Skip to content

Commit

Permalink
fix: domains
Browse files Browse the repository at this point in the history
  • Loading branch information
@SKairinos
SKairinos committed Feb 12, 2025
1 parent 3534aeb commit c29744c
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 5 deletions.
16 changes: 13 additions & 3 deletions codeforlife/settings/custom.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
"""

import os
import re
import typing as t
from pathlib import Path

Expand All @@ -27,6 +28,17 @@
# The root service does not need its name included in the base url.
SERVICE_BASE_URL = f"{SERVICE_PROTOCOL}://{SERVICE_DOMAIN}:{SERVICE_PORT}"

# The domain without the last level and a preceding dot.
# If the domain does not contain multiple levels, then it remains the same.
# Examples:
# - domain: "www.example.com" -> external domain: ".example.com".
# - domain: "localhost" -> external domain: "localhost".
SERVICE_EXTERNAL_DOMAIN = (
t.cast(re.Match, re.match(r".+?(\..+)", SERVICE_DOMAIN)).group(1)
if "." in SERVICE_DOMAIN
else SERVICE_DOMAIN
)

# The frontend url of the current service.
SERVICE_SITE_URL = os.getenv("SERVICE_SITE_URL", "http://localhost:5173")

Expand All @@ -45,7 +57,5 @@
# These work the same as Django's session cookie settings.
SESSION_METADATA_COOKIE_NAME = "session_metadata"
SESSION_METADATA_COOKIE_PATH = "/"
SESSION_METADATA_COOKIE_DOMAIN = os.getenv(
"SESSION_METADATA_COOKIE_DOMAIN", "localhost"
)
SESSION_METADATA_COOKIE_DOMAIN = SERVICE_EXTERNAL_DOMAIN
SESSION_METADATA_COOKIE_SAMESITE: CookieSamesite = "Strict"
6 changes: 4 additions & 2 deletions codeforlife/settings/django.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@
ENV,
SERVICE_BASE_DIR,
SERVICE_BASE_URL,
SERVICE_DOMAIN,
SERVICE_EXTERNAL_DOMAIN,
SERVICE_NAME,
SERVICE_S3_APP_LOCATION,
SERVICE_S3_STATIC_LOCATION,
Expand Down Expand Up @@ -147,7 +149,7 @@ def get_databases():
SESSION_COOKIE_AGE = 60 * 60
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_SAMESITE = "Lax"
SESSION_COOKIE_DOMAIN = os.getenv("SESSION_COOKIE_DOMAIN", "localhost")
SESSION_COOKIE_DOMAIN = SERVICE_DOMAIN

# Security
# https://docs.djangoproject.com/en/4.2/topics/security/
Expand Down Expand Up @@ -175,7 +177,7 @@ def get_databases():
# https://docs.djangoproject.com/en/4.2/ref/csrf/

CSRF_COOKIE_NAME = f"{SERVICE_NAME}_csrftoken"
CSRF_COOKIE_DOMAIN = os.getenv("CSRF_COOKIE_DOMAIN", "localhost")
CSRF_COOKIE_DOMAIN = SERVICE_EXTERNAL_DOMAIN
CSRF_TRUSTED_ORIGINS = [SERVICE_SITE_URL]
CSRF_COOKIE_SAMESITE = "Strict"
CSRF_COOKIE_SECURE = True
Expand Down

0 comments on commit c29744c

Please sign in to comment.