Add support for some security settings

2023-01-17 22:30:11 +01:00 · 2023-01-17 22:30:11 +01:00 · c3490e8a81
commit c3490e8a81
parent e2efba4cc2
1 changed files with 4 additions and 0 deletions
--- a/movieclub/settings.py
+++ b/movieclub/settings.py
@ -18,6 +18,10 @@ environ.Env.read_env(os.path.join(BASE_DIR, '.env'))

 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = env("SECRET_KEY")
+SESSION_COOKIE_SECURE = env.bool("SESSION_COOKIE_SECURE", False)
+CSRF_COOKIE_SAMESITE = env("CSRF_COOKIE_SAMESITE", default="Lax")
+CSRF_COOKIE_SECURE = env.bool("CSRF_COOKIE_SECURE", False)
+SECURE_PROXY_SSL_HEADER = env.tuple("SECURE_PROXY_SSL_HEADER", None)

 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = env('DEBUG')