handleTabChange} centered>
-              <Tab className={classes.root} label="Code" value="1" />
+            <Tab className={classes.root} label="Code" value="1" />
-              <Tab className={classes.root} label="Log" value="2" />
+            <Tab className={classes.root} label="Log" value="2" />
            <Tooltip title="Displays content from the _webout fileref">
              <Tab className={classes.root} label="Webout" value="3" />
-            </TabList>
+            </Tooltip>
-          </Box>
+          </TabList>
-          <TabPanel value="1">
+        </Box>
-            {/* <Toolbar /> */}
+
-            <Paper
+        <TabPanel style={{ paddingBottom: 0 }} value="1">
-              sx={{
+          <div className={classes.subMenu}>
-                height: '70vh',
+            <Tooltip title="CTRL+ENTER will also run SAS code">
-                marginTop: '50px',
+              <Button onClick={handleRunBtnClick} className={classes.runButton}>
-                padding: '10px',
+                <img
-                overflow: 'auto',
+                  draggable="false"
-                position: 'relative'
+                  style={{ width: '25px' }}
-              }}
+                  src="/running-sas.png"
-              elevation={3}
+                ></img>
-            >
+                <span style={{ fontSize: '12px' }}>RUN</span>
              <Editor
                height="95%"
                value={fileContent}
                onMount={handleEditorDidMount}
                onChange={(val) => {
                  if (val) setFileContent(val)
                }}
              />
            </Paper>
            <Stack
              spacing={3}
              direction="row"
              sx={{ justifyContent: 'center', marginTop: '20px' }}
            >
              <Button variant="contained" onClick={handleRunBtnClick}>
                Run SAS Code
              </Button>
-            </Stack>
+            </Tooltip>
-          </TabPanel>
+          </div>
-          <TabPanel value="2">
+          {/* <Toolbar /> */}
-            <div
+          <Paper
-              id="sas_log"
+            sx={{
-              style={{ marginTop: '50px' }}
+              height: 'calc(100vh - 170px)',
-              dangerouslySetInnerHTML={{ __html: log }}
+              padding: '10px',
              overflow: 'auto',
              position: 'relative'
            }}
            elevation={3}
          >
            <Editor
              height="98%"
              value={fileContent}
              onMount={handleEditorDidMount}
              options={{ readOnly: ctrlPressed }}
              onChange={(val) => {
                if (val) setFileContent(val)
              }}
            />
-          </TabPanel>
+            <p
-          <TabPanel value="3">
+              style={{
-            <div
+                position: 'absolute',
-              style={{ marginTop: '50px' }}
+                left: 0,
-              dangerouslySetInnerHTML={{ __html: webout }}
+                right: 0,
-            />
+                bottom: -10,
-          </TabPanel>
+                textAlign: 'center',
-        </TabContext>
+                fontSize: '13px'
-      </Box>
+              }}
-    </>
+            >
              Press CTRL + ENTER to run SAS code
            </p>
          </Paper>
        </TabPanel>
        <TabPanel value="2">
          <div style={{ marginTop: '50px' }}>
            <h2>SAS Log</h2>
            <pre>{log}</pre>
          </div>
        </TabPanel>
        <TabPanel value="3">
          <div style={{ marginTop: '50px' }}>
            <pre>{webout}</pre>
          </div>
        </TabPanel>
      </TabContext>
    </Box>
  )
 }
--- a/web/src/context/appContext.tsx
+++ b/web/src/context/appContext.tsx
@@ -0,0 +1,85 @@
 import React, {
  createContext,
  Dispatch,
  SetStateAction,
  useState,
  useEffect,
  useCallback,
  ReactNode
 } from 'react'
 import axios from 'axios'
 interface AppContextProps {
  checkingSession: boolean
  loggedIn: boolean
  setLoggedIn: Dispatch<SetStateAction<boolean>> | null
  username: string
  setUsername: Dispatch<SetStateAction<string>> | null
  displayName: string
  setDisplayName: Dispatch<SetStateAction<string>> | null
  logout: (() => void) | null
 }
 export const AppContext = createContext<AppContextProps>({
  checkingSession: false,
  loggedIn: false,
  setLoggedIn: null,
  username: '',
  setUsername: null,
  displayName: '',
  setDisplayName: null,
  logout: null
 })
 const AppContextProvider = (props: { children: ReactNode }) => {
  const { children } = props
  const [checkingSession, setCheckingSession] = useState(false)
  const [loggedIn, setLoggedIn] = useState(false)
  const [username, setUsername] = useState('')
  const [displayName, setDisplayName] = useState('')
  useEffect(() => {
    setCheckingSession(true)
    axios
      .get('/SASjsApi/session')
      .then((res) => res.data)
      .then((data: any) => {
        setCheckingSession(false)
        setLoggedIn(true)
        setUsername(data.username)
        setDisplayName(data.displayName)
      })
      .catch(() => {
        setLoggedIn(false)
        axios.get('/') // get CSRF TOKEN
      })
  }, [])
  const logout = useCallback(() => {
    axios.get('/logout').then(() => {
      setLoggedIn(false)
      setUsername('')
      setDisplayName('')
    })
  }, [])
  return (
    <AppContext.Provider
      value={{
        checkingSession,
        loggedIn,
        setLoggedIn,
        username,
        setUsername,
        displayName,
        setDisplayName,
        logout
      }}
    >
      {children}
    </AppContext.Provider>
  )
 }
 export default AppContextProvider
--- a/web/src/index.tsx
+++ b/web/src/index.tsx
@@ -2,10 +2,25 @@ import React from 'react'
 import ReactDOM from 'react-dom'
 import './index.css'
 import App from './App'
 import AppContextProvider from './context/appContext'
 import axios from 'axios'
 const NODE_ENV = process.env.NODE_ENV
 const PORT_API = process.env.PORT_API
 const baseUrl =
  NODE_ENV === 'development' ? `http://localhost:${PORT_API ?? 5000}` : ''
 axios.defaults = Object.assign(axios.defaults, {
  withCredentials: true,
  baseURL: baseUrl
 })
 ReactDOM.render(
  <React.StrictMode>
-    <App />
+    <AppContextProvider>
      <App />
    </AppContextProvider>
  </React.StrictMode>,
  document.getElementById('root')
 )
Author	SHA1	Message	Date
Allan Bowe	09611cb416	chore(release): 0.0.60	2022-04-30 18:53:44 +00:00
Allan Bowe	2a9bb6e6b1	Merge pull request #155 from sasjs/api-access-via-session-authentication fix: added CSRF check for granting access via session authentication	2022-04-30 21:44:35 +03:00
Saad Jutt	b4b60c69cf	fix: setting CSRF Token for only rendering SPA	2022-04-30 06:32:24 +05:00
Saad Jutt	b060ad1b8e	fix: added CSRF check for granting access via session authentication	2022-04-30 05:04:27 +05:00
munja	d47ed6d0e8	chore(release): 0.0.59	2022-04-29 13:28:34 +01:00
Muhammad Saad	a6993ef5ae	Merge pull request #153 from sasjs/csrf-tokens-for-web feat: enabled csrf tokens for web component	2022-04-28 17:26:05 -07:00
Saad Jutt	2571fc2ca8	chore: README.md updated	2022-04-29 05:09:11 +05:00
Saad Jutt	992f39b63a	chore: lint fix	2022-04-29 04:11:29 +05:00
Saad Jutt	1ea3f6d8b3	chore: corrected order for web route	2022-04-29 03:11:08 +05:00
Saad Jutt	e462aebdc0	feat: enabled csrf tokens for web component	2022-04-29 02:59:48 +05:00
Muhammad Saad	13403517a4	Merge pull request #150 from sasjs/session-based-authentication feat: enabled session based authentication for web	2022-04-28 07:11:45 -07:00
Saad Jutt	c3c2048e75	chore: temp	2022-04-28 07:15:36 +05:00
Saad Jutt	1d8acc36eb	chore: temp	2022-04-28 07:15:09 +05:00
Saad Jutt	4c7ad56326	test: fixed specs	2022-04-28 07:07:56 +05:00
Saad Jutt	e57443f1ed	fix(web): show display name instead of username	2022-04-28 07:00:49 +05:00
Saad Jutt	5da93f318a	feat: enabled session based authentication for web	2022-04-28 06:44:25 +05:00
Muhammad Saad	a30fb1a241	Merge pull request #141 from sasjs/issue-135 fix: fetch client from DB for each request	2022-04-27 12:09:41 -07:00
Allan Bowe	4ae8f35e9a	chore(release): 0.0.58	2022-04-24 20:25:08 +00:00
Saad Jutt	ebb46f51b6	chore: fix specs	2022-04-24 05:29:42 +05:00
Saad Jutt	fe24f51ca2	test: fix specs	2022-04-24 05:17:25 +05:00
Saad Jutt	fd15f3fb41	test: fix specs	2022-04-24 05:11:56 +05:00
Saad Jutt	7d31ee7696	chore: Merge branch 'main' into issue-135	2022-04-24 05:08:31 +05:00
Allan Bowe	667e26b080	Merge pull request #142 from sasjs/contribute npm scripts updated	2022-04-24 02:48:07 +03:00
munja	d09876c05f	fix: missing dependency	2022-04-24 00:46:14 +01:00
Saad Jutt	fb8e18be75	chore: fix vulnerabilites	2022-04-24 04:38:28 +05:00
Saad Jutt	7ac7a4e083	chore: added start:prod npm script	2022-04-24 04:36:42 +05:00
Allan Bowe	8e23786dd4	Update CONTRIBUTING.md	2022-04-24 00:31:41 +01:00
Allan Bowe	4bd01bcf29	Update CONTRIBUTING.md	2022-04-24 00:30:29 +01:00
Saad Jutt	4ad8c81e49	fix: fetch client from DB for each request	2022-04-24 04:16:13 +05:00
Allan Bowe	51f6aa34a1	Merge pull request #140 from sasjs/corebump fix: bumping core library to get latest user management macros	2022-04-24 02:02:16 +03:00
Allan Bowe	486207128d	fix: bumping core library to get latest user management macros	2022-04-23 22:54:34 +00:00
Allan Bowe	1e4b0b9171	Update README.md	2022-04-21 12:38:31 +01:00
Allan Bowe	1ff820605a	chore(release): 0.0.57	2022-04-21 09:27:23 +00:00
Muhammad Saad	9c1a781b3a	Merge pull request #136 from sasjs/issue-78 feat: add user name and logout functionality	2022-04-20 16:57:32 -07:00
Sabir Hassan	36628551ae	chore(web): use AppContext instead of useTokens Hook	2022-04-21 04:37:40 +05:00
Sabir Hassan	23cf8fa06f	chore(web): add user name at top right	2022-04-21 04:36:20 +05:00
Sabir Hassan	84ee743eae	feat: create AppContext	2022-04-21 04:34:27 +05:00
Allan Bowe	19e5bd7d2d	chore: updating README with docs on linux jobs as approach for running server as background job	2022-04-20 13:16:06 +00:00
Allan Bowe	e251747302	chore(release): 0.0.56	2022-04-20 08:44:48 +00:00
Allan Bowe	7e7558d4cf	Merge pull request #133 from sasjs/allanbowe/lengths-of-username-password-61 fix: shortening min length of username. Closes #61	2022-04-20 11:44:15 +03:00
Allan Bowe	f02996facf	fix: shortening min length of username. Closes #61	2022-04-20 08:43:38 +00:00
Saad Jutt	803c51f400	chore(release): 0.0.55	2022-04-20 07:15:33 +05:00
Muhammad Saad	c35b2b3f59	Merge pull request #132 from sasjs/fix-drive-path Fix drive path	2022-04-19 18:56:13 -07:00
Saad Jutt	fe0866ace7	chore: Merge branch 'main' into fix-drive-path	2022-04-20 06:53:31 +05:00
Muhammad Saad	1513c3623d	Merge pull request #131 from sasjs/fix-specs test: fixed unhandled timeout	2022-04-19 18:52:52 -07:00
Saad Jutt	7fe43ae0b7	test: fixed unhandled timeout	2022-04-20 06:50:11 +05:00
Saad Jutt	c4cea4a12b	fix: drive path in server mode	2022-04-20 05:54:56 +05:00
Saad Jutt	9fc7a132ba	test: fixed unhandled timout	2022-04-20 00:06:21 +05:00
Allan Bowe	d55a619d64	chore(release): 0.0.54	2022-04-19 18:40:30 +00:00
Allan Bowe	737d2a24c2	Merge pull request #130 from sasjs/db-seed fix: added db seed at server startup	2022-04-19 21:39:38 +03:00
Saad Jutt	2e63831b90	fix: added db seed at server startup	2022-04-19 23:25:05 +05:00
Saad Jutt	c7ffde1a3b	chore(release): 0.0.53	2022-04-19 21:27:07 +05:00
Saad Jutt	db70b1ce55	fix: provide clientId to web component	2022-04-19 21:26:55 +05:00
Muhammad Saad	8a3fe8b217	Merge pull request #129 from sasjs/improve-UX-in-drive fix: improve user experience in sasjs drive	2022-04-18 13:10:57 -07:00
Sabir Hassan	9dca552e82	fix(drive):when page is refreshed or reloaded show expand file tree according to filePath in url	2022-04-19 00:40:37 +05:00
Allan Bowe	505f2089c7	chore(release): 0.0.52	2022-04-17 21:26:59 +00:00
Muhammad Saad	3344c400a8	Merge pull request #127 from sasjs/add-server-info-api-endpoint feat: add api endpoint for getting server info	2022-04-17 12:48:12 -07:00
Sabir Hassan	fa6248e3ef	chore: swagger.yml updated	2022-04-17 23:53:20 +05:00
Sabir Hassan	9fb5f1f8e7	feat: add api for getting server info	2022-04-17 23:48:08 +05:00
munja	92e0b8a088	chore(release): 0.0.51	2022-04-15 14:30:43 +01:00
Allan Bowe	b484306ed8	Merge pull request #126 from sasjs/issue-119 running code with CTRL+ENTER	2022-04-15 16:29:23 +03:00
Mihajlo	5e08aacc51	chore: css fix	2022-04-15 14:53:36 +02:00
Mihajlo	a9e4eb685d	chore: style fix	2022-04-15 14:26:45 +02:00
Mihajlo	31b09f27cc	style: lint	2022-04-15 14:23:36 +02:00
Mihajlo	9f3ec92f8e	chore: run button style fix	2022-04-15 14:23:15 +02:00
Mihajlo	6c9e449614	style: lint	2022-04-14 19:56:22 +02:00
Mihajlo	68e84b0994	feat: run button running man, sub menu added	2022-04-14 19:38:44 +02:00
Mihajlo	f0bb51a0d5	chore: placement of ctrl enter label	2022-04-13 22:12:40 +02:00
Mihajlo	b93a0da3a3	feat: running code with CTRL+ENTER	2022-04-13 15:27:41 +02:00
Allan Bowe	e5facbf54c	Update README.md	2022-04-13 12:24:42 +01:00
Allan Bowe	cb2bebbe76	Update README.md	2022-04-12 12:47:55 +01:00
Allan Bowe	9e1e0ce8cc	chore(release): 0.0.50	2022-04-07 15:25:04 +00:00
Allan Bowe	29928753b7	Update CONTRIBUTING.md	2022-04-07 16:24:36 +01:00
Allan Bowe	edd69ecaae	Merge pull request #122 from sasjs/issue121 Fixed couple of bugs + feature implemented	2022-04-07 18:23:34 +03:00
Saad Jutt	74ba65f9f3	feat(appstream): Upload an app from appStream page	2022-04-07 20:18:36 +05:00
Saad Jutt	f257602834	fix: web component UI fix for studio scrolling	2022-04-07 19:10:45 +05:00
Saad Jutt	61080d4694	fix: web component added tooltip for webout in studio	2022-04-07 18:59:31 +05:00
Saad Jutt	82633adbc4	chore: removed unused util	2022-04-07 18:48:31 +05:00
Saad Jutt	23db7e7b7d	fix: session death time has to be a valid string number	2022-04-07 18:48:22 +05:00
Saad Jutt	cbaa687c9b	chore(release): 0.0.49	2022-04-02 07:09:39 +05:00
Saad Jutt	527f70e90d	fix(stp): read file in non-binary mode if debug one	2022-04-02 07:09:27 +05:00
Saad Jutt	122faad55f	chore(release): 0.0.48	2022-04-02 07:06:18 +05:00
Saad Jutt	3ff6f5e865	fix(stp): return log+webout for debug on	2022-04-02 07:06:09 +05:00
Muhammad Saad	7d5128c0d6	Merge pull request #115 from sasjs/issue109 feat(deploy): new route added for deploy with build.json	2022-04-02 06:45:28 +05:00
Saad Jutt	e1ebbfd087	chore: increased file upload size to 100mb	2022-04-02 06:04:34 +05:00
Saad Jutt	e430bdb0d4	test(upload): spec updated for file upload exceeding limit	2022-04-02 05:51:24 +05:00
Saad Jutt	9d9769eef3	chore: increased file upload size to 100mb	2022-04-02 05:36:53 +05:00
Saad Jutt	9d167abe2a	fix: remove uploaded build.json from temp folder in all cases	2022-04-02 05:29:34 +05:00
Saad Jutt	18d0604bdd	feat(deploy): new route added for deploy with build.json	2022-04-02 05:23:25 +05:00
Saad Jutt	7b7bc6b778	chore: fix vulnerabilities	2022-03-31 01:54:40 +05:00
Saad Jutt	fb4f3442d5	chore(release): 0.0.47	2022-03-30 01:04:45 +05:00
Muhammad Saad	09d1b7d5d4	Merge pull request #114 from sasjs/show-contents-as-api-responded fix: show contents as api responded	2022-03-30 01:04:29 +05:00
Saad Jutt	99839ae62f	chore: fix vulnerabilities	2022-03-30 00:55:59 +05:00
Saad Jutt	f700561e1a	fix(web): updated STUDIO log and webout	2022-03-30 00:55:38 +05:00
Saad Jutt	8b4b4b91ab	chore(release): 0.0.46	2022-03-30 00:01:18 +05:00
Muhammad Saad	acb3ae0493	Merge pull request #113 from sasjs/issue-108 feat(drive): GET folder contents API added	2022-03-30 00:00:52 +05:00
Saad Jutt	5c0e8e5344	chore: Merge branch 'main' into issue-108	2022-03-29 23:28:03 +05:00
Saad Jutt	0ac9e4af7d	feat(drive): GET folder contents API added	2022-03-29 23:27:44 +05:00
`@@ -1,2 +1 @@`
	`PORT_API=[place sasjs server port] default value is 5000`	`PORT_API=[place sasjs server port] default value is 5000`
	`CLIENT_ID=<place clientId here>`