1 files changed, 3 insertions, 9 deletions

diff --git a/indoteknik_api/controllers/api_v1/manufacture.py b/indoteknik_api/controllers/api_v1/manufacture.py
index b01dc49d..e49872be 100644
--- a/indoteknik_api/controllers/api_v1/manufacture.py
+++ b/indoteknik_api/controllers/api_v1/manufacture.py
@@ -8,10 +8,8 @@ class Manufacture(controller.Controller):
     prefix = '/api/v1/'
     
     @http.route(prefix + 'manufacture', auth='public', methods=['GET', 'OPTIONS'])
+    @controller.Controller.must_authorized()
     def get_manufacture(self, **kw):
-        if not self.authenticate():
-            return self.response(code=401, description='Unauthorized')
-        
         query = []
         
         name = kw.get('name')
@@ -37,10 +35,8 @@ class Manufacture(controller.Controller):
         return self.response(data)
     
     @http.route(prefix + 'manufacture/<id>', auth='public', methods=['GET', 'OPTIONS'])
+    @controller.Controller.must_authorized()
     def get_manufacture_by_id(self, **kw):
-        if not self.authenticate():
-            return self.response(code=401, description='Unauthorized')
-        
         id = kw.get('id')
         manufacture = request.env['x_manufactures'].search([('id', '=', id)], limit=1)
         data = {}
@@ -49,10 +45,8 @@ class Manufacture(controller.Controller):
         return self.response(data)
     
     @http.route(prefix + 'manufacture/page/<page>', auth='public', methods=['GET'])
+    @controller.Controller.must_authorized()
     def get_manufacture_by_page(self, **kw):
-        if not self.authenticate():
-            return self.response(code=401, description='Unauthorized')
-        
         manufacture_ids = []
         page = kw.get('page')
         if page == 'flash-sale':