diff --git a/backend/ypovoli/settings.py b/backend/ypovoli/settings.py index 44171472..98fd8b85 100644 --- a/backend/ypovoli/settings.py +++ b/backend/ypovoli/settings.py @@ -10,12 +10,13 @@ https://docs.djangoproject.com/en/5.0/ref/settings/ """ -from django.utils.translation import gettext_lazy as _ import os from datetime import timedelta from os import environ from pathlib import Path +from django.utils.translation import gettext_lazy as _ + # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent MEDIA_ROOT = os.path.normpath(os.path.join(BASE_DIR, "data/production")) @@ -30,6 +31,7 @@ DEBUG = environ.get("DJANGO_DEBUG", "False").lower() in ["true", "1", "t"] DOMAIN_NAME = environ.get("DJANGO_DOMAIN_NAME", "localhost") ALLOWED_HOSTS = [DOMAIN_NAME] +CSRF_TRUSTED_ORIGINS = ["https://" + DOMAIN_NAME] # Application definition @@ -40,12 +42,10 @@ "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", - "rest_framework_swagger", # Swagger "rest_framework", # Django rest framework "drf_yasg", # Yet Another Swagger generator "sslserver", # Used for local SSL support (needed by CAS) - "authentication", # Ypovoli authentication "api", # Ypovoli logic of the base application "notifications", # Ypovoli notifications diff --git a/data/nginx/nginx.prod.conf b/data/nginx/nginx.prod.conf index 042f9859..8d59a46f 100644 --- a/data/nginx/nginx.prod.conf +++ b/data/nginx/nginx.prod.conf @@ -34,14 +34,6 @@ http { proxy_redirect off; } - location /auth/ { - rewrite ^/auth/(.*)$ /$1 break; - proxy_pass http://backend; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $host; - proxy_redirect off; - } - location / { proxy_pass http://frontend; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; @@ -49,4 +41,4 @@ http { proxy_redirect off; } } -} \ No newline at end of file +}