4 files changed, 4 insertions, 7 deletions

diff --git a/src/server/Api/V1/Entries/CreateEntryRoute.cs b/src/server/Api/V1/Entries/CreateEntryRoute.cs
index b502e4a..e0ee2c1 100644
--- a/src/server/Api/V1/Entries/CreateEntryRoute.cs
+++ b/src/server/Api/V1/Entries/CreateEntryRoute.cs
@@ -21,7 +21,7 @@ public class CreateEntryRoute : RouteBaseV1Sync.WithRequest<CreateEntryRequest>.
 	[ApiVersion(ApiSpecV1.VERSION_STRING)]
 	[HttpPost("~/v{version:apiVersion}/entries/create")]
 	public override ActionResult<EntryDto> Handle(CreateEntryRequest entry) {
-		if (IsApiCall() && !HasApiPermission(Constants.TOKEN_ALLOW_CREATE)) {
+		if (IsApiCall() && !HasApiPermission(AppConstants.TOKEN_ALLOW_CREATE)) {
 			return StatusCode(403, "Your token does not permit access to this resource");
 		}
 
diff --git a/src/server/Api/V1/Entries/DeleteEntryRoute.cs b/src/server/Api/V1/Entries/DeleteEntryRoute.cs
index c979c1f..8b8b75c 100644
--- a/src/server/Api/V1/Entries/DeleteEntryRoute.cs
+++ b/src/server/Api/V1/Entries/DeleteEntryRoute.cs
@@ -18,7 +18,7 @@ public class DeleteEntryRoute : RouteBaseV1Sync.WithRequest<Guid>.WithActionResu
 	[ApiVersion(ApiSpecV1.VERSION_STRING)]
 	[HttpDelete("~/v{version:apiVersion}/entries/{entryId:guid}")]
 	public override ActionResult Handle(Guid entryId) {
-		if (IsApiCall() && !HasApiPermission(Constants.TOKEN_ALLOW_DELETE)) {
+		if (IsApiCall() && !HasApiPermission(AppConstants.TOKEN_ALLOW_DELETE)) {
 			return StatusCode(403, "Your token does not permit access to this resource");
 		}
 
diff --git a/src/server/Api/V1/Entries/GetEntriesRoute.cs b/src/server/Api/V1/Entries/GetEntriesRoute.cs
index 27905a2..6b1d87e 100644
--- a/src/server/Api/V1/Entries/GetEntriesRoute.cs
+++ b/src/server/Api/V1/Entries/GetEntriesRoute.cs
@@ -14,12 +14,9 @@ public class GetEntriesRoute : RouteBaseV1Sync.WithoutRequest.WithActionResult<L
 	/// Get all entries
 	/// </summary>
 	[ApiVersion(ApiSpecV1.VERSION_STRING)]
+	[BasicAuthentication(AppConstants.TOKEN_ALLOW_READ)]
 	[HttpGet("~/v{version:apiVersion}/entries")]
 	public override ActionResult<List<EntryDto>> Handle() {
-		if (IsApiCall() && !HasApiPermission(Constants.TOKEN_ALLOW_READ)) {
-			return StatusCode(403, "Your token does not permit access to this resource");
-		}
-
 		return Ok(_context.Entries.Where(c => c.UserId == LoggedInUser.Id).Select(c => new EntryDto(c)));
 	}
 }
diff --git a/src/server/Api/V1/Entries/UpdateEntryRoute.cs b/src/server/Api/V1/Entries/UpdateEntryRoute.cs
index 919364d..98e99c6 100644
--- a/src/server/Api/V1/Entries/UpdateEntryRoute.cs
+++ b/src/server/Api/V1/Entries/UpdateEntryRoute.cs
@@ -23,7 +23,7 @@ public class UpdateEntryRoute : RouteBaseV1Sync.WithRequest<UpdateEntryRequest>.
 	[ApiVersion(ApiSpecV1.VERSION_STRING)]
 	[HttpPost("~/v{version:apiVersion}/entries/update")]
 	public override ActionResult<EntryDto> Handle(UpdateEntryRequest entryToUpdate) {
-		if (IsApiCall() && !HasApiPermission(Constants.TOKEN_ALLOW_UPDATE)) {
+		if (IsApiCall() && !HasApiPermission(AppConstants.TOKEN_ALLOW_UPDATE)) {
 			return StatusCode(403, "Your token does not permit access to this resource");
 		}