feat(dashboard): improve parser API checks

src/settings/dev.py

@@ -22,6 +22,19 @@ STATE_CORP_EXCHANGE_TOKEN = os.getenv(
 # JWT
 SIMPLE_JWT["SIGNING_KEY"] = SECRET_KEY
 
+# Dev frontend can run from any workstation/port in the local network.
+# Production keeps the restrictive CORS/CSRF policy from settings.production.
+CORS_ALLOW_ALL_ORIGINS = True
+CORS_ALLOW_CREDENTIALS = True
+CORS_ALLOW_PRIVATE_NETWORK = True
+CSRF_COOKIE_SECURE = False
+SESSION_COOKIE_SECURE = False
+MIDDLEWARE = [
+    middleware
+    for middleware in MIDDLEWARE
+    if middleware != "django.middleware.csrf.CsrfViewMiddleware"
+]
+
 
 def _normalize_local_host(host: str) -> str:
     """Нормализует host для локального запуска backend на хосте."""