From ad90f03a45df860e78b9bf27ee2b90317bd5a166 Mon Sep 17 00:00:00 2001
From: Sean Morley <zipsm15@gmail.com>
Date: Wed, 10 Jul 2024 08:46:38 -0400
Subject: [PATCH] docker

---
 backend/server/demo/settings.py | 8 +++-----
 docker-compose.yml              | 1 +
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/backend/server/demo/settings.py b/backend/server/demo/settings.py
index 81f3d0f..a84b7b7 100644
--- a/backend/server/demo/settings.py
+++ b/backend/server/demo/settings.py
@@ -207,10 +207,8 @@ SWAGGER_SETTINGS = {
 CORS_ORIGIN_ALLOW_ALL = True
 
 
-CSRF_TRUSTED_ORIGINS = [
-    'https://api.adventurelog.app',
-    'https://adventurelog.app',
-    
-]
+from os import getenv
+
+CSRF_TRUSTED_ORIGINS = getenv('CSRF_TRUSTED_ORIGINS', 'localhost').split(',')
 
 DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
diff --git a/docker-compose.yml b/docker-compose.yml
index 1c98526..f479187 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -35,6 +35,7 @@ services:
       - DJANGO_ADMIN_PASSWORD=admin
       - DJANGO_ADMIN_EMAIL=admin@example.com
       - PUBLIC_URL='http://127.0.0.1:81'
+      - CSRF_TRUSTED_ORIGINS=https://api.adventurelog.app,https://adventurelog.app
       - DEBUG=False
     ports:
       - "8000:8000"