diff --git a/db.sqlite3 b/db.sqlite3
index ddbe059..fd56240 100644
Binary files a/db.sqlite3 and b/db.sqlite3 differ
diff --git a/project/settings.py b/project/settings.py
index ce1940f..9e07197 100644
--- a/project/settings.py
+++ b/project/settings.py
@@ -25,7 +25,7 @@
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
 
-ALLOWED_HOSTS = ['localhost', 'testserver']
+ALLOWED_HOSTS = ['localhost', 'testserver',"*"]
 
 
 REST_FRAMEWORK = {
diff --git a/rest_api/views.py b/rest_api/views.py
index 60aa740..c028333 100644
--- a/rest_api/views.py
+++ b/rest_api/views.py
@@ -1,17 +1,16 @@
-from rest_framework import generics, permissions
+from rest_framework import generics
 from .permissions import IsOwner
 from .serializers import BucketlistSerializer, UserSerializer
 from .models import Bucketlist
 from django.contrib.auth.models import User
-
-
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.authentication import SessionAuthentication
 class CreateView(generics.ListCreateAPIView):
     """This class handles the GET and POSt requests of our rest api."""
     queryset = Bucketlist.objects.all()
     serializer_class = BucketlistSerializer
-    permission_classes = (
-        permissions.IsAuthenticated,
-        IsOwner)
+    permission_classes = [IsAuthenticated]
+    authentication_classes = [SessionAuthentication]
 
     def perform_create(self, serializer):
         """Save the post data when creating a new bucketlist."""
@@ -23,18 +22,19 @@ class DetailsView(generics.RetrieveUpdateDestroyAPIView):
 
     queryset = Bucketlist.objects.all()
     serializer_class = BucketlistSerializer
-    permission_classes = (
-        permissions.IsAuthenticated,
-        IsOwner)
-
+    permission_classes = [IsAuthenticated]
+    authentication_classes = [SessionAuthentication]
 
 class UserView(generics.ListAPIView):
     """View to list the user queryset."""
     queryset = User.objects.all()
     serializer_class = UserSerializer
-
+    permission_classes =  [IsAuthenticated]
+    authentication_classes = [SessionAuthentication]
 
 class UserDetailsView(generics.RetrieveAPIView):
     """View to retrieve a user instance."""
     queryset = User.objects.all()
     serializer_class = UserSerializer
+    permission_classes =  [IsAuthenticated]
+    authentication_classes = [SessionAuthentication]