From b96fbc4059edd54514278e0debf70a34ec98609e Mon Sep 17 00:00:00 2001 From: Laurent Date: Mon, 6 May 2024 14:05:15 +0200 Subject: [PATCH] add the need for authentication on most services --- padelclub_backend/settings_app.py | 6 +++--- tournaments/views.py | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/padelclub_backend/settings_app.py b/padelclub_backend/settings_app.py index 666ee33..54d6d79 100644 --- a/padelclub_backend/settings_app.py +++ b/padelclub_backend/settings_app.py @@ -3,9 +3,9 @@ REST_FRAMEWORK = { # Use Django's standard `django.contrib.auth` permissions, # or allow read-only access for unauthenticated users. - # 'DEFAULT_PERMISSION_CLASSES': [ - # 'rest_framework.permissions.IsAuthenticated', - # ], + 'DEFAULT_PERMISSION_CLASSES': [ + 'rest_framework.permissions.IsAuthenticated', + ], 'DEFAULT_AUTHENTICATION_CLASSES': [ 'rest_framework.authentication.BasicAuthentication', 'rest_framework.authentication.TokenAuthentication', diff --git a/tournaments/views.py b/tournaments/views.py index 1dc34fc..5be2f72 100644 --- a/tournaments/views.py +++ b/tournaments/views.py @@ -20,6 +20,7 @@ from rest_framework.decorators import api_view from rest_framework import status from rest_framework.generics import UpdateAPIView from rest_framework.exceptions import MethodNotAllowed +from rest_framework.permissions import IsAuthenticated from django.template import loader from datetime import date from django.http import JsonResponse @@ -220,6 +221,7 @@ class UserViewSet(viewsets.ModelViewSet): class ClubViewSet(viewsets.ModelViewSet): queryset = Club.objects.all() serializer_class = ClubSerializer + permission_classes = [] class TournamentViewSet(viewsets.ModelViewSet): queryset = Tournament.objects.all()