From e2408349f072b23b1f0662df421ab8745d9113d0 Mon Sep 17 00:00:00 2001
From: Christian Dresen <c.dresen@fh-muenster.de>
Date: Thu, 6 Apr 2017 01:23:49 +0200
Subject: [PATCH] [WarpPay] Enabled Authentification

---
 www/web/warppay/urls.py  |  2 +-
 www/web/warppay/views.py | 18 +++++++++---------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/www/web/warppay/urls.py b/www/web/warppay/urls.py
index 3e053b5..20cb31b 100644
--- a/www/web/warppay/urls.py
+++ b/www/web/warppay/urls.py
@@ -7,7 +7,7 @@ urlpatterns = [
     url(r'^api/users/(?P<user_id>\w+)/$', views.user_list),
     url(r'^api/products/$', views.product_list),
     url(r'^api/categories/$', views.category_list),
-    url(r'^api/gen_token/$', views.gen_token),
+    # url(r'^api/gen_token/$', views.gen_token),
     url(r'^api/transaction/(?P<user_id>\w+)/$', views.transaction),
     url(r'^api/products/(?P<prod_id>\w+)/barcode/$', views.addBarcode),
 
diff --git a/www/web/warppay/views.py b/www/web/warppay/views.py
index efe221c..42e223e 100644
--- a/www/web/warppay/views.py
+++ b/www/web/warppay/views.py
@@ -13,9 +13,9 @@ from rest_framework import status
 
 # logging.getLogger('main').info(token.key)
 
-@api_view(['GET', 'PUT'])
-#@authentication_classes((TokenAuthentication,))
-#@permission_classes((IsAuthenticated,))
+@api_view(['GET'])
+@authentication_classes((TokenAuthentication,))
+@permission_classes((IsAuthenticated,))
 def category_list(request):
     if request.method == 'GET':
         products = ProductCategory.objects.all()
@@ -26,8 +26,8 @@ def category_list(request):
 
 
 @api_view(['GET', 'PUT'])
-#@authentication_classes((TokenAuthentication,))
-#@permission_classes((IsAuthenticated,))
+@authentication_classes((TokenAuthentication,))
+@permission_classes((IsAuthenticated,))
 def product_list(request):
     if request.method == 'GET':
         products = Product.objects.all()
@@ -62,8 +62,8 @@ def gen_token(request):
     return Response()
 
 @api_view(['GET', 'PUT'])
-#@authentication_classes((TokenAuthentication,))
-#@permission_classes((IsAuthenticated,))
+@authentication_classes((TokenAuthentication,))
+@permission_classes((IsAuthenticated,))
 def user_list(request, user_id = 0):
     if request.method == 'GET':
         sync_users()
@@ -117,8 +117,8 @@ def user_list(request, user_id = 0):
 
 
 @api_view(['PUT'])
-#@authentication_classes((TokenAuthentication,))
-#@permission_classes((IsAuthenticated,))
+@authentication_classes((TokenAuthentication,))
+@permission_classes((IsAuthenticated,))
 def transaction(request, user_id=None):
     if request.method == 'PUT':
         if 'trans_type' not in request.data or not user_id:
-- 
GitLab