From 789816e9868685e2ae08b536b6b6ada1a6a64595 Mon Sep 17 00:00:00 2001
From: N3WT DE COMPET <n3wt.school@gmail.com>
Date: Sat, 31 May 2025 18:31:46 +0200
Subject: [PATCH] fix: variables csrf

---
 Back-End/N3wtSchool/settings.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Back-End/N3wtSchool/settings.py b/Back-End/N3wtSchool/settings.py
index d65d1f2..5a7a8c6 100644
--- a/Back-End/N3wtSchool/settings.py
+++ b/Back-End/N3wtSchool/settings.py
@@ -272,8 +272,9 @@ CORS_ALLOWED_METHODS = [
 CSRF_TRUSTED_ORIGINS = os.getenv('CSRF_TRUSTED_ORIGINS', 'http://localhost:3000,http://localhost:8080').split(',')
 
 CSRF_COOKIE_HTTPONLY = False
-CSRF_COOKIE_SECURE = False
+CSRF_COOKIE_SECURE = os.getenv('CSRF_COOKIE_SECURE', 'false').lower() == 'true'
 CSRF_COOKIE_NAME = 'csrftoken'
+CSRF_COOKIE_DOMAIN = os.getenv('CSRF_COOKIE_DOMAIN', '')
 
 USE_TZ = True
 TZ_APPLI = 'Europe/Paris'