fix(server): ensures frontend app url is always sourced from env in auth finalisation middleware

packages/server/modules/auth/strategies.js

@@ -48,15 +48,17 @@ module.exports = async ( app ) => {
    */
   let finalizeAuth = async ( req, res, next ) => {
     try {
-      let app = await getApp( { id: 'spklwebapp' } )
-      let ac = await createAuthorizationCode( { appId: 'spklwebapp', userId: req.user.id, challenge: req.session.challenge } )
 
+      let ac = await createAuthorizationCode( { appId: 'spklwebapp', userId: req.user.id, challenge: req.session.challenge } )
       if ( req.session ) req.session.destroy( )
-      return res.redirect( `${app.redirectUrl}?access_code=${ac}` )
+      return res.redirect( `${process.env.CANONICAL_URL}?access_code=${ac}` )
+
     } catch ( err ) {
+
       sentry( { err } )
       if ( req.session ) req.session.destroy( )
       return res.status( 401 ).send( { err: err.message } )
+
     }
   }
 

packages/server/modules/core/migrations/000-core.js

@@ -13,7 +13,7 @@ exports.up = async knex => {
     table.string( 'description' ).defaultTo( 'This a community deployment of a Speckle Server.' )
     table.string( 'adminContact' ).defaultTo( 'n/a' )
     table.string( 'termsOfService' ).defaultTo( 'n/a' )
-    table.string( 'canonicalUrl' )
+    table.string( 'canonicalUrl' ) // TODO: to be removed, it's not used anymore
     table.boolean( 'completed' ).defaultTo( false )
   } )