backend/backend/api.py

@@ -13,7 +13,7 @@ class ToDoListSerializer(serializers.HyperlinkedModelSerializer):
 class ToDoListViewSet(viewsets.ModelViewSet):
     queryset = ToDoList.objects.all()
     serializer_class = ToDoListSerializer
-    #permission_classes = [permissions.IsAuthenticated] TODO раскомментировать и сделать авторизацию
+    permission_classes = [permissions.IsAuthenticated]
 
 
 router = routers.DefaultRouter()

backend/backend/settings.py

@@ -26,9 +26,10 @@ SECRET_KEY = "django-insecure-toz+*lt(ejm!l*)92w2ciqoh^1kz#a(abbpcn54-dbw(nxoy&7
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
 
+ALLOWED_HOSTS = []
+if DEBUG: 
     ALLOWED_HOSTS = ["0.0.0.0"]   
 
-
 # Application definition
 
 INSTALLED_APPS = [
@@ -43,6 +44,16 @@ INSTALLED_APPS = [
     "drf_yasg",
 ]
 
+SWAGGER_SETTINGS = {
+   'SECURITY_DEFINITIONS': {
+        'Bearer': {
+            'type': 'apiKey',
+            'name': 'Authorization',
+            'in': 'header'
+        }
+    }
+}
+
 MIDDLEWARE = [
     "django.middleware.security.SecurityMiddleware",
     "django.contrib.sessions.middleware.SessionMiddleware",

backend/requirements.txt

@@ -21,4 +21,4 @@ toml==0.10.2
 urllib3==1.26.4
 djangorestframework-simplejwt==4.6.0
 psycopg2-binary>=2.8
-drf-yasg
+drf-yasg>=1.20.0