From 305001c9ab7c2e2b86ded9a3450b2f91e0aca728 Mon Sep 17 00:00:00 2001
From: MOIS3Y <s.zhukovskii@ispsystem.com>
Date: Fri, 8 Sep 2023 19:34:25 +0900
Subject: [PATCH] Modify: disable basic auth in API add protection to storage
 info endpoint

---
 logs_collector/collector/api/views.py     | 3 +++
 logs_collector/logs_collector/settings.py | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/logs_collector/collector/api/views.py b/logs_collector/collector/api/views.py
index 2043096..abda5a3 100644
--- a/logs_collector/collector/api/views.py
+++ b/logs_collector/collector/api/views.py
@@ -163,6 +163,9 @@ class TicketViewSet(viewsets.ModelViewSet):
 
 class StorageInfo(views.APIView):
     """Info about storage total/used/free space"""
+
+    permission_classes = (IsAuthenticated, )
+
     @extend_schema(
         responses=StorageInfoSerializer,
         summary='Show storage space in bytes'
diff --git a/logs_collector/logs_collector/settings.py b/logs_collector/logs_collector/settings.py
index bec370c..486b5cb 100644
--- a/logs_collector/logs_collector/settings.py
+++ b/logs_collector/logs_collector/settings.py
@@ -178,7 +178,7 @@ REST_FRAMEWORK = {
     'DEFAULT_AUTHENTICATION_CLASSES': [
         'rest_framework_simplejwt.authentication.JWTAuthentication',
         'rest_framework.authentication.SessionAuthentication',
-        'rest_framework.authentication.BasicAuthentication'
+        # 'rest_framework.authentication.BasicAuthentication'
     ],
     'DEFAULT_FILTER_BACKENDS': ['django_filters.rest_framework.DjangoFilterBackend', ],  # noqa:E501
     'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema',