From 8a9ded42b54551457d9d0ae683aa0ff85a1bcd03 Mon Sep 17 00:00:00 2001
From: ramvignesh-b <ramvignesh-b@github.com>
Date: Tue, 28 Apr 2026 18:02:27 +0530
Subject: [PATCH] feat: add secure proxy configuration for http to https

---
 backend/config/settings.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/backend/config/settings.py b/backend/config/settings.py
index 14b0fef..2fc07a8 100644
--- a/backend/config/settings.py
+++ b/backend/config/settings.py
@@ -25,9 +25,12 @@ env_file = os.environ.get("PIKU_ENV_FILE", os.path.join(BASE_DIR.parent, ".env")
 if os.path.exists(env_file):
     environ.Env.read_env(env_file, overwrite=False)
 
+# Security Settings
 ALLOWED_HOSTS = env.list("ALLOWED_HOSTS", default=["127.0.0.1"])
 ALLOWED_HOSTS.append(env("FRONTEND_DOMAIN", default="127.0.0.1"))
 ALLOWED_HOSTS.append(env("BACKEND_DOMAIN", default="127.0.0.1"))
+# NOTE: Set to forward https when using reverse proxy
+SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 
 CSRF_TRUSTED_ORIGINS = env.list("CSRF_TRUSTED_ORIGINS", default=[])