django-rest-deployment.py

## DJANGO REST React Github pages settings
## With Cookies Session authentication

# create Procfile with content:
web: gunicorn server.wsgi

# heroku setup database
pip install dj-database-url
DATABASES['default'] = dj_database_url.config(
    conn_max_age=600, ssl_require=True)

# heroku setup various
pip install django-on-heroku
django_on_heroku.settings(locals()) # in settings.py

# static files settings
STATIC_URL = '/static/'
STATIC_ROOT = os.path.join(BASE_DIR, "static")
# then run:
python manage.py collectstatic
# then set heroku variable:
DISABLE_COLLECTSTATIC: 1
    
# set host
ALLOWED_HOSTS = ['backenddomain']

# set cors
CORS_ALLOWED_ORIGINS = ['frontenddomain']
CORS_ALLOW_CREDENTIALS = True

#set cookies 
CSRF_COOKIE_SAMESITE = 'None'
CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SAMESITE = 'None'
SESSION_COOKIE_SECURE = True # when https

# allow csrf origins
CSRF_TRUSTED_ORIGINS = ['domain.here']

# move sqlite to another db
<script src="https://gist.github.com/tombohub/79b922617fd9a6c8c5e362fe5c2673bf.js"></script>

## REACT
# github pages to handle page reload:
https://github.com/rafgraph/spa-github-pages

# github pages custom domain:
# add CNAME file to public with domain in file

# axios use these settings:
axios.defaults.withCredentials = true;
axios.defaults.xsrfCookieName = "csrftoken";
axios.defaults.xsrfHeaderName = "X-CSRFToken";