From db296f49d85a6fe5515d3bd0032535b7d18ae0bd Mon Sep 17 00:00:00 2001 From: Kaladaran Date: Fri, 17 May 2024 21:10:10 +0200 Subject: [PATCH] CORS headers --- .env.template | 1 + marbas/settings.py | 6 +++++- requirements.txt | 3 ++- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/.env.template b/.env.template index adf57e1..e2503a8 100644 --- a/.env.template +++ b/.env.template @@ -19,6 +19,7 @@ POSTGRES_DB= DRF_SECRET_KEY= DRF_DEBUG= ALLOWED_HOSTS= +CORS_ALLOWED_ORIGINS= CSRF_TRUSTED_ORIGINS= OIDC_RP_CLIENT_ID= diff --git a/marbas/settings.py b/marbas/settings.py index f8b246d..e72c7a4 100644 --- a/marbas/settings.py +++ b/marbas/settings.py @@ -31,6 +31,8 @@ ALLOWED_HOSTS = os.environ.get("ALLOWED_HOSTS", "").split(",") ALLOWED_HOSTS = [] if not any(ALLOWED_HOSTS) else ALLOWED_HOSTS CSRF_TRUSTED_ORIGINS = os.environ.get("CSRF_TRUSTED_ORIGINS", "").split(",") CSRF_TRUSTED_ORIGINS = [] if not any(CSRF_TRUSTED_ORIGINS) else CSRF_TRUSTED_ORIGINS +CORS_ALLOWED_ORIGINS = os.environ.get("CORS_ALLOWED_ORIGINS", "").split(",") +CORS_ALLOWED_ORIGINS = [] if not any(CORS_ALLOWED_ORIGINS) else CORS_ALLOWED_ORIGINS # Application definition @@ -53,8 +55,9 @@ INSTALLED_APPS = [ 'authentication', 'api', 'sde', - 'esi', + # 'esi', 'django.contrib.admin', + 'corsheaders', 'django.contrib.auth', 'mozilla_django_oidc', 'django.contrib.contenttypes', @@ -69,6 +72,7 @@ INSTALLED_APPS = [ MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', + 'corsheaders.middleware.CorsMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', diff --git a/requirements.txt b/requirements.txt index f846d7b..02ea6a0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -10,4 +10,5 @@ uritemplate inflection django-esi django-health-check -mozilla-django-oidc \ No newline at end of file +mozilla-django-oidc +django-cors-headers \ No newline at end of file