worker_processes                    auto;

events {
    worker_connections               1024;
}


http {

    upstream auth_server {
        server                       auth_server:80;
    }

    upstream application {
        server                       application:3000;
    }

    server {
        listen                       80;
        include                      /etc/nginx/mime.types;

        error_page                   401 /login;


        location = /auth {
            internal;

            proxy_pass               http://auth_server;

            proxy_pass_request_body  off;
            proxy_set_header         Content-Length "";
            proxy_set_header         X-Original-URI $request_uri;
            proxy_set_header         X-Original-Remote-Addr $remote_addr;
            proxy_set_header         X-Original-Host $host;
            proxy_intercept_errors   on;
        }

        location ~ ^/(login|signin|logout|get-user) {
            proxy_pass               http://auth_server;

            proxy_pass_request_body  off;
            proxy_set_header         X-Original-URI $request_uri;
            proxy_set_header         X-Original-Remote-Addr $remote_addr;
            proxy_set_header         X-Original-Host $host;
        }


        location / {
            proxy_pass               http://application/;

            auth_request             /auth;
            auth_request_set         $auth_cookie $upstream_http_set_cookie;
            add_header               Set-Cookie $auth_cookie;
        }

    }
}