How to protect by login the occurance api?

[losanki]

Hello, sorry if it's a naive question but how do I go about protecting the occurrences api? For example this works without login: http://localhost:8000/schedule/api/occurrences?calendar_slug=testcal&start=2019-01-01&end=2020-01-26

Thanks.

[xjlin0]

Based on utils.py

def check_calendar_permissions(function):
    @wraps(function)
    def decorator(request, *args, **kwargs):
        if CALENDAR_VIEW_PERM:
            user = request.user
            if not user:
                return HttpResponseRedirect(settings.LOGIN_URL)

Please add CALENDAR_VIEW_PERM = True in your settings.