Modify settings for deployment

Author: ahamed-dd

requirements.txt

@@ -1,10 +1,14 @@
 asgiref==3.10.0
+dj-database-url==3.0.1
 Django==5.2.7
+django-cors-headers==4.9.0
 django-environ==0.12.0
 djangorestframework==3.16.1
 djangorestframework_simplejwt==5.5.1
 mysqlclient==2.2.7
+psycopg2-binary==2.9.11
 PyJWT==2.10.1
 python-dotenv==1.1.1
 sqlparse==0.5.3
 tzdata==2025.2
+whitenoise==6.11.0

task_manager/settings.py

@@ -1,21 +1,10 @@
-"""
-Django settings for task_manager project.
-
-Generated by 'django-admin startproject' using Django 5.2.7.
-
-For more information on this file, see
-https://docs.djangoproject.com/en/5.2/topics/settings/
-
-For the full list of settings and their values, see
-https://docs.djangoproject.com/en/5.2/ref/settings/
-"""
 
 from pathlib import Path
 from dotenv import load_dotenv
 from datetime import timedelta
 import os
 import environ
-
+import dj_database_url   # render and update requirements.txt
 env = environ.Env(DEBUG=(bool, False))
 environ.Env.read_env()
 
@@ -30,10 +19,11 @@
 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = os.getenv('SECRET_KEY')
 
-# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = os.getenv('DEBUG') == 'True'
+# don't run with debug turned on in production!
+DEBUG = env.bool("DJANGO_DEBUG", default=True)
 
-ALLOWED_HOSTS = ['localhost', '127.0.0.1', '[::1]']
+
+ALLOWED_HOSTS = ['localhost', '127.0.0.1', '[::1]', ".onrender.com"]
 
 
 # Application definition
@@ -59,7 +49,8 @@
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
-    'corsheaders.middleware.CorsMiddleware'
+    'corsheaders.middleware.CorsMiddleware',
+    "whitenoise.middleware.WhiteNoiseMiddleware"  # render
 ]
 
 
@@ -86,19 +77,29 @@
 # Database
 # https://docs.djangoproject.com/en/5.2/ref/settings/#databases
 
-DATABASES = {
-    'default': {
-        'ENGINE': 'django.db.backends.mysql',
-        'NAME': env('DB_NAME'),
-        'USER': env('DB_USER'),
-        'PASSWORD': env('DB_PASSWORD'),
-        'HOST': env('DB_HOST'),
-        'PORT': env('DB_PORT'),
-        'OPTIONS': {
-            'init_command': "SET sql_mode='STRICT_TRANS_TABLES'"
+if DEBUG:
+    DATABASES = {
+        'default': {
+            'ENGINE': 'django.db.backends.mysql',
+            'NAME': env('DB_NAME'),
+            'USER': env('DB_USER'),
+            'PASSWORD': env('DB_PASSWORD'),
+            'HOST': env('DB_HOST'),
+            'PORT': env('DB_PORT'),
+            'OPTIONS': {
+                'init_command': "SET sql_mode='STRICT_TRANS_TABLES'"
+            }
         }
     }
-}
+else:  # render
+    DATABASES = {
+        'default': dj_database_url.config(
+            default=env('postgresql://task_manager_system_hscm_user:lmvHZk9MYhuOWh63eP4q79ZRbrLpxvt3@dpg-d4qiplidbo4c73bslgm0-a.singapore-postgres.render.com/task_manager_system_hscm'),
+            conn_max_age=600,
+            ssl_require=True,
+        )
+    }
+
 
 
 # Password validation
@@ -137,6 +138,7 @@
 
 STATIC_ROOT = '/app/staticfiles'
 STATIC_URL = 'static/'
+STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage"  # render
 
 # Default primary key field type
 # https://docs.djangoproject.com/en/5.2/ref/settings/#default-auto-field
@@ -159,11 +161,26 @@
 # Nginx → Django HTTPS handling
 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 
+# CORS Handling
 CORS_ALLOWED_ORIGINS = [
     "http://localhost:3000",
     "http://127.0.0.1:3000",
     "http://localhost:8000",
-    "http://localhost:5173"
+    "http://localhost:5173",
+    "https://your-frontend.onrender.com" 
 ]
 
 CORS_ALLOW_CREDENTIALS = True
+
+CSRF_TRUSTED_ORIGINS = [
+    "https://your-backend.onrender.com",
+    "https://your-frontend.onrender.com",
+
+]
+
+# Cookies Authentication on Frontend
+if not DEBUG:
+    SECURE_SSL_REDIRECT = True
+    SESSION_COOKIE_SECURE = True
+    CSRF_COOKIE_SECURE = True
+    CSRF_COOKIE_SAMESITE = "None"