Add corsheaders & csfr middleware

This commit is contained in:
Michał Romaszkin 2020-04-22 17:41:57 +02:00
parent 5e5a1c4cda
commit 5e9d0cd87a
2 changed files with 13 additions and 2 deletions

View File

@ -1,20 +1,25 @@
from django.shortcuts import render, redirect from django.shortcuts import render, redirect
from django.conf import settings from django.conf import settings
from django.core.files.storage import FileSystemStorage from django.core.files.storage import FileSystemStorage
from django.views.decorators.csrf import csrf_exempt
from django.http import HttpResponseRedirect
from prototype.filehandler.models import Document from prototype.filehandler.models import Document
from prototype.filehandler.forms import DocumentForm from prototype.filehandler.forms import DocumentForm
def home(request): def home(request):
documents = Document.objects.all() documents = Document.objects.all()
return render(request, 'core/home.html', { 'documents': documents}) return render(request, 'core/home.html', { 'documents': documents})
@csrf_exempt
def model_form_upload(request): def model_form_upload(request):
if request.method == 'POST': if request.method == 'POST':
form = DocumentForm(request.POST, request.FILES) form = DocumentForm(request.POST, request.FILES)
if form.is_valid(): if form.is_valid():
form.save() form.save()
return redirect('home') return HttpResponseRedirect('sucess')
else: else:
form = DocumentForm() form = DocumentForm()
return render(request, 'core/model_form_upload.html', { return render(request, 'core/model_form_upload.html', {

View File

@ -37,13 +37,14 @@ INSTALLED_APPS = [
'django.contrib.sessions', 'django.contrib.sessions',
'django.contrib.messages', 'django.contrib.messages',
'django.contrib.staticfiles', 'django.contrib.staticfiles',
'prototype.filehandler', 'prototype.filehandler',
'corsheaders',
] ]
MIDDLEWARE = [ MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware', 'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware', 'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware', 'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware',
@ -125,3 +126,8 @@ STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')
MEDIA_URL = '/media/' MEDIA_URL = '/media/'
MEDIA_ROOT = os.path.join(BASE_DIR, 'media') MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
CORS_ALLOW_CREDENTIALS = True
CORS_ORIGIN_WHITELIST = [
'http://localhost:4200',
]