# Django View Missing Authentication

- ID: django-missing-authentication
- Severity: HIGH
- CWE: CWE-306 (CWE-306)
- Languages: Python
- Frameworks: django

## Description

Detects Django views that should require authentication but lack
@login_required, @permission_required, or other authentication decorators.

## Detection Message

View handles sensitive operations without authentication decorator

## Remediation

Add authentication:

```python
from django.contrib.auth.decorators import login_required, permission_required

@login_required
def protected_view(request):
    # Only authenticated users can access
    pass

@permission_required('app.change_model')
def admin_view(request):
    # Only users with permission can access
    pass
```

## Documentation

[object Object]

## Related Rules

- **FastAPI Endpoint Missing Authentication** [HIGH]: 
- **Echo Missing JWT Middleware** [HIGH]: 
- **Fiber Missing JWT Middleware** [HIGH]: 
- **Gin Missing JWT Middleware** [HIGH]: 
- **NestJS Endpoint Missing Authentication Guard** [HIGH]: