From 3917e9e55a84fbf6786d7436985de14075e712aa Mon Sep 17 00:00:00 2001
From: Happy Felix Chukwuma <happychukwuma@gmail.com>
Date: Wed, 21 Aug 2024 13:50:01 +0100
Subject: [PATCH] chore(fix): Added get csrf token implementation

---
 .../migrations/0009_alter_article_thumb.py    | 19 ++++++++++++++++++
 server/core/config/base.py                    |  1 -
 server/core/config/local.py                   |  1 +
 server/core/config/production.py              | 20 ++++++++++++++++---
 4 files changed, 37 insertions(+), 4 deletions(-)
 create mode 100644 server/apps/research/migrations/0009_alter_article_thumb.py

diff --git a/server/apps/research/migrations/0009_alter_article_thumb.py b/server/apps/research/migrations/0009_alter_article_thumb.py
new file mode 100644
index 0000000..5c7bcd0
--- /dev/null
+++ b/server/apps/research/migrations/0009_alter_article_thumb.py
@@ -0,0 +1,19 @@
+# Generated by Django 5.0.8 on 2024-08-21 12:39
+
+import apps.research.models.article
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('research', '0008_alter_article_content'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='article',
+            name='thumb',
+            field=models.ImageField(blank=True, default=apps.research.models.article.get_default_thumb, upload_to='images/'),
+        ),
+    ]
diff --git a/server/core/config/base.py b/server/core/config/base.py
index d4f402d..09ddeac 100644
--- a/server/core/config/base.py
+++ b/server/core/config/base.py
@@ -160,7 +160,6 @@
 
 STATIC_URL = '/static/'
 STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')
-MEDIA_URL = 'https://cms.2077.xyz/media/'
 
 MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
 
diff --git a/server/core/config/local.py b/server/core/config/local.py
index 1d12527..1d96b34 100644
--- a/server/core/config/local.py
+++ b/server/core/config/local.py
@@ -1,5 +1,6 @@
 from .base import *
 
+MEDIA_URL = '/media/'
 
 CSRF_TRUSTED_ORIGINS = [
     'http://127.0.0.1:8000',
diff --git a/server/core/config/production.py b/server/core/config/production.py
index 0a0a318..e510af9 100644
--- a/server/core/config/production.py
+++ b/server/core/config/production.py
@@ -1,10 +1,24 @@
 from .base import *
 
+MEDIA_URL = 'https://cms.2077.xyz/media/'
+
 DEBUG = bool(config('DJANGO_DEBUG', default=False))
 
 ALLOWED_HOSTS = ['74.119.195.253', 'cms.2077.xyz']
 
-CSRF_TRUSTED_ORIGINS = ["https://" + host for host in ALLOWED_HOSTS]
+CSRF_TRUSTED_ORIGINS = []
+for host in ALLOWED_HOSTS:
+    CSRF_TRUSTED_ORIGINS.append(f"https://{host}")
+    CSRF_TRUSTED_ORIGINS.append(f"http://{host}")
+
+CORS_ALLOWED_ORIGINS = [
+    "https://cms.2077.xyz", # Https version of Django
+    "http://74.119.195.253", # Http version of Astro
+    "http://127.0.0.1:4321", # Local Dev
+    "http://localhost:4321", # Local Dev
+    ]
+
+CORS_ALLOW_CREDENTIALS = True
 
 #REDISCLOUD_URL = config("REDISCLOUD_URL")
 
@@ -27,7 +41,7 @@
 
 CSP_SCRIPT_SRC = ("self",)
 
-CSP_IMG_SRC = ("self", "http://cms.2077.xyz", "https:cms.2077.xyz")
+CSP_IMG_SRC = ("self", "http://cms.2077.xyz", "https://cms.2077.xyz", "http://74.119.195.253")
 
 CSP_FONT_SRC = ("self",)
 
@@ -43,4 +57,4 @@
 
 SECURE_SSL_REDIRECT = False
 
-SESSION_COOKIE_SECURE = True
+SESSION_COOKIE_SECURE = True
\ No newline at end of file