fix: add csrf config

This commit is contained in:
Dariusz Niemczyk 2024-01-14 15:12:07 +01:00
parent ea5e223fcc
commit fe496e85f8
No known key found for this signature in database
2 changed files with 12 additions and 0 deletions

9
.env.example Normal file
View File

@ -0,0 +1,9 @@
SPEJSTORE_CLIENT_ID=OAUTH_ID
SPEJSTORE_SECRET=OAUTH_SECRET
SPEJSTORE_ENV=prod
SPEJSTORE_DB_NAME=postgres
SPEJSTORE_DB_PASSWORD=postgres
SPEJSTORE_DB_USER=postgres
SPEJSTORE_DB_HOST=db
SPEJSTORE_HOST="https://inventory.hackerspace.pl"
SPEJSTORE_LABEL_API=https://label.waw.hackerspace.pl

View File

@ -38,6 +38,8 @@ ALLOWED_HOSTS = env(
).split(",") ).split(",")
LOGIN_REDIRECT_URL = "/admin/" LOGIN_REDIRECT_URL = "/admin/"
CSRF_TRUSTED_ORIGINS = env("HOST", "https://inventory.hackerspace.pl").split(",")
# Application definition # Application definition
@ -225,3 +227,4 @@ LABEL_API = env("LABEL_API", "http://label.waw.hackerspace.pl:4567")
LOGIN_URL = "/admin/login/" LOGIN_URL = "/admin/login/"
# Local LAN address space # Local LAN address space
LAN_ALLOWED_ADDRESS_SPACE = env("LAN_ALLOWED_ADDRESS_SPACE", "") LAN_ALLOWED_ADDRESS_SPACE = env("LAN_ALLOWED_ADDRESS_SPACE", "")
ALLOWED_HOSTS = ["0.0.0.0", "localhost"]