diff --git a/pount/apps/iiif/views.py b/pount/apps/iiif/views.py index e0ec212b3ec22b362b3e6ee6b46f018079f98fea..00c98a41936e0217c6cec9927930f18d848fa590 100644 --- a/pount/apps/iiif/views.py +++ b/pount/apps/iiif/views.py @@ -2,7 +2,7 @@ from os import environ from django.conf import settings from django.contrib.auth import get_user_model -from django.core.exceptions import PermissionDenied +from django.http.response import HttpResponseForbidden from django.shortcuts import get_object_or_404 from rest_framework_simplejwt.authentication import JWTAuthentication from rest_framework_simplejwt.exceptions import InvalidToken @@ -68,5 +68,5 @@ class IIIFProxyView(ProxyView): if user.has_perm(ITEM_VIEW, file.item): return super().dispatch(request, *args, **kwargs) except InvalidToken: - pass # should renew ? - raise PermissionDenied() + pass + return HttpResponseForbidden()