Add CORS support and update allowed hosts in settings (#126)

Princekumarofficial · web-flow · commit 8c3ad51c997c · 2025-03-28T03:08:19.000+05:30
diff --git a/messWebsite/settings.py b/messWebsite/settings.py
@@ -20,8 +20,9 @@
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = env.bool("DEBUG", default=False)
 
-ALLOWED_HOSTS = ["diningfee.iiti.ac.in", "127.0.0.1"]
+ALLOWED_HOSTS = ["diningfee.iiti.ac.in", "127.0.0.1", "localhost"]
 CSRF_TRUSTED_ORIGINS = ["http://diningfee.iiti.ac.in", "https://diningfee.iiti.ac.in"]
+CORS_ORIGIN_ALLOW_ALL = True # Will change this to false after some time
 # Application definition
 
 INSTALLED_APPS = [
@@ -35,6 +36,7 @@
     "django.contrib.sites",
     "django.contrib.admindocs",
     # Third-party apps
+    "corsheaders",
     "import_export",
     "django_admin_logs",
     "allauth",
@@ -53,6 +55,7 @@
 ]
 
 MIDDLEWARE = [
+    'corsheaders.middleware.CorsMiddleware',
     "django.middleware.security.SecurityMiddleware",
     "django.contrib.sessions.middleware.SessionMiddleware",
     "django.middleware.common.CommonMiddleware",
