diff --git a/src/main.rs b/src/main.rs
index 63e2717..65a85ba 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -93,8 +93,8 @@ impl<'r> FromRequest<'r> for ApiKey<'r> {
         }
 
         fn has_permissions(key: &str, uri: &str) -> bool {
-            let student_permissions = vec![String::from("/classes"), String::from("/timetable")];
-            let teacher_permissions = vec![String::from("/classes"), String::from("/timetable"), String::from("/t_timetable")];
+            let student_permissions = vec![String::from("/api/classes"), String::from("/api/timetable")];
+            let teacher_permissions = vec![String::from("/api/classes"), String::from("/api/timetable"), String::from("/t_timetable")];
             let token = decode::<Claims>(&key, &DecodingKey::from_secret(config::JWT_SECRET.as_ref()), &Validation::default());
             println!("{:?}", token);
             let mut token = token.unwrap();
@@ -128,7 +128,7 @@ fn login(credentials: Json<Credentials>) -> Json<Token> {
         user: credentials.user,
         roles: vec![Roles::Student, Roles::Admin],
         // permissions: vec![""]
-        blacklist: vec![String::from("/classes")],
+        blacklist: vec![String::from("/api/classes")],
         whitelist: vec![String::from("/hello/sensitive")],
         jid: String::from(credentials.devid + "@" + &datetime),
         exp: SystemTime::now().duration_since(UNIX_EPOCH).expect("Time went backwards").as_secs() + Duration::from_secs(31536000).as_secs()