Merge pull request 'feat: update CORS and CSRF trusted origins for improved security' (#68) from feature/meetings into main

Reviewed-on: https://gitea.blackbusinesslabs.com/ATTUNE-HEART-THERAPY/alternative-backend-service/pulls/68

booking_system/settings.py

@@ -15,14 +15,17 @@ DEBUG = os.getenv('DEBUG', 'False').lower() == 'true'
 ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS', '*').split(',')
 
 CORS_ALLOWED_ORIGINS = [
-    'https://attunehearttherapy.com'
+    'https://attunehearttherapy.com',
+    'https://www.attunehearttherapy.com',
+    'https://api.attunehearttherapy.com',
 ]
 
 CORS_ALLOW_CREDENTIALS = True
 
 CSRF_TRUSTED_ORIGINS = [
     'https://api.attunehearttherapy.com',
-    'https://attunehearttherapy.com'
+    'https://attunehearttherapy.com',
+    'https://www.attunehearttherapy.com',
 ]
 
 INSTALLED_APPS = [