From 8ae97dcdc749211c6424b0cd8fd1ec6279159f3f Mon Sep 17 00:00:00 2001 From: Sicherhaven Date: Mon, 6 Apr 2026 19:41:25 +0530 Subject: [PATCH] fix(featured-events): remove token gate from FeaturedEventsAPI MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit FeaturedEventsAPI had AllowAny permission but still called validate_token_and_get_user(), causing it to return a token-required error for unauthenticated requests from the desktop hero slider. Removed the token check entirely — the endpoint is public by design. Also tightened the queryset to event_status='published' to match ConsumerFeaturedEventsView behaviour. --- mobile_api/views/events.py | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/mobile_api/views/events.py b/mobile_api/views/events.py index c5894e1..1ed34ff 100644 --- a/mobile_api/views/events.py +++ b/mobile_api/views/events.py @@ -581,11 +581,7 @@ class FeaturedEventsAPI(APIView): def post(self, request): try: - user, token, data, error_response = validate_token_and_get_user(request) - if error_response: - return error_response - - events = Event.objects.filter(is_featured=True).order_by('-created_date') + events = Event.objects.filter(is_featured=True, event_status='published').order_by('-created_date') event_list = [] for e in events: data_dict = model_to_dict(e)