diff --git a/backend/requirements.txt b/backend/requirements.txt index bfcbcd9..f3dc6cb 100644 --- a/backend/requirements.txt +++ b/backend/requirements.txt @@ -1,3 +1,4 @@ Django==3.2.8 psycopg2-binary>=2.8 djangorestframework==3.12.4 +django-cors-headers==3.10.0 diff --git a/backend/right_tree/settings.py b/backend/right_tree/settings.py index 5ad4c1f..0f127e6 100644 --- a/backend/right_tree/settings.py +++ b/backend/right_tree/settings.py @@ -39,6 +39,7 @@ INSTALLED_APPS = [ 'django.contrib.staticfiles', 'rest_framework', + 'corsheaders', 'right_tree.api', ] @@ -51,6 +52,7 @@ MIDDLEWARE = [ 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'corsheaders.middleware.CorsMiddleware', ] ROOT_URLCONF = 'right_tree.urls' @@ -131,3 +133,11 @@ STATIC_URL = '/static/' # https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' + +CORS_ALLOWED_ORIGINS = [ + 'http://localhost:3000' # Update this for production +] + +CORS_ALLOW_HEADERS = [ + 'access-control-allow-origin' +]