From 053106c47401c203d6124c9d904d7a7195d30bac Mon Sep 17 00:00:00 2001 From: MaziniiX Date: Fri, 21 Jun 2024 09:23:26 +0200 Subject: [PATCH] fix csrf list --- Django_Frontend/monprojet/monprojet/settings.py | 6 +++--- Django_api/airline/airline/settings.py | 6 +++--- Docker-test/docker-compose.yml | 2 ++ 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/Django_Frontend/monprojet/monprojet/settings.py b/Django_Frontend/monprojet/monprojet/settings.py index 1a4cd3a..d4a014c 100644 --- a/Django_Frontend/monprojet/monprojet/settings.py +++ b/Django_Frontend/monprojet/monprojet/settings.py @@ -47,7 +47,7 @@ if ENVIRONMENT == 'development' or ENVIRONMENT == 'test': ALLOWED_HOSTS = ['*'] else: - ALLOWED_HOSTS = "api" + os.getenv('DOMAIN') + ALLOWED_HOSTS = [os.getenv('DOMAIN')] # Application definition @@ -71,8 +71,8 @@ 'django.middleware.clickjacking.XFrameOptionsMiddleware', ] -if ENVIRONMENT == 'production': - CSRF_TRUSTED_ORIGINS = os.getenv('DJANGO_ORIGIN').split(',') +if ENVIRONMENT != 'development': + CSRF_TRUSTED_ORIGINS = ["https://" + os.getenv('DOMAIN')] ROOT_URLCONF = 'monprojet.urls' diff --git a/Django_api/airline/airline/settings.py b/Django_api/airline/airline/settings.py index 21ad379..58d5b92 100644 --- a/Django_api/airline/airline/settings.py +++ b/Django_api/airline/airline/settings.py @@ -39,7 +39,7 @@ if ENVIRONMENT == 'development' or ENVIRONMENT == 'test': ALLOWED_HOSTS = ['*'] else: - ALLOWED_HOSTS = "api" + os.getenv('DOMAIN') + ALLOWED_HOSTS = ["api" + os.getenv('DOMAIN')] @@ -68,8 +68,8 @@ 'django.middleware.clickjacking.XFrameOptionsMiddleware', ] -if ENVIRONMENT == 'production': - CSRF_TRUSTED_ORIGINS = "https://api." + os.getenv('DOMAIN') +if ENVIRONMENT != 'development': + CSRF_TRUSTED_ORIGINS = ["https://api." + os.getenv('DOMAIN')] ROOT_URLCONF = 'airline.urls' diff --git a/Docker-test/docker-compose.yml b/Docker-test/docker-compose.yml index 86e7813..bcdc55d 100644 --- a/Docker-test/docker-compose.yml +++ b/Docker-test/docker-compose.yml @@ -56,6 +56,7 @@ services: context: ../ dockerfile: ./Docker-test/API/Dockerfile environment: + DOMAIN: ${DOMAIN} DJANGO_ENVIRONMENT: ${DJANGO_ENVIRONMENT} DJANGO_DB_NAME: ${POSTGRES_DB} DJANGO_DB_USER: ${POSTGRES_USER} @@ -83,6 +84,7 @@ services: context: ../ dockerfile: ./Docker-test/Frontend/Django/Dockerfile environment: + DOMAIN: ${DOMAIN} DJANGO_ENVIRONMENT: ${DJANGO_ENVIRONMENT} DJANGO_DB_NAME: ${POSTGRES_DB} DJANGO_DB_USER: ${POSTGRES_USER}