Redirect http to https in production

example.env

@@ -28,6 +28,9 @@ DJANGO_ALLOWED_HOSTS=localhost,127.0.0.1
 DJANGO_CSRF_TRUSTED_ORIGINS=
 DJANGO_INTERNAL_IPS=127.0.0.1
 
+# Redirect all HTTP requests to HTTPS (only used in production).
+DJANGO_SECURE_SSL_REDIRECT=true
+
 # The salt that is used for hashing tokens in the token authentication app.
 # Cave, changing the salt after some tokens were already generated makes them all invalid!
 TOKEN_AUTHENTICATION_SALT="your_token_authentication_salt_here"

example_project/example_project/settings/production.py

@@ -21,6 +21,8 @@
     },
 }
 
+SECURE_SSL_REDIRECT = env.bool("DJANGO_SECURE_SSL_REDIRECT")
+
 EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
 EMAIL_TIMEOUT = 60
 email_config = env.dj_email_url("DJANGO_EMAIL_URL")