Django on Google App Engine add version URL's to ALLOWED_HOSTS - django

I am hosting on GAE and want to be able to access different versions without promoting them. Currently, I get a 400 error: Invalid HTTP_HOST header: '1234568-dot-myapp.ey.r.appspot.com'. You may need to add '1234568-dot-myapp.ey.r.appspot.com' to ALLOWED_HOSTS.
How can I add the URL to ALLOWED_HOSTS, so that I can access any version of my app?
Currently, my ALLOWED_HOSTS looks like this:
APPENGINE_URL = env("APPENGINE_URL", default=None)
if APPENGINE_URL:
if not urlparse(APPENGINE_URL).scheme:
APPENGINE_URL = f"https://{APPENGINE_URL}"
ALLOWED_HOSTS = [urlparse(APPENGINE_URL).netloc,
'my-personal-domain.com']
CSRF_TRUSTED_ORIGINS = [APPENGINE_URL,
'https://my-personal-domain.com']
SECURE_SSL_REDIRECT = True
else:
ALLOWED_HOSTS = ["*"]
From my understanding, wildcards only work for sub-domains. How can I add something like this to the allowed hosts?
[version-number]-dot-myapp.ey.r.appspot.com
Thanks!

Related

There is no cookie at all in my Next.Js frontend

I made Django Backend. and Next.js Frontend. There is cookie which has _ga, csrftoken when I tested on local server 127.0.0.1.
BUT, there is no cookie at all on my production (which has different domain backend and frontend).
I guessed that everything happened because I used different domain when production. Here is some django settings.py I have
ALLOWED_HOSTS = [
"127.0.0.1",
"localhost",
"BACKENDURL",
"FRONTENDURL",
"*.FRONTENDURL",
]
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CSRF_TRUSTED_ORIGINS = [
"http://127.0.0.1:3000",
"http://localhost:3000",
"https://*.frontendURL",
"https://FRONTENDURL",
]
CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SECURE = True
For the future visitors...
I figured out what I was wrong.
In Development Settings,
I use same domain
[127.0.0.1:3000] as frontend (Next.JS)
[127.0.0.1:8000] as backend (Django)
But, In Production Settings,
I use different domain
[frontend.com] as frontend
[backend.com] as backend
Which leads "cross-site" error on request/response.
I also found that there is no cookie in my production
due to I use different domain in production
Different domain cannot use same cookie => No Cookie on the frontend.
Thus, I have to set the domain same on backend and frontend in 'hosting service site'
www -> frontendurl
backend -> backendurl
=> Then I can get the csrftoken and sessionid when login.
Also, I made my settings.py in django project including...
SESSION_COOKIE_DOMAIN = ".mydomain"
CSRF_COOKIE_DOMAIN = ".mydomain"
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_ALL_ORIGINS = True
I recognize that CORS_ALLOW_ALL_ORIGINS leads some danger...
I set it just to confirm that everything is fine.
Later on, In production, change it into
CORS_ALLOWED_ORIGINS = [...]
Hope my answer helped someone.
Happy Hacking my friends. Good Luck!

How to configure Traefik to use Django Sites Framework

I'm testing cookiecutter-django in production using Docker-compose and Traefik with Let'sencrypt. I'm trying to configure it to work with 2 domains (mydomain1.com and mydomain2.com) using Django sites.
How to configure Traefik so it could forward traffic to necessary domain?
This is my traefik.toml
logLevel = "INFO"
defaultEntryPoints = ["http", "https"]
# Entrypoints, http and https
[entryPoints]
# http should be redirected to https
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
# https is the default
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
# Enable ACME (Let's Encrypt): automatic SSL
[acme]
# Email address used for registration
email = "mail#mydomain1.com"
storage = "/etc/traefik/acme/acme.json"
entryPoint = "https"
onDemand = false
OnHostRule = true
# Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge
[acme.httpChallenge]
entryPoint = "http"
[file]
[backends]
[backends.django]
[backends.django.servers.server1]
url = "http://django:5000"
[frontends]
[frontends.django]
backend = "django"
passHostHeader = true
[frontends.django.headers]
HostsProxyHeaders = ['X-CSRFToken']
[frontends.django.routes.dr1]
rule = "Host:mydomain1.com"
Now all domains working through ssl,but I can see only mydomain1.com, and mydomain2.com shows ERR_TOO_MANY_REDIRECTS.
What have you tried? What didn't work? By reading your question it's hard to tell.
There is an element of answer in the issue you seem to have opened in cc-django repo.
First things first, I would try to take Traefik out of the equation and make this work locally by doing something as suggested. Once it works locally, it's a matter of mapping the right port/container to the right domain in Traefik.
Assuming you've configure docker-compose to run the django containers on port 5000 and 5001, I think you would need to adjust you backends and frontends section as below:
[backends]
[backends.django1]
[backends.django1.servers.server1]
url = "http://django:5000"
[backends.django2]
[backends.django2.servers.server1]
url = "http://django:5001"
[frontends]
[frontends.django1]
backend = "django1"
passHostHeader = true
[frontends.django1.headers]
HostsProxyHeaders = ['X-CSRFToken']
[frontends.django1.routes.dr1]
rule = "Host:mydomain1.com"
[frontends.django2]
backend = "django2"
passHostHeader = true
[frontends.django2.headers]
HostsProxyHeaders = ['X-CSRFToken']
[frontends.django2.routes.dr1]
rule = "Host:mydomain2.com"
I didn't try these, but that would be the first thing I would do. Also, it looks like we can specify rules on frontends to adjust routing.

How to set up ALLOWED_HOSTS in digital ocean

I successfully hosted my Django code in digital ocean with DNS.After hosted I'm getting weird output in my browser.
when I enter example.com.i'm getting the login page after logged in I'm reached my home page.all works fine.But when I enter www.example.com I'm redirected to my login page.then again I test example.com it shows homepage, not the login page. I don't know what I'm doing wrong here.
my ALLOWED_HOSTS look like this initially
ALLOWED_HOSTS = ['www.example.com','example.com']
Then I changed it to:
ALLOWED_HOSTS = ['.example.com']
last try
ALLOWED_HOSTS = [*]
I changed multiple things but the result is same.Any help really appreciate :)
Set in settings below settings then Django will redirect user to automatic on www.example.com
PREPEND_WWW = True
ALLOWED_HOSTS = ['www.example.com']
If user enter http://example.com then Django will redirect http://www.example.com
In settings.py,
SESSION_COOKIE_DOMAIN = '.example.com'
ALLOWED_HOSTS = ['.example.com']
But i recommend to do like non-www -> www or www->non-www permanent redirect.It can be done webserver itself before touching django.

How to make game use https when played via facebook and http when played from other domain

Our users play our Django game directly via our domain, cnamed to herokuapp.com. We request our assets via http.
We want to add our game to facebook, which requires using https. Heroku can handle this.
Using https requests: our game works on facebook but fails to load assets when accessed via our cnamed domain.
Can we make our game use https when played via facebook and http when played from our domain? What code must we add to settings.py?
We've tried this code in settings.py but it didn't work
Option 1:
import socket
if socket.gethostname().startswith('app'):
LIVEHOST = True
else:
LIVEHOST = False
if LIVEHOST:
STATIC_URL = "https://d******1.cloudfront.net/"
else:
STATIC_URL = "http://d******1.cloudfront.net/"
Option 2:
import socket
if socket.gethostname().startswith('edge'):
LIVEHOST = True
else:
LIVEHOST = False
if LIVEHOST:
STATIC_URL = "https://d******1.cloudfront.net/"
else:
STATIC_URL = "http://d******1.cloudfront.net/"
You could use protocol relative urls to save yourself from the pain of worrying about the protocol to use.
So the settings would look like:
STATIC_URL = "//d******1.cloudfront.net/"
and you can safely get rid of all the computation logic in your code snippet.

nodejs isn't getting default cookie that django sets for users

I have just pushed a web app into production and requests to my nodejs no longer contain the user cookie that Django has been setting by default on my localhost (where it was working).
my nodejs looks for the cookie like this
io.configure(function(){
io.set('authorization', function(data, accept){
if (data.headers.cookie) {
data.cookie = cookie_reader.parse(data.headers.cookie);
return accept(null, true);
}
return accept('error',false);
});
io.set('log level',1);
});
and on localhost has been getting this
cookie: 'username="name:1V7yRg:n_Blpzr2HtxmlBOzCipxX9ZlJ9U"; password="root:1V7yRg:Dos81LjpauTABHrN01L1aim-EGA"; csrftoken=UwYBgHUWFIEEKleM8et1GS9FuUPEmgKF; sessionid=6qmyso9qkbxet4isdb6gg9nxmcnw4rp3' },
in the request header.
But in production, the header is the same but except no more cookie. Does Django only set this on localhost? How can I get it working in production?
I've tried setting these in my settings.py
CSRF_COOKIE_DOMAIN = '.example.com'
CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = False
But so far no good.
Any insight would be great.
I just figured it out. I was making a request to nodejs on the client like this
Message.socket = io.connect('http://123.456.789.10:5000');
Where I used my respective IP address and port that my nodejs was listening on. This is considered cross domain so browsers won't include cookies in the request. Easy fix by changing it to
Message.socket = io.connect('http://www.mydomain.com:5000');