Add CORS headers when in DEBUG mode

server/requirements.txt

@@ -7,6 +7,7 @@ defusedxml==0.7.1
 dj-rest-auth==2.1.4
 Django==3.2
 django-allauth==0.44.0
+django-cors-headers==3.7.0
 django-rest-framework==0.1.0
 djangorestframework==3.12.4
 idna==2.10

server/server/settings.py

@@ -36,9 +36,10 @@ ALLOWED_HOSTS = [
 ]
 
 if DEBUG:
-    ALLOWED_HOSTS += [
+    ALLOWED_HOSTS = [
         '*',
     ]
+    CORS_ALLOW_ALL_ORIGINS = True
 
 
 # Application definition
@@ -51,6 +52,7 @@ INSTALLED_APPS = [
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'django.contrib.sites',
+    'corsheaders',
     'rest_framework',
     'rest_framework.authtoken',
     'allauth',
@@ -61,6 +63,7 @@ INSTALLED_APPS = [
 ]
 
 MIDDLEWARE = [
+    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',