From 8c699e94bd40d5a8dc93199e088142c3f97829aa Mon Sep 17 00:00:00 2001 From: Alie Date: Fri, 14 Jul 2023 19:53:52 +0200 Subject: [PATCH] import good changes and comment prod only changes --- personalWebpage/personalWebpage/settings.py | 22 ++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) mode change 100644 => 100755 personalWebpage/personalWebpage/settings.py diff --git a/personalWebpage/personalWebpage/settings.py b/personalWebpage/personalWebpage/settings.py old mode 100644 new mode 100755 index 892ef0e..fd40936 --- a/personalWebpage/personalWebpage/settings.py +++ b/personalWebpage/personalWebpage/settings.py @@ -22,12 +22,16 @@ BASE_DIR = Path(__file__).resolve().parent.parent # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = 'django-insecure-&az@!wa-x@+y6cs#q(0ak6ju+3t$46o#5u)i4dn%t9ftn5@dx%' -# SECURITY WARNING: don't run with debug turned on in production! +""" Prod +with open("/home/django/secret_key.txt") as f: + SECRET_KEY = f.read().strip() +""" +# SECURITY WARNING: don't run with debug turned on in production! DEBUG = True -ALLOWED_HOSTS = [] - - +ALLOWED_HOSTS = ["yari.fai.st", "localhost"] +CSRF_COOKIE_SECURE = True +SESSION_COOKIE_SECURE = True # Application definition INSTALLED_APPS = [ @@ -116,9 +120,17 @@ USE_TZ = True # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/4.2/howto/static-files/ -STATIC_URL = 'static/' +STATIC_URL = "static/" +STATIC_ROOT = "static/" + # Default primary key field type # https://docs.djangoproject.com/en/4.2/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' + +# CSRF stuff +CSRF_TRUSTED_ORIGINS = [ + 'http://localhost:8000', + "https://yari.fai.st" +] \ No newline at end of file