feat: enhance ALLOWED_HOSTS and add support for insecure transport lo…

…gging
hotosm · Jan 12, 2025 · eced2f3 · eced2f3
1 parent 33fafa0
commit eced2f3
Showing 1 changed file with 14 additions and 3 deletions.
diff --git a/backend/aiproject/settings.py b/backend/aiproject/settings.py
@@ -38,7 +38,13 @@
     default="https://api-prod.raw-data.hotosm.org/v1",
 )
 
-ALLOWED_HOSTS = ["localhost", "127.0.0.1", HOSTNAME, gethostbyname(gethostname())]
+
+REMOTE_HOSTNAME = gethostname()
+
+REMOTE_HOST_IP = gethostbyname(REMOTE_HOSTNAME)
+
+ALLOWED_HOSTS = ["localhost", "127.0.0.1", HOSTNAME, REMOTE_HOSTNAME, REMOTE_HOST_IP]
+
 CORS_ALLOW_HEADERS = list(default_headers) + [
     "access-token",
 ]
@@ -212,8 +218,13 @@
 
 STATIC_ROOT = os.path.join(BASE_DIR, "api_static")
 
-if DEBUG:
-    logging.info("Enabling oauthlib insecure transport in debug mode")
+ALLOW_OAUTHLIB_INSECURE_TRANSPORT = env(
+    "ALLOW_OAUTHLIB_INSECURE_TRANSPORT", default=False
+)
+
+
+if DEBUG or ALLOW_OAUTHLIB_INSECURE_TRANSPORT:
+    logging.info("Enabling oauthlib insecure transport")
     os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "1"