chore(fix): Added get csrf token implementation

2077-Collective · Aug 21, 2024 · 3917e9e · 3917e9e
1 parent 0f775f0
commit 3917e9e
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 4 deletions.
diff --git a/server/apps/research/migrations/0009_alter_article_thumb.py b/server/apps/research/migrations/0009_alter_article_thumb.py
@@ -0,0 +1,19 @@
+# Generated by Django 5.0.8 on 2024-08-21 12:39
+
+import apps.research.models.article
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('research', '0008_alter_article_content'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='article',
+            name='thumb',
+            field=models.ImageField(blank=True, default=apps.research.models.article.get_default_thumb, upload_to='images/'),
+        ),
+    ]
diff --git a/server/core/config/base.py b/server/core/config/base.py
@@ -160,7 +160,6 @@
 
 STATIC_URL = '/static/'
 STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')
-MEDIA_URL = 'https://cms.2077.xyz/media/'
 
 MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
 

diff --git a/server/core/config/local.py b/server/core/config/local.py
@@ -1,5 +1,6 @@
 from .base import *
 
+MEDIA_URL = '/media/'
 
 CSRF_TRUSTED_ORIGINS = [
     'http://127.0.0.1:8000',

diff --git a/server/core/config/production.py b/server/core/config/production.py
@@ -1,10 +1,24 @@
 from .base import *
 
+MEDIA_URL = 'https://cms.2077.xyz/media/'
+
 DEBUG = bool(config('DJANGO_DEBUG', default=False))
 
 ALLOWED_HOSTS = ['74.119.195.253', 'cms.2077.xyz']
 
-CSRF_TRUSTED_ORIGINS = ["https://" + host for host in ALLOWED_HOSTS]
+CSRF_TRUSTED_ORIGINS = []
+for host in ALLOWED_HOSTS:
+    CSRF_TRUSTED_ORIGINS.append(f"https://{host}")
+    CSRF_TRUSTED_ORIGINS.append(f"http://{host}")
+
+CORS_ALLOWED_ORIGINS = [
+    "https://cms.2077.xyz", # Https version of Django
+    "http://74.119.195.253", # Http version of Astro
+    "http://127.0.0.1:4321", # Local Dev
+    "http://localhost:4321", # Local Dev
+    ]
+
+CORS_ALLOW_CREDENTIALS = True
 
 #REDISCLOUD_URL = config("REDISCLOUD_URL")
 
@@ -27,7 +41,7 @@
 
 CSP_SCRIPT_SRC = ("self",)
 
-CSP_IMG_SRC = ("self", "http://cms.2077.xyz", "https:cms.2077.xyz")
+CSP_IMG_SRC = ("self", "http://cms.2077.xyz", "https://cms.2077.xyz", "http://74.119.195.253")
 
 CSP_FONT_SRC = ("self",)
 
@@ -43,4 +57,4 @@
 
 SECURE_SSL_REDIRECT = False
 
-SESSION_COOKIE_SECURE = True
+SESSION_COOKIE_SECURE = True