From f62b585e140f4efb548a7970e8b368ebbfd0ae42 Mon Sep 17 00:00:00 2001
From: behruz-dev <xoliqberdiyevbehruz12@gmail.com>
Date: Mon, 24 Nov 2025 15:54:56 +0500
Subject: [PATCH] fix

---
 config/conf/corsheaders.py | 17 +++++++----------
 config/settings/base.py    |  2 +-
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/config/conf/corsheaders.py b/config/conf/corsheaders.py
index 0c2fd28..0f90219 100644
--- a/config/conf/corsheaders.py
+++ b/config/conf/corsheaders.py
@@ -1,19 +1,16 @@
-# CORS_ALLOWED_ORIGINS = [
-#     "https://example.com",
-#     "http://localhost:3000",
-# ]
-
 CORS_ALLOW_ALL_ORIGINS = True
-
 CORS_ALLOW_CREDENTIALS = True
 
-CSRF_TRUSTED_ORIGINS = [
-    'https://api.meridynpharma.com/',
-]
-
 CORS_ALLOW_METHODS = [
     "DELETE",
     "GET",
+    "OPTIONS",
+    "PATCH",
     "POST",
     "PUT",
+]
+
+CSRF_TRUSTED_ORIGINS = [
+    'https://api.meridynpharma.com',
+    'https://meridynpharma.com',
 ]
\ No newline at end of file
diff --git a/config/settings/base.py b/config/settings/base.py
index b0a6ee0..c7e0255 100644
--- a/config/settings/base.py
+++ b/config/settings/base.py
@@ -30,9 +30,9 @@ INSTALLED_APPS = [
 ]
 
 MIDDLEWARE = [
+    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
-    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',