Проблема Cors в докеризованном проекте angular и django

У меня есть проблема, которая решается целый день. Я учусь в различных областях веб-разработки. В настоящее время я изучаю docker. Я докеризировал свой проект в Angular, используя сервер nginx. Так же, как и мой Django API, к которому подключается мое приложение Angular. Однако, когда Angular использует метод GET, в консоли JS появляется ошибка курса.

JS консоль

Access to XMLHttpRequest at 'http://127.0.0.1:8000/api2/zdjecia/' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Консоль Django

Watching for file changes with StatReloader
Performing system checks...
System check identified no issues (0 silenced).
October 31, 2022 - 14:12:10
Django version 3.2.16, using settings 'lobialogard.settings'
Starting development server at http://0.0.0.0:8000/
Quit the server with CONTROL-C.
[31/Oct/2022 14:14:14] "OPTIONS /api/aktualnosci/ HTTP/1.1" 200 0
[31/Oct/2022 14:14:14] "OPTIONS /api3/archiwum/ HTTP/1.1" 200 0
[31/Oct/2022 14:14:15] "OPTIONS /api/aktualnosci/ HTTP/1.1" 200 0
[31/Oct/2022 14:14:15] "OPTIONS /ustawienia/strony/ HTTP/1.1" 200 0
[31/Oct/2022 14:14:18] "OPTIONS /ustawienia/strony/ HTTP/1.1" 200 0
[31/Oct/2022 14:14:18] "OPTIONS /api/aktualnosci/ HTTP/1.1" 200 0

Я разблокировал все методы и происхождение, как указано ниже:

Мой файл nginx.conf

server {
  listen 80;
  server_name localhost;

  location / {

    if ($request_method = 'OPTIONS') {
        add_header 'Access-Control-Allow-Origin' '*';
 
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
 
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
 
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'application/json';
        add_header 'Content-Length' 0;
        return 204;
     }
     if ($request_method = 'POST') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
     }
     if ($request_method = 'GET') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
    }
    if ($request_method = 'PUT') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
    }
    if ($request_method = 'DELETE') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
    }

    
    root '/usr/share/nginx/html/';

  }
}

Мой файл settings.py в django

ALLOWED_HOSTS = ['*']

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'lo',
    'rest_framework',
    'rest_framework.authtoken',
    'tinymce',
    "corsheaders",
]

CORS_ALLOW_HEADERS = [
    'Access-Control-Allow-Origin',
    'Access-Control-Allow-Credentials',
    'Access-Control-Allow-Methods',
    'Access-Control-Allow-Headers',
    'Access-Control-Max-Age',
    'Content-Type',
    'Content-Length',
]

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    "corsheaders.middleware.CorsMiddleware",
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

Помогите, пожалуйста...

Вернуться на верх