Django Website Deploy 403 error
Hi,
So basically I deployed my django project onto railway. The website loads fine and everything.
However, when I try to login (I have a login feature on my website), it shows
Obviously, everything works fine locally as I have tested so not sure why is showing this when I deployed it.
If anyone could help that'll be great!
51 Replies
Project ID:
N/AYou might find these helpful:
- CSRF verification failed. Request aborted.
- CSRF Error when submitting a form
- Django Admin in Railway Template, is it right?
⚠️ experimental feature
N/A
Yeah nevermind addiing CSRF_TRUSTED_ORIGINS = ['https://web-production-c9a.up.railway.app'] in the settings.py made it work. ty
However, I got another question for the starter plan free. I see the default django sqlite works, reading and writing.
Would that database save and not get deleted as in when leaving the website how it is, without redeploying from github etc.
if nothing ever triggers a redeploy, then yes your sqlite db will stay untouched, but frankly that is a horrible way of going about it when django makes it very easy to work with external databases like mysql or postgre
I see, thanks for the response. Yeah I was going to do postgre but then having to transistion the database with the data + all the media images files, seemed that it would take time so didnt get around to do it.
And also what does the 500 execution hours mean. Like once I deployed or like 500 hours in total when someone is on the website itself?
500 hours depletes as long as you have at least 1 deployment active
Oh so does it basically mean that I have 21 days where the website would be live?
exactly
and in relation to the developer plan. How does it work.
Lets say I am just deploying it, its not used much at all, only a few times
what would be the pricing or
deploy it on the free plan, after a few days of looking at the metrics you will get an idea of how much resources your app uses, then plug them into the pricing estimator
https://railway.app/pricing
Thanks. Another question, I added a custom domain. However, it shows as not secure without https
How could I make it so it is secure bcz otherwise it shows as site unsafe, do you want to continue in order to access the website
just wait a few hours, sometime it just takes a bit
Yeah :). So I created a postgres as database.
Added the needs in the settings.py installed psycopg2 etc. The postgres seemed all okay.
However when I try deploy my django app from github, its just stuck on constant deployment in progress
Delete the deployment and try again
yeah I tried that two times now but still issue
#🚨|incidents
Does the estimated part mean for the month estimate?
How can I use the variables in the railway project. And how would it work with django project?
I have a credentials.json which i dont want to put on the public repo as sensitive info, how can I still be able to use it as railway uses github files
put the secrets in the variables tab in the service
then reference them in code as an environment variable
thanks for the reply.
So this is where it references the credentials.json
which is a file that has all the info
"private_key_id": "8030484a7f6f61db2c805" etc theres more of them.
If I set each variable on that in the json file on the variables tab.
What would I need to change this to?
erm i hope that private key isn't sensitive
i changed it dw, just to show as an example
os.environ['private_key_id']
that's how you would access ityeah i understand how i would access individually
But bcz this code, references a whole json file, which has many key variables and values in that json file, not sure what I would change this to
os.path.join(BASE_DIR, 'credential.json')
too complicated, just wherever you need to access that private_key_id use
os.environ['private_key_id'] and get rid of this JSON loader thingythat was just one key within the credentials json file.
But i believe i need everything in the json file for the code to work
Credentials.json file inside looks liek this: (edited the sensitive values)
oh it's this crap
ah yes
google apis
pain
google changed up their forms API literally 4 days ago bricking a feature we were almost ready to ship and now im having to write some crazy fetch commands with sus headers to make it possible to do something they're not supporting in anything but their proprietary google app script
rip
I only use the Google APIs that requires 1 API key as a header / query param
regarding this, every time i've dealt with this i just plopped the credentials.json file in the
~/.config/gcloud directory and then the python application just picked it up and ran with it
but this was assuming that gcloud cli was installedcould they store it in a secure bucket and download the file at run time?
hm
yeah that is a workaround, assuming you can't just extract the fields in the json file and use them as env vars -> somehow set them in that library's config
yeah but there's a big private key
shouldn't be an issue right? just a long string
I'm sure railway has a limit of the amount of characters in a key or value, right?
ah, not sure, never ran up against that
trys to update a value with 300 chars and takes down the backboard
Could I do this?
yeah that's what i was thinking
Yeah the private key is mad longg
very
yeah don't break the environment variable display again please
that's what happened last time it broke, someone must have tried to store a private key (joke)
chuck it in a secure cloudflare r2 bucket and download the file in code before referencing the file
then you'd only need the secrets for the cloudflare r2 api access
alright thanks, ill try this out first and see if works
please dont
even if you can store the private key in a environment variable, it's a half assed hack
not fully sure how i would do this
chuck it in a secure cloudflare r2 bucket and download the file in code before referencing the file then you'd only need the secrets for the cloudflare r2 api acces
store JSON file in bucket, use some library to connect to bucket, download file, then use file