diff --git a/apps/library/serializers.py b/apps/library/serializers.py
index 50b1e8f..3fb05df 100644
--- a/apps/library/serializers.py
+++ b/apps/library/serializers.py
@@ -73,10 +73,10 @@ class BookSerializer(serializers.ModelSerializer):
         Get bookmark information for this book.
         """
         # DEBUG: Hardcode user to root@admin.com
-        user = User.objects.get(email='root@admin.com')
+        # user = User.objects.get(email='root@admin.com')
         # # Get the current user from the request context
-        # request = self.context.get('request')
-        # user = request.user if request else None        
+        request = self.context.get('request')
+        user = request.user if request else None        
         book_mark = BookmarkStatusSerializer.get_bookmark_info(
             obj=obj,
             user=user,
@@ -91,10 +91,10 @@ class BookSerializer(serializers.ModelSerializer):
         from apps.bookmark.models.rate import Rate
 
         # DEBUG: Hardcode user to root@admin.com
-        user = User.objects.get(email='root@admin.com')
+        # user = User.objects.get(email='root@admin.com')
         # # Get the current user from the request context
-        # request = self.context.get('request')
-        # user = request.user if request and request.user.is_authenticated else None
+        request = self.context.get('request')
+        user = request.user if request and request.user.is_authenticated else None
         
         if not user:
             return {
@@ -161,8 +161,8 @@ class BookDownloadSerializer(serializers.ModelSerializer):
     def create(self, validated_data):
         """Create a new book download record"""
         book_id = validated_data.pop('book_id')
-        user = User.objects.get(email='root@admin.com')
-        # user = self.context['request'].user
+        # user = User.objects.get(email='root@admin.com')
+        user = self.context['request'].user
         book = Book.objects.get(id=book_id)
         
         # Create or update the download record
diff --git a/apps/library/views.py b/apps/library/views.py
index 114e569..90ef46d 100644
--- a/apps/library/views.py
+++ b/apps/library/views.py
@@ -1,5 +1,6 @@
 from django.db.models import Count, Q
 from rest_framework.permissions import IsAuthenticated , AllowAny
+from rest_framework.authentication import TokenAuthentication
 from rest_framework.response import Response
 from rest_framework.generics import ListAPIView, RetrieveAPIView, CreateAPIView
 from rest_framework.filters import SearchFilter
@@ -30,7 +31,8 @@ class CategoryListView(ListAPIView):
     API view to list all book categories
     """
     serializer_class = CategorySerializer
-    permission_classes = (AllowAny,)
+    permission_classes = (IsAuthenticated,)
+    authentication_classes = [TokenAuthentication]
     pagination_class = StandardResultsSetPagination
 
     @category_list_swagger
@@ -50,7 +52,8 @@ class PinnedBookCollectionListView(ListAPIView):
     API view to list pinned book collections with their top 3 book covers
     """
     serializer_class = PinnedBookCollectionSerializer
-    permission_classes = (AllowAny,)
+    permission_classes = (IsAuthenticated,)
+    authentication_classes = [TokenAuthentication]
     pagination_class = NoPagination
 
     @pinned_collection_list_swagger
@@ -93,7 +96,8 @@ class BookListView(ListAPIView):
     API view to list books with filtering and search capabilities
     """
     serializer_class = BookSerializer
-    permission_classes = (AllowAny,)
+    permission_classes = (IsAuthenticated,)
+    authentication_classes = [TokenAuthentication]
     filter_backends = [SearchFilter]
     search_fields = ['title', 'summary', 'publisher', 'isbn']
     pagination_class = StandardResultsSetPagination
@@ -141,18 +145,18 @@ class BookListView(ListAPIView):
             from apps.bookmark.models import Bookmark
 
             # DEBUG: Hardcode user to root@admin.com
-            user = User.objects.get(email='root@admin.com')
+            # user = User.objects.get(email='root@admin.com')
             # # Get all bookmarked book IDs for the current user
-            # bookmarked_ids = Bookmark.objects.filter(
-            #     user=self.request.user,
-            #     service=Bookmark.ServiceChoices.LIBRARY,
-            #     status=True
-            # ).values_list('content_id', flat=True)
             bookmarked_ids = Bookmark.objects.filter(
-                user=user,
+                user=self.request.user,
                 service=Bookmark.ServiceChoices.LIBRARY,
                 status=True
             ).values_list('content_id', flat=True)
+            # bookmarked_ids = Bookmark.objects.filter(
+            #     user=user,
+            #     service=Bookmark.ServiceChoices.LIBRARY,
+            #     status=True
+            # ).values_list('content_id', flat=True)
 
             # Filter books by these IDs
             queryset = queryset.filter(id__in=bookmarked_ids)
@@ -182,7 +186,8 @@ class BookDetailView(RetrieveAPIView):
     API view to retrieve detailed information about a specific book
     """
     serializer_class = BookSerializer
-    permission_classes = (AllowAny,)
+    permission_classes = (IsAuthenticated,)
+    authentication_classes = [TokenAuthentication]
     queryset = Book.objects.filter(status=True)
 
     @book_detail_swagger
@@ -202,7 +207,8 @@ class MiddleBookCollectionListView(ListAPIView):
     API view to list middle section book collections with their books
     """
     serializer_class = MiddleBookCollectionSerializer
-    permission_classes = (AllowAny,)
+    permission_classes = (IsAuthenticated,)
+    authentication_classes = [TokenAuthentication]
     pagination_class = NoPagination
 
     @middle_collection_list_swagger
@@ -221,7 +227,8 @@ class DownloadedBooksListView(ListAPIView):
     API view to list books that have been downloaded by the current user
     """
     serializer_class = BookSerializer
-    permission_classes = (AllowAny,)
+    permission_classes = (IsAuthenticated,)
+    authentication_classes = [TokenAuthentication]
     filter_backends = [SearchFilter]
     search_fields = ['title', 'summary', 'publisher', 'isbn']
     pagination_class = StandardResultsSetPagination
@@ -258,16 +265,16 @@ class DownloadedBooksListView(ListAPIView):
 
     def get_queryset(self):
         # DEBUG: Hardcode user to root@admin.com
-        user = User.objects.get(email='root@admin.com')
+        # user =self.request.user
         # # Get all downloaded book IDs for the current user
-        # downloaded_ids = BookDownload.objects.filter(
-        #     user=self.request.user,
-        #     status=True
-        # ).values_list('book_id', flat=True)
         downloaded_ids = BookDownload.objects.filter(
-            user=user,
+            user=self.request.user,
             status=True
         ).values_list('book_id', flat=True)
+        # downloaded_ids = BookDownload.objects.filter(
+        #     user=user,
+        #     status=True
+        # ).values_list('book_id', flat=True)
 
         # Return books that match these IDs
         return Book.objects.filter(
@@ -281,7 +288,8 @@ class BookDownloadCreateAPIView(CreateAPIView):
     API view to create a book download record and increment the book's download count
     """
     serializer_class = BookDownloadSerializer
-    permission_classes = (AllowAny,)
+    permission_classes = (IsAuthenticated,)
+    authentication_classes = [TokenAuthentication]
     
     @swagger_auto_schema(
         operation_id="download_book",