From 8c699e94bd40d5a8dc93199e088142c3f97829aa Mon Sep 17 00:00:00 2001
From: Alie <bizcochito@anartist.org>
Date: Fri, 14 Jul 2023 19:53:52 +0200
Subject: [PATCH] import good changes and comment prod only changes

---
 personalWebpage/personalWebpage/settings.py | 22 ++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)
 mode change 100644 => 100755 personalWebpage/personalWebpage/settings.py

diff --git a/personalWebpage/personalWebpage/settings.py b/personalWebpage/personalWebpage/settings.py
old mode 100644
new mode 100755
index 892ef0e..fd40936
--- a/personalWebpage/personalWebpage/settings.py
+++ b/personalWebpage/personalWebpage/settings.py
@@ -22,12 +22,16 @@ BASE_DIR = Path(__file__).resolve().parent.parent
 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = 'django-insecure-&az@!wa-x@+y6cs#q(0ak6ju+3t$46o#5u)i4dn%t9ftn5@dx%'
 
-# SECURITY WARNING: don't run with debug turned on in production!
+""" Prod
+with open("/home/django/secret_key.txt") as f:
+    SECRET_KEY = f.read().strip()
+"""
+# SECURITY WARNING: don't run with debug turned on in production! 
 DEBUG = True
 
-ALLOWED_HOSTS = []
-
-
+ALLOWED_HOSTS = ["yari.fai.st", "localhost"]
+CSRF_COOKIE_SECURE = True
+SESSION_COOKIE_SECURE = True
 # Application definition
 
 INSTALLED_APPS = [
@@ -116,9 +120,17 @@ USE_TZ = True
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/4.2/howto/static-files/
 
-STATIC_URL = 'static/'
+STATIC_URL = "static/"
+STATIC_ROOT = "static/"
+
 
 # Default primary key field type
 # https://docs.djangoproject.com/en/4.2/ref/settings/#default-auto-field
 
 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+# CSRF stuff
+CSRF_TRUSTED_ORIGINS = [
+    'http://localhost:8000',
+    "https://yari.fai.st"
+]
\ No newline at end of file