fix: enhance middleware to set HTTP_X_FORWARDED_PROTO and secure proxy SSL header

backend/server/adventures/middleware.py

@@ -31,12 +31,16 @@ class OverrideHostMiddleware:
     def __init__(self, get_response):
         self.get_response = get_response
 
-    def __call__(self, request: HttpRequest):
-        # Override the host with the PUBLIC_URL environment variable
+    def __call__(self, request):
         public_url = os.getenv('PUBLIC_URL', None)
         if public_url:
-            # Split the public URL to extract the host and port (if available)
-            host = public_url.split("//")[-1].split("/")[0]
-            request.META['HTTP_HOST'] = host  # Override the HTTP_HOST header
+            # Extract host and scheme
+            scheme, host = public_url.split("://")
+            request.META['HTTP_HOST'] = host
+            request.META['wsgi.url_scheme'] = scheme
+
+            # Set X-Forwarded-Proto for Django
+            request.META['HTTP_X_FORWARDED_PROTO'] = scheme
+
         response = self.get_response(request)
         return response