Move Django to https

6 years ago · 2812685868
parent 31a0112f9b
commit 2812685868
1 changed files with 8 additions and 6 deletions
--- a/authserver/authserver/settings.py
+++ b/authserver/authserver/settings.py
@ -47,12 +47,6 @@ REST_FRAMEWORK = {
    ),
 }

-#CORS_ORIGIN_WHITELIST = (
-#    'localhost:8000',
-#)
-
-CORS_ORIGIN_ALLOW_ALL = True
-
 MIDDLEWARE = [
    'corsheaders.middleware.CorsMiddleware',
    'django.middleware.security.SecurityMiddleware',
@ -82,10 +76,18 @@ TEMPLATES = [
    },
 ]

+SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
+
 WSGI_APPLICATION = 'authserver.wsgi.application'

 ALLOWED_HOSTS = ['localhost', '127.0.0.1', '172.17.17.65', 'tools-auth.protospace.ca']

+#CORS_ORIGIN_WHITELIST = (
+#    'localhost:8000',
+#)
+
+CORS_ORIGIN_ALLOW_ALL = True
+
 # Database
 # https://docs.djangoproject.com/en/2.1/ref/settings/#databases