Public API: token authentication

author: Étienne Loks <etienne.loks@iggdrasil.net> 2019-07-15 13:16:06 +0200
committer: Étienne Loks <etienne.loks@iggdrasil.net> 2019-07-15 13:16:06 +0200
commit: f636a04ef0b029f6e9d4b9ea91feb91e6d46f8e9 (patch)
tree: 9b71c81f2b9f8cb0bbd85dfb5f361d9c1ba71397 /archaeological_finds/views.py
parent: 4c037b32b1a5ed122a6d468217903f0b6454181e (diff)
download: Ishtar-f636a04ef0b029f6e9d4b9ea91feb91e6d46f8e9.tar.bz2
Ishtar-f636a04ef0b029f6e9d4b9ea91feb91e6d46f8e9.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/archaeological_finds/views.py b/archaeological_finds/views.py
index d5d5d88b6..763733bd9 100644
--- a/archaeological_finds/views.py
+++ b/archaeological_finds/views.py
@@ -20,6 +20,7 @@
 from collections import OrderedDict
 import json
 
+from rest_framework import authentication, permissions
 from rest_framework.views import APIView
 from rest_framework.response import Response
 
@@ -1008,8 +1009,8 @@ class QAFindbasketDuplicateFormView(QAItemForm):
 
 
 class PublicFindAPI(APIView):
-    # authentication_classes = (authentication.TokenAuthentication,)
-    # permission_classes = (permissions.IsAdminUser,)
+    authentication_classes = (authentication.TokenAuthentication,)
+    permission_classes = (permissions.IsAuthenticated,)
 
     def get_queryset(self):
         empty = models.Find.objects.filter(pk=None)
author	Étienne Loks <etienne.loks@iggdrasil.net>	2019-07-15 13:16:06 +0200
committer	Étienne Loks <etienne.loks@iggdrasil.net>	2019-07-15 13:16:06 +0200
commit	f636a04ef0b029f6e9d4b9ea91feb91e6d46f8e9 (patch)
tree	9b71c81f2b9f8cb0bbd85dfb5f361d9c1ba71397 /archaeological_finds/views.py
parent	4c037b32b1a5ed122a6d468217903f0b6454181e (diff)
download	Ishtar-f636a04ef0b029f6e9d4b9ea91feb91e6d46f8e9.tar.bz2 Ishtar-f636a04ef0b029f6e9d4b9ea91feb91e6d46f8e9.zip