Merge pull request #34 from defencedigital/pyswitch

Fix for CSRF and loginrequired middleware
author: Yulqen <246857+yulqen@users.noreply.github.com> 2024-04-24 20:20:14 +0100
committer: GitHub <noreply@github.com> 2024-04-24 20:20:14 +0100
commit: c8d1b09f37be32cbda3c0f6cca2c241a1d20ad8e (patch)
tree: 590874b1d540a76b37eafc30cd9a1b201dd3a70a /ded/settings.py
parent: bc3c42b2279a3bf1e7159f110e662e942a5fdc2e (diff)
parent: 326e8fc8b1c615f8533b45e80ce0ae636ebdcc17 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/ded/settings.py b/ded/settings.py
index 9cba3b0..b2b1da0 100644
--- a/ded/settings.py
+++ b/ded/settings.py
@@ -14,6 +14,10 @@ from pathlib import Path
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
 
+# For staging (on OpenShift)
+# was getting 403, CSRF verification failed error
+CSRF_COOKIE_SECURE = True
+SESSION_COOKIE_SECURE = True
 
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/4.0/howto/deployment/checklist/
@@ -29,7 +33,6 @@ ALLOWED_HOSTS = ["ded-web-ho-defnucsyr-ded.apps.ocp1.azure.dso.digital.mod.uk",
 STATIC_ROOT = BASE_DIR / "static"
 
 # Application definition
-
 INSTALLED_APPS = [
     "instruments.apps.InstrumentsConfig",
     "engagements.apps.EngagementsConfig",
author	Yulqen <246857+yulqen@users.noreply.github.com>	2024-04-24 20:20:14 +0100
committer	GitHub <noreply@github.com>	2024-04-24 20:20:14 +0100
commit	c8d1b09f37be32cbda3c0f6cca2c241a1d20ad8e (patch)
tree	590874b1d540a76b37eafc30cd9a1b201dd3a70a /ded/settings.py
parent	bc3c42b2279a3bf1e7159f110e662e942a5fdc2e (diff)
parent	326e8fc8b1c615f8533b45e80ce0ae636ebdcc17 (diff)