import good changes and comment prod only changes

personalWebpage/personalWebpage/settings.py

@@ -22,12 +22,16 @@ BASE_DIR = Path(__file__).resolve().parent.parent
 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = 'django-insecure-&az@!wa-x@+y6cs#q(0ak6ju+3t$46o#5u)i4dn%t9ftn5@dx%'
 
-# SECURITY WARNING: don't run with debug turned on in production!
+""" Prod
+with open("/home/django/secret_key.txt") as f:
+    SECRET_KEY = f.read().strip()
+"""
+# SECURITY WARNING: don't run with debug turned on in production! 
 DEBUG = True
 
-ALLOWED_HOSTS = []
-
-
+ALLOWED_HOSTS = ["yari.fai.st", "localhost"]
+CSRF_COOKIE_SECURE = True
+SESSION_COOKIE_SECURE = True
 # Application definition
 
 INSTALLED_APPS = [
@@ -116,9 +120,17 @@ USE_TZ = True
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/4.2/howto/static-files/
 
-STATIC_URL = 'static/'
+STATIC_URL = "static/"
+STATIC_ROOT = "static/"
+
 
 # Default primary key field type
 # https://docs.djangoproject.com/en/4.2/ref/settings/#default-auto-field
 
 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+# CSRF stuff
+CSRF_TRUSTED_ORIGINS = [
+    'http://localhost:8000',
+    "https://yari.fai.st"
+]