From d8d9cef44d9e148256cb759e87cdd0a397ec9c87 Mon Sep 17 00:00:00 2001
From: Kseninia Mikhaylova <k.mikhailova@svs-tech.pro>
Date: Tue, 25 Jun 2024 14:44:46 +0300
Subject: [PATCH] add csrf trusted

---
 back/api/settings.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/back/api/settings.py b/back/api/settings.py
index 3c084f8..99de94f 100644
--- a/back/api/settings.py
+++ b/back/api/settings.py
@@ -27,19 +27,23 @@ SECRET_KEY = "django-insecure-ruo!wst&sb8(f9)j5u4rda-w!673lj_-c0a%gx_t@)ff*q*2ze
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
-NGROK_TEMP = '357e-193-228-134-167.ngrok-free.app'
+NGROK_TEMP = "357e-193-228-134-167.ngrok-free.app"
 ALLOWED_HOSTS = [
     "localhost",
     NGROK_TEMP,
     "192.168.103.159",
     "back",
+    "toinv.svs-tech.pro",
 ]
 CORS_ALLOWED_ORIGINS = [
     "http://localhost:3000",
     "http://192.168.103.159:3000",
     "https://toinv.svs-tech.pro",
+    "back",
+]
+CSRF_TRUSTED_ORIGINS = [
+    "https://toinv.svs-tech.pro",
 ]
-
 # Application definition
 
 INSTALLED_APPS = [