From 9593ee02fa840a4efe333c8528fd900b00a47ec0 Mon Sep 17 00:00:00 2001 From: Kseninia Mikhaylova Date: Tue, 23 Jul 2024 09:42:13 +0300 Subject: [PATCH] csrf remove --- .gitignore | 3 ++- back/api/settings.py | 2 ++ back/tgbot/views.py | 6 +++++- docker-compose.yml | 2 +- .env.example => env/back.env.example | 5 ++++- env/docker.env.example | 1 + env/front.env.example | 1 + front/pages/table/[id].vue | 4 ++-- readme.md | 8 +++++++- 9 files changed, 25 insertions(+), 7 deletions(-) rename .env.example => env/back.env.example (59%) create mode 100644 env/docker.env.example create mode 100644 env/front.env.example diff --git a/.gitignore b/.gitignore index 9bf75e0..854bd80 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ .idea/ .vscode/ .venv/ -.env \ No newline at end of file +.env +env/*.env \ No newline at end of file diff --git a/back/api/settings.py b/back/api/settings.py index a4883fd..2b927e8 100644 --- a/back/api/settings.py +++ b/back/api/settings.py @@ -37,11 +37,13 @@ ALLOWED_HOSTS = [ "toinv.svs-tech.pro", ] CORS_ALLOWED_ORIGINS = [ + "http://localhost", "http://localhost:3000", "http://192.168.103.159:3000", "https://toinv.svs-tech.pro", ] CSRF_TRUSTED_ORIGINS = [ + "http://localhost", "https://toinv.svs-tech.pro", ] # Application definition diff --git a/back/tgbot/views.py b/back/tgbot/views.py index 332485a..eb0f820 100644 --- a/back/tgbot/views.py +++ b/back/tgbot/views.py @@ -24,7 +24,9 @@ class TgItemViewSet(viewsets.ModelViewSet): queryset = TgItem.objects.all().order_by("-updated_at") serializer_class = TgItemSerializer http_method_names = ["post", "get", "patch"] - + permission_classes = () + authentication_classes = () + def retrieve(self, request, pk=None): item = TgItem.objects.get(id=pk) logger.info( @@ -50,6 +52,8 @@ class TmcFieldViewset(viewsets.ModelViewSet): queryset = TmcField.objects.all() serializer_class = TmcFieldSerializer http_method_names = ["post", "get", "patch"] + permission_classes = () + authentication_classes = () def partial_update(self, request, *args, **kwargs): return super().partial_update(request) diff --git a/docker-compose.yml b/docker-compose.yml index 00c66c7..e53f4e8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -13,7 +13,7 @@ services: timeout: 3s retries: 20 volumes: - - ./.env:/app/.env + - ./back/.env:/app/.env networks: - toinv-network image: ci.svs-tech.pro/toinv_back:latest diff --git a/.env.example b/env/back.env.example similarity index 59% rename from .env.example rename to env/back.env.example index 625952c..0a0e95d 100644 --- a/.env.example +++ b/env/back.env.example @@ -3,4 +3,7 @@ DB_USER= DB_PASSWORD= DB_HOST= DB_PORT= -ODATA_AUTH= \ No newline at end of file +ODATA_AUTH= + +TG_TOKEN= +NGROK_TEMP= \ No newline at end of file diff --git a/env/docker.env.example b/env/docker.env.example new file mode 100644 index 0000000..0d4f2fd --- /dev/null +++ b/env/docker.env.example @@ -0,0 +1 @@ +WEB_PORT=80 \ No newline at end of file diff --git a/env/front.env.example b/env/front.env.example new file mode 100644 index 0000000..c67b7b1 --- /dev/null +++ b/env/front.env.example @@ -0,0 +1 @@ +NUXT_PUBLIC_API_BASE='http://localhost:8000/api' \ No newline at end of file diff --git a/front/pages/table/[id].vue b/front/pages/table/[id].vue index d651b3b..c4903fb 100644 --- a/front/pages/table/[id].vue +++ b/front/pages/table/[id].vue @@ -43,10 +43,10 @@ onMounted(async () => { loadTer() }) const patchField = async (field) => { - await apiCall(`tgbot/items/${field.id}/`, 'PATCH', { text: field.text }) + await apiCall(`tgbot/items/${field.id}/`, 'patch', { text: field.text }) } const patchItem = async () => { - await apiCall(`tgbot/${state.id}/`, 'PATCH', { name: state.name, location: state.location }) + await apiCall(`tgbot/${state.id}/`, 'patch', { name: state.name, location: state.location }) }