bf-fix-cors-bug-163115612

- add django-cors package
- specify a whitelist for CORS requests

[starts #163115612]

authors/settings.py

@@ -101,8 +101,10 @@
 EMAIL_HOST_PASSWORD = os.getenv('EMAIL_HOST_PASSWORD')
 EMAIL_PORT = 587
 EMAIL_USE_TLS = True
+# EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
 EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
 
+
 TEMPLATES = [
     {
         'BACKEND': 'django.template.backends.django.DjangoTemplates',
@@ -129,8 +131,7 @@
 
 DATABASES = {
     # read the database environ
-    'default': dj_database_url.config(
-        default=env.db(), conn_max_age=1000)
+    'default': env.db()
 }
 
 # Password validation
@@ -169,9 +170,12 @@
 
 STATIC_URL = '/static/'
 
+CORS_ORIGIN_ALLOW_ALL = False
+
 CORS_ORIGIN_WHITELIST = (
     '0.0.0.0:4000',
     'localhost:4000',
+    'localhost:3000',
 )
 # Tell Django about the custom `User` model we created. The string
 # `authentication.User` tells Django we are referring to the `User` model in
@@ -217,6 +221,8 @@
         }
     },
 }
+
+LOG_LEVEL = 'DEBUG'
 logging.config.dictConfig({
     'version': 1,
     'disable_existing_loggers': False,