From eced2f329ecbf7a5b01b22aa22488f5f08298b24 Mon Sep 17 00:00:00 2001
From: kshitijrajsharma <skshitizraj@gmail.com>
Date: Sun, 12 Jan 2025 14:56:28 +0100
Subject: [PATCH] feat: enhance ALLOWED_HOSTS and add support for insecure
 transport logging

---
 backend/aiproject/settings.py | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/backend/aiproject/settings.py b/backend/aiproject/settings.py
index 1481ac96..0ca9291d 100644
--- a/backend/aiproject/settings.py
+++ b/backend/aiproject/settings.py
@@ -38,7 +38,13 @@
     default="https://api-prod.raw-data.hotosm.org/v1",
 )
 
-ALLOWED_HOSTS = ["localhost", "127.0.0.1", HOSTNAME, gethostbyname(gethostname())]
+
+REMOTE_HOSTNAME = gethostname()
+
+REMOTE_HOST_IP = gethostbyname(REMOTE_HOSTNAME)
+
+ALLOWED_HOSTS = ["localhost", "127.0.0.1", HOSTNAME, REMOTE_HOSTNAME, REMOTE_HOST_IP]
+
 CORS_ALLOW_HEADERS = list(default_headers) + [
     "access-token",
 ]
@@ -212,8 +218,13 @@
 
 STATIC_ROOT = os.path.join(BASE_DIR, "api_static")
 
-if DEBUG:
-    logging.info("Enabling oauthlib insecure transport in debug mode")
+ALLOW_OAUTHLIB_INSECURE_TRANSPORT = env(
+    "ALLOW_OAUTHLIB_INSECURE_TRANSPORT", default=False
+)
+
+
+if DEBUG or ALLOW_OAUTHLIB_INSECURE_TRANSPORT:
+    logging.info("Enabling oauthlib insecure transport")
     os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "1"