FreakU
/
takahe
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed #23: Replace https hack with header setting

This commit is contained in:
Andrew Godwin 2022-11-20 13:58:54 -07:00
parent b4166f78bb
commit 70d01bf1b4
2 changed files with 1 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
core/middleware.py
View File

@ -1,21 +1,6 @@
from core.models import Config from core.models import Config
class AlwaysSecureMiddleware:
"""
Locks the request object as always being secure, for when it's behind
a HTTPS reverse proxy.
"""
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
request.__class__.scheme = "https"
response = self.get_response(request)
return response
class ConfigLoadingMiddleware: class ConfigLoadingMiddleware:
""" """
Caches the system config every request Caches the system config every request

4
takahe/settings/development.py
View File

@ -5,9 +5,6 @@ from .base import * # noqa
# Load secret key from environment with a fallback # Load secret key from environment with a fallback
SECRET_KEY = os.environ.get("TAKAHE_SECRET_KEY", "insecure_secret") SECRET_KEY = os.environ.get("TAKAHE_SECRET_KEY", "insecure_secret")
# Disable the CRSF origin protection
MIDDLEWARE.insert(0, "core.middleware.AlwaysSecureMiddleware")
# Ensure debug features are on # Ensure debug features are on
DEBUG = True DEBUG = True
@ -16,6 +13,7 @@ CSRF_TRUSTED_ORIGINS = [
"http://127.0.0.1:8000", "http://127.0.0.1:8000",
"https://127.0.0.1:8000", "https://127.0.0.1:8000",
] ]
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend" EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
SERVER_EMAIL = "test@example.com" SERVER_EMAIL = "test@example.com"