🔧(backend) activate https on oidc redirection

mozilla-django-oidc didn't add the https:// prefix to the redirect_uri. We set the option SECURE_PROXY_SSL_HEADER to ('HTTP_X_FORWARDED_PROTO', 'https') in the settings.py file to force the https prefix.
2024-04-12 14:06:30 +02:00
parent 22e79e7583
commit 68c130bd84
1 changed files with 1 additions and 0 deletions
--- a/src/backend/impress/settings.py
+++ b/src/backend/impress/settings.py
@@ -500,6 +500,7 @@ class Production(Base):
    #
    # In other cases, you should comment the following line to avoid security issues.
    # SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
+    SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

    # Modern browsers require to have the `secure` attribute on cookies with `Samesite=none`
    CSRF_COOKIE_SECURE = True