From 1017c71ba1d80a1690e357a938ad46f246a456ae Mon Sep 17 00:00:00 2001
From: Andrew Godwin
Date: Sat, 10 Dec 2022 21:03:14 -0700
Subject: Working start of an OAuth flow

---
 takahe/settings.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'takahe/settings.py')

diff --git a/takahe/settings.py b/takahe/settings.py
index 64a523a..e2e9b43 100644
--- a/takahe/settings.py
+++ b/takahe/settings.py
@@ -169,16 +169,19 @@ INSTALLED_APPS = [
     "django.contrib.messages",
     "django.contrib.staticfiles",
     "django_htmx",
+    "corsheaders",
     "core",
     "activities",
-    "users",
-    "stator",
+    "api",
     "mediaproxy",
+    "stator",
+    "users",
 ]
 
 MIDDLEWARE = [
     "core.middleware.SentryTaggingMiddleware",
     "django.middleware.security.SecurityMiddleware",
+    "corsheaders.middleware.CorsMiddleware",
     "whitenoise.middleware.WhiteNoiseMiddleware",
     "django.contrib.sessions.middleware.SessionMiddleware",
     "django.middleware.common.CommonMiddleware",
@@ -278,6 +281,7 @@ AUTO_ADMIN_EMAIL = SETUP.AUTO_ADMIN_EMAIL
 
 STATOR_TOKEN = SETUP.STATOR_TOKEN
 
+CORS_ORIGIN_ALLOW_ALL = True  # Temporary
 CORS_ORIGIN_WHITELIST = SETUP.CORS_HOSTS
 CORS_ALLOW_CREDENTIALS = True
 CORS_PREFLIGHT_MAX_AGE = 604800
@@ -288,6 +292,7 @@ MEDIA_URL = SETUP.MEDIA_URL
 MEDIA_ROOT = SETUP.MEDIA_ROOT
 MAIN_DOMAIN = SETUP.MAIN_DOMAIN
 
+
 if SETUP.USE_PROXY_HEADERS:
     SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 
-- 
cgit v1.2.3